This document discusses how the new ISO 9001:2015 standard will reshape the role of the quality management system auditor. The updated standard places a greater emphasis on leadership, risk-based thinking, and understanding organizational context. As a result, auditors will need enhanced skills like evaluating risk management processes and confidently interacting with top management. Auditors must also improve their understanding of the client's industry and strategic goals. Overall, the changes require auditors to audit processes more holistically and focus on evaluating the effectiveness of the quality system in order to provide value to clients.
Organizational Structure Running A Successful Business
Reshaping the Auditor
1. AUDITING TO ISO 9001:2015
Reshaping the role of
The Auditor
www.bywater.co.uk
Version 2 - Feb 2017
2. ISO 9001:2015 Headlines
The Introduction of Context will challenge
auditors in terms of their knowledge and
general business understanding
Greater emphasis on Leadership will
challenge auditors with regards to their
communication skills
More focus on Risk will challenge auditors to
deliver insightful and effective audit results to
Top Management
3. What is the aim of this presentation?
To appreciate how ISO 9001:2015 will reshape the
role of the QMS Auditor.
4. What is unchanged in ISO 9001 auditing?
Process Approach!
Verifying evidence!
6. For an organisation to demonstrate understanding of its
Context to an auditor, the auditor will need to acquire an
understanding of the issues facing the organisation (4.1) and
the key requirements of its relevant interested parties (4.2);
the auditor will need to appreciate the purpose and strategic
direction of an organisation and assess the suitability of the
Quality Management System Scope (4.3).
Understanding Context
RESULT: more audit preparation, potentially longer audits
8. Risk-Based Thinking
• For an organisation to demonstrate effective risk-based
thinking it will need to determine risks and opportunities
(6.1), plan, implement and evaluate actions (6.1.2).
• Auditors will need to assess this in detail and be open-
minded as to how this might be carried out. An auditor
should look for evidence of effectiveness (e.g. prevention of
error).
• Risk is mentioned throughout the standard.
RESULT: increased audit focus on risk, its effectiveness and
skilful effective linking of clauses (e.g. 4, 6, 9)
10. The Auditor & Top Management
• Leadership permeates the entire standard – sometimes
explicitly where “Top Management” is stated (e.g. 5, 9.3),
sometimes implicitly with choice of words (e.g. “strategic
direction” in 4.1, provision of resources in 7.1) and
sometimes in the linking of clauses (e.g. 4.1 <> 6.1).
• Auditors will need to appreciate the culture and strategy of
the organisation and engage confidently with business
leaders.
RESULT: more discussion with top management and with
other staff to verify effectiveness of leadership
12. ISO 9001:2015 Auditor Skills & Attributes
• Confidence to interview Top Management
• Understanding of organisational Context
• Ability to analyse Risk / evaluate actions
• Open-minded as to the type of evidence
• Linking clauses during audit activities
• System/Process approach
RESULT: auditor self-assessment/skills development
13. To document or not to document
• There are less requirements for documents and records in
ISO 9001:2015 (compared to ISO 9001:2008), although
there are more requirements in total! Organisations are
empowered to make decisions on how much documented
information they require in order to work efficiently and
effectively. The size of the organisation, the complexity of
processes and the competence of staff may influence this.
• There are certain items that must be maintained as
documented information (e.g. Scope, Policy, Objectives)
and others that must be retained (e.g. internal audit and
management review records).
RESULT: examine all requirements carefully before auditing
15. The new Standard may require the Auditor to enhance their
knowledge base to develop their role. This could include:
• Formal re-training (e.g. IRCA Transition course)
• Self-Assessment/peer assessment
• Updates to software/templates/checklists
• Application of risk-based auditing techniques
• Increased understanding of process approach
• Potentially reporting more ‘observations’
• More emphasis on effectiveness and improvement
Knowledge base
16. The process of transitioning 3rd Party Certification:
• Three year transition period
• Following this transition period ISO 9001:2008 will cease to
be valid
• ISO 9001:2015 Certification will be issued after an additional
surveillance visit or at planned recertification audit
• Deadline for certification/recertification is SEPT 2018
NOTE: Auditors working for accredited assessment bodies
must attend a formal Transition Course (IRCA approved 2-day
courses highly recommended). Internal/supplier auditors must
also ensure competence when auditing against new Standard.
Implications for certification
17. • Understand the changes to ISO 9001:2015 and their intent.
• Undertake a gap analysis of your organisation's current
status and identify and plan actions to enable a smooth
transition from ISO 9001:2008 to ISO 9001:2015.
• Identify the change in emphasis and approach to auditing
based on the Annex SL structure.
• Meet IRCA upgrade requirements for registered auditors
• Prepare for and undertake an audit based on ISO
9001:2015
Update your knowledge
Our ISO 9001:2015 Transition Auditor training enables you to:
View dates and locations for ISO 9001:2015 Transition training
18. Some questions to consider:
How will an auditor seek
evidence of Leadership
effectiveness?
What is the overall purpose
of Risk-based thinking?
When is Documented
Information required?
Why is it critical for the
auditor to understand the
Context of the organisation?
19. If you have any questions please contact the Training Team
Telephone: +44 (0)333 123 9001
Email: contact@bywater.co.uk
Or visit our website
www.bywater.co.uk
Contact us for more information