Should a 3rd Party Auditor Audit against IATF rules and not just the ISO standard?

Manix

Get Involved!!!
Trusted Information Resource
#1
Hi All,

It's been a while, I know, I'm sorry! Hope you're all OK.

I am just reviewing our latest TS16949 re-cert audit NC's (all Minor thankfully! and I have just noted that one refers to Rule 6.5 of the IATF TS rules.

As far as I can see this finding relates to no clause in the standard, FYI the finding was:

Whilst TS 16949 elements have been cross referenced to procedures, the procedures have not been cross referenced to the processes defined in the process map (Rules 6.5).

Is this a valid NC? I'm not disputing its merit, but I don't think it's fair to audit us against something we as an organisation are not following (perhaps we should be!), we are certified to a standard that has clauses that we are bound to meet, but not the rules! The standard makes no requirement for the above specifically.

This is going down against why I am highly opposed to the methodology of certified and audited management systems. But that's a whole other subject that eventually I'll write a paper about, but for now I am after everyone's input on this. :)
 
Elsmar Forum Sponsor
C

Curtis317

#2
Hi All,

It's been a while, I know, I'm sorry! Hope you're all OK.

I am just reviewing our latest TS16949 re-cert audit NC's (all Minor thankfully! and I have just noted that one refers to Rule 6.5 of the IATF TS rules.

As far as I can see this finding relates to no clause in the standard, FYI the finding was:

Whilst TS 16949 elements have been cross referenced to procedures, the procedures have not been cross referenced to the processes defined in the process map (Rules 6.5).

Is this a valid NC? I'm not disputing its merit, but I don't think it's fair to audit us against something we as an organisation are not following (perhaps we should be!), we are certified to a standard that has clauses that we are bound to meet, but not the rules! The standard makes no requirement for the above specifically.

This is going down against why I am highly opposed to the methodology of certified and audited management systems. But that's a whole other subject that eventually I'll write a paper about, but for now I am after everyone's input on this. :)
Not being active with in the Auditing scheme. I would think that the minor is beyond the Scope of the Audit. All audits have a defined scope. If the minor is not within the scope of the audit TS16949 then the minor finding does not apply. Any other thoughts?
 

Jim Wynne

Staff member
Admin
#3
Hi All,

It's been a while, I know, I'm sorry! Hope you're all OK.

I am just reviewing our latest TS16949 re-cert audit NC's (all Minor thankfully! and I have just noted that one refers to Rule 6.5 of the IATF TS rules.

As far as I can see this finding relates to no clause in the standard, FYI the finding was:

Whilst TS 16949 elements have been cross referenced to procedures, the procedures have not been cross referenced to the processes defined in the process map (Rules 6.5).

Is this a valid NC? I'm not disputing its merit, but I don't think it's fair to audit us against something we as an organisation are not following (perhaps we should be!), we are certified to a standard that has clauses that we are bound to meet, but not the rules! The standard makes no requirement for the above specifically.

This is going down against why I am highly opposed to the methodology of certified and audited management systems. But that's a whole other subject that eventually I'll write a paper about, but for now I am after everyone's input on this. :)
There is no requirement for any kind of documented cross-referencing. I don't know whether you're referring to the IATF rules for accreditation, which apply to CBs, or the IATF auditor guide document, but it doesn't matter. You were being audited against 16949, and you should protest the NC.
 

Howard Atkins

Forum Administrator
Staff member
Admin
#4
6.5 in the rules refers to Stage 1 and by definition is not relevant as this is a Re certification and no NCs can be issued at stage 1.

The rules are for the auditor BUT I must audit according to their requirements.

Further the standard says page viii

Remarks for certification
The certification to this Technical Specification, including customer-specific requirements if any, is recognized by the customer members of IATF when achieved according to the IATF certification scheme (see the ?Rules
for achieving IATF recognition?).
 

Manix

Get Involved!!!
Trusted Information Resource
#5
6.5 in the rules refers to Stage 1 and by definition is not relevant as this is a Re certification and no NCs can be issued at stage 1.

The rules are for the auditor BUT I must audit according to their requirements.

Further the standard says page viii
Thanks Howard, yes I do believe that this is part of the readiness review, I'm not entirely sure why they've been thrown in here, I think perhaps the auditor has become a bit confused about what he must audit versus what is audit-able!

I can see how this is useful at stage 1 and perhaps in a mature QMS you could use it as a gap analysis, but I'm not sure I see value in this being in the QM. 3rd party audits = :deadhorse: :notme:
 
Thread starter Similar threads Forum Replies Date
C Measuring Equipment on Injection Machine should be Calibrated by 3rd party? General Measurement Device and Calibration Topics 21
E Should FDA implement 3rd party (PMAs) reviews? What are the pros and cons of doing so Other US Medical Device Regulations 2
P How often should CMM attribute gages be 3rd party calibrated General Measurement Device and Calibration Topics 1
J UDI-DI how should we interpret Device version or model to determine if a new UDI-DI is needed? EU Medical Device Regulations 0
Sidney Vianna Interesting Discussion Should ISO 9004 be changed from a guidance standard to a requirements standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
A Should I take an online course for a career in Occupational Health and Safety? Career and Occupation Discussions 2
J Should a Class 1 medical device with an option to measure body weight be considered Class 1m? EU Medical Device Regulations 0
K Should APQP/PPAP has its own section in a QM? Quality Management System (QMS) Manuals 1
S What should i choose for "testing procedure" characteristics? (N95) General Information Resources 0
P Should eIFU link per ISO 15223-1:2016 be added to labels out of scope of Reg 207/2012? EU Medical Device Regulations 1
S Which Sampling Plan(s) Should I Use? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 7
A Document release vs its related training. Which should come first? ISO 13485:2016 - Medical Device Quality Management Systems 18
S Which department should prepare the control plan? could you show me a standard regarding to this matter. FMEA and Control Plans 17
J Help settle a disagreement: Should external providers of preventive maintenance be on your ASL? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
N Master Samples - What should we be keeping? IATF 16949 - Automotive Quality Systems Standard 9
G Supplier delivered recent PPAP, should he deliver yearly layout inspection? IATF 16949 - Automotive Quality Systems Standard 4
John Broomfield Vote - Should ISO9004 Become a Requirements Standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
A Capability Study - in the beginning of your career what should you have known about the tool Quality Tools, Improvement and Analysis 11
J Should Loading and Unloading be Included in Cycle Times? Lean in Manufacturing and Service Industries 14
E Manufacturers should develop a testing device for covid19 Service Industry Specific Topics 0
T 510(k) submission - Which name should I use in the submission? Other US Medical Device Regulations 3
N ISO 19011:2018 - 5.4.2 "...audit program should engage in appropriate continual development..." Training - Internal, External, Online and Distance Learning 4
G Should I perform Gage R&R only at the beginning of a new project? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 6
DuncanGibbons Should the requirements FAA/EASA Part 21 be addressed within the QMS and AS9100D quality manual? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
M Should 510(k) Predicates be Actively Listed Devices? Other US Medical Device Regulations 12
B Why the Greek god Hephaestus should have done a design FMEA (DFMEA) on his giant robot APQP and PPAP 1
J On PFMEA for danger labels - Label always should be assigned severity 10 ? FMEA and Control Plans 3
H Who should be listed as the manufacturer/distributor on the box? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 15
M MDR, RED and LVD - Should our device comply with them? EU Medical Device Regulations 3
BeaBea How Many Processes should be created for each Department? Process Maps, Process Mapping and Turtle Diagrams 5
M Should volume of sales be factored into risk probability assessments? ISO 14971 - Medical Device Risk Management 33
MrTetris Should potential bugs be considered in software risk analysis? ISO 14971 - Medical Device Risk Management 5
S Should safety checks be included in the Control Plan? IATF 16949 - Automotive Quality Systems Standard 5
M Which incubation condition should be selected to recover both bacteria and fungus effectively Miscellaneous Environmental Standards and EMS Related Discussions 3
D Is there a specific location for PPE such as safety glass holders and glove dispensers should be mounted Occupational Health & Safety Management Standards 10
Robert Stanley Which Registrar Should I Choose for ISO 9001:2015 registration? Registrars and Notified Bodies 10
M Who should receive the bills from suppliers and vendors, account payable or procurement? Consultants and Consulting 4
V IATF 16949 8.4.1 Control of externally provided processes, products and services - Should the CB be on our Approved Supplier List? IATF 16949 - Automotive Quality Systems Standard 10
A We are ISO 13485:2016 should we be audited to ISO 14971 ISO 13485:2016 - Medical Device Quality Management Systems 16
E Received a Major finding during IATF Surveillance audit for loss of BIQS Level 3 (more than 6 SPPS in 6 months)...how should we address SYSTEMIC CA? IATF 16949 - Automotive Quality Systems Standard 11
J Organization merger. Should we keep two separate ISO 13485 certificates? ISO 13485:2016 - Medical Device Quality Management Systems 6
S Companies that maintain your machine should be in ASL? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
S Use of "Shall" versus "Should" in Procedures ISO 13485:2016 - Medical Device Quality Management Systems 26
D Class II medical device - When should a complaint be closed? Customer Complaints 6
Sidney Vianna IATF 16949 News Presentations from the latest IATF Stakeholder Event - Expectation that IATF 16949 certification should equate with product quality. Misguided? IATF 16949 - Automotive Quality Systems Standard 7
L Clause 0.4 of ISO 9001 and EHS - Where should I stop the inclusion of EHS in my QMS ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
Ed Panek Part 11 Self Certify Memo - What else should it cover? Qualification and Validation (including 21 CFR Part 11) 5
H Should I mention machine/Equipment password In SOP? Qualification and Validation (including 21 CFR Part 11) 4
D How long should we keep the spare parts available for our medical device, after we have stopped the production? ISO 13485:2016 - Medical Device Quality Management Systems 0
H Statistical Techniques Procedure - What should be included Document Control Systems, Procedures, Forms and Templates 4

Similar threads

Top Bottom