1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

7.2.3 Internal auditor competence

Discussion in 'IATF 16949:2016 - Automotive Quality Systems' started by Diego_99atv, Sep 8, 2020.

  1. Diego_99atv

    Diego_99atv Member

    May 19, 2020
    Likes Received:
    Trophy Points:
    Hello Everyone

    i need your help!

    Maybe it is really obvious but i would like to know how you covered the next IATF Clause:

    7.2.3 Internal auditor competency

    The organization shall have a documented process(es) to verify that internal auditors are competent, taking into account any customer-specific requirements. For additional guidance on auditor competencies, refer to ISO 19011. The organization shall maintain a list of qualified internal auditors.
    I Quality management system auditors, manufacturing process auditors, and product auditors shall all be able to demonstrate the following minimum competencies:

    a) understanding of the automotive process approach for auditing, including risk-based thinking; b) understanding of applicable customer-specific requirements;

    *The risk based in thinking is include on the IATF training?
    *we sould train our auditors and personal on our Costumer specific requirments?

    we have costumers like Paccar, Volvo and Daimler, we have their Manuals, so our Training department must let our audiotrs know about each CSR Manual of our 3 costumers? or who should be the person in charge of this training?

    *what is the best way to perform the training? is like only let them know each point of the Manual or something?

    the next is one clause of a costumer Manual
    Suppliers are responsible for selecting manufacturing processes and maintain tooling that establish a stable and capable process to support PACCAR’s zero defect quality target.

    Each auditor must know about this specific requirment?

    Thanks for your help!
  2. John C. Abnet

    John C. Abnet Well-Known Member

    May 23, 2017
    Likes Received:
    Trophy Points:
    Upper Midwest- USA
    Good day @Diego_99atv ;

    Is your organization currently IATF 16949 certified? If so, how did/does your organization address this requirement previously?

    Competence is simply defined as "ability to apply knowledge and skills to achieve intended results" (ISO 9000:2015 3.10.4)

    Are your auditors able to do this in the context of...
    a) understanding ...process approach?
    - risk based thinking?
    b) applicable customer requirements?

    Is there a documented processes that defines how your organization verifies the above?

    Training is likely a good step, and likely necessary, but "competence" does not equal "training". The oft used example is a driving license/certificate. Many people have been trained and carry a driving license, but are not competent drivers.

    An auditor should know if a CSR exists (specific to a processed he/she is auditing), and how to verify that the process is addressing that CSR. If I were auditing the auditor, I would ask them if CSR exist. How would they know if it exists? How do they know what the specific CRS(s) is/are? How do they confirm if the CSR is being addressed in the process(es) being audited?

    An auditor should be also able to explain a process (pretty basic stuff here) and potential risks associated with a processed he/she is auditing. (Don't overthink this...pretty basic)

    Instead of thinking in the terms of "we can prove our auditors have been trained", think in the terms of evidence of competence.
    i.e. "our auditors have audited "x" processes and there is evidence that those processes are '...achieving the intended results' ".

    Hope this helps.
    Be well.
    Diego_99atv likes this.
  3. Andy Nichols

    Andy Nichols Moderator Staff Member

    Jul 30, 2015
    Likes Received:
    Trophy Points:
    In the "Rust Belt"
    This isn't defined anywhere. It is what you say it is. It might be all kinds of things about what is the risk of something out of spec getting to the customer. If a gauge isn't recalled on the recall date, is that a risk? If you have some form which isn't to the latest revision, is that a risk?
    Diego_99atv likes this.

Share This Page