How to pass PECB ISO-9001-Lead-Auditor exam with the help of dumps?
DumpsPool provides you the finest quality resources you’ve been looking for to no avail. So, it's due time you stop stressing and get ready for the exam. Our Online Test Engine provides you with the guidance you need to pass the certification exam. We guarantee top-grade results because we know we’ve covered each topic in a precise and understandable manner. Our expert team prepared the latest PECB ISO-9001-Lead-Auditor Dumps to satisfy your need for training. Plus, they are in two different formats: Dumps PDF and Online Test Engine.
How Do I Know PECB ISO-9001-Lead-Auditor Dumps are Worth it?
Did we mention our latest ISO-9001-Lead-Auditor Dumps PDF is also available as Online Test Engine? And that’s just the point where things start to take root. Of all the amazing features you are offered here at DumpsPool, the money-back guarantee has to be the best one. Now that you know you don’t have to worry about the payments. Let us explore all other reasons you would want to buy from us. Other than affordable Real Exam Dumps, you are offered three-month free updates.
You can easily scroll through our large catalog of certification exams. And, pick any exam to start your training. That’s right, DumpsPool isn’t limited to just PECB Exams. We trust our customers need the support of an authentic and reliable resource. So, we made sure there is never any outdated content in our study resources. Our expert team makes sure everything is up to the mark by keeping an eye on every single update. Our main concern and focus are that you understand the real exam format. So, you can pass the exam in an easier way!
IT Students Are Using our QMS ISO 9001:2015 Lead Auditor Exam Dumps Worldwide!
It is a well-established fact that certification exams can’t be conquered without some help from experts. The point of using QMS ISO 9001:2015 Lead Auditor Exam Practice Question Answers is exactly that. You are constantly surrounded by IT experts who’ve been through you are about to and know better. The 24/7 customer service of DumpsPool ensures you are in touch with these experts whenever needed. Our 100% success rate and validity around the world, make us the most trusted resource candidates use. The updated Dumps PDF helps you pass the exam on the first attempt. And, with the money-back guarantee, you feel safe buying from us. You can claim your return on not passing the exam.
How to Get ISO-9001-Lead-Auditor Real Exam Dumps?
Getting access to the real exam dumps is as easy as pressing a button, literally! There are various resources available online, but the majority of them sell scams or copied content. So, if you are going to attempt the ISO-9001-Lead-Auditor exam, you need to be sure you are buying the right kind of Dumps. All the Dumps PDF available on DumpsPool are as unique and the latest as they can be. Plus, our Practice Question Answers are tested and approved by professionals. Making it the top authentic resource available on the internet. Our expert has made sure the Online Test Engine is free from outdated & fake content, repeated questions, and false plus indefinite information, etc. We make every penny count, and you leave our platform fully satisfied!
Select six of the activities that are specifically required by ISO 17021-1 as part third-party(Certification Body) surveillance audit processes.
A. Audit use of certification marks on marketing materials. B. Review changes to the QMS since last visit. C. Confirm effectiveness of internal audit and management review. D. Complete a full document review of the quality management system. E. Failing to meet financial responsibilities. F. Review the status of previously raised findings and audit effectiveness of any outstanding findings. G. Review the calibration status of the instrumentation. H. Verify legal compliance. I. Handling of customer complaints since last visit.
Answer: A,B,C,F,H,I
Explanation: The activities that are specifically required by ISO 17021-1 as part of thirdparty
•Option A: Audit use of certification marks on marketing materials. This option is correct
because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to audit the
client’s use of marks and/or any other reference to certification, as applicable, to ensure
conformity with the certification requirements.
•Option B: Review changes to the QMS since last visit. This option is correct because ISO
17021-1:2015 clause 9.6.2.2 requires the certification body to review any changes affecting
the client’s quality management system and its ability to continue to fulfil the requirements
of the standard used for certification.
•Option C: Confirm effectiveness of internal audit and management review. This option is
correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to confirm
the continuing effectiveness of the client’s quality management system, including the
effectiveness of the internal audit and management review processes.
•Option F: Review the status of previously raised findings and audit effectiveness of any
outstanding findings. This option is correct because ISO 17021-1:2015 clause 9.6.2.2
requires the certification body to review the status of findings and any corrective actions
taken by the client in response to previous audits, and to verify the effectiveness of the
implemented corrective actions.
•Option H: Verify legal compliance. This option is correct because ISO 17021-1:2015
clause 9.6.2.2 requires the certification body to verify the client’s compliance with
applicable statutory and regulatory requirements related to the scope of certification.
•Option I: Handling of customer complaints since last visit. This option is correct because
ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review the client’s
handling of customer complaints related to the certified activities since the last audit.
The following options are not correct:
•Option D: Complete a full document review of the quality management system. This option
is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification
body to complete a full document review of the quality management system during
surveillance audits. A full document review is only required during the initial certification
audit or when there are significant changes to the quality management system or the
certification requirements.
•Option E: Failing to meet financial responsibilities. This option is not correct because ISO
17021-1:2015 clause 9.6.2.2 does not require the certification body to audit the client’s
financial responsibilities during surveillance audits. The certification body may have
contractual arrangements with the client regarding the payment of fees, but this is not part
of the surveillance audit process.
•Option G: Review the calibration status of the instrumentation. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to review
the calibration status of the instrumentation during surveillance audits. The certification
body may audit the client’s monitoring and measuring resources as part of the quality
management system requirements, but this is not a specific activity required by ISO 17021-
1.
•Option J: Conduct a minimum number of annual surveillance audits during the certification
period. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not
require the certification body to conduct a minimum number of annual surveillance audits
during the certification period. The certification body may determine the frequency and
duration of surveillance audits based on the risk and performance of the client, but this is
not a specific activity required by ISO 17021-1.
References:
•ISO 17021-1:2015 Conformity assessment - Requirements for bodies providing audit and
certification of management systems - Part 1: Requirements
•ISO 9001 Lead Auditor Course Material, Module 7: Audit Follow-up and Surveillance,
Slide 8: Surveillance Audit
•ISO 9001 Lead Auditor Training Course - IRCA Certified, Section 7.2: Audit Follow-up and
During a third-party audit of a pharmaceutical organisation (CD9000) site of seven COVID-19 testing laboratories in various terminals ata major international airport, you interview the CD 9000's General Manager (GM), who wasaccompanied by Jack, the legal complianceexpert. Jack is acting as the guide in the absence of the Technical Manager due to himcontracting COVID-19.You: "What external and internal issues have been identified that could affect CD9000 andits quality management system?"GM: "Jack guided us on this. We identified issues like probable competition of anotherlaboratory organisation in the airport, legalrequirements on COVID-19 continuously changing, the shortage of competent laboratoryanalysists, the epidemic declining soon,shortage of chemicals for the analysis. It was quite a good experience."You: "Did you document these issues?"GM: "No. Jack said that ISO 9001 does not require us to document these issues."You: "How did you determine the risks associated with the issues and did you plan actionsto address them?"GM: "I am not sure. The Technical Manager is responsible for this process. Jack may beable to answer this question in his absence."Select two options for how you would respond to the General Manager's suggestion:
A. I would not accept the legal compliance expert answering the question. B. I would ask to audit the Technical Manager by phone. C. I would delay the audit until the return of the technical manager D. I would look for evidence that the actions resulting from the risk assessment had been taken. E. I would ask for a different guide instead of the legal compliance expert. F. I would ask the consultant to leave the meeting since he is not an employee of the organisation.
Answer: A,D
Explanation: According to clause 4.1 of ISO 9001:2015, the organization should determine
external and internal issues that are relevant to its purpose and its strategic direction and
that affect its ability to achieve the intended results of its quality management system. The
organization should monitor and review these issues and update them as necessary.
Although the standard does not explicitly require documented information of these issues, it
does require documented information as evidence of the implementation of the actions
taken to address risks and opportunities, as per clause 6.1. The organization should also
retain documented information as evidence of the results of the monitoring, measurement,
analysis and evaluation of its QMS, as per clause 9.1. Therefore, the auditor should not
accept the legal compliance expert answering the question, as he is not the person
responsible for the process and may not have the necessary competence or knowledge of
the QMS. The auditor should also look for evidence that the actions resulting from the risk
assessment had been taken, as this is a requirement of the standard and a way to verify
the effectiveness of the QMS. The other options are not appropriate courses of action for
the auditor, because they do not address the audit objective or criteria, or they may
compromise the audit integrity or impartiality. For example, option B may not be feasible or
reliable, as the Technical Manager may not be available or able to provide the necessary
evidence by phone. Option C may cause unnecessary delay and inconvenience for the
audit process and the auditee. Option E may not solve the problem, as the guide is not the
main source of evidence or information for the audit. Option F may be disrespectful or
unprofessional, as the consultant may have a legitimate role or interest in the audit.
References: ISO 9001:2015, ISO 9001 Auditing Practices Group Guidance on Context of
the Organization, ISO 9001 Auditing Practices Group Guidance on Audit Evidence
Question # 3
An internal auditor of a manufacturer of polystyrene packaging products for the electronicsindustry raised a nonconformity against section 10.3 of ISO 9001 in Report IA202. Thenonconformity (NC 3) stated:"The reject rate of the finished product of 9.7% needs improvement as it doesn't meet thestated objective of top management of 5%."As the third-party auditor reviewing the internal audit process, you come across thenonconformity. For corrective action, the Quality Manager conducted an investigation intothe reject rates. He reported that the collection baskets for products ejecting from themoulding machines were not large enough. About 6% of products fell onto the wet and dirtyfactory floor. Management stated that replacing the baskets was too costly and ordered theMaintenance Manager to ensure that the floor was kept clean and dry to prevent rejects.The auditor later checked the factory floor, which was wet and dirty in places.From the following nonconformities, select three that the auditor could raise to ISO 9001.
A. 10.3 - The organisation did not continuously improve. Reject rates were unchanged. B. 7.1.4 - The factory environment is not suitably maintained to prevent dirty products. C. 7.1.1 - The organisation failed to provide the required resources to prevent nonconforming products. D. 9.2.2 - Report IA202 contained a poorly worded nonconformity (NC 3). E. 8.6 - Dirty products were released to the customer. F. 7.3 - Staff were not aware that products were falling onto the factory floor. G. 10.2.1 - Conduct of an investigation was not sufficient to understand the cause of the nonconformity. H. 8.5.1 - Production operations were not properly controlled to avoid reject products.
Answer: A,B,C
Explanation: The auditor could raise the following nonconformities to ISO 9001 based on the scenario:
•Option A: 10.3 - The organisation did not continuously improve. Reject rates were
unchanged. This option is correct because ISO 9001:2015 clause 10.3 requires the
organization to improve the suitability, adequacy and effectiveness of the quality
management system. The organization did not demonstrate any improvement in reducing
the reject rate of the finished product, which was a stated objective of top management.
The corrective action taken by the organization was not effective in addressing the root
cause of the problem and preventing its recurrence.
•Option B: 7.1.4 - The factory environment is not suitably maintained to prevent dirty
products. This option is correct because ISO 9001:2015 clause 7.1.4 requires the
organization to determine, provide and maintain the environment necessary for the
operation of its processes and to achieve conformity of products and services. The
organization did not ensure that the factory floor was clean and dry, which affected the
quality of the products and increased the risk of nonconformity.
•Option C: 7.1.1 - The organization failed to provide the required resources to prevent
nonconforming products. This option is correct because ISO 9001:2015 clause 7.1.1
requires the organization to determine and provide the resources needed for the
establishment, implementation, maintenance and continual improvement of the quality
management system. The organization did not provide adequate collection baskets for the
products ejecting from the moulding machines, which resulted in products falling onto the
factory floor and becoming nonconforming.
The following options are not correct:
•Option D: 9.2.2 - Report IA202 contained a poorly worded nonconformity (NC 3). This
option is not correct because ISO 9001:2015 clause 9.2.2 does not specify the
requirements for the wording of nonconformities in internal audit reports. The
nonconformity (NC 3) stated by the internal auditor was clear and relevant to the audit
criteria and audit evidence. The issue is not with the report, but with the corrective action
taken by the organization.
•Option E: 8.6 - Dirty products were released to the customer. This option is not correct
because ISO 9001:2015 clause 8.6 requires the organization to implement planned
arrangements, at appropriate stages, to verify that the product and service requirements
have been met. The scenario does not indicate that the dirty products were released to the customer, but that they were recalled and repaired then returned to the customers. The
issue is not with the release, but with the production process and the environment.
•Option F: 7.3 - Staff were not aware that products were falling onto the factory floor. This
option is not correct because ISO 9001:2015 clause 7.3 requires the organization to ensure
that the persons doing work under its control are aware of the quality policy, relevant
quality objectives, their contribution to the effectiveness of the quality management system,
and the implications of not conforming with the quality management system requirements.
The scenario does not indicate that the staff were not aware of these aspects, but that the
management did not provide adequate resources and environment for the staff to perform
their work. The issue is not with the awareness, but with the management responsibility
and resource provision.
•Option G: 10.2.1 - Conduct of an investigation was not sufficient to understand the cause
of the nonconformity. This option is not correct because ISO 9001:2015 clause 10.2.1
requires the organization to react to the nonconformity and, as applicable, take action to
control and correct it and deal with the consequences. The scenario indicates that the
Quality Manager conducted an investigation into the reject rates and identified the cause of
the nonconformity. The issue is not with the investigation, but with the corrective action
taken by the management.
•Option H: 8.5.1 - Production operations were not properly controlled to avoid reject
products. This option is not correct because ISO 9001:2015 clause 8.5.1 requires the
organization to implement production and service provision under controlled conditions.
The scenario indicates that the production operations were controlled by the moulding
machines, which ejected the products into the collection baskets. The issue is not with the
production operations, but with the size of the collection baskets and the condition of the
factory floor.
References:
•ISO 9001:2015 Quality management systems - Requirements
Noitol is an organisation specialising in the design and production of e-learning trainingmaterials for the insurance market. During an ISO 9001 audit of the developmentdepartment, the auditor asks the Head of Development about the process used forvalidation of the final course design. She states that they usually ask customers to validatethe product with volunteers. She says that the feedback received often leads to keyimprovements.The auditor samples the design records for a recently completed course for the 247Insurance organisation. Design verification was carried out but there was no validationreport. The Head of Development advises that this customer required the product on anurgent basis, so the validation stage was omitted. When asked, the Head estimates thatthis occurs about 50% of the time. She confirms that they always ask for feedback andoften make changes. There is no record of feedback in the design file for the course.The auditor decides to review the training course design process in more depth.Select three options that provide a meaningful audit trail for this process.
A. How are students advised about prior learning requirements? B. How is customer feedback integrated into the course? C. How is the cost of the course calculated? D. What risks and opportunities have been notified to interested parties? E. How is design documentation controlled and managed? F. How is technical content of courses verified as correct? G. How is the tutor trained to deliver the completed course? H. What are the qualifications of the administrative staff?
Answer: B,E,F
Explanation: According to clause 8.3 of ISO 9001:2015, the organization should establish,
implement, and maintain a design and development process that is appropriate to ensure
the subsequent provision of products and services. The design and development process
should include the following activities:
•Determining the requirements for the products and services to be designed and
developed, considering the intended use, the statutory and regulatory requirements, the
customer and other relevant interested parties’ needs and expectations, and the potential
risks and opportunities.
•Defining the design and development objectives, stages, responsibilities, and authorities,
and ensuring the availability of adequate resources and competence.
•Implementing design and development controls, such as reviews, verification, and
validation, to ensure that the design and development outputs meet the design and
development inputs, and to identify and resolve any problems or errors.
•Maintaining documented information on the design and development inputs, outputs, reviews, verification, validation, and changes, and ensuring the traceability and conformity
of the products and services to the requirements.
•Managing the design and development changes, by identifying, reviewing, and controlling
them, and evaluating their effects on the products and services and the QMS.
In this case, the evidence statements that provide a meaningful audit trail for the design
and development process are B, E, and F, because they relate to the design and
development controls, the documented information, and the verification activities that are
required by the standard. These options can help the auditor to assess the effectiveness
and conformity of the design and development process, and to identify any nonconformities
or opportunities for improvement. The other options are not directly related to clause 8.3,
although they may be relevant for other aspects of the QMS, such as clause 7.2 on
competence, clause 7.3 on awareness, clause 7.4 on communication, clause 8.2 on
requirements for products and services, clause 8.4 on externally provided processes,
products, and services, and clause 8.7 on control of nonconforming outputs. References:
ISO 9001:2015, ISO 9001 Auditing Practices Group Guidance on Design and
Development, ISO 9001 Clause 8.3 Design and development of products and serv
Question # 5
You work for organisation A. You are asked to lead an internal audit of A's qualitymanagement system. It has a head office in Plant A1 and a second Plant A2 nearby. Dueto the COVID-19 pandemic, production in A2 was discontinued and it was rented to alogistics organisation B, not related to A. There are no A employees working in A2.Organisation A expects to reassume production in A2 as soon as possible.Which of the following actions would you consider appropriate when planning the internalaudit of A's quality management system?
A. Visit Plant A2 to interview personnel of company B B. Visit Plant A2 to interview B's quality manager C. Visit Plant A2 to interview A's security personnel and B's maintenance department D. Interview the A2 plant manager, now working in Plant A1
Answer: D
Explanation: In this scenario, the organisation A has two plants, A1 and A2, but the
production in A2 was discontinued due to the COVID-19 pandemic and the plant was
rented to another organisation B. There are no A employees working in A2, and the
organisation A expects to reassume production in A2 as soon as possible. Therefore, appropriate action to plan the internal audit of A’s quality management system is:
•Interview the A2 plant manager, now working in Plant A1: This action involves interviewing
the person who is responsible for the management and operation of the plant A2, and who
is currently working in the plant A1. The interview should aim to gather information about
the status and condition of the plant A2, the impact of the COVID-19 pandemic on the
quality management system, the arrangements and agreements with the organisation B,
and the plans and actions to resume production in the plant A25 . This action is relevant
and necessary for the internal audit, as it can help to assess the readiness and
effectiveness of the quality management system, and to identify any gaps or
nonconformities that need to be addressed.
The other options are not appropriate actions to plan the internal audit of A’s quality
management system, according to the web search results from my internal tool. They are:
•Visit Plant A2 to interview personnel of company B: This action involves visiting the plant
A2 and interviewing the personnel of the organisation B, who are not related to the
organisation A and who are not part of the quality management system. This action is
irrelevant and unnecessary for the internal audit, as it can not provide any evidence or
information about the conformity and improvement of the quality management system of
the organisation A5 .
•Visit Plant A2 to interview B’s quality manager: This action involves visiting the plant A2
and interviewing the quality manager of the organisation B, who is not related to the
organisation A and who is not part of the quality management system. This action is
irrelevant and unnecessary for the internal audit, as it can not provide any evidence or
information about the conformity and improvement of the quality management system of
the organisation A5 .
•Visit Plant A2 to interview A’s security personnel and B’s maintenance department: This
action involves visiting the plant A2 and interviewing the security personnel of the
organisation A and the maintenance department of the organisation B, who are not directly
involved in the quality management system. This action is irrelevant and unnecessary for
the internal audit, as it can not provide any evidence or information about the conformity
and improvement of the quality management system of the organisation A5 .
Therefore, the correct answer is D.
References: 1: Quality audit - Wikipedia 2: A step-by-step guide to internal quality audits 3:
ISO 9001:2015 - Quality management systems — Requirements 4: ISO 19011:2018 -
Guidelines for auditing management systems 5: Audit Process | Flowchart | Summary -
Accountinguide : What are the Stages of the Auditing Process & Why it is Important …
Question # 6
Which of the following two documents does an auditor need to prepare and complete priorto the on-site audit?
A. Audit Report B. Audit Plan C. Procedures D. Checklist / Prompts E. Risk Matrices F. Findings
Answer: B,D
Explanation: According to ISO 19011:2018, clause 6.3, the audit plan is a document that
provides the basis for agreement regarding the conduct of the audit. The audit plan should
include the information listed in my previous response, such as the audit objectives, scope,
criteria, schedule, team, methods, report, etc. The audit plan should be prepared and
completed prior to the on-site audit, and should be communicated to the audit team and the
auditee1.
According to ISO 19011:2018, clause 6.4.3, the checklist / prompts are documents that list
the questions or topics that need to be covered during an audit. The checklist / prompts can
help the auditor to collect and verify information relevant to the audit criteria, and to ensure
the consistency and completeness of the audit. The checklist / prompts should be prepared
and completed prior to the on-site audit, and should be based on the audit plan and the
audit scope and objectives1.
Therefore, the two documents that an auditor needs to prepare and complete prior to the
on-site audit are B and D, as they are essential for planning and conducting the audit. The
other options are not correct, as they are either prepared or completed after the on-site
audit, or not required by the standard:
•A. Audit Report: The audit report is a document that provides a complete, accurate,
concise, and clear record of the audit. The audit report should include the information listed
in my previous response, such as the audit objectives, scope, criteria, findings,
conclusions, etc. The audit report should be prepared and completed after the on-site audit,
and should be distributed to the audit client and the auditee1.
•C. Procedures: Procedures are documents that specify the way activities are to be
performed. Procedures may be part of the audit criteria, if they are part of the
organization’s management system, or part of the audit programme, if they are part of the
certification body’s or registrar’s requirements. Procedures are not prepared or completed
by the auditor prior to the on-site audit, but rather reviewed or followed by the auditor
during the audit1.
•E. Risk Matrices: Risk matrices are tools that help to assess and prioritize the risks and opportunities associated with the audit programme or the audit. Risk matrices may be part
of the audit programme management, if they are used to determine and evaluate the audit
programme risks and opportunities, or part of the audit preparation, if they are used to
determine and evaluate the audit risks and opportunities. Risk matrices are not prepared or
completed by the auditor prior to the on-site audit, but rather used or updated by the auditor
during the audit programme management or the audit preparation1.
•F. Findings: Findings are the results of the evaluation of the collected audit evidence
against the audit criteria. Findings can indicate either conformity or nonconformity, as well
as positive aspects or opportunities for improvement. Findings are not prepared or
completed by the auditor prior to the on-site audit, but rather generated and recorded by
the auditor during the audit activities1.
References: ISO 19011:2018(en), Guidelines for auditing management system
Question # 7
Select the term which best describes the quality management system process of modifyinga non-conforming product to bring it within acceptance criteria.
A. Concession B. Correction C. Corrective action D. Preventive action
Answer: B
Explanation: According to the ISO 9000:2015 - Quality management systems —
Fundamentals and vocabulary, correction is defined as “action to eliminate a detected
nonconformity”. A nonconformity is defined as “non-fulfilment of a requirement”. Therefore,
the process of modifying a non-conforming product to bring it within acceptance criteria is a
correction, as it eliminates the non-fulfilment of the product specification. The other options
are not correct, as they have different definitions and purposes:
•Concession: permission to release or use a nonconforming product, service or process
•Corrective action: action to eliminate the cause of a nonconformity and to prevent
recurrence
•Preventive action: action to eliminate the cause of a potential nonconformity or other
undesirable potential situation
References: ISO 9000:2015 - Quality management systems — Fundamentals and
vocabulary, ISO 9001 nonconforming product: How to understand dispositions - Advisera
Question # 8
You are an auditor from a construction organisation who is conducting a second party auditto ISO 9001 at a steel rolling mill producingstructural steelwork. When auditing the rolling process, you find that the operator who isunloading the furnace does not use theadjacent infrared pyrometer to measure the appropriate product temperature in readinessfor the next production stage.You: "How do you tell when the billet is ready for the rolling stage?"Operator: "I've done this job for 20 years. I can tell by the bright red colour."You: "What happens if the colour is wrong?"Operator: "The billet goes back into the furnace."You: "Is the pyrometer ever used?"Operator: "Only in borderline cases."You continue to interview the operator and find that around 25% of the billets are sent backto the furnace. This includes 80% of the borderline cases.Select three options that would provide evidence of conformance with clause 9.1.1 of ISO9001.
A. Periodic analysis of the results of temperature checks. B. Certification of conformance to national standards from the manufacture of the pyrometer. C. An increase in the use of the pyrometer by operators. D. Maintenance plan for the furnace. E. A procedure that provides instruction in taking billet temperature. F. Planning for monitoring and measuring the billet temperature. G. A quality objective to achieve lower recycle rates for billets. H. Annual review records for furnace operators.
Answer: A,E,F
Explanation: According to ISO 9001:2015, clause 9.1.1, the organization is required to
determine what needs to be monitored and measured, the methods for monitoring,
measurement, analysis and evaluation, as applicable, to ensure valid results, and when the
monitoring and measuring shall be performed. The organization is also required to retain
appropriate documented information as evidence of the results.
Therefore, in the scenario given, the organization should have planned for monitoring and
measuring the billet temperature, as it is a critical factor for the quality of the product and
the process. The organization should also have established a procedure that provides
instruction in taking billet temperature, using the pyrometer or other suitable methods, to
ensure consistency and accuracy. The organization should also have performed periodic
analysis of the results of temperature checks, to identify trends, problems, and
opportunities for improvement.
Hence, the options that would provide evidence of conformance with clause 9.1.1 of ISO
9001 are A, E, and F, as they are aligned with the requirements of the clause. The other
options are either irrelevant or not directly related to clause 9.1.1, as they do not pertain to
the monitoring and measurement of the billet temperature.
References:
ISO 9001:2015(en), Quality management systems — Requirements, clause 9.1.1
ISO 19011:2018(en), Guidelines for auditing management systems, clause 6.4.4
and 6.7.2
ISO 9001 Lead Auditor Training Course | IRCA Certified | BSI, section “Learning
objectives”
ISO 9001 Lead Auditor Course Material | 3FOLD Education Centre, module 5 and
6
Question # 9
Select six tasks you would expect to be completed at the audit team meeting of a thirdpartyaudit team leader and his audit team in preparation for a Closing meeting for a fourdayinitial certification audit.
A. Audit team leader informs the individual(s) managing the audit programme that theclosing meeting is ready to be held. B. Hold daily audit team meeting to review any timetable issues and potential findings andtheir impact on the audit for other team members. C. Final audit team meeting to agree findings and categories including clarification of anyuncertainties. D. Agree the roles of each audit team member for the closing meeting. E. Audit team review any points raised by the auditee nominated representative. F. Audit team agree final audit outcome recommendation. G. Audit team leader completes final report, including individual findings and certificationrecommendation. H. Audit team complete final version of their individual findings. I. Re-audit corrective actions taken to correct findings found during the audit.
Answer: C,D,E,F,H,I
Explanation: The tasks that are expected to be completed at the audit team meeting of a
third-party audit team leader and his audit team in preparation for a Closing meeting for a
four-day initial certification audit are: •Option C: Final audit team meeting to agree findings and categories including clarification
of any uncertainties. This option is correct because the audit team meeting is an
opportunity for the audit team leader and the audit team members to review and
consolidate the audit findings, to ensure that they are clear, accurate, objective, and
supported by sufficient audit evidence. The audit team should also agree on the categories
of the findings, such as nonconformity, observation, or opportunity for improvement, and
resolve any uncertainties or disagreements among the audit team members.
•Option D: Agree the roles of each audit team member for the closing meeting. This option
is correct because the audit team meeting is an opportunity for the audit team leader to
assign the roles and responsibilities of each audit team member for the closing meeting,
such as presenting the audit findings, answering questions, or taking notes. The audit team
leader should also ensure that the audit team members are prepared and confident to
perform their roles and to communicate effectively with the auditee.
•Option E: Audit team review any points raised by the auditee nominated representative.
This option is correct because the audit team meeting is an opportunity for the audit team
to review any points raised by the auditee nominated representative during the audit, such
as requests for clarification, feedback, or complaints. The audit team should consider the
validity and relevance of the points raised and decide how to address them in the closing
meeting or in the audit report.
•Option F: Audit team agree final audit outcome recommendation. This option is correct
because the audit team meeting is an opportunity for the audit team to agree on the final
audit outcome recommendation, based on the audit findings and the audit criteria. The
audit team should also consider the implications and consequences of the audit outcome
recommendation for the auditee and the certification body, and ensure that the
recommendation is consistent and justified.
•Option H: Audit team complete final version of their individual findings. This option is
correct because the audit team meeting is an opportunity for the audit team to complete the
final version of their individual findings, based on the agreement and feedback from the
audit team meeting. The audit team should ensure that their individual findings are written
in a clear, concise, and factual manner, and that they include the audit criteria, the audit
evidence, and the audit conclusion. The audit team should also submit their individual
findings to the audit team leader for review and approval.
•Option I: Re-audit corrective actions taken to correct findings found during the audit. This
option is correct because the audit team meeting is an opportunity for the audit team to reaudit
the corrective actions taken by the auditee to correct the findings found during the
audit, if applicable and feasible. The audit team should verify the effectiveness and
adequacy of the corrective actions and update the audit findings accordingly. The audit
team should also document the results of the re-audit and communicate them to the
auditee.
The following options are not correct:
Question # 10
According to ISO 19011, what two activities take place during the conduct of a audit followup?
A. Verify the effectiveness of the implemented corrective actions B. Verify corrections taken to fix the reported non-conformities C. Verify legal compliance D. Plan the next audit E. Determine feasibility of the audit F. Assign roles and responsibilities of observers
Answer: A,B
Explanation: According to ISO 19011:2018, clause 6.7, the audit follow-up is the process
of verifying the completion and effectiveness of corrective actions taken by the auditee as a
result of an audit. The audit follow-up can include two main activities:
Verifying the effectiveness of the implemented corrective actions: this means
checking whether the actions taken by the auditee have addressed the root
causes of the nonconformities and prevented their recurrence or occurrence in
other areas. The verification can be done by reviewing documents, records, data,
or other evidence provided by the auditee, or by conducting a follow-up audit on site or remotely.
Verifying corrections taken to fix the reported non-conformities: this means
checking whether the auditee has corrected the nonconformities identified during
the audit and eliminated their immediate effects. The verification can be done by
reviewing documents, records, data, or other evidence provided by the auditee, or
by conducting a follow-up audit on site or remotely.
The audit follow-up can be conducted as a separate audit or as part of a subsequent audit,
depending on the audit programme, the audit objectives, the audit criteria, the audit scope,
the audit risks, and the audit findings. The audit follow-up should be planned and
conducted in accordance with the same principles and processes as the initial audit, and
the results should be documented and reported accordingly. References:
ISO 19011:2018(en), Guidelines for auditing management systems, clause 6.7
ISO 19011 Management Systems Audit Checklist | Process Street, task 6.7.1 and
6.7.2
Conducting the Audit Follow-Up: When to Verify - The Auditor, section “Conducting
the audit follow-up”
Question # 11
Which two of the following are the key expected results of a quality management systemthat conforms to the requirements of ISO 9001:2015?
A. Consistently provide products that meet customers' requirements B. Decreased number of management system nonconformities C. Decreased number of warranty claims D. Decreased number of nonconforming products in all stages of the manufacturing cycle E. Enhanced customer satisfaction F. Increased profits
Answer: A,E
Explanation: The key expected results of a quality management system that conforms to
the requirements of ISO 9001:2015 are stated in clause 0.1 of the standard, which says:
“The adoption of a quality management system is a strategic decision for an organization
that can help to improve its overall performance and provide a sound basis for sustainable
development initiatives. The potential benefits to an organization of implementing a quality
management system based on this International Standard are: a) the ability to consistently provide products and services that meet customer and applicable statutory and regulatory
requirements; b) facilitating opportunities to enhance customer satisfaction; c) addressing
risks and opportunities associated with its context and objectives; d) the ability to
demonstrate conformity to specified quality management system requirements.” Therefore,
the two options that best match these benefits are A and E, as they directly relate to
providing products and services that meet customer requirements and enhancing customer
satisfaction. The other options are not explicitly mentioned as key expected results,
although they may be possible outcomes of implementing a quality management system.
References: ISO 9001:2015 - Quality management systems — Requirements, Key
Elements of an ISO 9001:2015 Quality Management System, What is ISO 9001 2015 as a
Quality Management Systems?
Question # 12
You work as an external quality consultant for an organisation, 'A', which providespackaged food to the public. You are asked to lead a team (you as the leader and twoother auditors) to audit a supplier, 'B', to ISO 9001 which provides packaging materials toyour organisation. It is 4 pm and the audit is close to an end; you are having an internalmeeting with the team to decide what will be presented to the auditee during the Closingmeeting. The Closing meeting was scheduled at 5 pm.You, as Audit Team Leader, audited top management. You explain to the audit team thatyou identified two nonconformities:a. There is no documented information on Top Management Reviews, as required inclause 9.3 of ISO 9001:2015.b. There is no evidence of Top Management Commitment as required in clause 5.1 of ISO9001:2015. (e.g., not ensuring the availability of resourcesto operate the QMS, not ensuring the establishment of objectives, no promotion ofimprovement, no promotion of the process approach).All agreed to present these two nonconformities. They went to meet the Top Managementof 'B' and noticed that the General Manager and three other managers (Production, HumanResources, and Sales) were present in the meeting room.Considering the seriousness of the two nonconformities to Top Management, as audit teamleader, from the following select the best option:
A. Present the nonconformities to the whole group and inform that you will recommendyour company to remove them from the approved suppliers list. B. Present the nonconformities to the managers, inform them that the report will be sentwithin 10 days, close the meeting and leave the site. C. Ask the General Manager to have a private conversation in which you present thenonconformities only to him because of their sensitive nature. D. Present the nonconformities to the whole group and analyse with them how to overcomethis situation.
Answer: D
Explanation: According to the guidance on conducting the audit closing meeting1, the
audit team leader should provide a summary of the audit findings and conclusions, invite
discussions, and agree on timelines for any corrective actions. The audit team leader
should also be respectful, constructive, and objective when presenting the nonconformities,
and avoid any personal or emotional comments. The audit team leader should also
consider the impact of the disruptive event (such as the Covid-19 pandemic) on the auditee’s context, interested parties, and risks2, and acknowledge any good practices or
improvements observed during the audit. Therefore, option D is the best option, as it
follows the best practices for the closing meeting and allows the auditee to understand the
nonconformities and their implications, and to participate in the analysis and resolution of
the issues. Option A is not correct, as it is not respectful, constructive, or objective, and it
does not invite any discussion or feedback from the auditee. It also assumes that the audit
team leader has the authority to recommend the removal of the supplier from the approved
list, which may not be the case. Option B is not correct, as it does not provide enough
information or explanation to the auditee, and it does not allow any discussion or feedback
from the auditee. It also does not follow the best practices for the closing meeting, such as
providing a summary of the audit, acknowledging any good practices, and agreeing on
timelines for corrective actions. Option C is not correct, as it does not involve the other
managers who are responsible for the functions or processes that were audited, and who
may have valuable input or information to share. It also does not follow the best practices
for the closing meeting, such as providing a summary of the audit, inviting discussions, and
agreeing on timelines for corrective actions. References: 1: Conducting the Audit Closing
Meeting: Sharing the Results2: Auditing ISO 9001:2015 in the Context of a Disruptive
Event.
Question # 13
Who would be defined as a witness during a witness audit? Choose two of the following options:
A. Someone with a qualification from the certification body B. An auditor C. An existing member of the audit team D. An assessor for the accreditation body
Answer: B,D
Explanation: Comprehensive and Detailed Explanation: = According to the web search
results from my internal tool, a witness audit is a technique used during an accreditation
audit, where the accreditation body observes the performance and competence of the
certification body auditors in conducting an audit12. A witness audit can also be used by a
certification body to monitor and evaluate its own auditors3. During a witness audit, the
following roles can be defined:
•An auditor: This is the person who is being witnessed by the accreditation body or the
certification body. The auditor is responsible for conducting the audit according to the audit
plan, criteria, and standards, and for providing audit evidence and findings123.
•An assessor for the accreditation body: This is the person who witnesses the auditor on
behalf of the accreditation body. The assessor is responsible for evaluating the auditor’s
performance and competence, and for providing feedback and recommendations to the
accreditation body123.
The other options are not defined as witnesses during a witness audit, according to the
web search results from my internal tool. They are:
•Someone with a qualification from the certification body: This is not a specific role in a
witness audit, as anyone who is involved in the audit process should have a qualification
from the certification body. Moreover, having a qualification does not necessarily mean that
the person is a witness or an auditor4.
•An existing member of the audit team: This is not a specific role in a witness audit, as the
audit team consists of the auditors who are conducting the audit, not the ones who are
witnessing it. The witness audit is a separate activity from the audit itself, and the witness
should not interfere with the audit process or influence the audit outcome123.
Therefore, the correct answer is B and D.
References: 1: DQS Inc. | Witness Audits | Auditor Training 2: Have you ever been
involved with a witness audit? - IFSQN 3: Certac - Witness Audit of Certification Bodies 4:
ISO 19011:2018 - Guidelines for auditing management systems
Question # 14
Select the term that best describes the purpose of retaining documented information in aquality management system to ISO 9001.
A. To facilitate auditing for proof of conformity to the standard. B. To provide confidence in the effectiveness of the quality management system. C. To safeguard the integrity of the quality management system. D. To support the operation of the processes of the quality management system.
Answer: D
Explanation: Documented information is a means by which an organization demonstrates
compliance. It communicates what we do and how we do things, it communicates what
happened and what results were achieved. It is, essentially, a tool for communication. ISO
9001:2015 allows an organization flexibility in the way it chooses to document its quality
management system (QMS). This enables each individual organization to determine the
correct amount of documented information needed in order to demonstrate the effective
planning, operation and control of its processes and the implementation and continual
improvement of the effectiveness of its QMS. The standard states that the organization
shall maintain documented information to the extent necessary to support the operation of
processes and retain documented information to the extent necessary to have confidence
that the processes are being carried out as planned. Therefore, the purpose of retaining
documented information is to support the operation of the processes of the QMS, not to
facilitate auditing, provide confidence or safeguard integrity, which are secondary benefits
of documented information. References: Guidance on the requirements for Documented
Information of ISO 9001:2015, ISO 9001:2015 documented information | CQI | IRCA,
Documented Information Required by ISO 9001:2015 - 9000 Store
Question # 15
In the context of a third-party audit, select the issue which is not expected to be included inthe audit plan.
A. Number of sites to be audited B. Risk to achieving audit objectives C. Expectations of the organisation's management D. Scope of the audit
Answer: C
Explanation: According to ISO 19011:2018, clause 6.3.2, the audit plan is a document that
provides the basis for agreement regarding the conduct of the audit. The audit plan should
include the following information1:
•the audit objectives, scope and criteria
•the audit team members and their roles and responsibilities
•the audit schedule, including the date, time and location of each audit activity
•the expected time and duration of meetings and interviews
•the allocation of appropriate resources to critical areas of the audit
•the identification of the audit client and the auditee
•the identification of the guides and observers, if any
•the documents and records to be reviewed before and during the audit
•the audit methods and tools to be used
•the audit language and terminology
•the audit report content, format, distribution and expected completion date
•the risk to achieving audit objectives and the contingency plan, if any
Therefore, the issue which is not expected to be included in the audit plan is C,
expectations of the organisation’s management. This issue is not relevant to the conduct of
the audit, as the audit is based on the audit criteria, not on the management’s expectations.
The management’s expectations may be considered during the audit initiation or the audit
programme management, but they are not part of the audit plan. References: ISO 19011:2018(en), Guidelines for auditing management systems, How to
create an ISO 9001 internal audit plan - Advisera
Question # 16
XYZ Corporation is an organisation that employs 100 people. As the audit team leader, youconduct a certification audit at Stage 1. When reviewing the quality management system(QMS), you find that the objectives have been defined by an external consultant usingthose of a competitor, but nothing is documented. The Quality Manager complains that thishas created a lot of resistance to the QMS, and the Chief Executive is asking questionsabout how much it will cost.Which two options describe the circumstances in which you could raise a nonconformityagainst clause 6.2 of ISO 9001?
A. The consultant has not interpreted ISO 9001 correctly. B. Quality objectives were not established in alignment with the organisation's quality policy. C. Quality objectives are not maintained as documented information. D. Establishing quality objectives did not include top management. E. The organisation cannot afford to undertake quality objectives all at once. F. Quality objectives are not being implemented by the organisations' personnel.
Answer: B,C
Explanation: According to ISO 9001:2015, clause 6.2.1, the organization is required to
establish quality objectives at relevant functions, levels, and processes for the quality
management system (QMS). The quality objectives must be consistent with the quality
policy, measurable, monitored, communicated, and updated as appropriate. The
organization is also required to maintain documented information on the quality objectives,
as per clause 7.5.1.
Therefore, in the scenario given, the quality objectives defined by the external consultant
are not in alignment with the organization’s quality policy, as they are based on those of a
competitor, rather than the organization’s own purpose, strategic direction, and customer
requirements. This creates a mismatch between the organization’s vision and goals, and
the quality objectives that are supposed to guide and measure the QMS performance.
Moreover, the quality objectives are not maintained as documented information, which
makes it difficult to communicate, monitor, and update them, as well as to demonstrate
evidence of their implementation and achievement.
Hence, the circumstances in which a nonconformity against clause 6.2 of ISO 9001 could
be raised are B and C, as they indicate a failure to comply with the requirements of clause
6.2.1. The other options are either irrelevant or not directly related to clause 6.2, as they do
not pertain to the establishment and documentation of quality objectives.
References:
ISO 9001:2015(en), Quality management systems — Requirements, clause 6.2.1
and 7.5.1 ISO 19011:2018(en), Guidelines for auditing management systems, clause 6.4.4
and 6.7.2
ISO 9001 Lead Auditor Training Course | IRCA Certified | BSI, section “Learning
objectives”
ISO 9001 Lead Auditor Course Material | 3FOLD Education Centre, module 5 and
6
Question # 17
Which two of the following statements related to Stage 1 of an initial certification auditagainst ISO 9001:2015 are true?
A. During the Stage 1 audit, the audit team: B. Verifies the degrees of customer satisfaction C. Evaluates the conditions of all sites D. Reviews the client's management system documented information E. Evaluates the results of the last management review F. Verifies the compliance with legal requirements G. Reviews the processes with high level of risk
Answer: D,G
Explanation: •
Reviews the client’s management system documented information: This activity involves
checking the documentation of the quality management system, such as the quality policy,
the quality objectives, the scope, the processes, and the procedures, to ensure that they
meet the requirements of ISO 9001:2015123. The audit team also evaluates the client’s
understanding and implementation of the standard, and identifies any gaps or
nonconformities that need to be addressed before the Stage 2 audit123.
•Reviews the processes with high level of risk: This activity involves assessing the
processes that have a significant impact on the quality of the products or services, or that
pose a high risk of nonconformity or customer dissatisfaction123. The audit team also
verifies the client’s risk management approach, and evaluates the effectiveness of the
controls and actions taken to mitigate the risks123.
The other options are not statements that are true for the Stage 1 audit, according to the
web search results from my internal tool. They may be related to other stages or types of
audits, but they are not the focus of the Stage 1 audit.
Therefore, the correct answer is D and G.
References: 1: ISO 9001 Certification Audits | Stage 1 and Stage 2 - 9001. Simplified 2:
Stage 1 of your Audit | NQA Blog 3: Getting Certified to ISO 9001 - the Stage 1 Audit
Question # 18
You are conducting a third-party Stage 1 audit at ABC Ltd, a single-site organisation thatmanufactures wooden furniture. You interview the Technical Director to learn more aboutthe organisation. The Technical Director explains that they have had a successful year andthat obtaining ISO 9001 certification will support the further growth of the business. You askfor an overview of the organisation's structure and its interrelationships with externalinterested parties.The Technical Director shows you a document detailing all business processes andinterrelationships. You notice in this document that another organisation called Teak Ltd manufactures wooden furniture on behalf of ABC Ltd. The Technical Director confirms thiscapability has been accounted for in the scope of the quality management system. Youlearn that the furniture manufactured by Teak Ltd has accounted for 40% of the salesrevenue over the previous 12 months.Which two of the following options best describe how you would plan the audit of theinterrelationship with Teak Ltd during the Stage 2 audit at ABC Ltd?
A. Verify Teak Ltd supply arrangements as described in the ABC Ltd quality management system B. Verify if Teak Ltd are certified to ISO 9001 C. Verify the controls concerning customer property implemented by Teak Ltd D. Verify how ABC Ltd evaluates the performance of Teak Ltd E. Verify the quality management system at Teak Ltd by conducting an audit at their site F. Verify whether the design processes of Teak Ltd comply with ISO 9001
Answer: A,D
Explanation: According to ISO 9001:2015, clause 8.4, an organization is required to
control the processes, products and services provided by external providers, including
those that affect the quality of the organization’s own products and services. This includes
determining the controls to be applied to the external provision of processes, products and
services, as well as the information to be communicated to the external providers. The
organization is also required to monitor, measure, and evaluate the performance of the
external providers and retain documented information of these activities.
Therefore, in the scenario given, ABC Ltd is responsible for controlling the processes,
products and services provided by Teak Ltd, as they affect the quality of ABC Ltd’s own
products and services. This means that ABC Ltd should have established criteria and
methods for evaluating the performance of Teak Ltd, as well as documented information of
the results of such evaluation. ABC Ltd should also have defined the supply arrangements
with Teak Ltd, including the specifications, requirements, and verification activities related
to the products and services provided by Teak Ltd.
Hence, the best options to describe how to plan the audit of the interrelationship with Teak
Ltd during the Stage 2 audit at ABC Ltd are A and D, as they are aligned with the
requirements of ISO 9001:2015, clause 8.4. The other options are either irrelevant or
beyond the scope of the audit, as they do not pertain to the control of external provision by
ABC Ltd.
References:
ISO 9001:2015(en), Quality management systems — Requirements, clause 8.4
ISO 19011:2018(en), Guidelines for auditing management systems, clause 6.3.1
and 6.4.2
ISO 9001 Lead Auditor Training Course | IRCA Certified | BSI, section “Learning
objectives”
ISO 9001 Lead Auditor Course Material | 3FOLD Education Centre, module 5 and 6
Question # 19
You are conducting a third-party audit to ISO 9001 and the next item on your audit plan is'internal auditing'.When reviewing a sample of audit records up to 5 years previously, you find that manycontain non-conformance reports and no actions have been taken. You interview theQuality Manager.You: "I have noted that many of the older files contain non-conformances that have not hadany corrective action taken."Quality Manager: "Because the business is always changing, the departmental managerstell me that the non-conformances are no longer applicable. I made a decision that anynon-conformance over 3 years old is automatically closed"You: "Do you obtain any confirmation beforehand from the appropriate departments thatthe non-conformances are no longer applicable."Quality Manager: " No, because they are so old I consider that they are no longerappropriate. Please remember that we take a risk-based approach which means we auditwhere and when it is considered important to do so. Select one course of action you would now take from the options.
A. Interview Top management to determine whether they were aware of and agreed theactions of the Quality Manager B. Review all non-conformances reports related to clause 9.2 of ISO 9001 C. Interview relevant Departmental managers to assess whether the older nonconformancesare still valid. D. Raise a non-conformance report against clause 9.2.2.e of ISO 9001
Answer: D
Explanation: According to ISO 9001:2015, clause 9.2.2.e, the organization is required to
retain documented information as evidence of the implementation of the audit programme
and the audit results. This includes the records of the nonconformities identified during the
internal audits and the corrective actions taken to address them. The organization is also
required to verify the effectiveness of the corrective actions, as per clause 10.2.2.
Therefore, in the scenario given, the Quality Manager’s decision to automatically close any
nonconformance over 3 years old without obtaining any confirmation from the relevant
departments or verifying the effectiveness of the corrective actions is a clear violation of the
requirements of clause 9.2.2.e. This indicates a lack of control and follow-up of the internal
audit process, as well as a potential risk of recurrence or occurrence of the nonconformities
in other areas. This also undermines the credibility and value of the internal audit
programme, as well as the risk-based approach claimed by the Quality Manager.
Hence, the best course of action to take is D, to raise a nonconformance report against
clause 9.2.2.e of ISO 9001, and to communicate the audit findings to the relevant
management. The other options are either insufficient or irrelevant to address the issue, as
they do not directly relate to the noncompliance with clause 9.2.2.e.
References:
ISO 9001:2015(en), Quality management systems — Requirements, clause 9.2.2
and 10.2.2
ISO 19011:2018(en), Guidelines for auditing management systems, clause 6.4.4
and 6.7.2
ISO 9001 Lead Auditor Training Course | IRCA Certified | BSI, section “Learning
objectives”
ISO 9001 Lead Auditor Course Material | 3FOLD Education Centre, module 5 and
6
Question # 20
Which two of the following aspects of a quality management system must the organisationcontinually improve?
A. Suitability B. Adaptability C. Effectiveness D. Responsiveness E. Efficiency F. Applicability
Answer: C,E
Explanation: According to the ISO 9001:2015 document, the organisation must continually
improve the suitability, adequacy, and effectiveness of the quality management system1.
However, among the six options given, only effectiveness is directly mentioned as an
aspect of the quality management system that must be continually improved. Therefore, C
is one of the correct answers. Efficiency, on the other hand, is not explicitly stated as an aspect of the quality
management system that must be continually improved, but it is implied by the quality
management principle of improvement, which states that successful organisations have an
ongoing focus on improvement2. One of the key benefits of applying this principle is
improving operational effectiveness and efficiency2. Therefore, E is another correct
answer.
Suitability, adaptability, responsiveness, and applicability are not aspects of the quality
management system that must be continually improved, according to the ISO 9001:2015
document. They may be related to the quality management system, but they are not the
focus of continual improvement.
Therefore, the correct answer is C and E.
References: 1: ISO 9001:2015 - Quality management systems — Requirements 2: ISO -
Quality management principles
Question # 21
Which two of the following auditors would not participate in a first-party audit?
A. An auditor employed by an external consultancy organisation B. An auditor from an interested party C. An auditor trained in-house D. An auditor trained in the IRCA scheme E. An auditor certified by IRCA F. An auditor from a customer
Answer: A,F
Explanation: A first-party audit is an internal audit conducted by auditors who are
employed by the organization being audited but who have no vested interest in the audit
results of the area being audited1. The purpose of a first-party audit is to assess the
conformity of the organization’s quality management system to the requirements of ISO
9001 and to identify opportunities for improvement2. Therefore, the two auditors who would
not participate in a first-party audit are:
•A. An auditor employed by an external consultancy organization: This auditor is not
employed by the organization being audited, and therefore does not qualify as a first-party
auditor. This auditor may be hired to conduct a second-party audit (if the external
consultancy organization is a customer or supplier of the organization being audited) or a
third-party audit (if the external consultancy organization is a certification body or registrar).
•F. An auditor from a customer: This auditor is not employed by the organization being
audited, and therefore does not qualify as a first-party auditor. This auditor may be hired to
conduct a second-party audit, as a customer is an interested party that has specific
requirements for the organization being audited.
The other options are not correct, as they could participate in a first-party audit, as long as
they are employed by the organization being audited and have no vested interest in the
audit results of the area being audited:
•B. An auditor from an interested party: This auditor could be a first-party auditor, as long
as the interested party is within the organization being audited. For example, an auditor
from the finance department could audit the production department, as long as they are not
involved in the production process or affected by its outcomes.
•C. An auditor trained in-house: This auditor could be a first-party auditor, as long as they
are employed by the organization being audited and have no vested interest in the audit
results of the area being audited. The source of the auditor’s training is not relevant for determining the type of audit, as long as the auditor is competent and qualified to perform
the audit.
•D. An auditor trained in the IRCA scheme: This auditor could be a first-party auditor, as
long as they are employed by the organization being audited and have no vested interest in
the audit results of the area being audited. The IRCA scheme is a professional certification
scheme for auditors of management systems, which provides recognition of the auditor’s
competence and credibility3. However, being trained in the IRCA scheme does not
determine the type of audit, as long as the auditor is competent and qualified to perform the
audit.
•E. An auditor certified by IRCA: This auditor could be a first-party auditor, as long as they
are employed by the organization being audited and have no vested interest in the audit
results of the area being audited. Being certified by IRCA means that the auditor has met
the requirements of the IRCA scheme and has demonstrated their competence and
credibility as an auditor of management systems3. However, being certified by IRCA does
not determine the type of audit, as long as the auditor is competent and qualified to perform
the audit.
References: First Party Audits: The 5 Steps to Success - Sync Resource Inc, ISO 9001
Auditing Practices Group, IRCA - International Register of Certificated Auditors
Question # 22
During a second-party audit of a dairy farm (by a potential customer) complying with ISO9001:2015, the auditor verifies that there is large variability in the daily production of themilking yard. The current agreement with their only customer is to provide 2,000 litres perday. However, in the last two years, they have noticed an increasing variability in dailyproduction.If they produce less than 2,000 litres, they are penalised with a fine of 1.5 pesos for everylitre that they do not provide. If they produce more than 2,000 litres, they use the extra milkto feed the pigs.This process has been in operation for decades. The dairy farm was founded by thegrandfather of the current owners, who did not want to alter the established practices.The auditor raises a nonconformity on the basis that the process is not under control(Clause 8.1).If you had been the auditor, which one of the following actions would you have accepted?
A. Modify the contract with the current customer to provide them with only 1,500 litres ofmilk per day and make an agreement with a second customer. B. Apply the existing process of addressing the risks and opportunities of milk production. C. Retain the current contract and try to sell the occasional surplus milk to a second customer. D. Analyse the daily dispatch of milk for 7 days to determine its variability.
Answer: B
Explanation: The action that the auditor would have accepted is:
•Option B: Apply the existing process of addressing the risks and opportunities of milk
production. This option is correct because ISO 9001:2015 clause 8.1 requires the
organization to plan, implement and control the processes needed to meet the
requirements for the provision of products and services, and to implement actions determined in clause 6.1, which refers to the actions to address risks and opportunities.
The organization should apply the existing process of addressing the risks and
opportunities of milk production, which may include identifying the sources of variability,
assessing the potential impacts and consequences, determining and implementing
appropriate actions to reduce or eliminate the variability, monitoring and measuring the
effectiveness of the actions, and reviewing and updating the actions as necessary.
The following options are not correct:
•Option A: Modify the contract with the current customer to provide them with only 1,500
litres of milk per day and make an agreement with a second customer. This option is not
correct because it does not address the root cause of the variability in the daily production
of the milking yard, which may affect the quality and consistency of the products and
services provided by the organization. It also does not demonstrate the organization’s
commitment to meet the customer and applicable statutory and regulatory requirements, as
required by ISO 9001:2015 clause 8.2.2.
•Option C: Retain the current contract and try to sell the occasional surplus milk to a
second customer. This option is not correct because it does not address the root cause of
the variability in the daily production of the milking yard, which may affect the quality and
consistency of the products and services provided by the organization. It also does not
demonstrate the organization’s commitment to meet the customer and applicable statutory
and regulatory requirements, as required by ISO 9001:2015 clause 8.2.2.
•Option D: Analyse the daily dispatch of milk for 7 days to determine its variability. This
option is not correct because it does not address the root cause of the variability in the daily
production of the milking yard, which may affect the quality and consistency of the products
and services provided by the organization. It also does not demonstrate the organization’s
commitment to implement actions to address risks and opportunities, as required by ISO
9001:2015 clause 8.1.
References:
•ISO 9001:2015 Quality management systems - Requirements, Clause 8: Operation,
Subclause 8.1: Operational planning and control, Subclause 8.2: Requirements for
products and services
•ISO 9001 Lead Auditor Course Material, Module 4: ISO 9001:2015 Requirements, Slide
23: Clause 8 - Operation
•ISO 9001 Lead Auditor Training Course - IRCA Certified, Section 4.2: ISO 9001:2015
Select one option that must be considered when determining the scope of a QMS to ISO9001.sation's context
A. Business improvement B. Performance of business processes C. External issues of the organi D. Competence of top management
Answer: C
Explanation: According to ISO 9001:2015, clause 4.3, the organization is required to
determine the scope of its quality management system (QMS) by considering the external
and internal issues referred to in clause 4.1. Clause 4.1 requires the organization to
determine the external and internal issues that are relevant to its purpose and strategic
direction, and that affect its ability to achieve the intended results of its QMS. These issues
can include positive and negative factors or conditions for consideration, such as legal,
technological, competitive, market, cultural, social, and economic environments, whether
international, national, regional, or local. The organization is also required to monitor and
review these issues.
Therefore, the correct answer is C, as external issues of the organization’s context are one
of the factors that must be considered when determining the scope of the QMS. The other
options are either not directly related to the scope of the QMS, or are not explicitly
mentioned in clause 4.3.
References:
ISO 9001:2015(en), Quality management systems — Requirements, clause 4.1
and 4.3
ISO 9001:2015 – How to determine the scope of your QMS - Advisera, section
“Considerations for determining the scope of the QMS in ISO 9001”
ISO 9001 Lead Auditor Training Course | IRCA Certified | BSI, section “Learning
objectives”
ISO 9001 Lead Auditor Course Material | 3FOLD Education Centre, module 4
Question # 24
An audit team leader arrives at a printing organisation to carry out a Stage 2 audit for acertification body. At a meeting with the Quality Manager, she is told that they have wontheir biggest contract from a computer manufacturer to print and compile computerdocumentation packages. They have leased the unit next door for space reasons but havenever worked in this sector before. The Quality Manager wants the ISO 9001 certificate tocover the new contract. During the audit, a team member finds that a number of print jobs have been rejected byseveral clients over a number of months due to spelling errors in the print run. The PrintManager blames the new employees they had to take on because of a big contract. Theauditor raises a nonconformance against clause 10.2.1.b of ISO 9001.Which one of the evidence statements would support this finding?
A. There was no record that the organisation evaluated the effectiveness of the traininggiven to new employees. B. There was no evidence that a check of spelling took place before the release of printingto the client. C. The actions taken to deal with customer complaints did not prevent recurrence of theproblem. D. The organisation did not provide the correct resources to prevent nonconformity.
Answer: C
Explanation:
According to clause 10.2.1.b of ISO 9001:2015, the organization should evaluate the need
for action to eliminate the causes of nonconformities, in order to prevent their recurrence.
This means that the organization should identify and address the root causes and
contributing factors of the nonconformities, and implement appropriate corrective actions
that are effective and proportional to the impact of the nonconformities. In this case, the
evidence statement that supports the finding of nonconformance is C, because it shows
that the organization did not take effective actions to prevent the recurrence of the spelling
errors in the print run, which resulted in repeated customer rejections and dissatisfaction.
The other options are not directly related to clause 10.2.1.b, although they may indicate
other nonconformities or weaknesses in the organization’s QMS. For example, option A
may relate to clause 7.2 on competence, option B may relate to clause 8.6 on release of
products and services, and option D may relate to clause 7.1 on resources. References:
ISO 9001:2015, [ISO 9001 Auditing Practices Group Guidance on Nonconformity and
Corrective Action], ISO 9001 Clause 10. Improvement - ISO-templates.com
Question # 25
Which two of the following should be included in an audit plan?
A. List of findings from the last audit B. Name of the auditee general manager C. Signature of Certification Body Technical Reviewer D. Sequence and timings of audit activities E. Date of next audit F. Name of auditees and auditors
Answer: D,F
Explanation: According to ISO 19011:2018, clause 6.3.2, an audit plan should include the
following information:
The audit objectives, scope, and criteria
The audit team members and their roles and responsibilities
The audit schedule, including the sequence and timings of audit activities, such as
opening meeting, document review, interviews, observations, closing meeting, etc.
The expected time and duration of each audit activity and location
The name and contact details of the auditee’s representative and other relevant
parties
The allocation of appropriate resources to support the audit activities
The audit methods and techniques to be used, such as interviews, observations,
sampling, etc.
The audit documents and records to be prepared and retained
The audit language and communication methods
The audit risks and opportunities and how to address them
The audit follow-up arrangements, if applicable
Therefore, the correct answer is D and F, as they are essential elements of an audit plan.
The other options are either irrelevant or optional for an audit plan. References:
ISO 19011:2018(en), Guidelines for auditing management systems, clause 6.3.2
ISO 19011: Guidelines for Auditing Management Systems | ASQ, section “Making
audit arrangements”
ISO 19011 Management Systems Audit Checklist | Process Street, task 6.3.2
Question # 26
During a second-party audit, the auditor examines the records that are available for theexternal provider, ABC Forgings, to whom manufacturing has recently been outsourced.There are standard external provider checklists for three competitors for the contract andthere are inspection records from the trial manufacturing batches produced by ABCForgings. There is no documented evidence of the criteria used to confirm the appointmentof ABC Forgings, and no contract or terms and conditions. Ongoing monitoring indicatesthat external provider performance is satisfactory, but no documented information has beenretained.Select two options for the evidence which demonstrates a nonconformity with clause 8.4 ofISO 9001.
A. There was no documentation which provided evidence of any monitoring of the external provider. B. The auditee required the outsourced products on an urgent basis before the completion of the paperwork. C. The auditee did not retain documentation on the selection and evaluation of the external provider. D. The external provider asked for the contract details to be verbal only. E. There were no receipt inspection records of the incoming materials. F. The auditee trusted the external provider because of a long-standing relationship withthem.
Answer: A,C
Explanation: According to clause 8.4 of ISO 9001:2015, the organization should ensure
that externally provided processes, products, and services conform to the specified
requirements. To do so, the organization should:
•Establish the criteria for the selection, evaluation, and re-evaluation of external providers,
based on their ability to provide processes, products, and services in accordance with the
requirements. The criteria should be documented and applied consistently.
•Evaluate the potential external providers before selecting them, using the established
criteria. The evaluation methods may include questionnaires, audits, references, samples,
etc. The results of the evaluation should be documented and reviewed.
•Select the external providers that have demonstrated their competence and conformity to
the requirements. The selection should be based on the evaluation results and the
organization’s needs. The selection should be documented and approved.
•Communicate the requirements for the processes, products, and services to be provided
by the external provider, including the verification and validation activities, the acceptance
criteria, the documentation requirements, the changes control, etc. The communication
methods may include purchase orders, contracts, agreements, etc. The communication
should be clear, complete, and timely.
•Monitor the performance and conformity of the external provider, using the established
criteria and methods. The monitoring methods may include inspections, tests, audits,
feedback, complaints, etc. The monitoring results should be documented and analyzed.
In this case, the evidence statements that demonstrate a nonconformity with clause 8.4 are
A and C, because they show that the organization did not retain documented information of
the selection and evaluation of the external provider, and the monitoring of the external
provider’s performance. These are requirements of the standard and essential for ensuring
the quality of the externally provided processes, products, and services. The other options
are not directly related to clause 8.4, although they may indicate other nonconformities or
weaknesses in the organization’s QMS. For example, option B may relate to clause 7.1.3
on contingency planning, option D may relate to clause 8.2.3 on review of requirements,
option E may relate to clause 8.6 on release of products and services, and option F may
relate to clause 5.1.1 on leadership and commitment. References: ISO 9001:2015, [ISO
9001 Auditing Practices Group Guidance on Scope], Mastering the Scope of ISO 9001
Quality Management Systems
Question # 27
Audit criteria are a set of requirements used as a reference against which objectiveevidence is compared.Which two of the following are not potential audit criteria?
A. ISO management system standards B. Verbal statements by the general manager C. Verbal agreements with interested parties D. Health and safety notices E. Written agreements with interested parties F. Commercial advertisements G. Organisation's documented information H. Claims made on the organisation's website I. Commitment to follow principles issued by an NGO
Answer: F,H
Explanation: According to ISO 19011:2018, clause 3.2, audit criteria are a set of policies,
procedures or requirements used as a reference against which objective evidence is
compared. Audit criteria are usually selected by the audit client or by agreement between
the audit client and the auditee, and they should be appropriate for the audit scope and
objectives1. Audit criteria may include, but are not limited to, the following sources2:
•ISO management system standards, such as ISO 9001, ISO 14001, ISO 45001, etc.
•Verbal statements by the general manager or other top management, as long as they are
consistent with the documented policies and objectives of the organisation
•Verbal agreements with interested parties, such as customers, suppliers, regulators, etc.,
as long as they are documented and approved by the relevant authorities
•Health and safety notices, such as posters, signs, labels, etc., that communicate the
organisation’s legal obligations, policies, or procedures
•Written agreements with interested parties, such as contracts, orders, specifications, etc.,
that define the requirements and expectations of the parties involved
•Organisation’s documented information, such as policies, procedures, manuals, records,
etc., that describe the organisation’s management system and its processes
•Commitment to follow principles issued by an NGO, such as the United Nations Global
Compact, the International Labour Organization, etc., as long as they are relevant to the organisation’s context and objectives
•Environmental aspects register, such as a list of the environmental impacts and risks
associated with the organisation’s activities, products, and services
Therefore, the two options that are not potential audit criteria are F and H, as they are not
reliable or verifiable sources of information, and they may not reflect the actual
performance or conformity of the organisation’s management system. Commercial
advertisements and claims made on the organisation’s website are forms of marketing
communication that may be exaggerated, misleading, or inaccurate, and they are not
subject to the same level of scrutiny or approval as the other sources of audit criteria.
References: ISO 19011:2018(en), Guidelines for auditing management systems, What are
audit criteria? - ISO Update
Question # 28
Which two of the following are the key expected results of a quality management systemthat conforms to the requirements of ISO 9001:2015?
A. Decreased number of nonconforming products in all stages of the manufacturing cycle B. Decreased number of management system nonconformities C. Consistently provide products that meet customers' requirements D. Increased profits E. Decreased number of warranty claims F. Enhanced customer satisfaction
Answer: C,F
Explanation: According to the ISO 9001:2015 document, the key expected results of a
quality management system that conforms to the requirements of ISO 9001:2015 are:
•the ability to consistently provide products and services that meet customer and applicable
statutory and regulatory requirements;
•the enhancement of customer satisfaction.
These results are derived from the quality management principles of customer focus and
process approach, which are the basis of the ISO 9000 family of standards1. Customer
focus means understanding and meeting customer needs and expectations, as well as
exceeding them when possible1. Process approach means managing activities as
interrelated processes that function as a coherent system, which leads to consistent and
predictable results1.
Therefore, the correct answer is C and F.
References: 2: ISO 9001:2015 - Quality management systems — Requirements 1: ISO -
Quality management principles
Question # 29
In a third-party audit to ISO 9001, select two options of when the organisation is required toact in response to reported findings.
A. A recommendation is given in the report. B. A finding of good practice is reported. C. An opportunity for improvement is raised. D. A major non-conformity is raised. E. A finding of conformity is reported. F. A minor non-conformity is raised.
Answer: D,F
Explanation: According to ISO 19011:2018, clause 6.6.2, a nonconformity is the nonfulfilment
of a requirement. A nonconformity can be classified as either major or minor,
depending on the nature and extent of the deviation from the audit criteria. A major
nonconformity is a nonconformity that affects the ability or the integrity of the organization’s
management system to achieve the intended results. A minor nonconformity is a
nonconformity that does not affect the ability or the integrity of the organization’s
management system to achieve the intended results, but is a deviation from the audit
criteria1.
According to ISO/IEC 17021-1:2015, clause 9.4.9, the organization is required to analyze
the cause and describe the specific correction and corrective actions taken, or planned to
be taken, to eliminate detected nonconformities, within a defined time. The organization is
also required to provide the certification body with records and evidence of the
implementation and effectiveness of the correction and corrective actions taken. The
certification body will then verify the correction and corrective actions taken by the
organization and decide on the certification status2.
Therefore, the two options of when the organization is required to act in response to
reported findings are D and F, as they indicate the presence of nonconformities that need
to be corrected and prevented from recurring. The other options are not correct, as they do
not require the organization to act in response to reported findings:
•A. A recommendation is given in the report: A recommendation is a suggestion for
improvement that is not related to a nonconformity. A recommendation is not binding for
the organization and does not affect the certification status. The organization may choose
to accept or reject the recommendation, but it is not required to act on it.
•B. A finding of good practice is reported: A finding of good practice is a positive
observation that indicates a strength or a best practice of the organization’s management
system. A finding of good practice is not related to a nonconformity and does not affect the
certification status. The organization may choose to acknowledge or share the finding of
good practice, but it is not required to act on it.
•C. An opportunity for improvement is raised: An opportunity for improvement is a potential
area where the organization’s management system can be enhanced or optimized. An
opportunity for improvement is not related to a nonconformity and does not affect the
certification status. The organization may choose to pursue or ignore the opportunity for
improvement, but it is not required to act on it. •E. A finding of conformity is reported: A finding of conformity is a confirmation that the
organization’s management system fulfils the audit criteria. A finding of conformity is not
related to a nonconformity and does not affect the certification status. The organization
may choose to celebrate or communicate the finding of conformity, but it is not required to
act on it.
References: ISO 19011:2018(en), Guidelines for auditing management systems, ISO/IEC
17021-1:2015(en), Conformity assessment — Requirements for bodies providing audit and
certification of management systems — Part 1: Requirements
Question # 30
Takitup is a small fabrication organisation that manufactures steel fencing, stairs andplatforms for the construction sector. It has been certified to ISO 9001 for some time andhas appointed a new Quality Manager. The audit plan during a surveillance audit coversthe organisation's improvement actions and the auditor asks to see the most recentmanagement review meeting minutes.The auditor finds that the management review report records that none of the improvementactions set by the previous review has been realised for a second time. A new QualityManager has been brought in at the middle management level to rectify the situation as theorganisation is concerned that it might lose its certification.Select three options that would provide evidence of conformance with clause 10.3 of ISO9001.
A. Outsource more processes to external providers B. Removing expensive external providers from the database. C. An increase in the number of quality staff. D. A quality objective to achieve lower reject rates by quality control. E. Considering results from the analysis of the effectiveness of corrective actions to determine improvement opportunities. F. The certification body auditor reporting fewer nonconformities. G. An enhanced customer satisfaction survey score than in the previous year. H. Automate the fabrication process to increase profitability.
Answer: D,E,G
Question # 31
Which two of the following are included in the objectives of the 'Stage 1 initial certification audit'?
A. To evaluate the performance of monitoring and reviewing activities. B. To evaluate the preparedness of the organisation for a Stage 2 audit. C. To evaluate the internal audit and management review processes. D. To review the quality manual. E. To make a decision on certification to ISO 9001:2015. F. To evaluate the operational processes of the organisation.
Answer: B,D
Explanation: •To evaluate the preparedness of the organisation for a Stage 2 audit: This
objective involves assessing the readiness of the organisation to undergo the Stage 2
audit, where the conformity and effectiveness of the quality management system will be
verified123. The audit team will check the level of implementation and understanding of the
quality management system, identify any major gaps or nonconformities, and confirm the
audit scope, criteria, and plan123.
•To review the quality manual: This objective involves reviewing the documented
information of the quality management system, such as the quality policy, the quality
objectives, the scope, the processes, and the procedures, to ensure that they meet the
requirements of ISO 9001:2015123. The audit team will also evaluate the organisation’s
understanding and application of the standard, and identify any areas of improvement or
concern123.
The other options are not included in the objectives of the Stage 1 initial certification audit,
according to the web search results from my internal tool. They may be related to other
stages or types of audits, but they are not the focus of the Stage 1 audit.
Therefore, the correct answer is B and D.
References: 1: ISO 9001 Certification Audits | Stage 1 and Stage 2 - 9001. Simplified 2:
Stage 1 of your Audit | NQA Blog 3: Getting Certified to ISO 9001 - the Stage 1 Audit
Question # 32
Which one of the following options best describes the purpose of a Stage 1 third-partyaudit?
A. To determine the auditees understanding of ISO 9001. B. To get to know the organisation's customers. C. To learn about the organisation's procurement processes. D. To introduce the audit team to the client.
Answer: A
Explanation: The purpose of a Stage 1 third-party audit is to determine an organization’s
readiness for their Stage 2 Certification Audit. During the Stage 1, the auditor will review
the organization’s management system documented information, evaluate the site-specific
conditions, and have discussions with personnel. The objective is to assess the alignment
of the organization’s design with ISO 9001 requirements and to identify any areas of
concern that could be classified as a nonconformance during the Stage 2 Audit. The
auditor will also use the Stage 1 Audit to complete Stage 2 Audit planning, including a
review of the allocation of resources and details for the next phase of the audit. Therefore,
the option that best describes the purpose of a Stage 1 third-party audit is A, to determine
the auditees understanding of ISO 9001. The other options are not correct, as they are not
the main focus of a Stage 1 audit:
•B. To get to know the organization’s customers: This is not the purpose of a Stage 1 audit,
as the auditor is not interested in the specific details of the organization’s customers, but
rather in the organization’s ability to meet customer and applicable statutory and regulatory
requirements.
•C. To learn about the organization’s procurement processes: This is not the purpose of a
Stage 1 audit, as the auditor is not interested in the specific details of the organization’s
procurement processes, but rather in the organization’s ability to control externally provided
processes, products and services.
•D. To introduce the audit team to the client: This is not the purpose of a Stage 1 audit, as
the auditor is not there to make introductions, but rather to conduct a preliminary examination of the organization’s compliance with ISO 9001 standards.
References: What is the difference between Stage 1 and Stage 2 Audits? - ISO Update,
The ISO 9001 Audit Process Explained | ISO Explained, What is an ISO Stage 2 Audit? —
RiskOptics - Reciprocity
Question # 33
You have been nominated audit team leader of a third-party audit. Which of the followingcould be the two most relevant objectives of this audit?
A. Evaluate the satisfaction interested parties B. Evaluate the effectiveness of the management system C. Identify the need of resources D. Evaluate the capability of the management system to establish and achieve objectives E. Identify opportunities for improvement F. Evaluate the benefits obtained since the implementation of the management system
Answer: B,D
Explanation:
Evaluate the effectiveness of the management system: This objective involves verifying
that the quality management system meets the requirements of a specific standard, such
as ISO 9001:2015, and that it achieves the intended results and outcomes. The audit team
will collect and analyse audit evidence to determine the degree of conformity and
performance of the quality management system23.
•Evaluate the capability of the management system to establish and achieve objectives:
This objective involves verifying that the quality management system supports the strategic
direction and policies of the organization, and that it addresses the needs and expectations
of the interested parties. The audit team will assess the suitability, adequacy, and
alignment of the quality management system objectives, and the effectiveness of the
planning and implementation processes to achieve them23.
The other options are not the most relevant objectives of a third-party audit, according to
the web search results from my internal tool. They may be related to other aspects or types
of audits, but they are not the focus of a third-party audit.
Therefore, the correct answer is B and D. References: 1: Safeguarding Your Business: The Power of Third-Party Security Audits 2:
ISO 19011:2018 - Guidelines for auditing management systems 3: Third Party Audit –
QMSGurus.com
Question # 34
An internal auditor of a manufacturer of polystyrene packaging products for the electronicsindustry raised a nonconformity against section 10.3 of ISO 9001 in ReportIA202. The nonconformity (NC 3) stated:"The reject rate of 'finished' product of 9.7% needs improvement as it doesn't meet thestated objective of top management of 5%." Just before the Closing meeting of a third-party audit, the audit team leader is invited to ameeting with the Quality Manager. He tells the audit team leader that amember of the audit team was seen taking photographs of the factory on his phone duringthe day and wants him suspended from the Closing meeting with anynonconformities raised by him rescinded. The issue of photographs was not discussedduring the opening meeting.Select the three options for how the audit team leader might deal with this situation.
A. Insist that the nonconformities must stand since they have been agreed by the team from other evidence gathered B. Delay the Closing meeting until the audit team leader has consulted his audit programme manager at Head Office C. Advise the Quality Manager that the auditor will be reported to Head Office D. State that the auditor will take no further part in the audit and all his photographs will be deleted E. Apologise for the situation and ensure the Quality Manager that all photographs will be deleted during the Closing meeting F. Advise the Quality Manager that he, as audit team leader, needs to speak to the auditorabout the situation and he will report back to the Quality Manager once this is done
Answer: A,D,F
Explanation: The audit team leader should deal with this situation in a professional and
ethical manner, while maintaining the integrity and credibility of the audit process and the
audit findings. The audit team leader should also try to resolve the conflict with the Quality
Manager in a constructive and respectful way, without compromising the audit objectives or
the audit team’s independence and impartiality. According to the ISO 9001 Lead Auditor
Reference Materials guides and documents, the possible actions that the audit team leader
might take are:
•A. Insist that the nonconformities must stand since they have been agreed by the team
from other evidence gathered. This action is consistent with the principle of evidence-based
approach, which states that the audit team should collect and verify information that is
appropriate, sufficient, and reliable to support the audit findings and conclusions. The audit
team leader should explain to the Quality Manager that the nonconformities are not based
solely on the photographs, but on other audit evidence that corroborates them. The audit
team leader should also remind the Quality Manager that the nonconformities are subject
to review and approval by the certification body, and that any attempt to influence or
interfere with the audit results would be considered a breach of the audit agreement and
the certification rules.
•D. State that the auditor will take no further part in the audit and all his photographs will be deleted. This action is consistent with the principle of confidentiality, which states that the
audit team should exercise discretion in the use and protection of information acquired
during the audit. The audit team leader should acknowledge that the auditor’s behavior was
inappropriate and unprofessional, and that he violated the audit rules and the auditee’s
rights. The audit team leader should apologize for the inconvenience and the discomfort
caused by the auditor, and assure the Quality Manager that the auditor will be removed
from the audit team and that his photographs will be erased from his phone and any other
device or media. The audit team leader should also inform the auditor of his misconduct
and the consequences, and report the incident to the audit program manager and the
certification body.
•F. Advise the Quality Manager that he, as audit team leader, needs to speak to the auditor
about the situation and he will report back to the Quality Manager once this is done. This
action is consistent with the principle of communication, which states that the audit team
should exchange information with the auditee in a timely, open, honest, and respectful
manner. The audit team leader should express his concern and his willingness to address
the issue with the auditor, and ask for the Quality Manager’s patience and cooperation. The
audit team leader should also explain that the audit process is not finished yet, and that the
Closing meeting is an opportunity to present and discuss the audit findings and
conclusions, and to seek feedback and clarification from the auditee. The audit team leader
should then speak to the auditor privately, and follow the steps described in action D.
The other options are not appropriate or effective ways to deal with this situation, because
they either:
•B. Delay the Closing meeting until the audit team leader has consulted his audit program
manager at Head Office. This action would disrupt the audit schedule and the audit plan,
and create unnecessary delays and costs for both the audit team and the auditee. It would
also show a lack of leadership and decision-making skills from the audit team leader, and
undermine his authority and credibility. The audit team leader should be able to handle the
situation on site, and consult his audit program manager only if the situation escalates or
becomes unmanageable.
•C. Advise the Quality Manager that the auditor will be reported to Head Office. This action
would escalate the conflict and create a hostile and defensive atmosphere between the
audit team and the auditee. It would also imply that the audit team leader is not capable or
willing to resolve the issue himself, and that he is threatening or punishing the auditee for
raising a legitimate concern. The audit team leader should try to defuse the tension and
restore the trust and the rapport with the Quality Manager, and report the auditor to Head
Office only after the audit is completed and the audit report is submitted.
•E. Apologise for the situation and ensure the Quality Manager that all photographs will be
deleted during the Closing meeting. This action would not address the root cause of the
problem, and would not prevent the auditor from taking more photographs or using them for
other purposes. It would also expose the audit team and the auditee to unnecessary risks and liabilities, and compromise the confidentiality and the security of the audit information.
The audit team leader should delete the photographs as soon as possible, and not wait
until the Closing meeting.
References: ISO 9001:2015, ISO 19011:2018, PECB Certified ISO 9001 Lead Auditor,
Common Audit Problems and How to Deal with Them, The Auditor’s Guide to Conflict
Resolution, Conflict Resolution in your Audit Career, How to Be a Good Auditor as a Team
Leader
Question # 35
An audit team leader arrives at a printing company to carry out a Stage 2 audit for a certification body. At a meeting with the Quality Manager, she is told that they have wontheir biggest contract from a computer manufacturer to print and compile computerdocumentation packages. The Quality Manager wants the ISO 9001 certificate to cover thenew contract.During the audit, a team member found that some print jobs had been rejected by severalclients over some months due to spelling errors in the print run. The Print Manager blamesthe new employees they had to take on because of a big contract.The auditor finds that the responsibility for checking spelling errors is placed on the printerthat sets up the print run.In line with the policy of the certification body, the audit team raise improvementopportunities in the audit report. Whichthree of the following options would represent acceptable opportunities for improvement inthe report?
A. Operational planning activities may benefit from a clearer risk-based approach. B. The organisation needs to delay its certification to gain more experience of the QMS. C. The responsibility for checking printing needs to be independent of the operators. D. A business consultant can be recommended for advice on improving operations. E. A plan to determine why the errors occur and to prevent them. F. An intensive training plan that involves all production personnel. G. The recruitment process to include spelling tests to filter out unsuitable candidates. H. More process time needs to be allocated to the new employees.
Answer: A,C,E
Explanation: According to the ISO 9001 Auditing Practices Group Guidance on
Improvement Opportunities1, an improvement opportunity is a suggestion made by the
auditor for the auditee to consider that, if implemented, may enhance the performance of
the QMS. Improvement opportunities are not mandatory, but they should be based on
objective evidence and aligned with the audit criteria and objectives. Improvement
opportunities should also be realistic, feasible, and beneficial for the auditee. In this case,
the evidence statements that represent acceptable improvement opportunities in the report
are A, C, and E, because they address the potential causes and effects of the spelling
errors in the print run, and propose possible actions that may improve the quality of the
products and services, and the effectiveness of the QMS. These options are consistent
with the requirements and principles of ISO 9001, such as clause 6.1 on actions to address
risks and opportunities, clause 8.1 on operational planning and control, clause 8.5.1 on
control of production and service provision, and clause 10.2 on nonconformity and
corrective action. The other options are not appropriate improvement opportunities, because they are either irrelevant, unrealistic, or unhelpful for the auditee. For example,
option B may contradict the audit objective and scope, option D may imply a lack of auditor
competence or impartiality, option F may not address the root cause of the problem, option
G may not be applicable or effective, and option H may not be feasible or justified.
References: ISO 9001 Auditing Practices Group Guidance on Improvement Opportunities,
ISO 9001:2015, ISO 9001 Auditing Practices Group Guidance on Audit Evidence
Question # 36
A Health Trust has contracted with Servitup, a catering services organisation which hasbeen certified to ISO 9001 for 1 year. It provides services to ten, small ruralhospitals in remote locations involving purchase and storage of dry goods and freshproduce, preparing meals and loading heated trolleys for ward service by hospitalstaff. An auditor is conducting the first sole surveillance audit at one site with the DeputyCatering Manager (DCM).At the closing meeting attended solely by the DCM, the auditor informs him that he hasfound numerous gaps in the QMS processes which lead him to considerrecommending suspension of the organisation's certification. He is particularly concernedwith the evidence that patient health is being adversely affected by producestored beyond its safe consumption date, poor kitchen hygiene and undercooked meals.The DCM says that he cannot make any decisions about these issues in theabsence of the Catering Manager due to illness but will write everything down and report tothe Catering Manager.Which two actions should you take in the context of the audit?
A. Close the meeting immediately after the DCM's response and advise that the issues will be addressed at the next surveillance visit. B. Call the individual(s) managing the audit programme to explain the situation and recommend immediate suspension of certification to protect the integrity of the Certification Body. C. Continue with the meeting, present the audit conclusions and inform the DCM that the organisation will receive the audit report in due course. D. Conclude the meeting early and advise that it will be rescheduled once the Catering Manager has returned to work. E. Recommend that all personnel should be given urgent in-depth training in the QMS. F. Thank the DCM for his time and express an expectation that improvements will be made in the QMS.
Answer: B,C
Explanation:
The actions that should be taken in the context of the audit are:
•Option B: Call the individual(s) managing the audit programme to explain the situation and
recommend immediate suspension of certification to protect the integrity of the Certification
Body. This option is correct because the auditor has found serious and significant gaps in
the QMS processes that affect the health and safety of the patients, which is a major
nonconformity that may warrant suspension of certification. The auditor should inform the
individual(s) managing the audit programme of the situation and the audit findings, and
recommend immediate suspension of certification to protect the integrity of the Certification
Body and the credibility of the certification scheme. The auditor should also follow the
Certification Body’s procedures and rules for suspension of certification and communicate
the decision and the consequences to the auditee.
•Option C: Continue with the meeting, present the audit conclusions and inform the DCM
that the organisation will receive the audit report in due course. This option is correct
because the auditor should not terminate or postpone the closing meeting due to the
absence of the Catering Manager, as the DCM is the auditee’s nominated representative
for the audit. The auditor should continue with the meeting, present the audit conclusions
and the audit findings, and inform the DCM that the organisation will receive the audit
report in due course. The auditor should also explain the audit outcome recommendation
and the suspension of certification, and request the DCM to acknowledge the receipt and
understanding of the audit results.
The following options are not correct:
•Option A: Close the meeting immediately after the DCM’s response and advise that the
issues will be addressed at the next surveillance visit. This option is not correct because
the auditor should not close the meeting without presenting the audit conclusions and the
audit findings, as this would violate the audit principles of fairness and transparency. The
auditor should also not advise that the issues will be addressed at the next surveillance
visit, as this would imply that the auditor is accepting the auditee’s delay and inaction, and
that the auditor is not taking the major nonconformity seriously. •Option D: Conclude the meeting early and advise that it will be rescheduled once the
Catering Manager has returned to work. This option is not correct because the auditor
should not conclude the meeting early or reschedule it due to the absence of the Catering
Manager, as this would disrupt the audit process and the audit schedule. The auditor
should also not wait for the Catering Manager to return to work, as this would delay the
communication and resolution of the major nonconformity, and potentially compromise the
health and safety of the patients.
•Option E: Recommend that all personnel should be given urgent in-depth training in the
QMS. This option is not correct because the auditor should not recommend or prescribe
specific corrective actions to the auditee, as this would violate the audit principles of
independence and objectivity. The auditor should only report the audit findings and the
audit outcome recommendation, and leave the responsibility and authority for determining
and implementing the corrective actions to the auditee.
•Option F: Thank the DCM for his time and express an expectation that improvements will
be made in the QMS. This option is not correct because the auditor should not thank the
DCM for his time and express an expectation that improvements will be made in the QMS,
as this would imply that the auditor is satisfied and optimistic with the auditee’s
performance and response, and that the auditor is not taking the major nonconformity
seriously. The auditor should instead express the concern and dissatisfaction with the
auditee’s QMS processes and the impact on the health and safety of the patients, and
communicate the suspension of certification and the need for urgent and effective
corrective actions.
References:
•ISO 19011:2018 Guidelines for auditing management systems, Clause 6.4.2: Conducting
audit activities, Subclause k) and l)
•ISO 9001 Lead Auditor Course Material, Module 5: Conducting an Audit, Slide 20: Closing
Meeting
•ISO 9001 Lead Auditor Training Course - IRCA Certified, Section 5.5: Closing Meeting
You will lead a third-party audit next Monday on ABC, an organisation that providesservices for cleaning windows from the outside of tall buildings. They work on demand, andusually have 4-5 orders per week. All documented information on these activities is kept atthe central office.On Friday evening, before the audit, you are informed by mail that customers cancelled allorders for the next week; therefore, the auditors will not have the chance to see themworking at the customer's premises, but the field supervisors will be available at the ABCoffices.You have prepared the audit plan and the checklist. Choose the best action you wouldtake:
A. Start the audit on Monday at ABC's as planned, interviewing the functions that regularly work at the central office, and plan visits to ABC customers wherever they may be working during the following week. B. Ask the Certification Body you work for how to proceed with the audit. C. Start the audit on Monday as planned, interviewing the functions that regularly work atthe central office, and visit another customer's premises they cleaned the week before. D. Complete the audit but ask the quality manager to clean some windows at the ABC'soffice, simulating the process they carry out at customers' premises.
Answer: B
Explanation: According to ISO 19011:2018, clause 6.3.3, the audit plan should be
reviewed and revised as necessary to address changes that occur during the audit
planning. The audit plan should be agreed upon, preferably in writing, by the audit team
leader, the audit client and the auditee1. Therefore, if there is a significant change in the
auditee’s situation, such as the cancellation of all orders for the next week, the audit plan
should be reviewed and revised accordingly, with the agreement of all parties involved.
According to ISO/IEC 17021-1:2015, clause 9.1.4, the certification body should have a
process to ensure that the audit team has the competence to achieve the audit objectives,
and that the audit methods are appropriate for the scope and complexity of the audit. The
certification body should also have a process to ensure that the audit is conducted under
reasonable conditions and within a reasonable time frame2. Therefore, if there is a risk that
the audit objectives cannot be achieved, or that the audit methods are not suitable, due to
the change in the auditee’s situation, the certification body should be consulted and
informed on how to proceed with the audit.
Therefore, the best action to take is B, ask the certification body you work for how to
proceed with the audit. This action will ensure that the audit plan is revised and agreed
upon by all parties, and that the audit team has the competence and the methods to
conduct the audit effectively and efficiently. The other options are not correct, as they may
compromise the quality and validity of the audit:
•A. Start the audit on Monday at ABC’s as planned, interviewing the functions that regularly
work at the central office, and plan visits to ABC customers wherever they may be working
during the following week: This action may not be feasible or acceptable, as it may extend
the audit duration and cost beyond the agreed terms, and it may not provide sufficient and
appropriate audit evidence to verify the conformity and effectiveness of the auditee’s
processes. Moreover, this action may not be agreed upon by the audit client and the
auditee, and it may not be approved by the certification body.
•C. Start the audit on Monday as planned, interviewing the functions that regularly work at
the central office, and visit another customer’s premises they cleaned the week before:
This action may not be relevant or reliable, as it may not reflect the current performance
and condition of the auditee’s processes. The audit evidence collected from the previous
customer may not be valid or representative of the audit criteria, and it may not address the
risks and opportunities associated with the auditee’s context and objectives. Moreover, this action may not be agreed upon by the audit client and the auditee, and it may not be
approved by the certification body.
•D. Complete the audit but ask the quality manager to clean some windows at the ABC’s
office, simulating the process they carry out at customers’ premises: This action may not be
objective or impartial, as it may introduce bias and influence in the audit process. The audit
evidence collected from the simulated process may not be accurate or authentic, and it
may not demonstrate the actual capability and effectiveness of the auditee’s processes.
Moreover, this action may not be ethical or professional, as it may compromise the integrity
and credibility of the audit and the certification.
References: ISO 19011:2018(en), Guidelines for auditing management systems, ISO/IEC
17021-1:2015(en), Conformity assessment — Requirements for bodies providing audit and
certification of management systems — Part 1: Requirements
Question # 38
Select which one of the following statements is true.
A. The team leader shall be an auditor that is qualified in the scheme. B. An audit team can include non-qualified auditors. C. A technical expert can replace a qualified auditor on an audit team. D. Audits leading to auditor qualification are undertaken annually.
Answer: A
Explanation: According to the ISO 19011:2018 standard, which provides guidelines for
auditing management systems, the team leader of an audit team should be an auditor who
has demonstrated the competence to manage an audit of the relevant management system
scheme. This means that the team leader should have the appropriate knowledge, skills,
and experience to plan, conduct, report, and follow-up an audit of the specific management
system, such as ISO 9001 for quality management systems. The other options are false
because: B. An audit team can include non-qualified auditors, but only as observers or
trainees who do not contribute to the audit findings or conclusions. C. A technical expert
can assist a qualified auditor on an audit team, but cannot replace them, as a technical
expert does not have the competence to perform audits. D. Audits leading to auditor
qualification are not undertaken annually, but rather as part of a certification process that
involves meeting certain criteria, such as education, work experience, audit experience,
and examination. References: ISO 19011:2018, PECB Certified ISO 9001 Lead Auditor
Exam Preparation Guide, ISO 9001:2015 Quality Management Systems Lead Auditor
Training Course
Question # 39
You work for an organisation, 'A', which provides packaged food to the public. You areasked to lead a team (you as the leader and two otherauditors) to audit a supplier, 'B', which provides packaging materials to your organisation. Itis 4 p.m. and the audit is close to an end; you are havingan internal meeting with the team to decide what will be presented to the auditee during theClosing meeting. The Closing meeting was scheduledfor 5 p.m.You, as audit team leader, audited top management, the laboratory, and the storage of rawmaterials.Auditor 1 audited the two manufacturing lines and dispatch areas.You to Auditor 1: "What findings would you report?"Auditor 1: "When reviewing the Dispatch records, I noticed that during the morning twodifferent trucks (Number 011 and 025) delivered the samebatch number of the product (Batch 33555). Truck 011 left the plant at 9.15 am and Truck025 left the plant at 11.30 am. Procedure P-02 Rev.3 saysthat trucks should carry a complete batch. The batch number, once on the truck, iscaptured using a QR device."You: "OK, what do you think?"Auditor 2: "I think that this is a nonconformity."You: "OK. How would you describe the evidence on which the nonconformity will bebased"?Identify which one of the following statements best describes the identified nonconformity.
A. Dispatch personnel are not fully aware of the need to conform to written procedures. B. Dispatch personnel do not always carry out its activities in conformance with Procedure P-02 rev 3. C. The batch 33555 was delivered split in two different trucks (011 and 025). D. A product delivered to the client was not identified as required in P-02 Rev 3.
Answer: C
Explanation: According to the definition in ISO 9000, a nonconformity is “non-fulfillment of
a requirement”. There are three parts to a well-documented nonconformity: the audit
evidence to support auditor findings; a record of the requirement against which the
nonconformity is detected; and the statement of nonconformity1. In this case, the audit
evidence is the dispatch records that show the same batch number of the product being
delivered by two different trucks at different times. The requirement is the procedure P-02
Rev.3 that says that trucks should carry a complete batch. The statement of nonconformity
is that the batch 33555 was delivered split in two different trucks (011 and 025), which does
not conform to the procedure. Therefore, option C best describes the identified
nonconformity, as it includes all three parts of a well-documented nonconformity. Option A
is not correct, as it does not state the audit evidence or the requirement. Option B is not
correct, as it does not specify the audit evidence or the statement of nonconformity. Option
D is not correct, as it does not match the audit evidence or the requirement. References: 1:
ISO 9001 Auditing Practices Group Guidance on Nonconformity - Documenting.
Leave a comment
Your email address will not be published. Required fields are marked *