How to Audit ISO 9001:2015: A Handbook for Auditors
By Chad Kymal
()
About this ebook
This book integrates two different types of audit strategies, conformance audits and performance audits, into one process approach audit. Conformance audits confirm that the organization is meeting the requirements of the standard, while performance audits confirm that the QMS is achieving its intended results.
The book includes:
An introduction to ISO 9001:2015
An auditing strategy for ISO 9001:2015
How to conduct a Stage 1 audit for ISO 9001:2015
How to conduct a Stage 2 on-site audit for ISO 9001:2015
Appendices include an introduction to process focus, an assessment report template for Stage 1 audits, a confidential assessment report template for Stage 2 audits, and an example of the format for an ISO 9001:2015 conformance checklist.
Chad Kymal
Chad Kymal is the CTO and founder of Omnex Inc., an international consulting and training organization headquartered in the United States. After graduatingfrom the General Motors Institute, Chad spent a number of years working at General Motors and KPMG before founding Omnex Inc. in 1986. Over the course of Chad’s successful career, he has served on the Malcolm Baldrige Board of Examiners and has received numerous quality achievement awards, including the Quality Professional of the Year award by the American Society for Quality (ASQ) Automotive Division in 2005. In addition to his bachelor’s degree from GMI, Chad holds both a master’s degree in industrial and operations engineering from the University of Michigan and an MBA from the University of Michigan. Chad both developed and teaches auditor training for ISO 9001, ISO 14001,and OHSAS 18001/ISO 45001, as well as an Integrated Management Systems Lead Auditor training course where all three standards are combined in a single audit. Chad is the founder of AQSR, a global registrar that routinely provided integrated audits in QMS, EMS, and OHSMS. Chad is the author of four books and more than 100 papers including severalon integrated management systems.
Related to How to Audit ISO 9001:2015
Related ebooks
Cracking the Case of ISO 9001:2015 for Manufacturing: A Simple Guide to Implementing Quality Management in Manufacturing Rating: 0 out of 5 stars0 ratingsA Practical Field Guide for ISO 9001:2015 Rating: 0 out of 5 stars0 ratingsImplementing ISO 9001:2015 – A practical guide to busting myths surrounding quality management systems Rating: 0 out of 5 stars0 ratingsCracking the Case of ISO 9001:2015 for Service: A Simple Guide to Implementing Quality Management in Service Organizations Rating: 0 out of 5 stars0 ratingsIso 9001:2015 into the Future Rating: 0 out of 5 stars0 ratingsISO Lesson Guide 2015: Pocket Guide to ISO 9001:2015 Rating: 0 out of 5 stars0 ratingsDiscover ISO 9001:2015 Through Practical Examples: A Straightforward Way to Adapt a QMS to Your Own Business Rating: 5 out of 5 stars5/5Iso 9001 Audit Trail: A Practical Guide to Process Auditing Following an Audit Trail Rating: 5 out of 5 stars5/5The Magic of ISO 9001: How to Make It Fully Materialize Rating: 0 out of 5 stars0 ratingsISO 9001: A Pocket Guide Rating: 3 out of 5 stars3/5Integrated Management Systems: QMS, EMS, OHSMS, FSMS including Aerospace, Service, Semiconductor/Electronics, Automotive, and Food Rating: 0 out of 5 stars0 ratingsQuality Management Iso9001:2015 Changes: A Guide to Implementation Rating: 5 out of 5 stars5/5How to Audit the Process-Based QMS Rating: 5 out of 5 stars5/5ISO 9001:2015 Audit Guide and Checklist Rating: 4 out of 5 stars4/5The Internal Auditing Pocket Guide: Preparing, Performing, Reporting and Follow-up Rating: 0 out of 5 stars0 ratingsMusings on Internal Quality Audits: Having a Greater Impact Rating: 0 out of 5 stars0 ratingsAdvanced Quality Auditing: An Auditor’s Review of Risk Management, Lean Improvement, and Data Analysis Rating: 0 out of 5 stars0 ratingsThe Sustainable Quality System Rating: 0 out of 5 stars0 ratingsISO 9001 A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsSystems Thinking and ISO 9001:2015 Rating: 4 out of 5 stars4/5The ISO 14001:2015 Companion: A Straightforward Guide to Implementing an EMS in a Small Business Rating: 5 out of 5 stars5/5ISO 9001:2015 Handbook for Small and Medium-Sized Businesses Rating: 0 out of 5 stars0 ratingsISO 9001:2015: A Pocket Guide Rating: 4 out of 5 stars4/5Audit Evidence A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 9000 A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsRisk Audit A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsISO 9001:2015 Explained Rating: 0 out of 5 stars0 ratings
Auditing For You
2022 Best Ways To Make Money Online Rating: 4 out of 5 stars4/5The Prosperity Bible Rating: 5 out of 5 stars5/5Auditing For Dummies Rating: 4 out of 5 stars4/5Lean Auditing: Driving Added Value and Efficiency in Internal Audit Rating: 5 out of 5 stars5/5Crunch Time - CPA Firm Survival in a Predatory Environment Rating: 4 out of 5 stars4/5(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide Rating: 3 out of 5 stars3/5A Guide to Forensic Accounting Investigation Rating: 4 out of 5 stars4/5Fraud Prevention Rating: 5 out of 5 stars5/5Madoff Talks: Uncovering the Untold Story Behind the Most Notorious Ponzi Scheme in History Rating: 4 out of 5 stars4/5Budgeting: How to Make a Budget and Manage Your Money and Personal Finances Like a Pro Rating: 0 out of 5 stars0 ratingsInternal Audit Quality: Developing a Quality Assurance and Improvement Program Rating: 0 out of 5 stars0 ratingsTrade-Based Money Laundering: The Next Frontier in International Money Laundering Enforcement Rating: 0 out of 5 stars0 ratingsA Step By Step Guide: How to Perform Risk Based Internal Auditing for Internal Audit Beginners Rating: 4 out of 5 stars4/5How To Earn $1000 Weekly Proofreading & Copyediting Rating: 0 out of 5 stars0 ratingsBudgeting - The Right Way Rating: 0 out of 5 stars0 ratingsFinancial Statement Fraud Casebook: Baking the Ledgers and Cooking the Books Rating: 4 out of 5 stars4/5Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework Rating: 0 out of 5 stars0 ratingsAmazon Echo: The Ultimate Guide to Setting up and Maximizing Your Smart Home hub Rating: 0 out of 5 stars0 ratingsFraud Casebook: Lessons from the Bad Side of Business Rating: 0 out of 5 stars0 ratingsAuditing Your Human Resources Department: A Step-by-Step Guide to Assessing the Key Areas of Your Program Rating: 0 out of 5 stars0 ratingsThe Internal Auditing Handbook Rating: 0 out of 5 stars0 ratingsDetecting Fraud in Organizations: Techniques, Tools, and Resources Rating: 0 out of 5 stars0 ratingsExposing Fraud: Skills, Process and Practicalities Rating: 4 out of 5 stars4/5Trafficking and the Traffickers: JUSTICE Rating: 0 out of 5 stars0 ratingsConstruction Contractors: Advanced Issues Rating: 0 out of 5 stars0 ratingsAuditing Cloud Computing: A Security and Privacy Guide Rating: 3 out of 5 stars3/5Cutting Edge Internal Auditing Rating: 3 out of 5 stars3/5Mastering Internal Audit Fundamentals A Step-by-Step Approach Rating: 4 out of 5 stars4/5
Reviews for How to Audit ISO 9001:2015
0 ratings0 reviews
Book preview
How to Audit ISO 9001:2015 - Chad Kymal
How to Audit ISO 9001:2015
Also available from ASQ Quality Press:
Integrated Management Systems: QMS, EMS, OHSMS, FSMS Including Aerospace, Service, Semiconductor/Electronics, Automotive, and Food
Chad Kymal, Gregory Gruska, and R. Dan Reid
AS9101D Auditing for Process Performance: Combining Conformance and Effectiveness to Meet Customer Satisfaction
Chad Kymal
The Art of Integrating Strategic Planning, Process Metrics, Risk Mitigation, and Auditing
J. B. Smith
Advanced Quality Auditing: An Auditor’s Review of Risk Management, Lean Improvement, and Data Analysis
Lance B. Coleman Sr.
How to Establish a Document Control System for Compliance with ISO 9001:2015, ISO 13485:2016, and FDA Requirements: A Comprehensive Guide to Designing a Process-Based Document Control System
Stephanie L. Skipper
ISO 9001:2015 Explained, Fourth Edition
Charles A. Cianfrani, John E. Jack
West, and Joseph Tsiakals
ISO 9001:2015 Internal Audits Made Easy, Fourth Edition
Ann W. Phillips
ISO 9001:2015 for Small and Medium-Sized Businesses, Third Edition
Denise Robitaille
The FDA and Worldwide Quality System Requirements Guidebook for Medical Devices, Second Edition
Amiram Daniel and Ed Kimmelman
Implementing ISO/IEC 17025:2005
Bhavan Bob
Mehta
The Biomedical Quality Auditor Handbook, Second Edition
Biomedical Division and Bruce Haggar, editor
The ASQ Auditing Handbook, Fourth Edition
J.P. Russell, editor
To request a complimentary catalog of ASQ Quality Press publications, call 800-248-1946, or visit our website at http://www.asq.org/quality-press.
How to Audit ISO 9001:2015
A Handbook for Auditors
Chad Kymal
ASQ Quality Press
Milwaukee, Wisconsin
American Society for Quality, Quality Press, Milwaukee 53203
© 2016 by ASQ
All rights reserved. Published 2016
Library of Congress Cataloging-in-Publication Data
Names: Kymal, Chad, author.
Title: How to audit ISO 9001:2015 : a handbook for auditors / Chad Kymal.
Description: Milwaukee, Wisconsin : ASQ Quality Press, 2016. | Includes index.
Identifiers: LCCN 2016005431 | ISBN 9780873899277 (soft cover : alk. paper)
Subjects: LCSH: ISO 9000 Series Standards. | Quality control—Auditing. |
Quality assurance—Standards—United States.
Classification: LCC TS156 .K958 2016 | DDC 658.5/620218—dc23
LC record available at http://lccn.loc.gov/2016005431
ISBN 978-0-87389-927-7
No part of this book may be reproduced in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher.
Publisher: Seiche Sanders
Acquisitions Editor: Matt T. Meinholz
Managing Editor: Paul Daniel O’Mara
Production Administrator: Randall Benson
ASQ Mission: The American Society for Quality advances individual, organizational, and community excellence worldwide through learning, quality improvement, and knowledge exchange.
Attention Bookstores, Wholesalers, Schools, and Corporations: ASQ Quality Press books, video, audio, and software are available at quantity discounts with bulk purchases for business, educational, or instructional use. For information, please contact ASQ Quality Press at 800-248-1946, or write to ASQ Quality Press, P.O. Box 3005, Milwaukee, WI 53201-3005.
To place orders or to request ASQ membership information, call 800-248-1946. Visit our website at http://www.asq.org/quality-press.
List of Figures and Tables
Figure P.1 Evolution of quality.
Figure 1.1 Quality management system.
Figure 1.2 Plan–do–check–act cycle in ISO 9001:2015.
Figure 1.3 Schematic representation of the elements of a single process.
Figure 1.4 Process map showing sequence and interactions.
Figure 1.5 Quality management system with context.
Table 1.1 Risk and opportunities in ISO 9001:2015.
Figure 1.6 Risk in planning.
Figure 1.7 Product or process risk.
Table 1.2 Major differences in terminology between ISO 9001:2008 and ISO 9001:2015.
Figure 2.1 Risk and opportunity audit trail.
Figure 2.2 Planning, performance evaluation, and improvement audit trail.
Figure 2.3 New product development audit trail.
Figure 2.4 Production and service provision audit trail.
Figure 2.5 Risk audit trail.
Figure 2.6 Risk sampling sheet.
Figure 2.7 Planning, performance evaluation, and improvement audit trail.
Figure 2.8 Quality objectives sampling sheet.
Figure 2.9 New product development audit trail.
Figure 2.10 Production and service provision audit trail.
Figure 2.11 Turtle diagram.
Figure 2.12 Process analysis worksheet.
Figure 3.1 Stage 1 audit plan.
Figure 3.2 Typical structure of ISO documentation.
Figure 3.3 Process map example.
Figure 3.4 Clause or elemental process map.
Figure 3.5 Functional process map.
Figure 3.6 Schematic representation of the elements of a single process.
Figure 3.7 Information from customer scorecard.
Figure 3.8 Assessment planning table.
Figure 3.9 Risk sampling sheet.
Figure 3.10 Quality objectives sampling sheet.
Figure 3.11 Planning, performance evaluation, and improvement audit trail.
Figure 3.12 Stage 2 audit plan.
Figure 3.13 Stage 1—nonconformities.
Figure 3.14 Process analysis worksheet.
Figure 4.1 Stage 2 flow diagram.
Figure 4.2 Opening meeting checklist.
Figure 4.3 Turtle diagram—example of management review.
Figure 4.4 Process map example.
Figure 4.5 Process analysis worksheet.
Figure 4.6 Risk sampling sheet.
Figure 4.7 Quality objectives sampling sheet.
Figure 4.8 Sample evidence of corrective action closeout.
Figure 4.9 Root cause/problem relationship.
Figure 4.10 What makes a great internal auditor?
Figure A.1 Process map example.
Figure A.2 Turtle diagram.
Figure A.3 Organization of processes by location.
Figure A.4 Elemental approach.
Figure A.5 Functional approach.
Figure B.1 Audit plan—stage 1.
Figure B.2 Opening and closing meetings checklist.
Figure B.3 Classifications of processes.
Figure B.4 Documentation and process cross-reference for ISO 9001:2015.
Figure B.5 Information from customer scorecard.
Figure B.6 Assessment planning table.
Figure B.7 Risk sampling sheet.
Figure B.8 Stage 2 audit plan.
Figure B.9 Stage 1—nonconformities.
Figure B.10 Process analysis worksheet.
Figure C.1 Confidential assessment report for stage 2.
Figure C.2 Opportunities for improvement.
Figure C.3 Employee shift details—site/remote/support location.
Figure C.4 Risk sampling sheet.
Figure C.5 Quality objectives sampling sheet.
Figure C.6 Documentation and process cross-reference for ISO 9001:2015.
Figure C.7 Stage 2 audit plan.
Figure C.8 Process analysis worksheet.
Figure C.9 Corrective action request.
Figure C.10 Nonconformity chart.
Figure D.1 ISO 9001:2015 conformance checklist.
Preface
It is hard to believe that I am writing the third update to How to Audit ISO 9001:2000, first written in 2001. Much has changed since 2001 when the ISO 9001:2000 standard was first released, and since 2008 when it was subsequently reissued. In the last update to the book, I mentioned that there are two types of auditing: conformance and performance auditing.
The two different types of audit strategies can be incorporated into one audit methodology. This book will attempt to integrate both the performance audit and conformance audit into one process approach audit. This is especially fitting considering that the purpose of risk analysis and planning is to ensure that the quality management system (QMS) achieves its intended results.
Additionally, the new standard has a strong focus on process performance that is mentioned in multiple places within the standard.
Quality is changing over time. Quality was thought of as inspection
over 100 years ago, and has slowly evolved from inspection to quality assurance to design to business strategy. The ISO 9001 standard is following the evolution of quality (see Figure P.1) that first started as product quality
and that over time has come to be defined as customer satisfaction
and/or as meeting the needs and expectations of interested parties.
It is interesting to note that the word management
in quality management is defined as activities to direct or control an organization. In the note, they mention that management includes policies, objectives, and processes to achieve these objectives.
For the first time, ISO 9001 is embracing risk, which is being defined as the effect of uncertainty
in the organization. If processes help meet objectives (definition of management) then risk analysis is conducted on the processes to ensure that objectives are met. The interaction of the context
—a new term in ISO 9001—business processes, objectives, goals, and leadership, will lead to some interesting auditing opportunities.
Reflecting on our society, global conflicts, and the fast-paced nature of the world, it is not surprising that businesses are increasingly embracing risk as an important topic in order to safeguard the net worth of the company. There are many areas fraught with product risk due to newer technologies (process and product), intellectual property (IP) risk due to Internet security, international supply chains, new diseases, and wars, and reputation risk due to many factors (social responsibility, quality, scandals, other). Typically, standards reflect business needs.
Integrated management systems remains an important topic, and companies will adopt it because of the savings it represents. This year, I published a book on integrated management systems along with Gregory Gruska and Dan Reid. It is one part of a three part-series that is available or will be available soon from ASQ Quality Press. Books two and three will be on auditing and implementing integrated management systems. I encourage readers to read up on and understand integrated management systems. Be a leader in your organization regarding this important concept.
Another important movement is sustainability and corporate responsibility. This movement has not been fully incorporated into management systems. The specialists involved in this movement don’t use the same terminology or language as those of us in management systems. However, it is an important movement, and I encourage readers to study ISO 26000 and also the standards and codes of the UN Global Compact, OECD Guidelines for Multinational Enterprises, UN Guiding Principles on Business and Human Rights, Dow Jones Sustainability Index, and the Global Reporting Initiative (GRI). Omnex has added a number of courses in these important subjects, and I see this as a topic that I will write more about in the future.
Chad Kymal
CTO and Founder, Omnex Inc.
Ann Arbor, Michigan
Chapter 1: Introduction to ISO 9001:2015