How to identify processes in an organisation
During the audit, the auditor should determine whether there is a problem of difference of terminology only, or whether there is a lack of real implementation of the process approach by the auditee.
1. Distinguishing between the concepts of a process and an activity
If an auditee cannot distinguish between the concepts of a process and an activity, the auditor can briefly explain the differences by using the guidance (clause 2.4) and definition (3.4.1) in ISO 9000: 2000 as background information. The auditor must be able to adapt to the auditee’s situation.
It is the auditor’s responsibility to understand the auditee’s systems and approach.
During the audit, the auditor should determine whether there is a problem of difference of terminology only, or whether there is a lack of real implementation of the process approach by the auditee.
There may be a need to issue a nonconformance report if
the auditee is not fully implementing the requirements stated
in ISO 9001: 2000, Clause 4.1.
If this is simply a terminology problem, there should be
no need to issue a non-conformance report, if all the requirements
of clause 4.1 are satisfied.
The auditee has the right to use its own terminology, provided the requirements of the standard are met.
The auditor should mentally develop a cross-reference list to ensure consistency and better understanding.
2. A process has defined objective(s), input(s), output(s), activities and resources
If the auditee does not understand that a process must
have defined (but not necessarily
measurable) objective(s), input(s), output(s), activities,
and resources, the auditor
should try reformulating the questions to the auditee,
avoiding the use of quality
management system jargon:
- Can you explain to me your operations here?
- What are the basic jobs carried out in your department?
- What information do you need to start your work?
- Where does it come from?
- Who receives the result of your work?
- How do you know if you’ve done your job correctly?
This should help the auditor to establish whether the processes (as per ISO 9001: 2000) are already defined, have clear inputs, outputs, objectives and so on.
3. Processes should be analysed, monitored and/or measured, and improved
If, after applying the audit
techniques outlined above, there
is an absence of any records or other proof to demonstrate
that the processes are analysed, and/ or monitored, and/or
measured, and/or improved, there would appear to be non-compliance
with part of ISO 9001:2000 Clause 4.1.
4. The auditee/auditor considers that each clause or sub-clause of ISO 900 9001:1:2000 must be defined as a separate process
If the auditor considers this as the right approach, he
should refer to relevant ISO documents, (notably the ISO/TC
176/SC
2 document N544 ISO 9000 Introduction and Support Package:
Guidance on the Concept and Use of the Process Approach)
which clearly
indicates the contrary.
If the auditee considers this as the right approach, it
is recommended that the techniques
outlined in section 2 (above) should be used.
5. Is the process approach as described in the Introduction to ISO 900 9001:1:2000 a requirement of the standard?
The description of the process approach in the “Introduction” to ISO 9001:2000 is purely informative and not a set of additional requirements.
SUMMARY
- Auditors and auditees should understand the difference between processes and activities for purposes of ISO 9001: 2000.
- A process has objectives, inputs, outputs, activities and resources.
- It is the auditor’s responsibility to understand the terminology of the organisation being audited; they should translate the organisation’s terms to the terminology of ISO 9001: 2000.
- Processes in ISO 9001: 2000 systems should be analysed, monitored and improved.