Quality Management System Audits & ISO 9000 Principles

Posted on Oct 13, 2024 in Mathematics

Audit

A systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent of compliance with the audit criteria.

Audit Criteria

A set of policies, procedures, or requirements used as a reference.

Audit Evidence

Records, statements of fact, or any other information relevant to the audit criteria and verifiable.

Comparing “What Is” and “What Should Be”

This comparison allows for:

  • Verifying that activities relating to quality, safety, or environmental management comply with established provisions.
  • Checking the effectiveness of the established system.
  • Identifying areas or opportunities for improvement (internal audit as a tool for improvement).

Types of Audits

System Audit

Verifies the effectiveness of the quality system in the company. It is broader than a process or product audit.

Process Audit

Verifies the effectiveness of the quality system in place in a particular process. The characteristics of a process are: what should be done, who should carry it out, where and what must be done, what materials, equipment and documents are needed, how it should be conducted and recorded. The rigor of the process audit depends on the characteristics and complexity of the process.

Product (or Service) Audit

Verifies the suitability of products (services) to customer needs and rules and regulations. This includes audits of finished and intermediate products.

First-Party (Internal) Audits
  • Client and audited entity are the same organization.
  • Conducted within the same organization.
  • Aligned with standards like UNE-EN-ISO 9001:2000.
  • Ensures the quality system is appropriate and serves as a continuous improvement tool.
  • Results and conclusions are internal documents.
Second-Party Audits
  • Client and audited entity are different organizations.
  • Considered external audits.
  • Often conducted for assessment or monitoring purposes within a customer-supplier relationship.
  • Serves as an improvement tool within customer-supplier collaboration.
  • Results are shared between customer and supplier.
  • Examples: A customer audits a company, or a company audits a supplier or subcontractor.
Third-Party (Certification) Audits
  • Requested by the client from an independent and recognized body.
  • Evaluates the organization for granting, retaining, or revoking approval, certification, qualification, consent, or specific authorization.
  • Governed by standards like ISO 19011.
  • Example: AENOR audits a company.

General Requirements for Auditors

  • Fairness
  • Capacity for analysis and synthesis
  • Communication skills and diplomacy
  • Ability to make judgments
  • Tolerance
  • Factual rigor
  • Concentration

Eight Principles of Quality Management (ISO 9000:2000)

These principles underlie the ISO 9000:2000 standard and guide its implementation:

  1. Customer Focus: Understanding current and future needs, meeting requirements, and striving to exceed expectations.
  2. Leadership: Establishing unity and direction, creating an environment for full involvement in achieving objectives.
  3. People Involvement: Engaging staff at all levels, enabling their abilities to benefit the organization.
  4. Process Approach: Managing activities and resources as a process to achieve desired results efficiently.
  5. System Approach to Management: Managing interrelated processes as a system to enhance efficiency in achieving objectives.
  6. Continual Improvement: Pursuing overall performance improvement as a permanent objective.
  7. Factual Approach to Decision Making: Basing decisions on the analysis of facts and data.
  8. Mutually Beneficial Supplier Relationships: Recognizing interdependence and fostering relationships that enhance value creation for both organizations.

Quality Manual

The main document outlining the quality policy, objectives, organizational structure, responsibilities, and specific procedures. It serves as a public document and manages the entire quality system. It should specify:

  • Scope of the quality management system (QMS)
  • Documented procedures for the QMS
  • Interaction between QMS processes
  • Company activities
  • Main features of the QMS
  • Quality policy and objectives
  • Responsibility and authority statements
  • Description of the organization
  • Documentation and procedure access for staff
  • Definition of terms with specific meaning for the organization