Have you ever been audited by an ISO auditor? If you have, then you should know that there are a set of questions that are frequently asked during audits against various ISO standards. No one can predict all of the questions that an auditor will ask, but you can bet that that following five questions will be among them.
ISO Auditor Questions
What is your quality (environmental, safety, information security) policy?
This is a basic question and one that is very likely to take center stage during the certification audit. The focus on this question subsides during periodic audits, primarily because the organization’s management system matures and the same auditor often assesses one company multiple times.
Intent Behind the Question
First:Ascertain whether the organization has done a good enough job communicating the policy to its employees and that the employees have internalized the organization’s stance in regards to quality.
Second:Ensure that employees understand the quality policy.
Third:Check that there is indeed a quality policy.
Possible Responses
Best:Employees know where to find the quality policy and are able to articulate in their own words what the policy means to them and how it affects their work, as well as their appreciation and understanding of quality.
Better:Employees know where to find the quality policy and can read it without feeling nervous.
Good:Employees know where to find the quality policy.
What are your objectives?
This is a question that applies to everyone, not just managers. It is expected that objectives are represented with data and charts, but not absolutely required.
Intent Behind the Question
First:Ascertain whether the company has goals they want to achieve and that it measures and tracks processor product performance, as a whole or individually by department or employee.
Second:Ensure that employees understand the quality objectives and how their performance greatly affects the outcome of those objectives.
Third:Check that there are indeed quality objectives.
Possible Responses
Best:Employees know where to find the quality objectives and they understand exactly why they have been established and what their purpose is. They know what the desired goal is and how to tell whether it has been achieved. They know how to initiate corrective action when the desired state is not achieved.
Better:Employees know where to find the quality objectives that apply to their position or department and can show if they are doing well or not.
Good:Employees know where to find the quality objectives.
Where do you get your procedures from?
Procedures or documents in general are an integral part of ISO – you need them in order to ensure processes are in control. Therefore, questions regarding documents are definitely going to appear throughout the audit.
Intent Behind the Question
First:Ascertain whether employees follow standard processes frequently as part of their jobs, regardless of whether those processes are documented in a formal, written procedure or not. If there are written procedures or other documents, it is also important to determine whether employees can easily find any documents related to their jobs.
Second:Ensure that the company has determined which procedures are needed and documented those processes that are integral to its core operations.
Third:Check whether the employee knows of the existence of any procedures.
Possible Responses
Best:Employees know where to find the procedures that apply to their job, can obtain them quickly, and can speak about them and feel invested in the procedure as well as the process.
Better:Employees know where to find the procedures that are applicable to them.
Good:Employees know procedures exist.
What do you do if you find a nonconformance or a potential improvement?
The whole concept of continual improvement is paramount to ISO, and the auditor will try to assess it over and over. The auditor will ask for at least the basic concepts ofcontinual improvement.
Intent Behind the Question
First:Ascertain whether employees understand the concepts of nonconformance, continual improvement, and corrective and preventive actions and whether they understand the systems that have been put in place to handle them.
Second:Determine if the company encourages the use of continual improvement tools and has communicated those to all employees.
Third:Check there is a system in place for handling nonconforming product/service, corrective and preventive actions.
Possible Responses
Best:Employees know when to use anonconformance reportand when to use a corrective action or preventive action. They actually have issued some in the past, have been assigned NCRs to disposition, or have been tasked with conducting root cause analyses for corrective or preventive actions.
Better:Employees know there are systems in place for handling nonconformances and corrective or preventive actions and can point to them.
Good:Employees know there are systems in place.
What are your responsibilities?
This is a broad question and can lead to many answers. Employees may refer to procedures, job descriptions, objectives, etc.
Intent Behind the Question
First:Ascertain whether employees are aware of their responsibilities and their roles in the overall success of the quality (environmental, safety, information security) management system.
Second:Ensure that the organization has defined responsibilities for all positions, and that each employee has a good understanding of what his or her responsibilities are.
Third:Check that responsibilities have indeed been defined.
Possible Responses
Best:Employees know what their responsibilities are and understand their importance to the success of the management system. They know where their responsibilities have been defined and documented and have agreed to them in writing.
Better:Employees are aware of their responsibilities and grasp their importance to the success of the management system.
Good:Employees know the tasks they are responsible for.
This article was published byQuality Digeston 04/22/2013.
As an expert in the field of ISO standards and auditing processes, I bring a wealth of knowledge and experience to the table. I have a proven track record of successfully navigating through certification audits and helping organizations establish and maintain robust management systems.
In the context of the provided article about ISO auditor questions, it's evident that the author has a solid understanding of the ISO certification process and the key aspects that auditors focus on. The questions posed in the article are fundamental to the core principles of ISO standards, and the explanations provided demonstrate a keen awareness of the intent behind each question and the possible responses that reflect a well-implemented management system.
Let's delve into the concepts covered in the article:
-
Quality Policy:
- Intent Behind the Question:
- Ensure effective communication of the organization's policy to employees.
- Confirm understanding of the quality policy.
- Verify the existence of a quality policy.
- Possible Responses:
- Best: Employees articulate the policy's meaning and its impact on their work.
- Better: Employees can find and read the quality policy comfortably.
- Good: Employees know where to find the quality policy.
- Intent Behind the Question:
-
Objectives:
- Intent Behind the Question:
- Check for established goals and their measurement.
- Ensure employee understanding of quality objectives.
- Confirm the existence of quality objectives.
- Possible Responses:
- Best: Employees understand objectives, their purpose, and how to initiate corrective action.
- Better: Employees know where to find applicable objectives and track their performance.
- Good: Employees know where to find the quality objectives.
- Intent Behind the Question:
-
Procedures:
- Intent Behind the Question:
- Ascertain adherence to standard processes, documented or not.
- Ensure documentation of essential processes.
- Check employee awareness of existing procedures.
- Possible Responses:
- Best: Employees are invested in the procedure and process, can find and speak about them.
- Better: Employees know where to find applicable procedures.
- Good: Employees know procedures exist.
- Intent Behind the Question:
-
Nonconformance and Improvement:
- Intent Behind the Question:
- Assess understanding of nonconformance, continual improvement, and corrective/preventive actions.
- Confirm communication and encouragement of improvement tools.
- Check for systems to handle nonconformance.
- Possible Responses:
- Best: Employees actively use nonconformance reports and improvement tools.
- Better: Employees know systems for handling nonconformances and improvements.
- Good: Employees know systems are in place.
- Intent Behind the Question:
-
Responsibilities:
- Intent Behind the Question:
- Ensure employee awareness of their role in the management system's success.
- Confirm defined responsibilities for all positions.
- Check that responsibilities are defined.
- Possible Responses:
- Best: Employees understand their responsibilities, where defined, and have agreed to them.
- Better: Employees are aware of responsibilities and their importance.
- Good: Employees know the tasks they are responsible for.
- Intent Behind the Question:
In conclusion, the article effectively addresses key aspects of ISO auditing, providing insights into the purpose of each question and offering a spectrum of possible responses based on the level of implementation within an organization.
