What objective evidence can/can't be supplied during a customer audit?

#1
Hello,

I would like to know how members of this forum safeguard their confidential information during an external customer audit. For example, if the auditor requests to see objective evidence of your company's CAPA, internal audit or management review processes, what do you provide them with? Would showing them your documented procedure and forms suffice or should you supply redacted versions of a record?

With regard to management review, I would be leery to allow them to read through our managment review meeting minutes as they may contain information about our customer base which we would not want to disclose.

Additionally, I have heard that it's not a good idea to let an auditor read through your internal audit reports during a customer audit. Instead, it was relayed to me that a speadsheet should be created to show the auditor the status of planned audits, number of nonconformances generated and if the associated CARs have been closed out.

I appreciate any feedback the group has to share. Thanks in advance for your input!
 
Elsmar Forum Sponsor

Ninja

Looking for Reality
Trusted Information Resource
#2
Howdy Kennedy.

Welcome to the Cove.

First order of business is to set expectations before the auditor arrives.
Surprising them with "We won't show you that" typically leaves a bad impression.

Before they arrive, let the auditor know directly that what is shown during the audit will be edited to protect proprietary information.

We typically set aside CA, PA, Mgmt review items dealing specifically with that specific customer ... things that they already know about...and show them those.

If none exist, find a CA that you are comfortable showing...and show that.

Letting a customer read through the log and pick what he want's to read?...not gonna happen.

In my experience, the customer's auditors are used to viewing edited info and have no issue with it (as long as they know from the start that it will be handled this way...again, surprises are bad)

From your question, I gather that this may be your first customer audit.
Discuss the scope and agenda with the auditor (or at least with the customer in writing) before they arrive.
If this is your first customer audit ever...you may even consider telling the auditor that so they can cut you some slack. I told my first auditor that it was my first time and he actually led me through what other companies do...it was pretty nice.
The auditor is not your enemy (even if they seem like one sometimes)...they are people doing their job.

I get audited a couple dozen times a year by customers...it's no big deal if you keep your wits about you. Getting all worked up about it is probably the most dangerous thing.

Good luck! :agree1:
 
M

Moonlight17

#3
Hi rwp:bigwave:

We have many client audits at our company and provide the auditor with policies/procedures/work instructions/forms, but never divulge sensitive or confidential information.

Our incident reports contain information on clients as do man review minutes and as we are registered as Data Controllers, we would be in breach by allowing this.

We have always found auditors are satisfied with:
  • Audit schedules
  • NCF/OBS summary
  • Status of NCF/OBS
Hope this helps ya!:smokin:
 

John Broomfield

Staff member
Super Moderator
#4
Hello,

I would like to know how members of this forum safeguard their confidential information during an external customer audit. For example, if the auditor requests to see objective evidence of your company's CAPA, internal audit or management review processes, what do you provide them with? Would showing them your documented procedure and forms suffice or should you supply redacted versions of a record?

With regard to management review, I would be leery to allow them to read through our managment review meeting minutes as they may contain information about our customer base which we would not want to disclose.

Additionally, I have heard that it's not a good idea to let an auditor read through your internal audit reports during a customer audit. Instead, it was relayed to me that a speadsheet should be created to show the auditor the status of planned audits, number of nonconformances generated and if the associated CARs have been closed out.

I appreciate any feedback the group has to share. Thanks in advance for your input!
rwp_kennedy,

Only information that belongs solely to you or your customer as necessary to fulfill the audit objective.

The auditor must inform the auditee of the audit objective before the audit.

Of course you'll not provide any information regarding other customers but we must remember the definition of QA:

"providing confidence that requirements will be fulfilled".​

Being too guarded about the evidence of your management system's workings may not provide the confidence necessary for the customer to continue doing business with your company.

John
 
Thread starter Similar threads Forum Replies Date
D Device functionality over service life - Objective evidence required? Design and Development of Products and Processes 10
N Best practices for capturing audit objective evidence in a practical manner? Internal Auditing 3
S Ways to demonstrate objective evidence that employee is trained and competent ISO 13485:2016 - Medical Device Quality Management Systems 28
G FAI Objective Evidence AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
R CAPA Verification - ISO 13485:2016 Requirements and Objective Evidence ISO 13485:2016 - Medical Device Quality Management Systems 2
R What kind of Objective Evidence - AS9100 Cl. 7.1.6 - Organizational Knowledge AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Chennaiite Audit Objective Evidence - the holy **** Imported Legacy Blogs 1
Q Storage Temperature - Medical Device - Objective Evidence - MDD 93/42/EEC Other Medical Device Regulations World-Wide 1
B How is Objective Evidence Admitted in an Internal Audit? Internal Auditing 8
S Objective Evidence for 8.2.1 and 8.2.3 - Compliance with Management System Standard ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Q OER - Objective Evidence Report in AS9101D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
C Objective Evidence of Internal Auditors having Audit Clause 4.1. ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 20
N Minor for no objective evidence in regards to Calibration - Clause 7.6 ISO 9001:2008 Nonconformance and Corrective Action 5
J Training Records - HR Functions at Corporate Office - Objective evidence of training ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
G Solderability - Objective Evidence of Conformity to Standards - J-STD-610 Manufacturing and Related Processes 1
K Definition Statement of Fact - Considered Objective Evidence? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 12
I How make the objective evidence for the control of Foreign object damage? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
Coury Ferguson Customer Satisfaction - Objective Evidence AS9100, para. 5.2, 7.2.2, 7.2.3, 8.2.1 Records and Data - Quality, Legal and Other Evidence 3
A Timescales for Objective Evidence to be available for a Corrective Action Nonconformance and Corrective Action 5
Q Objective Evidence - Internal Audit Training in a Cargo Company Training - Internal, External, Online and Distance Learning 2
J Objective Evidence & Verbal Purchase Orders (PO's) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
A How much objective evidence is required for ISO9000 certification? Records and Data - Quality, Legal and Other Evidence 8
C Do you still collect hard copies of objective evidence when auditing? General Auditing Discussions 20
R What is Objective Evidence in an Audit? Written? Visual? Both? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 19
D Objective evidence for covering all shifts and locations General Auditing Discussions 6
S Objective Evidence of Review Document Control Systems, Procedures, Forms and Templates 10
T Can we remove a quality objective if we decide it is not measurable? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
Ashok sunder What are the criteria for setting a target KPI value against a quality objective? Benchmarking 7
L Inspection Plan for Microscope Objective Lens Inspection, Prints (Drawings), Testing, Sampling and Related Topics 4
qualprod Is a Corrective Action Expected if a Quality Objective is not in compliance? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 38
R Difference Process Objective/Opportunity for improvement ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
Q Department Expansion as a Quality Objective? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
O Is the Quality Objective for Company-wide Training as >90% too high? Training - Internal, External, Online and Distance Learning 4
Q Objective and Goals - ISO 9001:2008 Frequency Revision Requirements ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
Jen Kirley Wells Fargo's fines came from Management By Objective Coffee Break and Water Cooler Discussions 4
R Why customer satisfaction is not appropriate regulatory objective in medical device? ISO 13485:2016 - Medical Device Quality Management Systems 8
F Quality Objective Reference Chart Customer Complaints 4
C Objective for Evaluation of Suppliers Supplier Quality Assurance and other Supplier Issues 4
Y Must every Process have a Quality Objective? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 21
W Quality Objective clarification - Requirements for "levels within the organization" Quality Manager and Management Related Issues 9
T Quality Objective related Surveillance Audit Finding IATF 16949 - Automotive Quality Systems Standard 6
M Using Continued Environmental Compliance as an Objective Miscellaneous Environmental Standards and EMS Related Discussions 7
N How would you approach failing quality objective measurables? Quality Tools, Improvement and Analysis 12
J Definition of "objective" in 0.2 of ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
S Laboratory to Calibrate Objective Micrometer needed General Measurement Device and Calibration Topics 4
K Does an Internal Audit provide Objective or Subjective Verification? Internal Auditing 14
P Quality Objectives - How can we make our quality objective? Quality Manager and Management Related Issues 32
A Process Objectives and Metrics - Should every documented process have objective? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
R How to Achieve Multi Objective (Responses) Optimization in Minitab Using Minitab Software 17
R Can a Quality Policy include Health and Safety as an Objective? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 26

Similar threads

Top Bottom