ISO 9001 Lead Auditor Training

MODULE 5   Audit Activities
5.6.1 Audit Checklist

THE Checklist defines the Sample. The checklist must, therefore, be as representative as the auditors can make it, bearing in mind the objectives of the audit. Depending on whether the audit is first, second, or third party, the information available to the auditors could comprise:

q Information from previous audits
q Known quality problems
q Management priorities
q Quality Manual
q Procedures and other system documents
q Product/service specifications and information
q Auditor’s own considerations based on experience, knowledge, and preliminary visits
The preparations must advise the auditors how the auditee's system is meant to operate and with what documents.

ISO 9000 Lead Auditor Training - There will be a considerable number of checklists prepared for a large audit; probably one for each department, and where different responsibilities exist within a (large) department, perhaps further checklists for each group.

The word “checklist” has an unfortunate connotation and smacks of ticks and crosses or “yes” and “no” answers. The checklists are not meant to be that at all. It is becoming more popularly known as an “aide memoire”, or memory aid.

In developing suitable checklists, another factor must be considered. Not all audits (1st and 2nd party only) are carried out on organizations with quality manuals and comprehensive formal procedures. Many small companies may operate very well, profitably, and consistently satisfy their customers without extensive quality documentation. In third party situations, the production of a manual that addresses all the applicable ISO 9001 clauses in an acceptable way is a mandatory prerequisite.

Any company, in fact, that stays in business has a quality system. At this stage, you might give thought as to how you would plan the steps to audit an organization that does not have a formal documented system.

Auditors may find it necessary to ask both very broad questions and some of a much more specific nature. The two types of questions indicate two types of checklists: Process criteria checklists and audit checklists.

Process Criteria checklists convert clauses of the standard into questions related to the process characteristics – inputs, outputs, interactions, value added activity, controls etc.

Many of the more detailed questions are those for use on an audit checklist.
It might be reasonable for an auditor to start off with a criteria question in mind, but then select a sample and ask many other questions. It is these other questions that concern this section of the course notes. (Some Registrars have criteria checklists as part of their operating procedures). The style and format of a checklist are at the organization’s (1st and 2nd party audits) discretion. Less experienced auditors are advised to frame in full the points to probe on a checklist, while a more experienced auditor may use key words instead. 

A good guide to the preparation of a checklist is to think in terms of “what to look at”' and “what to look for”. It may be decided to look at documents, records, product, or equipment, and look for approval, completeness, status, and condition.

ISO 9000 Auditor Training - It may be decided to look at the Internal Audit System and look for a statement of its authority, comprehensive coverage of the system, training of auditors, timely action on findings, and follow up. Clarity of mind concerning audit objectives and scope is therefore a must.

The other point made in preparing checklists concerns making the sample representative. How can the auditor do this? There is no simple answer. Always using the same checklist is not to be recommended, although this is widely practiced.

For a given department, the auditor should look to see what is the “mainstream” activity of that process   what is its main function? What are the inputs and outputs, the sequence and interaction with other processes? If a representative sample is to be selected, then it is reasonable to look at what the process spends most of its time doing.

ISO 9000 Training - Therefore, an engineering office process may be mainly preparing drawings and parts lists, a merchandiser in a retail organization may be mainly assessing products and negotiating prices, and a laboratory may be mainly making up standard formulations. If the purpose of the audit is to establish the degree of conformity with specified requirements, then the representative sample on the checklist should reflect these major activities.

However, consider some of the other duties. Engineering personnel may carry out onsite troubleshooting, provide technical advice, prepare sales and service literature, and take technical customer calls. Purchasing agents may also influence outlet stock levels, pricing, display, and safety policy. Laboratories may carry out special studies, development tests, and fault analysis, as well as, provide specialist advice. Perhaps some of these aspects should be considered in the audit and, therefore, be added to the checklist.

There is a further aspect to be considered by the auditor. The systems in any organization are fine when key personnel are there and no one is absent, ill, or on vacation. The systems are fine until some pressure is put onto them, such as: the end of the month rush for invoicing, the major failure of equipment for an important customer, or a flood of warranty claims. What happens when the systems fail? How does the department react to put things right and keep them that way? Perhaps audits in some organizations should look at this aspect and no other!

ISO 9001 Auditor Training - There is, therefore, considerable choice open to the would be auditors. The selection of subjects is up to them. The management and/or team leader may, of course, insist that certain samples are taken, but another team of auditors with the same purpose in mind may make a different selection. Neither is right or wrong. It would be impossible to predefine the sample (though some believe they can).

There is no shortage of material for the auditor to examine. But there are disadvantages with checklists: they can be standardized and stifle any initiative and analysis of the process; they may become nothing more than a tick list. 

If you are interested in taking formal accredited ISO 9001 Lead Auditor training, call me at 905-593-8867 or email me at artjlewis@rogers  to get details of the scheduled dates, locations and cost for the best recognized training course providers. Another option would be to contact some of the training providers listed on this page and see if they offer the accredited ISO 9000 lead auditor course at a time and place you prefer.

Related ISO Lead Auditor Training Resources:
"Understanding ISO 9001" provides a detailed explanation of each ISO 9001 clause (requirements).

ISO 9001 FAQ provides answers to commonly asked questions about the ISO 9000 family of quality management standards.