Should an auditor document potential nonconformities in the audit report?

S

samsung

#1
Should potential nonconformities be documented along with detected/ verified nonconformities in the audit report ? How are they categorized, I mean as NC's or as observations ?

If they are reported as NCs, should a CAR & follow up audit be applicable ?

Your inputs appreciated.

Thanks.
 
Elsmar Forum Sponsor

somashekar

Staff member
Super Moderator
#2
Should potential nonconformities be documented along with detected/ verified nonconformities in the audit report ? How are they categorized, I mean as NC's or as observations ?

If they are reported as NCs, should a CAR & follow up audit be applicable ?

Your inputs appreciated.

Thanks.
The potential NC would be a good input as an observation point which as many call it 'Value addition' in the audit activity. An audit NC reported must be fact based or objective evidence based. I am sure more inputs will flow on this.
 

qusys

Trusted Information Resource
#3
I think that the auditor could have already some data from the preventive action process, auditing management review.
However I agree that they could be some observations as said in the previous post.:bigwave:
 
#4
Should potential nonconformities be documented along with detected/ verified nonconformities in the audit report ? How are they categorized, I mean as NC's or as observations ?

If they are reported as NCs, should a CAR & follow up audit be applicable ?
Clearly, an internal auditor should point out the potential for problems. If it's a POTENTIAL problem, then calling it a non-conformity will confuse people, won't it? I would advocate not 'classifying' them but making clear in the report what you are indicating. Too much effort is placed in naming things, rather than on the description of what's reported. If you are clear on what it is you're telling management, they'll notice and fix it - if you're correct! If they don't , it's still recorded in the audit report, for use by the audit management in directing the focus of the next auditor!:read:
 
S

samsung

#5
Clearly, an internal auditor should point out the potential for problems. If it's a POTENTIAL problem, then calling it a non-conformity will confuse people, won't it? I would advocate not 'classifying' them but making clear in the report what you are indicating. Too much effort is placed in naming things, rather than on the description of what's reported. If you are clear on what it is you're telling management, they'll notice and fix it - if you're correct! If they don't , it's still recorded in the audit report, for use by the audit management in directing the focus of the next auditor!:read:
:agree1: Yes, it's more appropriate to call it a 'potential problem' than a 'potential nonconformity' to erase the confusion. However, much of the confusion lies in:
The organization shall determine action to eliminate the causes of potential nonconformities in order to prevent their occurrence.
Anyway, but not taking a preventive action against a perceived problem should, then form a basis for writing a nonconformity ?
 
#7
:agree1: Yes, it's more appropriate to call it a 'potential problem' than a 'potential nonconformity' to erase the confusion. However, much of the confusion lies in:


Anyway, but not taking a preventive action against a perceived problem should, then form a basis for writing a nonconformity ?
If we are talking about an audit report then, no. The auditor should report if they see a potential problem. How can they write a nonconformity? It's only their 'opinion' at this point.

Also, there would have to be a great deal of confidence in the whole audit program, IMHO, before management would address an audit report as 'preventive action - IMHO. It would be sheer luck unless the audit was planned with the idea of detecting a potential failure...
 
S

samsung

#8
If we are talking about an audit report then, no. The auditor should report if they see a potential problem. How can they write a nonconformity? It's only their 'opinion' at this point.

Also, there would have to be a great deal of confidence in the whole audit program, IMHO, before management would address an audit report as 'preventive action - IMHO. It would be sheer luck unless the audit was planned with the idea of detecting a potential failure...
All I can conclude from this discussion is that:

1. The definition of 'nonconformity' isn't consistent with the one suffixed in 'potential nonconformity' that has yet not taken any definite shape to point to a 'requirement' that hasn't been fulfilled.

2. 'Potential nonconformity', as pointed by Andy, should be construed as a 'problem' rather than a 'nonconformity' in its literal sense.

Thanks for all great inputs.
 
#10
‘Certification/registration bodies (CRB’s, or “registrars”) are subject to the rules of both ISO 19011.CRB:
□ When writing findings, the CRB must adhere to the following convention:
o Clearly record the nonconformity
o Indicate the clause under which the nonconformity falls
o Clearly state the objective evidence that supports the nonconformity
o Indicate whether the nonconformity is a major or minor, using definitions of those
terms as defined by the CRB’s procedures
o Review the nonconformity, and revise as necessary, to ensure that it is written in a way that is verifiable at a later date without any further request for information.
□ Findings that do not follow all the requirements of this convention will be considered to be nonconforming against ISO 19011’.


ISO 19011 requirements aren't rules! A Certification Body doesn't have to follow ISO 19011, it's a guideline. If we're talking accreditation of a CB to ISO/IEC 17021, ISO 19011 is a normative reference', called out in a few sections of 17021.

I don't believe that Mr. YYYYYYYYY 's quote is an authoritative reference today (5 years later)
 
Thread starter Similar threads Forum Replies Date
C Should I get an Internal Auditor Certification of Exemplar Global / RABQSA? Internal Auditing 17
J Auditor says 5.6.3 should be discussed in Management Review Management Review Meetings and related Processes 62
Manix Should a 3rd Party Auditor Audit against IATF rules and not just the ISO standard? General Auditing Discussions 4
R Full Time Internal Auditor - Where should I be looking for someone? Career and Occupation Discussions 15
P Registrar Auditor's Candid Remarks - Should I report him to his office? Quality Manager and Management Related Issues 9
A Auditees disagree with CA Request; What should Lead Auditor do? Internal Auditing 6
D What should the QMS Auditor do if a Major Nonconformity is found during an Audit? Internal Auditing 11
D Since NIST # can not be used to verify Traceability - What an Auditor should do AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 8
K Management requires the auditor to make recommendations - How should this be done? Food Safety - ISO 22000, HACCP (21 CFR 120) 5
M How should the Lead Auditor react if there is an argument with the company? General Auditing Discussions 10
W Should I invest in ISO standards for the CBA (Certified Biomedical Auditor) exam? Other Medical Device Regulations World-Wide 18
S Internal Auditor Training - How often should an internal auditor be trained? Training - Internal, External, Online and Distance Learning 15
T Witness Auditor - Should they be listed on both OASIS and RABQSA auditor listings? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
A Does auditor have conflict of interest? Should we ask for different auditor? Registrars and Notified Bodies 12
K Gage R&R Records - Should we keep data longer as 'suggested' by our TS Auditor? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 7
C Which provider in India should I take the ISO 9001 Lead Auditor Course From? Training - Internal, External, Online and Distance Learning 5
S FDA Part 820 Audit vs. ISO 9001 - Anything I should be aware of as an auditor? Various Other Specifications, Standards, and related Requirements 13
C Anything I should do or study prior to taking the 14001 Lead Auditor Class? ISO 14001:2015 Specific Discussions 15
J Rating Nonconformance's - Auditor said we should update our procedure (CAR/PAR) Preventive Action and Continuous Improvement 12
S Internal Auditor Qualifications - What qualifications should I include? Internal Auditing 49
A Steps one should follow to be registered QMS lead auditor ASQ, ANAB, UKAS, IAF, IRCA, Exemplar Global and Related Organizations 19
I Layout inspection content - Auditor said we should do an annual audit also Inspection, Prints (Drawings), Testing, Sampling and Related Topics 16
I Auditing the CEO - How? What should our Internal Auditor ask? Internal Auditing 6
I Who accompanies 'the Auditor'? Should Auditors be Escorted? General Auditing Discussions 40
Sidney Vianna Interesting Discussion Should ISO 9004 be changed from a guidance standard to a requirements standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
A Should I take an online course for a career in Occupational Health and Safety? Career and Occupation Discussions 2
J Should a Class 1 medical device with an option to measure body weight be considered Class 1m? EU Medical Device Regulations 0
K Should APQP/PPAP has its own section in a QM? Quality Management System (QMS) Manuals 1
S What should i choose for "testing procedure" characteristics? (N95) General Information Resources 0
P Should eIFU link per ISO 15223-1:2016 be added to labels out of scope of Reg 207/2012? EU Medical Device Regulations 1
S Which Sampling Plan(s) Should I Use? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 7
A Document release vs its related training. Which should come first? ISO 13485:2016 - Medical Device Quality Management Systems 18
S Which department should prepare the control plan? could you show me a standard regarding to this matter. FMEA and Control Plans 17
J Help settle a disagreement: Should external providers of preventive maintenance be on your ASL? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
N Master Samples - What should we be keeping? IATF 16949 - Automotive Quality Systems Standard 9
G Supplier delivered recent PPAP, should he deliver yearly layout inspection? IATF 16949 - Automotive Quality Systems Standard 4
John Broomfield Vote - Should ISO9004 Become a Requirements Standard? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
A Capability Study - in the beginning of your career what should you have known about the tool Quality Tools, Improvement and Analysis 11
J Should Loading and Unloading be Included in Cycle Times? Lean in Manufacturing and Service Industries 14
E Manufacturers should develop a testing device for covid19 Service Industry Specific Topics 0
T 510(k) submission - Which name should I use in the submission? Other US Medical Device Regulations 3
N ISO 19011:2018 - 5.4.2 "...audit program should engage in appropriate continual development..." Training - Internal, External, Online and Distance Learning 4
G Should I perform Gage R&R only at the beginning of a new project? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 6
DuncanGibbons Should the requirements FAA/EASA Part 21 be addressed within the QMS and AS9100D quality manual? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
M Should 510(k) Predicates be Actively Listed Devices? Other US Medical Device Regulations 12
B Why the Greek god Hephaestus should have done a design FMEA (DFMEA) on his giant robot APQP and PPAP 1
J On PFMEA for danger labels - Label always should be assigned severity 10 ? FMEA and Control Plans 3
H Who should be listed as the manufacturer/distributor on the box? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 15
M MDR, RED and LVD - Should our device comply with them? EU Medical Device Regulations 3
BeaBea How Many Processes should be created for each Department? Process Maps, Process Mapping and Turtle Diagrams 5

Similar threads

Top Bottom