Quality auditors

Audits and inspections may be carried out by a company s/site s/plant s/project s own staff (for example, self-audit) or by independent persons (for example, corporate auditors, quality assurance department, regulators, customers or third parties). 

Most ISO 9000 registered organizations claim to provide quality products and services, so why should there be so many dissatisfied customers when there are over 270,000 organizations in the world certified to ISO 9001, 9002, or 9003 One of the principal requirements in the standard is for the supplier to establish a quality system as a means of ensuring that product or service meet specified requirements. If an organization s products or services do not meet specified requirements then clearly the system has failed, but the failure is no fault of the standard - it is a fault of the way the standard has been applied and interpreted both by the organizations themselves and by the auditors who determine conformity. If the specified requirements are less than those of the customers, it is inevitable that products will bring dissatisfaction. This realization has, in the case of the automotive industry, led to two distinct needs ... 

In 1991, the Verband der Automobilindustrie e. V. (VDA) published VDA 6.1, Quality Spstem Audit, a questionnaire on quality system evaluation based on DIN EN ISQ 9004. VDA 6 is a series of guides covering the basics for quality audits, auditing, and certification. They were therefore not intended as supplementary requirements to ISQ 9000 but as guides for auditors performing audits of automotive suppliers. Their intention was to improve auditor competency in the industry by providing a uniform interpretation of ISQ 9000 requirements and a common approach to automotive audits. VDA 6.1 has been revised several times and is currently in its fourth edition. There are nine volumes in the series (see Appendix A). 

In order to identify the differences in detail one would have to compare each of the four existing automotive quality system requirement documents with ISO/TS 16949. This is an exercise that forms part of the lATF Auditor Qualification Course and is not duplicated here. However, a summary of the 26 requirements that are additional to those in QS-9000 Third Edition are listed below ... 

In brief, the auditor has to be qualified by lATF to perform the audits and, to be eligible for qualification, the auditor has to be sponsored by an lATF-approved certification body that is subject to witness audits performed by qualified auditors from vehicle manufacturers. Such measures will inevitably improve the quality of certification offered by certification bodies and will be good for the global automotive industry. 

Most certification body auditors who are currently performing audits against one or more of the national automotive quality system requirements (QS-9000, VDA 6, AVSQ, or EAQF) will qualify. To qualify, auditors need to ... 

Existing automotive auditors must have performed at least 15 third party audits to one of the four automotive quality system requirements in the last three years at a minimum of 45 audit days with two of these as a lead auditor. 

The auditor needs to be able to judge when the quality system fails to fulfill its purpose. 

Auditors need to appreciate that suppliers may choose to design a quality system for a purpose other than meeting automotive customer needs. 

In determining whether the policy is understood, auditors should not simply ask What is the quality policy All this will prove is whether the auditee remembers it The standard does not require that everyone knows the policy, only that it be understood. To test understanding therefore, you need to ask, for example ... 

It should be recognized that there is no requirement for auditors to be trained as Lead Assessors or Registered Internal Quality Auditors. Staff need only to be trained sufficient to carry out the task given to them. 

While the plan itself is not auditable by third parties, it may be auditable by second parties i.e. customers. The third party or registrar is entitled to examine the plan to ascertain that it is what it proclaims to be. The particulars are of no concern except those aspects relating to quality, such as the resources, quality objectives, customer satisfaction plans, and performance metrics. Whatever is stated on these aspects, the auditors will expect to see evidence that the business plan is not merely a wish list and that provisions have been made to enable implementation through the quality system. 

There is no requirement for you to state the policies to meet each clause of the standard but many organizations in fact do just this. ISO 9001 requires the manual to cover the requirements of the standard and ISO 10013 gives an example of how this may be done. ISO 10013, however, points you in the direction of producing a quality manual which is structured in the sequence of the key elements of the standard rather than the operations of your business. This is fine for third party auditors but not for your staff, who will probably want to know your policy on some aspect of your operations in order to make a certain decision. This is where you need operational quality policies organized around the operations of the business - such an approach is deemed acceptable in ISO 10013. 

The rules of the scheme require the third party auditors to cover all elements of your system including those that go beyond the standard, if they form part of your quality system. The rationale is that the operations you declare in your quality system are those... 

This requirement should not be necessary, as clause 4.9.1(b) addresses working environment but emphasizes that poor housekeeping and maintenance can affect product quality. For auditors it means that they do not need to find evidence that product has been affected by the working conditions - only prove that the conditions are not appropriate and that product may be affected in due course. 

The definition of nonconformity in ISO 8402 states that it is the nonfulfillment of specified requirements therefore a nonconforming product is one that does not conform to the specified requirements. Specified requirements are either requirements prescribed by the customer and agreed by the supplier in a contract for products or services, or are requirements prescribed by the supplier which are perceived as satisfying a market need. This limits the term nonconformity to situations where you have failed to meet customer requirements. However, ISO 8402 1987 suggests that nonconformity also applies to the absence of one or more quality system elements, but clearly the requirements of clause 4.13 cannot be applied to nonconformity with quality s /stem requirements. Both ISO 9001 and ISO 9004 only address nonconformity in the context of products, processes, and services and when addressing quality system elements the term deficiencies is used. Some auditors use the term nonconformity to describe a departure from the requirements of ISO 9001 but it would be preferable if they chose the term noncompliance to avoid any confusion. The requirements of clause 4.13 therefore only apply to products, processes, and services and not to activities, quality system elements, or procedures. 

Some auditors believe that any document generated or used by the quality system is a quality record and will attempt to apply the requirements of clause 4.16. Whilst it can be argued that any documented output is a record of an activity, the reader is referred to ISO 8402 for a definition of records in the context of the quality system. ISO 8402 states that a record is a document which furnishes objective evidence of activities performed or results achieved. A quality record provides objective evidence of the fulfillment of the requirements for quality (e.g. product quality record) or the effectiveness of the operation of a quality system element (e.g. quality system record). 

By being independent of the audited activities, the auditor is unaware of the pressures, the excuses, the informal instructions handed down and can examine operations objectively without bias and without fear of reprisals. It is for this reason that it was considered appropriate for the auditor to have no direct responsibility for the work being audited i.e. audits carried out by a manager, supervisor, or foreman of his/her own department or section do not qualify as internal quality audits in ISO 9001 1994. However, they will qualify under ISO 9000 2000. 

To ensure their independence, auditors need not be placed in separate organizations. Although it is quite common for quality auditors to reside in a quality department it is by no means essential. There are several solutions to retaining impartiality ... 

Separate independent quality audit departments could be set up, staffed with trained auditors. 

Implementation audits could be carried out by trained line personnel supervised by an experienced quality auditor. 

Audits of practice against procedure or policy should be recorded as they are observed and you can either do this in note form to be written up later or directly onto observation forms especially designed for the purpose. Some auditors prefer to fill in the forms after the audit and others during the audit. The weakness with the former approach is that there may be some dispute as to the facts if presented some time later. It is therefore safer to get the auditee s endorsement to the facts at the time they are observed. In other types of audits there may not be an auditee present. Audits of procedure against policy can be carried out at a desk. You can check whether the documents of the quality system satisfy all the clauses of the standard at a desk without walking around the site, but you can t check whether the system is documented unless you examine the operations in practice. There may be many activities which make the system work that are not documented. 

Train your quality auditors to a defined standard and train sufficient auditors to enable your program to be met. 

An audit carried out to establish whether actual practices conform to the documented quality system also referred to as a conformance auditor compliance audit. 

Guidelines for auditing quality systems - qualification criteria of quality system auditors... 

Documentation is another essential ingredient in all quality systems. It serves as a mantra for auditors and inspectors that ... if it is not documented it does not exist or it never happened . The documentation requirements can be split into two main categories (i) procedures outlining what must be done and (ii) records showing what has been done. 

Even with everything under control, an analyst is well-advised to keep his eyes open so he will have an idea of what artifacts could turn up, and can plan to keep irregularities in check. The list of items in Table 4.44 could turn up in the checklist of any GMP-auditor worth his salt a corresponding observation would probably trigger his suspicion that there might be further weak spots. The table is given here to provide the reader with an idea of the human and technical factors that can influence the quality of results, and to permit a search for examples that fit a certain category. 

The audit also emphasizes the self-regulated nature of the industry and the ideal relationship between the agency and the industry. In theory and effective practice, a biomedical company utilizes its quality assurance (QA) unit (in this case, supplemented by credible Part 11 auditors) to maintain control of safety, effectiveness, and quality. The FDA can then review the quality system (QS) and spot-check the other systems such as laboratory or production for most efficient regulatory oversight. In effect, the QA regulates the company and the FDA regulates the QA. 

J. Patrick McDonnell, B.S.Ph. Senior Compliance Auditor, Department of Biologies Quality Assurance, Fort Dodge Animal Health, Charles City, Iowa... 

The auditors themselves may be obliged to undergo an approval process for independent and high quality work. Since the amendments to REACH are currently on the European political agenda, 2012 would be a convenient time to introduce these three proposals. 

---