Tom Hoyt- ISO

["Lori A. Moreland" <lamorela -at- CS -dot- HH -dot- AB -dot- COM>]

Hello, Tom.

Ive been through the ISO process. Your department should include in its list
 procedures it can verify. The auditors read the list you created, then check to
 see how well you follow your own procedures. It's simple, but the potential
 pitfalls are out there. They include:
. Referencing a form, procedure, or piece of information you cannot readily
 point to. For example, your ISO documentation says you fill out a duplication
 request when you complete a manual. The auditor may ask, "What type of request?
 Is it a form? May I see it? How do you track these forms?"
. Not fully understanding your company's quality policy. Most companies will
 draft a policy statement, and ask that employess become familiar with it. You
 don't have to memorize it. Just be able to regurgitate salient points. This is
 important, because the ISO standard is about quality. In the ISO world, quality
 = thoroughness.
My best advice is just to relax. The first (internal) audit is typically
 conducted by an in-house team. They will ask you the types of questions the
 real ISO auditors will ask. Then, when they find problems, they will point them
 out to you. This will help you to understand how an audit works and how to
 fine-tune your presentation to the real ISO people. This audit will also help
 you practice grace under pressure.
The follow-up audits just ensure that you still adhere to the procedures you set
 forth previously. If anything changes, change your procedure, and be prepared
 to support that change.
If you want more detailed info, turn to the myriad of books available on the
 ISO9000 process (wish I'd have gotten in on that racket!).
Best wishes- Lori Moreland lamorela -at- cs -dot- hh -dot- ab -dot- com