Alcumus ISOQAR conducts thousands of ISO 9001 audits every year. As the Head of Technical at Alcumus ISOQAR, where we review reports from our Auditors who have visited all sorts of businesses, I get to see exactly what’s going on at the ground level. What I see is the same nonconformities cropping up time and time again.
While the observations below are based on what I see in ISO 9001, there are common clauses across all ISO management systems which are built around what we know as Annex SL. So these points also apply to, for example, ISO 45001 Occupational Health & Safety, ISO 14001 Environmental Management and ISO 27001 Information Security.
By the way, you’ll get to read and hear the terms ‘nonconformity’, ‘nonconformance’ and ‘noncompliance’. While we can argue semantics, and the technical documentation uses the term ‘nonconformity’, in the real world they tend to be used interchangeably.
Anyway, here’s a light-hearted look at the 10 of the most common nonconformities we encounter during ISO management system audits. Do you recognise yourself in here?
1. Lack of written objectives.
“To be honest I’m not really sure exactly what they are or why we need them.”
2. Failure to do internal audits.
“We haven’t done any recently. We didn’t have the time. We need to update the schedule.”
3. Poor document control.
“I’m not sure where it is just at the moment…”
4. Incomplete, inadequate or inaccessible records.
“I’m pretty sure I recorded that somewhere. It might be in this file. No, hang on, I put it on a spreadsheet…Give me a minute… “
5. Inadequate control of suppliers.
“Yes I suppose we should formalise the selection of suppliers a bit better but we know these people personally and they’re a good bunch.”
6. Lack of employee training.
“We’ve been a bit short on budget for that recently.”
7. Not conducted the management review.
“Nothing has gone wrong or changed much recently so I didn’t think we needed one. We had an informal meeting without the boss but we didn’t minute it. There weren’t any actions.”
8. Failure to record nonconformities.
“We tend to discuss things and not always write them down, we want to keep bureaucracy to a minimum.”
9. Lack of corrective action on nonconformities and evidence to show completion.
“Things don’t go wrong very often but we do write them down normally. We’ve not updated the status on this one but I’m pretty sure it was done.”
10. Ineffective communication.
“To be honest I don’t really get involved. I have a lot on my plate and focus on my own job.”
Whilst it may be tempting to laugh at some of these nonconformities, almost all organisations are guilty of one or more at some point. Alcumus ISOQAR auditors are always looking for the positives in your management system – you can make their job easier by getting these basics right!