1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Pre-evaluation of statutory and regulatory requirements during audit planning

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Daniel Padilla T, May 27, 2019.

  1. Daniel Padilla T

    Daniel Padilla T Member

    Joined:
    Jun 14, 2018
    Messages:
    44
    Likes Received:
    17
    Trophy Points:
    7
    It is a good practice to know what you will be looking for during an external audit in terms of requirements. So, how do you perform your audit planning when considering statutory and regulatory requirements (from an external audit point of view)? Where do you look for the requirements? Do you ask the auditee where you will find this, or you do the research from scratch?
     
  2. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    When you say "external audit" do you mean a supplier audit or Certification Body? It's not only good practice, it's a necessity to become familiar with those requirements. Imagine, for example, doing a food safety audit without knowing the regulations!
     
  3. Daniel Padilla T

    Daniel Padilla T Member

    Joined:
    Jun 14, 2018
    Messages:
    44
    Likes Received:
    17
    Trophy Points:
    7
    I mean certification body.
     
  4. Katrijn

    Katrijn Member

    Joined:
    Apr 4, 2019
    Messages:
    37
    Likes Received:
    16
    Trophy Points:
    7
    I would expect a certification body to know what to audit for!
    And an auditor should be well prepared. There is nothing more annoying than having an external auditor who is wasting everybody's time because he didn't prepare and is doing the required research while sitting in a room with the auditees... (recent experience... it was very frustrating... even to a point where I'm considering changing CB)

    It is not up to the auditee to instruct the auditor. The latter should be some kind of 'expert',even though he is not allowed to give advice or guidance.
     
  5. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Experience shows this is a dangerous situation. With the relationship of CBs and their (mainly) contracted auditors, these days it seems there's a huge gap of knowledge. I'd want to make doubly certain the auditor had half a clue. Being a passive client isn't clever - make certain the auditor knows their stuff BEFORE the audit happens.
     
  6. Daniel Padilla T

    Daniel Padilla T Member

    Joined:
    Jun 14, 2018
    Messages:
    44
    Likes Received:
    17
    Trophy Points:
    7
    How do you do that? Is it allowed to investigate the auditor's background through the Certification Body?
     
  7. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Yes, I was always being asked to facilitate resumes and phone interviews.
     
    Daniel Padilla T likes this.
  8. johnnymo77

    johnnymo77 Active Member

    Joined:
    Sep 1, 2015
    Messages:
    51
    Likes Received:
    16
    Trophy Points:
    7
    Location:
    Niles Michigan
    Section 4.2 expects you to already have have already looked into these requirements. I would do audit planning to make sure I have the latest revisions of these documents, at least.
     
  9. Katrijn

    Katrijn Member

    Joined:
    Apr 4, 2019
    Messages:
    37
    Likes Received:
    16
    Trophy Points:
    7
    Andy,
    when I contracted a CB for the renewal and subsequent annual 9001 and 14001 audits I think I am allowed to expect they will at least remember my (company's) name and the reason why they were invited to show up (on the days the auditor himself had picked)...
    Seemed like expecting them to even know the norms was indeed a bit too much to ask for.

    Our CB doesn't give me a choice in auditors, or even allows me to contact them beforehand.

    They are a well known and respected organisation, but I wonder how that came to be...
    Seems like I would rather work with some unknown, even obscure, CB if they would be better at such things.

    I don't think our clients would see a difference..
    Has anyone ever heard of objections against an ISO 9001 certificate issued by CB's without a 'big name'?