If the audit was undertaken for a ‘customer’ or a ‘third party’, then it may well be up to them to decide on the acceptances of any non-compliance. When the audit team leader is satisfied with the evidence presented he/she in turn may discuss any non-compliances with the organization representative to seek agreement that they exist. Following are the key features and objectives that organization should take care while preparing ISO audit report.
1. Team Meetings
At a daily meeting (or before the summery report is compiled) the auditors discuss their detailed observations with the audit team leader to determine if non-compliances exist and if applicable, are categorized.
When the audit team leader is satisfied with the evidence presented he/she in turn may discuss any non-compliances with the auditee’s representative to seek agreement that they exist. This is not to 먹튀검증 suggest a ‘bargaining’ situation, but one in which the auditee is given an opportunity to discuss the non-compliances and allow the production of any evidence to demonstrate that there is no deviation from the requirements.
Equally, the opportunity to discuss and recognize a non-compliance may enable the auditee to initiate corrective action.
In either event, the non-compliance is still recorded but the fact that corrective action has been taken it noted in the audit report.
It should be noted that non-compliances are owned by the auditee and not the auditor.
2. Non-Compliance Categorization
It is common practice to classify non-compliances into categories. This subject is dealt with in Section 12.
Categorization of non-compliances is normally decided through discussion between the team leader and the auditors rather than applying a category at the time of the incident. Categorization is not an end in itself but an aid to assist the team leader to assess the severity of the non-compliance and form a reasoned judgment on the auditee’s FSMS arrangements.
Reporting non-compliances is the method used to indicate to an organization during an audit that there is a deviation to the laid down FSMS requirement and the applicable legislative requirements.
A non-compliance is a non-fulfillment of specified requirements (GMP, SSOP, QMS, Quality, Environment).
Non-compliances arise from OBSERVATIONS made during an audit.
An observation is a statement of fact recorded on the checklist. The audit team will then review all of their observations to determine which of them are to be reported as non-compliances. The audit team shall ensure that non-compliances are documented in a clear, concise manner and are supported by objective evidence.
4. Non-Compliance Categorization
All non-compliances have to be dealt with regardless of how important an impact they may on the established system. It is common practice to categories non-compliances to enable the overall effectiveness of a QMS management system and the urgency of corrective action to be assessed.
There is no defined standard for categorization of NCR’s, so if categorization is to be applied the methods are required to be defined by the auditing organization and made clear to the auditee at the start of the audit.
Categorization of NCR should be based on deviation to the FSMS/legislation and impact on product/process and its risk. Observations need to support the grading with sufficient justification.
A typical classification is as follows:
The absence or total breakdown of a FSMS to meet the requirements of ISO 22000 and the requirements of applicable regulations that impact QMS.
E.g. seriously inadequate hazard analysis, insufficient CCps are identified, no action responding to violation of critical limits, use unsafe water etc.
One critical NCR will lead to failure of certification. A re-audit is normally required within six months after initial audit.
A non-compliance which is likely to result in the failure of the QMS system or reduce its ability to assure safety of processes or products.
E.g. improper control of chemical compound, shop workers are not very hygienic or there is no necessary action to prevent food from contamination etc.
If there is any major NCR, registration is recommended subject to a satisfactory verification visit. Verification visits will be arranged within eight weeks after the audit to verify effectiveness of corrective actions.
System deficiency (ies), which do not directly affect the QMS, but need to be improved.
E.g. environment of production areas is not in good condition, which may contaminate food, inadequate light in production areas or cleaning facility is not in a good condition etc.