ISO 9001:2015 IAF audit day guidelines
Amanda Foster 1083
Joined 05/07/2018 - 637 Posts
I am looking for advice regarding interpretation of the ISO 9001:2015 audit days guidelines.

Our organization is in the 26-45 employees category. Our initial certification audit (to the 2008 version of the standard) was 3 days total stage 1 and stage 2 combined. In the past our recertification audit has been 2 days, even the year we upgraded to the 2015 version of the standard. Our surveillance audit has always been 1 day. We are not a complex or high risk organization and we've had exactly 1 minor nonconformance in the entire certification experience (beginning in 2011). Our auditors routinely leave early handing us a completed preliminary report on the way out the door.

Now our registrar is claiming that they need an extra half day for surveillance audits and an extra full days for recerts. Given our history I do not see it. Looking at the IAF Audit Day Guidelines I only see recommendations for the initial audit - 4 days for an organization our size. Am I missing something? Unless it truly is mandated, I do not see any justification for the increase in audit days.
8 Replies
Duke Okes 1670
Joined 06/01/2018 - 72 Posts
I don't know what the audit day requirements are, but it could be that your registrar has not been meeting them and is trying to get into compliance.  Not doing so puts their accreditation at risk.
Duke Okes 1670
Joined 06/01/2018 - 72 Posts
PS.  Has the registrar explained the reason for the increase?  They are certainly obligated to do so.
Amanda Foster 1083
Joined 05/07/2018 - 637 Posts
I almost tagged you in this question Duke Okes‍ because I know you have vast ISO 9001 experience. It occurred to me that they could be trying to better comply, but that's not what they told us. Initially, they didn't tell us anything. When we noticed and questioned them, the response we received indicated that this is an ISO 9001:2015 update. I cannot find evidence that this is the case. Even if it was, we are at our 2nd surveillance audit and this has not been the case for the previous two audits.

They other response I got was citing the 4 days in the IAF audit day guidelines. This very specifically says that the 4 days is for the initial audit only, combined stage 1 and stage 2.
Duke Okes 1670
Joined 06/01/2018 - 72 Posts
You might consider talking with another potential registrar.  Of course if the added cost isn't a lot and they current registrar can add value, then it might not be an issue.
Amanda Foster 1083
Joined 05/07/2018 - 637 Posts
That is definitely a possibility. We are not so attached that we couldn't break ties.
Flip Diving 6661
Joined 04/01/2019 - 2 Posts
Really your post is really very good and I appreciate it. It’s hard to sort the good from the bad sometimes.You definitely put a new spin on a topic thats been written about for years.
shell shockers unblocked
Joanne Gallardo 229
Joined 04/20/2018 - 2 Posts
I recommend contacting NSF (www.nsf.org) they were pretty helpful to our organization during the certification process (IATF 16949) and we passed the audit with flying colors.

Joanne
DRD - Alabama
Amanda Foster 1083
Joined 05/07/2018 - 637 Posts
Thanks Joanne Gallardo‍, I will keep that in mind.