Questions for Auditing Utilizing a Process Approach

Whether facing a surveillance audit from a certification body or preparing for an internal audit – knowing what you face and being prepared puts you a step ahead.  Review this checklist which covers the majority of the QMS requirements.

1)  Who or what are the:

  • Processes
  • Process Owner
  • Personnel Interviewed
  • Documentation Reviewed
  • Records Sighted

2)  What are the resources needed for the process?

3)  Are these resources appropriate?

4)  Are authorities and responsibilities for required resources defined, documented and known

throughout the organization?

5)  Are these persons competent?

6)  Are competency criteria defined? What are these criteria? How is competency evaluated,

approved and monitored, and by which method(s)?

8)  Are these methods effective? – refer to outputs

9)  Are the resources adequate? Which are they?

10) Are records available and appropriately maintained?

11) What are the inputs to this process?

12) Are these inputs documented and reviewed by competent persons?

13) Is a description of the processes available and documented?

14) Are these descriptions controlled? – Verify the effectiveness of the organization’s

documented information control procedure.

15) Who are the “customers” (internal and external) of the processes?

What are the requirements of these customers?

17) What are the characteristics of the intended results of the process?

18) What are the characteristics of the unintended results of the process?

19) Are correction and corrective action applied as appropriate?

20) What are the criteria for monitoring, measurement and analysis?

21) How are these criteria incorporated into the planning of the processes?

22) Are the business performance issues taken into proper account?

23) What methods are used for data gathering?

24) What records are kept and how these are maintained?

25) What are the communication channels?

26) How is external and internal information about the process provided?

What are the outputs of the process? – Identify outputs.

28) Do these outputs provide evidence of effective implementation of the process?

29) How is process performance monitored?

30) Are appropriate controls defined?

31) What measurements are applied?

32) How is the gathered information analyzed?

33) How are the results of the analysis taken into account?

34) How is feedback obtained?

35) What data is collected?

36) Is the issue of improvement of the processes properly addressed? How?

What are the results?

 

Source:  Eagle Certification Group – 2017 Annual Bootcamp/Conference

SimpleQuE offers free sample manufacturing process audit checklists for AS9100, ISO 9001 and IATF 16949 which can be used as an example to examine a company’s key manufacturing process and prepare your company for the highest quality internal auditing possible.

Links to Sample Manufacturing Process Audit Checklists:

IATF 16949 Checklist

AS9100 Checklist

ISO 9001 Checklist

Sign Up For Our Newsletter

Benefits of ISO 14001:2015

A total of 319,324 certificates were issued to ISO 14001 (including 947 issued to the 2015 version), up from 8% last year. Organizations using ISO 14001 have found success across a range of areas, including:

  • Reduced energy and water consumption
  • A more systematic approach to legal compliance
  • Improved overall environmental performance

See more of what ISO 14001:2015 can do for your business in the infographic below

SQ_Infographic_BenefitsOfISO14001

4 Aspects of a Better Business With ISO 9001

success and winning concept - happy business team celebrating victory in office

Successful business leaders know that a good quality management system results in overall efficiency and improvement for the organization.  However, when there is a lack of consistent processes, inefficiency is inevitable.  Without uniformity, audit trails or accountability, it is difficult to identify and fix the gaps in the system, which can result in loss of time and money and not meeting performance objectives. Continue reading “4 Aspects of a Better Business With ISO 9001”

What leadership should know before coming face-to-face with a certification body auditor – by Jim Lee

Quality Managers should be happy about the new leadership and top management requirements in ISO 9001:2015.  It is now a requirement that the quality system be aligned with the company’s strategic direction; and the certification body auditors will be scrutinizing the company’s leadership for their involvement and support, beyond the management review meetings and establishing goals that support the quality policy. Those companies where the entire quality management system is placed solely on the quality manager are the ones that will feel the changes when the certification body auditors want to schedule time to talk with the executive team.

“Leadership” is one of the 7 quality management principles on which ISO 9001 is based and has been since the beginning of ISO. It’s now more enhanced with the phrases “top management” or “leadership” referenced 16 times, including Clause #5 titled “Leadership”.  Leadership at a variety of levels in the company should provide unity of purpose and direction, helping the company align its strategies, policies, processes and resources to achieve its goals. That’s a good quality system, and good business.

The company’s strategic direction (written or not) needs to encompass the quality management system.  This is accomplished through the new layout and requirements of the ISO 9001 standard for understanding context, the needs and expectations of interested parties, establishing the processes, setting the quality policy and establishing the objectives.  Are these really new requirements?  Maybe not, but there’s definitely more substance in the requirements to have top management involved and committed, and the quality system supported in the company’s strategic direction.

How will the third party auditors evaluate this when there are no requirements for a documented strategic plan, or a written context of the business, or documentation of who the interested parties are, or for managing risks? The auditors are going to have to talk to a lot of the management team to get a clear and reliable representation.  I wouldn’t be surprised if some auditors to set an agenda item to meet with the leadership team. They’ll want to see that the leadership is committed and connected to what’s happening in the business and whether the key processes of the quality management system are effective in meeting objectives. If not, then they’ll want to know that management is aware and taking actions to try to turn things around. They’ll want to learn where the risks exist and what’s being done about them, and how the leadership promotes risk-based thinking.

The hard part for the certification body auditors will be that some of them will have difficulty auditing when no documentation is required. That’s why your company needs a consistent and clear story when documentation doesn’t exist.

The majority of companies are already compliant with these requirements, but the leadership will be the ones that will have to answer third-party auditor questions to defend and justify what they’re doing.  As long as the leadership in your company is aware of the ISO expectations and can relate what your business does in answering the auditor’s questions, you will do fine.  I believe this will be the challenge for most of the executives who won’t know how to take credit for what they already do to satisfy ISO requirements, or don’t understand the auditor’s questions from ISO as it relates to their business.

Educating the leadership and helping them understand the new requirements and how you already comply will help them be able to speak the right message when asked about context, interested parties, risk-based thinking, or strategic direction.

Jim Lee is President of simpleQuE Inc., an ISO 9001:2015 certified company. SimpleQuE is a medium-sized  consulting, training and auditing company of quality management systems with a focus on “quality excellence made simple”.  Jim is an IRCA certified QMS lead auditor, a former IATF certified ISO/TS 16949 auditor, and a former RABQSA certified Aerospace Auditor and has performed 3rd party audits in the past.