Free Access to PECB.ISO-9001-Lead-Auditor.v2024-07-19.q20 with Valid Practice Test (Page 3)

Question 6

The following list gives examples of records that may be evidence of how an organisation has fulfilled the requirements of clause 8.4 of ISO 9001. Match the records to the appropriate requirement of clause 8.4.

Correct Answer:

Explanation:

The following table shows the possible matching of the records to the requirements of clause 8.4:
Table
Requirements
Records
Define product requirements
Product specification
Criteria for selection
List of requirements to be met by the external provider
Evaluation of potential external provider
External provider questionnaire
External provider selection
Approved external provider list
Communicate requirements
Purchase order
Monitoring of performance
External provider delivery times and quality issues
Comprehensive and Detailed Explanation: = According to clause 8.4 of ISO 9001:2015, the organization should ensure that externally provided processes, products, and services conform to the specified requirements. To do so, the organization should:
Define the product requirements that are relevant for the external provision, such as specifications, drawings, standards, codes, etc. These should be documented and communicated to the external provider. A record of the product specification can be used as evidence of this requirement.
Establish the criteria for the selection, evaluation, and re-evaluation of external providers, based on their ability to provide processes, products, and services in accordance with the requirements. The criteria should be documented and applied consistently. A record of the list of requirements to be met by the external provider can be used as evidence of this requirement.
Evaluate the potential external providers before selecting them, using the established criteria. The evaluation methods may include questionnaires, audits, references, samples, etc. The results of the evaluation should be documented and reviewed. A record of the external provider questionnaire can be used as evidence of this requirement.
Select the external providers that have demonstrated their competence and conformity to the requirements. The selection should be based on the evaluation results and the organization's needs. The selection should be documented and approved. A record of the approved external provider list can be used as evidence of this requirement.
Communicate the requirements for the processes, products, and services to be provided by the external provider, including the verification and validation activities, the acceptance criteria, the documentation requirements, the changes control, etc. The communication methods may include purchase orders, contracts, agreements, etc. The communication should be clear, complete, and timely. A record of the purchase order can be used as evidence of this requirement.
Monitor the performance and conformity of the external provider, using the established criteria and methods. The monitoring methods may include inspections, tests, audits, feedback, complaints, etc. The monitoring results should be documented and analyzed. A record of the external provider delivery times and quality issues can be used as evidence of this requirement.
References: ISO 9001:2015, [ISO 9001 Auditing Practices Group Guidance on Scope], Mastering the Scope of ISO 9001 Quality Management Systems

Question 7

You will lead a third-party audit next Monday on ABC, an organisation that provides services for cleaning windows from the outside of tall buildings. They work on demand, and usually have 4-5 orders per week. All documented information on these activities is kept at the central office.
On Friday evening, before the audit, you are informed by mail that customers cancelled all orders for the next week; therefore, the auditors will not have the chance to see them working at the customer's premises, but the field supervisors will be available at the ABC offices.
You have prepared the audit plan and the checklist. Choose the best action you would take:

A.Start the audit on Monday at ABC's as planned, interviewing the functions that regularly work at the central office, and plan visits to ABC customers wherever they may be working during the following week.
B.Ask the Certification Body you work for how to proceed with the audit.
C.Start the audit on Monday as planned, interviewing the functions that regularly work at the central office, and visit another customer's premises they cleaned the week before.
D.Complete the audit but ask the quality manager to clean some windows at the ABC's office, simulating the process they carry out at customers' premises.

Correct Answer: B

According to ISO 19011:2018, clause 6.3.3, the audit plan should be reviewed and revised as necessary to address changes that occur during the audit planning. The audit plan should be agreed upon, preferably in writing, by the audit team leader, the audit client and the auditee1. Therefore, if there is a significant change in the auditee's situation, such as the cancellation of all orders for the next week, the audit plan should be reviewed and revised accordingly, with the agreement of all parties involved.
According to ISO/IEC 17021-1:2015, clause 9.1.4, the certification body should have a process to ensure that the audit team has the competence to achieve the audit objectives, and that the audit methods are appropriate for the scope and complexity of the audit. The certification body should also have a process to ensure that the audit is conducted under reasonable conditions and within a reasonable time frame2. Therefore, if there is a risk that the audit objectives cannot be achieved, or that the audit methods are not suitable, due to the change in the auditee's situation, the certification body should be consulted and informed on how to proceed with the audit.
Therefore, the best action to take is B, ask the certification body you work for how to proceed with the audit.
This action will ensure that the audit plan is revised and agreed upon by all parties, and that the audit team has the competence and the methods to conduct the audit effectively and efficiently. The other options are not correct, as they may compromise the quality and validity of the audit:
*A. Start the audit on Monday at ABC's as planned, interviewing the functions that regularly work at the central office, and plan visits to ABC customers wherever they may be working during the following week:
This action may not be feasible or acceptable, as it may extend the audit duration and cost beyond the agreed terms, and it may not provide sufficient and appropriate audit evidence to verify the conformity and effectiveness of the auditee's processes. Moreover, this action may not be agreed upon by the audit client and the auditee, and it may not be approved by the certification body.
*C. Start the audit on Monday as planned, interviewing the functions that regularly work at the central office, and visit another customer's premises they cleaned the week before: This action may not be relevant or reliable, as it may not reflect the current performance and condition of the auditee's processes. The audit evidence collected from the previous customer may not be valid or representative of the audit criteria, and it may not address the risks and opportunities associated with the auditee's context and objectives. Moreover, this action may not be agreed upon by the audit client and the auditee, and it may not be approved by the certification body.
*D. Complete the audit but ask the quality manager to clean some windows at the ABC's office, simulating the process they carry out at customers' premises: This action may not be objective or impartial, as it may introduce bias and influence in the audit process. The audit evidence collected from the simulated process may not be accurate or authentic, and it may not demonstrate the actual capability and effectiveness of the auditee's processes. Moreover, this action may not be ethical or professional, as it may compromise the integrity and credibility of the audit and the certification.
References: ISO 19011:2018(en), Guidelines for auditing management systems, ISO/IEC 17021-1:2015(en), Conformity assessment - Requirements for bodies providing audit and certification of management systems
- Part 1: Requirements

Question 8

Which two of the following are the key expected results of a quality management system that conforms to the requirements of ISO 9001:2015?

A.Decreased number of nonconforming products in all stages of the manufacturing cycle
B.Decreased number of management system nonconformities
C.Consistently provide products that meet customers' requirements
D.Increased profits
E.Decreased number of warranty claims
F.Enhanced customer satisfaction

Question 9

You are an auditor from a construction organisation who is conducting a second party audit to ISO 9001 at a steel rolling mill producing structural steelwork. When auditing the rolling process, you find that the operator who is unloading the furnace does not use the adjacent infrared pyrometer to measure the appropriate product temperature in readiness for the next production stage.
You: "How do you tell when the billet is ready for the rolling stage?"
Operator: "I've done this job for 20 years. I can tell by the bright red colour." You: "What happens if the colour is wrong?" Operator: "The billet goes back into the furnace." You: "Is the pyrometer ever used?" Operator: "Only in borderline cases." You continue to interview the operator and find that around 25% of the billets are sent back to the furnace.
This includes 80% of the borderline cases.
Select three options that would provide evidence of conformance with clause 9.1.1 of ISO 9001.

A.Periodic analysis of the results of temperature checks.
B.Certification of conformance to national standards from the manufacture of the pyrometer.
C.An increase in the use of the pyrometer by operators.
D.Maintenance plan for the furnace.
E.A procedure that provides instruction in taking billet temperature.
F.Planning for monitoring and measuring the billet temperature.
G.A quality objective to achieve lower recycle rates for billets.
H.Annual review records for furnace operators.

Question 10

During a third-party audit of a pharmaceutical organisation (CD9000) site of seven COVID-19 testing laboratories in various terminals at a major international airport, you interview the CD 9000's General Manager (GM), who was accompanied by Jack, the legal compliance expert. Jack is acting as the guide in the absence of the Technical Manager due to him contracting COVID-19.
You: "What external and internal issues have been identified that could affect CD9000 and its quality management system?" GM: "Jack guided us on this. We identified issues like probable competition of another laboratory organisation in the airport, legal requirements on COVID-19 continuously changing, the shortage of competent laboratory analysists, the epidemic declining soon, shortage of chemicals for the analysis. It was quite a good experience." You: "Did you document these issues?" GM: "No. Jack said that ISO 9001 does not require us to document these issues." You: "How did you determine the risks associated with the issues and did you plan actions to address them?" GM: "I am not sure. The Technical Manager is responsible for this process. Jack may be able to answer this question in his absence." Select two options for how you would respond to the General Manager's suggestion:

A.I would not accept the legal compliance expert answering the question.
B.I would ask to audit the Technical Manager by phone.
C.I would delay the audit until the return of the technical manager
D.I would look for evidence that the actions resulting from the risk assessment had been taken.
E.I would ask for a different guide instead of the legal compliance expert.
F.I would ask the consultant to leave the meeting since he is not an employee of the organisation.

Correct Answer: A,D

According to clause 4.1 of ISO 9001:2015, the organization should determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended results of its quality management system. The organization should monitor and review these issues and update them as necessary. Although the standard does not explicitly require documented information of these issues, it does require documented information as evidence of the implementation of the actions taken to address risks and opportunities, as per clause 6.1. The organization should also retain documented information as evidence of the results of the monitoring, measurement, analysis and evaluation of its QMS, as per clause 9.1. Therefore, the auditor should not accept the legal compliance expert answering the question, as he is not the person responsible for the process and may not have the necessary competence or knowledge of the QMS. The auditor should also look for evidence that the actions resulting from the risk assessment had been taken, as this is a requirement of the standard and a way to verify the effectiveness of the QMS. The other options are not appropriate courses of action for the auditor, because they do not address the audit objective or criteria, or they may compromise the audit integrity or impartiality. For example, option B may not be feasible or reliable, as the Technical Manager may not be available or able to provide the necessary evidence by phone. Option C may cause unnecessary delay and inconvenience for the audit process and the auditee. Option E may not solve the problem, as the guide is not the main source of evidence or information for the audit. Option F may be disrespectful or unprofessional, as the consultant may have a legitimate role or interest in the audit.
References: ISO 9001:2015, ISO 9001 Auditing Practices Group Guidance on Context of the Organization, ISO 9001 Auditing Practices Group Guidance on Audit Evidence

Question 6

Question 7

Question 8

Question 9

Question 10

Download PDF File