Have you ever been audited by an ISO auditor? If you have, then you should know that there are a set of questions that are frequently asked during audits against various ISO standards. No one can predict all of the questions that an auditor will ask, but you can bet that that following five questions will be among them.
ISO: Most Frequently Asked Questions
The AREs vs the WANNA-BEs
January 15, 2013
Who is in Charge of Customer Satisfaction? Quality or Sales?
April 16, 2013ISO: Most Frequently Asked Questions
ISO Auditor Questions
This is a basic question and one that is very likely to take center stage during the certification audit. The focus on this question subsides during periodic audits, primarily because the organization’s management system matures and the same auditor often assesses one company multiple times.
Intent Behind the Question
First: Ascertain whether the organization has done a good enough job communicating the policy to its employees and that the employees have internalized the organization’s stance in regards to quality.
Second: Ensure that employees understand the quality policy.
Third: Check that there is indeed a quality policy.
Possible Responses
Best: Employees know where to find the quality policy and are able to articulate in their own words what the policy means to them and how it affects their work, as well as their appreciation and understanding of quality.
Better: Employees know where to find the quality policy and can read it without feeling nervous.
Good: Employees know where to find the quality policy.
This is a question that applies to everyone, not just managers. It is expected that objectives are represented with data and charts, but not absolutely required.
Intent Behind the Question
First: Ascertain whether the company has goals they want to achieve and that it measures and tracks processor product performance, as a whole or individually by department or employee.
Second: Ensure that employees understand the quality objectives and how their performance greatly affects the outcome of those objectives.
Third: Check that there are indeed quality objectives.
Possible Responses
Best: Employees know where to find the quality objectives and they understand exactly why they have been established and what their purpose is. They know what the desired goal is and how to tell whether it has been achieved. They know how to initiate corrective action when the desired state is not achieved.
Better: Employees know where to find the quality objectives that apply to their position or department and can show if they are doing well or not.
Good: Employees know where to find the quality objectives.
Procedures or documents in general are an integral part of ISO – you need them in order to ensure processes are in control. Therefore, questions regarding documents are definitely going to appear throughout the audit.
Intent Behind the Question
First: Ascertain whether employees follow standard processes frequently as part of their jobs, regardless of whether those processes are documented in a formal, written procedure or not. If there are written procedures or other documents, it is also important to determine whether employees can easily find any documents related to their jobs.
Second: Ensure that the company has determined which procedures are needed and documented those processes that are integral to its core operations.
Third: Check whether the employee knows of the existence of any procedures.
Possible Responses
Best: Employees know where to find the procedures that apply to their job, can obtain them quickly, and can speak about them and feel invested in the procedure as well as the process.
Better: Employees know where to find the procedures that are applicable to them.
Good: Employees know procedures exist.
The whole concept of continual improvement is paramount to ISO, and the auditor will try to assess it over and over. The auditor will ask for at least the basic concepts of continual improvement.
Intent Behind the Question
First: Ascertain whether employees understand the concepts of nonconformance, continual improvement, and corrective and preventive actions and whether they understand the systems that have been put in place to handle them.
Second: Determine if the company encourages the use of continual improvement tools and has communicated those to all employees.
Third: Check there is a system in place for handling nonconforming product/service, corrective and preventive actions.
Possible Responses
Best: Employees know when to use a nonconformance report and when to use a corrective action or preventive action. They actually have issued some in the past, have been assigned NCRs to disposition, or have been tasked with conducting root cause analyses for corrective or preventive actions.
Better: Employees know there are systems in place for handling nonconformances and corrective or preventive actions and can point to them.
Good: Employees know there are systems in place.
This is a broad question and can lead to many answers. Employees may refer to procedures, job descriptions, objectives, etc.
Intent Behind the Question
First: Ascertain whether employees are aware of their responsibilities and their roles in the overall success of the quality (environmental, safety, information security) management system.
Second: Ensure that the organization has defined responsibilities for all positions, and that each employee has a good understanding of what his or her responsibilities are.
Third: Check that responsibilities have indeed been defined.
Possible Responses
Best: Employees know what their responsibilities are and understand their importance to the success of the management system. They know where their responsibilities have been defined and documented and have agreed to them in writing.
Better: Employees are aware of their responsibilities and grasp their importance to the success of the management system.
Good: Employees know the tasks they are responsible for.
This article was published by Quality Digest on 04/22/2013.
