You have been busy building a Quality Management System that suits your organization based on the requirements of ISO 9001:2015. You have also trained your employees on the newly developed documented information (procedures, work instructions etc.), implemented the new Quality Management System (QMS) throughout your company. It is time now to apply for ISO 9001 certification of your QMS.
The Certifying Body (Registrars) selected by you, will send its auditor/audit team to your premises to find out whether your QMS is effective and determine to what extent it fulfills the requirements of ISO 9001:2015. The auditors will be unbiased and professional. They will look for evidence to determine the extent of compliance. They will check the documented information and verify whether processes are monitored and outcomes fulfill the agreed requirements of the customers and other interested parties. They may select any of the processes for the audit in a random manner.
Auditors may differ in the ways they conduct the audit and the questions they ask you as the auditee (person being audited). But it is always good to prepare for the worst case scenario. Your employees may nervous about facing the external auditor. Mock audit through outside experts may help them gain valuable audit experience.
Employees must very clearly understand:
- latest changes in the customer requirements, processes and controls, regulatory requirements,
- amendments and revisions to documented information,
- effectiveness of corrective action taken on nonconformities found during internal audits (requirements for iso 9001),
- decisions taken at management review meetings,
- how each one of employees is contributing to fulfillment of requirements of customers as well as other interested parties such as regulators,
Auditor’s favorite questions
You should be interested in compiling the audit questions specific to your business processes and requirements of your interested parties (customers etc.). Your friends in other firms which faced similar audits can give information about NCs generated, documents verified and the questions asked by the auditors.
Apart from asking questions, the auditors can verify process controls and outcomes (outputs of goods and services) and observe the work of the employees. They can always cross check your answers, through on the spot verification of facts. Some of the critical question frequently asked by auditors is listed below:
- Have you excluded any clauses of ISO 9001:2015, as not applicable to your QMS? What are your reasons for it?
- How do you ensure consistent outcome, when a new incumbent takes over as operator in charge of the process?
- How did you determine the corrective action required to address the nonconformity? Did you determine root cause of the problem? Was the corrective action applied throughout the organization? Are the issues internal to your organization or external? Have you determined new risks and opportunities, as revealed by the NCs and the actions required to address the issues? Have you reviewed documented information such as procedures on the basis of NCs and changes in expectation of interested parties?
- How do you plan improvement? Do you get inputs from interested parties regarding your improvement plans?
- How does your senior management participate in QMS implementation and monitoring of its effectiveness?
Employees will be able to face the audit confidently when they are well trained and well informed, because the body language of the auditee can reveal a lot of information. The auditor’s NCs and the observations can add value to your company, by enabling it to make improvements in critical areas.