W
Wayne G.
Perhaps someone has input to this question: Is it customary, required or N/A that a registrar submit an audit plan with scope, dates/times, etc. to the auditee at least 1 week prior to an on-site audit?
Thanks all.
Thanks all.
That should be standard practice with Registrars. I actually got my agenda 3 weeks in advance of the surveillance audit.
Maybe you should get a hold of your Registrar and Auditor and ask them where the Agenda is.
ISO 17021-1:2015 section 9.2.3 "mandates" CB's to prepare audit plans. As for the advance notice to the auditees, the standard is mute. Some CB's require 3-4 weeks of advance notice sent to clients.
Randy
Super Moderator
Normally the audit plan is a required part of the last audit report, so clients have it anywhere from 6 months to a year in advance.
A 3 year audit program is required to be part of a reassesment report whenever one of those is done and it provides 3 years worth of future planning barring any need for change that could be caused for a variety of reasons.
Regardless, every audit (surveillance or reassessment according to ISO 17021) has to address the following:
a) internal audits and management review,
b) a review of actions taken on nonconformities identified during the previous audit,
c) treatment of complaints,
d) effectiveness of the management system with regard to achieving the certified client's objectives,
e) progress of planned activities aimed at continual improvement,
f) continuing operational control,
g) review of any changes, and
h) use of marks and/or any other reference to certification.
A 3 year audit program is required to be part of a reassesment report whenever one of those is done and it provides 3 years worth of future planning barring any need for change that could be caused for a variety of reasons.
Regardless, every audit (surveillance or reassessment according to ISO 17021) has to address the following:
a) internal audits and management review,
b) a review of actions taken on nonconformities identified during the previous audit,
c) treatment of complaints,
d) effectiveness of the management system with regard to achieving the certified client's objectives,
e) progress of planned activities aimed at continual improvement,
f) continuing operational control,
g) review of any changes, and
h) use of marks and/or any other reference to certification.
J
jcbodie
The Registrars I work for require us to send the audit plan at least 30 days before the next visit.
Additionally, we complete a 3 yr rolling matrix of audit areas, which is not shared with the client, but posted in our database. The Auditor is not necessarily bound by the matrix, for the next audit plan.
The only time I talk about next audit specifics with the client, is if I have issued NCR's in an area. Then, I let the client know that the area is automatically going to be re-audited at the next visit.
Additionally, we complete a 3 yr rolling matrix of audit areas, which is not shared with the client, but posted in our database. The Auditor is not necessarily bound by the matrix, for the next audit plan.
The only time I talk about next audit specifics with the client, is if I have issued NCR's in an area. Then, I let the client know that the area is automatically going to be re-audited at the next visit.
Similar threads
