Demonstrating Conformity to the Standard

The document discusses the importance of conducting audits in accordance with ISO standards, emphasizing that checklists alone may not capture the effectiveness of processes. It highlights the need for adequate sampling during audits to ensure confidence in the quality management system's implementation. Additionally, it stresses the significance of recording relevant audit information and maintaining a balance between using checklists and focusing on the audit process itself.

Uploaded by

MD Francis Duqm

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

39 views2 pages

Demonstrating Conformity to the Standard

Uploaded by

MD Francis Duqm

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 2

ISO/IAF Auditing Practices www.irca.

org
Group Papers

Demonstrating conformity to the standard -

performing the audit to the standard's clauses versus
performing the audit to the auditee’s processes
When assessing conformity to the standard, audit checklists may not be sufficient. At the end of an audit, the
auditor should be in a position to know whether all requirements of the standard are satisfied or not.

Trying to show compliance to a standard often brings people back to using checklists, where an auditor is able
to check-off the requirements of the standard one-by-one, making sure that all the requirements have been
covered. This basic approach of filling out a checklist is an easy way to ensure that all requirements of the
standards have been checked. However, considering the approach of the ISO 9001, performing an audit from a
generic checklist might prevent an auditor from collecting evidence of effective interfacing between processes.

In some situations, completely moving away from the checklist (or audit question list) might not be possible,
particularly if the organization needs to provide evidence of compliance to the standard to third parties (e.g.
regulators, conformity assessment bodies).

It is important to use a checklist in an appropriate way and at an appropriate time, i.e. as a tool to help keep
track of the requirements of the standard to be covered.

What is adequate sampling?

There is no statistical or mathematical formula to establish the right number of samples to be taken during an
audit. Defining the number of samples (e.g. one, five, or even more samples of records for a particular
requirement) to be taken to confirm conformity to the requirements is not efficient and does not ensure
conformity. It is of course a fact that by increasing the number of samples taken, an auditor will have greater
confidence regarding the actual status of the implementation of the quality management system (QMS).
Adequate sampling in this context would refer to a level of sampling taken during on-site interviews and record
reviews that give sufficient confidence that the auditee's QMS is implemented as described.

Multi-site sampling, or sampling of the organizational units of a company, are covered in Annex II of the
International Accreditation Forum’s (IAF’s) guidance on the application of ISO/IEC guide 62, along with the
required on-site auditor days and sampling formula for multi-sites.

The auditor needs to perform interviews and check records and evidence during the interview. The number of
samples to be taken depends on the complexity of the process being audited, and on the quality of information
received from the auditee during the interview. It is also important that the auditor maintains the schedule
outlined in the audit plan. At the end of the day, the auditor needs to feel comfortable that the samples and the
objective evidence seen are representative, in order to draw appropriate conclusions regarding the
implementation of the QMS.

Recording audit information

ISO 19011 and the IAF guidance on the application of ISO/IEC guide 62 explain what an audit report should
contain. However, it is important that the audit reports to the auditee only contain important information for the
auditee, e.g. information on possible improvements, positive observations, and non-conformities to the standard.

IRCA/250e Page 1 of 2
ISO/IAF Auditing Practices www.irca.org
Group Papers

Merely reiterating and explaining the requirements of the standard is unlikely to be what the auditee is looking
for.

There may also be a requirement for the auditor to demonstrate the sequence in which the audit was performed,
sometimes called the ‘audit trail’. Using audit notes is a very efficient way for an auditor to record the audit. The
main disadvantage of using audit notes is that they tend to be a very personal way of recording information
during an audit, and the levels of recording detail and styles will vary greatly from one auditor to another.

A checklist can ensure some uniformity in the performance of the auditors. However, auditors should never
forget to spend their time auditing, not filling out checklists or taking notes.

This article is an edited version of 'Demonstrating conformity to the standard’ from the website of the ISO 9001
Auditing Practices Group, and is reproduced courtesy of ISO and the IAF. These papers were developed on current best
practice and therefore have not been formally endorsed as International Accreditation Forum (IAF) guidance or ISO
TC176 interpretations. For further information about the Auditing Practices Group
http://isotc.iso.org/livelink/livelink/fetch/2000/2122/138402/138403/%203541460/customview.html?func=ll&objId=3
541460&objAction=browse&sort=name.

The ISO 9001 Auditing Practices Group is an informal group of QMS experts, auditors and practitioners drawn from the
ISO Technical Committee 176 Quality Management and Quality Assurance (ISO/TC 176) and the IAF. It has developed
a number of guidance papers and presentations that contain explanations about the auditing of QMSs. These reflect
the process-based approach that is essential for auditing the requirements of ISO 9001.

JANUARY 2005

IRCA/250e Page 2 of 2