What is an ISO 9001 surveillance audit?

ISO 9001:2015 surveillance audit is an assessment that plays a vital part in maintaining your organisation’s Quality Management System (QMS). This audit is conducted to verify that your QMS is still compliant with the standard’s requirements and helps to maintain the validity of your certification. This article will outline the key elements of an ISO 9001 surveillance audit.

What is a surveillance audit?

The goal of a surveillance audit is to ensure that an organisation continues to comply with the recommendations of its chosen standard. A certification body that issues the certification of compliance conducts these audits. The certificate of compliance is valid for three years, guaranteeing that your management system will be in place as long as the certificate is valid. In a ISO 9001 internal audit page you can learn all of things about audit process. 

To ensure that the management system is still working as per its first assessment, the certification body periodically sends an auditor to the organisation to determine if the management system is working effectively or if any discrepancies have arisen. Such surveillance audits are performed at least once a year.

ISO 9001 surveillance audit

Two parts of the ISO 9001 surveillance audit are a document review and an on-site visit. During the document review, the auditor reviews relevant documents of your organisation. Such mandatory documents include the quality manual, the quality policies, appropriate procedures and quality records so that they can be verified that day are being updated regularly and are still compliant with the ISO 9001:2015 standard.

During the second part of the audit, an on-site visit takes place where the auditor will observe your organisation’s operations and speak with your employees to ensure that the QMS is working as intended. This audit aims to prove that the QMS is still effective, efficient and producing desired outcomes.

The auditor or the ISO registrar from the approved certification body will examine some of the critical processes of the QMS. The elements required in an audit include a management review, a review of the organisation’s preventive and corrective actions, quality management processes and a review of the organisation’s internal auditing processes. Additionally, the auditor will review the records, reports and results of the organisation’s internal audit and how the recommendations were implemented. 

Typically, minor weaknesses in the QMS and labelled as non-conformances. They do not necessarily lead to a massive QMS failure but decrease the efficiency of the processes. Similarly, major non-conformances could potentially lead to a gigantic QMS failure and indicate a significant loss in the quality management techniques that prevent the company from achieving its objectives and protecting its customers. Moreover, such major non-conformances could lead to a potential suspension of the ISO 9001 certificate.

As per the findings of the surveillance audit, you are given a few weeks and a list of recommendations to implement the changes. To achieve compliance, it is beneficial to maintain vigilant and detailed records of this correction-implementing and non-conformance-mitigating process.

How do I prepare for the ISO 9001 audit?

There are many steps that an organisation can take to appropriately prepare for an ISO 9001 audit.

• Good documentation: The key elements that ensure the maintenance of a company’s QMS are its developed, maintained and published policies and procedures. Consequently, the organisation must ensure that it can provide evidence to the auditor that it has followed these policies and procedures appropriately. Hence, good documentation helps to serve as evidence of compliance to auditors, where auditors can not view the results from previous inspections.
• Working to eliminate causes of non-conformities: One of the prime areas that auditors focus upon is the implementation of corrective actions. Corrective actions to mitigate non-conformities help organisations achieve compliance; however, if such non-conformances occur repeatedly, the organisation must determine its root causes. Even if the business owner cannot find the root cause of the non-conformity, it should be documented as a query. Even the attempt to find the root cause would help you perform better in a surveillance audit.
• Internal audits and management reviews: Any organisation must evaluate the performance and effectiveness of its QMS to determine compliance and identify areas of improvement. Such attempts should be visible to the auditor as they help to highlight the organisation’s commitment to continual improvement.

Conclusion

A surveillance audit is conducted to verify that an organisation’s QMS still complies with the latest standard version’s recommendations. During the surveillance audit, the auditor checks the performance and maintenance of the organisation’s systems, preventive and corrective actions, processes, internal auditing processes and their effectiveness, implementation of the recommendations, customer satisfaction rates and the updates to the company’s documentation system.