When audit NC requires only correction

Jane's

Involved In Discussions
#1
I was wondering how unusual is it to provide just a correction and no corrective action to an audit NC. The audit NC is minor and it is one of its kind, so there is no trend or multiple occurrences to establish a defined root cause.

TIA for your replies.
 
Elsmar Forum Sponsor

Jane's

Involved In Discussions
#3
Will do:)

Meanwhile it would be nice to know that other ppl have done that too. I should add that risk was calculated as low and our current process allows for this (it's just that we have never used that for an audit NC).
 

ScottK

Not out of the crisis
Staff member
Super Moderator
#4
Sure - it's up to the auditor and his organization's policies.

It's still pretty standard practice that if a one-off finding is corrected by the time of the closing meeting it won't count as a finding... whether the auditor makes you follow the full corrective action process is up to them and they would likely make that judgement base on potential risk.

If it's really super simple, like a page missing from a printed document where the pdf version is whole, I would let that go with just a correction... unless I saw a second instance.
 

Jane's

Involved In Discussions
#6
The NC is minor by definition and calculated risk is low due to low occurrence and high detection, but the issue itself is maybe not minor per se. My problem is that:

  1. there is no other occurrence of a similar NC,
  2. the NC precedes me (the content which contains an error was written by the former staff), and
  3. we already have a mechanism in place to prevent this from happening again - compliance with applicable standards and regulatory requirements is required throughout our processes. The NC was that retention time for certain records was set to be shorter than that required by the EU regs.
Any additional thoughts much appreciated.
 

Marcelo

Inactive Registered Visitor
#7
The NC was that retention time for certain records was set to be shorter than that required by the EU regs.
I'm not sure how this is a minor NC. Your company is already required, including by applicable regulations, to comply with regulations. If you are not complying, this is a very serious NC. Why did this happen? Why were your system not complying with something. It should? Did anyone check compliance with all applicable regulatory requirements? If so, why the person did not note this? How many more regulatory requirements is the company not complying with?

we already have a mechanism in place to prevent this from happening again - compliance with applicable standards and regulatory requirements is required throughout our processes.
Doing something that you should already be doing (as mentioned, this is already required by the standard and by the applicable regulations) is not something that controls the risk, and I don't see how it will prevent this from happening again as the NC itself already is a case of this not happening.
 
#8
I was wondering how unusual is it to provide just a correction and no corrective action to an audit NC. The audit NC is minor and it is one of its kind, so there is no trend or multiple occurrences to establish a defined root cause.

TIA for your replies.
What type of audit is it? External? Internal? When people answer, without knowing this information, it becomes very difficult to provide an accurate, "quality" answer.
 

Jane's

Involved In Discussions
#9
I'm not sure how this is a minor NC. Your company is already required, including by applicable regulations, to comply with regulations. If you are not complying, this is a very serious NC. Why did this happen? Why were your system not complying with something. It should? Did anyone check compliance with all applicable regulatory requirements? If so, why the person did not note this? How many more regulatory requirements is the company not complying with?
I agree with you that severity of the NC is high and that is how we evaluated it too, but this is still a minor NC. For all I know, that could have been a typo showing 3 where it should have been 5 in the table which specifies the records retention time. As i said, this was established by former staff, so i can't ask them what happened or re-train them or whathave you.

Note that a major NC/QMS breakdown would be not having any requirement for records retention. How do we know other EU req's are met? We completed the essential requirements checklist, Annex I (we are class II, so self-declared).

Doing something that you should already be doing (as mentioned, this is already required by the standard and by the applicable regulations) is not something that controls the risk, and I don't see how it will prevent this from happening again as the NC itself already is a case of this not happening.
I am not sure I understand what you are saying in this paragraph, but I appreciate the effort.

@AndyN: It's an external. I know, i'm feeling pretty brave just talking about it:)
 
Last edited:
#10
Most external auditors look at things as if they are an "iceberg" - by which I mean the auditor thinks "If I found it, it must be that there's much more below the surface". That's instead of them taking time to understand how systemic the issue is. So, they treat everything as if root cause is needed instead of allowing things to be corrected...
 
Thread starter Similar threads Forum Replies Date
marmotte Malaysia - Auditor Requires an Updated Audit Report Other Medical Device Regulations World-Wide 5
A Client requires to witness an Internal Audit of our Sub-Contractor Internal Auditing 4
B IATF16949 audit requirement - Auditor request UCL and LCL must be show Xbar-R, IATF 16949 - Automotive Quality Systems Standard 6
T COVID, Furlough and ISO9001 Surveillance Audit Coffee Break and Water Cooler Discussions 2
R External Audit and Certificate prorogation due to the pandemic General Auditing Discussions 10
Dean Bell Implementation of Controls as per SOA for Stage 2 Audit IEC 27001 - Information Security Management Systems (ISMS) 0
G Logistic organization and controls - IATF/ISO 9001 audit Nonconformance and Corrective Action 2
Geoff Cotton Performing a Delta Audit General Auditing Discussions 12
N ISO 19011:2018 - 5.4.2 "...audit program should engage in appropriate continual development..." Training - Internal, External, Online and Distance Learning 4
G MSA check list to audit IATF 16949 - Automotive Quality Systems Standard 8
L Open Positions During AS9100 Audit AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
L Stage 2 audit - Requirement for 3 months of records ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
F Who can sit in/perform an API audit? Oil and Gas Industry Standards and Regulations 2
L Manufacturing Process Audit Help IATF 16949 - Automotive Quality Systems Standard 6
H AS9100 Checklist for Internal Audit needed AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
A What are the pros and cons of using an audit software for internal auditing? General Auditing Discussions 4
F Internal Audit before Pre-Assessment ISO 17025 related Discussions 2
Q Internal audit plan template Internal Auditing 5
G Self Assessment Audit from a new potential customer General Auditing Discussions 3
L Internal audit during COVID-19 restrictions ISO 13485:2016 - Medical Device Quality Management Systems 5
M OEM asking for NC report after certification audit. IATF 16949 - Automotive Quality Systems Standard 3
Ooi Yew Jin Customer E audit preparation Quality Manager and Management Related Issues 2
N Audit non-compliance API Q1 - Use of External Documents 4.4.4 in Product Realization Oil and Gas Industry Standards and Regulations 4
J Remote Audit Experiences - June 2020 General Auditing Discussions 26
F Product audit sampling plans IATF 16949 - Automotive Quality Systems Standard 3
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
M Supplier Audit Report - Template for second party audit wanted Lean in Manufacturing and Service Industries 1
Stefan Mundt AS9100D Major nonconformity due to recurrence of a NC during a subsequent CB audit. AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
B Using Unreleased Documents & Process Maps for Internal Audit purposes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
Q ISO 9001:2015 man days for surveillance audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
F ISO 13485 - EU countries that could request another audit ISO 13485:2016 - Medical Device Quality Management Systems 2
H Layered audit updates after COVID-19 shutdowns Process Audits and Layered Process Audits 0
L How to deal with an ISO 13485 Supplier Audit nonconformance ISO 13485:2016 - Medical Device Quality Management Systems 17
M Description of the requirements of clause 9.2.2.3 manufacturing process audit- needs your feedback IATF 16949 - Automotive Quality Systems Standard 0
Armen Conflict of Interest if I audit the QC department? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 16
V Generic IATF 16949 Audit Checklist wanted IATF 16949 - Automotive Quality Systems Standard 3
A NB (Notified Body) Audit of Standards ISO 13485:2016 - Medical Device Quality Management Systems 3
N Audit non-compliance - API Spec Q1 9th Ed 5.6.1.2 b Oil and Gas Industry Standards and Regulations 10
M Any way to execute VDA 6.3 audit remotely? VDA Standards - Germany's Automotive Standards 2
D Audit for ISO and AS 91XX and mitigating exposure to COVID-19 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 14
D Postpone IATF 16949 audit due to COVID-19 IATF 16949 - Automotive Quality Systems Standard 41
JoCam Certified Body Audit of MDR requirements EU Medical Device Regulations 4
D Do non-IATF customers need to be included in audit scope? IATF 16949 - Automotive Quality Systems Standard 23
Ajit Basrur Track audit findings on Excel tracker Excel .xls Spreadsheet Templates and Tools 9
N Small Company - Internal audit process - Who does the audit? Internal Auditing 16
J Does anyone have an excel IATF 16949 Internal Audit checklist I could use? IATF 16949 - Automotive Quality Systems Standard 7
Watchcat Anyone had an MDR technical file review/audit yet? EU Medical Device Regulations 13
G Addressing Non-Conformances from an Internal Audit that are not product related ISO 13485:2016 - Medical Device Quality Management Systems 11
M Has anyone has been through an MDR audit? (3/2020) EU Medical Device Regulations 1
J Audit Finding For Not Retaining Test Results ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7

Similar threads

Top Bottom