1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

8.2.3.1a Finding Help

Discussion in 'ISO 9001:2015 - Quality Management Systems' started by Travis Dutiel, Jul 9, 2019.

  1. Travis Dutiel

    Travis Dutiel New Member

    Joined:
    Jul 8, 2019
    Messages:
    4
    Likes Received:
    6
    Trophy Points:
    2
    Location:
    Ohio - US
    Good Morning. New to the forum, it seems like there is a lot of great expertise here. I am a pretty new Quality Manager, with 1 year in the position and no previous experience. We recently completed our initial Stage 2 audit for our new implementation of ISO 9001:2015, and had a finding that I am hoping to get some opinions on. Details are:

    8.2.3.1a) The organization shall conduct a review before committing to supply products and services to a customer, to include: a) requirements specified by the customer, including the requirements for delivery and post delivery activities;

    Finding) The review of requirements from customers for delivery is not effective.

    Evidence) A major customer’s PO states that a QC Inspection Certificate is required. This requirement is unknown to the organization and not fulfilled on an order-by-order basis as requested on each PO.


    We have a workflow process in our ERP that is completed for every work order, that documents review of pricing, ability to deliver on time, engineering specifications, and material availability. This process however does not include reviewing fine print, bullet points, and terms and conditions for each PO. We process about 16 new orders per day on average, and having somebody read all the fine print on every order is not really reasonable for us. We have debated marking customers as reviewed once a single review is completed, and only doing an additional review if the customer notifies us that terms have changed, however I'm not sure that meets the intent of the standard. We also debated completing a review on our top 80% of customers and then doing one review as part of new customer set up going forward, but that misses any changes that may happen. Any thoughts or ideas?
     
  2. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    816
    Likes Received:
    402
    Trophy Points:
    62
    This is a "bogus" finding. It's a major customer -- meaning you probably do a lot of business with them long before your ISO dreams. Have they ever asked for the "QC Inspection Certificate" (whatever that is)? I'll bet good money that your customer contacts probably have zero clue that the requirement is even in the PO. At some point, actual customer actions trump the written boilerplate. Unless this was found as part of a customer complaint it's nonsense. You're right -- you are not going to do a full legal review of every term and condition on the back of a PO. I would limit the big review to new customers only -- to make sure they don't slip something funny in their terms. Good luck.
     
    qmr1976, tony s and Travis Dutiel like this.
  3. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Welcome, Travis!

    Sounds like a "gotcha" audit finding. Some CB auditors pride themselves on nitpicking through some arcane technical requirement in the "boiler-plate" of a contract and then pointing out you're not doing it. Did they, for example, check to see if the customer had ever corresponded with your organization - or even complained - about the lack of fulfillment of that obligation? The customer's Quality folks likely don't even know it's in the small print!

    So, you have a couple of options: Reject the finding on the basis that the type/style/format/content of the QC Inspection Certificate was never agreed upon and the customer has never followed up (in how many deliveries?) to ask for it and suggest that the process IS very effective, since you have a process which is delivering on time and with no product complaints (you have that, I hope). Or, you can agree to accept the finding, check with your customer if they DO actually want this and, if not, get a waiver and present that as your corrective action.

    (BTW, I know beauty is in the eye of the beholder, but you don't strike me as being "pretty") :D;)
     
    qmr1976, tony s and Travis Dutiel like this.
  4. Travis Dutiel

    Travis Dutiel New Member

    Joined:
    Jul 8, 2019
    Messages:
    4
    Likes Received:
    6
    Trophy Points:
    2
    Location:
    Ohio - US
    Hahaha, it has been a long time since anyone got me on the "pretty" comment. Well done sir.

    Thank you both for your responses. Hearing from your experience that this is a "gotcha" type of finding makes my feel better about why it is so hard to grasp where our gap is. I think in this case we will likely go with the new customer review to clear the finding, since we have parties that are in a hurry to see our physical certificate, and I can clear it likely much faster than I can complete a dispute. The auditor did ask for evidence that we had discussed this requirement with our customer, which we have not. We have processed thousands of POs with this customer without them ever mentioning it, and I'm sure we have all the evidence we would ever need to dispute it, but I will save that for the next audit.

    Look forward to a lot of fun conversations here in the future.
     
    qmr1976, tony s and Andy Nichols like this.
  5. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Way to go Travis! Be sure to put that "small print" stuff in your review process. It can bite once in a while (I don't mean audit findings)
     
    Travis Dutiel likes this.
  6. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Next time let the CB auditor taste a dose of their own medicine. Try to nitpick on their contract with your organization. Most CBs have infractions on their agreements with their clients (e.g. delay in issuance of certificate, audit plan released on a very short notice, sudden changes on the audit team, submission of audit report beyond the committed timeline, etc.). I'm sure you also use your corrective actions on suppliers. Your CB is a certification service provider.:p
     
    qmr1976 and Travis Dutiel like this.
  7. Travis Dutiel

    Travis Dutiel New Member

    Joined:
    Jul 8, 2019
    Messages:
    4
    Likes Received:
    6
    Trophy Points:
    2
    Location:
    Ohio - US
    I will keep that in mind Tony. These guys have actually done everything well ahead of schedule so far, even supplied the final audit report at the closing meeting of the audit. Overall I am very happy with them, and they seem to be a great fit with us. I'm sure I will get better at arguing the junk findings as my experience grows.

    We do issue SCARs to suppliers when needed, and they are subject to that per our procedures(which they loved by the way), it would feel great to issue a SCAR back to an auditor :D (is it wrong to feel that way haha)
     
    tony s, qmr1976 and Andy Nichols like this.
  8. qmr1976

    qmr1976 Well-Known Member

    Joined:
    Jun 17, 2019
    Messages:
    155
    Likes Received:
    83
    Trophy Points:
    27
    Welcome aboard! You aren't the first and won't be the last to have been issued a lame finding. I have struggled with challenging the auditors as well and you are right, the more you get your feet wet the more comfortable you will feel with standing your ground, so to speak. It's a slippery slope when you do challenge them because you have to sort of pick your battles. Make sure what you're fighting for is worth it in the long run. Goes back to the old adage of 'you may win the battle but lose the war'. They could end up digging deeper and find yet another nonconformance. I am constantly referring back to the standard to make sure I understand what it's requiring, but I still run into issues where it's so vague that it's not always clear what they are looking for. They tell you what they want done, but it's up to you to manage! Very frustrating because I feel like they can write you up for things that aren't legit and you don't have a leg to stand on because the standard is so vague.
     
    etorresg and Travis Dutiel like this.
  9. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    If they do, they must cite a requirement and evidence you don't comply. Anything else is opinion and you can reject it. If you don't feel comfortable understanding the standard, then we can help.
     
    qmr1976, etorresg and Travis Dutiel like this.
  10. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    In case you need to battle with a CB auditor and you are worrying that they might be provoked to find additional NCs, challenge them at the closing meeting after they have presented their audit findings. They can no longer add NCs after they have presented the audit findings. ISO/IEC 17021-1:2015 in section 9.4.7.3 specifies that:
    "The client shall be given opportunity for questions. Any diverging opinions regarding the audit findings or conclusions between the audit team and the client shall be discussed and resolved where possible. Any diverging opinions that are not resolved shall be recorded and referred to the certification body".

    Since the appeals are to be handled by persons different from the auditors (as per 9.7 of ISO/IEC 17021), your organization will have the opportunity to bring to the attention of the CB the lame performance of their auditor.
     
    qmr1976, etorresg and Travis Dutiel like this.