Q: We will be audited by a different firm soon to ISO 9001:2008 Quality management systems–Requirements, and I am noticing differences compared to our former auditors.
At the closing of an annual surveillance audit for a three-year certificate if a non-conformance is issued at the closing meeting, what is the expectation of response for:
1. Minor non-conformances
2. Major non-conformances
How many days are expected for the initial response for each?
How many times during the next 12 months should we expect the auditor to come back to the site to verify corrective action for each?
A: Regarding your question about response times for corrective actions, please note the following.
ISO 9001:2008 clause 8.2, Internal audits, does not specify or prescribe any time limits. ISO 9001:2008, clause 8.2.2, only requires the management for the responsible area (process owner) to take corrective action without undue delay. No time limit is identified.
With regard to audit follow up visits — this is strictly dependent upon the registrar or other auditing body. Some auditing bodies will follow up on closed CARs during their next scheduled surveillance audit. This allows enough time to past to evaluate the effectiveness of the corrective action taken.
In most cases, the auditee is required to complete the CAR identifying the root cause and the corrective actions taken to prevent a reoccurrence.
This information is assessed by the auditing body to confirm that a root cause was identified and that action taken match the root cause. This is normally done in the form of a desk review.
Due to the costs involved and other logistics, rarely will any auditing body want to come out to verify each corrective action taken. This is usually something for the internal audit staff to perform as a part of their audit activities.
I hope this helps.
Bill Aston
ASQ Senior Member
Managing Director of Aston Technical Consulting Services
Kingwood, TX
www.astontechconsult.com
For more information on this topic, please visit ASQ’s website.