What are general examples of audit findings with ISO 9001:2015?

#1
Greetings.

Our quality department is preparing for incoming audits, and our quality manager and I would be interested to learn about the kinds of audit findings that you have discovered so far with ISO 9001:2015. Generally speaking, what are the discrepancies/issues encountered during your audits? Since communication processes (i.e. 7.4) and risk-based thinking (i.e. 6.1) are such important newer requirements, I would particularly like to get a sense of your experience with these.

If this can help in formulating your response, we do containments, inspections and logistics for automotive OEMs.

Thank you.[FONT=&quot]

PS: Please note that I am a novice in Quality.[/FONT]
 
Elsmar Forum Sponsor

LUV-d-4UM

Quite Involved in Discussions
#2
Our quality department is preparing for incoming audits, and our quality manager and I would be interested to learn about the kinds of audit findings that you have discovered so far with ISO 9001:2015. Generally speaking, what are the discrepancies/issues encountered during your audits? Since communication processes (i.e. 7.4) and risk-based thinking (i.e. 6.1) are such important newer requirements, I would particularly like to get a sense of your experience with these.

If this can help in formulating your response, we do containments, inspections and logistics for automotive OEMs.
We have just completed an upgrade to the new ISO9001:2015. There was a zero findings. If you are going through this process the first time, here are the findings that I have experience from other audits:

1. Management Review - must include all the agenda items in ISO9001:2015

2. Internal Audits- must be completed for all the processes identified in the audit schedule/plan. Auditors will not be allowed to audit their own work. After completion of audits, someone else, must audit the Internal Audit process.

3. Corrective Actions must be verified for effectiveness before closure.

4. ISO9001:2015 awareness training to all employees in the system; must provide sign in sheet to show evidence that they are trained.

5. Supplier performance-must be included in Management Review

6. Of course other things like calibration, risk-based thinking will be demonstrated.

The Top Management of your organization SHALL be present during your audit. He has to explain the Quality objectives, and he has to answer the whole of section 5 of the ISO9001:2015 standard.:agree1:

A quality manual is not mandatory but it is good to have one as source of exploratory questions by the auditor. GOOD LUCK
 

LUV-d-4UM

Quite Involved in Discussions
#4
The preparation for upgrade to ISO9001:2015 is not easy. To get a Zero finding is possible only with 100% commitment from Leaders and employees. Our auditor went on overtime because of digging the process, score cards, spending time with top management etc...Good luck to everyone.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#6
I've done a over a dozen audits already including some multi-locations and the most common nonconformity has been control of documentation (7.5).
I mean nothing negative, but it makes me wonder if that represents the real problems or is this the "comfort zone" of the auditors? When a standard brings fluff and "hard to audit" issues such as leadership, context, knowledge management, risk and opportunities, etc. I suspect many auditors will avoid the discomfort and converge to their safe zones of tangible, "black&white" requirements such as calibration, document control, records, etc.

As I said several times, here and elsewhere, it does not matter if a requirement exists in a standard or not, until the organization is held accountable to comply with it, by an auditor, either internal or external.

I can guarantee that the majority of organizations already certified to 9001:2015 don't comply with the requirement to have the QMS integrated in the organization business processes, but very few auditors would have the intestinal fortitude to write that "failure mode" up in an audit. Until the conformity assessment practices are aligned with the standard, it does not matter what the standard says.

IAF, and ISO/CASCO when are you going to wake up?
 

Big Jim

Super Moderator
#8
The most common thing I have seen is not altering their management review agenda to include all the new management review topics.

As for integrating the quality management system to the business management system, I have had a few comment that ever since implementation of their quality management system they have always been integrated. And indeed, it appears that they have. This is more common with newer and smaller companies. Those burdened with the old school thinking that if it involved quality it was the responsibility of the quality manager and no one else needs to worry about it have not found their way in the new reality yet.
 

ReworkIT

Starting to get Involved
#9
The consultant we are using tells me that his clients struggle most with the Context of the Organization and how to link that to having a strategic plan of some kind and how to change the quality management system to implement the plan. They say the auditors who are doing the upgrade audits aren't hardly spending any time on that, but write up calibration and other things they've seen in previous visits.

A friend recently attended a quality conference and one of the speakers said that the Certification Body audit findings data didn't come close to addressing the product quality issues in their industry. I think Mr. Vianna posted a chart which showed that the #1 Major finding was auditor training.
 

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#10
I've had one audit (to 2008 version) in which I issued a major for resources (not) provided by management. The new standard's 5.1.1 requirements would have made it easier to write the action request, based on its more actionable language.

Writing legitimate action requests requires clear evidence to point to, in order to declare a requirement is ineffectively implemented. That is more difficult when time is limited, forcing a more superficial approach to auditing (mile wide and inch deep) and documented information for the requirements is not required. An auditor would need to be able to point to a recognized issue and say ____ is happening because of (fluff and "hard to audit" clauses). It is true that it is very difficult to train auditors to provide the needed in-depth analysis to correlate such clauses in a cause-and-effect manner that would add real value. It requires analysis and often process excavation. I try, often at the expense of another subject as I run over my time slot. When clients insist on staying within time slots, this opportunity sometimes slips by. I regret that but I cannot solve it.

The new standards are difficult for auditors who were used to a list of Shalls but those of us who have been in environmental and safety standards are sufferning somewhat less confusion. Auditors will need to up their game and learn the difference between leadership and management. Good luck with that, as many boast MBAs that I wonder left them with the ability to distinguish the two.
:2cents:
 
Thread starter Similar threads Forum Replies Date
Y What are different Special Inspection Level 1-4 and General spesification 1-3 ? AQL - Acceptable Quality Level 0
B General Motors and Honda Alliance - What does this mean to suppliers? IATF 16949 - Automotive Quality Systems Standard 3
F General Data Protection Regulation (GDRP) CE Marking (Conformité Européene) / CB Scheme 6
A Interpretation of GMP Requirements for class 1 medical device manufacturer (device GMP exempt, only General controls applicable) 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
D Importing a general wellness low risk product Other US Medical Device Regulations 3
M ISO 13485 for general purpose disinfectants? ISO 13485:2016 - Medical Device Quality Management Systems 9
M Do you need an Applicable general safety and performance requirements Checklist? EU Medical Device Regulations 2
DitchDigger UDI, Labeling Accessories, General Insanity, Etc. US Food and Drug Administration (FDA) 1
G Problem Resolution Report Monitoring - Customer complaint or PRR as general motors use Customer Complaints 12
P Is there a counterpart to the General Safety and Performance Regulations for the USA? Other US Medical Device Regulations 2
C CE marking for general IVD (self-certified) & ISO 13485 QMS requirements - auditing EU Medical Device Regulations 6
M Informational WHO – Report by the Director-General – Standardization of medical devices nomenclature Medical Device and FDA Regulations and Standards News 0
J General Motors SSE Launch Algorithm - SCMS's Service Industry Specific Topics 0
D Incoming (Receiving) Inspection - General form for incoming part inspection Document Control Systems, Procedures, Forms and Templates 17
M Informational 2019 Meeting Materials of the General and Plastic Surgery Devices Panel Medical Device and FDA Regulations and Standards News 0
M FDA Guidance - general wellness products - wearables Other Medical Device Related Standards 3
MrTetris GDPR - General Data Protection Regulation - Only applicable to EU data? Other ISO and International Standards and European Regulations 6
M Informational The USFDA Announces General and Plastic Surgery Devices Panel of the Medical Devices Advisory Committee Meeting on March 25-26, 2019 Medical Device and FDA Regulations and Standards News 0
M Oxygen enriched environment applicability - Operating table used in general surgeries in hospital IEC 60601 - Medical Electrical Equipment Safety Standards Series 0
Marc Definition GSPR - General Safety and Performance Requirements Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 0
M Annex I - General Safety and Performance Requirements. Precise identity - how provided EU Medical Device Regulations 6
E What is the general time line to prepare for IATF Letter of Conformance? IATF 16949 - Automotive Quality Systems Standard 1
S General Awareness Training for AS9100 Rev.D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
B IVD or a general product test kit (if such a thing exists) EU Medical Device Regulations 0
L GDPR scope - "Personal data" definition - General Data Protection Regulation EU Medical Device Regulations 5
S GDPR (General Data Protection Regulation) - My company is ISMS certified IEC 27001 - Information Security Management Systems (ISMS) 3
S Business development and support - Getting business general liability insurance Career and Occupation Discussions 5
DietCokeofEvil What is the general consensus on Caliper tolerances? General Measurement Device and Calibration Topics 1
W EU GDPR General Data Protection Regulation - What we need to update for our QMS EU Medical Device Regulations 14
Y Change Control - General Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
D General questions about Medical Device MOPs and MOPPs IEC 60601 - Medical Electrical Equipment Safety Standards Series 31
H ISO 9001:2015 Cl. 9.3.1 - General Director doesn't participate in Management Review ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
T GDPR - General Data Protection Regulation (EU and UK 2018) Other ISO and International Standards and European Regulations 7
S AS9100D Transitional Audit General Question Checklist AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
S Dates on Labels acceptable to the USA - GS1 General Specification 3.4.4 Other US Medical Device Regulations 3
K Thoughts on the impact of the General Data Protection Regulation? Medical Information Technology, Medical Software and Health Informatics 5
Pmarszal Clarification for 21 CFR Part 11.100 - General Requirements Other US Medical Device Regulations 14
T Difference betwee General vs. Follow-up Inspections US Food and Drug Administration (FDA) 3
L Wrist Actigraph Device - IEC 60601-1 general questions IEC 60601 - Medical Electrical Equipment Safety Standards Series 1
Chris Ford When is a device considered "sold to the general public?" Canada Medical Device Regulations 2
C Iran - Who is holder of an Iranian registration in general? Other Medical Device Regulations World-Wide 2
V General Full Factorial - Optimal Design Six Sigma 2
R General ISO/TS16949:2009 Implementation Primer Needed IATF 16949 - Automotive Quality Systems Standard 2
W DIN ISO 1101 - Show me the General Dimensioning Tolerance Value Other ISO and International Standards and European Regulations 3
Marc General Motors - 3D Scanning the Competition World News 2
J General QMS questions in regard to Medical Software ISO 13485:2016 - Medical Device Quality Management Systems 8
P Lot Acceptance Plan that specifies BS 6001 Double Sampling Plans, general inspection Inspection, Prints (Drawings), Testing, Sampling and Related Topics 1
D FDA Test requirements for a General Pedicle Screw vs. Shank Screw Other Medical Device and Orthopedic Related Topics 1
M General Guidelines on how to start a Quality Campaign Misc. Quality Assurance and Business Systems Related Topics 2
S General Safety Question - Possibly fatal air embolisms caused by air hoses Human Factors and Ergonomics in Engineering 21

Similar threads

Top Bottom