ISO 9001:2015 – Newsletter – Issue 132

Issue 132 – How far back in time can an auditor go?

ISO 9001:2015…

How far back in time can an auditor go?

I appreciate receiving emails with questions and/or comments from readers of this Newsletter… please continue to do so since it provides me with ideas on what these publications should cover.  In my last Newsletter (ISO 9001:2015 Newsletter Issue 131) we discussed the topic of  “What if your Quality Objectives don’t show improvement?”, and now in this Newsletter we will discuss “How far back in time can an auditor go?”.

The ISO 9001:2015 Element numbering…

Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement

How far back in time can an auditor go?…  One of my Clients received a minor nonconformance (NC) during an external surveillance audit regarding missing information on a training document.  This organization has been ISO 9001 certified for many decades and this external auditor has visited this plant at least twice before.  This organization also has thousands and thousands of training records and this auditor found just one (1) example of missing information on a training form.  That in itself doesn’t justify issuing a minor NC… in fact I doubt it even deserves to be called an Opportunity for Improvement (OFI) since it was such an isolated occurrence.  Why would an external auditor bother writing this up as a minor NC?… I suspect they were “looking” for anything that they could put into their audit report… and unfortunately that happens way too often.  If you sense that your external auditor is digging around needlessly then I sometimes recommend that you “throw them a bone”… in other words, nonchalantly suggest an OFI that they could write up (…and make sure it’s about something you have either already started to work on… or that you need to work on… regardless of the outcome of the audit).  I’ve seen this strategy work successfully multiple times in my past experience.

However this story doesn’t end here because what I didn’t mention was that this one (1) training form (with missing information), out of thousands and thousands of training forms, was from 1990… yes, you read that right… in fact it was 5 years BEFORE they even got ISO certified in 1995.  Eventually my Client was able to find the “Grandfather-Clause” that I had them insert into their Quality Manual way back in those early years that essentially states that “any employee, as of a certain date, are hereby considered to be trained/qualified in that job, without having any supporting documentation”… and that’s what my Client sent back to the ISO Certification Body in response to their minor NC.  What a waste of everyone’s time!

So let me answer the question in the title of this Newsletter?…  It’s common practice for any auditor to only go back to the date of their last audit.  That makes sense since an audit is just a snapshot in time so they just need to go back to when the last snapshot was taken.  I can think of a few occasions where I went further back then my last audit however it usually has something to do with seeing whether a trend exists over a longer period of time, OR to see if this problem has been written up before in previous audits.  Nothing prevents an auditor from going further back in time in order to help them assess whether the process is working or not… however if they do happen to find some problem in the historical archives then I would politely suggest that they should have caught this problem during their previous audits.  On a cautionary note, tread carefully when using this strategy because when I’m told “Hey that’s not fair… we’ve doing it this same way all along and you never wrote us up last year”… to which my typical response is “an audit is only a snapshot at a point in time, and those records may not have been looked at during that snapshot”.  On a final note, 99 times out of a 100, most auditors don’t have enough time to go further back than their last audit date.