Can An Audit Be Deferred Due To A Force Majeure Event?
The following inquiry was received from ASQ Ask the Experts on Apr. 10, 2015:
If a Force Majeure event (major storm, flood or other natural event) effects the company during the time that the annual Surveillance Audit was to be done, can the Surveillance Audit be postponed until after the conclusion of the Force Majeure period without losing ISO 9001 certification? Will the impact be 1.) Merely a certificate lapse rectified with passing the re-scheduled Surveillance Audit loss, 2.) Loss of certification requiring the next audit to be a Certification Audit instead of a Surveillance Audit, or 3.) Is it up to the Registrar? In this case, assume the Surveillance schedule delay is only 3 months or less, and the company has an excellent ISO audit track record. Thank you.
ATCS QBlog Reply
Date: April 16, 2015
Thanks for contacting us. With regard to the frequency of surveillance audits as well as deferral of an audit as a result of force majeure, it’s important know that all reputable Registrars or certification bodies (CBs) are accredited by an accreditation body (AB) as such ANAB. This is intended to ensure a consistent approach for issuance of certifications by CBs. To maintain certification the CB may conduct periodic surveillance audits. Registered or certified organizations must be re-certified every 3 years or prior to the expiration date listed on their certification certificate.
Surveillance audits are conducted by the Registrar to verify the organization’s continued implementation as well as the improvement of the effectiveness of their QMS. Registrars may increase or decrease the frequency of surveillance audits based upon the maturity level of the organization’s QMS. For this reason, the frequencies that surveillance audits are conducted may vary, but are usually scheduled annually or every 12 months. Other situations that may affect actual frequency of surveillance audits may be the availability of Auditors or possibly, unusual situations being experienced by the Auditee or organization.
As already mentioned, re-certification audits are required to be conducted every 3 years. A Registrar typically does not have the authority to extend any organization’s ISO 9001 certification beyond the expiration date as shown on the certification certificate. I would suggest that the certification contract agreement between your organization and the Registrar be reviewed to determine how conditions of force majeure are to be addressed. This review should be followed up with a discussion with the Registrar to ensure there will be no impact on your organization’s existing QMS certification. For more information about surveillance audits and other information regarding certification bodies (CBs) review IAF guidance document “Application of ISO/IEC Guide 65:1996, Issue 3 (IAF GD 2006). A copy of this document can be downloaded at www.iaf.nu.
I hope this helps.