ISO 9000:2000 Update

One of the changes in 9K2K [ISO 9000:2000] is the formal addition of training effectiveness.  In 9K1994, this was implied through qualifying individuals based on training. If training qualified them, how do you know they were competent? In 9K2K, clause 6.2.1 replaces the term qualified with competent. Clause 6.2.2 c) Competence, awareness and training goes even farther, requiring organizations to evaluate the effectiveness of actions or training. This closes the gap. Now, you will have to show how you measure competence and how you evaluate training effectiveness.

top of page

Featured Book of the Month:

Title: Management Audits: The Assessment of Quality Management Systems
Author: Allan J. Sayle
Publisher: American Society for Quality
Notes: Book has received excellent reviews from acknowledged experts. Recommended by American Society for Quality's Quality Audit Division's newsletter, Vista, as "the definitive text". Includes Value-added audits, audits in cyberspce and much more.

No Picture Available!

You can order this book from internal-auditor.com at: http://www.internal-auditor.com/books.htm

Auditor Training

Opening Meetings

The audit is scheduled, the auditee was notified well in advance, and the time for the audit is at hand. How does the audit begin? You could just show up and start poking around, but that could lead to a political nightmare. Instead you need an agreed upon method to formally start the auditing process. This method is called the opening meeting, although it may also be called the kick-off meeting, or the start of work (sow) meeting. The name is relatively unimportant, provided all parties know the meaning. Opening meetings are not required by the standard, but from a practical standpoint, it is near impossible to have a successful audit without some type of opening meeting. Opening meetings have no required structure, although they generally come in two variations:

• Formal
• Informal

Formal

In most 2^nd party audits (customer auditing supplier), and all 3^rd party audits (registration/surveillance), opening meetings are formal in nature. They occur in the boardroom, or a conference room, or some other location that is remote enough to protect from interruptions. These meetings are characterized by a fixed, pre-printed agenda. They normally include a sign-in sheet to record attendance, and meeting minutes are kept. The formality is required for several reasons. First, the auditee(s) and the auditor(s) probably do not know each other. Secondly, the auditor is probably not familiar with the facility, the processes and the QMS. Thirdly, there are specific goals than need to be accomplished. Some of the items that might need clarification (these would be points of the agenda) are:

• Description of Audit Scope and Purpose

The auditor briefly describes the purpose and scope of the audit. For example, is the audit based on a requirement, such as 4.2.3 Control of documents (formally 4.5), or is an activity being audited for multiple requirements.

• Introduction/Interfaces/Attendance

The audit team introduces itself, followed by the auditee team. This is so the interfaces can connect [who is auditing receiving, and who from receiving is being audited]. An attendance roster is usually circulated for record keeping.

• Audit Methods

The audit team reviews the various methods of evidence gathering they will be using. This is solely for the auditee’s benefit. A review of what “objective evidence” is can also be helpful.

• Quality System Verification

Although this step appears to be a “no brainer”, you would not believe how many audits run into problems because the auditee and the auditor are using separate standards and/or checklists.

• Audit Target Activity Status Verification

This is for the auditor’s sake. The auditee needs to make clear the status of the activity to be audited. Is the activity in operations, or is it down? Is it running a “hot” or expedited job?

• Audit Agenda/Schedule

The audit team reviews the audit agenda and the audit schedule. Make sure everyone knows when, and where the closing meeting will take place.

• Audit Team Resource Requirements

If there is any special requirements the auditors need to be aware of, this is the time to discuss them. Such items as copier/computer, personal protective equipment, meeting rooms etc., need to be verified.

• Clarifications/Answer Questions

Take some time to answer all questions from both auditees and auditors.

A formal opening meeting may take in excess of an hour. The longer the audit time, and the more complex the audit, the longer the opening meeting will tend to be. It may involve the use of overheads, or an electronic presentation. But it doesn’t have to be formal

Informal

Most smaller organizations and smaller audits will have less formal opening meetings. These informal opening meetings are characterized by the auditor meeting the auditee in the area where the audit will take place.

Informal meetings tend to have a couple of drawbacks however. First, they place greater emphasis on pre-audit communication between the auditor and the auditee. Secondly, they informal opening meetings usually occur in the department where the audit will actually occur. This results is greater chances for distractions, particularly noise. Focus may be difficult to maintain.

The primary advantage of an informal meeting is there is a greater chance for the auditee to feel relaxed enough to ask questions that may not occur in a more formalized setting.

To some degree, the key elements of the formal opening meeting still need to be addressed. In particular, the audit objectives and scope. There must be absolutely no question of what will be covered in the audit!

Closing Meetings

Closing meetings are just as important as opening meetings. Whereas our objectives in the opening meeting were to ensure the auditee knew what was to occur, and the audit would hold no surprises, the closing meeting seals that premise.

Closing meetings also can be either formal, or informal. The objective of the closing meeting is to recap the audit findings, and again, answer any questions the auditee may have. The closing meeting must not include any surprises. Any issue addressed during the closing meeting must first have been addressed during the actual audit! Good or bad, right or wrong, the auditee needs to know the audit results as they happen! The closing meeting should do nothing more than confirm and to some extent formalize the audit findings. Some organizations provide the auditee copies of the nonconformances during the closing meetings. Some wait until the audit report is published. Some organizations also use the closing meetings for the auditee to formally rate the performance of the auditor.

Closing meetings also need to inform the auditee what the next step of the process is. Items such as addressing the nonconformances, the publication of the audit report and how to challenge findings of the audit need to be covered. Because of the nature of the closing meeting it is imperative that the meeting be held in an area with minimal to no distractions.

Summary:

Every audit will have some form of opening and closing meeting. The structure, length, formality and attendees of either will vary based on the scope and complexity of the audit. The better job we do in the opening meeting, the better the audit will be. The better job we do in the closing meeting, the easier handling nonconformances and future audits will be. A little advanced planning and upfront work will pay dividends in long-term internal audit effectiveness. Remember, you can never be better than your reputation!

As always...Good Auditing!

top of page

Question and Answers:

Q – We have a really small company and do not see the need for closing meetings. Are they required?

top of page

Internal Auditor Resources:

It is important to keep abreast of what is happening. Usually, that means subscribing to periodicals such as Industry Week. IW has an excellent article on ISO 9000:2000. Although, you might not agree with everything that is said in it, you will certainly think about it. You can read the article at: http://www.industryweek.com/CurrentArticles/Asp/articles.asp?ArticleId=986. Near the top of the page, there is also an opportunity to subscribe. It might be worth it. 

top of page

Observations from the Field:

Back in February, we discussed showing the worth of internal auditing and the QMS. On our Back Page, we are looking at possible measurables to show the true value of the QMS. But what about the auditors? This tip comes in from Plymouth, MI. Auditors should be on the constant look out for ways to improve. One way is to attend Lead Auditor training. Also consider obtaining CQA from ASQ. Of course you should be a member of ASQ, and regularly participate in AQS meeting and events. Prove you are a true professional. Believe it or not, but it will reflect on your regular duties as well. Also, maintain a positive outlook! Show you enjoy your role as internal auditor. Reflect your concern and desire for the good of the departments you audit as well!

top of page

Element Understanding:

8.2.2 internal audit [ISO 9001:2000]

"Selection of auditors and conduct of audits shall ensure objectivity and impartiality of the audit process. Auditors shall not audit their own work." This is a radical change from the 1994 version. Auditors cannot audit their own work. Notice the shall. But also notice it does not say they can't audit their own department. This allows flexibility in extremely small organizations. The key in this section is the first phrase. What is the organization doing to protect the objectivity and impartiality of the audit and auditors? How does the organization ensure the audit and auditors are free from bias? An example, how many of you would feel comfortable with the CEO, or owner as the auditee? Can you audit the person who can fire you in a heartbeat in an unbiased manner?

top of page

Monthly Scenario Explained:

July 2000's question:

During an internal audit, you are interviewing a machine operator to determine if he knows the procedures, and if he follows them. The operator's answers indicate that he does in fact know and follow all the procedures that apply to him. Just as you are starting to thank him for his participation, he responds about an exception to the operational procedures. There is one part that is handled differently from all others. The setup is entirely different, as is the actual operation and the inspection criteria is not the same. It requires a special form, which he shows you a copy of. A review of the procedures indicates that this particular product is not governed by any procedure. When questioned about this, the production manager responds that this part is rarely run, and the specifications are ever changing. Procedures would tie the department down and remove the required flexibility. Besides, she challenges, where are you required to have procedures that cover all your products and operations?

Is this conforming, or non-conforming?

The answer:

top of page

The Back Page:

The past several months, The Back Page has been looking at measurables for QMS. Specifically, those things that help to define our quality system, and how we can grade the effectiveness of the quality system. Every QMS standard, or set of requirements requires top management to evaluate the effectiveness of the quality system. We suggested using the Cause and Effect Diagram components to find categories for measuring. Last month, we began a close look at the "Methods" component of the CAED. We also looked as several possible measurables to indicate the effectiveness of the QMS. A subscriber, who asked not to be identified, offered this bit of additional information. He recommends keeping track of the process changes that result from the internal audits. These become evident when the practice differs from the procedure. In cases where the practice makes more sense, then change the procedure and record the credit for the change to the internal audit. For most of these changes a dollar value can be attached, indicating a "real" savings from the internal audit. A variation of this would during the audit asking operators if they know of a better method of performing their task. Now the audit serves three purposes. First, it is a snapshot in time to determine compliance. Secondarily, it becomes a vehicle for continual improvement, by involving employees. The third benefit is the employees feel like they are part of the process. The danger in this type of auditing is, it might be easy for the auditor to lose sight of the audit scope and objectives. The employees might also lose sight of the audit objectives and might inadvertently work against the auditing process. I would only attempt this auditing technique with fairly mature quality systems, using only experienced auditors. It would also be wise to ensure you have the support of all departments prior to attempting. One last thing on measurables, if you are not completely sure or confident of your choices for measurables, look to those managers who deal with metrics every day. It might be possible that the measurables are already in place. They probably do not have any measurables that relate directly with internal auditing and "Methods", but they have experience looking at and determining what metrics to follow. An added advantage is they will have buy-in to the selected measurables, they will know who is tracking what, and they will have some idea of how they impact the measurement. A QMS needs to be a team effort. Likewise the selection, tracking and analysis of measurables should also be a team effort.

To be continued...

As always...Good auditing!

Copyright notice: internal-auditor.com is fully protected under US and International copyright laws. Copying, or re-transmitting all, or any part of internal-auditor.com is expressly forbidden without prior written consent from Ruth Ellen Carey Communications.
internal-auditor.com is a publication of Ruth Ellen Carey Communications. 

Because this site uses information from many different sources, it must be pointed out that any advice, tips, information, etc., provided should be regarded as opinion and not fact! What works well for one company may be a disaster for another. Also, what one registrar, or auditor may allow, another may not. As always, reflect on what you read, see if it fits into your own quality system, and if it conflicts with your auditor...you've got to make a decision