Pass the PECB ISO 9001 ISO-9001-Lead-Auditor Questions and answers with CertsForce

 Understanding "Context of the Organization":

The term "context of the organization" is defined in ISO 9001:2015 Clause 4.1, which states:

"The organization shall determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended result(s) of its quality management system."

The definition emphasizes identifying both internal and external issues that influence the organization's approach to developing and achieving its objectives.

 Option Analysis:

Option A:Correct. This option aligns with the standard definition as it explicitly mentions the combination of internal and external issues that affect the organization’s approach to achieving its objectives, which is the essence of Clause 4.1.

Option B:Incorrect. The term "comparison of internal and external issues" does not reflect the ISO 9001 requirements. The standard does not require a comparison but rather an understanding of these issues.

Option C:Incorrect. Although it mentions "complexity," the focus of ISO 9001:2015 is on identifying relevant issues rather than the complexity of those issues.

Option D:Incorrect. This option mentions "coordination" and focuses only on the positive or negative effects. ISO 9001 requires identifying issues but does not emphasize coordination.

 Clause Reference and Relevance:

ISO 9001:2015 requires organizations to understand their context because internal and external factors can influence the Quality Management System's effectiveness. Understanding this context helps in:

Addressing risks and opportunities (Clause 6.1).

Aligning the QMS with the organization’s strategic direction.

 Why A is Correct:

"Combination of internal and external issues" captures the essence of Clause 4.1, making it the accurate definition of the context of the organization.

The actions that should be taken in the context of the audit are:

•Option B: Call the individual(s) managing the audit programme to explain the situation and recommend immediate suspension of certification to protect the integrity of the Certification Body. This option is correct because the auditor has found serious and significant gaps in the QMS processes that affect the health and safety of the patients, which is a major nonconformity that may warrant suspension of certification. The auditor should inform the individual(s) managing the audit programme of the situation and the audit findings, and recommend immediate suspension of certification to protect the integrity of the Certification Body and the credibility of the certification scheme. The auditor should also follow the Certification Body’s procedures and rules for suspension of certification and communicate the decision and the consequences to the auditee.

•Option C: Continue with the meeting, present the audit conclusions and inform the DCM that the organisation will receive the audit report in due course. This option is correct because the auditor should not terminate or postpone the closing meeting due to the absence of the Catering Manager, as the DCM is the auditee’s nominated representative for the audit. The auditor should continue with the meeting, present the audit conclusions and the audit findings, and inform the DCM that the organisation will receive the audit report in due course. The auditor should also explain the audit outcome recommendation and the suspension of certification, and request the DCM to acknowledge the receipt and understanding of the audit results.

The following options are not correct:

•Option A: Close the meeting immediately after the DCM’s response and advise that the issues will be addressed at the next surveillance visit. This option is not correct because the auditor should not close the meeting without presenting the audit conclusions and the audit findings, as this would violate the audit principles of fairness and transparency. The auditor should also not advise that the issues will be addressed at the next surveillance visit, as this would imply that the auditor is accepting the auditee’s delay and inaction, and that the auditor is not taking the major nonconformity seriously.

•Option D: Conclude the meeting early and advise that it will be rescheduled once the Catering Manager has returned to work. This option is not correct because the auditor should not conclude the meeting early or reschedule it due to the absence of the Catering Manager, as this would disrupt the audit process and the audit schedule. The auditor should also not wait for the Catering Manager to return to work, as this would delay the communication and resolution of the major nonconformity, and potentially compromise the health and safety of the patients.

•Option E: Recommend that all personnel should be given urgent in-depth training in the QMS. This option is not correct because the auditor should not recommend or prescribe specific corrective actions to the auditee, as this would violate the audit principles of independence and objectivity. The auditor should only report the audit findings and the audit outcome recommendation, and leave the responsibility and authority for determining and implementing the corrective actions to the auditee.

•Option F: Thank the DCM for his time and express an expectation that improvements will be made in the QMS. This option is not correct because the auditor should not thank the DCM for his time and express an expectation that improvements will be made in the QMS, as this would imply that the auditor is satisfied and optimistic with the auditee’s performance and response, and that the auditor is not taking the major nonconformity seriously. The auditor should instead express the concern and dissatisfaction with the auditee’s QMS processes and the impact on the health and safety of the patients, and communicate the suspension of certification and the need for urgent and effective corrective actions.

The activities that are specifically required by ISO 17021-1 as part of third-party (Certification Body) surveillance audit processes are:

•Option A: Audit use of certification marks on marketing materials. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to audit the client’s use of marks and/or any other reference to certification, as applicable, to ensure conformity with the certification requirements.

•Option B: Review changes to the QMS since last visit. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review any changes affecting the client’s quality management system and its ability to continue to fulfil the requirements of the standard used for certification.

•Option C: Confirm effectiveness of internal audit and management review. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to confirm the continuing effectiveness of the client’s quality management system, including the effectiveness of the internal audit and management review processes.

•Option F: Review the status of previously raised findings and audit effectiveness of any outstanding findings. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review the status of findings and any corrective actions taken by the client in response to previous audits, and to verify the effectiveness of the implemented corrective actions.

•Option H: Verify legal compliance. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to verify the client’s compliance with applicable statutory and regulatory requirements related to the scope of certification.

•Option I: Handling of customer complaints since last visit. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review the client’s handling of customer complaints related to the certified activities since the last audit.

The following options are not correct:

•Option D: Complete a full document review of the quality management system. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to complete a full document review of the quality management system during surveillance audits. A full document review is only required during the initial certification audit or when there are significant changes to the quality management system or the certification requirements.

•Option E: Failing to meet financial responsibilities. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to audit the client’s financial responsibilities during surveillance audits. The certification body may have contractual arrangements with the client regarding the payment of fees, but this is not part of the surveillance audit process.

•Option G: Review the calibration status of the instrumentation. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to review the calibration status of the instrumentation during surveillance audits. The certification body may audit the client’s monitoring and measuring resources as part of the quality management system requirements, but this is not a specific activity required by ISO 17021-1.

•Option J: Conduct a minimum number of annual surveillance audits during the certification period. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to conduct a minimum number of annual surveillance audits during the certification period. The certification body may determine the frequency and duration of surveillance audits based on the risk and performance of the client, but this is not a specific activity required by ISO 17021-1.

A white background with black text Description automatically generated

Comprehensive and Detailed In-Depth Explanation:

According to ISO 19011:2018, Clause 6.4.9 (Audit Conclusions & Reporting):

One consolidated audit report should be drafted based on all team members’ findings.

Each auditor does not draft separate reports (B) unless explicitly required.

Thus, A is the correct answer.

According to ISO 19011:2018, clause 6.7, the audit follow-up is the process of verifying the completion and effectiveness of corrective actions taken by the auditee as a result of an audit. The audit follow-up can include two main activities:

Verifying the effectiveness of the implemented corrective actions: this means checking whether the actions taken by the auditee have addressed the root causes of the nonconformities and prevented their recurrence or occurrence in other areas. The verification can be done by reviewing documents, records, data, or other evidence provided by the auditee, or by conducting a follow-up audit on site or remotely.

Verifying corrections taken to fix the reported non-conformities: this means checking whether the auditee has corrected the nonconformities identified during the audit and eliminated their immediate effects. The verification can be done by reviewing documents, records, data, or other evidence provided by the auditee, or by conducting a follow-up audit on site or remotely.

The audit follow-up can be conducted as a separate audit or as part of a subsequent audit, depending on the audit programme, the audit objectives, the audit criteria, the audit scope, the audit risks, and the audit findings. The audit follow-up should be planned and conducted in accordance with the same principles and processes as the initial audit, and the results should be documented and reported accordingly. References:

ISO 19011:2018(en), Guidelines for auditing management systems, clause 6.7

ISO 19011 Management Systems Audit Checklist | Process Street, task 6.7.1 and 6.7.2

Conducting the Audit Follow-Up: When to Verify - The Auditor, section “Conducting the audit follow-up”

When conducting a third-party audit to ISO 9001, especially in the context of training and corrective actions taken due to customer complaints, the most appropriate audit trails to follow would be:

A. Ask if customer complaints had ceased since the multi-skilled training finished. This audit trail is relevant because it directly relates to the effectiveness of the corrective action taken. If customer complaints have decreased or ceased, it could indicate that the additional training was effective1.

F. Review records to assess if all planned training has been completed. This trail is important to ensure that the training plan has been fully implemented and to verify that all staff members have received the necessary training. It also helps in assessing the adequacy of the training in terms of content, frequency, and outcomes1.

These two trails, A and F, are closely linked to the issue of customer complaints and the organization’s response to them. They provide insight into whether the actions taken were suitable and whether they have led to improvements in staff performance and customer satisfaction1. The other options, while potentially useful, do not directly address the immediate concern of the effectiveness of the corrective actions taken in response to the customer complaints1.