Q: I believe that the vision and mission statements for an organization certified to ISO/TS 16949 are its quality policy and quality objectives, respectively, so there is no need to define vision and mission separately again. Am I correct?
Chennai, Tamil Nadu, India
A: ISO/TS 16949 is a technical specification that contains quality management system requirements specific to the automotive sector. It is based on ISO 9001, therefore it defaults to the ISO 9000 definitions of general terms, such as vision, mission, quality policy and quality objectives.
Vision and mission statements are not ISO/TS 16949-specified requirements. Further, they are not equivalent terms to quality policy or objectives, both of which are ISO/TS 16949-specified requirements. Vision (clause 3.4.10), mission (clause 3.4.11), quality policy (clause 3.4.9), objectives (clause 3.7.1) and quality objectives (clause 3.7.2) are all defined in the draft international standard of ISO 9000:2015.
Vision is what the organization aspires to become while mission is the purpose statement of the organization. These items are defined by top management. An objective is a result to be achieved, while quality objectives are results to be achieved specifically related to quality.
Director of standards and consulting
Omnex Engineering and Management
Ann Arbor, MI
Postponing an audit
Q: If a force majeure event (an event that cannot be anticipated or controlled) affects an organization during the time that the annual surveillance audit was to be done, can the surveillance audit be postponed until after the conclusion of the force majeure period without losing ISO 9001 certification? Will it result in a certificate lapse rectified with passing the rescheduled surveillance audit loss, or loss of certification—requiring the next audit to be a certification audit instead of a surveillance audit? Or is it up to the registrar? In this case, assume the surveillance schedule delay is three months or less, and the organization has an excellent International Organization for Standardization audit track record.
A: With regard to the frequency of surveillance audits as well as deferral of an audit as a result of force majeure, it’s important to know that all reputable registrars or certification bodies (CB) are accredited by an accreditation body (AB) such as ANSI-ASQ National Accreditation Board (ANAB). This is intended to ensure a consistent approach for issuance of certifications by CBs.
To maintain certification, the CB may conduct periodic surveillance audits. Registered or certified organizations must be recertified every three years or prior to the expiration date listed on their certification certificate.
Surveillance audits are conducted by the registrar to verify the organization’s continued implementation of ISO 9001 as well as the improvement of the effectiveness of its quality management system (QMS). Registrars may increase or decrease the frequency of surveillance audits based on the maturity level of the organization’s QMS.
For this reason, the frequencies at which surveillance audits are conducted may vary, but are usually scheduled annually. Other situations that may affect actual frequency of surveillance audits may be the availability of auditors or, possibly, unusual situations being experienced by the auditee or organization.
As previously mentioned, recertification audits are required to be conducted every three years. A registrar typically does not have the authority to extend any organization’s ISO 9001 certification beyond the expiration date as shown on the certificate.
I would suggest that the certification contract agreement between your organization and the registrar be reviewed to determine how conditions of force majeure are to be addressed. This review should be followed up with a discussion with the registrar to ensure there will be no impact on your organization’s existing QMS certification.
For more information about surveillance audits and other information regarding CBs, review the International Accreditation Forum (IAF) guidance document "Application of ISO/IEC Guide 65:1996, Issue 3 (IAF GD 2006)." A copy of this document can be downloaded at www.iaf.nu.
Managing director, Aston Technical
Consulting Services LLC
Role of an audit observer
Q: One of our customers wants to participate as an observer in an upcoming audit. I’ve not been able to find much information about the role of observers—what they can and cannot do. For instance, I assume they cannot ask questions during the audit interview process. Is there an appropriate checklist for observers to follow—a list of do’s and don’ts?
A: While there isn’t a standard checklist of do’s and don’ts to reference, keep these rules in mind:
The auditors should be notified of a presence of the observer in advance. Depending on the type of audit, there are times where this may not be allowed.
The customer should sign a confidentiality agreement on not disclosing any information outside the audit process. The rules should be established as part of this confidentiality agreement.
An observer (customer) may not engage in any part of the audit.
The observer may not interfere in any aspect of the audit (may not provide opinions, argue a finding, speak for or against a finding or use the audit information for a future punitive measure).
If questioned during the audit, the observer should explain the role as an observer. Ideally, this should be brought to the attention of the auditor in advance.
These basic rules ensure that the audit is not compromised in any way and the customer’s request to witness the audit is conducted in a professional manner.
Dilip A. Shah
E = mc3 Solutions