July 13, 2019
As a qualified lead internal auditor, I am going to answer this question from an auditor’s perspective. When I assist clients in preparing for certification audits or their yearly audits, I always say: “If you want a smooth and quick audit, have available all the information to substantiate your conformance to ISO 9001 or IATF16949 or ISO14001. At the same time, you are illustrating to your Registrar that you and your staff fully understand the ISO/IATF standard and your management system requirements.
Note 7.3 clause does NOT include a requirement for “documented information”. Ask yourself how are you going to provide the evidence to the Registrar auditor? Most importantly how is your organization going to ensure employee awareness to the management team. Easy, document your efforts to provide clear audit evidence for both interested parties.
In the past the Registrar would ask your staff if they were aware of a policy. The employee would say “yes” and point to the communication board and then the auditor would move on. That worked in the past but will not work with the updated new standards. The employee must be able to articulate the quality policy (7.3a), relevant objectives (7.3b) and how they contribute to the effectiveness of the quality management system (7.3c), including the benefits of improved quality performance. Lastly, know the implications of a nonconformance and your current NCR/CAR/PA procedure (7.3d).
In part [7.3b] they added the word “relevant” in front of quality objectives, which makes sense since not every person needs to be aware of every quality objective, only those they can impact. In part [7.3c] they want the organization to make people aware of the benefits of their “improved performance” and in part [7.3d] has the flip side by making sure they are aware of the implications of not adhering to your management system/QMS requirements.
Why is awareness important for everyone in your organization to understand? Keep in mind this is your Management system. As a manager or owner, you want to have evidence and assurance that everyone is aware of your system, familiar with your standardized processes and your strategic direction. You want to ensure that proper training was conducted and is effective. How are you ensured that this requirement is being met? Your training records and your training matrix provides the evidence. In the past your Quality Manager was responsible for everything now you need to create a team approach along with your process owners to achieve your organizational objectives and conformance to your ISO or IATF standards.
Would you like another set of eyes to review your system? A third party’s review provides a double check of your conformance. This will provide an independent and objective assessment to management, of where process issues may exist, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy the Internal Audit requirements in the ISO/IATF Standards. You can do this in two different ways; a) MBS can conduct the entire audit or b) MBS can act as the lead auditor along with your team of internal auditor. As a team, we can complete the entire audit together. The team approach allows your auditors to receive additional training and or guidance from an experienced lead auditor while at the same time maintaining significant involvement in the internal audit process. Give us a call if you require a check-up of your management system.