Pass the PECB ISO 9001 ISO-9001-Lead-Auditor Questions and answers with ValidTests

In this scenario, the audit team leader must balance maintaining the integrity of the audit plan while considering the auditee’s request. The two best responses allow for flexibility without compromising the audit's rigor:

A. I could audit the other laboratories virtually at the end of this audit: Virtual audits can be a valid option, especially in multi-site audits. ISO 9001:2015 does not prohibit virtual audits, and in certain situations, they are practical for reviewing documentation or observing operations remotely.

C. I could try to revise the audit programme to see if I can audit all laboratories: Revising the audit programme to accommodate additional site visits is a reasonable compromise. ISO 9001:2015 audits are based on risk and sampling, but the audit team leader has the flexibility to adjust the audit scope if it fits within the audit duration and resources.

The other options, such as extending the audit duration (B, F) or strictly adhering to the original plan (D, E), may not be practical or necessary. Revising the plan to audit all laboratories or using virtual auditing ensures that the audit remains efficient while addressing the organization's concerns​.

Comprehensive and Detailed In-Depth Explanation:

During communication with top management, the auditor should discuss:

The quality policy (ISO 9001:2015, Clause 5.2.1), ensuring that it is established, communicated, and understood.

Internal audits (ISO 9001:2015, Clause 9.2), verifying that they are planned and effectively implemented.

These discussions help assess leadership commitment and the effectiveness of the QMS.

According to ISO 19011:2018, clause 6.3.2, the audit plan is a document that provides the basis for agreement regarding the conduct of the audit. The audit plan should include the following information1:

•the audit objectives, scope and criteria

•the audit team members and their roles and responsibilities

•the audit schedule, including the date, time and location of each audit activity

•the expected time and duration of meetings and interviews

•the allocation of appropriate resources to critical areas of the audit

•the identification of the audit client and the auditee

•the identification of the guides and observers, if any

•the documents and records to be reviewed before and during the audit

•the audit methods and tools to be used

•the audit language and terminology

•the audit report content, format, distribution and expected completion date

•the risk to achieving audit objectives and the contingency plan, if any

Therefore, the issue which is not expected to be included in the audit plan is C, expectations of the organisation’s management. This issue is not relevant to the conduct of the audit, as the audit is based on the audit criteria, not on the management’s expectations. The management’s expectations may be considered during the audit initiation or the audit programme management, but they are not part of the audit plan.

In this scenario, the organisation A has two plants, A1 and A2, but the production in A2 was discontinued due to the COVID-19 pandemic and the plant was rented to another organisation B. There are no A employees working in A2, and the organisation A expects to reassume production in A2 as soon as possible. Therefore, the appropriate action to plan the internal audit of A’s quality management system is:

•Interview the A2 plant manager, now working in Plant A1: This action involves interviewing the person who is responsible for the management and operation of the plant A2, and who is currently working in the plant A1. The interview should aim to gather information about the status and condition of the plant A2, the impact of the COVID-19 pandemic on the quality management system, the arrangements and agreements with the organisation B, and the plans and actions to resume production in the plant A25 . This action is relevant and necessary for the internal audit, as it can help to assess the readiness and effectiveness of the quality management system, and to identify any gaps or nonconformities that need to be addressed.

The other options are not appropriate actions to plan the internal audit of A’s quality management system, according to the web search results from my internal tool. They are:

•Visit Plant A2 to interview personnel of company B: This action involves visiting the plant A2 and interviewing the personnel of the organisation B, who are not related to the organisation A and who are not part of the quality management system. This action is irrelevant and unnecessary for the internal audit, as it can not provide any evidence or information about the conformity and improvement of the quality management system of the organisation A5 .

•Visit Plant A2 to interview B’s quality manager: This action involves visiting the plant A2 and interviewing the quality manager of the organisation B, who is not related to the organisation A and who is not part of the quality management system. This action is irrelevant and unnecessary for the internal audit, as it can not provide any evidence or information about the conformity and improvement of the quality management system of the organisation A5 .

•Visit Plant A2 to interview A’s security personnel and B’s maintenance department: This action involves visiting the plant A2 and interviewing the security personnel of the organisation A and the maintenance department of the organisation B, who are not directly involved in the quality management system. This action is irrelevant and unnecessary for the internal audit, as it can not provide any evidence or information about the conformity and improvement of the quality management system of the organisation A5 .

Therefore, the correct answer is D.

According to ISO 9001:2015, clause 6.2.1, the organization is required to establish quality objectives at relevant functions, levels, and processes for the quality management system (QMS). The quality objectives must be consistent with the quality policy, measurable, monitored, communicated, and updated as appropriate. The organization is also required to maintain documented information on the quality objectives, as per clause 7.5.1.

Therefore, in the scenario given, the quality objectives defined by the external consultant are not in alignment with the organization’s quality policy, as they are based on those of a competitor, rather than the organization’s own purpose, strategic direction, and customer requirements. This creates a mismatch between the organization’s vision and goals, and the quality objectives that are supposed to guide and measure the QMS performance. Moreover, the quality objectives are not maintained as documented information, which makes it difficult to communicate, monitor, and update them, as well as to demonstrate evidence of their implementation and achievement.

Hence, the circumstances in which a nonconformity against clause 6.2 of ISO 9001 could be raised are B and C, as they indicate a failure to comply with the requirements of clause 6.2.1. The other options are either irrelevant or not directly related to clause 6.2, as they do not pertain to the establishment and documentation of quality objectives.

Comprehensive and Detailed In-Depth Explanation:

ISO 9001:2015 requires organizations to ensure that auditors have the necessary competence and knowledge to conduct audits effectively.

Clause References:

ISO 19011:2018, Clause 7.2.1 – Determining Competence of Auditors: Auditors must have knowledge of applicable legal and regulatory requirements that affect the scope of the audit.

ISO/IEC 17021-1:2015, Clause 7.1.2 – Competence Requirements: Certification bodies must ensure that auditors assigned to the audit team possess relevant knowledge in areas such as legal and regulatory compliance.

Why is the Correct Answer C?

Each audit team member should have sufficient knowledge of relevant legal and regulatory requirements to ensure compliance.

This helps auditors identify gaps or nonconformities related to compliance obligations.

Having multiple team members with knowledge reduces reliance on a single expert and ensures a comprehensive assessment.

Why are the Other Options Incorrect?

A (Only one team member needs knowledge) → Incorrect because audits involve various aspects, and all auditors should have basic awareness of legal and regulatory requirements.

B (Legal knowledge is not necessary) → Incorrect because compliance is essential for QMS effectiveness.

D (Only the lead auditor needs legal knowledge) → Incorrect because ISO requires all auditors to be competent in applicable laws, not just the leader.

Based on the scenario provided, there is evidence of nonconformity with the requirements defined in:

C. Clause 7.5.1 Documented information - General: The scenario indicates that there is no formal process for informing users about updates to the SWIFT database, which suggests a lack of control over documented information. This could lead to users being unaware of important changes and not using the latest version of the software, which is required by the quality management system1.

E. Clause 7.5.3 Control of documented information: The Operations Director’s approach to updating the SWIFT database and the lack of communication to users about these updates indicate that the documented information is not adequately controlled. Allowing users to revert to earlier versions of the software at their discretion further suggests that the organization does not have a proper mechanism in place to ensure the integrity and suitability of documented information2.

These clauses are part of the ISO 9001:2015 standard, which requires organizations to have a systematic approach to controlling and managing documented information as part of their quality management system. The scenario described shows a casual approach to managing critical software updates, which could affect the organization’s ability to consistently meet customer and regulatory requirements.

 Clause Reference – ISO 9001:2015 Clause 8.6 (Release of Products and Services):

ISO 9001 requires that products and services are not released to the customer until:

All planned verification activities have been completed.

Acceptance criteria have been met.

Any necessary approvals have been obtained.

In this scenario:

The sacrificial anodes for Project DK were shipped before the galvanic efficiency test results were analyzed.

This constitutes a nonconformity against Clause 8.6 because the products were released without completing the required tests.

 Option Analysis:

A. A retrospective concession was not sought from the customer once the test results had been approved by the Quality Manager:Incorrect. While obtaining a concession might mitigate the situation, the nonconformity pertains to the process failure of releasing the products without completing required tests, not the absence of a concession.

B. Release of the product without acceptable test results has been accepted by the customer for Project DK:Incorrect. The customer was not informed before the release, and there is no indication that this was accepted beforehand. Furthermore, ISO 9001 requires planned processes to be followed, regardless of later acceptance.

C. Products for Project DK have been released before product approval through the quality control process:Correct. This description accurately reflects the nonconformity. The quality control process required test results to be analyzed and verified before release, which did not happen.

D. The untested product was not recalled until the galvanic efficiency of the anodes was verified:Incorrect. The issue is not about recalling the product but about releasing it without completing the required tests. Recalling the product is not mentioned in the scenario.

 Why C is Correct:

The nonconformity is a clear breach of Clause 8.6, where the products were released without meeting the planned verification requirements.

This demonstrates a failure in adhering to quality control processes, which is a critical aspect of ISO 9001 compliance.

 Key ISO 9001 Reference:

Clause 8.6: Products and services shall not be released to the customer until all planned activities (e.g., testing) have been satisfactorily completed, or the customer has approved the release with knowledge of deviations.

Comprehensive and Detailed In-Depth Explanation:

Auditors must report findings truthfully and accurately to ensure an unbiased assessment of the QMS.

Clause References:

ISO 19011:2018, Clause 4 – Principles of Auditing:

Fair Presentation → Requires auditors to report truthfully and accurately, without bias or omission.

Integrity → Ensures auditors adhere to ethical conduct.

Why is the Correct Answer A?

The audit team reported findings truthfully, based on collected evidence.

Fair presentation ensures that both positive and negative findings are included in the audit report.

Objective evidence was gathered through interviews, document reviews, and observations.

Why are the Other Options Incorrect?

B (Integrity) → Related to ethics and professional conduct, but not specifically about presenting findings.

C (Confidentiality) → Important, but does not apply to the principle of reporting findings accurately.

D (Objectivity) → Ensures impartiality, but "fair presentation" directly addresses accurate reporting of findings.