The International Organization for Standardization (ISO) has a plethora of standards, but ISO 9001 — relating to quality management systems (QMS) — is arguably its most popular. It’s also the only standard that can be certified to, which is a process over a million companies worldwide have completed. If you’d like to join their ranks, you have to undergo an audit from a third-party organization.
Audits are never a fun experience, but you can greatly reduce the stress if you prepare beforehand. Passing your ISO 9001 audit is completely doable by following these steps.
If your company operates in an audit-ready state, preparation is minimal. You do need to review your processes and documentation, and ensure that you:
The use of audit management software can help prepare your documentation, which means you can put most of your focus on preparing your people. That will also give you more time for a mock audit, which takes resources and time, but it’s well worth it. Any issues you discover during a mock audit can be dealt with before the ISO 9001 audit. This is also the best way to prepare your employees for conversations they might have with the auditor.
Document control is among the hardest part of a quality manager’s job — if you use paper. Using audit management software that has built-in document management capabilities makes it much easier to get the documents you need during an audit. You should also be aware that some documents may be requested beforehand. These include:
An electronic system lets you retrieve those documents with a simple search. Recent MasterControl research revealed that 24% of quality professionals have significant problems tied to audits and inspections. Further digitizing your quality system goes a long way toward solving those problems.
Keep in mind that this is an ISO 9001 audit, not a regulatory inspection. Unless aspects of the standard are included in the regulations of the country you’re selling in, nothing about the standard is actually mandatory. It’s important to know the difference between what the standard suggests, what regulations require, and what companies have just been doing because it’s always been done that way.
Risk-based thinking is an integral part of ISO 9001. As such, during an ISO 9001 audit risk should be top of mind. This will help you identify any issues in your quality system that might be problematic during the audit. Even if you can’t completely eliminate risk, you can still mitigate it and show the auditor that you’ve given that risk the consideration it merits. Written justification for how you handle risk will help during the audit process.
Ideally, an auditor will find no problems with your quality system and issue the ISO 9001 stamp of approval. However, the second-best outcome is to fix problems or at least start to fix them before the audit is technically over. Hold a closing meeting with the auditor to discuss the findings and what you plan to do to resolve them. Ensure that all of this is documented and that you follow through on those plans.
An electronic QMS is your best bet for tracking all the documentation involved in an ISO 9001 audit and ensuring remediation actually happens. This has broader applications than ISO compliance software in that it can be used for any type of audit or inspection. MasterControl’s research into digitization in the life sciences will give you more information on how audits and other quality processes can be improved through the use of audit management software and related system. You can access that research here.
Enjoying this blog? Learn More.
The State of Digital Quality Maturity in Pharma and MedtechDownload Now