Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ISO 9001:2008 Audit Checklist - English

77,270 views

Published on

ISO 9001:2008 Audit Checklist - English

  1. 1. ISO 9001 Audit ChecklistRevision: 0 Page 1 of 37Page 1 / 37Document owner SignApproved by SignEffective dateRevision historyRevision Effective date Description of amendments0 First issue.
  2. 2. ISO 9001 Audit ChecklistRevision: 0 Page 2 of 37Page 2 / 37Audit date Audit PlanAuditors AuditeesAudit resultsNo ISO 9001criteriaStatement of nonconformity or observations Audit evidence Sign
  3. 3. ISO 9001 Audit ChecklistRevision: 0 Page 3 of 37Page 3 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)1 Scope1.1 GeneralIs the QMS scope defined?1.2 ApplicationAre justifications stated for anyexclusion within Clause 7 (Productrealization)?2 Normative referencesAre normative references cited in theQuality Manual?3 Terms and definitionsAre terms and definitions definedwithin the QMS/Quality Manual?4 Quality management system4.1 General requirementsHas the organization established,documented, implemented andmaintained a quality managementsystem and continually improve itseffectiveness in accordance with therequirements of this InternationalStandard?Has the organizationa) determined the processesneeded for the qualitymanagement system and theirapplication throughout theorganization (see 1.2),b) determined the sequence and
  4. 4. ISO 9001 Audit ChecklistRevision: 0 Page 4 of 37Page 4 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)interaction of these processes,c) determined criteria and methodsneeded to ensure that both theoperation and control of theseprocesses are effective,d) ensured the availability ofresources and informationnecessary to support theoperation and monitoring of theseprocesses,e) monitored, measured whereapplicable, and analysed theseprocesses, andf) implemented actions necessaryto achieve planned results andcontinual improvement of theseprocesses?Are these processes managed inaccordance with the requirements ofthis International Standard?Are the type and extent of controlapplied to outsourced processesdefined within the qualitymanagement system?NOTE 1 Processes needed for thequality management system referredto above include processes formanagement activities, provision ofresources, product realization,measurement, analysis andimprovement.NOTE 2 An “outsourced process” is aprocess that the organization needsfor its quality management system
  5. 5. ISO 9001 Audit ChecklistRevision: 0 Page 5 of 37Page 5 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)and whichthe organization chooses to haveperformed by an external party.NOTE 3 Ensuring control overoutsourced processes does notabsolve the organization of theresponsibility of conformity to allcustomer, statutory and regulatoryrequirements.The type and extent of control to beapplied to the outsourced processcan be influenced by factors such asa) the potential impact of theoutsourced process on theorganizations capability toprovide product that conforms torequirements,b) the degree to which the controlfor the process is shared,c) the capability of achieving thenecessary control through theapplication of 7.4.4.2 Documentation requirements4.2.1 GeneralDoes the quality management systemdocumentation includea) documented statements of aquality policy and qualityobjectives,b) a quality manual,c) documented procedures andrecords required by this
  6. 6. ISO 9001 Audit ChecklistRevision: 0 Page 6 of 37Page 6 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)International Standard, andd) documents, including records,determined by the organization tobe necessary to ensure theeffective planning, operation andcontrol of its processes?NOTE 1 Where the term“documented procedure” appearswithin this International Standard, thismeans that the procedure isestablished, documented,implemented and maintained. Asingle document may address therequirements for one or moreprocedures. A requirement for adocumented procedure may becovered by more than one document.NOTE 2 The extent of the qualitymanagement system documentationcan differ from one organization toanother due toa) the size of organization and typeof activities,b) the complexity of processes andtheir interactions, andc) the competence of personnel.NOTE 3 The documentation can be inany form or type of medium.4.2.2 Quality manualHas the organization established andmaintained a quality manual thatincludesa) the scope of the quality
  7. 7. ISO 9001 Audit ChecklistRevision: 0 Page 7 of 37Page 7 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)management system, includingdetails of and justification for anyexclusions (see 1.2),b) the documented proceduresestablished for the qualitymanagement system, orreference to them, andc) a description of the interactionbetween the processes of thequality management system?4.2.3 Control of documentsAre documents required by the qualitymanagement system controlled?Records are a special type ofdocument and shall be controlledaccording to the requirements givenin 4.2.4.Has a documented procedure beenestablished to define the controlsneededa) to approve documents foradequacy prior to issue,b) to review and update asnecessary and re-approvedocuments,c) to ensure that changes and thecurrent revision status ofdocuments are identified,d) to ensure that relevant versionsof applicable documents areavailable at points of use,e) to ensure that documents remainlegible and readily identifiable,f) to ensure that documents of
  8. 8. ISO 9001 Audit ChecklistRevision: 0 Page 8 of 37Page 8 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)external origin determined by theorganization to be necessary forthe planning and operation of thequality management system areidentified and their distributioncontrolled, andg) to prevent the unintended use ofobsolete documents, and to applysuitable identification to them ifthey are retained for anypurpose?4.2.4 Control of recordsAre records established to provideevidence of conformity torequirements and of the effectiveoperation of the quality managementsystem controlled?Has the organization established adocumented procedure to define thecontrols needed for the identification,storage, protection, retrieval, retentionand disposition of records?Are the records legible, readilyidentifiable and retrievable?5 Management responsibility5.1 Management commitmentHas top management providedevidence of its commitment to thedevelopment and implementation ofthe quality management system andcontinually improving its effectivenessby
  9. 9. ISO 9001 Audit ChecklistRevision: 0 Page 9 of 37Page 9 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)a) communicating to theorganization the importance ofmeeting customer as well asstatutory and regulatoryrequirements,b) establishing the quality policy,c) ensuring that quality objectivesare established,d) conducting management reviews,ande) ensuring the availability ofresources?5.2 Customer focusHas the top management ensuredthat customer requirements aredetermined and are met with the aimof enhancing customer satisfaction(see 7.2.1 and 8.2.1)?5.3 Quality policyHas top management ensured thatthe quality policya) is appropriate to the purpose ofthe organization,b) includes a commitment to complywith requirements and continuallyimprove the effectiveness of thequality management system,c) provides a framework forestablishing and reviewing qualityobjectives,d) is communicated and understoodwithin the organization, ande) is reviewed for continuingsuitability?
  10. 10. ISO 9001 Audit ChecklistRevision: 0 Page 10 of 37Page 10 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)5.4 Planning5.4 Quality objectivesHas top management ensured thatquality objectives, including thoseneeded to meet requirements forproduct (see 7.1 a), are established atrelevant functions and levels withinthe organization?Are the quality objectives measurableand consistent with the quality policy?5.4.1 Quality management systemplanningHas top management ensured thata) the planning of the qualitymanagement system is carriedout in order to meet therequirements given in 4.1, as wellas the quality objectives, andb) the integrity of the qualitymanagement system ismaintained when changes to thequality management system areplanned and implemented?5.5 Responsibility, authority andcommunication5.5.1 Responsibility and authorityHas top management ensured thatresponsibilities and authorities aredefined and communicated within theorganization?
  11. 11. ISO 9001 Audit ChecklistRevision: 0 Page 11 of 37Page 11 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)5.5.2 Management representativeHas top management appointed amember of the organizationsmanagement who, irrespective ofother responsibilities, shall haveresponsibility and authority thatincludesa) ensuring that processes neededfor the quality managementsystem are established,implemented and maintained,b) reporting to top management onthe performance of the qualitymanagement system and anyneed for improvement, andc) ensuring the promotion ofawareness of customerrequirements throughout theorganization?NOTE The responsibility of amanagement representative caninclude liaison with external parties onmatters relating to the qualitymanagement system.5.5.3 Internal communicationHas top management ensured thatappropriate communicationprocesses are established within theorganization and that communicationtakes place regarding theeffectiveness of the qualitymanagement system?5.6 Management review5.6.1 General
  12. 12. ISO 9001 Audit ChecklistRevision: 0 Page 12 of 37Page 12 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)Has top management reviewed theorganizations quality managementsystem, at planned intervals, toensure its continuing suitability,adequacy and effectiveness?Does this review include assessingopportunities for improvement and theneed for changes to the qualitymanagement system, including thequality policy and quality objectives?Are records from managementreviews being maintained (see4.2.4)?5.6.2 Review inputDoes the input to management reviewinclude information ona) results of audits,b) customer feedback,c) process performance and productconformity,d) status of preventive andcorrective actions,e) follow-up actions from previousmanagement reviews,f) changes that could affect thequality management system, andg) recommendations forimprovement?5.6.3 Review outputDoes the output from themanagement review include anydecisions and actions related to
  13. 13. ISO 9001 Audit ChecklistRevision: 0 Page 13 of 37Page 13 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)a) improvement of the effectivenessof the quality managementsystem and its processes,b) improvement of product related tocustomer requirements, andc) resource needs?6 Resource management6.1 Provision of resourcesHas the organization determined andprovided the resources neededa) to implement and maintain thequality management system andcontinually improve itseffectiveness, anda) b) to enhance customersatisfaction by meeting customerrequirements?6.2 Human resources6.2.1 GeneralAre the personnel performing workaffecting conformity to productrequirements shall be competent onthe basis of appropriate education,training, skills and experience?NOTE Conformity to productrequirements can be affected directlyor indirectly by personnel performingany task within the qualitymanagement system.6.2.2 Competence, training and
  14. 14. ISO 9001 Audit ChecklistRevision: 0 Page 14 of 37Page 14 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)awarenessHas the organizationa) determined the necessarycompetence for personnelperforming work affectingconformity to productrequirements,b) where applicable, providedtraining or take other actions toachieve the necessarycompetence,c) evaluated the effectiveness of theactions taken,d) ensured that its personnel areaware of the relevance andimportance of their activities andhow they contribute to theachievement of the qualityobjectives, ande) maintain appropriate records ofeducation, training, skills andexperience (see 4.2.4)?6.3 InfrastructureHas the organization determined,provided and maintained theinfrastructure needed to achieveconformity to product requirements?Infrastructure includes, as applicable,a) buildings, workspace andassociated utilities,b) process equipment (bothhardware and software), andc) c) supporting services (such astransport, communication or
  15. 15. ISO 9001 Audit ChecklistRevision: 0 Page 15 of 37Page 15 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)information systems).6.4 Work environmentHas the organization determined andmanaged the work environmentneeded to achieve conformity toproduct requirements?NOTE The term “work environment”relates to those conditions underwhich work is performed includingphysical, environmental and otherfactors (such as noise, temperature,humidity, lighting or weather).7 Product realization7.1 Planning of product realizationHas the organization planned anddeveloped the processes needed forproduct realization?Is the planning of product realizationconsistent with the requirements ofthe other processes of the qualitymanagement system (see 4.1)?In planning product realization, hasthe organization determined thefollowing, as appropriatea) quality objectives andrequirements for the product;b) the need to establish processesand documents, and to provideresources specific to the product;c) required verification, validation,
  16. 16. ISO 9001 Audit ChecklistRevision: 0 Page 16 of 37Page 16 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)monitoring, measurement,inspection and test activitiesspecific to the product and thecriteria for product acceptance;d) records needed to provideevidence that the realizationprocesses and resulting productmeet requirements (see 4.2.4)?Is the output of this planning in a formsuitable for the organizations methodof operations?NOTE 1 A document specifying theprocesses of the quality managementsystem (including the productrealization processes) and theresources to be applied to a specificproduct, project or contract can bereferred to as a quality plan.NOTE 2 The organization may alsoapply the requirements given in 7.3 tothe development of productrealization processes.7.2 Customer-related processes7.2.1 Determination of requirementsrelated to the productHas the organization determineda) requirements specified by thecustomer, including therequirements for delivery andpost-delivery activities,b) requirements not stated by thecustomer but necessary for
  17. 17. ISO 9001 Audit ChecklistRevision: 0 Page 17 of 37Page 17 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)specified or intended use, whereknown,c) statutory and regulatoryrequirements applicable to theproduct, andd) any additional requirementsconsidered necessary by theorganization?NOTE Post-delivery activities include,for example, actions under warrantyprovisions, contractual obligationssuch as maintenance services, andsupplementary services such asrecycling or final disposal.7.2.2 Review of requirements related tothe productHas the organization reviewed therequirements related to the product?Was this review conducted prior tothe organizations commitment tosupply a product to the customer (e.g.submission of tenders, acceptance ofcontracts or orders, acceptance ofchanges to contracts or orders) anddoes it ensured thata) product requirements are defined,b) contract or order requirementsdiffering from those previouslyexpressed are resolved, andc) the organization has the ability tomeet the defined requirements?Are records of the results of thereview and actions arising from the
  18. 18. ISO 9001 Audit ChecklistRevision: 0 Page 18 of 37Page 18 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)review maintained (see 4.2.4)?Where the customer provides nodocumented statement ofrequirement, were the customerrequirements confirmed by theorganization before acceptance?Where product requirements arechanged, has the organizationensured that relevant documents areamended and that relevant personnelare made aware of the changedrequirements?NOTE In some situations, such asinternet sales, a formal review isimpractical for each order. Instead thereview can cover relevant productinformation such as catalogues oradvertising material.7.2.3 Customer communicationHas the organization determined andimplement effective arrangements forcommunicating with customers inrelation toa) product information,b) enquiries, contracts or orderhandling, including amendments,andc) customer feedback, includingcustomer complaints?7.3 Design and development
  19. 19. ISO 9001 Audit ChecklistRevision: 0 Page 19 of 37Page 19 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)7.3.1 Design and development planningHas the organization planned andcontrolled the design anddevelopment of product?During the design and developmentplanning, has the organizationdetermineda) the design and developmentstages,b) the review, verification andvalidation that are appropriate toeach design and developmentstage, andc) the responsibilities andauthorities for design anddevelopment?Has the organization managed theinterfaces between different groupsinvolved in design and developmentto ensure effective communicationand clear assignment ofresponsibility?Has planning output been updated,as appropriate, as the design anddevelopment progresse?NOTE Design and developmentreview, verification and validationhave distinct purposes. They can beconducted and recorded separately orin any combination, as suitable for theproduct and the organization.7.3.2 Design and development inputs
  20. 20. ISO 9001 Audit ChecklistRevision: 0 Page 20 of 37Page 20 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)Have the inputs relating to productrequirements been determined andrecords maintained (see 4.2.4)?Do these inputs shall includea) functional and performancerequirements,b) applicable statutory andregulatory requirements,c) where applicable, informationderived from previous similardesigns, andd) other requirements essential fordesign and development?Have the inputs been reviewed foradequacy?Are the requirements complete,unambiguous and not in conflict witheach other?7.33 Design and development outputsAre the outputs of design anddevelopment in a form suitable forverification against the design anddevelopment input and approved priorto release?Do design and development outputsa) meet the input requirements fordesign and development,b) provide appropriate informationfor purchasing, production andservice provision,
  21. 21. ISO 9001 Audit ChecklistRevision: 0 Page 21 of 37Page 21 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)c) contain or reference productacceptance criteria, andd) specify the characteristics of theproduct that are essential for itssafe and proper use?NOTE Information for production andservice provision can include detailsfor the preservation of product.7.3.4 Design and development reviewAt suitable stages, have systematicreviews of design and developmentbeen performed in accordance withplanned arrangements (see 7.3.1)a) to evaluate the ability of theresults of design anddevelopment to meetrequirements, andb) to identify any problems andpropose necessary actions?Did participants in such reviewsinclude representatives of functionsconcerned with the design anddevelopment stage(s) beingreviewed?Are records of the results of thereviews and any necessary actionsbeing maintained (see 4.2.4)?7.3.5 Design and developmentverificationHas verification been performed inaccordance with plannedarrangements (see 7.3.1) to ensure
  22. 22. ISO 9001 Audit ChecklistRevision: 0 Page 22 of 37Page 22 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)that the design and developmentoutputs have met the design anddevelopment input requirements?Are records of the results of theverification and any necessaryactions being maintained (see 4.2.4)?7.3.6 Design and development validationHas design and developmentvalidation been performed inaccordance with plannedarrangements (see 7.3.1) to ensurethat the resulting product is capableof meeting the requirements for thespecified application or intended use,where known?Wherever practicable, has validationbeen completed prior to the deliveryor implementation of the product?Are records of the results of validationand any necessary actions beingmaintained (see 4.2.4)?7.3.7 Control of design and developmentchangesHave design and developmentchanges been identified and recordsmaintained?Have the changes beenl reviewed,verified and validated, as appropriate,and approved before implementation?Does the review of design and
  23. 23. ISO 9001 Audit ChecklistRevision: 0 Page 23 of 37Page 23 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)development changes includeevaluation of the effect of thechanges on constituent parts andproduct already delivered?Are records of the results of thereview of changes and any necessaryactions being maintained (see 4.2.4)?7.4 Purchasing7.4.1 Purchasing processHas the organization ensured thatpurchased product conforms tospecified purchase requirements?Is the type and extent of controlapplied to the supplier and thepurchased product dependent uponthe effect of the purchased product onsubsequent product realization or thefinal product?Has the organization evaluated andselected suppliers based on theirability to supply product inaccordance with the organizationsrequirements?Has the criteria for selection,evaluation and re-evaluation beenestablished?Are the records of the results ofevaluations and any necessaryactions arising from the evaluationbeing maintained (see 4.2.4)?
  24. 24. ISO 9001 Audit ChecklistRevision: 0 Page 24 of 37Page 24 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)7.4.2 Purchasing informationDoes purchasing information describethe product to be purchased,including, where appropriate,a) requirements for approval ofproduct, procedures, processesand equipment,b) requirements for qualification ofpersonnel, andc) quality management systemrequirements?Has the organization ensured theadequacy of specified purchaserequirements prior to theircommunication to the supplier?7.4.3 Verification of purchased productHas the organization established andimplemented the inspection or otheractivities necessary for ensuring thatpurchased product meets specifiedpurchase requirements?Where the organization or itscustomer intends to performverification at the suppliers premises,did the organization state theintended verification arrangementsand method of product release in thepurchasing information?7.5 Production and service provision7.5.1 Control of production and serviceprovision
  25. 25. ISO 9001 Audit ChecklistRevision: 0 Page 25 of 37Page 25 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)Has the organization planned andcarried out production and serviceprovision under controlled conditions?Have controlled conditions included,as applicable,a) the availability of information thatdescribes the characteristics ofthe product,b) the availability of workinstructions, as necessary,c) the use of suitable equipment,d) the availability and use ofmonitoring and measuringequipment,e) the implementation of monitoringand measurement, andf) the implementation of productrelease, delivery and post-delivery activities?7.5.2 Validation of processes forproduction and service provisionHas the organization validated anyprocesses for production and serviceprovision where the resulting outputcannot be verified by subsequentmonitoring or measurement and, as aconsequence, deficiencies becomeapparent only after the product is inuse or the service has beendelivered?Has validation demonstrated theability of these processes to achieveplanned results?
  26. 26. ISO 9001 Audit ChecklistRevision: 0 Page 26 of 37Page 26 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)Has the organization establishedarrangements for these processesincluding, as applicable,a) defined criteria for review andapproval of the processes,b) approval of equipment andqualification of personnel,c) use of specific methods andprocedures,d) requirements for records (see4.2.4), ande) revalidation?7.5.3 Identification and traceabilityWhere appropriate, has theorganization identified the product bysuitable means throughout productrealization?Has the organization identified theproduct status with respect tomonitoring and measurementrequirements throughout productrealization?Where traceability is a requirement,has the organization controlled theunique identification of the productand maintain records (see 4.2.4)?NOTE In some industry sectors,configuration management is ameans by which identification andtraceability are maintained.7.5.4 Customer propertyHas the organization exercised care
  27. 27. ISO 9001 Audit ChecklistRevision: 0 Page 27 of 37Page 27 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)with customer property while it isunder the organizations control orbeing used by the organization?Has the organization identified,verified, protected and safeguardedcustomer property provided for use orincorporation into the product?If any customer property is lost,damaged or otherwise found to beunsuitable for use, has theorganization reported this to thecustomer and maintain records (see4.2.4)?NOTE Customer property can includeintellectual property and personaldata.7.5.5 Preservation of productHas the organization preserved theproduct during internal processingand delivery to the intendeddestination in order to maintainconformity to requirements?As applicable, has preservationincluded identification, handling,packaging, storage and protection?Does preservation apply to theconstituent parts of a product?7.6 Control of monitoring andmeasuring equipmentHas the organization determined the
  28. 28. ISO 9001 Audit ChecklistRevision: 0 Page 28 of 37Page 28 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)monitoring and measurement to beundertaken and the monitoring andmeasuring equipment needed toprovide evidence of conformity ofproduct to determined requirements?Has the organization establishedprocesses to ensure that monitoringand measurement can be carried outand are carried out in a manner thatis consistent with the monitoring andmeasurement requirements?Where necessary to ensure validresults, is measuring equipmenta) calibrated or verified, or both, atspecified intervals, or prior to use,against measurement standardstraceable to international ornational measurement standards;where no such standards exist,the basis used for calibration orverification shall be recorded (see4.2.4);b) adjusted or re-adjusted asnecessary;c) identified in order to determine itscalibration status;d) safeguarded from adjustmentsthat would invalidate themeasurement result;e) protected from damage anddeterioration during handling,maintenance and storage?Has the organization assessed andrecorded the validity of the previous
  29. 29. ISO 9001 Audit ChecklistRevision: 0 Page 29 of 37Page 29 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)measuring results when theequipment is found not to conform torequirements?Has the organization takenappropriate action on the equipmentand any product affected?Are records of the results ofcalibration and verification beingmaintained (see 4.2.4)?When used in the monitoring andmeasurement of specifiedrequirements, has the ability ofcomputer software to satisfy theintended application been confirmed?Was this undertaken prior to initialuse and reconfirmed as necessary?NOTE Confirmation of the ability ofcomputer software to satisfy theintended application would typicallyinclude its verification andconfiguration management tomaintain its suitability for use.8 Measurement, analysis andimprovement8.1 GeneralHas the organization planned andimplemented the monitoring,measurement, analysis andimprovement processes neededa) to demonstrate conformity to
  30. 30. ISO 9001 Audit ChecklistRevision: 0 Page 30 of 37Page 30 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)product requirements,b) to ensure conformity of the qualitymanagement system, andc) to continually improve theeffectiveness of the qualitymanagement system?Has this included determination ofapplicable methods, includingstatistical techniques, and the extentof their use?8.2 Monitoring and measurement8.2.1 Customer satisfactionAs one of the measurements of theperformance of the qualitymanagement system, has theorganization monitored informationrelating to customer perception as towhether the organization has metcustomer requirements?Have the methods for obtaining andusing this information beendetermined?NOTE Monitoring customerperception can include obtaining inputfrom sources such as customersatisfaction surveys, customer dataon delivered product quality, useropinion surveys, lost businessanalysis, compliments, warrantyclaims and dealer reports.8.2.2 Internal audit
  31. 31. ISO 9001 Audit ChecklistRevision: 0 Page 31 of 37Page 31 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)Has the organization conductedinternal audits at planned intervals todetermine whether the qualitymanagement systema) conforms to the plannedarrangements (see 7.1), to therequirements of this InternationalStandard and to the qualitymanagement systemrequirements established by theorganization, andb) is effectively implemented andmaintained?Has an audit programme beenplanned, taking into consideration thestatus and importance of theprocesses and areas to be audited,as well as the results of previousaudits?Have the audit criteria, scope,frequency and methods beendefined?Has the selection of auditors andconduct of audits ensured objectivityand impartiality of the audit process?Are there auditors auditing their ownwork?Has a documented procedure beenestablished to define theresponsibilities and requirements forplanning and conducting audits,
  32. 32. ISO 9001 Audit ChecklistRevision: 0 Page 32 of 37Page 32 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)establishing records and reportingresults?Are records of the audits and theirresults being maintained (see 4.2.4)?Has the management responsible forthe area being audited ensured thatany necessary corrections andcorrective actions are taken withoutundue delay to eliminate detectednonconformities and their causes?Have follow-up activities included theverification of the actions taken andthe reporting of verification results(see 8.5.2)?8.2.3 Monitoring and measurement ofprocessesHas the organization applied suitablemethods for monitoring and, whereapplicable, measurement of thequality management systemprocesses?Have these methods demonstratedthe ability of the processes to achieveplanned results?When planned results are notachieved, have correction andcorrective action been taken, asappropriate?NOTE When determining suitablemethods, it is advisable that the
  33. 33. ISO 9001 Audit ChecklistRevision: 0 Page 33 of 37Page 33 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)organization consider the type andextent of monitoring or measurementappropriate to each of its processesin relation to their impact on theconformity to product requirementsand on the effectiveness of the qualitymanagement system.8.2.4 Monitoring and measurement ofproductHas the organization monitored andmeasured the characteristics of theproduct to verify that productrequirements have been met?Has this been carried out atappropriate stages of the productrealization process in accordancewith the planned arrangements (see7.1)?Is evidence of conformity with theacceptance criteria being maintained?Have records indicated the person(s)authorizing release of product fordelivery to the customer (see 4.2.4)?Has the release of product anddelivery of service to the customer notproceeded until the plannedarrangements (see 7.1) have beensatisfactorily completed, unlessotherwise approved by a relevantauthority and, where applicable, bythe customer?
  34. 34. ISO 9001 Audit ChecklistRevision: 0 Page 34 of 37Page 34 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)8.3 Control of nonconforming productHas the organization ensured thatproduct which does not conform toproduct requirements is identified andcontrolled to prevent its unintendeduse or delivery?Has a documented procedure beenestablished to define thecontrols and related responsibilitiesand authorities for dealing withnonconforming product?Where applicable, has theorganization dealt with nonconformingproduct by one or more of thefollowing ways:a) by taking action to eliminate thedetected nonconformity,b) by authorizing its use, release oracceptance under concession bya relevant authority and, whereapplicable, by the customer;c) by taking action to preclude itsoriginal intended use orapplication;d) by taking action appropriate tothe effects, or potential effects, ofthe nonconformity whennonconforming product isdetected after delivery or use hasstarted?When nonconforming product iscorrected, has it been subject to re-verification to demonstrate conformityto the requirements?
  35. 35. ISO 9001 Audit ChecklistRevision: 0 Page 35 of 37Page 35 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)Are records of the nature ofnonconformities and any subsequentactions taken, including concessionsobtained, being maintained (see4.2.4)?8.4 Analysis of dataHas the organization determined,collected and analysed appropriatedata to demonstrate the suitabilityand effectiveness of the qualitymanagement system and to evaluatewhere continual improvement of theeffectiveness of the qualitymanagement system can be made?Has this included data generated as aresult of monitoring and measurementand from other relevant sources?Has the analysis of data providedinformation relating toa) customer satisfaction (see 8.2.1),b) conformity to productrequirements (see 8.2.4),c) characteristics and trends ofprocesses and products,including opportunities forpreventive action (see 8.2.3 and8.2.4), andd) suppliers (see 7.4).8.5 Improvement8.5.1 Continual improvementIs the organization continually
  36. 36. ISO 9001 Audit ChecklistRevision: 0 Page 36 of 37Page 36 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)improving the effectiveness of thequality management system throughthe use of the quality policy, qualityobjectives, audit results, analysis ofdata, corrective and preventiveactions and management review?8.5.2 Corrective actionHas the organization taken action toeliminate the causes ofnonconformities in order to preventrecurrence?Have the corrective actions beenappropriate to the effects of thenonconformities encountered?Has a documented procedure beenestablished to define requirements fora) reviewing nonconformities(including customer complaints),b) determining the causes ofnonconformities,c) evaluating the need for action toensure that nonconformities donot recur,d) determining and implementingaction needed,e) records of the results of actiontaken (see 4.2.4), andf) reviewing the effectiveness of thecorrective action taken?8.5.3 Preventive actionHas the organization determinedaction to eliminate the causes ofpotential nonconformities in order to
  37. 37. ISO 9001 Audit ChecklistRevision: 0 Page 37 of 37Page 37 / 37ISO9001ClauseAudit criteria Auditor Auditee Audit evidence(sighted/gathered)Conformity(yes, no orobservation)prevent their occurrence?Were preventive actions appropriateto the effects of the potentialproblems?Has a documented procedure beenestablished to define requirements fora) determining potentialnonconformities and their causes,b) evaluating the need for action toprevent occurrence ofnonconformities,c) determining and implementingaction needed,d) records of results of action taken(see 4.2.4), ande) reviewing the effectiveness of thepreventive action taken?

×