Responding to Audit Findings - Procedures not being followed to the letter

J

John Martinez

#21
Re: Responding to audit findings

Maybe, but simply reporting that 'procedures weren't followed' is only part of the story. Auditors who haven't, by now learned to look for the results of 'not following procedures' are either incompetent or lazy. Since ISO/IEC 17021 requires the CB to determine and so competence, the auditor must be lazy!:notme:
Again, without the actual finding, we do NOT know WHAT was actually written. How about ISO 19011 "Open minded"? :biglaugh:
All kidding aside, if an auditor sticks to "Requirement" - document, revision level, chapter and verse.."Non-conformance" what specific they were not following...and "Evidence" can be the requirement document or another document or record, then I've implied that "they were not following procedures"; however, still competent as an auditor.

With all due respect to the original poster, I'd like to have the FULL story before putting his auditor before the firing squad. :blowup:

By the way. Was this a AUDITOR or a regulator INSPECTOR who calls themselves auditors? There IS a difference between an AUDITOR and an INSPECTOR. While there is a NEED for Inspectors, especially in quality assurance, there is non the less a difference. I'm glad there is an FAA inspector inspecting maintenance of aircraft I'm flying on.
 
Last edited by a moderator:
Elsmar Forum Sponsor
#22
John, you're absolutely correct.

If auditors are to be what they claim - value added - and you take a simple mathematical approach to problem solving, the report of not following procedure is insufficient to help management solve the problem - since they've only provided one fact and (mathematically speaking) we have to have two facts!

When you give two facts to management; not following procedure and the result of doing so (good product? reject product?) then they can determine what needs to be addressed! That's value-added. What's more, when auditors help to complete the equation, we'll see less complaining about management not supporting corrective actions etc. Simple compliance statements may have been OK when people wanted a certificate, but the game has moved on...
 

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#23
As an internal auditor I often write an NC stating "Process does not match procedure" and give the specifics without making any apparent effort to understand why.

That doesn't mean I don't know why, or at least deeply suspect. I seldom have trouble finding the problem's source, either based on my own attempt to understand the procedure and knowing the education and level of expertise of the users (is the thing a Master's thesis being used by high school graduates?) or by talking with operators, etc.

But none of that makes it into my write up. I want them to tell me why the activities don't match the written procedure. My acceptance of their analysis is based on what I understand, but have not written except perhaps in my notes.

If that means I'm lazy, unfair or inefficient, I'll accept that. But I doubt I'll change it. Nor do I expect external auditors to behave differently.
 
J

John Martinez

#24
John, you're absolutely correct.

If auditors are to be what they claim - value added - and you take a simple mathematical approach to problem solving, the report of not following procedure is insufficient to help management solve the problem - since they've only provided one fact and (mathematically speaking) we have to have two facts!

When you give two facts to management; not following procedure and the result of doing so (good product? reject product?) then they can determine what needs to be addressed! That's value-added. What's more, when auditors help to complete the equation, we'll see less complaining about management not supporting corrective actions etc. Simple compliance statements may have been OK when people wanted a certificate, but the game has moved on...
Try that approach on a Accreditation Body witness audit....
 
G

GoKats78

#25
Chrissie,

If you need "extrinsic" forces to get things fixed/corrected, then there's something wrong with Top Management commitment. Has your CB auditor raised that issue?

Stijloor.

Our top management is not involved in the audit process whatsoever...either internal or external...The only person the auditor ever sees in any meetings is the mgmt rep...and he, the auditor, has never raised an eyeborw about the lack of "Top Management commitment"...I think he knows there isn't any.
 

JoCam

Trusted Information Resource
#26
Our top management is not involved in the audit process whatsoever...either internal or external...The only person the auditor ever sees in any meetings is the mgmt rep...and he, the auditor, has never raised an eyeborw about the lack of "Top Management commitment"...I think he knows there isn't any.
Oops, that could lead to another non-conformance. Do you know why Top Management is not involved? This is the first and most obvious indication that Top Management are not performing their duties as specified in the standard, and is also the easiest to prevent. You should insist that Top Management are present at all opening and closing audit meetings as a minimum, except for internal audits of course.
 
J
#27
Our top management is not involved in the audit process whatsoever...either internal or external...The only person the auditor ever sees in any meetings is the mgmt rep...and he, the auditor, has never raised an eyeborw about the lack of "Top Management commitment"...I think he knows there isn't any.
hmmm....
You know your organization best, but I would say to be careful about the difference between "involvement" and committment". Your company's top management had to "commit" to becoming ISO certified. They may have simply viewed it as a "necessary evil" type of business decision, but they did have to commit resources to the process.

Having said that I do agree that there needs to be more involvement by Top Management in the External Audit Level. If nothing else they should certainly few it as an opportunity to learn how the organization is functioning.
Perhaps you should ask your auditor to specifically ASK that top management be present at the opening and closing meetings. He/She/They might find it quite illuminating.
I know that at my old company it took quite a bit of time to "ease" top management into the system and demonstrate how "value added" it really was.

Just my 2c worth

Peace
James
 
G

GoKats78

#28
Luckily I am not the Mgmt Rep here (I was previously). Top Mgmt and all manager s are invited to opening and closing meeting...just never show up...and the audiotor has never questioned it...

I think, if you read any of my other posts on our audits, you will discern what I think of our auditor's skill and understanding of the audit.


Oh, Top Management is neither committed nor involved in any part of the "ISO" process....and that is the way they like it.
 
#29
Luckily I am not the Mgmt Rep here (I was previously). Top Mgmt and all manager s are invited to opening and closing meeting...just never show up...and the audiotor has never questioned it...

I think, if you read any of my other posts on our audits, you will discern what I think of our auditor's skill and understanding of the audit.


Oh, Top Management is neither committed nor involved in any part of the "ISO" process....and that is the way they like it.
Oh dear...what have you been paying for? I'd drop a little bomb back to their management!
 
Thread starter Similar threads Forum Replies Date
J Time Frame for Responding to a Major Nonconformance - Registrar Audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
B Responding to ISO9001 Audit NCR?s/Observations - ?Top Management? ? Clause 5.4 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
B Responding to ISO9001 or TS16949 Audit NCR?s/Observations. Nonconformance and Corrective Action 5
D Overwhelmed, next audit around the corner - Responding to Nonconformances Identified ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
J Supplier not responding to PPAP request APQP and PPAP 5
N Responding to NADCAP nonconformance - Control of External Documents AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
J Technical Documentation Review: Responding to a Nonconformity ISO 13485:2016 - Medical Device Quality Management Systems 14
K Suppliers not responding to Supplier Corrective Action Requests (SCAR) Supplier Quality Assurance and other Supplier Issues 12
W Responding to an FDA FOIA Request US Food and Drug Administration (FDA) 5
R Responding to a Customer Identified Nonconformance caused by Human Error Nonconformance and Corrective Action 22
M Operator Mistakes (Errors) and responding to CAR (Corrective Action Requests) Nonconformance and Corrective Action 20
N Is there a standard length of time to track down non-responding customers w recalls? Misc. Quality Assurance and Business Systems Related Topics 2
AnaMariaVR2 Strategic Priorities: Responding to the Public Health Challenges of the 21st Century US Food and Drug Administration (FDA) 0
Q Not responding all the NCR?s Nonconformance and Corrective Action 10
M Responding to customers upon receipt of an alleged medical device deficiency Customer Complaints 6
M Workmanship Related Failures - Responding to a customer CAR Nonconformance and Corrective Action 12
ScottK Responding to calls for references, how do you handle it? Career and Occupation Discussions 5
M Responding to external communciation - In particular 4.4.3 b) - Dinged Miscellaneous Environmental Standards and EMS Related Discussions 6
S The Unreasonable Customer - Responding to 3 or more Customer Concerns a Day Customer and Company Specific Requirements 26
B Request: Suggestions / Tips for Responding to CAR for Late Deliveries Nonconformance and Corrective Action 14
I Corrective Action Time Line When Responding to a Major from a Registrar IATF 16949 - Automotive Quality Systems Standard 8
Q ISO 9001-2015 Internal audit finding Internal Auditing 12
lanley liao How to understand this words that the planning of internal audit shall take into consideration the results of previous audits? Oil and Gas Industry Standards and Regulations 10
P Audit check for IT company (ISO 9001) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
D Supplier audit Medical Device and FDA Regulations and Standards News 2
M Go Live With New ERP System before Recertification Audit General Auditing Discussions 6
A Add MDSAP to Internal Audit Schedule Medical Device Related Regulations 0
A Define timeline for Major and Miner Audit finding General Auditing Discussions 4
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
A API Monogram audit review process Oil and Gas Industry Standards and Regulations 4
S IATF 16949 Internal Audit Example IATF 16949 - Automotive Quality Systems Standard 7
B Remote IATF 16949 audit preparation General Auditing Discussions 10
M AS9100D Registrar pre-audit requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 15
I Do I need to sign off my annual audit calendar? Internal Auditing 2
R AS9100D internal audit checklist or ISO 9001 2015 to AS9100 D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
M Nice and simple invitation email to an audit kickoff meeting Internal Auditing 1
M IATF 16949 - Audit of Remote Location/Support Site and IT IATF 16949 - Automotive Quality Systems Standard 4
Q IATF audit - Root Cause Analysis results IATF 16949 - Automotive Quality Systems Standard 5
Q Self-assessment audit information Quality Management System (QMS) Manuals 6
Le Chiffre Online training available for ISO/IEC 17021-1: Requirements for bodies providing audit and certification of management systems Training - Internal, External, Online and Distance Learning 3
xfngrs NIOSH Audit for N95 respirators US Food and Drug Administration (FDA) 1
Sidney Vianna IATF 16949 News Risked Based Audit Day Calculation IATF 16949 - Automotive Quality Systems Standard 2
T AS9100 audit due to facility move AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
M ISO 13485:2016 internal audit checklist Medical Device and FDA Regulations and Standards News 5
A Internal Audit Questions ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
B SAP Audit trail Periodic Review EU Medical Device Regulations 1
N What are the software audit and control steps Reliability Analysis - Predictions, Testing and Standards 2
R Gap Audit Aerospsace and Rail QMS Quality Manager and Management Related Issues 0
salaheddine96 Internal audit planning Internal Auditing 2
A MDSAP Audit Questionnaire Medical Device and FDA Regulations and Standards News 7

Similar threads

Top Bottom