-
International Organization for
Standardization
International Accreditation
Forum
Date:
21 September
2004
ISO 9001 Auditing
Practices Group
The
ISO 9001 Auditing Practices
Group
is an informal group of quality
management
system (QMS) experts,
auditors and practitioners drawn from the ISO
Technical Committee
176
Quality Management and Quality
Assurance
(ISO/TC 176) and the
International
Accreditation Forum
(IAF).
It has developed a number of
guidance papers and presentations (see
below) that contain ideas, examples and
explanations about the auditing of QMSs. These
reflect the process-based approach that
is essential for auditing the requirements of ISO
9001:2000
Quality management
systems - Requirements
.
The
guidance is primarily aimed at QMS auditors,
consultants and quality practitioners, but is
not definitive. The papers and
presentations reflect a number of different views
in QMS
auditing. As such, their content
may not always be consistent. It is not intended
that the
guidance will be used as
specified requirements, an industry benchmark, or
as criteria that
all QMS auditors,
consultants or practitioners have to follow.
QMS auditing topics
?
The need for a
2-stage approach to auditing
2
阶段审核的必要性
?
Measuring QMS
effectiveness and improvements
测量
QMS
的有效性及其改进
?
Identification
of processes
过程的识别
?
Understanding
the process approach
过程方法的理解
?
Determination
of the ―where appropriate‖ processes
确定”适当的”过程
?
Auditing the
―where appropriate‖
requirements
审核”适当的”要求
?
Demonstrating
conformity to the standard
证明符合标准
?
Linking an
audit of a particular task, activity or process to
the overall system
?
Auditing
continual improvement
审核持续改进
?
Auditing a QMS
which has minimum documentation
审核
QMS
文件化的最低要求
?
How to audit
top management processes
如何审核最高管理层
?
The role and
value of the audit checklist
审核检查表的角色和价值
?
Scope of ISO
9001:2000, Scope of Quality Management System and
Defining Scope of
Certification
ISO9001
:
2000
的
范围,质量管理体系的范围和定义认证范围
?
How to Add
Value during the audit
process
审核过程如何增值
?
Auditing
competence and the effectiveness of actions taken<
/p>
审核能力要求和采取措施的有
效性
?
Auditing
Statutory and Regulatory
requirements
审核法规和指令要求
?
Auditing the
Quality Policy andQuality
Objectives
审核质量方针和质量目标
?
Auditing ISO
9001, Clause 7.6
Control of monitoring
and measuring
devices
审核
ISO9001,
7.6
条款监视和测量装置的要求
?
Making
effective use of ISO 19011
ISO19011
的有效应用
?
Auditing Customer Feedback
processes
审核顾客反馈过程
?
Documenting a
Nonconformity
文件化不符合项
?
Guidance for
reviewing and closing
nonconformities
评审和关闭不符合项指南
?
Auditing
Internal
Communications
审核内部沟通
?
Auditing
Preventive Action
审核预防措施
?
Auditing
Service Organizations
审核服务组织
?
Auditing the
Effectiveness of the Internal
Audit
审核内部审核的有效性
?
Auditing
Electronic Based Management
Systems
审核电子管理体系
A
is also available.
< br>可获得以上文件的
ZIP
档。
Feedback from users will be used by the
ISO 9001 Auditing Practices
Group
to determine
whether
additional guidance documents should be developed,
or if these current ones
should be
revised. Comments on the papers or presentations
can be sent to the following
email
address: @.
The other papers and
presentations may be downloaded from the web
sites:
/iso-
tc176-sc2
The need for a 2 stage
approach to auditing
2
阶段审核的必要性
Auditing
ISO
9001:2000
requires
auditors
to
obtain
a
good
understanding
of
an
auditee‘s
quality management system (QMS) and the
nature of its business. This is why it is
beneficial
for an organization to be
visited prior to its certification audit and for
a1
st
stage audit to be
conducted.
审核
ISO9001
:
2000
要求审核员很好地理解受审核方的
质量管理体系和业务性
质。这就是在认证审核前访问组织,建立第一阶段审核的好处。<
/p>
This
1
st
stage
audit
is
primarily
for
scoping
and
planning
a
certification
audit
(the
stage
2
audit) and to allow the auditor to
obtain an understanding of the organisation. For
example,
to gain knowledge of its QMS,
policies, objectives, risks, processes, locations,
etc. It is also
may
be
used
for
the
auditing
body
to
communicate
its
needs
and
expectations
to
the
auditee.
第一阶段审
核可初步确定认证审核
(
第二阶段审核
)
范围并进行策划,让审核员了解组
织。如了解质量管理体系,
方针,目标,风险,过程,现场等信息。也可用于审核机构与受
审核方沟通需求和期望。
Activities performed at a
preliminary 1
stage audit
include
第一阶段审核活动包括
:
?
Identification of the key risks of the
business and related statutory, regulatory aspects
and compliance
识别业务的主要风险和相关的法令法规及其符合性
?
An assessment
of whether the auditee's defined processes are
adequate to meet its
objectives and
customer requirements
评价受审核方确定的过程是否充分,并满足目标和顾客要求
?
Conducting
aDocumentation Review
进行文件审核
?
This review
should determine if the organisation's QMS
documentation adequately
covers all the
requirements of ISO 9001:2000. The review would
normally be carried out
at the
auditee's premises (unless otherwise requested and
justified). As a result of this
activity, a report should be provided
that notes any deficient areas. As part of the
documentation review, the auditor
should assess the extent and availability of
supporting
procedures and process
descriptions. Collecting necessary information
regarding the
scope of the
organization's management system, processes and
location(s)
确定组织的质量管理体系文件是否充分覆盖了
ISO9001
:
2000
的要求。此评审通常基于受
审核方的前提下进行
(
除非有另外的要求和证明
)
。结果应提供报告描述不
足之处。作为文
件评审的一部分,审核员应评价支持程序和过程描述的程度和可获得性。
收集关于组织管
理体系,过程和场所的必要信息。
?
Drafting the
future certification documentation, including the
Scope statement
起草下一步认证文件,包括范围的确定
?
Planning the
certification (stage 2) audit, including the
requirements for audit team
selection
策划认证
(
第二阶段
)
审核,包括审核组选择的要求
?
Obtaining
evidence that internal audits and management
reviews are being planned, or
performed, effectively
获得内部审核和管理评审有效策划或实施的证据
?
Checking that
the QMS is implemented and ready for the stage 2
audit, including
appropriate level of
documents and supporting records.
检查实施的
质量管理体系及为第二阶段审核的准备,包括必要的文件和支持记录的水平。
st
If the system is lacking
in any way, the auditor should note this in the
audit report, so
that the organisation
has an opportunity to rectify deficiencies prior
to its certification
nd
(2
stage)
audit.
如果体系有缺失,审核员应记录在审核报告中,以便组织在认证
(
第二阶段
)
审核前
矫
正缺失。
?
Agreeing a date
for the stage 2 audit
确定第二阶段审核日期
Identification of
processes
过程的识别
1.
Distinguishing between the concepts of a process
and an activity
过程和活动概念的区别
If an
auditee cannot distinguish between the concepts of
a process and an activity, the
auditor
can briefly explain the differences by using the
guidance (clause 2.4) and definition
((3.4.1) in ISO 9000:2000 as background
information. The auditor must be able to adapt to
the auditee‘s situation. It is the
auditor‘s responsibility to understand the
auditee‘s systems
and approach.
如果受审核方不能区别过程和活动的概念,审核员可以
ISO
9000:2000
的指南和定义作为背
景知识简要地解释其不
同之处。审核员应有能力适应受审核方的状况。理解受审核方体系和方
式是审核员的职责
。
During the audit, the
auditor should determine whether there is a
problem of difference
of terminology
only, or whether there is a lack of real
implementation of the process
approach
by the auditee. There may be a need to issue an
NCR if the auditee is not fully
implementing the requirements stated in
ISO 9001:2000, Clause 4.1. If this is simply a
terminology problem, there should be no
need to issue an NCR, if all the requirements of
in
Clause 4.1 are satisfied.
在审核期间,审核员应确定仅是术语不同的原因,还是受审核方过程方法实施的缺失。如果受
< br>审核方不能满足
ISO 9001:2000
条款
4.1
规定的要求,则需要发出
NCR
。如果满足了条款
4.1
的要求,仅是简单的
术语问题,则不需要发出
NCR
,
The auditee has the right to use its
own terminology, provided the requirements of the
standard are met. The auditor should
mentally develop a cross-reference list to ensure
consistency and better understanding. <
/p>
倘若满足标准要求,受审核方有权利使用他自己的术语。审核员应在心里建立一个对照表以
确
保一致性和更好地理解。
2. A
process has defined objective(s), input(s),
output(s), activities, and resources
定义的过程目标、输入、输出、活动和资源
If the auditee does not understand that
a process must have defined (but not necessarily
measurable) objective(s), input(s),
output(s), activities, and resources, the auditor
should try
reformulating the questions
to the auditee avoiding the use of QM jargon, e.g.
Can you
explain to me your operations
here? What are the basic jobs carried out in your
department?
What information do you
need to start your work? Where does it come from?
Who receives
the result o
f
your work? How do you know if you‘ve done your job
correctly? etc..
如果受审核方不了解过程
需定义
(
不适当可测量的
)
目标、输入、输出、活动和资源,审核员应
试着换一种形式,以便受审核方
避免使用质量管理行话,如你能向我解释你的运作吗?你部门
的基本工作是什么?你开始
工作需要哪些信息?这些信息从何处获得?谁接受你工作的结果?
你如何理解正确的工作
?等。
This should help the
auditor to establish whether the processes (as per
ISO 9001: 2000) are
already defined,
have clear inputs, outputs, objectives and so on.
这些帮助审核员确定是否已定义过程,有清晰的输入,输出,目标等。
< br>
3. Processes should be analysed,
monitored and/or measured, and improved
应分析,监视和
/
或测量
,
改进过程
If after
applying the audit techniques outlined above,
there is an absence of any records or
other proof to demonstrate that the
processes are analysed, and/or monitored, and/or
measured, and/or improved, there would
appear to be non-conformity with part of ISO
9001:2000 Clause 4.1.
如果用以上的
审核技术,发现记录的不足或不足以证明过程已分析、监视、测量、改进,这会
成为
p>
ISO 9001:2000
条款
4.1
的不符合项。
4. The
auditee/auditor considers that each clause or sub-
clause of ISO 9001:2000
must be defined
as a separate process
p>
受审核方和审核员认为
ISO9001:2000
< br>的每个条款须定义为一个独立的过程
If the
auditor considers this as the right approach, he
should refer to relevant ISO
documents,
(notably the ISO/TC 176/SC 2 document
N544 ISO 9000 Introduction and
Support
Package: Guidance on the Concept and Use of the
Process Approach
) which
clearly indicates the contrary. If the
auditee considers this as the right approach, it
is
recommended that the techniques
outlined in section 2 (above) should be used.
如果审核员认为这是正确的方法,他应参考
ISO
文件
(ISO/TC 176/SC
2
文件
N544 ISO9000
介
绍和支持文件包:过程方法的使用和概念指南
)
,规定正好相反
。如果受审核方认为这是正
确的方法,建议其使用第
2
节的技术。
5. Is the
process approach as described in the
'Introduction' to ISO 9001:2000 a
requirement of the standard?
过程方法是
ISO9001:
2000
标准前言的一项要求吗?
The description of the process approach
in the 'Introduction' to ISO 9001:2000 is purely
informative and not a set of additional
requirements.
ISO9001:2000
前
言描述的过程方法完全是正常的要求,不是附加要求。
Understanding the process
approach
理解过程方法
Helping an auditor to interpret the
process approach
帮助审核员解释过程方法
If an auditor does not understand or
misunderstands the process approach, direct him or
her
to recognized information sources,
such as the standard ISO 9000:2000
Quality
management systems
–
Fundamentals and
Vocabulary
and the
ISO 9000
Introduction and
Support Package:
Guidance on the Concept and Use of the
Process Approach
for
management systems (document
ISO/TC176/SC2/N544
, available from
/iso-tc176-sc2
).
如果审核员不了解或误解过程方法,他或她应了解相关的信息资源,如标准
ISO90
00:2000
质
量管理体系
-
原理和术语和
(ISO/TC 176/SC
2
文件
N544 ISO9000
介
绍和支持文件包:管理体
系的过程方法使用和概念指南,可从
/
iso-tc176-sc2
网站获得
)
。
A certification
body/registrar should ensure that all its auditors
have received sufficient
training
regarding the new requirements in ISO 9001:2000,
particularly those on the process
approach. Thus, an auditor should
realise that several steps are needed, including
the
following
认证机构或注册方应确保其所有审
核员都接受了足够的
ISO 9001:2000
新要求的培<
/p>
训,尤其是过程方法。因此审核员应清楚以下的几个步骤
:
-
-
-
-
determining the processes
and responsibilities necessary to attain the
quality objectives
of the organisation<
/p>
确定必要的过程和职责以达成组织的质量目标
;
determining and providing the resources
and information necessary
确定并提供必要的资
源和信息
;
establishing and
applying methods to monitor and/or measure and
analyse each
process
确定并应用监视和测量和分析每个过程的方法
;
establishing and applying a process for
continual improvement of the effectiveness of the
QMS
确定并应用持续改进质量管理体系的有效性的过程
.
The process approach concept
must be so well understood by auditors that they
are not
limited by the terminology in
the standard; however, auditees may use their own
―in
-
house‖
terminology. Auditors must be aware
that the application of the process approach will
be
different from organisation to
organisation, depending on the size and complexity
of the
organisation and its activities.
Special consideration should be given to the
situation in small
and medium
en
terprises (SME‘s), so that auditors
should not expect so many processes in
their QMSs.
审核员应清楚地理解过程方法的概念
,不仅限于标准的术语;可是,受审核方可能用他们自己
的术语。审核员应认识到不同组
织的过程方法应用,基于组织及其活动的规模和复杂程度。尤
其要考虑到中小型企业的情
况,审核员不应期望在他们的质量管理体系有太多过程。
Helping an auditee to interpret the
process approach
帮助受审核方说明过程方法
If
an auditor is faced with a complete
misunderstanding by an auditee, this situation
should
normally be identified at the
1
st
stage audit
审核
员面对完全误解的受审核方的情况通常在第一
阶段审核中发现
.
The auditor should refer the auditee to
recognized information sources, such as those
indicated in the section above. (In
particular, the referenced ISO/TC 176/SC 2/N544
document sets out different steps in
the process approach and provides useful guidance
with
examples)
审核员应参考受审核方的信息资
源,如以上章节显示的信息
(
通常参见
ISO/TC
176/SC
2/N544
文件设定的过程方法的步骤和提供的指南
.
The auditee should also pay sufficient
consideration to
受审核方应充分考虑
- the establishment of process
objectives
过程目标的建立
,
- process
planning
过程策划
,
-
the availability of suitable
records
可获得适当的记录
.
Auditees frequently identify too many
processes; some or all of them are activities,
which do not fulfil the requirements of
a process, in the sense that ISO 9001:2000
uses the concept. In this situation, an
auditor should (in the 1
st
stage audit) propose
that the auditee
performs a redefinition of its processes, based on
e.g. the criticality
of the activities.
This might be particularly relevant for
SME‘s.
受审核方通常会识别许多的过程,其中一部分或
全部是活动,不符合
ISO 9001:2000
中使用的过程
要求。这种情况下,审核员应
(
在第
1
阶段审核中
)
建议受审核方基于活
p>
动的危险程度重新定义过程。通常在中小型企业可能遇到。
Determination of the “where
appropriate”
processes
确定适
当的过程
Terminology
术语
Where the terminology used by the
auditee is different to that used by the auditor,
the
auditor should understand the
concepts in ISO 9001:2000 using ISO 9000:2000 and
make a
mental or written cross
reference between the terminology of the auditee
and his/her own for
the same concepts,
avoiding the use of QM jargon
当受审核方用的术语和
审核员不同时,审
核员应运用
ISO
9000:2000
理解
ISO 9001:2000
的概念,并在心里或写出书面的对照表,确
定受审核方和他自己对同一个
概念所用的术语,避免使用质量管理行话
.
The definition of
process
过程的定义
If
the definition of process is not interpreted in
the same way by the auditor and the auditee,
the auditor should seek to understand
the auditee‘s point of view and not impose his own
view unless it is clear (supported with
enough objective evidence) that the requirements
of
the standard are not met. The same
is true if the auditor believes that certain
processes
have not been correctly
identified or are missing
如果审核员和受审核方对过程的
定义不能一
致时,审核员应理解受审核方的观点,而不能强加他自己的观点,除非确定不
能满足标准要求
(
足够的客观证据
.<
/p>
支持
)
。审核员确定过程识别不正确或遗
漏时也同样处理
.
Exclusions
删减
The auditor
should refer to clause 1.2 of ISO 9001:2000, to
the ISO/TC 176/SC 2/N524
document
ISO 9000 Introduction and Support
Package: Guidance on ISO 9001:2000,
Clause 1.2 'Application'
for
further guidance, and the
APG's
guidance on
Scopes.
审核员宜参
考
ISO
9001:2000
的
1.2
条款,<
/p>
ISO/TC 176/SC 2/N524
文件
ISO9000
介绍和支持文件:
ISO
9001:2000
的
1.2
条款“应用”指南和
APG
的范围指南
.
The auditor should obtain objective
evidence that the auditee cannot exclude a
specific
requirement, before reaching a
conclusion.
审核员应在做出审核结论之前获取受审核方不能删减要求的客
观证据。
It is good practice for
an auditor to utilize the standard ISO 9000:2000
Quality management
systems -
Fundamentals and vocabulary
and ISO/TC
176/SC 2/N524 as support documents,
to
explain the arguments to the auditee.
审核员利用标准
ISO 9000:2000
< br>质量管理体系
-
基础和术语和
I
SO/TC 176/SC 2/N524
作为支
持文件,解释
和受审核方的争议是一个很好的办法。
Auditing
“where appropriate”
requirements
审核适当的要求
The auditee should determine the
application of the ISO 9001 ―where
appropriate
requirements, as this will
affect its ability to satisfy its customers'
requirements. (It may be
useful to
refer the auditee to
ISO 9001:2000
clause 1.1
ion a) needs
to
demonstrate its ability to consistently provide
product that meets customer and applicable
regulatory requirements‖.)
受审核方应确定
ISO9001
”适当
的”要求的应用,因为这些会影响到满足顾客要求的能力。
(
请
受审核方参考
ISO 9001:2000
条款
1.1
“
…
当组织
A
需要证明其持续提供满足顾客和适用法
规要求
产品的能力时”
)
。
An auditor sho
uld ensure
that the
in relation to the
proposed/actual
scope of the auditee's
quality management system
.
Therefore the basis of audit should be
against this criterion, which should form the
benchmark when deciding what is
appropriate or not.
审核员应确保”适当的”要求对于提议或
实际的受审核方的质量管理体系范围确实是”适当
的”。因些确定是否适当时,审核基准
应基于标准。
Issues that should be
considered include
应考虑的问题包括
:
-
Does this requirement add
value to this element of confidence, without the
?where
appropriate‘ being addressed?
没有确定“适当”时,此条款的要求是否可增值?
-
Does it increase the risk
that the organisation cannot meet its customer
requirements?
(This may be more than a
specific set of customer requirements, as it can
include the
demands and expectations of
end users, consumers, or the supply chain).
是否增加组织不能满足顾客要求的风险?
(
这可能超
过一组特定顾客的要求,因为也包括最
终使用者、消费者或供应链的要求和期望
)
。
Need
for experience to make a judgement on a technical
issue
技术问题判定的经验需
求。
An auditing body should be able to
demonstrate that its auditor has the necessary
sector
knowledge, competence and
auditing skills. The auditor needs to be able to
demonstrate
knowledge of a process that
is being examined and to be able to apply their
skill in
evaluating whether the ?where
appropriate‘ requirements are appropriate or
not.
审核机构应有能力证明其审核员具备必要的知识、能
力和审核技能。审核员需证明过程相关的
知识经过测试,有能力应有其技能评价”适当的
”要求是否适当。
The auditor will
need to understand how the ?where appropriate‘
requirements fit into the
context of
how a process is established and its expected
outcomes. When the requirements
are not
considered to be
demonstrate that the
system is effective and that customer requirements
are being
consistently met.
审核员需要理解适当的要求如何适合建立的过程及其期望的输出。当这个要求认为“不适当”
时,审核应提供客观证据以证明体系是有效的,并可持续满足顾客要求。
An auditing body should have the
necessary processes in place to ensure that an
auditor
has the specific skills for the
organisation that is to be audited.
审核机
构应有必要的过程以确保审核员对于受审核组织具备所需的特定技能。
Demonstrating conformity to the
standard
证明符合标准
―Performing the audit to the standard's
clauses‖ versus ―Performing the audit to the
auditee‘s
processes‖
审核标准条款和审
核受审核方过程
When assessing
conformity to the standard, audit checklists may
not be sufficient
评
价标准符合性时,审核
检查表可能不充分
At the end of an
audit, the auditor should be in a position to know
whether all requirements
of the
standard are satisfied or not.
审核结束时,审核员应确定标准所有要求是否都能满足。
Trying to show compliance to a standard
often brings people back to using checklists,
where
an auditor is able to check-off
the requirements of the standard one-by-one,
making sure
that all the requirements
have been covered. This basic approach of filling
out a checklist is
an easy way to
ensure that all requirements of the standards have
been checked. However,
considering the
approach of the ISO 9001:2000, performing an audit
from a generic
checklist
might prevent an auditor from
collecting evidence of effective interfacing
between processes.
当审核员能逐个检查标准要求时,确保已覆
盖了标准所有要求时,常使用检查表显示符合标准
要求。填写检查表是确保标准所有要求
都已检查的基本方法。但是,考虑到
ISO9001
:
2000
的方法,用普通的检查表可能会妨碍审核员收集过程接口有效性
的证据。
In some situations,
completely moving away from the checklist (or
audit question list) might
not be
possible, particularly if the organization needs
to provide evidence of compliance to
the standard to third parties (e.g.
regulators, conformity assessment bodies).
有些情况下,显然组织需要向第三方
(
如调节方,符
合性评价机构
)
提供符合标准的证据时,完
全使用检查表
(
或审核问卷
)
p>
可能是不行的。
It is
important to use a checklist in an appropriate way
and at an appropriate time, i.e. as a
tool to help keep track of the
requirements of the standard to be covered.
用适当的方式、在适当的时间使用检查表是很重要的,如作为帮助跟进标准要求是否覆盖的工
具。
What is adequate
sampling?
足够的抽样
There is no statistical or mathematical
formula to establish the right number of samples
to be
taken during an audit. Defining
the number of samples (e.g. one, five, or even
more samples
of records for a
particular requirement) to be taken to confirm
conformity to the requirements
is not
efficient and does not ensure conformity. It is of
course a fact that by increasing the
number of samples taken, an auditor
will have greater confidence regarding the actual
status
of the implementation of the
QMS.
of sampling taken during on-site
interviews and record reviews that give sufficient
confidence
that the auditee's QMS is
implemented as described.
没有统计或数学公式来确定在
审核期间抽样的正确数量。确定抽样数量来确认与标准的符合性
是效率低下的,且不能确
保其符合性。当然增加抽样数量,审核员对质量管理体系实施的真实
状态更具信心。抽样
的适量会涉及到现场面谈和记录评价的抽样水平,对受审核方质量管理体
系实施性充满信
心。
Multi-site sampling, or
sampling of the organizational units of a company,
are covered in
Annex II of the
IAF
's
Guidance on
the Application of ISO/IEC Guide 62
,
along with the
required on-site auditor
days and sampling formula for multi-sites.
多现场抽样或公司的组织单位抽样,在
IAF
的
p>
ISO/IEC
导则
62
< br>应用指南文件中规定,包括了
多现场审核人天要求和多现场的抽样公式。
The auditor needs to perform
interviews and check records and evidence during
the
interview. The number of samples to
be taken depends on the complexity of the process
being audited, and on the quality of
information received from the auditee during the
interview. It is also important that
the auditor maintains the schedule outlined in the
audit
plan. At the end of the day, the
auditor needs to feel comfortable that the samples
and the
objective evidence seen are
representative, in order to draw appropriate
conclusions
regarding the
implementation of the QMS.
审核员在审核中应进行面
谈,并检查记录和证据。抽样的数量取决于受审核过程的复杂程度和
在面谈时从受审核方
处获得的信息质量。审核日结束时,审核员应觉得抽样是适当的,客观证
据具有代表性,
以便对质量管理体系实施状态作出结论。
Recording
audit information
记录审核信息
ISO 19011 and the IAF Guidance on the
Application of ISO/IEC Guide 62 explain what an
audit report should contain. However,
it is important that the audit reports to the
auditee only
contain important
information for the auditee, e.g. information on
possible improvements,
positive
observations, and non-conformities to the
standard. Merely reiterating and
explaining the requirements of the
standard is unlikely to be what the auditee is
looking for.
ISO19011
和
IAF
文件
ISO/IEC
导则
62
的应用说明了审核报告应包含的内容。但是,重要的
是给受审核方的审核报告仅包括一些重要信息,如可改进的信息,正面的观察和不符合项
。仅
重复和解释标准的要求不是受审核方所需要的。
There may also be a requirement for the
auditor to demonstrate the sequence in which the
audit was performed, sometimes called
the audit trail. Using audit notes is a very
efficient
way for an auditor to record
the audit. The main disadvantage of using audit
notes is that
they tend to be a very
personal way of recording information during an
audit, and the levels
of recording
detail and styles will vary greatly from one
auditor to another.
这也是对审核员的要求,证明执行审核的
顺序,有时叫审核路线。对于审核员记录审核,使用
审核笔记是很有效的方法。使用审核
笔记主要不足是趋向于非常人个化的方法记录审核信息,
每个审核员的记录详细程度和类
型都有很大的不同。
A checklist can
ensure some uniformity in the performance of the
auditors. However,
auditors should
never forget to spend their time auditing, not
filling out checklists or taking
notes.
检查表可确保审核员的一致性。但是,审核员不应忘记时间的分配,而不是填写检查表或
审核
笔记。
Linking an
audit of a particular task, activity or process to
the overall
system
体系特定的任务、活动或过程的审核
The auditor should not lose sight of
the overall direction of the audit, and get side-
tracked by
superfluous details. It is
important that the auditor keep a close eye on the
information
provided by the auditee in
the quality manual or documentation where the
auditee has
defined the interaction of
processes. Interviews should also be performed in
such a way that
the auditors should
determine the input and output of the process
being audited. Keeping in
mind the
auditee's process map should ensure that the
auditor will be able to determine the
importance of the process he is
auditing at any time, and will therefore be able
to keep sight
of the overall direction
of the audit. This will also help the auditor to
understand the linkage
between the
processes.
审核员不能忽视审核的全面趋势,获取
边缘资料。重要的是审核员应密切关注质量手册或定义
过程接口的文件中受审核方提供的
信息。审核员应确定受审核的过程输入和输出。关注受审核
方的过程图,以确保审核员任
何时候都有能力确定过程的重要性,因而能够看到审核的全面趋
势。这样也有助于审核员
理解过程间的联系。
During an audit,
the auditor has an opportunity to check the
auditee's description of the
interrelation of its processes. The
auditor should take some samples to see if the
descriptions are a proper reflection of
the actual interrelation of the processes, as this
will
help determine if the process
description is adequate.
在审核期间,审核员有机会检查
受审核方对过程相互关系的描述。审核员应抽样看描
述是否反映过程的相互关系,以便确
定过程描述是否充分。
Auditing
continual improvement
审核持续改进
How much improvement is
“enough”?
多少改进才“足够”
It should be emphasised that the
requirement in ISO 9001:2000 is for continual
improvement
of the
effectivenessof the QMS
.
ISO
9001:2000
强调持续改进质量管理体系的有效性。
Continual improvement emanates from the
objectives set by top management, which should
(at least) address: the improvement of
internal efficiency (for the organization to
remain
economically competitive),
individual customer needs, and the level of
performance that the
market normally
expects.
持续改进源于最高管理者设定的目标,
(
至少
)
说明:内部效率
(
组织保持经济竞争力
)
的改
进,
单个顾客需求和市场正常期望的业绩水平。
For example, in the aeronautical
sector, the ―acceptable rate‖ of
non
-conforming delivered
product is zero percent, so it would
not be useful for the organization to set
objectives for an
―improvement― in this
rate. However, it would be useful for the
or
ganization to have
objectives aimed in improving its
internal efficiency and its competitiveness (e.g.
through
innovation).
例如,对于航空
业,交付不合格品的接受率为零,所以组织不能用此作为目标改进。但是,组
织可以改进
其内部效率和竞争力作为目标
(
如通过创新
)
。
The auditor
should seek to determine if the auditee has
attempted to set objectives that
establish the correlation between the 3
factors of: corporate objectives, customer needs,
and
market expectations. Thereafter, it
is up to the organization to balance the need for
improving internal efficiency and the
need to progress with external performance
(although
the two are very often
closely related). No one in isolation can ever be
considered as being
―enough‖ or ―not
enough‖.
审核员应确定受审核方设定目标建立以下<
/p>
3
方面的关系:公司目标,顾客需求和市场期望。随
后组织平衡其内部效率改进需求和外部业绩
(
这两项
通常紧密相关
)
发展需求。不可孤立地考虑
是否足够。
One area which can
be problematic for the auditor is to know what is
a reasonable market
benchmark.
Continuing the above aeronautical example, if the
organization announced that
it had
improved from a level of 50% non-conforming
product delivered to 40%, this would
demonstrate continual improvement, but
would hardly be acceptable, given the industry
sector's zero percent normal rate.
However, if it announced that it had set an
objective to
improve its performance
from 0,50% to 0,40%, this would be much nearer the
market norm.
对于审核员有一处问题是什么是合理的市场绩效。继续上
面航空的例子,如果组织告知从
50%
的交付不良品率改进到<
/p>
40%
,这可证明持续改进,但是对于行业内零缺陷却是不能接受
的。但是,告知其绩效从
0,50%
改
进到
0,40%
,这样就比较接近行业正常水平。
The only real solution for the
auditor is to verify how the organization has
determined this
proposed rate of
improvement, how it has evaluated the associated
risks, and how this
relates to customer
requirements and the monitoring of feedback on
customer satisfaction.
It would be
almost impossible to issue an NCR that stated
―There was not enough continual
improvement‖.
审核员
最真实的解决方法就是验证组织如何确定其改进比率,如何评价其关联风险,如何考虑
顾
客要求和顾客满意反馈的监视。几乎不可能开出
NCR
“持续改
进不够”。
What sort of
information is relevant and where can we find
it?
相关信息和何处可发现?
The auditor has to verify how the
overall corporate objectives have been translated
into
internal requirements throughout
the appropriate processes, and how these
requirements
are communicated and
monitored. So, the auditor should look for
evidence that the
organization is
analysing data from process monitoring, and is
then taking the results
forward for
evaluating process efficiency and/or improving
process output. One point that
should
be specifically examined, is the consistency of
the way in which the improvement of
any
one process contributes to meeting the overall
objectives, in order to ensure that this will
not cause conflict in the achievement
of other objectives.
审核员须验证公司目标如何通过必适当的
过程转化为内部要求,以及这些要求如何沟通和监
视。因此,审核员应寻找组织分析过程
监视数据,并利用结果评价过程效率和
/
或改进过程输
出的证据。有一点要特别注意,任何一个过程对满足目标的贡献的改进,以确保不会引起达成
p>
目标的抵制。
The type of
information that an auditor needs to look for, is
evidence of how the corporate
objectives are translated into specific
QMS objectives. For example: an organization could
set an objective to reduce customer
complains by 30%. The top management analysis
shows that 50% of the complaints
concern overdue deliveries. The auditor should
then look
for evidence that the
organization is monitoring and analysing key
aspects of its scheduling
and planning
activities, throughout its processes, and the
process interfaces, to reduce
delays. <
/p>
审核员要寻找的信息类型是如何将组织目标转为具体的质量管理体系目标的证据。如:组织
可
设定目标降低顾客投诉
30%
。最高
管理者分析
50%
投诉和延迟交货有关。审核员应寻找的证
p>
据有组织通过过程、过程的接口监视和分析其排程和策划活动的关键因素,以降低延迟交货<
/p>
率。
Improvement of
the process or improvement of the QMS?
过
程改进或
QMS
改进
An auditor should remember that it
would be unrealistic to expect an organization to
make
progress all potential
improvements simultaneously. Each improvement will
require the
commitment of resources,
which may need prioritisation by top management,
especially
where investments are
needed. Instead, the auditor should seek to ensure
that the
improvement objectives are
consistent overall, and are coherent with the
trilogy of factors
mentioned above.
However, an organization that does not have a
policy and objectives
relating to
continual improvement is clearly not complying
with the standard. Similarly, the
absence of any evidence of improvement
on at least one of these aspects would have to be
considered as indicating that an
organization's quality policy is not in line with
ISO 9001:
2000.
审核员应记住期望组织同时
进行所有的改进机会是不切实际的。每项改进都要求承诺资源
,
尤其是需要投资时,最高管理者就需要优先选择。相反,审核员应寻求确保改进目标符
合整体
目标,和上面提到的三个方面相一致。但是,组织没有关于持续改进的方针和目标
是明显不符
合标准的。相同的,这些方面有一项的改进缺乏证据则显示组织的质量方针和
ISO 9001:
2000
不一致。
One word of warning: There is no
requirement that the organization should set
objectives for
improvement of all its
processes at any one time. As in the above example
on reducing
customer complaints, some
processes may not be deemed by top management to
contribute
significantly to the
reduction of delays, and it is only normal
therefore, that the organization
would
not concentrate on these areas.
注意:没有要求
组织应在任何时间所有过程都设定改进目标。如以上降低顾客投诉率的例子
中,最高管理
者可能不认同一些过程对降低延迟的能力,认为这是正常的,所以组织也没有集
中关注到
这些区域。
If the top management
has set a (realistic) objective for a process, and
there is no evidence
of improvement,
this information must be fed back into the
management review so that top
management can decide what type of
action is appropriate - for example, re-adjusting
the
objective or providing other means
to impact on the process.
如果最高管理者已设定了过程
的
(
现实
)
目
标,但是没有改进的证据,这个信息应反馈到管理评
审以便最高管理者能决定适当的措施
-
如,再调整目标或提供其它方法影响此过程。
Auditing a QMS which has minimum d
ocumentation
审核文
件化最少的
< br>QMS
There can be disagreement
between an auditor and an auditee on the absence
of certain
documented procedures, when
the auditee presents only a quality manual and the
six
documented procedures specifically
required by ISO 9001:2000.
当受审核方呈出的仅有质量手册和
ISO 9001:2000
明确要求的
6
份程序文件时,审核员和
受
审核方之间对于必要的文件化程序可能存在争议。
The differences inview between the
auditor and the auditee can arise from differences
in the
interpretation of the ISO 9001
requirements contained in Clause 4.2.1, and the
related Note,
which state:
观
点的不同在于审核员和受审核方对于
ISO9001
条款
4.2.1
要求及相关说明的解释不同,规
定
是:
总则
The quality management
systemdocumentation shall
include
质量管理体系文件应包括
:
….
d) documents
needed by theorganization to ensure theeffective
planning, operationand
control of its
processes.
组织确保过程有效策划、运作和控制所需的文件
NOTE 2 The extent of the
qualitymanagement systemdocumentation can differ
fromone organization to
anotherdue
to
注
2
组织的质量管理体系文件化程度不同,取决于
a) the size of organizationand type of
activities
组织的规模和活动类型
,
b) the complexity of processesand their
interactions,
and
过程及其接口的复杂程度,和
c) the competence
ofpersonnel.
人员的能力
The auditor should requests information
on the auditee's operating processes and
subsequently ask questions, record
answers and observe staff at all levels (including
administrative personnel, process
owners and operators), to confirm that the actual
working
status conforms to the
descriptions given.
审核员应要求受审核方提供过程运作的信息
,随后提问题,记录回答和在各阶层观察员工
(
包
括管理人员,过程拥有者和操作员
)
以确认实际工作
状态是否符合所给出的描述。
Thereafter,
the necessity for any documentation should be
evaluated in the light of the
observed
need for consistency, and the role that any
documentation could play in avoiding
any significant, identified risks.
此后,结合观察到的一致性的需要评价所必需的文件,文件化可以避免重大的识别的风险。
The reader is referred
to the advice given in document
referenced ―ISO/TC 176/SC 2/N 525,
ISO
9000 Introduction and Support Package: Guidance on
the Documentation Requirements
of ISO 9
001:2000
‖
可参见
―ISO/
TC 176/SC
2/N 525,
ISO
9000
介绍和支持文件包
: ISO
9001:2000
文件化要求指南
‖
How to audit top management processe
s
如何审核最高管理
过程
Recognizing
that
the
auditing
of
top
management
is
a
sensitive
issue,
this
document
provides guidance
for this category of auditing.
审核最高管理层是
一个很敏感的话题,本文件提供了此类审核的指南。
Auditors should involve top management
in the audit, i.e. invite them to opening and
closing
meetings, allow sufficient time
in the audit plan for interviewing top managers,
discuss audit
findings directly with
them, seek evidence of their commitment, etc.. It
is important to change
the
focus
of
attention
from
just
the
quality
manager
to
the
top
management
of
the
organization.
审核应包括最高管理者,如邀请他们参加首末次会议,审核计划中安排足够的时间与最高管理
者面谈
,与他们直接讨论审核发现,寻求他们承诺的
证据等。将关注焦点从质量经理改变到
组织的最高管理者是非常重要的。
The auditor should consider top
management activities to be processes, and should
auditing
them accordingly.
审核员应视管理活动为过程,对他们进行审核。
Planning
stage
策划阶段
The
auditor needs to identify top management
processes, and
审核员需识别最高管理过程
a) understand the organization and its
management structure, by reviewing information
such as organization charts, annual
reports, business plans, company profiles, press
releases, websites,
通过评审信息如
组织结构图,年度报告,业务计划,公司档案,新闻发布,网站了解组
织及其管理结构<
/p>
b) make provision on the
audit plan for gathering relevant information
regarding top
management commitment,
directly from and by interviewing top management,
审核计划安排直接与最高管理者面谈收集有关最高管理
者承诺的信息
c) understand the
culture of the organization and its top
management, in order to
determine its
impact on the audit plan
–
and make appropriate adjustments.
了解组织及其最高管理者文件,以确定对审核计划的影响
-
p>
并做适当的调整
d) take a
professional approach in the auditor's own
appearance, by determining the
dress
code of the organization.
审核员的专业能力确定组织的专业代码
e) plan the timing of the top
management interview, to ensure convenience and
punctuality.
计划与最高管理者面谈的时间表,以确保方便准时。
An auditor with limited auditing
experience should not be assigned to interview top
management,
不宜分配审核经验有限的审核员和最高管理者面谈。
Conducting the
audit
审核实施
Common
methods of evaluating top management commitment
are:
评审最高管理者承诺的通用方法是:
1.
Interviews with top
management
和最高管理者面谈
The
auditor can, by utilising business terminology
appropriate for the top management,
ask
relevant questions that
审核员能用适当的业务术语向最高管理者询问问题
a)
seek to obtain evidence
of top management‘s awareness of and commitment to
quality
and its relevance to the
organization's overall objectives and management
system,
寻求最高管理者的质量意识和承诺,组织的整体目标和管理体系的证据
,
b) establish evidence of
conformity to the ISO 9001 requirements for
management
responsibility.
建
立符合
ISO9001
管理职责要求的证据
2.
Collecting and
corroborating evidence
收集并确认证据
The
auditor/audit team should be constantly looking
for opportunities to corroborate the
answers received from top management
when interviewed.
审核员
/
审核组宜不断寻找机会确认与最高管理者面谈时获取的信息。
This
includes
包括
a) the
availability and relevance of policies and
objectives
方针和目标的可获得和适宜性
b) the establishment of linkage between
the policies and objectives
方针和目标的关联性
c)
obtaining the evidence that these
policies and objectives are effective and
understood
throughout the organization
收集方针和目标有效性并为组织全员理解的证据
d) determining if the policies and
objectives are appropriate for continual
improvement of
the quality management
system and for the achievement of customer
satisfaction.
确定方针和目标是否适合于质量管理体系的持续改进和实
现顾客满意
e) determining if top
management are involved in management reviews.
确定最高管理者是否参与管理评审。
Additional interviewing and gathering
of evidence may be needed to provide the necessary
corroboration.
或能需要附加的面谈和收集证据以进行必要的验证。
The audit team should ensure that any
additional evidence of top management commitment
is also collected.
审核组宜确保最高管理者承诺的证据已收集。
The auditor/audit team should review
the collected evidence, to ensure the completeness
and accuracy of the information, and to
provide confidence in the conclusions drawn.
审核员
/
审核组应评价所收集的证据以确保信息的
完整正确性,为作出结论提供信心。
Audit
reporting
审核报告
Auditors
should
prepare
their
audit
reports
in
order
to
make
them
appropriate
for
presentation to the top
management of organizations. It
may
be
appropriate
to
present
an
executive summary of the audit report,
suitable for presentation to the top management
and
key interested parties of the
organization. The executive summary should
highlight the key
findings, both
positive and negative, and identify opportunities
for improvement.
审核员应编制审核报告便于向组织的最高管理者传
达。应适于向组织的最高管理者和关键相关
方传达执行状况。执行状况应突出主要审核发
现,包括正面和负面和改进机会的识别。
The role
and value of the audit checklist
审核检查表的角
色和
价值
Introduction
简介
This document provides information on
the role and use of audit checklists to actively
support the audit process
本文介
绍了用以支持审核过程的检查表角色和应用
.
Whilst
the document is primarily directed to external
auditing organizations (including
registration and certification bodies),
the information can also equally be used by any
organization conducting internal audits
本文主要用于外部审核组织
(
包括注册
和认证机构
)
,同
时也可用于任何组织
实施内部审核
.
Need for
checklists
检查表的需要
:
In looking at current
auditi
ng standards, ISO 19011 makes
reference to ―Preparing work
documents‖
in Clause 6.4.3. The following is an extract from
this clause
依据目前的审核标准
ISO19011
条款
6.4.3
“准备工作文件”。以
下是摘录自此条款
:
“The audit team
members should review information relevant to
their audit
assignment and
prepare work documents as necessary for
reference and for recording audit proceedings.
Such documents may include
审核
组成员宜评审其审核任务的相关信息,准备必要的工作文
件以参考和记录审核发现
?
Checklists and audit sampling plans,
and
检查表和审核抽样计划,和
?
Forms for
recording information, such as supporting
evidence, audit findings and
records of
meetings
记录信息表格,如支持证据,审核发现和会议记录
.
The use of checklists and forms
should not restrict the extent of audit
activities, which can
change as a
result of information collected during the audit
p>
检查表和表格的使用不能限制可
能改变审核过程收集信息的结果审核
活动的范围
‖
The use of
audit checklists
审核检查表的使用
:
Whilst not always required in
management system standards, audit checklists are
just one
tool available from the
―auditors toolbox‖. Many organizations will use
them to ensure that
the audit at a
minimum will address the requirements as defined
by the scope of the audit
审
核检
查表仅是审核员所用的工具,随时可获得,管理体系标准中无明确的要求。许多组织用以
确保审核范围的至少的审核要求
.
An example
auditing approach is shown
below
审核方法案例如下
:
ISO 9001:2000
Requirements
Use of checklist
C
C
to audit from
P
o
O
the
e
requirements
to
m
r
M
Audit from the
the
organization's
p
f
P
organization's
management
l
o
L
management
system to the ISO
system
I
r
I
9001:2000
requirements.
a
m
A
n
a
N
Organization's Management
System
c
n
C
It is beneficial to audit
from the organization's quality management system
up to the requirements.
A checklist
may be used to ensure that all relevant ISO 9001
requirements
addressed
对于按要求审核
e
c
E
组织
的质量管理体系是有益的。检查表可用于确保所有
ISO9001
的要求都可以覆盖。
&
e
Advantages
优点
:
Literature available in the marketplace
notes the following with respect to the use of
audit
checklists
以下关系到检查表使用的要
点
:
1.
Checklists
if developed for a specific audit and used correct
ly
为特定的审核制定检查
表并正确使用
:
a.
Promote planning for
the audit
利于审核策划
.
b.
Ensure a consistent audit
approach
确保审核过程的一致性
.
c.
Act as a sampling plan
and time manager
用于抽样计划和时间管理
.
d.
Serve as a memory
aid
想备忘录作用
.
e.
Provide a repository for notes
collected during the audit process (audit field
p>
notes)
审核过程中提供关注点收集的指引
2.
Audit checklists need
to be developed to provide assistance to the audit
process
制定
审核检查表为审核过程提供帮助
.
3.
Auditors need to
be trained in the use of a particular checklist
and be shown how to
use it to obtain
maximum information by using good questioning tech
niques
审核员需
接受常用检查表使用的培训,并展示如何
应用提问技巧获取最多的信息
.
4.
Checklists should assist an auditor to
perform better during the audit process
检查表
应可帮助审核员更好地实施审核过程
.
5.
Checklists help to ensure
that an audit is conducted in a systematic and
comprehensive manner and that adequate
evidence is obtained
检查表帮助审核的系
统性和全面性,并获得足够的证据
.
6.
Checklists can provide structure and
continuity to an audit and can ensure that the
audit scope is being followed
检查表能提供审核的结构及连续性,并能确保覆盖审核
范围
.
7.
Checklists can provide a
means of communication and a place to record data
for use
for future reference
检查表可提供沟通工具和记录为以后提供参考的数据区域
.
8.
A completed checklist
provides objective evidence that the audit was per
formed
完成
后的检查表可提供审核实施的客观证据
.
9.
A checklist can
provide a record that the QMS was examined
< br>检查表可提供
QMS
检
查的记录
.
10. Checklists can be used
as an information base for planning future audits<
/p>
检查表可用
于以后审核的信息基础
.
11. Checklists can be provided to the
auditee ahead of the on-site audit
检查表可在
现场
审核前提供给受审核方
.
Disadvantages
缺点
In contrast, when audit checklists are
not available, or poorly prepared, the following
issues/concerns are noted
相比之
下,没有检查表或过于缺乏,应注意以下问题
:
1.
The checklist can be seen as
intimidating to the auditee
检查表看起来对受审核方可
能
造成压力
.
2.
The focus of the checklist may be too
narrow in scope to identify specific problem
areas
过份关注检查表可能缩小识别问题区域的范围
< br>.
3.
Check
lists are a tool to aid
the auditor, but will be restrictive if used as
the auditor‘s
only support mechanism
检查表是审核员的帮助工具,但如果当做审核员的支持设施
使用的话,
可能会限制审核活动
.
4.
Checklists should not be a substitute
for audit
planning
检查表不能代替审核策划
.
5.
An inexperienced auditor
may not be able to clearly communicate what he/she
is
looking for, if they depend too
heavily on a checklist to guide their questions
一个没有
经验的审核员如果过份依赖检查表指导审核,可能不能清楚地
沟通他所需查找的内容
.
6.
Poorly prepared checklists can slow
down an audit due to duplication and repetition
因简单复制检查表,过份缺乏可能导致审核缓慢
.
7.
Generic checklists, which
do not reflect the specific organizational
management
system, may not add any
value and may interfere with the audit
没
有反映出组织管理
体系的检查表,不能增值,并对审核造成困扰
.
8.
Narrow focused
checklists minimize unique assessment questions/ap
proach
关注检
查表可能影响审核问题
/
方法。
Conclusion
结论
There are advantages and disadvantages
in using audit checklists. It depends on many
factors, including customer needs, time
and cost restraints, auditor experience and sector
scheme requirements. Auditors should
assess the value of the checklist as an aid in
audit
process and consider its use as a
functional tool.
这些是使用检查表的优点和缺点。取决于很多方面
,包括顾客需求,时间和成本控制,审核员
经验,部分要求。审核员应评价用作工具的检
查表在审核过程中的价值。
Scope of ISO
9001:2000, Scope of Quality Management
System (QMS) and Defining Scope of
Certification
ISO9001
范围,质量管理体系范围和定义证书范围
ISO 9001:2000 clause 1
Scope
defines the scope
of the standard itself
. This
should not be
confused with the
scopeof the QMS
, which is a
term commonly used within the context of
QMS certification/registration to
describe the organization and products to which
the QMS
applies
ISO 9001:200
0
条款
1
定义了标准的范围。不能和<
/p>
QMS
范围混淆,后者指
QMS
认证
/
注
册所用的术语
以描述
QMS
所适用的组织和产品
.
ISO 9001:2000 is generic, and
applicable to all organizations, regardless of
type, size and
product category. It is
recognised, however, that not all the requirements
of this standard will
necessarily be
relevant to all organizations. Under certain
circumstances, an organization
may
exclude some specific ISO 9001:2000 requirements
from its QMS. ISO 9001:2000
makes
allowance for such organizations, through clause
1.2
Application
ISO 9001:2000
是通
用的,适用于所有的组织,不论类型、规模和产品类别。但
是,应该认识到不是标准的所有要
求对于组织都是必要的。有些情况下,组织可以在其质
量管理体系内删减部分
ISO
9001
的要
求。
ISO 9001:
2000
通过条款
1.2
允许组织删减
.
The scope of the QMS
should be based on the nature of the
organization's products and
their
realization processes, the result of risk
assessment, commercial considerations, and
contractual, statutory and regulatory r
equirements
质量管理体系应基于组织产品的性质及其
实现过程、风险评价结果、商业考虑、契约关系、法令和法规要求
.
< br>
If an organization chooses to
implement a QMS and to be assessed to a limited
scope, this
should be clearly defined
in the organisation's Quality Manual and any
publicly available
documents, to avoid
confusing or misleading customers and end users
(this includes, for
example,
certification/registration documents and marketing
material)
如果组织选择实施质量
管理体系并评价一个
限定的范围,应清晰地在组织的质量手册和公司文件中定义,以避免混淆
或误导顾客和最
终使用者(包括,例如认证
/
注册文件和市场材料)
.
ISO/TC 176/SC 2 has developed
document N524 the
ISO 9000 Introduction
and Support
Package: Guidance on ISO
9001:2000, Sub-clause 1.2 'Application'
to provide users with
information
regarding the intent of ISO 9001:2000 clause 1.2
Application, including some
typical
examples of its use in practical situations. (N524
is available for free download from
/iso-tc176-sc2
).
Additionally, the IAF has published its
IAF Guidance on the
Application of ISO 9001:2000, Issue
2
, which should also be referenced.
How to add value during the
audit process
审核过程如何增值
What do we mean by “adding
value”?
如何理解增值
We
hear
so
much
about
the
importance
of
―adding
value‖
during
quality
management
systems (QMS)
audits, but what does this really mean?
Is
it
possible
to
add
value
without
compromising
the
integrity
of
the
audit
or
providing
consultancy?
In
principle,
all
audits
should add value, but
this is not always the case.
我们听说太多在质量
管理体系审核中
增值
的重要性,但是这意味着什么?
This
document
provides
guidance
on
how
an
audit
can
add
value
for
the
different
parties
involved, and the various situations
that are likely to be encountered in the context
of second
or third-party audits.
本文对第二方或第三方审核中,不同条件下的审核增值提供指南。
―
Value-
added”
quality management
systems
增值的质量管理体系
There are several dictionary
definitions of ―value‖, but all focus on the
concept of something
being
useful. “Adding value”
therefore means to make
something
more useful.
对于价值有着不同的定义,但都集中一个概念,即有用的东西。因此,增值就是让他更有用。
Some
organizations
have
used
the
ISO
9000
series
of
standards
to
develop
quality
management systems that are integrated
into the way they do business, and are
useful
in
helping
them to achieve their strategic business
objectives
–
in other words
they
add value
for
the
organization.
Conversely,
other
organizations
may
have
simply
created
a
bureaucratic
set
of
procedures
and
records
that
do
not
reflect
the
reality
of
the
way
the
organization actually works, and simply
add costs, without being useful. In other words,
they
do not ―add value‖.
很多组织使用了
ISO9000
系列标准建立
质量管理体系,帮助达成组织的业务目标
-
换句话说,
为组织增值。相反,另外一些组织简单地建立一套官僚化的程序和记录,不能反映出组织的实
p>
际工作方式,只是简单地增加无益的成本,他们不能增值。
It is a question of approach:
这是个问题导向:
A non-
value-
added approach asks ―What
procedures do we have to write to get the
ISO 9000 certification?‖
非增值导向问“我们应该写哪些程序可获得
ISO9000
认证?”
A
―value
-
added‖ approach asks
the question ―
How can we use our ISO
9001:2000-
based quality management
system to help us to improve our
business
?‖
增值导向问题“我们如何用
ISO9000
质量管理体系帮助我们业务改进?”
How to
add value during the audit
process?
审核过程如何增值?
How can we ensure that an audit is
useful
to an organization in
maintaining and improving
its QMS?(We
should recognize, however, that there may be other
perspectives that need to
be taken into
consideration.)
我们如何确保审核对于组织维持和改进质量管理体
系是有用的?(我们应该认识到,或许还应
考虑到其他一些观点。)
In order to ―add value‖, a
third
-party audit should be
useful
为了增值,第三方审核应有益于
:
?
to the
certified organization
被认证组织
o
by
providing
information
to
top
management
regarding
the
organization‘s
ability to
meet strategic objectives
提供有关组织满足目标能力的信息给最高管理者。
o
by
identifying
problems
which,
if
resolved,
will
enhance
the
organization‘s
performance.
识别问题提高组织业绩。
o
by identifying
improvement opportunities and possible areas of
risk
识别改进机会和可能的风险区域
?
to
the
organization‘s
customers
by
enhancing
the
organization‘s
ability
to
provide
conforming product
提高组织的能力,提供合格产品给组织的顾客。
?
to
the
certification
body,
by
improving
the
credibility
of
the
third
party
certification
process.
提高认证机构的第三方认证过程的可信度。
The
approach
to
―adding
value‖
is
li
kely
to
be
a
function
of
the
level
of
maturity
of
the
organization‘s quality
culture and the maturity of its QMS, with respect
to the requirements of
ISO 9001:2000. <
/p>
增值近似于组织质量文化的成熟水平和质量管理体系的成熟度,考虑
ISO 9001:2000
要求。
By referring to Figure 1, we can
conceptually separate organizations into four
different zones,
as follows:
参见图
1
,我们把组织大概分成
4<
/p>
个不同的区域,如下图:
“
N
o
n
-
c
o
n
f
o
r
m
i
n
g
”
“
C<
/p>
o
n
f
o
r
m
i
n
g
”
M
a
t
u
r
i
t
y
o
f
Q
p>
M
S
Zone
3
Zone 4
Zone 1
Zone
2
Low
High
Maturity
of “Quality culture”
Zone
1:
(Low
maturity
of
“quality
culture”;
immature
QMS,
not
conforming
to
ISO
9001:2000
质量文化成熟度低,不成熟的质量管理体系
,不符合
ISO 9001:2000)
Zone 2:
(Mature “quality culture”; immature
QMS, not conforming to ISO 9001:2000
成
p>
熟的质量文化,不成熟的质量管理体系,不符合
ISO
9001:2000)
Zone 3: (Low maturity of
“quality culture”; mature QMS, conforming to ISO 9
001:2000
质量文化成熟度低,成熟的质量管理体系,符合
ISO 9001:2000)
Zone 4: (Mature
“quality culture”; mature QMS, conforming to ISO 9
001:2000
成熟的质
量文化,成熟的质量管理体系,符合
ISO 9001:2000)
It is
important to note that in this context:
注意到这段文章很重要
―
Quality
culture
‖
refers
to
the
degree
of
awareness,
commitment,
collective
attitude
and
behaviour of the organization with
regard to quality.
“
质量文化
”组织内对质量的意识,承诺,集体态度和行为。
―
Conformity to ISO
9001:2000
‖
relates to the maturity of the
organization‘s QMS, and the
extent to
which it meets the requirements of ISO 9001:2000.
(It is recognized that specific
minor
nonconformities
might
be
detected
even
in
organizations
that
show
an
overall
high
degree of maturity and conformity to
ISO 9001:2000.)
“符合
ISO
9001:2000
”
组织质量管理体系成熟,能
满足
ISO
9001:2000
的要
求。(应该认
识到尽管显示成熟度很高,符合
ISO
9001:2000
,依然可能在组织内发现轻微不符合。
)
Zone
1:
(Low
maturity
of
“quality
culture”;
immature
QMS,
not
conforming
to
ISO
9001:2000
质量文化成熟度低,不成熟的质量管理体系
,不符合
ISO 9001:2000)
For an
organization that has little or no ―quality
culture‖ and a QMS that does not conform to
ISO
9001:2000,
the
expectation
of
how
an
audit
might
add
value
could
mean
that
the
organization
would
like
to
receive
advice
on
―
howto
‖
implement
the
quality
management
system and/or resolve any non-
conformities raised.
组织很少有或没有质量文化,质量管理体系不符合
ISO 90
01:2000
,审核增值意味着组织接收
建议如何实施质量管
理体系和
/
或解决不符合。
Here
the
auditor
has
to
take
great
care,
because
in
a
third
party
audit
such
advice
would
certainly
generate
a
conflict
of
interest,
and
would
contravene
the
ISO/IEC
Guide
62
requirements for the
accreditation of certification bodies. What the
auditor
can
do, however,
is
ensure
that
whenever
non-conformities
are
encountered,
the
auditee
has
a
clear
understanding of
what
the standard requires,
and
why
the non-conformity
is being raised. If
the
organization
can
recognize
that
resolving
these
nonconformities,
will
lead
to
improved
performance, then it is more likely to
believe in and commit to the certification
process. It is
important, however, that
all identified non-conformities
are
reported, so that the
organization
clearly
understands
what
needs
to
be
done
in
order
to
meet
the
requirements
of
ISO
9001:2000.
这
种情况下审核员应特别注意,因为第三方审核的建议会产生违背公众利益的冲突,也违反了
ISO/IEC
导则
62
对认证机构认证要求。
但是审核员能做到的是让受审核方清楚地理解标准要
求,为什么会产生不符合。如果组织能认识到解决不符合,能改善业绩,他们就会更相信认证
p>
过程,并对此负责。但有一点很重要:报告所有的不符合,这样组织才能理解需要做什么才能
满足
ISO
9001:2000
的要求。
While some organizations might not be
totally satisfied with an audit outcome that does
not
result in certification, the
organization‘s customers (who receive
the organization‘s products)
will certainly consider this to have
been a ―valuable‖ audit from their perspective.
From the
perspective
of
the
certification
body,
failing
to
report
all
detected
nonconformities
and/or
providing guidance on
how to
implement the quality
management system, adds no value to
the
credibility of the auditing profession or the
certification process.
有些组织可能对导致不能认证的审核
结果不满意,但组织的顾客(接受组织产品的人)当然会
认为是一个有价值的审核。站在
认证机构的立场,如果没有报告所有的不符合和
/
或提供如何<
/p>
实施质量管理体系的指导,对于审核专业或认证过程的可信度没有增值。
< br>
We
must
recognize
that
the
above
discussion
relates
mainly
to
third
party
(certification)
audits.
There
is
no
reason
why
a
second
party
(supplier
evaluation)
audit
should
not
―add
value‖
by
providing
guidance
to
the
organization
on
how
to
implement
its
quality
management
system.
Indeed,
under
these
circumstances,
such
guidance
(if
it
is
well-
founded), would
undoubtedly be useful for both the organization
and its customer.
我们必须认识到以上的论点主要是针对第三方
(认证)审核的。没有理由第二方(供方评价)
审核不能提供增值的指导,告诉组织如何
实施质量管理体系。的确,在这种环境下,这些指导
无庸置疑地对组织及其顾客都是有用
的。
Zon
e 2:
(Mature “quality culture”; immature QMS, not
conforming to ISO 9001:2000
成
熟的质量文化,不成熟的质量管理体系,不符合
ISO 9001:2000)
For an organization that has a mature
―quality culture‖, but an immature QMS that does
not
conform
to
the
ISO
9001:2000
requirements,
the
basic
expectation
of
how
an
audit
might
add
value will probably be similar to that of Zone 1.
In addition, however, the organization is
likely to have a much higher
expectation of the auditor.
有
些
组
织
有
一
个
成
熟
的<
/p>
质
量
文
化
,
但
是
却
又
有
一
个
不
成
熟
的
质
量
管
理
体
系
,
不
符<
/p>
合
ISO9001:2000
的要求。<
/p>
In
order
to
be
able
to
add
value,
the
auditor
has
to
understand
the
way
in
which
the
organization‘s
existing
practices
meet
the
requirements
of
ISO
9001:2000.
In
other
words,
understand
the
organization‘s
processes
in
the
context
of
ISO
9001:2000,
and
not,
for
example, insist that the organization
redefine its processes and documentation to align
to the
clause structure of the
standard.
为了能够增值,审核员必须理解组织目前的运作满足
ISO <
/p>
9001:2000
要求的方式。换句话
说,依
ISO
9001:2000
的
条文理解组织的过程,例如,如果没有,要求组织依据标准条款结
构重新定义和文件化。
The organization might, for
example, base its management system on business
excellence
models,
or
total
quality
management
tools
such
as
Hoshin
Kanri
(Management
by
Policy),
Quality
Function
Deployment,
Failure
Mode
and
Effect
Analysis,
―Six
-
sigma‖
methodology,
5S
programmes,
Systematic
Problem
Solving,
Quality
Circles
and
others.
In
order
to
add
value
during
the
audit
process,
the
auditor
should,
at
a
minimum,
be
aware
of
the
organization‘s methodologies, and be
able to see to what extent they are effective in
meeting
the requirements of ISO
9001:2000 for that particular organization.
组织的管理体系或许基于业务优化模式,或全面质量管理工具,如
Hosh
in Kanri (
方针管理
)
,<
/p>
质量职能展开,失效模式和影响分析,
6
sigma
方法,
5S
活动,系统问
题解决,质量圈
和其
他方法。为了审
核过程增值,审核员最少应意识到组织的方法,有能力认识到组织符合
ISO
9001:2000
要求的程度。
It is also important that the auditor
not be ―intimidated‖ by the organization‘s
apparent high
degree
of
sophistication.
While
the
organization
may
be
using
these
tools
as
part
of
an
overall
total
quality
philosophy,
there
might
still
be
gaps
in
the
way
the
tools
are
being
employed. Therefore, the auditor must
be able to identify any systematic problems and
raise
the appropriate non-conformities.
In these situations, the auditor might be accused
of being
pedantic or even bureaucratic,
so it is important to be able to demonstrate the
relevance of
the non-conformities that
are being raised.
有一点也很重要,审核员不能为阻止明显的诡
辩胁迫。当组织可能用这些工具作为全面质量系
统的一部分时,这些工具的应用依然可能
有些差距。因此,审核员应有能力识别系统问题和提
出适当的不符合。在这种状态下,审
核员可能被视为书生气或有些官僚,所以有能力证明提出
的不符合的适当性是很重要的。
Zone 3: (Low maturity of
“quality culture”; mature QMS, conforming to ISO 9
001:2000
质量文化成熟度低,成熟的质量管理体系,符合
ISO 9001:2000)
An
organization
that
has
been
certified
to
one
of
the
ISO
9000
series
of
standards
for
a
significant
period
of
time
might
be
able
to
demonstrate
a
high
level
of
conformity
to
ISO
9001:2000, but at the same time not
have
truly implemented a ―quality
culture‖ throughout
the
organization.
Typically,
the
QMS
might
have
been
implemented
under
pressure
from
customers,
and
built
around
the
requirements
of
the
standard,
rather
than
on
the
organization‘s
own
needs
and
expectations
.
As
a
result,
the
QMS,
may
be
operating
in
parallel
with
the
way
the
organization
carries
out
its
routine
operations,
generating
redundancy and inefficiency.
一个组织已认证了某个
ISO
900
0
系列标准,或许可以证实其高水平地满足了
ISO
9001:2000
的要求,但是同时却没有在劝阻之内实施“质量文化
”。典型的情况就是在顾客的压力下实施
质量管理体系,围绕标准要求建立质量管理体系
胜于组织自己的需求和期望。质量管理体系的
运行与组织的日常操作相比较,显得繁琐和
低效率。
In order to add value
in these circumstances, the primary objective of
the auditor should be
to act as a
catalyst for the organization to build on its ISO
9000-based quality management
system,
and
to
integrate
the
system
into
its
day-to-day
operations.
While
the
third
party
certification
auditor
cannot
provide
recommendations
on
how
to
meet
the
requirements
of
ISO 9001:2000, it is
acceptable and indeed good practice to
encourage
and
stimulate
(but
not
require!
)
the
organization
to
go
beyond
the
requirements
of
the
standard.
The
questions
the
auditor
asks
(and
the
way
he
or
she
asks
those
questions)
can
provide
valuable
insights
for
the
organization
into
how
the
QMS
could
become
more
efficient
and
useful
. Identification of
―Opportunities for Improvement‖ by the auditor
should include ways
in
which
the
effectiveness
of
the
QMS
might
be
enhanced,
but
could
also
address
opportunities for
improved
efficiency
.
在这种情况下为了增值,审核员应成为组织建立
ISO
9000
质量管理体系的催化剂,将系统整
合
入日常运作中。虽然第三方审核员不能提供如何满足
ISO
9
001:2000
要求的建议,但是可
以鼓励和激励(但不是要
求)组织超越标准的要求。审核员提出的问题(和问题的方式)可以
提供有价值的观点,
使组织清楚如何让质量管理体系变得更有效和适宜。审核员识别改进机会
包括提高质量管
理体系的有效性,也可以指出改进效率的机会。
Zone
4: (Mature “quality culture”; mature QMS,
conforming to ISO 9001:2000
成熟的质
< br>量文化,成熟的质量管理体系,符合
ISO 9001:2000)
For an organization that has a mature
―quality culture‖, and has been certified to one
of the
ISO 9000 series of standards for
a significant period of time, the expectation of
how an audit
might add value will be
the most challenging for an auditor. A common
complaint among this
kind of
organization is that the ―routine surveillance
visits‖ by the auditor may be superfluous,
and do little to add value in the
organization‘s eyes.
对于一个有成
熟的质量文化,已经通过
ISO9000
某个标准认证的组织,
期望审核如何增值是
审核员很大的挑战。这种组织通常抱怨正常的监督审核是多余的,在
组织眼里几乎没有增值。
In these cases,
top management becomes an important customer of
the certification process.
It is
therefore important for the auditor to have a
clear
understanding
of
the
organization‘s
strategic
objectives,
and
to
be
able
to
put
the
QMS
audit
within
that
context.
The
auditor
needs
to
dedicate
time
for
detailed
discussions
with
top
management,
to
define
their
expectations for the QMS, and to
incorporate these expectations into the audit
criteria.
这种情况下,最高管理者成为认证过程
重要的顾客。因此审核员清楚地理解组织的战略目标,
并有能力融入到质量管理体系审核
中是很重要的。审核员需要和最高管理层详细地讨论,确定
他们对质量管理体系的期望,
并将这些期望融入进审核标准中。
Some tips
for the auditor on how to add
value
审核增值的一些方法
1)
Audit
planning
审核策划
:
a.
Understand the auditee‘s
expectations/corporate culture
理解受审核方的期望
/
企业文化
b.
Any specific concerns to
be addressed (output from previous audits)
特定关心
的内容(以前审核的输出)
?
c.
Risk analysis of industry
sector / specific to organization
组织的风险分
析
/
组织
特性
.
d.
Pre-evaluation of
statutory/regulatory
requirements
法令规则要求的在评价
e.
Appropriate audit team
selection to achieve audit objectives
适当
的审核组选择
以达成审核目标
f.
Adequate time
allocation
充足的时间分配
2)
Audit
technique
审核技术
:
a.
Focus more on the
process, and less on procedures.
Some
documented
procedures, work instructions, check-
lists etc. may be necessary in order for
the organization to plan and control
its processes, but the driving force should
be process performance.
更多关注
过程,少些关注程序。可能需要的文件化程序,作业指导书,检查表
等是组织策划和控制
过程,但是动力应该是过程业绩。
b.
Focus more on results and less on
records. In a similar fashion,
some
records may
be necessary in order for the organization to
provide objective
evidence that its
processes are effective (generating the planned
results) but
in order to add value, the
auditor should be aware of and give credit for
other
forms of evidence.
更多关
注结果,少些关注记录。相类似的,需要的纪录是组织为了提供过程有
效(达到策划的结
果)的客观证据,但是为了增值,审核员应明白其他形式证
据的认可。
< br>
c.
Remember the 8
Quality Management Principles
谨记
8
项管理原则
d.
Use the
―Plan
-Do-Check-
Act‖ approach
to evaluate the organization‘s process
effectiveness.
运用
PDCA
方法评价组织过程的有效性。
i.
Has the process been
planned
过程是否策划
?
ii.
Is it being carried out
according to plan
是否根据计划实施
?
iii.
Are the planned results
being achieved
是否达成策划的结果
?
iv.
Are opportunities for
improvement being identified and implemented
是
否识别了改进机会并执行
?
—
By correcting
non-conformities
纠正不符合
—
By
identifying
root
causes
of
problems
and
implementing
corrective
action
识别问题的根本原因和采取纠正措施
—
By identifying
trends, and the need for preventive action
< br>识别趋
势和预防措施的需求
—
By
innovation
创新
e.
Adopt
a
―holistic‖
approach
to
evidence
gathering
throughout
the
audit,
instead of focusing on individual
clauses of ISO 9001:2000.
采取整体方式通过
审核收集证据,取代关注
ISO
9001:2000
的单个条款。
3)
Analysis and
decision
分析和决定
a.
Put
the
findings
into
perspective
(Risk
assessment
/
―common
sense‖).
将审核发现融入
看法(风险评价
/
常识判断)
b.
Relate findings to the
effect on the organization‘s ability to provide
conforming
product (see ISO 9001:2000
clause 1.1).
影响组织提供合格产品能力的审核发现
4)
Report and follow-
up
报告和跟进
a.
Sensible reporting of audit findings
审核发现的判断报告
i.
Different
approaches
may
be
required
depending
on
基于以下要
求不
同的方式
:
?
the
organization‘s maturity (Zones 1, 2, 3 and
4)
组织成熟度
?
the level of
confidence in the organization‘s QMS
对组织
QMS
的信任水平
?
the risks
involved
有关的风险
?
the auditee‘s
attitude and commitment to the audit
pr
ocess
受
审核方对审核过程的态度和承诺
< br>
o
Proactive
o
Reactive
ii.
Ensure that any cultural
aspects are taken into consideration
考虑文
化
的影响
iii.
Emphasize positive findings as
appropriate
必要时强调正面发现
iv.
Will the solution
proposed by the organization in response to
negative
findings be
useful<
/p>
组织是否针对负面发现提出有用的解决方案
?
b.
Reports
should
be
objective
and
focused
on
the
right
―audience‖.
(Top
management will
probably have expectations that are different from
those of
the management representative)
报告应该客观,关注适当的听众(最高管理者
和管理者代表可能
有着不同的期望)。
.
Auditing
'competence' and the 'effectiveness of actions
taken'
审核“能力”和“采取措施的有效性”
< br>
The following information is
provided to guide auditors performing
certification audits in
understanding
the ISO 9001:2000 clause 6.2.2 requirements for
'competence' and
'effectiveness of
actions taken', e.g. training.
以下信息为审核员提供指南,在认证审核中理解
ISO
9001:2000
条款
6.2.2
对“能力”和“所
采取措施的有效性”的要求,如培训。
These requirements are usually audited
as part of a product realization process audit and
not in isolation. However, it is
recognised that some organizations will have
separate human
resource processes,
where most of the evidence needed can be found.
p>
这些要求通常作为产品实现过程审核的一部分进行审核,而不是孤立的。但是,很多组织有独
立的人力资源过程,多数证据都能在此找到。
This document identifies typical
activities performed by organizations to ensure
the
competence of their personnel and
to evaluate the effectiveness of actions taken to
satisfy
those competence needs, and
gives guidance to auditors regarding the types of
evidence
they should aim to find, and
provide examples where appropriate.
本文
识别了组织实施的典型活动以确保人员能力和评价所采取措施有效性,以满足能力需求,
并提供指导审核员需要关注的相关证据及提供适当的案例。
To satisfy the competence/effectiveness
requirements of ISO 9001:2000, an organization
will typically need to do several
things:
为了满足
ISO 9001:2000
能力和有效性的要求,组织
通常需要做以下事情:
?
Identify
what
competencies
are
required
by
personnel
performing
work
which
affects
quality
识别
执行影响质量工作人员的能力
?
Identify which personnel already
performing the work have the required competencies
识
别已执行这些工作人员的能力
?
Decide what
additional competencies are
required
确定所要求的附加能力
?
Decide
how
these
additional
competencies
are
to
be
obtained
–
training
of
personnel
(external or
internal), theoretical or practical training,
hiring of new competent personnel,
assignment of existing competent
personnel to different work
确定如何获得这些附加的能
力
-
人员培训
(
外部或内部
)
,理论或实践培训,具
备能力的新员工的招聘,现有具备能力人
员不同工作的分配
?
Train, hire or
reassign personnel
人员培训,招聘或调职
?
Review the
effectiveness of actions taken to satisfy
competence needs
评价所采取措施
有效性,以
满足能力需求
?
Periodically review competence of
personnel
定期评审人员的能力
Throughout
the
process,
the
organisation
is
required
to
maintain
appropriate
records
of
education, training, skills
and
experience.
However,
ISO
9001:2000
does
not
specify
how
the process will be established or the
exact nature of the records to be maintained.
要求组织通过这些过程保持适当的教育、培训、技能和经验的记录。但是,
ISO
9001:2000
没
有规
定如何建立过程或如何正确地保持记录。
In
auditing
an
organisation‘s
compliance
with
the
competence
and
training
evaluation
requirements, an Auditor
would
typically
be
seeking
evidence
that
the
following
issues
are
addressed
审核组织
能力和培训评价的符合性,审核员应寻求以下问题的证据
:
1
-
Anorganisation
needs
to
identify
what
competencies
are
required
by
personnel
performing work
that affects quality
组织需识别执行影响质量工作的人员的能力
要求
.
Guidance
-
The objective of the auditor should be to
determine whether there is a
systematic
approach in place to identify these competencies
and to verify that the
approach is
effective. The outcome of the process may be a
list, register, database,
human
resources plan, competencies development plan,
contract, project or product
plan, etc.
指南
-
审核员应确定是否有系统的方法
以识别能力并验证这种方法的有效性。过程的结
果可能是清单,登记表,数据库,人力资
源计划,能力开发计划,合同,项目或产品
计划等。
Discussions could initially be held
with top management to ensure they understand
the importance of identifying the
competencies required. These may also be a
potential source of information
regarding new or changed activities or processes,
which may lead to different competency
requirements in the organization.
可由最高管理者组织讨论以确保理解识
别能力要求的重要性。这也可能是新的或变更
的活动或过程导致组织内不同的能力要求的
信息来源。
A
review
of
competencies
might
also
be
needed
when
a
new
tender
or
contract
is
being
considered.
Evidence
of
this
could
be
found
in
related
records.
Competence
requirements
may
be
included
in
contract
documents
where
the
activities
of
subcontractors
can
have
an
impact
on
processes
and/or
product
quality
characteristics. <
/p>
当有新的投标或合同时应考虑能力评审的需求。证据可从相关记录上发现。对于分承
包活动可能影响过程和
/
或产品质量特性的合
同,可能包括能力要求。
Auditors need to
determine whether the organisation has identified
new or changed
competence needs during
surveillance audits.
在监督审核中,审核员需确定组织是否识别新的或变更的能力要求。
2
–
Are competent
people assigned to those work place activities
necessary to control the
quality
characteristics of its processes and products?
是否是分配具备能力的人员以控制过程
和产品的质量特性?
Guidance -
Verify that
some form of evaluation process is in place to
ensure that the
competencies are
appropriate to the organization's activities, and
that the personnel
selected
as
competent
are
demonstrating
these
competencies.
Also,
the
process
should
ensure
that
any
deficiencies
are
being
acted
upon
and
the
effectiveness
of
personnel
is
being
measured.
Verify
that
the
activities
that
affect
quality
are
performed by persons
selected as ce may be obtained throughout
the audit with an emphasis on those
processes, activities, task and products where
human
intervention
may
have
the
greatest
impact.
The
auditor
may
review
job
descriptions,
testing
or
inspection
activities,
monitoring
activities,
records
of
management
reviews,
definition
of
responsibilities
and
authorities,
nonconformity
records, audit
reports, customer complaints, processes validation
records etc.
指南
p>
-
验证这些评价过程的形式以确保其能力适于组织的活动,并且所选
择人员的能力
满足要求。同样,此过程
应确保能力不足已采取措施,人员的有效性已经过测量。验
证影响质量的活动由经过选择
有能力的人员执行。通过审核那些人员干涉有重大影响
的过程、活动、任务和产品来获得
证据。审核员可评价职位描述,测试或检验活动,
监视活动,管理评审记录,职责和权限
定义,不合格记录,审核报告,顾客投诉,过
程确认记录等。
3
- The organization needs to
evaluate the effectiveness of
the
actions
taken
to
satisfy
the
competence needs
组织需评价所采取措施的有效性以满足能力需求
Guidance
-
The
organization
may
use
a
number
of
techniques
including
role-play,
peer
review,
observation,
reviews
of
training
and
employment
records
and/or
interviews (see ISO
19011, Table 2, for further examples). The
appropriateness of a
particular
evaluation
method
will
depend
on
many
factors.
For
example,
training
records
could
be
viewed
to
verify
that
a
training
course
had
been
successfully
completed
(but
note,
this
alone
would
not
provide
evidence
that
the
trainee
is
competent).
However,
this
same
method
would
not
be
acceptable
to
evaluate
whether an auditor performed
satisfactorily during an audit. Instead, this may
require
observation,
peer
review,
interviews,
etc..
The
organization
may
need
to
demonstrate the attainment of
competence of its personnel through a combination
of
education, training and/or work
experience.
指南-组织
可运用一定的技术包括角色扮演、同等评价、观察、培训评价和雇佣记录
和
/
或面试(见
ISO19011
)。评价方法应考虑很多方面。如可以看培训记录验证培训
课程是否已完成(但要注
意,这不能作为受训人员胜任的证据)。但是,同样的方法
用于评价审核员在审核期间是
否执行满足要求的审核是不可接受的。相反,这可能要
求观察、同等评价,面谈等。组织
需要通过结合教育、培训和
/
工作经验证明人员满足
能力要求。
4
–
Maintenance of
competence
能力保持
.
Guidance
–
The
auditor
needs
to
verify
that
some
form
of
effective
monitoring
process is in place and being acted
upon. Ways of doing this include a continuing
professional development process (such
as the one described in ISO 19011), regular
appraisals
of
personnel
and
their
performance,
or
the
regular
inspection,
testing
or
auditing of product for
which individuals or groups are responsible.
Ongoing changes
in
competence
requirements
may
indicate
that
an
organization
is
proactive
in
maintaining personnel performance
levels.
指南-审核员需验证监视过程和采取措施的有效性。包括持续
的专业提升过程(如
ISO19011
描述的一例),常规的人
员及其能力的评价,或负责常规检验,试验或
产品审核的个人或团体的能力评价。人员能
力要求的改变可显示组织在保持人员业
绩水平方面是正面积极的。
Auditing statutory and regulatory
requ
irements
审核法令法规要求
ISO 9001:2000 requires an organization
to identify and control the statutory and
regulatory
requirements
applicable to its products (including
services).
It is up to the organization
how to do this within its
QMS.
ISO
9001:200
0
要求组织识别和控制与产品(包括服务)相关的法令和法规要求。依组织如何
在其质量管理体系中实施而定。
The
organization should demonstrate that the statutory
and regulatory requirements
applicable
to its products / services have been properly
identified, are available and
easily
retrievable.
组织应证明适用于其产品
/
p>
服务的法令法规要求已充分识别,可用并易于获取。
Auditors need to be aware of the
general and specific statutory and regulatory
requirements
applicableto the products/
services included within the scope of the QMS.
During the audit
preparation
phase,
the
audit
team
should
obtain
relevant
information
from
internal
or
external sources with respect to these
statutory and regulatory requirements. This will
allow
them to make a judgment on the
suitability of the QMS to address such
requirements. These
requirements need
to be identified and integrated in the resource
management and product
realization
activities of the organization.
审核员需清楚质
量管理体系范围内产品
/
服务适用的一般和特殊的法令法规要求
。在审核准备
阶段,审核组应从内部或外部获取有关法令法规要求的信息。这些有助于判
定质量管理体系关
于法规要求的适宜性。这些要求需要被识别和整合进组织的资源管理和
产品实现活动中。
During the audit
phase, the audit team
should
在审核期间,审核组应
:
?
ensure that the
organization has a methodology in place for
identifying, maintaining and
updating
all applicable statutory and regulatory
requirements
确保组织的方法识别、保持
和更新
所有适用的法令和法规要求
?
ensure that these statutory and
regulatory requirements are utilized as ?process
inputs‘
while mo
nitoring
?process outputs‘ for compliance with requirements
确保这些法令法规要
求作为监视“过程输出“符合要求时的过程
输入
?
ensure that any claimed compliance to
standards, statutory and regulatory requirements
etc. are properly
demonstrated
by
the
organization
确保宣称符合标准、法令和法规要求
等的组织已被充分证明
?
if evidence is
found
, during the audit, that specific
information regarding statutory and
regulatory
requirements
has
not
been
taken
into
account,
the
auditors
should
issue
a
nonconfor
mity
如果在审核期间发现关于法令法规要求没有纳入的证据时,审核员应发出
不符合项
?
the
auditors
should
also
issue
a
nonconformity
if
a
non
compliance
with
such
requirements is
directly identified
如果不符合识别的要求,审核员也应发出不符
合
.
Auditors
should
avoid
making
statements
about
what
statutory
or
regulatory
requirements
are applicable to the products/
services of the organization, or about methods of
compliance,
because
of
possible
liability
审核员应避免陈述有关法令法规适用于组织的产品
/
服务,或
关
于符合的方法,因为
可能存在责任
.
Nonconformities should be issued only
in situations where identification has been
made of system deficiencies or of
direct violations in respect of statutory and
regulatory requirements applying to the
products/ services of the organization.
只有系
统缺乏识别或违背与组织产品
/
服务适用的法令法规要求时才可发出不符合。
However, if a non-compliance with other
kinds of statutory requirements (e.g. health and
safety, environment, etc.) is, co-
incidentally, detected during the audit, this fact
cannot be
ignored by the audit team. It
should bereported without delay to the auditee
and, if required,
to the audit client.
但是,如果审核期间发现不符合其它的法规要求(如健康和安全,环境
< br>等),审核组不能忽视。应即刻向受审核方报告,有要求时,向审核委托方报告。
Auditing Quality Policy and Quality Obj
ectives
审核质量方针
和质量目标
The
quality
policy
and
its
effective
deployment
can
only
be
truly
assessed
based
on
the
overall results of the audit.
基于审核的整体结果可评价质量方针及其有效展开。
Audit methods should
include
审核方法包括
:
-
Interviewing
Top
Management
to
understand
their
approach
and
commitment
to
quality
(click here to link
to the guidance paper on the auditing of Top
Management
processes)
与最高管理层面谈了解他们的质量意图和承诺。
-
Evaluating,
through
the
records
of
the
management
review,
the
commitment
and
involvement
of
Top
Management
in
the
establishment,
implementation,
monitoring
and
updating
of
the
quality
policy
通过管理评审的记录,评价最高管理层的承诺和
参
与质量方针的建立,实施,监视和更新。
-
A
ssessing
if
the
Management
has
effectively
―translated‖
the
quality
policy
into
understandable
words
and
guidelines
at
all
levels
of
the
organization,
with
corresponding objectives at each
applicable function / level.
评价管理者是否有效地用
易理解的语言在组织内解释和指引质量方针,并在每个适当的职能、阶层建立相应的
p>
目标。
Conducting
interviews
with
personnel
to
verify
if
they
have
appropriate
awareness,
understanding and
knowledge of the way the organization‘s quality
policy
relates to
their
own
activity,
regardless
of
the
terms
used
by
such
people
to
express
their
understanding.
< br>与员工谈话以验证他们是否适当地意识,了解和认识组织的质量方针与
其活动的关
系,不管他们用何术语来表达他们的理解。
-
Seeking
evidence
of
effective
dissemination
of
the
quality
policy
by
appropriate
communication.
p>
用适当的沟通方式寻找质量方针有效发布的证据。
Auditing quality
objectives
审核质量目标
The audit team needs
to
verify
that
the
organization‘s
overall
quality
objectives
have
been
defined;
that
they
reflect
the
quality
policy,
are
coherent,
aligned
and
compatible
with
the
overall
business
objectives,
including
customer
expectations.
The
audit
team
should
verify
that there is
substantial alignment and compatibility between
the quality objectives and the
overall
business
objectives.
If
this
is
not
the
case,
the
auditors
should
analyse
further
the
Top
Management
commitment
to
quality.
审核组需要
验证组织确定的整体质量目标,反映质
量方针的意图,与总体业务目标相关连一致,包括
顾客期望。审核组应验证质量目标和总体业
务目标间的关联一致性。如果不是这种状况,
审核员应进一步分析最高管理层对质量的承诺。
The
quality objectives need to be measurable and
documented.
质量目标应是可测量的,并
形成文件
化。
There is no specified way
of documenting the quality objectives, these may
appear through
business
plans,
manage
ment
review
outputs,
annual
budgets,
etc….
It
is
up
to
the
audit
team to satisfy itself
that the objectives are adequately documented.
质量目标文件化没有特
定的方法,可以透过计划,管理评审输出,年度预
算等显示。审核组要使自己确信目标已充分
文件化。
The
auditors
should
obtain
evidence
of
the
way
the
quality
objectives
are
appropriately
cascaded
throughout the organization structure and
processes, linking the general strategic
objectives to management objectives and
down to specific operational activities.
审核员应获
得证据确认质量目标已适当地分解到组织的结构和过程,结合管理战略目标
及具体的操作活
动。
It
is
recommended
that
the
documented
quality
objectives
should
be
examined
at
the
documentation review
stage of the audit.
建议审核的文件评审阶段,应评价文件化质量
目标。
Before the end of the
audit, the audit team has to satisfy itself that
the quality objectives are
realistic
and
that
the
organization
has
assigned
to
responsible
personnel
appropriate
resources
to
meet
their
objectives.
It
is
appropriate
to
sample
this
at
all
levels
of
the
organization.
审核结束前,审核组应使自己确信质量目标是可实现的,组织已指派负责人员,
配备必
要的资源以满足目标。在组织的各阶层抽样检查是必要的。
Quality objectives are not static and
need to be updated in the light of the current
business
climate and the quest for
continual improvement. The audit team should
verify if the overall
organization
performance
reflects
the
aims
of
the
quality
policy
and
reasonably
meets
the
quality
objec
tives.
考虑到当前的业务氛围和持续改进的要求,质量目标不是静态的,需要更<
/p>
新。审核组应验证整个组织反映质量方针的意图和满足质量目标的业绩表现。
The auditors should keep in mind
that the objectives can be measured in a
quantitative or
qualitative
manner.
They
should
also
remember
that
there
is
a
clear
link
between
the
dynamic aspect of revising the quality
policy and the quality objectives and the
commitment
of the organization to
continual improvement.
审核员应注
意质量目标是可测量的定量或定性的方式。应记住修订质量方针和质量目标的动态
因素和
组织持续改进承诺是相关联的
。
Auditing the
control of monitoring
-
and measuring devices
审核监视和测量装置的控制
The
following information is provided as guidance for
auditingthe processes
associated with
control of monitoring and measuring devices, and
on the potential
exclusion of clause
7.6 from the scope of an organization‘s quality
management
system
.
以下信息提供了审核相关监视和测量装置控制过程和组织的质量管理体系可能删减条
款
7.6
的指南。
In auditing these processes, it is
important for the auditor to understand the
difference between
审核这些过程,审核员
理解以下的区别是很重要的
:
?
―
monitoring
‖ and
―
measurement
‖, and
监视和测量
?
―
equipment
‖ and ―
device
s‖
设备和装置
.
a) monitoring and
measurement
监视和测量
?
monitoring
implies observing, supervising, keeping under
review (using
monitoring devices); it
can involve measuring or testing at intervals,
especially
for the purpose of
regulation or control
监视是指观察,监督,评审状态下的维
持
(
使用监视装置
)
< br>,可包括定期的测量或试验,尤其是调整或控制目的。
?
measurement
considers the determination of a physical
quantity, magnitude or
dimension (using
measuring equipment).
测量考虑物理量,量级或尺寸的规定
p>
(
使用测量设备
)
b) devices and
equipment
装置和设备
?
devices
: A
device may deliver either qualitative (attribute
based) or quantitative
results.
Examples of devices include
装置可显示或定性
(
特性装置
)
,或定
量的结
果,例如装置包括
-
physical devices, e.g. a
ship's flotation/load line, an overflow
物理装置,如船的浮线、载重线,溢水管
-
non-physical devices, e.g.
records of the rate of customer returns, survey
p>
questionnaires
非物理装置,如客户退货率的记录,
调查问卷
-
equipment or ―measuring equipment‖, see
below;
设备或测量设备,见以下
?
equipment
: For
the purposes of ISO 9001 equipment is regarded as
a subset of
devices. Equipment may be
separated into two categories:
设备:
ISO9001
中的设备被视为装置的
一部分。设备可分成两种
-
indicative equipment, for example an
emergency flashing lamp, an electrical
power on/off indicator, a
显示设备,如应急灯,电源开关指示,止通规,水平显示表
-
―measuring equipment‖,
defined in ISO 9000, clause 3.10.4 as
follows:
测量
设备,
ISO9000
条款
3.10.
4
定义如下:
―
measuring instrument,
software, measurement standard, reference material
or
auxiliary apparatus or combination
thereof necessary to realize a measurement
process”
测量工具,软件,测量标准,相关材料或辅助设备,或为实现
测量过程
以上几种的结合。
Various parts of clause 7.6 address the
topics of monitoring and measurement,
devices and equipment. The first two
paragraphs address all of these items. The
third paragraph, including bullets a)
to e), and the first two sentences of the fourth
paragraph, are only directed at
―measuring equipment‖. The last sentence of the
fourth paragraph and the final
paragraph once again address all of them. The
standard is clear in this respect, but
its correct interpretation requires the auditor to
make a close analysis of its precise wo
rding.
条款
7.6
各部分描述了
监视和测量,装置