Auditing clause 7.3 of the design and development section of ISO 9001 can be a challenge for the auditor and the auditee. Unlike purchasing, manufacturing, shipping or order processing, it’s rarely carried out on a regular or consistent schedule. The level of activity ranges from the highly frenetic in a fast-paced, cutting-edge industry to the relatively static in an organization that has a mature and stable product.

In many organizations, the steps vary with the project. Time tables are forever in flux. The most predictable characteristic of plans is the constant change. Because there’s not always a customer order pending, resources may get drawn away from the design team and assigned to what are perceived as more urgent tasks. Keeping the design plans—complete with milestones, deliverables and scheduled reviews—is a daunting chore. Maintaining the integrity of the design process in this kind of environment requires vigilance to ensure control of specifications, documentation, traceability, communications, approvals, revisions and inclusion of all relevant parties.

With the multitude of activities and variables that come into play, this kind of design process can be exhilarating to audit. It can also eat up a large chunk of the auditor’s time. Remember, ISO 9001 doesn’t require a documented procedure for design. What it requires is: “The organization shall plan and control the design and development of product.” Because the plan can be in any acceptable format, assessing conformance to the extensive “shalls” of this part of the standard can take divergent paths. In some companies, the design process isn’t complete until the customer has taken possession of the product. So the trail to be followed isn’t always as clearly blazed as, for example, that of a manufacturing router or assembly traveler.

The process owners involved with this process often chafe under the constraint implied by the notion of control. This isn’t particularly unreasonable when you consider just how many things often do change. It’s not the auditor’s role to say, “I don’t see any evidence of design review.” Rather, it’s much more helpful to ask: “How do you know it’s okay to move on to the next phase?” Their review may be implicit in the relocation of key documents and specifications into a release file on their server. It may be a signature on a drawing. The evidence has to demonstrate the effectiveness of their method of communicating the results of the review.

At the end of the audit, there has to be proof that the organization started out with a plan that fulfilled the requirements of clause 7.3 and that the applicable processes were carried out.

Occupying the other end of this spectrum is the audit of an organization with a mature product, one that hasn’t changed in years. They can’t take an exclusion, because the product they manufacture is based on their proprietary design. Regardless of how many audits have been conducted, it’s always a good idea to verify the evidence that demonstrates that the documentation relating to design is accessible. This could include patents or original drawings. If they get lost, where’s the evidence that it’s their design?

What else is there to audit?

The requirement doesn’t relate just to design. Subclause 7.3.7 relates to design change. An auditor’s questions might relate to changes from external factors that could affect the continued viability of the design. These factors could relate to:

• availability of parts
• obsolescence
• statutory changes
• innovation and changes in technology
• changes in the market place.

Some of these factors could involve a small change, easily managed through an engineering change notice or a documented deviation. Others might require anything, from a minor modification to a complete overhaul of the product. The neat thing about this kind of audit is that it segues easily into questions relating to preventive action, resources, feedback from customers, supplier relationships and document control.

The design process is as varied as products in the marketplace and the purveyors of those products. So, I suppose, the nature of the audit is appropriate to the nature of the process, because the other cool aspect of auditing design is that you get to participate in a celebration of human inventiveness and diversity.