ISO 9001:2015 Surveillance Audit and a minor Supplier Management finding

I’ve never been completely comfortable with Supplier Management. Not how we do it, but how we evidence it at audit. We got through Stage 1 and Stage 2 fine, but a recent audit resulted in a minor non-conformity against 8.4.1. For me, this is fine. It adds weight to an improvement I want to implement. …

Certification Body Surveillance Audits – Preparation counts

Last week I spent a few hours with an auditor from our Certification Body. It was a Surveillance Audit for our ISO 9001:2015 certification. It was uneventful. No findings at all. It was supposed to last a full day. However, we moved through the audit plan very swiftly. Here’s why: The plan for this audit, …

Be confident about ISO standard requirements

Perusing LinkedIn groups, it strikes me that people overthink ISO requirements. As a result, they lack confidence in their own management system. Project this to an auditor at your peril. As an example, I’ve just contributed to a conversation where the poster was unsure about an ISO 27001 Annex A control. The regulation of cryptographic …