Internal Audits

Question

If 2nd or 3rd party performs full system audit on my QMS, can it be used as to satisfy requirement for Internal Audit of that year?

Answer

Thank you for sending your question to ASQ’s Ask The Experts program.

My first response to your question would simply be, no you cannot use a 2nd or 3rd party audit to satisfy the requirement for Internal Audits.

The thing to consider is, who will the final Audit Report go to? That is, who is the customer?  An Internal Audit is conducted to your QMS and to your criteria. The final report would generally be directed to senior management.

A second or third party audit is most often performed by a customer or by a registrar. They would be guided by different criteria. A customer audit would not be of your entire QMS or give evidence of its overall efficacy. It would be inspired by what would be pertinent to the product or service you provide to them. A registrar audit would be to verify your facility’s compliance to standards but not necessarily the entire QMS.

You can see how this would be leading down a path one wouldn’t want to follow.  Therefore, Internal Audits should remain . . . internal.

Bud Salsbury, CQT, CQI

Quality Assurance Manager

bsalsbury@takcomfg.com

Ph: (715) 339-2049 Ext.17

www.takcomfg.com

Posted in Auditing | Tagged , | 2 Comments

Sample Size

Question

If we have a lot size of 27 and we are using a normal inspection level II with an AQL of 2.5. What is the sample size?
Answer

Assuming an attribute is being measured, we use ANSI ASQ Z1.4.2013 to find the sample size.

Given a lot size of 27 we first find in Table I. Sample Size Code Letter that Code letter D represents the sampling plan code letter for lot sizes between 26 and 50 for normal sampling (General Inspection Level II).

The move to Table II-A Single sampling plans for normal inspection to find the row for code letter D and under column for ASQ 2.5 find an up arrow. This indicates that we should use the code letter C which suggests a sampling plan of 5 samples and accept the lot if there are zero defect and reject the lot with one or more rejects.

Hope that helps.

Cheers,

Fred

Fred Schenkelberg
Reliability Engineering and Management Consultant
FMS Reliability
(408) 710-8248
fms@fmsreliability.com
www.fmsreliability.com
@fmsreliability

Posted in Z1.4 & Z1.9 - Sampling | Tagged | Leave a comment

Risk Based Thinking in ISO FDIS 9001:2015

Question

In 0.3.3 Clause of the standard – it is said that “A positive deviation of the risk can provide an opportunity, but not all positive effects of risk result in opportunities.”  Can you please clarify this statement?

Answer

Thanks for contacting ASQ’s Ask the Experts program.  Good question! As mentioned, ISO FDIS 9001:2015, Clause 0.3.3, which states, “A positive deviation of the risk can provide an opportunity, but not all positive effects of risk result in opportunities”.

In my opinion, this highlights an important point.  That is, not every positive deviation or change of a risk will include opportunity.  Consider the recent changes that have occurred in the Oil and Gas industry.  When the demand for crude oil was high, the availability of various materials and services providers was low, and prices were high.  This situation (availability of materials, services providers and costs) may have been identified as a supply chain risk.

However, the oversupply of crude oil drove prices down.  Crude oil production has dropped to stabilize pricing at the pumps.  This positive deviation of risk has provided an opportunity to crude oil producers, which includes the improved availability of materials, greater selection of services providers as well as more competitive pricing.  So dependent upon where you sit, this deviation of risk may be considered a negative that has decreased product demand and lowered pricing or a positive that has lowered consumer pricing and increased availability.

Consider companies that are providers of upstream services to crude oil producers.  Their risk based thinking may have identified the supply of qualified personnel to perform upstream servicing as a risk.  The decrease in demand for upstream services has increased the pool of qualified personnel.  However, this positive deviation of risk does not represent an opportunity.  The scenarios mentioned above are basic and intended to highlight the point of ISO FDIS 9001:2015, Clause 0.3.3.  There are far more dynamics that should be considered when assessing the deviation of risk versus opportunity.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Kingwood, TX 77339
Office: (281) 359-ATCS (2827) or Toll Free: (888) 968-9891
Website: www.astontechconsult.com

Posted in ISO 9001 - Quality Management Systems | Tagged | Leave a comment

Internal Audits

Question

Can the Management Representative be part of the internal auditor team?

Answer

Thank you for contacting ASQ’s Ask the Experts program.  Concerning your question, ISO 9001:2008, clause 8.2.2, only prohibits persons from auditing their own work.  So provided that the Management representative is assigned to audit processes that are outside his/her work responsibilities, there is no other restriction in with regard.   ISO 19011:2011,clause 4.0, “Principals of auditing” as well as clause 6.3.3, “Assigning work to the audit team”, should be reviewed for additional insight and understanding.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Kingwood, TX 77339
Office: (281) 359-ATCS (2827) or Toll Free: (888) 968-9891
Website: www.astontechconsult.com

Posted in Auditing, ISO 19011 - Auditing | Tagged | 1 Comment

Approved Supplier List

Question

I would like to know how supplier status in the Approved Supplier List (ASL) should be managed so that there is complete traceabilty.  For instance, a vendor status is changed from approved to not approved in the ASL for reasons other than substandard performance which is documented in an audit report, how should QA document such change to ensure that these changes are tracked. Could QA make changes in the ASL without notifying the Purchasing Department and without any documentation?

Answer

Thanks for contacting ASQ’s Ask the Experts program.  Concerning your questions, about supplier status traceability, and ASL management, the following response is provided.

Dependent on the number of suppliers involved and the availability resources, an organization may choose to utilize a single or combination of methods to monitor supplier performance and supplier status.  These methods may range from using an MS Word or Excel spreadsheet, Access database to a multi-user database.

As you are aware, ISO 9001:2008, Clause 7.4.1, requires the organization to establish criteria for selection, evaluation and re-evaluation of suppliers.  This clause also requires records of results of evaluations to be maintained.  This includes any necessary actions taken as a consequence of the evaluations conducted, such as the removal of a supplier from the ASL or changed approval status.

ISO 9001:2008 does not limit a company’s ability to remove a supplier from the ASL.  This is an internal decision based on the company’s established criteria.  So there could be various reasons for removing a supplier from the ASL.  Likewise, with changing a supplier’s status from pending, approved to not approved.  As mentioned, ISO 9001:2008, Clause 7.4.1, requires records of supplier evaluations to be maintained, and any actions taken as a result of the evaluation to be retained.

The a primary purpose of the ASL is to ensure the placement of purchase orders or contracts are limited to those suppliers that meet the company’s established criteria for supplier selection, evaluation, and re-evaluation.  For this reason, Purchasing must be included in any changes made that may affect their use of the ASL.

Generally speaking, Purchasing is responsible for maintaining and updating the ASL, which includes ensuring the current status of suppliers of products and services are identified.   The company’s internal audit process is typically used to assess Purchasing’s conformance with established criteria for supply chain management.

In summary, I would not recommend that changes be made to any QMS process without the involvement of the QMS process owner and management as applicable.  ISO 9001:2008, Clause 5.4.2, sub b., requires top management to ensure that the integrity of the QMS is maintained when changes are planned and implemented.  If changes are made to the ASL, Purchasing should certainly be involved.

I hope this helps.

Best regards,

Bill

Bill Aston, Managing Director
Aston Technical Consulting Services, LLC
Kingwood, TX 77339
Office: (281) 359-ATCS (2827) or Toll Free: (888) 968-9891
Website: www.astontechconsult.com

Posted in Other | Tagged | Leave a comment

Auditor’s Responsibilities

Question

Is it an auditor’s responsibility to seek the “root cause” while conducting an audit?

Answer

An auditor should not seek the root cause for an audit finding. An auditor’s responsibility is to verify compliance with a requirement (e.g. ISO 9001 standard) and determine if there is compliance with the requirement or not. In doing so, there is objectivity in making that assessment.

If an auditor determines the root cause, it introduces subjectivity and potential conflict of interest to the audit process and in correcting an issue. In addition, the auditor may not have the full information about the issue thus the “root cause determined by the auditor” may not correct the non-compliance to the requirement.

Best Regards,

Dilip

Dilip A. Shah ASQ Fellow, ASQ-CQE, CQA, CCT,
President, E = mc3 Solutions,
Technical Director, Sapphire Proficiency Testing Services
Past Chair, ASQ Measurement Quality Division (2012-2013)
Past Member of the A2LA Board of Directors (2006-2014)
Tel: 330-328-4400
Fax: 1-888-226-9533
E-mail: emc3solu@aol.com

Posted in Auditing | Tagged | Leave a comment

TS16949, ISO9001

Question

Our company designs and manufactures commercial and automotive semiconductor products. We used to maintain dual certification (ISO9001 and TS16949) for all of our manufacturing and assembly locations, but recently dropped the ISO9001 certification.  My questions are as follows:

1) If we manufacture automotive and non automotive products in the same location “site”, without dedicated separation, does the TS certification eligibility apply to the entire site?

2) Can we include the non automotive design RSLs in the TS16949 certificate scope, or would we need a separate ISO9001 certificate to cover those activities?

Answer

Thank you for your question.   Yes, TS 16949 requirements would apply to all of your “automotive” processes whether they produce/support only automotive products or not.   This is actually the way you’d want to do it:  it would be more complicated to try to have two systems for automotive and non-automotive products.    If you have only one certification, the scope of your audits would have to be your whole product line, and not just your automotive products.

The answer to your second question is again related to the scope of your registration.   If you are not design-responsible for the automotive side of your business there is a risk that your TS 16949 audits (internal and external) do not include your design function.    If you want your design activity in scope, work with your registrar to roll it into your scope of registration.  Understand that if you do it that way, your non-automotive design would be subject to all of the additional 7.3 controls listed in TS 16949.  Although you should be able to cover it under one registration, It will be up to them if they want you to split it out into a separate ISO 9001 registration.  The impact of that difference should be minimal.

Please let us know if you have any follow-up questions related to this answer.

Denis

Denis J. Devos, P.Eng
A Fellow of the American Society for Quality
Devos Associates Inc.
(519) 476-8951
www.DevosAssociates.com

Posted in ISO 9001 - Quality Management Systems, TS16949 - Automobiles