Six Points To Follow In Writing An Audit Nonconformity

Audit nonconformity is one of the potential outcomes of first, second, or third-party audits, and they are one of the main elements of the audit report.

Auditees are interested in the audit reports to evaluate how they comply with the audited requirements. At the same time, the auditees are mostly interested in understanding their potential gaps and addressing corrective actions. In fact, audit nonconformities are the only areas most auditees are looking for to address actions and maintain compliance. Following a few steps before writing any audit nonconformities is very important. Invalid or unclear audit nonconformities will lead to unnecessary administration and auditees' confusion. In addition, an invalid, incorrect or unclear nonconformity adversely impacts the audit and auditee's processes. There are specific rules that must be followed before starting writing audit nonconformity. In this post, we will review the key points auditors should follow to write valid, verifiable and correct audit nonconformities.

1. Verify your audit nonconformity

During the audit, you may realise that there is a gap in documentation or implementation against the audited criteria, or you may observe a practice you believe is nonconformity. You may be correct, but at the same time, you may have forgot to examine all aspects of the audit process. Verify your findings with the auditees before jumping to conclusions and ensure all aspects of evidence were verified and examined before raising any audit nonconformities.

2. Use objective evidence to support your nonconformity

Objective evidence is a vital part of any audit nonconformity. You don’t have a valid audit nonconformity unless it is supported by objective and verified evidence. Auditors often like to share their experiences with other businesses with their auditees to bring value to their audit. However, sharing these experiences in the context of audit nonconformity is incorrect, and you can use other audit-finding categories such as OFI (opportunity for improvement) instead.

3. Following the proper structure

You should follow the correct structure to write a valid and correct audit nonconformity. An audit nonconformity is shaped by three elements:

  1. Audit Criteria. Write down the audit criteria you are using as a basis for your audit nonconformity. Audit criteria are defined as “the requirements to audit against”. In most circumstances, auditors should consider three criteria during the audit. a) legislative requirements b) audited standards such as ISO 9001, ISO 14001, or National Disability Insurance Scheme Quality Guideline c) business policies, procedures, and practices
  2. Audit nonconformity. In this section, you should write down the fact that is missing and lead you to raise an audit nonconformity. For example, the business onboarding process has not been followed according to the onboarding procedure.
  3. Objective evidence. In this section, you should write down the missing evidence. Have a look at the example above. For example: Refer to the reviewed staff files. The six new entries from June 2022.

Here is an example of an audit nonconformity:

Audit criteria

  • ISO 9001:2015 clause 7.3
  • Business onboarding procedure PR03.001 Dated June 2020
  • National Disability Insurance Scheme (Quality Indicators) Guidelines 2018 Core module indicator number 17

Audit nonconformity

The business onboarding process (Business onboarding procedure PR03.001) has not been followed.

Objective evidence

Records of inductions were not located for the six new staff. The HR manager has verified that the six new staff were not inducted according to the business onboarding procedure PR03.001 dated June 2020

4. Corrective action and the root cause are not part of the audit scope

Write a concise and comprehensive statement about what is missing. The audit scope is to evaluate gaps against a certain and you should keep yourself away from giving consultation. In your writing, you shouldn’t write a statement about what the organisation should do to address your audit nonconformity. Leave the corrective actions to the auditees to come up with something they believe is the best way for them to manage their gaps.

5. Following the privacy and confidentiality

Your audit report is your signature, and you should prepare it to demonstrate your professionalism. You will have an audit nonconformity when a piece of evidence is missing or someone hasn’t followed a process as it was expected according to the audited criteria. Never write down private, confidential, business-sensitive information in your audit nonconformity. Be clear about what is missing by referring to the project number, department name, building number, code, or role title. Never write down an individual’s name in your audit nonconformity.

6. What’s in it for the audited organisation?

Last but not least is to ask yourself a question before writing an audit nonconformity. The following questions can help you to evaluate the circumstances before jumping to any conclusions:

  1. Have they missed implementing a legislative requirement?
  2. Is it easy to be fixed immediately, or does it need a long-term action plan?
  3. Is it going to impact the consumers, clients, and staff’s safety, or does it affect the quality or the service delivery?
  4. What’s in it for the organisation, and is there any value in raising this audit nonconformity.

Perhaps writing a valid, correct, and verifiable audit nonconformity is one of the most important duties of auditors. Following the above key points will help you to have a stress-free audit closure. In addition, your clients will welcome your valid audit nonconformities due to the value it is going to bring to their business. The above elements may not look very complicated to follow but to become a professional audit nonconformity writer, you must always keep practicing and following the above points before writing audit nonconformities.

 

Who We Are

LMS TRG is an Exemplar Global Recognised Training Provider for courses in Management Systems Auditing. We come together from various specialist backgrounds to produce unique online learning experiences. Our team is composed of auditors, management systems consultants and providers, with over fifteen years of experience in delivering high-level quality training. We were founded with the policy of being pioneers in fully online and smart training solutions. To learn more, click here.

Join The Community

Our email content is full of value, void of hype, tailored to your interests whenever possible, never pushy, and always free.

Close

50% Complete

You are almost there! 

Kindly complete the form below and confirm your email address. We will keep you updated with news, articles and promotions.