The Elsmar Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Elsmar Cove Discussion Forums Main Page
Welcome to what was The Original Cayman Cove Forums!
This thread is carried over and continued in the Current Elsmar Cove Forums

Search the Elsmar Cove!

Wooden Line
This is a "Frozen" Legacy Forum.
Most links on this page do NOT work.
Discussions since 2001 are HERE

Owl Line
The New Elsmar Cove Forums   The New Elsmar Cove Forums
  Auditing
  System audits

Post New Topic  Post A Reply
profile | register | preferences | faq | search

UBBFriend: Email This Page to Someone! next newest topic | next oldest topic
Author Topic:   System audits
Judy Deja
unregistered
posted 21 March 2000 01:58 PM           Edit/Delete Message   Reply w/Quote
In management review, it is stated that you review the entire quality system once per year. If you cover all the elements in your internal audits, does the system audit have to be done (in addition) to remain in compliance?

IP: Logged

Kevin Mader
Forum Wizard

Posts: 575
From:Seymour, CT USA
Registered: Nov 98

posted 21 March 2000 05:12 PM     Click Here to See the Profile for Kevin Mader   Click Here to Email Kevin Mader     Edit/Delete Message   Reply w/Quote
Judy,

No, you do not have to, provided Internal Quality Audits cover all elements in the standard (over a defined period).

However, there are advantages to doing a complete Quality System audit. A system is made up of several activities, each dependent in some form or manner to the others. By doing section audits, you tend to look at the system 'parts' as being independent, which they are not (correlations may be weak or strong and not always obvious).

My suggestion: do a Quality System audit first. Identify areas of weakness and schedule follow-up section audits to help improve and reinforce standard practices.

Regards,

Kevin

IP: Logged

Sam
Forum Contributor

Posts: 244
From:
Registered: Sep 1999

posted 22 March 2000 08:27 AM     Click Here to See the Profile for Sam   Click Here to Email Sam     Edit/Delete Message   Reply w/Quote
IMO, yes. The audit serves the purpose of providing evidence of your compliance with the requirements.
The review required in 4.1.3 is for continuing suitability and effectiveness; apples and oranges.
Now, if you want to be creative you can include in your audit checklist questions that relate to S&E. I tried this approach at a previous employer and it was accepted by the auditor, but not without question, i.e., how is S$E accomplished effectively without a team review.

IP: Logged

Kevin Mader
Forum Wizard

Posts: 575
From:Seymour, CT USA
Registered: Nov 98

posted 22 March 2000 02:07 PM     Click Here to See the Profile for Kevin Mader   Click Here to Email Kevin Mader     Edit/Delete Message   Reply w/Quote
....more for the mix.

Marc answered a post a couple of days back about registered organizations having to have all ISO elements present for ISO registration. Marc stated that the elements (and points within each) had to be satisfied prior to registration. With this I agree entirely!! How is this accomplished?

Here are some of my observations:

I have seen it where all elements had to be present within the Quality Program and the Quality System, and both had to pass Suitability, Compliance, and effectiveness for Registration. This was with what I consider to be a reputable Registrar.

I have seen it where all elements had to be present within the Quality Program and mostly deployed within the Quality System, and where not, a plan for deployment would suffice. Effectiveness was of little consideration, but Suitability and Compliance were reviewed (as applicable). This was done by what I would consider a less-than-reputable registrar.

In both situations, both organizations were registered. Needless to say, the registration of the organization without complete compliance surprised the heck out of me. It happens often enough, I'm sure, but should not.

Also as an observation, the Surveillence Audits of Registrars have been less than a complete Quality System audit. They hit core elements (what they consider core) and a few additional elements when performing the surveillence. The goal of the Registrar is to see all elements over the three year registration period (sometimes duplicating the core elements, sometimes not). This I akin to the Internal Quality Audits, performed in areas or for documents rather than the complete system audit. It seems to be common practice both from my experience as an observer and from information I have read (here and elsewhere).

With this stated, my position is this: A system is not the sum of its parts. The parts are not separate, and as such, should not be audited separately. However, the practice of Registrars (beyond the initial registration audit) and the other auditing programs I have seen and used successfully, suggest to me otherwise. I guess I am a bit of a hypocrit, but I can change.

Regards,

Kevin

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 22 March 2000 02:16 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by Kevin Mader:

Marc answered a post a couple of days back about registered organizations having to have all ISO elements present for ISO registration. Marc stated that the elements (and points within each) had to be satisfied prior to registration.


Just to clarify: All elements have to be addressed as opposed to present. Most elements have to be present - such as you cannot opt out of the Internal Audits requirement but some companies may not do design (and as such can exclude design from their registration scope and they need not have a defined design system).

The 9001:2000 is actually addressing this plainly with 1.2 Permissible Exclusions.

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 22 March 2000 02:19 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
quote:
Originally posted by Kevin Mader:

....where not, a plan for deployment would suffice...


For registration, this is not supposed to be allowed in so far as ISO requirements are concerned. You either have a functioning system with evidence that it is functioning or you do not. A plan is not sufficient.

IP: Logged

Kevin Mader
Forum Wizard

Posts: 575
From:Seymour, CT USA
Registered: Nov 98

posted 22 March 2000 05:11 PM     Click Here to See the Profile for Kevin Mader   Click Here to Email Kevin Mader     Edit/Delete Message   Reply w/Quote
Marc,

Agreed! I was totally stupified. When the Management Rep called me to tell me they had passed, I was totally amazed. They hadn't done one corrective action, no internal audits were performed, and document control was in shambles. If I had placed a bet, I would have lost heavy! Additionally, the registration audit only covered 6 elements (the rest to do on subsequent surveillence audits)! 6! What a joke! This certainly does not promote confidence, not for me anyway.

Regards,

Kevin

p.s. As a point of clarification, IMO, before calling a registrar in for your registration audit, all elements must be audited internally. Otherwise, how can you assure that all elements have been addressed (as appropriate) and you are compliant with the program? My comment to Judy is in regard the fashion the elements are audited, as I take it from her post. Should a complete System Audit be performed, or can you break it into smaller 'element' audits, or, do you have to do both? My thoughts on that are above. Regards

[This message has been edited by Kevin Mader (edited 22 March 2000).]

IP: Logged

Marc Smith
Cheech Wizard

Posts: 4119
From:West Chester, OH, USA
Registered:

posted 22 March 2000 10:20 PM     Click Here to See the Profile for Marc Smith   Click Here to Email Marc Smith     Edit/Delete Message   Reply w/Quote
It no longer surprises me what registrars let companies get away with - which, of course, denigrates the whole process and the 'meaning' (such as it is) of ISO9001 registration.

Anything for a buck.

I will also admit that the same is true of 'consultants' any more. There's thousands of inept 'newbies' out there. (Of course, I'm not one of them! )

IP: Logged

Kevin Mader
Forum Wizard

Posts: 575
From:Seymour, CT USA
Registered: Nov 98

posted 23 March 2000 08:50 AM     Click Here to See the Profile for Kevin Mader   Click Here to Email Kevin Mader     Edit/Delete Message   Reply w/Quote
Marc,

I believe it would be rather difficult to sink to that level. You'd have to be in a walking coma.

The pursuit of the 'almighty dollar' drives a lot of good ideas down the tubes. That's really too bad!

Kevin

IP: Logged

All times are Eastern Standard Time (USA)

next newest topic | next oldest topic

Administrative Options: Close Topic | Archive/Move | Delete Topic
Post New Topic  Post A Reply Hop to:

Contact Us | The Elsmar Cove Home Page

Your Input Into These Forums Is Appreciated! Thanks!


Main Site Search
Y'All Come Back Now, Ya Hear?
Powered by FreeBSD!Made With A Mac!Powered by Apache!