IATF Auditor Guide For ISO-TS16949

8
IATF Auditor Guide for

ISOITS 16949
1 st Edition
8 April,2009
~
~
------- --,,..1"
IATF Auditor Guide for

,8 ISO/TS 16949
First Edition
April 2009
- ISBN 978 1 60534 153 8
Al! rights reserved @2009 ANFIA, @2009 IATF France, @ 2009 IAOB, @2009 SMMT, @ 2009 VDA.
Page 1 of 32
Introduction
Rules for achieving lA TF recognition, 3rdEdition for 180/T8 16949, places the responsibility for
the development and maintenance of auditor competency upon the certification body which
employs the auditor as defined within Rules 3rd Edition clauses 4.2 to 4.5.
To assist the certification bodies, the lATF Oversight Offices have authored the lATF Auditor
Guide for 180/T8 16949.
Purpose .
The purpose of the Guide is to define the logical activities and required auditor competencies in
the 180/T8 16949 audit process. The Guide amplifies the Rules and should be understood in
conjunction with Rules.
Al! rights reserved @ 2009 ANFIA, @ 2009 IATF France, @2009 IAOB, @ 2009 SMMT, @2009 VDA.
Page 2 of 32
How to Use the Guide
j) Paragraphs 1 - 8 of the Rules far achieving lA TF recagnition have been divided into thirty-one
activities in the Guide. The Guide has two main components: a graphic representation of the
certification audit process and a table that defines competencies for each activity.
The Graphic
These 31 audit activities are shown in 33 blue boxes. Under some blue boxes are white text
boxes that depict auditor activity during the audit boxes to which they are connected. Large
yellow areas group activities into the general areas that they address (e.g., Section 1 - Stage 1
Readiness Review, Audit Planning & Section 2 -Site Audit, (Stage 2, Surveillance and
Recertification) Nonconformities Management and Certificate Management).
The Table
The Table headings are:
. Activity Number - From 1 to 31.
. Activity Undertaken - the name of the audit activity.
. Competency - The definition of competency is "the demonstrated ability to apply
knowledge and skills." For each activity, therefore, competency is presented as
o Knowledge - the auditor should be ableto demonstratetheir knowledge(either
from memory or by where to reference) of the material presented to the
certification body,
o Skills - the auditor should be able to properly performthese activitiesduringthe
audit.
Some competencies will appear under several activities.
~
The Activities represent the major steps as described in Rules. This is not a definitive list of all
of the steps that could be in a process definition of an audit. The activities shown, however, are
required in the audit process definition for ISOITS 16949.
The Competencies are not exhaustive. They were drawn, after several years of lATF
experience, from certification body witness audits and office assessments, auditor training and
evaluation, lATF OEM concern investigation, and responding to questions from all the
stakeholders in the ISOITS 16949 process. The Competencies, therefore, address areas of
known auditor and audit concern; and reflect how the IATF evaluates auditors, audits and .
certificationbodies. Certificationbodiesare encouragedto usethis Guide in developingand
maintaining the competency of their auditors.
~
Al! rights reserved @ 2009 ANFIA, @ 2009 IATF France, @ 2009 IAOB, @ 2009 SMMT, @ 2009 VDA.
Page 3 of 32
Purpose of the Section 3
G
lATF believe further guidance is required both for the certification bodies and their auditors in
terms
audit. of Essential & General competencies needed to perform an effective automotive process
The purpose of Section 3.1 (Essential Auditing Competency Criteria) is to define the
competencies required against the six criteria; detailed below
1. Process Approach
2. Customer Specific Requirements
3. Prioritization
4. Focus on Performance
5. Knowledge & Application of ISO/TS 16949, Rules 3rdEdition, Sl's and FAQ's.
6. Analyse & Synthesize data
The purpose of Section 3.2 (General Auditing Competency Criteria) is to provide guidance on a
further seven criteria; detailed below
1. Interviewing Techniques
2. Time Management
3. Team Communication
4. Confidentiality
5. Conflict Management
6. Cultural Diversity
L
7. Policy Deployment
~
Al! rights reserved @2009 ANFIA, @ 2009 IATF France, @20091AOB, @ 2009 SMMT, @ 2009 VDA.
Page 4 of 32
ó b b
Section 1 - Stage 1 Readiness Review

and Audit Planning
1.
Oblain 2.
malerials for Verify
Stage 1 quolalion
Readiness informalion
Review
3. 4. 10.
5. 6. 8. 9.
Confirm Ihal processes Contirm if 7. Confirm inlemal
Contirm Ihe clienl has Confirm a Confirm Ihe Contirm cuslomer
showing sequence and supporting Confirm Ihe audil and
implemented a syslem qualily cuslomer satisfaction and
inleraction, including key funclions exisl; clienf has a managementreview
whose processes manual is specific complainl slalus
indicalors and performance and, where address all Ihe lisl of qualified planning & resulls
available for requiremenls (cuslomer rfJports
lrends for Ihe previous 12 applicable, olher inlemal from Ihe previous
requiremenls of each sile lo lo be included / scorecards, elc.)
monlhs minimum, have ca reports are audilors 12 monlhs dala are
ISOfTS 16949 beaudiled inlo Ihe audil are available
been defined available available
Tour the site undertaking discussions with relevant client personnel to understand and verify the information presented
13. 14.
Prepare Ihe Oeliver report lo
Audit Planning
Slage 1 Ihe clienl regarding
Readiness Ihe oulcome of Ihe
Review 81age 1 15.
report Readiness Review Wrileand
issue Ihe
Audil Plan
15a.
Plan for Slage 1 Remole 15 b.
Readiness Review Supporting Audil Logistics
Functions
Al! rights reserved @2009 ANFIA, @ 2009 IATF France, @ 2009 IAOB, @ 2009 SMMT, @ 2009 VDA.
Page 5 of 32
Section 1 - Stage 1 Readiness Review &Audit Planning
Competency is the demonstrated ability to apply

knowledge and skills
Activity Activity Knowledge Skills
No Undertaken Cableto ...) Cable to .. ..)
1. Obtain materials . Describethe Rulesrequirements . Verify that all of the required documentation
for Stage 1 related to the Stage 1 Readiness has been obtained from the client within the
Readiness Review. one or two days of the Readiness Review.
Review . Identify missing information not provided by
the client durinQthe Readiness Review.
2. Verify quotation . Describe the Rules requirements . Identify any changes since the quotation and
information related to quotation information. communicate to the client and back to the
o Number of sites certification body.
o Number of employees (fuI! time, . Verify the information used for audit day
part time, temporary) calculation and resolve any discrepancies.
o Support functions
o Language(s) of audit
o Current certifications
o Shift patterns
o Products and services
o Product design responsibility
o Proposed scope
o List of customers
. Explainthe auditdayscalculation
requirements.
. Describe the effect of non-
automotive products and personnel
on the quotation and how the audit
time is planned and spent.
Al! rights reserved @2009 ANFIA, @2009 IATF France, @2009 IAOB, @ 2009 SMMT, @ 2009 VDA.
Page 6 of 32
~) f.;
b b ó
knowledae and skills
No Undertaken (able to ...) (ableto ...)
3. Confirmthat . Describewhat a process is. . Verifythe clienfs processes, including
processes . Describe how processes interact sequence and interactions, are defined.
showing and how interactions can be shown . Verifythat outsourced processes have been
sequence and withina quality management identifiedbythe clientand included withinthe
interaction system. qualitymanagementsystem.
includingkey . Describewhat is meant bythe . Verify the client has a minimum of previous
indicators and automotiveprocess approach 12 months key indicators and performance
performance (Rules) versus an elemental, trend data.
trends for the "departmental" or "functional"
previous 12 approach.
months minimum, . Describe what constitutes a risk to '
have been the customer.
identified . Define process effectivenessand
efficiency.
. Describe how key indicators and
performance trends data could be
measured.
. Describehowa Letterof
Conformance could be applicable for
sites with less than 12 months
performance data.
4. Confirmif . Define a supportingfunction on-site . Verify that any on-site or remote support
supporting or remote. functions have been identified within the
functions exist; . Describehow supporting functions client's quality manual/system.
and where can be identified within the quality . Verifythat any other certification body(ies)
applicable, other management system. is/are currently IATF recognized.
certification body . Describe the Rules requirements . Determine that the reports from other
reports are related to multiple certification certification body(ies) contain the minimum
available bodies. required information, and that the fuI!
supported product scope has been covered
in relation to the site.
Al! rights reserved @ 2009 ANFIA, @ 2009 IATF France, @ 2009 IAOB, @2009 SMMT, @ 2009 VDA.
Page 7 of 32
-=:J.

No Undertaken (able to ...) Cableto ...)
5. Confirm the client . Describe what a process is. . Verify that the client has presented evidence
has implemented . Describe how processes interact that their system(of processes)addresses
a system whose and how interactionscan be shown all the requirementsof ISOITS 16949.
processes within a quality management
address all the system.
requirements of . Describewhat is meant by the
ISOITS 16949 automotiveprocessapproach
(Rules) versus an elemental,
"departmental"or "functional"
approach.
. Describe what constitutes a risk to
the customer. ¡
. Define process effectivenessand
efficiency.
. Describe how key indicators and
measured.
. Describe how supporting functions
can be identified within the quality
management system.
. Describe how the client's evidence,
that their processes meet all
requirements of ISOITS 16949,
could be presented (e.g., a matrix).
Al! rights reserved @2009 ANFIA, @2009 IATF France, @ 2009 IAOB, @2009 SMMT, @2009 VDA.
Page 8 of 32
~ ~) (
b ó tJ'

. Activity Activity Knowledge Skills
No Undertaken (able to ...) (able to ...)
6. Confirma quality . Describe the minimum content of a . Verifythat each of the client's sites has a
manual is quality manual as defined within quality manual.
available for each ISO/TS 16949. . Verifythat interactions with support functions
site to be audited . Describe the RuJes Stage 1 on-site and remote are addressed in the
Readiness Review requirements for quality manual.
the client to have a quality manual. . Verifythat the scope defined in the quality
manualaccuratelymatchesthe client's
automotive business activities and proposed
scope of certification.
. Verifythat any exclusion identifiedfor
certificationis stated in the qualitv manual.
7. Confirmthe client . Describe the requirements for . Verifythe list of internalauditors.
has a list of internal auditor qualificationas . Verifythe client's process for internal auditor
qualified internal defined withinISO/TS 16949 and qualificationaddresses qualitysystem,
auditors any applicable customer specific manufacturing process and product audits.
requirements. . Verifythat the process based internal audits
are undertaken bv qualified internal auditors.
8. Confirmthe . Describe what a customer specific . Verifythe client has a defined process for the
customer specific requirement is. identificationof customer specific
requirements to . Describe how the client locates requirements.
be included in the current customer specific . Determine from the list of customers which
audit requirements. customers have customer specific
. Describe how the auditor locates requirements.
current customer specific . Verify the client has the current required
requirements. revision level of customer specific
requirements.
, . Captures lATF OEM Supplier codes of the
client manufacturing site where applicable.
Al! rights reserved @ 2009 ANFIA, @2009 IATF France, @ 2009 IAOB, @ 2009 SMMT, @ 2009 VDA.
Page 9 of 32
Activity Activity Knowlédge Skills
9. Confirm customer . Define the ISO/TS 16949 . Verify the client has a defined process for the
satisfaction and requirement related to customer identification and analysis of customer
complaint status satisfaction measurement. satisfaction and complaint status information.
(customer . Describe what is meant by customer . Determine from the list of customers, which
reports, scorecards. customers issue customer satisfaction and
scorecards, etc.) . Describe how the auditor locates complaint status reports.
are available. customer scorecards, performance . Verify that the client has accessed and
reports, and complaints status. reviewed the current report(s).
. Describe how to relate the customer . Verify that customer satisfaction and
performance data back to the complaint status information, where
problem part(s). applicable, is downloaded from the relevant
. Describe the impact of GM New website during the Readiness Review.
Business Hold, Controlled Shipping . Verify that'customer objectives I reporting
and FORO 01 Revocation on the formats (e.g. OOS Ouality Operating
Readiness decision. System) scorecard data are used.
10. Confirm internal . Describe the Rules Stage 1 . Verify that 12 months internal audit and
audits and Readiness Review requirements management review data exists.
management (including that the 12 months audit . Verify that a complete cycle of process
review planning and management review evidence based internal audits of the defined
and results from may be a mix of other standards processes are followed by a management
the previous 12 [ISO, VDA,] and ISO/TS 16949). review.
months are . Define the difference between . Verify that internal audits are scheduled on
available system, process, and product the basis of status and importance.
audits. . Verify that the management review records
. Describe the difference between a include all required information.
process approach and an
, elemental, "departmental" or
"functional" approach for internal
audits.
. Describe what are the required
Al! rights reserved @2009 ANFIA, @2009 IATF France, @2009 IAOB, @ 2009 SMMT, @ 2009 VDA.
Page 10 of 32
~ f" ~
b ó t>
No Undertaken (able to ...) Cable to ...)
10. inputs and outputs as defined within
(Continued) ISO/TS 16949 that must be
addressed inthe management
reviewprocess.
. Describe what are, and the
difference between, process
performanceand product
conformity.
11. Determine the . Describe what the applicability . Verifythe scope of certificationand where
appropriatescope requirementsfor ISO/TS 16949are. necessary communicateto the clientwhythe
.
O of certification.
.
Describe the difference between
product and process design
responsibility.
Describe what are permissible
proposed certificationscope is being
modified:
exclusions related to ISO/TS 16949.

. Describe what is an acceptable
scope? (including where the client
has automotive and non-automotive
products, or a corporate audit
scheme).
12. Determine the . Describe the Rules requirements . Analyzethe data obtainedthrough activities
client's readiness related to the Stage 1 Readiness 2 to 11and determinethe client'sreadiness
Review. for the Stage 2 Site Audit.
O . Describe reasons why a client may

be deemed not ready for the Stage 2
site audit.
Note: The term "Stage 2 Site Audit"includes
the audit of site and supporting functions on
, site or remote.
Al! rights reserved @ 2009 ANFIA, @ 2009 IATF France, @2009 IAOB, @2009 SMMT, @ 2009 VDA.
Page 11 of 32
-- --
-- - -~ ---

No Undertaken (able to oo.) (able to oo.)
13. Prepare the Stage . Describe the minimumcontent . Prepare a Stage 1 Readiness Reviewreport
1 Readiness requirements for Readiness Review that meets the minimumreport requirements,
Review reporto reporto using their CS report format.
. Describewhatis an Clareaof . Declare the client'sstatus as regards
concern". readiness.
. Describe that nonconformitiesmay . Identify,ifapplicable, all area(s) which are
not be issued at the Stage 1 preventingthe client being deemed ready.
Readiness Review. . Identifyany areas ofconcernthat could be
. Describe that advice or classified as a non-conformity during the Stage
recommendations may not be 2 Site Audit.
offered.
14. Deliver report to . Describethe Rules requirements . Deliverthe report the client and any audit team
the client related to the Stage 1 Readiness members.
regarding the Review. . Deliver the report withoutgivingadvice or
outcome of the . Describe that advice or recommendations.
Stage 1 Readiness recommendationsmay not be
Review offered.
. Describe reasonswhy a client may
be deemed not ready for the Stage
2 site audit.
. Define the time limitationwithin the
Rules betweenStage 1 Readiness
Reviewand Stage 2 Site Audit.
. Describe that the client requires a
new complete Stage 1 Readiness
Review, if it is judged not ready.
,
Al! rights reserved @ 2009 ANFIA, @20091ATF France, @2009IAOB, @2009 SMMT, @2009 VDA.
Page 12 of 32
f" (' r
b b t>
15. Write and issue . Describe how to create an audit plan . Create an audit plan that is based upon the
15 a. the Audit Plan(s) that is based upon the defined defined processes of the client, their
15 b. including processes of the client, their sequence and interactions, including
supporting sequence and interactions, including supporting functions, addressing as
functions. supporting functions. applicable the fóllowing
. Describe how the audit plan shall be o analysis of actual or potential risk to
developed prior to arrival on site the customer, product, and processes
including the potential sources of o auditor I multiple auditors
input into the plan (specifically with demonstrating linkages between audit
regard surveillance audit planning). trails
. Describe the effect of non- o all shifts, manufacturing activities shall
automotive products and personnel be audited on all shifts where they
on the quotation and how the audit occur
time is planned and spent. o the required number of audit days.
. Describe Rules requirements for the o optimizing audit time based on the
audit plan and the audit, including layout of the client
supporting functions and multiple o audit of supporting functions planned
certification bodies. prior to the audit at the site with
. Describe the impact of customer process linkages referenced
o interfaces with the remote support
concerns and or special statuses
(notifications related to quality or functions audited by other certification
delivery issues, e.g. GM new bod ¡es
business hold, GM controlled o audit team competencies and
shipping, FORO 01 revocation, and language skills including the use of
Volkswagen Oualitatsleistung:C) on translators, where necessary
o customer specific requirements and
the audit plan.
core tools in all relevant processes,
including new customers since the last
. Describe how to determine critical audit
o customer concerns/complaints
areas for prioritization based upon
risk to the customer, key indicators, (reports. scorecards), special status
performance trends, and criticality of notification and the client's response
the process(es).
. Describe how to allocate appropriate
o Internal performance data, internal
resources to critical areas of the audit and management review results
audit. and actions
Al! rights reserved @ 2009 ANFIA, @ 2009 IATF France, @ 2009 IAOB, @ 2009 SMMT, @ 2009 VDA.
Page 13 of 32
. Describe the Rules requirements o progress made towards continual
15.
related to auditing all shifts. improvement
15 a. . Describe how to communicate the o effectiveness of the corrective actions
15 b. and verification since the last audit
plan(s) to other audit team members
(Continued)
undertaking audits at other sites / (time for such verification to be
supporting functions and the client additionaí see Rules 5.2 d)
representatives. o effectiveness of the management
system with regard to achieving both
customer and client objectives
. Issue the audit plan to the client and all audit
team members.
Al! rights reserved @ 2009 ANFIA, @ 2009 lATF France, @ 2009 IAOB, @2009 SMMT, @ 2009 VDA.
Page 14 of 32
(';. """J
~ ,11
6 b l>
Section 2 - Site Audit (Stage 2, Surveillance & Recertification)

Nonconformities Management, and Certificate ~anagement
Stage 2 Site Audit
Remote
Location Audit
Site Audit
16. 21. 25.

Condúct 17. 19. Write up 22. Conduct the
18. 24.
20. findings and Complete closing
audit of Conduct Complete Meeting with Prepare
remote
Audit Client catergorise Annex1 meeting and
Opening facility tour Top draft
Processes non- tableor deliver the
supporling meeting (if needed) Management reporl
functions conformities equivalent draft reporl to
(major / minor) the client
Interview auditees,observe actions, obtain objective evidence, record auditor notes, audit team consensus meetings, status meetings with the client
Nonconformities Management Certificate Management

27.
29.
26. Evaluate the 28.
Issue
client's root Complete
Issue Final supplementary
reporl cause analysis follow-up audit
reporl
and systemic (if needed)
corrective actions
(if needed)
Al! rights reserved @2009 ANFIA, @ 2009 lATF France, @2009 IAOB, @ 2009 SMMT, @2009 VDA.
Page 15 of 32
-~-
--- - -- ~-
-- == -=-'""' =
- - --
-
Section 2 Stage 2 Site Audit, Nonconformities Management, and Certificate Issuance
16. Conduct audit of . Describe the Rules requirements . See Activities 17 to 22 below.
remote relatedto remote supportingfunctions.
supporting . See Activities 17 to 22 below.
functions prior to
the Site Audit.
17. Conduct opening . Describe the certification body . Clearly communicate to the attendees, in
meeting requirements related to the opening terms that are relevant and understandable,
meeting. the following:
. Describe the impact of new or changed o the automotive process approach.
information from the client on the audit. o the audit plan.
o ttle CS'sprocesses that govern the
audit.
. Reconfirm the following:
o number of employees (full time, part
time, temporary)
o number of shifts and shift pattern
o current customers
o customer satisfaction and complaints
status including customer reports and
scorecards.
o any customer special statuses
o supporting functions
. Revise the audit plan inline with changes,
advisedby the client,sincethe stage 1
Readiness Review.
.
. Conduct the opening meeting using their
defined CS process.
. Identify any changes since the Stage 1 audit
and communicate to the client and back to the
Al! rights reserved @ 2009 ANFIA, @ 2009 IATF France, @ 2009 IAOB, @2009 SMMT, @2009 VDA.
Page 16 of 32
c~ rJ (1
b b b
certification body.
18. Complete facility . Describe how to confirm the validity of . Modify the audit plan based upon the
tour the audit plan based on the opening additional information collected during the
(if needed) meeting and facility tour. opening meeting and facility tour (including use
of translators, if any).
. Record and/or retain key observations for use
during the audit.
19. Meeting with . Describethe requirements in ISO/TS . Interview the top managementto elicit the
Top Management 16949for top management. following:
. Describe which responsibilities of top o their description of the client's qua lity
management under ISO/TS 16949 may management system
be or may not be delegated. o their djescriptibn of the client's quality
. Describe howprocessesinteractand objectives
how interactions can be shown within a o their commitment to the effective
quality management system. implementationof this system (e.g.,
. Describewhat constitutes a risk to the participation in meetings, setting objectives,
customer. linking objectives and plans, reviewing
. Define process effectiveness and performance, allocation of resources, etc.)
efficiency. o the key metrics/measures that they use to
. Describe how key indicators and evaluate client performance
o what information is communicated (both to
measured. and from) top management to the client
o the degree of their participation in
management reviews, including corrective
and preventive action.
o to what degree they comprehend their
, customer's requirements, expectations, and
evaluations of the client
. Record and/or retain key observations for use
during the audit.
Al! rights reserved @ 2009 ANFIA, @2009 IATF France, @ 20091AOB, @2009 SMMT, @ 2009 VDA.
Page 17 of 32
..

20. Audit client . Describe the Rules requirements . Demonstrate planning and conducting an audit
Processes related to automotive process approach using the automotive process approach
auditing. principies, guidelines and tools (e.g. use of
. Describe what is meant by the IIturtles"as a primary tool).
automotive process approach versus an . Able to audit using the audit plan in
elemental, IIdepartmental"or IIfunctional" conjunction with the client's defined processes,
approach. including sequence and interaction.
. Describehowto followan auditplan . Audit the client and ensure that the client's
and make adjustments based upon process definition accurately describes reality.
audit trails. . Audits processes identified in the audit plan in
. Describe how the process approach adequate detail and depth to give confidence
audit affects where within the facility the that the process(es) is capable of meeting
audit takes place. process key performance indicators including
. Define quality system effectiveness and customerspecifics.
efficiency. . Use the audit plan to audit the client's
. Describe how to choose a sufficient processes to ensure customer specific
number of examples (e.g., processes, requirements are identified, addressed, and
top management, operating personnel, maintained within the quality management
documents) for a reliable appraisal of system.
implementatibn. . Conduct interviews, etc. with auditees at
. Analyze information and evidence to appropriate locations (where the process
determine the extent of fulfilment with occurs).
certification requirements. . Record objective evidence, both of conformity
. Describe the minimum requirements to and nonconformity with requirements,
be covered during an examination of the sufficient for an independent review to agree
client's processes. with the audit conclusions and
recommendation.
Al! rights reserved @2009 ANFIA, @ 20091ATF France, @ 2009 IAOB, @2009 SMMT, @ 2009 VDA.
Page 18 of 32
\) G ri1
....
b b l>

No Undertaken (able to ...) (ableto ...)
21. Write up findings . Describe the lATF Rules requirements . Write a nonconformity based upon factual
and categorise that apply to writing nonconformity, data,that contain
non-conformities including any Sls, FAQs and customer- o A statement of non-conformity
(major I minor) specific requirements. o The requirement
. Describe that both negative and positive o The objective evidence
findings are included based on objective . Appropriately categorize non-conformities,as
evidence. major or minoro
. Describe the difference between a . Cross-referencenonconformityto boththe
majoranda minornonconformity. client'squalitymanagementsystemandthe
. Describe the impact of a major relevant clause of ISO/TS 16949.
nonconformity on the audit. . Appropri.atelycategorize opportunities for
. Define the Rules definition of improvement.
Opportunity for Improvement. . Identifiesopportunitieswithoutrecommending
. Describethe Rules regarding the use of solutions.
OFI with out recommending solutions . Complete their certification body's reporting
. Describe the impact of customer special formsas definedby the CS.
statusconditionson nonconformity.
. Describe the certification body
templates required for reporting.
. Describe the maximum time during the
audit to write an audit report.
22. Complete Annex . Describe how to complete the Table for . Prepare the Table for verification of
5 table or verification of completeness of the completeness of the process oriented auditing
equivalent process oriented auditing versus versus ISO/TS 16949 requirements for an
, ISO/TS 16949 requirements. audit.
Al! rights reserved @2009 ANFIA, @2009 IATF France, @20091AOB, @ 2009 SMMT, @ 2009 VDA.
Page 19 of 32
~ ....... "
-- --- --
- - ~~
- - --
-- -------
--- --- -- --
--~- -~ --- -- ---
------ - ---
--
._~- - -
-- ---- - ---
. -
------ ---n_- -- --. ------ --- --

23. Determine Audit . Describe the possible . Determine, followingtheir certification body
Team recommendations. procedures,the audit team recommendation.
Recommendation . Describe their certificationbody
O .
processfordeterminingthe audit team
recommendation.
Describe the Rules requirementson
the certificationbody process, to
reviewthe audit team
recommendation.
. Describe the acceptable level of quality
management system performance for
ISO/TS 16949 certification.
24. Prepare draft . Describe the minimum content . Prepare a draft audit report that meets Rules
report requirements for the draft report, minimum content requirements.
including a list of lATF OEM supplier . Declare the audit team recommendation
codes of the client manufacturing site. regarding certification.
. Identifyall nonconformitiesand OFls.
25. Conduct the . Describe their certification body's . Conduct the closing meeting using their
closingmeeting process/procedure forthe closing defined certificationbody process.
and deliver the meeting. . Deliver the draft audit reportto the client.
draft report to the . Describe the Rules requirements . Recordany findingsthat the clientwishesto
client regarding closure of nonconformities. appeal.
. Describe the certification body's . Discussthe closure of correctiveactions,
appeals process. including timing (as applicable).
. Advise the client of the need to Schedule a
follow up audit (if applicable).
Al! rights reserved @2009 ANFIA, @ 2009 IATF France, @20091AOB, @2009 SMMT, @2009 VDA.
Page 20 of 32
() o (j.
" ~
b b b
26. Issue final audit . Describe the mínimumcontent . Prepare and deliver a final audit report that
report requirements for the final audit report, complies with certification body and lATF
including a list of lATF OEM supplier requirements.
codes for the client manufacturing site. . Obtainmanagement'ssignatureto finalaudit
. Describe the timing requirements for report when the report is issued at the final
deliveryof the final audit report to the meeting.
client. . Obtainformalacknowledgmentfrom the
. Describe acceptable methods for client's management representative via email
management acknowledgment of the where the report has been issued
final report. electronicallv.
27. Evaluate the . Describe"rootcause"analysis. . Verifythat responses to nonconformities
client's root . Describe "systemic"versus "incident- issued are based on effectiveroot cause
cause analysis specific"corrective actions. analysis by the client followedby systemic
and verify . Describe several problemsolving corrective action.
systemic techniques and processes (e.g., 5 Why, . Verifywith objective evidence that the
corrective 80). corrective actions have been taken.
actions. . Define "100% resolved" as itrelatesto . Evaluate a client's corrective action response
the client's response to a for"100%resolved" when a corrective action is
nonconformitv. not yet implemented.
28. Complete follow . Describe the requirements (from the . Conduct a follow-up audit.
up audit (if Rules, customers, and from their . Verify with objective evidence and observation
needed). certification body) for when a follow-up the effective implementation of systemic
audit is needed. corrective actions.
. Describe the purpose of a follow-up
audit.
. Describe how to verify the
,
implementation of systemic corrective
actions.
Page 21 of 32
'~-~~~o.C''''~''''~-,~ -- ~ -~~- --- ...""--'" .. """- -~~-~ ""

--~~~-
=
-.
,"'~--, -- --~..""'""
~~- -
~ ~-- ~
-, ~
"
~ ~---'--'--"--"---' " '
-"
-- ---
- - ------- -- -- "'i

No Undertaken (able to oo.) (able to oo.)
29. Issue . Describewhen a supplementaryreport . Prepare and delívera supplementaryaudit
supplementary is issued. report that complies with lATF and certification
report (ifneeded). . Describe the minimum content of the body requirements.
supplementaryreporto
. Define the timingrequirements for the
supplementary reporto
30. Certification . Describe the lATF requirements for the . N/A.
Decision certificationdecision followinginitial,
O .
surveillance and recertificationaudits.
Describe their certificationbody's
process for the certificationdecision.
31. Issue Certificate . Describethe Rules requirementsforthe . Verifythat an issued certificate meets lATF
certiticate. requirements.
. Describe their certiticationbody's . Documentand communicateback to their
process tor certificateissue and review. certificationbodyissues observedwithan
. Describe the permissible use of lATF issued certificate.
and the certificationbody logos.
Al! rights reserved @ 2009 ANFIA, @ 20091ATF France, @ 20091AOB, @ 2009 SMMT, @ 2009 VDA.
Page 22 ot 32
r,j'
~) ('/: ,(l
" "1
b b b
Section 3 - Auditing Competency Criteria
3.1 Essential Auditing Competency Criteria

3.2 General Auditing Competency Criteria
Al! rights reserved @2009 ANFIA, @ 2009 IATF France, @2009 IAOB, @ 2009 SMMT, @2009 VDA.
. Page 23 of 32
~ --~-- -
~~ .-- ;c - ~ ~~ ,,- ~ ~ ~-
..
3.1 Essential Auditing Competency Criteria

Criteria Understanding Knowledge Skills
No expected (able to ...) (able to ...)
1. Process . Describe what a process is. . Demonstratethe planningin conjunctionwiththe
Approach . Describe how processes interact and client's defined processes, includingsequence
howinteractionscan be shownwithin and interaction,and conductof an auditusing
Demonstrates a qualitymanagementsystem. the automotive process approach principies.
priorityis given to . Describe the Rules requirements . Questioning the client's processes, the
questioning the related to automotive process sequence, interactions and performance against
organisation's approach auditing. the measuresdefined,withfocus on the
identificationof . Describewhat is meant bythe processes whichdirectlyimpactthe customer.
processes, their automotiveprocess approachversus . Questioningthe process objectives/targets,with
sequence and an elemental, "departmental"or focus on wheretargets are not beingmet and on
interactions, and "functional"approach. issuesthat havethe greatestimpacton the
performance . Define the 8 management principies customer.
against the detailed withinISO 9000. . Questioningwhat plans are in placeto ensure
objectives I . Describe how to integrate the ISO/TS targets are met,and correctiveactionplansare
measuresdefined, 16949 requirements into a process in placewhere objectivesare not being mel.
withfocus on the based audil. . Followingaudit trails to linkages between
processes which . Describe how to plan and carry out customer concerns, performance against
directly impact the an audit based upon the client's objectives and relevant process documents (e.g.
customer
processes. control plan, FMEA,etc).
. Questioning the client's process for gathering,
communicatingand implementingcustomer
specific requirements.
. Verify the identification and application of the
appropriate ISO/TS 16949 requirements in the
context of an audit of the organisation
:
processes.
Al! rights reservad @ 2009 ANFIA, @ 2009 IATF Franca, @ 2009 IAOB, @2009 SMMT, @2009 VDA.
Page 24 of 32
c:' () (""J
b b b

Criteria Understanding Knowledge r Skills
2. Customer . Describe what a customer specific . Verifythe client has a defined process
Specific requirement is. for the identificationof customer specific
Requirements. . Describe the relationship between customer requirements.
requirements and customer specific . Verify the client has the current required
Demonstrates requirements. revision level of customer specific
that customer . Describe methods a client may use to locate requirements.
specific current customer specific requirements. . Effectively incorporate into a process
requirements are . Describe how to audit the organisations based audit samples of the relevant
integrated into a process for identification and implementation customer specific requirements
process based of customer specific requirements. (focusing
. on
. lATF subscribing
audit. Effectively . Describe how to select samples (focusing on customers).
audits the .
lATF subscribing customers) to ensure that Audit the client processes to ensure
organisation's the process for identification and customer specific requirements are
process for implementation of customer specific identified, addressed, and maintained
gathering, requirements is effective. within the quality management system.
communicating . Describe how to incorporate customer . Prepare an audit report that identifies
and
specific requirements in a process-based the customer specific requirements
implementing audit. covered by the audit.
customer specific
requirements
3. Prioritisation . Describe how to incorporate previous audit . Demonstrate prioritisation based upon
data into subsequent audits. risk to the customer.
Demonstrates . Describe how to prioritise during an audit . Demonstrates prioritisation based upon
priority is given to based on the needs of the client's externa I information gained during previous
questioning the customers. audits.
process . Describe how to determine critical areas for . Demonstrates changes in prioritisation
objectives and prioritization based upon risk to the based upon actual client's performance
Al! rights reserved @2009 ANFIA, @ 2009 IATF France, @ 20091AOB, @2009 SMMT, @ 2009 VDA.
. Page 25 of 32
-~-
-~-- - -~--
~- --~ -- -- --- --- -- ---- -~~-- --- - "-,=--- -----
~ ~-~--- ~~ ~-~
performance, and customer, key indicators, performance trends (Le. management review, remote
focus on issues (internal&external) and criticalityof the supportfunctionsand performance
that have the process(es). against objectives, etc) seen during an
3. greatest impact . Describe how customer concerns and/ or audit.
(Continued) on the customer special statuses (notificationsrelated to . Prioritisebased upon customer
qualityor delivery issues, e.g. GMnew concerns and or special statuses.
business hold, GMcontrolled shipping,
FORD01 revocation,and Volkswagen
Oualitatsleistung:C) influenceprioritisation
during an audit.
. Describe how to modifyprioritiesduring an
auditbased on situationalawareness.
4. Focus on . Describe how a client's quality policyis a . Audit processes identifiedinthe audit
Performance frameworkfor the setting and communication planin adequate detail and depthto
of targets against the quality objectives. giveconfidencethat the process(es)
Identifies . Describehowan auditwouldverifythe is/are capable of meeting process key
issues/trails linkages between lower level quality performanceindicators,includingany
aroundthe objectives/targets and the quality objectives customerspecifiedtargets.
organisation's defined inthe business plan . Auditperformanceat variouslevels
process for . Describe differenttypes of key performance withinthe client verifyinglinkages back
setting indicators (KPl's) that a client can utilize. to the high-Ievelprocess performance
objectives/ . Define process effectiveness and efficiency. objectivesdefinedwithinthe business
targets, what
plans are in place
to ensure targets
. Describehowto locatecustomerscorecards,
performancereportsand complaintsstatus
from various sources.
. plan.
Review and assess the client'scurrent
performanceagainst targetsand assess
are met, and . Describe how to relate the customer correctiveactionswhere objectivesare
corrective action not being mel.
performance data back to the problem
plans are in place part(s). . Investigateand determinethe status
where . and effectiveness of the olient's process
Describehowto undertakea process based
objectives/targets audit focusedon process performance. performance improvement activities.
are not being met . Verify any customer specified continual
Al! rights reserved @ 2009 ANFIA, @ 20091ATF France, @ 2009 IAOB, @ 2009 SMMT, @ 2009 VDA.
Page 26 of 32
G r o
e b b
No expected (able to oo.) " Cable to .oo)
improvementtargets are met or plans
are in place for them to be achieved
4. withina definedtime periodo
(continued) e Sample a client's proposed
improvement activities to verify effective
planning/implementation.
e Incorporate withinthe process-based
audit, the client's lean manufacturing
programs /and or continual
improvement initiatives in support of the
quality
I policy
, and quality objectives.
e Audit the client's identification and
implementation of both the
effectiveness and efficiency process
indicators.
5. Knowledge & e Define the 8 quality management principies e Apply the Knowledge and Application of
Application of detailed within ISO 9000. ISO/TS 16949, Rules, SI and FAQ in
ISO/TS, Rules e Describe the benefits to the client of applying the planning and conduct of an audit.
3rd, SI & FAQ. the requirements of ISO/TS 16949 within a e Interpret and evaluate the application of
system of processes. the ISO/TS 16949 requirements in a
Demonstrates e Define the goal of ISO/TS 16949. manner appropriate to the client.
knowledge and e Describe the requirements in ISO/TS 16949 e Undertake and report process based
application of the related to continual improvement. audits in a manner that fully complies
requirements of e Describe the registration process defined in with the Rules and any associated Sl's
ISO/TS 16949, and FAQ's.
the Rules including any defined timescales,
t,he Rules for and any relevant Sl's & FAQ's.
achieving lATF e Describe the de-certification process defined
recognition, Sl's in the Rules.
and FAQ's. e Describe basic principies of lean
manufacturing, error proofing, FIFO, 5S etc.
Page 27 of 32
~~,- ~ ~ -~,,-~~,~~ ~ = """""=,-- ~-" o -- - -, " -~,~-, ,- ,,".-- -,,~--- , -,-,---,,,,,,, ,-----
-- -

No expected (able to oo.) Cable to oo.)
6. Analyse & . Articulate data analysis methodologies (Le. . Discriminate between relevant and
Synthesize data. Pareto analysis, statistical methods, irrelevant information.
correlation, regression trend analysis etc). . Absorbdataandfocusin on the areaof
Demonstrates . Articulate how data analysis methodologies significance based on review of
the ability to are linked to a client's quality policy and meaningful information.
collect and quality objectives. . Demonstrate linkages between
analyse data, . Describethe ISO/TS16949 requirements customer concerns, performance data
and draw related to the analysis and use of data. against objectives and relevant process
accurate . Describe how many documents may have documents leading to the development
conclusions pieces of the audit evidence that lead to of logical audit trails.
based upon the overall conclusions during an audit. . Recognise discrete data from multiple
data. . Describe the differences between the sources and understand its relationship
drawing of conclusionsfrom the synthesis of / impact of the whole system. (Le. See
Synthesize data as opposed to the reading of each the big picture).
isolated but document in an isolated fashion. . Recognise and use any customer
connected data supplied performance data during an
in order to draw
audit, verifying the correlation to any
conclusions. client data.
. Question the effectiveness of the
client's process for collection, analysis
and review of data duringan audit,
without taking for granted the integrity of
the data.
. Draw conclusions from the total data
presented.
Al! rights reserved @ 2009 ANFIA, @ 2009 IATF France, @ 2009 IAOB, @2009 SMMT, @ 2009 VDA.
Page 28 of 32
\" (' f:
e ~ o
3.2 General Auditing Competency Criteria

1. Interviewing . Describe how to question an auditee to . Focus the audit on priorities based upon
techniques obtain an understanding their process issues of significance identified during an
and any related objectives/measures. audit.
Utilize an audit . Describe how to summarize audit . Develop effective audit trails and follow
questioning findings for feedback to auditee. them to conclusion.
technique that . Describe how to gather objective . Ask questions utilizing a range of
facilitates
evidence during an audit. open/closed questions.
gathering of factual . Describe the range of interviewing . Obtairi objective evidence to substantiate
information for the
styles that can be employed (Iocation, statements and/or summaries (e.g., charts,
purpose of rooming, environment, etc). records etc) from auditees.
enabling a decision . Describe the approaches that can be . Communicate in a way that can be
to be made
employed to put an auditee at ease. understood by the auditee (e.g. terms,
regarding . Describe the difference betweenopen, language) to gather objective evidence.
effectiveness of .
closed and leading questions, and in Effectively audit when a translator is used.
processes .
what situations these types of Adjust interview techniques to suit
questions may be used. seniority/education/knowledgelevel of
auditee.
. Demonstrate open mindedness and ability
to consider other points of view.
. Listen to and synthesise data before
drawingaudit conclusions.
. Verify verbal information obtained with
, written evidence where applicable.
Al! rights reserved @ 2009 ANFIA, @ 2009 lATF France, @ 2009 IAOB, @2009 SMMT, @ 2009 VDA.
Page 29 of 32
~ ~- ---- ~ = -~----
- '=

knowledle and skills
Criteria Understandi ng Knowledge Skills
2. Time . Describe the Rules requirements related . Determine piority based upon importance
management to the duration of an audit day, and . Effectively manage time relating to the
allowable reporting time. original audit plan by demonstrating a
Manage allocated . Describe how to modify the audit plan flexibility in approach based upon findings
audit time during the audit. and situational awareness.
effectively focusing . Define the additional time requirements . Stay focused on auditing processes
on identified areas of an audit using translators. avoiding a "scatter gun" approach.
of importance . Demonstrate the importance of time
management when undertaking an audit by
modifyingthe audit plan as the audit
unfolds.
. Plan and manage time in an audit where a
translator is present.
. Comply with the Rules requirementsfor
time allocation durinQan audit.
3. Team . Describe the basics of communicating . Provide effective communication within a
communication. effectively. team environment resulting in a high
. List and describe methods that can be probability that all tasks are completed
Effectively used to exchange information. within the allocated time.
communicate . Describe how to formulate audit . Involve others on the audit team in decision
within the team, conclusions as an individual and as part making and drawing audit conclusions.
exchanging audit of a team. . Effectively exchange information between
information and . Describe how to modify and the audit team as an audit evolves.
findings to help communicate the modification to audit . Manage the communication between team
formulating plan as an audit evolves. members and effectively handle any
assessment conflicts that may arise.
conclusions . Coordinate the audit team to ensure that
, the interactions between processes are
effectively audited, including interactions
with any support functions on-site or
Al! rights reserved @ 2009 ANFIA, @2009 lATF France, @ 2009 IAOB, @2009 SMMT, @2009 VDA.
Page 30 of 32
() \' (;;
~ t' e
knowledle and skills
Criteria Understandi ng Knowledge Skills
No expected (able to ...) Cableto ...)
remote.
4. Confidentiality . Describe the 180/T8 169497.1.3 . Demonstrateconfidentiality is maintained
Confidentiality requirements. during the audit.
Maintain . Describe what maybe induded within a . Effectively incorporate the 180/T8 16949
confidentiality certification body confidentiality confidentiality requirements within the
agreement. context of a process based audit.
. Describemethods that can be used to
identify any customer confidentiality
requirements (e.g. contract).
5. Conflict . Describe examples of potential conflict . Demonstrate persistence in the event of
management situations. conflict.
J'
. Explain why conflicts may arise. . Manage conflict with the dient being
Effectively manage . Describehowto dealwith conflict and audited, maintainingthe integrity of the
conflict situations negative responses from an auditee. 180/T8 16949 scheme.
. Describe how to attempt to resolve . Effectively handle any conflicts that may
conflict situations. arise between team members.
6. Cultural diversity . Describe how audit questions may be . Recognize and correctly react to situations
developed to address any cultural or where audit styles have to be modified to
Effectively manage social issues take into account cultural diversity.
cultural situations . Describe where cultural situations may
while undertaking require a change in audit style, or
audits (regional, questioning techniques.
country, dient
etc).
Al! rights reserved @2009 ANFIA, @ 2009 IATF France, @ 2009 IAOB, @2009 SMMT, @ 2009 VDA.
Page 31 of 32
~--~- -~-
~
!::' . ~- - - - ~..-

knowled e and skiUs
No expected Cableto oo.) Cable to oo.)
7. Policy . Describe the ISO/TS 16949 . Conduct an interview of a top management
Deployment requirements for quality policy and team, which focuses on KPl's, target
objective development and deployment setting, customer requirements and
Effectively audit (5.3, 5.4, 6.2.2, 6.2.2.4). communication.
the development
and application of . Describe communication methods a
the quality policy client may use for policydeployment . Review and assess a client's current
and objectives including techniques and processes. performance against targets and question
linked to the . Describe how a client's quality policy is a relevant corrective actions during an audit.
business plan. framework for a client's quality objectives . Demonstrate in audit interviews with
(e.g. action plans, continual relevant process owners and employees
improvement). (includir)gtemp:>rarylabour) at their
. Describe what aspects of a business appropriate locations, questions which
plan would be included in an ISO/TS relate to their understanding of their role,
16949 audit. policy, objective etc as appropriate.
. Verify that the client's policy and objectives
(in the context of a process based systems
audit) meets ISO/TS 16949 requirements.
. Determine at a remote support function
how the process objectives are linked to
the site quality objectives.
Al! rights reserved @ 2009 ANFIA, @ 2009 IATF France, @ 20091AOB, @ 2009 SMMT, @ 2009 VDA.
page 32 of 32
(' (' f'

IATF Auditor Guide For ISO-TS16949

Uploaded by

Copyright:

Available Formats

IATF Auditor Guide For ISO-TS16949

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IATF Auditor Guide For ISO-TS16949

Uploaded by

Copyright:

Available Formats

8

IATF Auditor Guide for

IATF Auditor Guide for

- ISBN 978 1 60534 153 8

Section 1 - Stage 1 Readiness Review

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

exclusions related to ISO/TS 16949.

O . Describe reasons why a client may

Competency is the demonstrated ability to apply

Section 2 - Site Audit (Stage 2, Surveillance & Recertification)

Stage 2 Site Audit

16. 21. 25.

Nonconformities Management Certificate Management

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

'~-~~~o.C''''~''''~-,~ -- ~ -~~- --- ...""--'" .. """- -~~-~ ""

Competency is the demonstrated ability to apply

Section 3 - Auditing Competency Criteria

3.1 Essential Auditing Competency Criteria

3.1 Essential Auditing Competency Criteria

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

Competency is the demonstrated ability to apply

(' (' f'

You might also like

'~-~~~o.C''''~''''~-,~ -- ~ -- --- ...""--'" .. """- --~ ""