When audit NC requires only correction

Jane's

Involved In Discussions
#1
I was wondering how unusual is it to provide just a correction and no corrective action to an audit NC. The audit NC is minor and it is one of its kind, so there is no trend or multiple occurrences to establish a defined root cause.

TIA for your replies.
 
Elsmar Forum Sponsor

Jane's

Involved In Discussions
#3
Will do:)

Meanwhile it would be nice to know that other ppl have done that too. I should add that risk was calculated as low and our current process allows for this (it's just that we have never used that for an audit NC).
 

ScottK

Not out of the crisis
Leader
Super Moderator
#4
Sure - it's up to the auditor and his organization's policies.

It's still pretty standard practice that if a one-off finding is corrected by the time of the closing meeting it won't count as a finding... whether the auditor makes you follow the full corrective action process is up to them and they would likely make that judgement base on potential risk.

If it's really super simple, like a page missing from a printed document where the pdf version is whole, I would let that go with just a correction... unless I saw a second instance.
 

Jane's

Involved In Discussions
#6
The NC is minor by definition and calculated risk is low due to low occurrence and high detection, but the issue itself is maybe not minor per se. My problem is that:

  1. there is no other occurrence of a similar NC,
  2. the NC precedes me (the content which contains an error was written by the former staff), and
  3. we already have a mechanism in place to prevent this from happening again - compliance with applicable standards and regulatory requirements is required throughout our processes. The NC was that retention time for certain records was set to be shorter than that required by the EU regs.
Any additional thoughts much appreciated.
 

Marcelo

Inactive Registered Visitor
#7
The NC was that retention time for certain records was set to be shorter than that required by the EU regs.
I'm not sure how this is a minor NC. Your company is already required, including by applicable regulations, to comply with regulations. If you are not complying, this is a very serious NC. Why did this happen? Why were your system not complying with something. It should? Did anyone check compliance with all applicable regulatory requirements? If so, why the person did not note this? How many more regulatory requirements is the company not complying with?

we already have a mechanism in place to prevent this from happening again - compliance with applicable standards and regulatory requirements is required throughout our processes.
Doing something that you should already be doing (as mentioned, this is already required by the standard and by the applicable regulations) is not something that controls the risk, and I don't see how it will prevent this from happening again as the NC itself already is a case of this not happening.
 
#8
I was wondering how unusual is it to provide just a correction and no corrective action to an audit NC. The audit NC is minor and it is one of its kind, so there is no trend or multiple occurrences to establish a defined root cause.

TIA for your replies.
What type of audit is it? External? Internal? When people answer, without knowing this information, it becomes very difficult to provide an accurate, "quality" answer.
 

Jane's

Involved In Discussions
#9
I'm not sure how this is a minor NC. Your company is already required, including by applicable regulations, to comply with regulations. If you are not complying, this is a very serious NC. Why did this happen? Why were your system not complying with something. It should? Did anyone check compliance with all applicable regulatory requirements? If so, why the person did not note this? How many more regulatory requirements is the company not complying with?
I agree with you that severity of the NC is high and that is how we evaluated it too, but this is still a minor NC. For all I know, that could have been a typo showing 3 where it should have been 5 in the table which specifies the records retention time. As i said, this was established by former staff, so i can't ask them what happened or re-train them or whathave you.

Note that a major NC/QMS breakdown would be not having any requirement for records retention. How do we know other EU req's are met? We completed the essential requirements checklist, Annex I (we are class II, so self-declared).

Doing something that you should already be doing (as mentioned, this is already required by the standard and by the applicable regulations) is not something that controls the risk, and I don't see how it will prevent this from happening again as the NC itself already is a case of this not happening.
I am not sure I understand what you are saying in this paragraph, but I appreciate the effort.

@AndyN: It's an external. I know, i'm feeling pretty brave just talking about it:)
 
Last edited:
#10
Most external auditors look at things as if they are an "iceberg" - by which I mean the auditor thinks "If I found it, it must be that there's much more below the surface". That's instead of them taking time to understand how systemic the issue is. So, they treat everything as if root cause is needed instead of allowing things to be corrected...
 
Thread starter Similar threads Forum Replies Date
marmotte Malaysia - Auditor Requires an Updated Audit Report Other Medical Device Regulations World-Wide 5
A Client requires to witness an Internal Audit of our Sub-Contractor Internal Auditing 4
Ed Panek Audit Protocol? Simultaneous surveillance and recertification audits. ISO 13485:2016 - Medical Device Quality Management Systems 11
D Is a lost calibrated tool an non-conformance for an audit? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 58
D IATF16949 external audit plan IATF 16949 - Automotive Quality Systems Standard 3
B 8.5.1.1 Control Plan - question audit NC IATF 16949 - Automotive Quality Systems Standard 5
D ISO 9001:2015 Recertification Audit Timing ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
Mr Roo Discovered dishonesty after performing an internal audit General Auditing Discussions 4
Q 10.3 Continual improvement - How to audit it? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
H Audit Checklist for European Authorized Representative EU Medical Device Regulations 0
Q Product audit assessment IATF 16949 - Automotive Quality Systems Standard 3
S Customer audit report review and approval ISO 13485:2016 - Medical Device Quality Management Systems 3
Moncia Integrated QMS and audit Other ISO and International Standards and European Regulations 5
G Audit & Agreements for "Test Laboratory" Supplier? US Medical Device Regulations 4
J New QMS Auditor - seeking opportunities to gain audit experience Career and Occupation Discussions 3
M IATF external audit NC closure IATF 16949 - Automotive Quality Systems Standard 4
W IATF 9.2.2.1 Internal Audit how to determine risk IATF 16949 - Automotive Quality Systems Standard 12
M Multiple time zones in the Audit Trail Qualification and Validation (including 21 CFR Part 11) 7
X Looking for 17025 auditor to perform internal audit on IT software testing laboratory ISO 17025 related Discussions 3
A API Q1 9th Edition Surveillance Audit - Quality Policy Oil and Gas Industry Standards and Regulations 2
S Audit Finding - Design History File (DHF) Index: few (3 to 4) reports not identified ISO 13485:2016 - Medical Device Quality Management Systems 3
xfngrs 3 year audit cycle IATF 16949 IATF 16949 - Automotive Quality Systems Standard 9
Q NACE Code 25.6 no reduction in CB audit days? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 23
J 9001 Internal Audit of Client Onboarding process ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
H Streamlining audit response and corrective action processes ISO 13485:2016 - Medical Device Quality Management Systems 9
Q Corrective Action Notification - Registration Audit ISO 13485:2016 - Medical Device Quality Management Systems 12
chris1price Irradiation site for dose audit Other Medical Device Related Standards 2
PQ Systems 5 Ways to Reduce Stress on Your Next Audit Using GAGEpack Software 0
PQ Systems Audit Prep – Time for a System Health Check Using GAGEpack Software 0
N API Q1 Audit Surveillance - Questions Oil and Gas Industry Standards and Regulations 2
A Alternative to on site audit in China EU Medical Device Regulations 2
J Help to understand and response to API AAR during the re-certification audit Oil and Gas Industry Standards and Regulations 17
B Internal audit checklist Internal Auditing 5
V Internal Audit Software IATF 16949 - Automotive Quality Systems Standard 5
J Internal Audit Schedule IATF Internal Auditing 4
Mikey324 External calibration - Finding in our 3rd party audit General Measurement Device and Calibration Topics 58
C ISO 14001 Internal Audit - Opportunity for Improvement ISO 14001:2015 Specific Discussions 2
P Does FDA require certification for quality system internal audit for auditor? Qualification and Validation (including 21 CFR Part 11) 1
J Stage 2 audit initial cert, few data points ISO 13485:2016 - Medical Device Quality Management Systems 4
S Corrections not allowed during audit ISO 13485:2016 - Medical Device Quality Management Systems 7
P Looking to outsource Internal Audit - MDSAP competent auditor needed Other Medical Device Regulations World-Wide 9
R GFE Audit - Violation? GFE Location Controls AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 0
D Help Me. Non conformitty in External Audit IATF 16949 - Automotive Quality Systems Standard 13
M How to answer ISO9001:2015 audit finding of old revisions of documents being used? Document Control Systems, Procedures, Forms and Templates 8
B UKRP to what level should you audit Class I Technical Documentation? UK Medical Device Regulations 0
I Audit is tomorrow but I refused to participate Misc. Quality Assurance and Business Systems Related Topics 16
I ISO 17025:2017 / ANAB 3125 - Articulating / Communicating Risks vis-a-vis Audit Findings ISO 17025 related Discussions 2
D Verify Audit Trail of SaaS system Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 5
D Re-labeler - audit the supplier EU Medical Device Regulations 2
J Outsourced Internal Audit requirements for Aerospace Suppliers AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 21

Similar threads

Top Bottom