ISO 9001 | ISO 14001 | OHSAS 18001

Consulting | Training | Audit Services

We help organizations of all kinds meet your quality, environmental, and safety management system challenges with expert guidance, effective education, and field-tested products. Whether you're certified or not -- interested in ISO 9001 or ISO 14001, ISO/TS 16949, or OHSAS 18001 --
help is here.

Internal audit services at your site

For companies that decide not to do the required ISO 9000 / ISO 9001, ISO 14000 / ISO 14001, ISO/TS 16949, or OHSAS 18000 / OHSAS 18001 internal audits themselves, we provide contract internal audit services at competitive rates.

Based on the schedule prescribed by you, we carry out internal audits at your location. We document our audit activity on specially prepared checklists. We give you a summary report itemizing system strengths and deficiencies found - citing the requirement, description of deficiency, and supporting evidence. We also tie audit results back to the international standard, with supporting documentation.

Our audits are typically more thorough and better documented than any external audit. The difference is, with our internal audit service you receive, at no extra charge, advice, guidance, and options for correcting deficiencies and improving your quality management processes.

Request a quote now.

Rob Kantner

"The Names have been Changed"

a blog by Rob Kantner

How to do well in an ISO audit -
Part 5: Strong Corrective and Preventive Action

When it comes to corrective and preventive action, and doing well in any external ISO audit, our philosophy is: "The more the better."

  • More corrective actions
  • More thorough root cause analysis
  • More careful followup to determine effectiveness
  • More analysis to identify and address repeaters

Not that every hiccup has to become a corrective action. ISO 9001:2008 added "correction" as an option, and you're free to apply that rather than a formal, 7- or 8-step corrective action. But, in the real world, few firms waste corrective action efforts on trivia. Rather, many overlook chanes to apply corrective action to genuine process problems.

So if you want to do well in an ISO audit:

  • Have a good strong body of corrective actions in your system: completed and in-process
  • Make sure the older open ones have recent activity so it doesn't look like they've been ignored
  • And make certain that every customer complaint gets a corrective action

As to preventive?

(Full disclosure: the only time a client of mine got a major noncompliance was over preventive action. Back in 1996. But I'm over it.)

Generally, in a well run system, corrective actions outnumber preventives by at least 2:1. Part of this is human nature. In our businesses we are all attuned to firefighting, to fixing what actually goes wrong. And preventive can be a stretch: identifying potential problems and putting controls in place to prevent their occurrence.

But if you want to do well in an ISO audit, you should have in your system at least a small handful of preventive actions (some complete) that are: 1) recent, and 2) pertinent to process / quality improvement.

Thanks to the advent of ISO 9001: 2015, this particular bit of advice is about to become obsolete. Preventive action, per se, is no longer a requirement. It's supplanted (at least in part) by something called Risk-Based Thinking. But more on that later!

September 16, 2015

Earlier blog entries