Our PROMISE: Our ads will never cover up content.
Our children thank you.
Denise Robitaille
Published: Tuesday, October 9, 2007 - 22:00 Observations, which are now often called opportunities for improvement (OFIs), aren’t so cut and dried. There’s no definite determination that a requirement hasn’t been fulfilled. There’s either inadequate evidence to conclude something is wrong or there’s a perception that something could easily go wrong. The first suggests the possibility that things may not be OK, but the situation has yet to come to light. The second intimates that the practices in place are implemented in such a way that there’s a risk of a breakdown. In either case, the tacit message that the auditor is sending to the auditee is that this requires attention. Despite the ongoing debate as to whether or not auditors should make recommendations, I continue to adopt the philosophy that saying “should” to an auditee is outside the accepted purview of our responsibility. We can have enormous influence without taking inappropriate ownership of the organization’s problem-solving prerogative. There are four constituent parts to each OFI: Say what could be wrong. Refer to the specific requirement. The same rules apply as for an NCR: Be accurate and specific. Make sure to include numbers, revision levels, and dates, as appropriate. You might tell the client: “The ISO 9001 requirement relating to this OFI is found in subclause 7.4.3. ‘The organization shall establish and implement the inspection or other activities necessary for ensuring that purchased product meets specified purchase requirements.’” In this case, the auditor is saying that the practice, as documented and implemented, makes it difficult to fulfill the intent of ensuring that purchased product is acceptable. Provide the evidence. You might express this proof like this: “Work instruction WI 4.10.1 for incoming inspection directs the receiver to always use the ‘relaxed’ recommended sample size and skip down one row. It was explained that this decision was made to decrease processing time of incoming goods in an effort to improve overall cycle time and, ultimately, delivery performance. The plan doesn’t take into account the data uncovered when auditing other processes that reveal a steadily increasing number of in-process defects traced back to bad parts and the increase in the number of supplier corrective actions.” This provides fairly substantial evidence that the implemented practice isn’t working. Make a statement concerning the perception of risk. What the auditor has provided is a clear statement of the risk, based upon requirements as assessed against evidence. The auditor has been able to illustrate the cost associated with the risk, which is the goal of what is often referred to as “value-added” auditing. However, the auditor has done so without providing the solution. If the auditor makes a statement recommending that the auditee consider changing how they use the sampling plan, all that will probably occur is that they’ll change the practice to make the auditor happy. They’ll be stuck with the old problem of inspection taking too long. If, on the other hand, an auditor makes a statement that basically says, “The evidence isn’t showing that you’re getting the results you want from this practice,” then the auditee has more freedom to decide what to do next. The auditor provides direction but the organization retains ownership of the problem-solving process. Quality Digest does not charge readers for its content. We believe that industry news is important for you to do your job, and Quality Digest supports businesses of all types. However, someone has to pay for this content. And that’s where advertising comes in. Most people consider ads a nuisance, but they do serve a useful function besides allowing media companies to stay afloat. They keep you aware of new products and services relevant to your industry. All ads in Quality Digest apply directly to products and services that most of our readers need. You won’t see automobile or health supplement ads. So please consider turning off your ad blocker for our site. Thanks, Denise Robitaille is the author of thirteen books, including: ISO 9001:2015 Handbook for Small and Medium-Sized Businesses. She is chair of PC302, the project committee responsible for the revision to ISO 19011, an active member of USTAG to ISO/TC 176 and technical expert on the working group that developed the current version of ISO 9004:2018. She has participated internationally in standards development for over 15 years. She is a globally recognized speaker and trainer. Denise is a Fellow of the American Society for Quality and an Exemplar Global certified lead assessor and an ASQ certified quality auditor. As principal of Robitaille Associates, she has helped many companies achieve ISO 9001 registration and to improve their quality management systems. She has conducted training courses for thousands of individuals on such topics as auditing, corrective action, document control, root cause analysis, and implementing ISO 9001. Among Denise’s books are: 9 Keys to Successful Audits, The (Almost) Painless ISO 9001:2015 Transition and The Corrective Action Handbook. She is a frequent contributor to several quality periodicals.Risky Business
Providing direction without offering solutions
Last month’s column dealt with how to effectively communicate a finding of nonconformity in an audit report. It’s pretty straightforward: Here’s the requirement; there’s the evidence. They don’t match.
1) Description of what might be wrong
2) Reference to the applicable requirement
3) Evidence to substantiate the observation
4) Statement of risk
This is a statement of concern. “It is unclear if the sampling plan utilized for XYZ parts is adequate to ensure that defective parts are not installed into customer subassemblies.” It’s not a matter of whether they have a sampling plan or if they’re using it. This asks if the use of the sampling plan fulfills the requirement in such a way as to get the desired result—the detection of bad parts.
Even though you aren’t issuing a nonconformance report (NCR), you still have to tie the observation to a requirement. Otherwise, you can easily fall into the consulting trap. (“No, it’s not a requirement, but I think it’s a good idea.”). Auditors who conduct lots of assessments sometimes blur the line between actual requirements and good practices they’ve seen employed by a large majority of organizations in a particular industry. While their insight helps to articulate risk clearly, it doesn’t obviate staying within the scope of the requirements.
The requirement for evidence is no less important as for an NCR. Without proof, it’s almost impossible not to come off sounding like a consultant, instead of an auditor.
This isn’t a hysterical prophecy. It’s a reasonable conclusion based upon the requirements and the evidence. In this case it would say something like: “Continued use of the sampling, as directed in the work instruction, could result in numerous reworks delaying delivery to the customer and negating the objective of improving cycle time.”
Our PROMISE: Quality Digest only displays static ads that never overlay or cover up content. They never get in your way. They are there for you to read, or not.
Quality Digest Discuss
About The Author
Denise Robitaille
© 2023 Quality Digest. Copyright on content held by Quality Digest or by individual authors. Contact Quality Digest for reprint information.
“Quality Digest" is a trademark owned by Quality Circle Institute, Inc.