Time gap for First Surveillance Audit of AS9100D after initial certification

#1
Hi Friends,

I have a query on the timing of the first surveillance audit after initial certification of AS9100 Rev D.

We had our stage 2 audit in Nov 2017 where we ended up with a few non-conformances which were cleared during a follow-up visit in Jan-2018 and we got the certificate by 23rd Jan 2018

Our certification body is asking for the surveillance audit by October 2018 considering that the stage 2 audit happened in November 2017 (They say that it should be before 12 months from stage 2 audit)

But When I read the ISO/IEC 17021-1:2015, I could find that it has stated "The date of the first surveillance audit following initial certification shall not be more than 12 months from the certification decision date"
I could not see any conflict of this in AS9101 Rev F too.
(the previous revisions, ISO/IEC17021-1:2011 and AS9101 rev E states that the first surveillance audit following initial certification shall not be more than 12 months from stage 2 audit. I could see that the new standard has changed the requirement)

So my doubt is, should not the certification decision date be after the non-conformances been cleared and the technical review team approves it or is it still considered from stage 2?


Before I reply to the certification body, I thought of getting some of your inputs.

Thank you in advance

Regards
Yatheendra
 
Elsmar Forum Sponsor

Sidney Vianna

Post Responsibly
Staff member
Admin
#2
So my doubt is, should not the certification decision date be after the non-conformances been cleared and the technical review team approves it or is it still considered from stage 2?
This seems to be one of those cases where the registrant (you) might teach the registrar about the requirements of the revised 17021. But could you please identify what paragraph of 17021:2015 you are referring to? I don’t see that text in my copy of the standard.

The certification decision happens, as you suspect, after the corrective actions and corrections were accepted
 
Last edited:

dsanabria

Quite Involved in Discussions
#3
Hi Friends,

I have a query on the timing of the first surveillance audit after initial certification of AS9100 Rev D.

We had our stage 2 audit in Nov 2017 where we ended up with a few non-conformances which were cleared during a follow-up visit in Jan-2018 and we got the certificate by 23rd Jan 2018

Our certification body is asking for the surveillance audit by October 2018 considering that the stage 2 audit happened in November 2017 (They say that it should be before 12 months from stage 2 audit)

But When I read the ISO/IEC 17021-1:2015, I could find that it has stated "The date of the first surveillance audit following initial certification shall not be more than 12 months from the certification decision date"
I could not see any conflict of this in AS9101 Rev F too.
(the previous revisions, ISO/IEC17021-1:2011 and AS9101 rev E states that the first surveillance audit following initial certification shall not be more than 12 months from stage 2 audit. I could see that the new standard has changed the requirement)

So my doubt is, should not the certification decision date be after the non-conformances been cleared and the technical review team approves it or is it still considered from stage 2?


Before I reply to the certification body, I thought of getting some of your inputs.

Thank you in advance

Regards
Yatheendra
When you look at your certificate and the expiration date... then count 90 days before that date and that is when your next surveillance will be.
 
#4
This seems to be one of those cases where the registrant (you) might teach the registrar about the requirements of the revised 17021. But could you please identify what paragraph of 17021:2015 you are referring to? I don’t see that text in my copy of the standard.

The certification decision happens, as you suspect, after the corrective actions and corrections were accepted
Thank you for your comments.

The requirement can be found under the clause 9.1.3.3 where it states "Surveillance audits shall be conducted at least once a calendar year, except in recertification years. The date of the first surveillance audit following initial certification shall not be more than 12 months from the certification decision date.".

Apart from these two standards, is there any such requirement mentioned in AS9104/1? I could not find anything from the draft copy that I had read.
 

somashekar

Staff member
Super Moderator
#5
If your certification effective date is Jan 2018, and the stage 2 audit happened in Nov 2017, then per the 'once in a calendar year' rule., your audit must happen by Dec 2018.
However in order to have the required time to complete the surveillance audit project before Jan 2019 (one year from Jan 2018), a date of Oct 2018 is perhaps proposed.
You can discuss with your CB for a float in Oct - Nov 2018 based on mutual convenience.
Certain CB discuss and decide broadly the next audit cycle month during the previous audit. Check out if you have already agreed for the Oct 2018.
 
#6
If your certification effective date is Jan 2018, and the stage 2 audit happened in Nov 2017, then per the 'once in a calendar year' rule., your audit must happen by Dec 2018.
However in order to have the required time to complete the surveillance audit project before Jan 2019 (one year from Jan 2018), a date of Oct 2018 is perhaps proposed.
You can discuss with your CB for a float in Oct - Nov 2018 based on mutual convenience.
Certain CB discuss and decide broadly the next audit cycle month during the previous audit. Check out if you have already agreed for the Oct 2018.
Thank you.
Exactly, that was what my point. I was also expecting an audit by Dec 2018. They gave the audit dates suddenly and and quoted the old rule (2011) which I believe was not right. Since the Certification date is on 23rd Jan 2018, we still have ample time even if we do the audit in December.

Regards
Yatheendra
 

somashekar

Staff member
Super Moderator
#7
The time to start and complete a surveillance audit project will vary depending upon several aspects., mainly being availability of auditors dates, The month long time given to close any possible minor NC's, Travel needs, Final report and NC response approval process, etc.
So we need to understand audit from the total perspective and accommodate to the best options that the CB can offer.
 
#8
I completely agree with your comments and we appreciate the CBs looking at the possibility of completing the audit without any risk to the organisation. But In this case, the problem was they are not looking beyond October and it seems they are not aware of the point about the first surveillance. I have communicated them quoting the text in the standard and it seems they need to check with their technical team before they could reply. I had doubts on my understanding, but with the help I got here, I could clear that.:)
 

Marc

Hunkered Down for the Duration
Staff member
Admin
#9
When you look at your certificate and the expiration date... then count 90 days before that date and that is when your next surveillance will be.
NOTE: This post has been reported as potentially containing inaccurate information.
 

dsanabria

Quite Involved in Discussions
#10
NOTE: This post has been reported as potentially containing inaccurate information.
SOrry for the lack of my wording but the 90 days rules is imposed by the registrar to:

1. Provide ample time to the clients to answer NCR (30 days)

2. The registrar need additional time to enter and review all data in OASIS

3. They push the limits on the following statements.

AS9104-1 2012
"For audits involving a certification decision, the CB shall be responsible for the input of the required data into the OASIS database within 30 days after the certificate issue date. For all other audits, the CB shall submit the required data into the OASIS database within 90 days after the on-site visit date. This entry into the database can be performed either directly by the CB or through the SMS, in accordance with the arrangements defined
by the IAQG sector or NAIA. The information to be input into the OASIS database is defined in Appendix C."
 
Thread starter Similar threads Forum Replies Date
D Gap Analysis - Three months until our ISO/TS 16949 3rd party surveillance audit IATF 16949 - Automotive Quality Systems Standard 4
R Complex IEC 60601-1 gap assessment IEC 60601 - Medical Electrical Equipment Safety Standards Series 0
S EU MDR CAPA - GAP Assessment on CAPA SOPs EU Medical Device Regulations 1
M Canadian regulation gap assessment Canada Medical Device Regulations 1
M MDSAP and 13485:2016 gap analysis Quality Management System (QMS) Manuals 1
M Gap analysis on ISO 14971:2019 with previous revision ISO 14971 - Medical Device Risk Management 4
H ISO 13485:2016 Gap Analysis by NB ISO 13485:2016 - Medical Device Quality Management Systems 7
J Looking for a EU MDR Gap Analysis template EU Medical Device Regulations 5
B Has anyone done an IEC 60601-1 gap analysis to IEC 60335? Medical Device and FDA Regulations and Standards News 4
M 10993-11 vs 2006 gap analysis Other Medical Device Related Standards 2
Nicole Desouza AS 9100 Rev D Gap Analysis AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
R AS9100 REV D gap analysis matrix AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
M MDR Medical devices Gap analysis ISO 13485:2016 - Medical Device Quality Management Systems 2
L UDI Requirments Gap Analysis - EU MDR vs FDA CFR EU Medical Device Regulations 8
J ISO 9001:2015 Excel Gap Analysis wanted ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
E ISO TC 34 and ISO 22000:2018 Gap Analysis and the principles of Codex Alimentarius Food Safety - ISO 22000, HACCP (21 CFR 120) 1
shimonv Checklist for MDD to MDR gap analysis EU Medical Device Regulations 18
Q GAP Analysis between IATF 16949 and VDA 6.3 wanted VDA Standards - Germany's Automotive Standards 3
P ISO 14001 - Looking for a Gap Analysis Template ISO 14001:2015 Specific Discussions 3
S Gap Analysis MDR req/MEDDEV 2.7.1 rev 4 EU Medical Device Regulations 3
V How do I get a rough MDD to MDR gap analysis by clauses Other Medical Device Related Standards 5
C Annex II EU MDR gap analysis EU Medical Device Regulations 7
P ISO 14155 GAP analysis Other Medical Device Related Standards 3
T IEC 60601 3.1 edition Gap Analysis wanted IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
J PCI PIN compliance and Gap analysis IEC 27001 - Information Security Management Systems (ISMS) 0
B Gap analysis of new start-up company technical documentation CE Marking (Conformité Européene) / CB Scheme 1
S ISO 9001:2015 Gap Analysis - In-House or 3rd Party? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
O What does "Gap" and "Flush" in ASME Y14.5 mean? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 1
S TGA regulations and ISO 13485:2016 gap analysis MDSAP ISO 13485:2016 - Medical Device Quality Management Systems 2
B NEED HSE-MS Gap Analysis between 2 existing Management Systems Occupational Health & Safety Management Standards 0
F New to RA: FDA Regulation Checklist/Gap Analysis 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
R New Tool from Omnex - IATF Gap Assessment IATF 16949 - Automotive Quality Systems Standard 0
C Upgrading from ISO 9001:2015 to IATF 16949:2016 - Anyone have a gap analysis tool? IATF 16949 - Automotive Quality Systems Standard 2
K AS9100 Rev. D Transition - Internal Audits & Gap Analysis Requirements AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
Icy Mountain ISO9001:2015 & IATF 16949:2016 Gap Analysis Tool IATF 16949 - Automotive Quality Systems Standard 7
L Medical Device Electrical Safety Standards - Gap Analysis of Latest Revisions Other ISO and International Standards and European Regulations 2
E Gap Analysis between MEDDEV 2.7/1 rev.4 vs. rev.3 wanted EU Medical Device Regulations 3
M ISO/TS16949 to IATF 16949:2016 Gap Analysis Questions IATF 16949 - Automotive Quality Systems Standard 2
W Gap Assessment for TS 16949 to IATF 16949 IATF 16949 - Automotive Quality Systems Standard 11
T TS16949 - What extras over the ISO 9001:2008? Gap Analysis IATF 16949 - Automotive Quality Systems Standard 5
Q Gap assessment on TL9000 with respect to ISO TS 16949 TL 9000 Telecommunications Standard and QuEST 3
A AS9100C to D - Has anyone done a gap analysis? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
P ISO 13485:2016 Gap Analysis with Changes Identified ISO 13485:2016 - Medical Device Quality Management Systems 26
E Gap Analysis for VDA 6.3:2010 and ISO/TS16949:2009 VDA Standards - Germany's Automotive Standards 5
S OHSAS 18001 Gap Analysis Template wanted Occupational Health & Safety Management Standards 5
F Gap Analysis Matrix for AS9100 Rev C to TS16949:2009 IATF 16949 - Automotive Quality Systems Standard 1
G Does anyone have a ISO 13485 Gap Analysis form they'd be willing to share? Quality Manager and Management Related Issues 3
K ISO 9001:2015 GAP Analysis ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
M I am looking for a Gap Analysis for TS16949 IATF 16949 - Automotive Quality Systems Standard 1
D Gap Analysis for ISO 18113-1 thru -5 (ISO 18113:2009 to ISO 18113:2012) Other ISO and International Standards and European Regulations 1

Similar threads

Top Bottom