Click here to visit the main IRCA website

ISO 9001's guiding light

With its new emphasis on process auditing, ISO 9001:2000 was always going to be fraught with difficulties. But, as Brian Henry explains, help is at hand in the form of the Auditing Practices Group, which aims to provide sound advice for auditors

The ISO 9001 Auditing Practices Group was created to respond to a need that had been identified by the ISO 9000 Advisory Group (IAG). The IAG itself had been previously established - under the auspices and with the support of ISO/TC 176, the International Accreditation Forum (IAF) and ISO/CASCO - to identify and react to any perceived threats to the credibility of ISO 9001:2000.

It was recognized that some auditors might have difficulty in making the transition from the former clause-based style of auditing to the new approach of process auditing, which was needed to effectively and consistently evaluate conformity to ISO 9001:2000. The situation was further complicated by a new shift in emphasis on the importance of certain requirements, such as management responsibility and continual improvement with a minimum of documented procedures.

The A team

The IAG decided that the perceived problem would be most effectively addressed with the help of a group of experts. This group would represent standards writers, certification bodies, accreditation bodies, consultants, trainers and, most importantly, currently practising auditors. The IAG took its recommendation to the International Accreditation Forum at its plenary in Berlin in September 2002. This resulted in a resolution to form such a group. The IAG also took its recommendation to ISO TC176 at its plenary in Acapulco in October 2002, which similarly resolved to form this group.

This joint initiative by ISO TC176 and the International Accreditation Forum resulted in the establishment of the ISO 9001 Auditing Practices Group. Its first meeting was held in Sydney in February 2003. The group's two co-conveners, Alex Ezrakhovich and Randy Dougherty, represent the two founding bodies ISO/TC 176 and IAF respectively.

Members have been appointed from both ISO TC176 and IAF, and also individuals from ISO/CASCO, IATCA, and industry. The membership represents a wide range of organizations that are stakeholders in ISO 9000 third party certification. These include: companies with certificated QMS, standards writers, certification bodies, accreditation bodies, consultants, trainers and currently practising auditors.

Aiming high

The goal of the Auditing Practices Group was, essentially, to provide advice to auditors. This would help them improve the value of third party certification audits of organizations with a certificated QMS and then ultimately be able to pass on these benefits to their customers. A primary consideration was to develop guidance that was practical, useful and usable for a third party certification auditor when auditing a QMS based on ISO 9001:2000.

The Auditing Practices Group agreed that the guidance needed to be written in concise and direct language. 'The papers are short, and easy to read and understand,' says Dougherty. The guidance would include practical examples and other tools, with a 'how to' approach. The Auditing Practices Group also recognized that it was vital that the guidance was widely promoted and readily available. As a result, it can now be viewed on a public website.

So far, 19 guidance papers have been produced, covering:

the need for a two stage approach to auditing
measuring QMS effectiveness and improvements
identification of processes
understanding the process approach
determination of the 'where appropriate' processes
auditing the 'where appropriate' requirements
demonstrating conformity to the standard
linking an audit of a particular task, activity or process to the overall system
auditing continual improvement
auditing a QMS which has minimum documentation
how to audit top management processes
the role and value of the audit checklist
scope of ISO 9001:2000, scope of quality management systems and defining scope of certification
value-added auditing
auditing competence and the effectiveness of actions taken
effective use of ISO 19011:2002
auditing statutory and regulatory requirements
auditing quality policy and quality objectives
auditing the control of monitoring and measuring devices

Looking to the future

The Auditing Practices Group has had three further meetings since Sydney. These meetings took place in Geneva in June 2003 and in Bucharest in October 2003. At the most recent meeting in March 2004 in Vancouver, the Auditing Practices Group agreed to develop further guidance on the following topics:

auditing customer satisfaction
writing nonconformities that are understandable, useful and therefore add value
reviewing responses to nonconformities to assure correction and corrective action that is effective

Stakeholders and users of the website are encouraged to provide feedback on the guidance already provided and propose further topics where guidance might be useful.

More information about the Auditing Practices Group and the guidance papers can be found on the website: http://www.bsi.org.uk/iso-tc176-sc2. The paper on value-added auditing is featured in this issue of IRCA INform.

About the author
Brian Henry is a European-qualified chartered electrical and mechanical engineer, and a Fellow of the Institute of Quality Assurance. He is registered as a lead auditor with IRCA, and is an IRCA reviewing officer qualified to undertake QMS, EMS, EMAS, AS/EN 9100, TickIT, BS 7799, QS 9000, product certification and personnel certification audits on behalf of international accreditation bodies such as UKAS.

Brian is the UK principal expert for QMS auditing and has been closely involved in the development of the ISO 9000 series. He has been seconded by IAF and ISO TC 176 to participate in the ISO 9001:2000 Oversight Group to develop auditor competence criteria for certification body auditors. He is a member of the ISO/IAF/CASCO Auditing Practices Group for the development and issue of guidance to ISO 9001:2000 auditors.