Free Access to PECB.ISO-9001-Lead-Auditor.v2025-09-24.q107 with Valid Practice Test (Page 22)

Question 101

What are the criteria for reviewing documented information?

A.Content, format, and the procedure for managing documented information
B.Language of documented information, internal audit reports, client feedback
C.Archive, volume, and confidentiality of documented information

Question 102

In the context of a management system audit, identify the sequence of a typical process for collecting and verifying information. The first one has been done for you.
To complete the sequence click on the blank section you want to complete so it is highlighted in red and then click on the applicable text from the options below. Alternatively, drag and drop the options to the appropriate blank section.

Correct Answer:

Explanation:
Identifying the source of information
Sampling available data
Gathering audit evidence
Verifying objective evidence
Evaluating evidence against the audit criteria
Making audit conclusions
Evaluating against the audit criteria
According to ISO 19011:2018, clause 6.4, the process of collecting and verifying information during an audit involves the following steps1:
Identifying the source of information: The audit team should identify the sources of information that are relevant to the audit objectives, scope and criteria. These sources may include documents, records, personnel, processes, activities, facilities, equipment, etc. The audit team should also determine the methods and tools for accessing and collecting the information, such as interviews, observations, document review, sampling, etc.
Sampling available data: The audit team should select a representative sample of the available data to verify the conformity and effectiveness of the management system. The sample size and selection method should be based on the audit objectives, scope and criteria, as well as the level of confidence and risk. The audit team should also consider the validity, reliability, relevance and sufficiency of the data.
Gathering audit evidence: The audit team should use the methods and tools identified in the previous step to collect audit evidence, which is the records, statements of fact or other information that are relevant to the audit criteria and verifiable. The audit team should record the audit evidence in a clear, concise and objective manner, using notes, checklists, photographs, audio or video recordings, etc.
Verifying objective evidence: The audit team should verify the accuracy, completeness and authenticity of the audit evidence collected. This may involve cross-checking different sources of information, confirming the identity and authority of the persons providing the information, examining the original documents or records, etc. The audit team should also identify any discrepancies, inconsistencies or gaps in the audit evidence.
Evaluating evidence against the audit criteria: The audit team should compare the audit evidence with the audit criteria to determine the extent of conformity and nonconformity. The audit team should also identify any opportunities for improvement, best practices, positive aspects or potential risks. The audit team should use professional judgement and apply the principles of auditing when evaluating the audit evidence.
Making audit conclusions: The audit team should consolidate the audit findings and evaluate the overall performance and effectiveness of the management system. The audit team should also consider the audit objectives, scope and criteria, as well as the context and expectations of the auditee and other interested parties. The audit team should provide a clear, concise and objective statement of the audit conclusions, which may include the degree of conformity, the achievement of the intended outcomes, the need for corrective actions, the suitability for certification, etc.
Evaluating against the audit criteria: The audit team should review the audit conclusions and ensure that they are consistent with the audit criteria and supported by sufficient and appropriate audit evidence. The audit team should also ensure that the audit conclusions are communicated to the auditee and other relevant parties in a timely and effective manner, using the agreed audit report format and distribution method.
References: ISO 19011:2018(en), Guidelines for auditing management systems

Question 103

You are carrying out an audit at a single-site organisation seeking certification to ISO 9001 for the first time.
The
organisation manufactures cosmetics for major retailers and the name of the retailer supplied appears on the product packaging. Sales turnover has increased significantly over the past five years. The organisation uses a software programme called SWIFT, which is used to record sales, plan production, purchase supplies, print despatch notes, track new product development, perform traceability exercises, carry out mass balance checks, raise invoices, create budgets, and support financial control.
You are nearing the end of the audit and you are reviewing your audit notes. You notice a recurring trend concerning the SWIFT database as shown below:

You ask the Quality Manager to explain how the SWIFT database is controlled. You learn that the Operations Director is responsible for determining and progressing SWIFT software updates. You decide to meet the Operations Director (OD).
You: "Good afternoon."
OD: "Good afternoon."
You: "What responsibility do you have concerning the SWIFT database?"
OD: "I maintain it. If anyone wishes to propose an update to the database, they send me an email with details of their proposal. I then either process the database update myself, or I send the request to the consultant who designed the database 20 years ago. The necessary software changes are made, and the amended software is immediately released to users." You: "Would you explain how the software amendments are controlled?" OD: "Of course. I personally update every computer myself." You: "Do you inform the database users of the changes?" OD: "No I don't. They find out for themselves by using the software, or they come to see me if they have any questions." You: "How do you ensure that the database users use the latest version?" OD: "That's easy, I update every computer myself." You: "During the audit, I noted there were several versions of SWIFT in use (you refer to your audit notes)." OD: "I know. That's because some versions work better than others, and depending on user needs and experiences, we allow users to revert to using an earlier version if they find it works better for them." Based on the scenario, which two of the following statements are true? There is evidence of nonconformity with a requirement defined in ...

A.clause 7.1.3 Infrastructure
B.... clause 7.1.4 Environment for the operation of processes
C.clause 7.5.1 Documented information - General
D.... clause 7.5.2 Documented information - Creating and updating
E.... clause 7.5.3 Control of documented information

Question 104

Scenario 7: POLKA is a car manufacturing company based in Stockholm, Sweden. The company has around 14,000 employees working in different sectors which help with the design, painting, assembling, and test drives of the final product. The company is widely known for its qualitative products and affordable prices. In order to retain their reputation, POLKA implemented a quality management system (QMS) based on ISO 9001.
Before applying for certification, the company decided to conduct an internal audit to check whether there are any nonconformities in their QMS and if the requirements of ISO 9001 are being fulfilled.
The top management appointed Sean, the internal auditor, as the team leader of the internal audit team. Sean required from the top management to have unrestricted access to the employees and executives of POLKA and to the documented information. Furthermore, Sean required to establish a team with a large number of auditors, considering the size and the complexity of the organization. The top management of POLKA agreed with Sean's requirements.
The top management, in cooperation with Sean, assigned 10 more employees to the audit team.
Following that. Sean planned the audit activities and assigned the roles and responsibilities to each auditor. They began by interviewing employees of different manufacturing departments to check whether they are aware of the process of the QMS implementation. While conducting these activities, one of the auditors asked Sean for permission to audit the department in which he worked on a daily basis, as he was very familiar with the processes of the department.
Along the way, the teams findings showed that the staff were trained, documented information was updated, and the QMS fulfilled the requirements of ISO 9001. The internal audit took three weeks to complete, and on the last week the audit team held a final meeting The team shared their results and together drafted the audit report This report was submitted to the top management of the company. The report was maintained as documented information, and was available to the relevant interested parties.
Based on the scenario above, answer the following question:
According to Scenario 7, one of the auditors requested permission from Sean to audit the department in which he worked on a daily basis. Should Sean grant the auditor permission?

A.No, internal auditors should be independent of the processes being audited
B.Yes, Sean should grant the auditor permission
C.Yes, but Sean himself must be present in every audit activity

Question 105

XYZ Corporation is an organisation that employs 100 people. As audit team leader, you are conducting a certification audit at Stage 1. When reviewing the quality management system (QMS) documentation, you find that quality objectives have been set for every employee in the organisation except top management.
The Quality Manager complains that this has created a lot of resistance to the QMS, and the Chief Executive is asking questions about how much it will cost. He asks for your opinion on whether this is the correct method of setting objectives.
Three months after Stage 1, you return to XYZ Corporation to conduct a Stage 2 certification audit as Audit Team Leader with one other auditor. You find that the Quality Manager has cancelled the previous quality objectives for all employees and replaced them with a single objective for himself. This states that "The Quality Manager will drive multiple improvements in the QMS in the next year". The Quality Manager indicates that this gives him the authority to issue instructions to department managers when quality improvement is needed. He says that this approach has the full backing of senior management. He shows you the latest Quality Improvement Request that was included in the last management review.

After further auditing, the issues below were found. Select two statements that apply to the term
`nonconformity'.

A.No quality objectives planned for the top management team
B.Decisions on improvement action timescales not involving departmental managers.
C.Evaluation of the results of the improvement action not always documented by the Quality Manager.
D.Limited knowledge of the content of Quality Improvement Requests by departmental staff.
E.Quality improvements not aligning with the quality policy.
F.Top management claim not to be aware of the improvement request (QI/12/20/HR-3) initiated by the Quality Manager.

Correct Answer: A,E

According to the ISO 9001:2015 standard, clause 10.2.1 defines nonconformity as the non-fulfilment of a requirement. A requirement can be related to the quality management system, the products and services, the customer expectations, or the applicable statutory and regulatory requirements. Nonconformities can be detected through various sources, such as audits, inspections, tests, customer complaints, or internal reviews.
Nonconformities must be addressed by taking appropriate actions to correct them and prevent their recurrence.
In this scenario, the auditee has shown several issues that indicate nonconformities in their quality management system. Two statements that apply to the term nonconformity are:
A: No quality objectives planned for the top management team: According to ISO 9001, clause 6.2.1, the organization must establish quality objectives at relevant functions, levels, and processes. The quality objectives must be consistent with the quality policy and the strategic direction of the organization. The top management team is responsible for providing leadership and direction for the quality management system and ensuring its alignment with the organization's purpose and context. Therefore, the absence of quality objectives for the top management team is a nonconformity as it violates the requirement of clause 6.2.1.
E: Quality improvements not aligning with the quality policy: According to ISO 9001, clause 5.2.1, the quality policy is a statement of the organization's intentions and direction regarding quality, as formally expressed by top management. The quality policy must provide a framework for setting quality objectives and be compatible with the context and strategic direction of the organization. The quality policy must also be communicated, understood, and applied within the organization. Therefore, if the quality improvements are not aligned with the quality policy, it is a nonconformity as it violates the requirement of clause 5.2.1.

Question 101

Question 102

Question 103

Question 104

Question 105

Download PDF File