REPORTING THE

AUDIT FINDINGS

GUIDANCE IN THE IMPLEMENTATION

ISO 9001:2015
WHAT AUDIT PHASE ARE WE NOW?

initiating preparing conducting

reporting

2
 WHAT DO WE NEED TO REPORT?

AUDIT FINDINGS – results of

the evaluation of the collected
audit evidence against audit
criteria
Note1: Audit findings indicate conformity or
nonconformity

Note2: Audit findings can lead to the identification

of risks, opportunities for improvement
or recording good practices 3
SAMPLE CONFORMITY FINDING

CRITERIA EVIDENCE FINDING

The organization shall The following media were presented: Conformity
determine and implement •Print (magazines, brochures, catalogs,
effective arrangements for pamphlets, posters);
communicating with
customers in relation to •Radio (“Dear PhilHealth” at DZRH,
product information “Magandang Gabi Doc” at DZMM,
“PhilHealth Hataw sa Serbisyo” at
(see ISO 9001:2015 clause DWIZ, 30 seconds spot buy,
8.2.1a) commercials)
•Television (“Good Morning Kuya” at
UNTV, TV ads)
•Internet (facebook, twitter, youtube,
website) 4
SAMPLE NONCONFORMITY FINDING
CRITERIA
Submit the Project Report
within 2.5 months after the
closing of the survey data
acquisition.
(Field Project Instruction No.
SSD-17-010)
EVIDENCE FINDING
Transmittal of the Project Report for Nonconformity
Hydrographic Survey of Manila Bay,
Vicinity of Puerto Azul, Cavite dated
May 18, 2018 was done after the
closing of survey data acquisition on
December 15, 2017.
5
WHAT IS A NONCONFORMITY?

NONCONFORMITY – non-fulfilment of a requirement

Nonconformities can be graded depending on the context of
the organization and its risks. This grading can be quantitative
(e.g. 1 to 5) and qualitative (e.g. minor, major).

6
 WHAT IS AN OFI?

OPPORTUNITY FOR
IMPROVEMENT – is a situation where
the evidence presented indicates a
requirement has been effectively
implemented, but based on auditor
experience and knowledge, additional
effectiveness or robustness might be
possible with a modified approach.
-Rules for Achieving and Maintaining IATF Recognition 7
(5th Ed)
 DOCUMENTING NONCONFORMITIES

The statement of nonconformity drives the cause analysis, correction

and corrective action by the auditee, so it should always ensure that
the following points are addressed
▰ The requirement (procedure, specification, etc.) – exactly what the
organization has committed itself to do . (i.e. audit criteria)
▰ The exact evidence of nonconformance seen – exactly what the
organization has or hasn’t done that contradicts the requirement (i.e. audit
evidence)
▰ If there’s any, the consequence on products, services, processes,
operations, customers
▰ The severity of the problem 8
 SAMPLE CAR No.: CARA-17-0023 Date: September 18, 2017
Function: General Services Department
Description of Nonconformity:
According to the Division 18 of IRR of the Fire Code of the
Criteria Philippines of 2008, monthly inspection shall be conducted by
trained personnel.
However, the latest record of inspection presented was the Fire
Evidence Safety Inspection Certificate issued by the City Fire Marshal on
October 15, 2016 after renovations were made at the lobby area
of the Day Care Center.
Consequence
This contributed to the small fire incident on August 12, 2017
caused by accumulated dirt and leaves on the outdoor parts of
the window air conditioner.
Initiator: Tony Stark

Check whether the existing form needs enhancement. 9

 CONTROL THE NC AND ITS EFFECTS

According to ISO 9001:2015 clause 10.2.1:

When an NC occurs…
a) react to the nonconformity and, as applicable:
1) take action to control and correct it;
2) deal with the consequences

10
 SAMPLE NC STATEMENTS
Correct
The Quality Policy stated that
employees must understand
their department’s objectives
and how to contribute to them.
However, three out of five
employees sampled randomly
in the sales department didn’t
understand their set objectives
or how to contribute to them.
Incorrect
All employees should
understand the company’s
quality objectives. However,
employees were ignorant of
the quality objectives and
strategic plans, and they
were obviously unprepared
to assist in continual
improvement. 11
 SUBJECTIVE VS OBJECTIVE
STATEMENTS

O ▰ Report not submitted on target date

S ▰ Work area is not organized
O ▰ Workers on an excavation with depth more than 2 meters
S ▰ Implementation is not effective
S ▰ Is not qualified
O ▰ Date of acceptance is earlier than date of inspection
O ▰ KPI monitoring chart has no entries for month of January 2014
S ▰ Unbearable working conditions
S ▰ Insufficient training
O ▰ No available frontline personnel from 1pm to 1:35pm
O ▰ Driving at 120kph
S ▰ Drive too fast 12
 FACT-FINDING VS FAULT-FINDING

“The examiner didn’t fill out the “The laboratory test reports
laboratory test reports were not completed in
correctly” accordance with the
specified requirements.”

One points the finger and says “That person screwed up.”
The second sentence simply says that both sides of the
balance sheet don’t match.
13
 REQUIREMENT VS OPINION

▰ To identify a nonconformity, a requirement is needed.

You might have a concern, observation or OFI, but it’s
not a nonconformity unless it’s clearly tied to a
requirement.
▰ if the auditor cannot identify a requirement, then the
auditor cannot raise a nonconformity
▰ If there is no audit evidence – (i.e. exactly what the
organization has or hasn’t done that contradicts the
requirement) – there is no nonconformity. 14
DO WE HAVE TO FIND AN ISO 9001
CLAUSE TO DEFINE NC?

▰ According to 9.2.1… conduct internal audits at planned

intervals to provide information on whether the QMS
conforms to the
▰ the organization’s own requirements for its QMS;
▰ the requirements of this International Standard
From this requirement it is very well possible that a
nonconformity can be set against a relevant requirement,
without the need to refer to an item in the standard
15
AUDIT FINDINGS REPORT (AFR)

▰ This should contain enough information to enable

management to assess the effectiveness of the
quality system in the area audited
▰ The audit report, therefore, should not only
contain information about nonconformities but
also the satisfactory aspects of the system
16
 CONTENTS OF AFR

▰ The audit findings report should include, or make reference to the

following:
▰ the audit objectives
▰ the audit scope
▰ acknowledgement of the auditee
▰ the identification of the audit team
▰ good practices
▰ opportunities for improvements
▰ summary of conformities / nonconformities
▰ risks that can lead to potential problems
17
 SAMPLE
Objectives:
•To evaluate effectiveness of the process
•To determine conformance with applicable requirements

Audit Scope:
•Procurement
Findings
Summary of Audit Results:
Report
Criteria Evidence Consequences Finding
The organization shall Evaluation records in selecting Conformity
determine and apply criteria the supplier for the procurement
for the evaluation… of of IT supplies were presented by
external providers the BAC Secretariat
Perform inspection and test Newly procured IT supplies are Hard drive failure of Nonconformity
prior to acceptance already being used but without two newly procured
records of inspection. laptops at IT dept.
Good Practices:
Opportunities for Improvement:
Risks:

Check whether the existing form needs enhancement. 18

 CLOSING MEETING

▰ The main purpose of this meeting is to

present audit findings to the auditee in such a
manner as to obtain his clear understanding
and acknowledgement of the factual basis of
the audit findings
▰ Disagreements should be resolved, if possible before the
lead auditor issues the formal report. Final decisions on the
significance and description of the audit findings ultimately
19
rest with the lead auditor
THANKS!
Any questions?

20