Scribd Logo
Upload

Welcome to Scribd!

  • Generated Audit Scenarios-Section 4

    Uploaded by

    muhammad.daify
    8 views2 pages
    The document describes an audit being conducted at an organization that provides software development services. The project manager is interviewed about how they ensure requirements are defined, software meets requirements, and manage changes. The auditor finds the requirements documents are incomplete, vague, inconsistent, and some changes are not properly documented or approved. The second part describes an audit at an organization that manufactures medical devices. The quality manager is interviewed about how they determine standards and regulations, ensure conformity, and maintain conformity. The auditor finds the relevant processes are incomplete, outdated, inaccurate, and some products do not comply with current standards and regulations. In both cases, the auditor decides to raise a nonconformity related to inadequate control of requirements or externally

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document describes an audit being conducted at an organization that provides software development services. The project manager is interviewed about how they ensure requirements are defined, software meets requirements, and manage changes. The auditor finds the requirements documents are incomplete, vague, inconsistent, and some changes are not properly documented or approved. The second part describes an audit at an organization that manufactures medical devices. The quality manager is interviewed about how they determine standards and regulations, ensure conformity, and maintain conformity. The auditor finds the relevant processes are incomplete, outdated, inaccurate, and some products do not comply with current standards and regulations. In both cases, the auditor decides to raise a nonconformity related to inadequate control of requirements or externally

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views2 pages

    Generated Audit Scenarios-Section 4

    Uploaded by

    muhammad.daify
    The document describes an audit being conducted at an organization that provides software development services. The project manager is interviewed about how they ensure requirements are defined, software meets requirements, and manage changes. The auditor finds the requirements documents are incomplete, vague, inconsistent, and some changes are not properly documented or approved. The second part describes an audit at an organization that manufactures medical devices. The quality manager is interviewed about how they determine standards and regulations, ensure conformity, and maintain conformity. The auditor finds the relevant processes are incomplete, outdated, inaccurate, and some products do not comply with current standards and regulations. In both cases, the auditor decides to raise a nonconformity related to inadequate control of requirements or externally

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Question 23: You are conducting an audit at an organization that provides software

    development services to various clients. You are interviewing the project manager
    (PM) who oversees several software projects. You: How do you ensure that the
    software requirements are clearly defined and agreed with the clients? PM: We use a
    standard template for writing the software requirements specification (SRS)
    document. We also have regular meetings with the clients to review and confirm the
    requirements. You: How do you verify that the software meets the requirements? PM:
    We perform various testing activities throughout the software development life cycle.
    We also have a quality assurance (QA) team that checks the software for defects and
    compliance with the SRS. You: How do you manage changes to the requirements?
    PM: We have a change management process that defines how to request, approve,
    implement, and document changes to the requirements. We also communicate the
    changes to the clients and the development team. Narrative: You review the SRS
    documents for some of the projects and find that they are incomplete, vague, and
    inconsistent. You also find that some of the changes to the requirements are not
    properly documented or approved.

    You decide to raise a nonconformity.

    What is ISO 9001 clause number? What is the nature of the problem? What is the ISO
    9001 requirement that has not been fulfilled?

    Answer:

     ISO 9001 clause number: 8.3.3


     Nature of the problem: Inadequate definition and control of software
    requirements
     ISO 9001 requirement that has not been fulfilled: The organization shall ensure
    that the requirements for the products and services are defined, including any
    applicable statutory and regulatory requirements, and those determined by the
    organization. The organization shall establish criteria for the review and
    acceptance of the requirements for the products and services. The organization
    shall retain documented information on the requirements for the products and
    services.

    Question 24: You are conducting an audit at an organization that manufactures


    medical devices. You are interviewing the quality manager (QM) who is responsible
    for ensuring the compliance of the products with the relevant standards and
    regulations. You: How do you determine the applicable standards and regulations for
    your products? QM: We have a regulatory affairs (RA) department that monitors the
    changes in the standards and regulations. They also provide us with the list of the
    applicable standards and regulations for each product category. You: How do you
    ensure that your products conform to the standards and regulations? QM: We have a
    design and development (D&D) process that incorporates the standards and
    regulations as design inputs. We also have a validation process that verifies the
    conformity of the products with the standards and regulations before they are released
    to the market. You: How do you maintain the conformity of your products with the
    standards and regulations? QM: We have a post-market surveillance (PMS) process
    that collects and analyzes feedback from the customers, users, and authorities. We
    also have a corrective action process that addresses any nonconformities or
    complaints related to the products. Narrative: You review the records of the D&D,
    validation, PMS, and corrective action processes and find that they are incomplete,
    outdated, and inaccurate. You also find that some of the products do not comply with
    the current standards and regulations.

    You decide to raise a nonconformity.

    What is ISO 9001 clause number? What is the nature of the problem? What is the ISO
    9001 requirement that has not been fulfilled?

    Answer:

     ISO 9001 clause number: 8.4.2


     Nature of the problem: Ineffective control of externally provided processes,
    products, and services
     ISO 9001 requirement that has not been fulfilled: The organization shall ensure
    that externally provided processes, products, and services conform to the
    requirements. The organization shall determine the controls to be applied to the
    external providers and those to be applied to the resulting output. The
    organization shall retain documented information of these activities and any
    necessary actions arising from the evaluations.

    You might also like