1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Completed Documents

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Garry Chidgey, Jun 16, 2021.

  1. Garry Chidgey

    Garry Chidgey Member

    Joined:
    Dec 13, 2019
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    2
    Apologies if this has come up before.
    What clause/s would you consider a NC against if, during an internal audit, several examples of documented information (records) were found that were incomplete, or not signed off where a sign off was expected?

    Just found it after switching my brain on - apologies - 4.4.2 states that the organisation needs to maintain and retain documented information as required.


    Thanks,
     
    Last edited: Jun 16, 2021
  2. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Hello Garry.

    On the face of it, it might simply be reported as a non-conformity of "not following process/procedure" and could be considered under 7.5.3.2 "retained as evidence of conformity". However, this is a rather superficial report and management are not going to be enlightened as to what or why this occurred. Did you enquire as to why the information was missed? Is it important information? Was extra work necessary to add it later or similar? What is the effect later?
     
    xrat86 likes this.
  3. xrat86

    xrat86 Member

    Joined:
    Mar 31, 2017
    Messages:
    33
    Likes Received:
    5
    Trophy Points:
    7
    Gary,
    I would approach it differently and ask - "was the product, process, or output negatively impacted with the information missing?"; if yes, then like Andy points out there is a need to understand why this occurred and can the process be improved to prevent it from reoccurring. If the answer is no, then I would ask if it (the missing information) is really needed.

    Internal Audits can also challenge the processes for effectiveness and looks for areas to improve them (my words).
     
    Andy Nichols likes this.
  4. Garry Chidgey

    Garry Chidgey Member

    Joined:
    Dec 13, 2019
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    2
    Hi Andy Thanks for your advice. I did look at 7.5.3.2 as well, but discounted it on the fact it states that DI retained as evidence of conformity shall be protected from unintentional alterations. It was filed away and protected from unintentional alterations, but the original user had failed to fill it out correctly in the first place. Of course, the next steps will be to get further details and ascertain root cause and impact etc.
     
  5. Garry Chidgey

    Garry Chidgey Member

    Joined:
    Dec 13, 2019
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    2
    Hi, thanks for this. There was no impact to quality of outputs as such as a result, but it was a higher level requirements to have the DI signed off. The document had been reviewed and approved verbally, but not signed as such. Of course, as i mentioned to Andy, next steps are to find out why.
     
  6. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Yes, indeed! I was looking for something which was close and, on another look, it doesn't have much which comes close to "complete" records. I find the whole "DI" thing very frustrating and a step backwards from procedures and records...
     
  7. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    1,071
    Likes Received:
    722
    Trophy Points:
    112
    Location:
    USA
    Hello Garry,

    We have 4.4.2b)
    but auditors consider that a "weak" clause. 8.1.e is stronger:
    Of course the records need to specifically apply to these clauses. There are other clauses that specifically call for retained documented information. Could you share with us which processes these incomplete records were for?
     
  8. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    TBH, Garry, my belief is that internal audits should rarely (if ever) cite an ISO 9001 requirement (or similar) in non-conformities. Partially, for this very reason of not having a clear statement to "pin" the NC to. Furthermore, most people in our organizations have no clue what ISO states. It's my long-held belief that internal audits should be reporting the situation and anchor the findings to internal QMS requirements. What does your own documentation state viz the need for forms/data to be recorded? maybe there's the true cause...
     
  9. RoxaneB

    RoxaneB Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    926
    Likes Received:
    1,081
    Trophy Points:
    92
    Location:
    Ontario, Canada
    In my experience, the reason for this practice on internal audits is two-fold:

    1. Training by those same companies that do external audits - they train us on how they do audits, not, unfortunately, on how to do internal audits that will add the most value to our organization.
    2. Data analysis - if properly documented, then an organization could talk about trends and patterns in relation to their internal audit findings (e.g., "hey, we're seeing an uptick of findings this year on records controls, with the findings usually focusing on no signoffs". Savvy organizations could use this information to perhaps review (dare I say, improve) their processes (e.g., where records are an output, revisit how these records are generated, controlled, maintained, etc.)
    If that 2nd reason is not properly and fulsomely done, then, yes, I agree, the citing of the ISO 9001 (sub-)clause is unnecessary and just adds noise to the internal audit finding.
     
    John C. Abnet and Andy Nichols like this.
  10. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
  11. John C. Abnet

    John C. Abnet Well-Known Member

    Joined:
    May 23, 2017
    Messages:
    709
    Likes Received:
    510
    Trophy Points:
    92
    Location:
    Upper Midwest- USA
    Adding to the accurate response from @RoxaneB , another potential downside to referencing the ISO clauses is if the internal audits are focused on, and therefore "siloed" within, the clauses instead of a process based approach. This is one of the key reasons the ISO gods introduced the "process approach" in the 2000 version....to stop third party auditors from ignoring the fundamentals of the organization's processes and their interaction with other processes. Internal audits should avoid this pitfall as well in order to provide the most benefit.

    Hope this helps.

    Be well.
     
    Andy Nichols likes this.
  12. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Do we really have to find an ISO Clause to define an NC?

    If according to clause 9.2.1 we have to "conduct internal audits to provide information on whether the QMS conforms to: 1) the organization's own requirements" before mentioning "2) the requirements of this international standard", then it is very well possible that a nonconformity can be set against a relevant internal/external requirement, without the need to refer to a clause in the standard.