I’ve read through a few posts about this clause but I still don’t think I quite get it.
Currently we are ISO 9001 and transitioning over to IATF 16949 and I’m trying to make a 3 year audit calendar to spread out a few of our audits over this three year period.
I believe that some processes can be audited every 2 or 3 years due to strong documentation and previous audits showing pretty much the same results for years, while others should be audited 1-2 times a year because that’s where most of our nonconformances come from.
Based on the following line, how do you determine or show risk? Should I have some sort of risk chart in our Audit procedure or just label things as high/med/low risk on the audit schedule?
9.2.2.1 – Internal Audit Programme: “The audit programme shall be prioritized based upon risk, internal and external performance trends, and criticality of the process(es).”
Leave a Reply
You must be logged in to post a comment.