ISO 9001 Lead Auditor Training

Module 3   ISO 9001 Quality Management System Audits

3.1 What is an ISO 9001 Quality Management System Audit?

An audit is a systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled.

Audits are structured and formal evaluations. The term systematic means the company must plan and document its system for auditing. It must have management support and resources behind it.

ISO 9001 Auditor Training - Audits must be performed in an impartial manner, which requires auditors to have freedom from bias or other influences that could affect their objectivity. For example, having responsibility for the work, or a vested interest or shares in a supplier or third party company they are assigned to audit, would be conflicts of interest.
 
Internal audits must be carried out to a documented procedure according to clause 8.2.2 of ISO 9001. The procedure must address the responsibilities for conducting the audits, ensuring independence, recording results, and reporting to management. All of these topics will be covered in thsi ISO 9000 Lead Auditor Training.

Audits obtain objective evidence of conformity with requirements. The evidence must be based on fact and may be obtained through observation, measurement, test, or by other means.

Evaluating the extent to which audit criteria are fulfilled involves an assessment of both implementation and effectiveness. Is the organization practicing what it described in its documentation? Are the practices being carried out well? The presence of nonconformities in a department or process may indicate the system is ineffective for those areas. These issues will be addressed in later pages of this ISO 9001 Lead Auditor training Course.

3.2  ISO 9001 Audit Objectives
Always establish the objectives of the audit. Audit objectives are not limited to the ISO 9001 standard. Clear audit objectives help determine the scope and depth of the audit, as well as, the resources needed. Being clear on the objectives provides focus and helps the auditor from being distracted and going off on unnecessary detours beyond the scope of the audit.

Audit objectives include:
• Evaluating conformity of documentation to ISO 9001
• Judging conformity of implementation to documentation
• Determining effectiveness in meeting requirements and objectives
• Meeting any contractual or regulatory requirements for auditing
• Providing an opportunity to improve the quality management system
• Permitting registration and inclusion in a list of registered companies
• Qualifying potential suppliers

ISO 9000 Lead Auditor Training - Certification Audit Stages

The stage 1 readiness audit includes a documentation review (or audit of intent) compares the quality management system documentation to the ISO 9001 standard. If an auditee does not have a documented system for a required part of ISO 9001, a nonconformity is issued.

At the stage 2 audit the auditor must then establish the extent to which that intent has been put into practice, in other words, implemented. Next, and equally important, the audit must assess and evaluate whether the practice is effective in achieving the defined objectives.

ISO 9001 Auditor Training - This (implementation) and (effectiveness) stage is the active part of the audit where the auditor checks practices against the documentation. This is commonly termed the conformity audit. If a procedure states that a process will operate in a particular way, and the auditor finds that the process is operating in another way, then the nonconformity will be issued against the procedure. Since the overall assessment is against the Standard, the relevant clause of ISO 9001 will also be referenced.

Contract Requirements: The requirements placed on one organization by another take priority and such requirements may be considered during an audit.

Regulatory Requirements: These requirements are mandatory and cannot be avoided by contract or any other means. The requirements are audited only to the extent that the organization has evidence to show compliance. The external quality systems auditor does not do an in-depth audit of such requirements.
 
Quality Management System Improvements: Audits generally uncover weaknesses in the system requiring corrective action. However, there may be several areas where controls may be barely adequate, leaving plenty of opportunity for improvement. These opportunities may come to light during the audit or may be pointed out by the auditee. Management must be made aware of all such opportunities so that decisions may be made to take appropriate actions if warranted to improve the system.

ISO 9000 Training - Many companies either because of contractual requirements, or for performance improvements, pursue quality system registration. The consequence of successful registration leads to the Registrar listing the company on a Register of Certified Companies. This register is made available to the public as a reference for sourcing of registered suppliers and for purchasing decisions. Thus, registration may provide a competitive edge for many companies.

Although not a mandatory requirement, many companies choose to audit their suppliers as a basis for qualifying them as an approved source of supply. This may be done by the company itself or may be subcontracted to a consultant.

"Understanding ISO 9001" provides a detailed explanation of each ISO 9001 clause (requirements).

ISO 9001 FAQ provides answers to commonly asked questions about the ISO 9000 family of quality management standards.