3rd Party Audit - How Many Nonconformities is a Good Result?
Regards,
Simon
Yes and No.Were you happy with 17 MOM?
Happy - third party auditors identified some areas of weakness in our systems for us to address.
However there are findings not-adding values, e.g. tire bath etc.
Unhappy - we spent thousands of pesos for some non-value added services.
And they should say “consider this…” instead of saying “you should do this…” --- after all it’s our company.
Everybody will have a different opinion and that is why it is good to have a standard set such as by BRC and SQF alike.
If a company is satisfied with the audit results (number of minors) depends on more then one thing:
- standard; (5 minors for BRC is good; 5 minors for ISO 22000 will probably not lead to certification)
- history of the organisation (e.g. previous audit. If the previous audit gained 7 minors, 10 minors do not feel good and 5 do)
- attitude of the organisation (do they only want a certificate because the customer ask it, or do they really want to improve their processes)
- agreement/understanding to the non-conformity (every non-conformity you do not agree is one to many and will not be satisfying)
- relevance of the clauses the non-conformity is written to (e.g. some requirements ask for details to be written in documented procedures, if one of these details is not written in the procedure and a non conformity is raised, this feels as a not relevant non-conformity)
In general, i see, that organisations are satisfied if the result is the same or better then the previous audit.
As for a total number we would like to keep it to less than 5 on any one audit.
We have had Grade A BRC for several years and we would consider it a failure to have more than 10 minors and end up with Grade B; in fact we wouldn't be happy if we had any more than 7
On the other hand, if we got through the TFMS audit with 14 minors (max allowed to obtain a Green score), we would be estatic, we got amber due to over 20 minors this year and very disappointed.
TFMS is so far ahead of BRC now and the standard is so much higher. With the new BRC revision due to come out soon, this will possibly change
You can argue all you like, but I have a clipboard and a torch and a standard for a shield.
I've come to the conclusion zero nonconformities is impossible - do you agree?
We were given a 3rd party audit report from a suppiler once that was a perfect score. I think it raised as many red flags as someone who just barely passed.
I cannot imagine an auditor worth the salary they are paid that could not find something and often find that they feel obligated to find things which means zero findings and perfects scores are unlikely.
That's the point TS, nobody trusts it because it cannot be true and therefore the auditor and auditee lose credibility. With an audit such as BRC or any GFSI standard with so many requirements; even a fantastic site will have many issues (admittedly usually small ones).We were given a 3rd party audit report from a suppiler once that was a perfect score. I think it raised as many red flags as someone who just barely passed.
Regards,
Simon
It happens to me twice:
The first company was a very small organisation, which hired an external consultant for Quality Management. The consultant fixed everything in the 2-3 weeks before the audit. I felt that there was no committment by the director/owner, but the consultant did a good job and all the requirements were fullfilled in the right way. Eventhough I normally do not search for NCs, I did with this audit. it did not feel right that this company had no NCs, but there was nothing that did not exactly comply with the standard.
The second company was a large company, with a very good quality management system, a simple process, a low risk product and a very strong QA-manager. In the third year that I visited this organisation (which is already certified for many, many, many years) I concluded that they have picked up all the NCs from previous audits and that there were just no NCs left. It was a learning company, which handles NCs the way they should be and implemented structural solutions.
Of course I trust you Madam A. D-tor, so I do a u-turn and say it is possible.Unfortunately, I need to confess that no non-conformities on GFSI agreed schemes are possible.
It happens to me twice:
The first company was a very small organisation, which hired an external consultant for Quality Management. The consultant fixed everything in the 2-3 weeks before the audit. I felt that there was no committment by the director/owner, but the consultant did a good job and all the requirements were fullfilled in the right way. Eventhough I normally do not search for NCs, I did with this audit. it did not feel right that this company had no NCs, but there was nothing that did not exactly comply with the standard.
The second company was a large company, with a very good quality management system, a simple process, a low risk product and a very strong QA-manager. In the third year that I visited this organisation (which is already certified for many, many, many years) I concluded that they have picked up all the NCs from previous audits and that there were just no NCs left. It was a learning company, which handles NCs the way they should be and implemented structural solutions.
After all nothing is impossible.
Well done rsandrin. It's good news, the only slight downer is that you have set a very high bar and standard to maintain.History and expectations, I agree totally. In 2010 we have 10 minor NCs in out 3rd party audit for the ISO 22000 and this year we're very proud to have just 2 minor NCs, I think all the board of directors is very happy because that shows the continuous improvement of our system and the security level of our products.
Regards,
Simon