LIST OF SAMPLE QUESTIONS YOU MAY FACE DURING THE AUDIT FOR THE

NEW ISO9001;2008 WITH RESPECT TO CHANGES DONE IN THE NEW STANDARD

No Clause Change done Sample Questions which auditor may
No/Title ask
1 0.1 General The design and Can management explain whether the
implementation of the QMS is QMS is reviewed as suitable to the new
influenced by organizational environment. Like your new
environment, change in that location/new technology/ key raw
and the risks associated with material suppliers changed . Is it a point
that environment. in agenda in Management Review
meeting?
2 0.1 General Statutory requirements and Have you compiled the statutory
regulatory requirements requirements and regulatory requirements
mentioned together. for your product?.
3 0.2 Process Organisation needs to Have you Determined the processes by
Approach determine the processes (not considering the customer needs and
just identify). expectations?
The processes have been Are the processes truly organization wide
recognised as producing and cross functional?
outcomes (not just outputs) Have you determined the outcomes for
the processes?
4 1.1 Scope- Note The product includes any What are intended outputs form product
General. intended output from product realization process (other than the
realisation process product or service delivered to
customer)?
5 4.1 General Note has been added to define .Have you outsourced some of the
Requiremen the Outsourced processes: processes?
ts An outsourced process is a How did you identify them for
process that the organisation outsourcing?
needs in its QMS and which What are the criteria for
the organisation chooses to inclusion/exclusion of an outsourced
have performed by an external process within QMS?
agency
6 4.1 Quality The type and extent of control Please show the process
managemen on outsourced processes shall flowchart/Functional Deployment
t system be defined within the QMS. Process map to explain the controls
General Ensuring control over which are installed?
Requiremen outsourced process does not How, as a customer to that outsourcee, do
ts absolve the organization of its you ensure that the outsourcee follows
responsibility of conformity to the legal requirements?
all customer, statutory and Have you assessed the potential impact
regulatory requirements. The of the outsourced process on the product?
type and extent of control to How does the control for an outsourced
be applied to outsourced process differ from a control for a
process can be influenced by procured product?
factors such as a) Potential Please show the records of measures for
impact of outsourced process the outsourced processes?
on the organization and its Linked question to 8.4
capability to provide a product Did you consider in the analysis for
that conforms to requirements. improvement if so what were the
b) the degree to which the improvements done?
control for process is shared c)
LIST OF SAMPLE QUESTIONS YOU MAY FACE DURING THE AUDIT FOR THE
NEW ISO9001;2008 WITH RESPECT TO CHANGES DONE IN THE NEW STANDARD
the capability of achieving the
necessary control through 7.4

7 4.1 Quality The process covered under Please show us a process chart for
managemen QMS include the processes for analysis and improvement.
t system management activities like Linked question to 8.4
General planning , provision of Do you follow the process for analysis?
requirement resources, product realization Linked question to 8.5.2/8.5.3
s and measurement analysis Do you follow the process for
and improvement. improvement?
8 4.2.3 Editorial clarification: .This does not generate a separate audit
Document A single document may question
control address a requirement for 2
procedures or a requirement
for a procedure can be met
with by two documents
9 4.2.4 Records shall be controlled Give the list of records along with the
Control of agency which makes it, copies distributed
Records and show that the same records are used
at all places.
How do you prevent unauthorized use of
records ?
10 6.2.1 Note has been added as Auditor can ask in a section/Department:
Human follows: Conformity to Who are the people who directly affect
Resource product requirements can be the achievement of requirements for the
affected directly or indirectly product/service?
by personnel performing any How do you identify who indirectly
task within QMS. affect the product?
Are the employees/temporaries/ contract
workers/outsourcees?
Linked to 6.2.2
What are their competency needs and
training provided to them?
11 6.2.2 The training should be Have you measured the effectiveness in
Competenc provided to achieve the terms of earlier competences and
e Training necessary competence improved level of competences after the
and (earlier requirement was to training?
awareness satisfy competence needs) If so, what is the data?
12 6.3 Information system has been How do you plan for IT support to you
infrastructu added in supporting services. office/plant?
re What are the IT needs of the operating
people?
How did you plan to provide the IT
facilities hardware and software?
How do you maintain the hardware?
What are the complaints from employees
on reliability or availability?
How do you measure the service levels of
IT support in case it is outsourced/
LIST OF SAMPLE QUESTIONS YOU MAY FACE DURING THE AUDIT FOR THE
NEW ISO9001;2008 WITH RESPECT TO CHANGES DONE IN THE NEW STANDARD
13 6.4 Work It has been elaborated as Show me the data of locations where the
Environme follows: Work environment work environment factors are critical and
nt relates to those conditions show us the data how you are monitoring
under which work is the factors.
performed including physical Are the permissible levels for factors
environmental and other documented?
factors (such as noise, How do they compare with legal limits?
temperature, humidity, lighting Do you have incidents/periods when the
and weather) factors have crossed the permissible
limits?
If so , what actions have been initiated to
avoid recurrence?
14 7.2.1 Post delivery activities While the order was accepted/product
Requiremen include, for example, actions brief was made/project initiated , did you
ts related to under warranty provisions, conduct a review to identify all post
product contractual obligations such as delivery commitments ?
maintenance services and What are the legal requirements for the
supplementary services such product or service?
as recycling or final disposal. Please show the acceptance from
customer that the above are acceptable.
15 7.3.1 Note : Design and Please show in which stages you
Design and development review, conducted reviews and which stages
Developme verification and validation verification?
nt Planning have distinct purposes. They Are there records for each?
can be conducted and recorded If records are combined, what is the
separately or in any reason for it?
combination as suitable for the What are the records for validation?
product and the organization. Have they been done with a view to
improve the product and if so do you
have customer feedback that the
improvements are visible?
16 7.3.3. Note: Information for Can you show that the communication of
Design and production and service product requirements through a
Developme provision can include details drawing/specification contains the details
nt outputs of preservation of product. of packing and dispatch ?
17 7.5.2 The organization shall validate Have you got data on deficiencies
Validation ANY process for production discovered in the customer premises? If
of processes and service provision where so have you identified the relevant
the resulting output cannot be processes which are the causes for these
verified by subsequent defects?
monitoring and measurement Show me the validation procedure and
AND AS A CONSEQUENCE the records of validation for the
DEFICIENCIES BECOME processes.
APPARENT only after the What is the frequency of revalidation?
product or service has been If revalidation fails, do you have a
delivered. contingency plan to continue production?
If not, do you inform the customer?

18 7.5.4 Customer property includes In case you get customer personal data,
Customer personal data. what care you take in handling the
LIST OF SAMPLE QUESTIONS YOU MAY FACE DURING THE AUDIT FOR THE
NEW ISO9001;2008 WITH RESPECT TO CHANGES DONE IN THE NEW STANDARD
property
19 7.5.5 The sentence on preservation
preservatio says now in order to
n of product maintain the conformity to
requirements.
20 7.6 Control Note : Confirmation of the
of ability of the computer
monitoring software to satisfy the
and intended application would
measuring typically include its
equipment verification and
configuration management
to maintain its suitability for
use.
21 8.2.1 Monitoring customer
Customer perception can include
perception obtaining input from sources
such as customer satisfaction
surveys, customer data on
delivered product quality, user
opinion surveys, lost business
analysis ,compliments,
warranty claims dealer
reports.etc
22 8.2.2 Reference to ISO 19011 given.
Internal
audit
23 8.2.2 Management will ensure
Internal CORRECTIONS and
Audit CORRECTIVE ACTIONS
. closes the corrective actions?
24 8.2.3 When determining methods
Monitoring for monitoring of processes, it
and is advisable that the
measureme organization consider the type
nt of and extent of monitoring and
processes measurement appropriate to
each of its processes in
relation to their impact on the
conformity to product
requirements and on the
effectiveness of QMS.
information confidentially and with
empathy?
If the information is leaked by mistake
what correction and corrective action you
take on such an incident?
How do you atone the mistake?
How do you validate the preservation
process so that the organization can be
sure about the product conformity to
requirements at customer premises?
Is software used to test or verify any
characteristic of product?
If so, show us the configuration
management from the date of inception .
Show us how you verify the software
periodically.
Show us the data as follows
1. warranty claims
2. Field failures
3. Sales returns
4. Customer visits
5. Joint visits to end customer
6. Dealer feedback
7. News paper reports
8. Consumer cases
9. Product liability cases
Are your internal auditors qualified as
per the new standard for auditing?
Have they conducted atleast one round of
audit ?
For every NC can you show us the a)
corrections b) corrective actions
Who closes the corrections and who
What is the follow up done on closures?
What are the critical processes which add
value to the product?
How do you determine the type of
measures and frequency of
measurement/monitoring for these
processes?
What are the outcomes related to these
processes?
Do you have data to show that the
outcomes are improving?
If not, do you intend to change the
measures/frequency/both?
LIST OF SAMPLE QUESTIONS YOU MAY FACE DURING THE AUDIT FOR THE
NEW ISO9001;2008 WITH RESPECT TO CHANGES DONE IN THE NEW STANDARD
25 8.3 Control A para d is added to the list of.Show us the procedure of dealing with
of non ways to deal with the non the NC products.
conforming conforming product : Show us how you evaluate the effects of
product d) by taking action appropriate the non conformity on customer.
to the effects or potential Show us how you evaluate the potential
effects of the non conformity effects of such a non conformity on
when non conforming product customer.
is detected after delivery or Have you taken the decision depending
use has started on the criticality of these effects?
If you were unable to take the appropriate
actions, (for want of time or technology)
have you informed the customer?
26 8.4 analysis Reference to the sections are Show us the analysis is done with
of data added against the para a to d. respect to the outcomes related to a)
to give linkages within the customer from data received from the
standard. field b) product conformance from final
1. cust sat against 8.2.1 inspection c) process monitoring and
2.conformity to product product monitoring from inspection as
requirements 8.2.4 wells as process measures d) supplier
3. processes and products 8.2.3 performance from supplier monitoring e)
and 8.2.4 outsourced processes data
4 suppliers 7.4
27 8.5.2 and Reviews have been Show us the reviews conducted to
8.5.3 specifically mentioned as evaluate the effectiveness of corrective
Corrective reviews of effectiveness of and preventive actions taken in the past.
action and corrective/preventive actions Which are the actions found to be not
Preventive as the case may be. effective and what was done in such
action cases?