Major Nonconformance Criteria

Bev D said:
I’m not familiar with the IATF standard itself so hopefully someone else here can speak to the actual requirement (it is alwasyys helpful to quote the requirement you are concerned with. Not everyone has experience in every standard nor do we always have the specific standard at our fingertips, but since the standards are similar and derive from previous standards we can usually speak credibly to any standard once we know the exact wording)

Even with my lack of IATF knowledge I would say that it is essential for employees to be trained ind know where to find company policies that affect them. This only makes sense. Company policies address things like attendance/time off, ethics, discrimination, promotion and job changes, etc. why would anyone want to these to be secret? And these are not only HR policies but are often - for example ethics is often form legal. I don’t really understand your question or why you are saying that only HR is responsible?
Click to expand...

Agreed.

5.1.1.1 Corporate responsibility

The organization shall define and implement corporate responsibility policies, including at a minimum an anti-bribery policy, an employee code of conduct, and an ethics escalation policy ("whistle-blowing policy").

I would interpret "implement" includes the training. As you said, an employee code of conduct and as such is not only the responsibility of HR, but all employees should understand what the company policy is. Many states also require anti-harassment and anti-REDACTED harassment training in workplaces, too (and recommends prevention even if it is not required), so it's not really just the matter of IATF requirement, but also what's common (and required by law in some states) in businesses. These business policies would be useless unless these are communicated to all employees and that all employees understand them.

At a minimum, most companies have these policies ("anti-bribery policy, an employee code of conduct, and an ethics escalation policy ("whistle-blowing policy")") in employee handbook, and have employees sign off that they received the handbook. So, in most workplaces, it is not just HR, but employees are made aware of the company policies.

Getting back to the original question - if the company policies are understood by the employees, they should be able to answer regardless, but how do companies ensure that the company policies are understood by the employees? In the case of anti-harassment, I believe many states mandate (or recommend prevention of) anti-harassment training because just giving the employee handbook to employees are probably not enough. If it is in an auditor's view, I would think that he/she would look at it as to how a company is effectively implementing the policies. Efficiency and effectiveness is a big thing in IATF.
 
Id note that when I hear terms like bribery and harassment I immediately think the company is going to "lawyer up." I doubt any lone employee will be making any calls on bribery or harassment without legal review.
 
Which brings us back to the poster’s actual concern…what is it?
 
Crimpshrine13 said:
Agreed.

5.1.1.1 Corporate responsibility

The organization shall define and implement corporate responsibility policies, including at a minimum an anti-bribery policy, an employee code of conduct, and an ethics escalation policy ("whistle-blowing policy").

I would interpret "implement" includes the training. As you said, an employee code of conduct and as such is not only the responsibility of HR, but all employees should understand what the company policy is. Many states also require anti-harassment and anti-REDACTED harassment training in workplaces, too (and recommends prevention even if it is not required), so it's not really just the matter of IATF requirement, but also what's common (and required by law in some states) in businesses. These business policies would be useless unless these are communicated to all employees and that all employees understand them.

At a minimum, most companies have these policies ("anti-bribery policy, an employee code of conduct, and an ethics escalation policy ("whistle-blowing policy")") in employee handbook, and have employees sign off that they received the handbook. So, in most workplaces, it is not just HR, but employees are made aware of the company policies.

Getting back to the original question - if the company policies are understood by the employees, they should be able to answer regardless, but how do companies ensure that the company policies are understood by the employees? In the case of anti-harassment, I believe many states mandate (or recommend prevention of) anti-harassment training because just giving the employee handbook to employees are probably not enough. If it is in an auditor's view, I would think that he/she would look at it as to how a company is effectively implementing the policies. Efficiency and effectiveness is a big thing in IATF.
Click to expand...
Yeah, not so sure I buy that. The "policies" are there, for the most part, as a legal requirement. Employees review them and then tuck them away somewhere long to be forgotten. If and when they are needed, they are pulled out. Now whether they are "aware" or "understood" by employees -- I'll suspect not. Out of site, out of mind kind of thing. So the "interrogation" by the external auditor becomes an issue as they are being asked about things they have long forgotten and are not needed to do their job on a daily basis.
 
You must log in or register to reply here.

Similar threads

S
AS9100 Major for repeat.
2 3
Replies
20
Views
955
ChrisM
C
F
Major Change in Organization effect on certification
Replies
4
Views
468
John C. Abnet
John C. Abnet
Mordacious Enigma
Minor Nonconformity - Ruler Attribute Study
2 3
Replies
23
Views
2K
Miner
Miner
Crimpshrine13
Determining Special Audit Duration
2 3
Replies
24
Views
2K
Crimpshrine13
Crimpshrine13
Slickpick
Can registrar auditors write up something an organization has already identified?
2
Replies
16
Views
2K
Bca8ball
B
Back
Top Bottom