[2025年03月] 最新のPECB ISO-9001-Lead-Auditor認定練習テスト問題
確認済みISO-9001-Lead-Auditor問題集と解答で一年間無料最速更新
PECB ISO-9001-Lead-Auditor 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
質問 # 52
A small deaning services organisation is about to start work on a hospital dleaning contract for the local Health Trust. You, as auditor, are conducting a Stage 2 audit to ISO 9001 and review the contract with the Service Manager. The contract requires that a cleaning plan is produced. You: "How was the cleaning plan for the contract developed?" Service Manager: "We have a basic template that covers the materials, labour requirements and cleaning methods to be employed. Some of that is specified by the customer." You: "How does the plan deal with locations like the intensive care wards and the operating theatres, which are included in the contract?" Service Manager: "The basic plan covers general wards, but we will do more frequent cleaning in those areas if the hospital requests it." You: "Are you aware of the regulatory requirements for cleaning standards in hospitals?" Service Manager: "No. We depend on the hospital to look after that side of things in the contract." You decide to raise a non-conformity against section 8.2.2.a.1 of ISO 9001. You decide to raise another non-conformity against section 8.2.4 of ISO 9001 when finding that the cleaning plan was amended without the agreement of the Health Trust. A different cleaning chemical was substituted to that specified in the contract. At the follow- up audit, the corrective action proposed was to "obtain a concession from the Health Trust for use of the new chemical." Which one of the following options is the reason why you did not accept this action taken?
- A. Staff have not been trained in the use of the new chemical.
- B. The substitute chemical may not be as effective as the original.
- C. The action assumes that the Health Trust will agree to the change.
- D. The process for making changes to the contract has not been addressed.
- E. The substitute chemical has not been used before in the Health Trust.
正解:D
解説:
* Clause 8.2.4 of ISO 9001:2015 - Changes to Requirements for Products and Services:ISO 9001:
2015 Clause 8.2.4 states that when changes to requirements for products or services are made, they must be communicated and agreed upon with relevant interested parties (in this case, the Health Trust).
The lack of communication and agreement for substituting the cleaning chemical represents a clear violation of this clause.
* Analysis of the Corrective Action Proposed:The organization proposed "obtaining a concession from the Health Trust for the use of the new chemical." This action is reactive and assumes approval from the Health Trust without addressing the systemic issue: the lack of a defined change control process for managing contract changes.
* Option Analysis:
* A. The substitute chemical has not been used before in the Health Trust:Incorrect. While this may be a concern, it is not directly relevant to the root cause of the nonconformity, which is the absence of a process to handle contract changes.
* B. The action assumes that the Health Trust will agree to the change:Incorrect. Although this is true, it is not the primary issue. The nonconformity lies in the lack of a structured approach to obtain agreement, not whether the Health Trust agrees.
* C. Staff have not been trained in the use of the new chemical:Incorrect. This is a separate issue related to staff competence (Clause 7.2), but it is not the main reason why the corrective action is unacceptable under Clause 8.2.4.
* D. The process for making changes to the contract has not been addressed:Correct. The fundamental issue is the organization's failure to follow or establish a change control process for amending contracts, including gaining formal agreement from the Health Trust. The proposed corrective action does not ensure that such issues will be systematically prevented in the future.
* E. The substitute chemical may not be as effective as the original:Incorrect. The effectiveness of the substitute chemical is secondary to the primary issue, which is the lack of a change management process.
* ISO 9001 References Supporting the Correct answer:
* Clause 8.2.4: Requires that changes to product/service requirements be reviewed, communicated, and agreed upon with the customer.
* Clause 10.2 (Nonconformity and Corrective Action): Requires the organization to address the root cause of the nonconformity and take actions to ensure it does not recur. In this case, the root cause is the absence of a change control process.
* Why D is the Best answer:The core issue is that the organization did not have a formalized process for managing and agreeing upon changes to contract requirements. Addressing this process gap is essential to prevent recurrence of similar nonconformities. Merely seeking a concession from the Health Trust is a one-off solution that does not address the systemic issue.
質問 # 53
An internal auditor of a manufacturer of polystyrene packaging products for the electronics industry raised a nonconformity against section 10.3 of ISO 9001 in Report IA202. The nonconformity (NC 3) stated:
"The reject rate of the finished product of 9.7% needs improvement as it doesn't meet the stated objective of top management of 5%." As the third-party auditor reviewing the internal audit process, you come across the nonconformity. For corrective action, the Quality Manager conducted an investigation into the reject rates. He reported that the collection baskets for products ejecting from the moulding machines were not large enough. About 6% of products fell onto the wet and dirty factory floor. Management stated that replacing the baskets was too costly and ordered the Maintenance Manager to ensure that the floor was kept clean and dry to prevent rejects. The auditor later checked the factory floor, which was wet and dirty in places.
From the following nonconformities, select three that the auditor could raise to ISO 9001.
- A. 8.5.1 - Production operations were not properly controlled to avoid reject products.
- B. 10.2.1 - Conduct of an investigation was not sufficient to understand the cause of the nonconformity.
- C. 10.3 - The organisation did not continuously improve. Reject rates were unchanged.
- D. 7.1.1 - The organisation failed to provide the required resources to prevent nonconforming products.
- E. 7.3 - Staff were not aware that products were falling onto the factory floor.
- F. 8.6 - Dirty products were released to the customer.
- G. 7.1.4 - The factory environment is not suitably maintained to prevent dirty products.
- H. 9.2.2 - Report IA202 contained a poorly worded nonconformity (NC 3).
正解:C、D、G
解説:
The auditor could raise the following nonconformities to ISO 9001 based on the scenario:
*Option A: 10.3 - The organisation did not continuously improve. Reject rates were unchanged. This option is correct because ISO 9001:2015 clause 10.3 requires the organization to improve the suitability, adequacy and effectiveness of the quality management system. The organization did not demonstrate any improvement in reducing the reject rate of the finished product, which was a stated objective of top management. The corrective action taken by the organization was not effective in addressing the root cause of the problem and preventing its recurrence.
*Option B: 7.1.4 - The factory environment is not suitably maintained to prevent dirty products. This option is correct because ISO 9001:2015 clause 7.1.4 requires the organization to determine, provide and maintain the environment necessary for the operation of its processes and to achieve conformity of products and services.
The organization did not ensure that the factory floor was clean and dry, which affected the quality of the products and increased the risk of nonconformity.
*Option C: 7.1.1 - The organization failed to provide the required resources to prevent nonconforming products. This option is correct because ISO 9001:2015 clause 7.1.1 requires the organization to determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement of the quality management system. The organization did not provide adequate collection baskets for the products ejecting from the moulding machines, which resulted in products falling onto the factory floor and becoming nonconforming.
The following options are not correct:
*Option D: 9.2.2 - Report IA202 contained a poorly worded nonconformity (NC 3). This option is not correct because ISO 9001:2015 clause 9.2.2 does not specify the requirements for the wording of nonconformities in internal audit reports. The nonconformity (NC 3) stated by the internal auditor was clear and relevant to the audit criteria and audit evidence. The issue is not with the report, but with the corrective action taken by the organization.
*Option E: 8.6 - Dirty products were released to the customer. This option is not correct because ISO
9001:2015 clause 8.6 requires the organization to implement planned arrangements, at appropriate stages, to verify that the product and service requirements have been met. The scenario does not indicate that the dirty products were released to the customer, but that they were recalled and repaired then returned to the customers. The issue is not with the release, but with the production process and the environment.
*Option F: 7.3 - Staff were not aware that products were falling onto the factory floor. This option is not correct because ISO 9001:2015 clause 7.3 requires the organization to ensure that the persons doing work under its control are aware of the quality policy, relevant quality objectives, their contribution to the effectiveness of the quality management system, and the implications of not conforming with the quality management system requirements. The scenario does not indicate that the staff were not aware of these aspects, but that the management did not provide adequate resources and environment for the staff to perform their work. The issue is not with the awareness, but with the management responsibility and resource provision.
*Option G: 10.2.1 - Conduct of an investigation was not sufficient to understand the cause of the nonconformity. This option is not correct because ISO 9001:2015 clause 10.2.1 requires the organization to react to the nonconformity and, as applicable, take action to control and correct it and deal with the consequences. The scenario indicates that the Quality Manager conducted an investigation into the reject rates and identified the cause of the nonconformity. The issue is not with the investigation, but with the corrective action taken by the management.
*Option H: 8.5.1 - Production operations were not properly controlled to avoid reject products. This option is not correct because ISO 9001:2015 clause 8.5.1 requires the organization to implement production and service provision under controlled conditions. The scenario indicates that the production operations were controlled by the moulding machines, which ejected the products into the collection baskets. The issue is not with the production operations, but with the size of the collection baskets and the condition of the factory floor.
References:
*ISO 9001:2015 Quality management systems - Requirements
*ISO 9001 Lead Auditor Course Material, Module 6: Reporting Audit Findings, Slide 14: Writing Nonconformity Statements
*ISO 9001 Lead Auditor Training Course - IRCA Certified, Section 6.2: Reporting Audit Findings
*Lead Auditor Exam Preparation Guide (EPG) Template - PECB, Section 3.2: Exam Content Outline, Subsection 3.2.1: Section 1 - Audit Fundamentals, Subsection 3.2.2: Section 2 - Audit Principles, Subsection
3.2.3: Section 3 - Audit Process, Subsection 3.2.4: Section 4 - Audit Competencies
質問 # 54
XYZ Corporation is an organisation that employs 100 people. As audit team leader, you are conducting a certification audit at Stage 1. When reviewing the quality management system (QMS) documentation, you find that quality objectives have been set for every employee in the organisation except top management.
The Quality Manager complains that this has created a lot of resistance to the QMS, and the Chief Executive is asking questions about how much it will cost. He asks for your opinion on whether this is the correct method of setting objectives.
Three months after Stage 1, you return to XYZ Corporation to conduct a Stage 2 certification audit as Audit Team Leader with one other auditor. You find that the Quality Manager has cancelled the previous quality objectives for all employees and replaced them with a single objective for himself. This states that "The Quality Manager will drive multiple improvements in the QMS in the next year". The Quality Manager indicates that this gives him the authority to issue instructions to department managers when quality improvement is needed. He says that this approach has the full backing of senior management. He shows you the latest Quality Improvement Request that was included in the last management review.
After further auditing, the issues below were found. Select three statements that apply to the term 'audit trail'
- A. Evaluation of the results of the improvement action not always documented by the Quality Manager.
- B. The single quality objective set for the organisation by the Quality Manager.
- C. Limited knowledge of the content of Quality Improvement Requests by departmental staff.
- D. Decisions on improvement action timescales not involving departmental managers.
- E. Quality improvements not aligning with the quality policy.
- F. Top management claim not to be aware of the improvement request (QI/12/20/HR-3) initiated by the Quality Manager.
正解:A、C、D
解説:
Based on the scenario and the concept of an 'audit trail' within the context of ISO 9001, the three statements that apply would likely be:
A: Decisions on improvement action timescales not involving departmental managers. This indicates a lack of involvement and communication with those responsible for implementing the improvements, which is a key part of an effective audit trail1.
B: Evaluation of the results of the improvement action not always documented by the Quality Manager.
Proper documentation is essential for an audit trail, as it provides evidence that actions have been evaluated and are effective1.
C: Limited knowledge of the content of Quality Improvement Requests by departmental staff. An audit trail should ensure that all relevant parties are aware of and understand the actions being taken, which is not the case here1.
These points suggest issues with the communication, documentation, and involvement of relevant personnel in the quality management system processes, which are crucial for maintaining an effective audit trail and, by extension, a robust quality management system.
質問 # 55
Select the words that best complete the sentence:
正解:
解説:
Explanation:
According to the ISO 19011:2018 document, the audit plan should provide the basis for agreement regarding the conduct and scheduling of the audit activities. The amount of detail provided in the audit plan should reflect the scope and complexity of the audit, as well as the risk of not achieving the audit objectives1. The scope of the audit refers to the extent and boundaries of the audit, such as the audit criteria, the audit objectives, the organizational and functional units, and the processes to be audited1. The complexity of the audit refers to the degree of difficulty or intricacy of the audit, such as the number and diversity of the auditees, the audit criteria, the audit methods, and the audit team composition2. The risk of not achieving the audit objectives refers to the possibility that the audit may fail to provide reliable and sufficient audit evidence to support the audit conclusions and report1.
Therefore, the complete sentence is:
In the context of a third-party audit, the amount of detail provided in the audit plan should reflect the scope and complexity of the audit, as well as the risk of not achieving the audit objectives.
References: 1: ISO 19011:2018 - Guidelines for auditing management systems 2: Audit Complexity - an overview | ScienceDirect Topics
質問 # 56
XYZ Corporation is an organisation that employs 100 people. As audit team leader, you are conducting a certification audit at Stage 1. When reviewing the quality management system (QMS) documentation, you find that quality objectives have been set for every employee in the organisation except top management.
The Quality Manager complains that this has created a lot of resistance to the QMS, and the Chief Executive is asking questions about how much it will cost. He asks for your opinion on whether this is the correct method of setting objectives.
Three months after Stage 1, you return to XYZ Corporation to conduct a Stage 2 certification audit as Audit Team Leader with one other auditor. You find that the Quality Manager has cancelled the previous quality objectives for all employees and replaced them with a single objective for himself. This states that "The Quality Manager will drive multiple improvements in the QMS in the next year". The Quality Manager indicates that this gives him the authority to issue instructions to department managers when quality improvement is needed. He says that this approach has the full backing of senior management. He shows you the latest Quality Improvement Request that was included in the last management review.
After further auditing, the issues below were found. Select two statements that apply to the term
`nonconformity'.
- A. Evaluation of the results of the improvement action not always documented by the Quality Manager.
- B. Decisions on improvement action timescales not involving departmental managers.
- C. Limited knowledge of the content of Quality Improvement Requests by departmental staff.
- D. Quality improvements not aligning with the quality policy.
- E. No quality objectives planned for the top management team
- F. Top management claim not to be aware of the improvement request (QI/12/20/HR-3) initiated by the Quality Manager.
正解:D、E
解説:
According to the ISO 9001:2015 standard, clause 10.2.1 defines nonconformity as the non-fulfilment of a requirement. A requirement can be related to the quality management system, the products and services, the customer expectations, or the applicable statutory and regulatory requirements. Nonconformities can be detected through various sources, such as audits, inspections, tests, customer complaints, or internal reviews.
Nonconformities must be addressed by taking appropriate actions to correct them and prevent their recurrence.
In this scenario, the auditee has shown several issues that indicate nonconformities in their quality management system. Two statements that apply to the term nonconformity are:
A: No quality objectives planned for the top management team: According to ISO 9001, clause 6.2.1, the organization must establish quality objectives at relevant functions, levels, and processes. The quality objectives must be consistent with the quality policy and the strategic direction of the organization. The top management team is responsible for providing leadership and direction for the quality management system and ensuring its alignment with the organization's purpose and context. Therefore, the absence of quality objectives for the top management team is a nonconformity as it violates the requirement of clause 6.2.1.
E: Quality improvements not aligning with the quality policy: According to ISO 9001, clause 5.2.1, the quality policy is a statement of the organization's intentions and direction regarding quality, as formally expressed by top management. The quality policy must provide a framework for setting quality objectives and be compatible with the context and strategic direction of the organization. The quality policy must also be communicated, understood, and applied within the organization. Therefore, if the quality improvements are not aligned with the quality policy, it is a nonconformity as it violates the requirement of clause 5.2.1.
質問 # 57
You are carrying out an audit at a single-site organisation seeking certification to ISO 9001 for the first time.
The
organisation manufactures cosmetics for major retailers and the name of the retailer supplied appears on the product packaging. Sales turnover has increased significantly over the past five years. The organisation uses a software programme called SWIFT, which is used to record sales, plan production, purchase supplies, print despatch notes, track new product development, perform traceability exercises, carry out mass balance checks, raise invoices, create budgets, and support financial control.
You are nearing the end of the audit and you are reviewing your audit notes. You notice a recurring trend concerning the SWIFT database as shown below:
You ask the Quality Manager to explain how the SWIFT database is controlled. You learn that the Operations Director is responsible for determining and progressing SWIFT software updates. You decide to meet the Operations Director (OD).
You: "Good afternoon."
OD: "Good afternoon."
You: "What responsibility do you have concerning the SWIFT database?"
OD: "I maintain it. If anyone wishes to propose an update to the database, they send me an email with details of their proposal. I then either process the database update myself, or I send the request to the consultant who designed the database 20 years ago. The necessary software changes are made, and the amended software is immediately released to users." You: "Would you explain how the software amendments are controlled?" OD: "Of course. I personally update every computer myself." You: "Do you inform the database users of the changes?" OD: "No I don't. They find out for themselves by using the software, or they come to see me if they have any questions." You: "How do you ensure that the database users use the latest version?" OD: "That's easy, I update every computer myself." You: "During the audit, I noted there were several versions of SWIFT in use (you refer to your audit notes)." OD: "I know. That's because some versions work better than others, and depending on user needs and experiences, we allow users to revert to using an earlier version if they find it works better for them." Based on the scenario, which two of the following statements are true? There is evidence of nonconformity with a requirement defined in ...
- A. clause 7.1.4 Environment for the operation of processes
- B. clause 7.5.2 Documented information - Creating and updating
- C. clause 7.5.1 Documented information - General
- D. clause 7.1.3 Infrastructure
- E. clause 7.5.3 Control of documented information
正解:C、E
解説:
Based on the scenario provided, there is evidence of nonconformity with the requirements defined in:
C: Clause 7.5.1 Documented information - General: The scenario indicates that there is no formal process for informing users about updates to the SWIFT database, which suggests a lack of control over documented information. This could lead to users being unaware of important changes and not using the latest version of the software, which is required by the quality management system1.
E: Clause 7.5.3 Control of documented information: The Operations Director's approach to updating the SWIFT database and the lack of communication to users about these updates indicate that the documented information is not adequately controlled. Allowing users to revert to earlier versions of the software at their discretion further suggests that the organization does not have a proper mechanism in place to ensure the integrity and suitability of documented information2.
These clauses are part of the ISO 9001:2015 standard, which requires organizations to have a systematic approach to controlling and managing documented information as part of their quality management system.
The scenario described shows a casual approach to managing critical software updates, which could affect the organization's ability to consistently meet customer and regulatory requirements.
質問 # 58
Match each of the following statements into the table below to show whether they apply to first-party audits, second-party audits or third-party audits:
正解:
解説:
Explanation:
Table
Statement
First-party audits
Second-party audits
Third-party audits
The audit scope is typically determined by the organisation being audited.
Yes
No
No
The outcome of the audit is typically certification to a recognised standard.
No
No
Yes
The audit scope is typically confined to service/product provision capability.
No
Yes
No
Here is a brief explanation of each statement:
The audit scope is typically determined by the organisation being audited: This statement applies to first-party audits, also known as internal audits, where the organisation audits its own processes and activities to ensure conformity and improvement1. The organisation can decide the scope of the audit based on its own needs and objectives2. This statement does not apply to second-party audits, where the customer audits the supplier, or third-party audits, where an independent body audits the organisation. In these cases, the audit scope is determined by the customer or the certification body, respectively34.
The outcome of the audit is typically certification to a recognised standard: This statement applies to third- party audits, where an independent body audits the organisation to verify that it meets the requirements of a specific standard, such as ISO 9001, and issues a certificate of conformity if the audit is successful34. This statement does not apply to first-party audits or second-party audits, where the outcome of the audit is not certification, but rather self-improvement or supplier qualification13.
The audit scope is typically confined to service/product provision capability: This statement applies to second- party audits, where the customer audits the supplier to ensure that they are meeting the requirements specified in the contract, such as service or product quality, delivery, or performance34. The audit scope is usually focused on the specific aspects of the service or product that are of interest to the customer3. This statement does not apply to first-party audits or third-party audits, where the audit scope is broader and covers the entire quality management system or the relevant clauses of the standard14.
質問 # 59
You are carrying out an audit to ISO 9001 at an organisation which offers regulatory consultancy services to manufacturers of cosmetics.
You are interviewing the Technical Director (TD), who manages a team of regulatory experts responsible for providing regulatory services to customers.
You: "How do you ensure your regulatory team's competence concerning regulatory requirements is maintained?" TD: "The two Regulatory Experts we employ full-time have years of experience of working in the cosmetics industry." You: "How is their regulatory competence maintained?" TD: "They are dedicated individuals with lots of contacts in the sector." You: "How does the business enable them to maintain their understanding of current regulatory requirements?" TD: "We leave that up to them."
正解:
解説:
Explanation:
A screenshot of a computer Description automatically generated
質問 # 60
You, as auditor, are in dialogue with the quality lead and managing director of a small business that supplies specialist laboratory equipment and furniture.
You: "I'd like to look at how you manage change in the organisation. What changes have you made as a business, say, over the last 12 months?" Auditee: "We have made some strategic changes, the main one being that we no longer manufacture our own products in house." You: "That sounds like quite a significant change. What has been the impact of that?" Auditee: "We now mainly sell other manufacturers' products, under their brand names, and have outsourced manufacture of our own brand products to one of our suppliers. Unfortunately, we had to make six members of our staff redundant. This represents about 20% of our workforce, so this has been quite a challenging time." You: "I'm sure. What were the reasons for making the change?" Auditee: "Our manufacturing section was a small operation, and we struggled to cope with fluctuations in demand. During busy periods, we found it hard to meet lead times, and in quiet periods we had staff with little to do. This was having an impact on customer satisfaction and meant we had to charge premium prices that made our product uncompetitive." You: "How did you go about the change?" In relation to the auditor's question about how the change was managed, the auditee mentions the steps listed below. Match the ISO 9001 clauses to the steps.
To complete the table, click on the blank section you want to complete so it is highlighted in red and then click on the ISO 9001 clauses listed below. Alternatively, drag and drop each clause to show which step the requirement applies to.
正解:
解説:
Explanation:
Here is the correct matching of ISO 9001:2015 clauses to the steps mentioned in the change management process:
* We identified risks and opportunities and fed these into our risk management processes.
* Clause 6.1 (Actions to address risks and opportunities)
* We found a suitable supplier.
* Clause 8.4 (Control of externally provided processes, products, and services)
* We monitored customer feedback and noticed an increase in negative feedback about lead times.
* Clause 9.1.2 (Customer satisfaction)
* We put together a plan for implementation.
* Clause 6.2.2 (Planning to achieve quality objectives)
* We monitored the performance of the new supplier.
* Clause 8.4.2 (Type and extent of control of external providers)
* We noticed that productivity targets were being missed.
* Clause 9.1.1 (Monitoring, measurement, analysis, and evaluation)
* We communicated the plan internally.
* Clause 7.4 (Communication)
* We looked at the data at the management review and decided we needed to do something different.
* Clause 9.3.2 (Management review inputs)
* We reorganised the staffing and implemented redundancies.
* Clause 7.1.2 (People)
* We set an objective to effectively implement the transition and outsource manufacturing.
* Clause 6.2.1 (Quality objectives and planning to achieve them)
This aligns the steps of the change process with relevant ISO 9001:2015 clauses related to risk, planning, communication, and monitoring.
質問 # 61
Select six of the activities that are specifically required by ISO 17021-1 as part third-party (Certification Body) surveillance audit processes.
- A. Verify legal compliance.
- B. Review the calibration status of the instrumentation.
- C. Confirm effectiveness of internal audit and management review.
- D. Review the status of previously raised findings and audit effectiveness of any outstanding findings.
- E. Handling of customer complaints since last visit.
- F. Conduct a minimum number of annual surveillance audits during the certification period.
- G. Complete a full document review of the quality management system.
- H. Review changes to the QMS since last visit.
- I. Failing to meet financial responsibilities.
- J. Audit use of certification marks on marketing materials.
正解:A、C、D、E、H、J
解説:
The activities that are specifically required by ISO 17021-1 as part of third-party (Certification Body) surveillance audit processes are:
*Option A: Audit use of certification marks on marketing materials. This option is correct because ISO 17021-
1:2015 clause 9.6.2.2 requires the certification body to audit the client's use of marks and/or any other reference to certification, as applicable, to ensure conformity with the certification requirements.
*Option B: Review changes to the QMS since last visit. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review any changes affecting the client's quality management system and its ability to continue to fulfil the requirements of the standard used for certification.
*Option C: Confirm effectiveness of internal audit and management review. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to confirm the continuing effectiveness of the client's quality management system, including the effectiveness of the internal audit and management review processes.
*Option F: Review the status of previously raised findings and audit effectiveness of any outstanding findings.
This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review the status of findings and any corrective actions taken by the client in response to previous audits, and to verify the effectiveness of the implemented corrective actions.
*Option H: Verify legal compliance. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to verify the client's compliance with applicable statutory and regulatory requirements related to the scope of certification.
*Option I: Handling of customer complaints since last visit. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review the client's handling of customer complaints related to the certified activities since the last audit.
The following options are not correct:
*Option D: Complete a full document review of the quality management system. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to complete a full document review of the quality management system during surveillance audits. A full document review is only required during the initial certification audit or when there are significant changes to the quality management system or the certification requirements.
*Option E: Failing to meet financial responsibilities. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to audit the client's financial responsibilities during surveillance audits. The certification body may have contractual arrangements with the client regarding the payment of fees, but this is not part of the surveillance audit process.
*Option G: Review the calibration status of the instrumentation. This option is not correct because ISO 17021-
1:2015 clause 9.6.2.2 does not require the certification body to review the calibration status of the instrumentation during surveillance audits. The certification body may audit the client's monitoring and measuring resources as part of the quality management system requirements, but this is not a specific activity required by ISO 17021-1.
*Option J: Conduct a minimum number of annual surveillance audits during the certification period. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to conduct a minimum number of annual surveillance audits during the certification period. The certification body may determine the frequency and duration of surveillance audits based on the risk and performance of the client, but this is not a specific activity required by ISO 17021-1.
References:
*ISO 17021-1:2015 Conformity assessment - Requirements for bodies providing audit and certification of management systems - Part 1: Requirements
*ISO 9001 Lead Auditor Course Material, Module 7: Audit Follow-up and Surveillance, Slide 8: Surveillance Audit
*ISO 9001 Lead Auditor Training Course - IRCA Certified, Section 7.2: Audit Follow-up and Surveillance
*Lead Auditor Exam Preparation Guide (EPG) Template - PECB, Section 3.2: Exam Content Outline, Subsection 3.2.1: Section 1 - Audit Fundamentals, Subsection 3.2.2: Section 2 - Audit Principles, Subsection
3.2.3: Section 3 - Audit Process, Subsection 3.2.4: Section 4 - Audit Competencies
質問 # 62
Read the following role descriptions. Select two roles that are not directly involved in the audit process.
- A. A guide - a person who is appointed by the auditee to assist the audit team during the audit.
- B. An observer - a person who sees the performance of the audit team leader, audit team members and/or auditee.
- C. An auditor-in-training - a person who accompanies the audit team leader or team members during the audit.
- D. An audit team leader - a person responsible for managing an audit until the audit is completed.
- E. An interpreter - a person who witnesses the audit to assist the auditors with language issues.
- F. A technical expert - a person who provides specific knowledge or expertise to the audit team but is not normally an auditor.
正解:B、E
質問 # 63
Which of the following three options could be considered potential threats to impartiality in an audit context?
- A. Self-audit
- B. Familiarity
- C. Experience
- D. Competence
- E. Intimidation
正解:A、B、E
解説:
Questions no: 1 Verified answer: = C, D, E Comprehensive But Short Explanation: = Potential threats to impartiality in an audit context include familiarity (having a close relationship with the auditee), intimidation (being coerced or feeling pressured), and self-audit (auditing one's own work). These factors can compromise the auditor's objectivity and the audit's integrity. References: = The information is based on the ISO 9001 Auditing Practices Group documents which discuss threats to auditor impartiality and how they may compromise an auditor's objectivity123.
質問 # 64
You are leading a Stage 2 certification audit of a multi-site organisation and have received the audit schedule below; Head Office and Site 1 - Day 1 Site 2 (150 Km from HQ) - Days 2 and 3 During Day 1 of the audit, the dient informs you that the laboratory at Site 2 has been dosed for decontamination due to a serious outbreak of an infectious disease among workers. In Site 2, all other functions could be audited as planned.
As the audit team leader, what would you do?
Choose the best acceptable action you could take:
Ask the audit Programme Manager for direction.
Complete the audit on day 3 and report back to the certification body for a certification decision.
Continue the audit on days 2 and 3 and return later to audit the Site 2 laboratory.
Immediately cancel the audit since the audit plan cannot be completed.
Who has the responsibility for assigning work to the audit team?
- A. The audit team member
- B. The audit team leader
- C. The auditee organisation
- D. The certification body
正解:B
解説:
In the context of ISO 9001:2015 audits, it is the audit team leader who holds the responsibility for assigning work to the audit team. According to ISO 19011:2018 (Guidelines for auditing management systems, which complements ISO 9001:2015), the audit team leader is responsible for the organization and direction of the audit, including assigning specific roles and responsibilities to audit team members. This includes preparation of the audit plan, leading the audit, and ensuring that each team member understands their tasks.
質問 # 65
Knowledge and skills are requirements of the auditor's competence. Select two from the following topics of knowledge that apply to every member of an audit team auditing an ISO 9001 quality management system.
- A. Organisation's invoicing and profits of the last 5 years
- B. ISO 19011 Audit principles
- C. Requirements of auditee's interested parties other than customers
- D. Organisation's processes
- E. Requirements of ISO 9001
- F. Organisation's market sector
正解:B、E
解説:
According to ISO 9001:2015, clause 7.2, an auditor shall have the competence to:
* Understand the requirements of ISO 9001 and how they relate to the audit
* Understand the organization's quality management system and its processes
* Understand the applicable legal, regulatory, contractual and other requirements that affect the audit
* Understand the needs and expectations of interested parties other than customers
* Plan and conduct audits in accordance with ISO 19011
* Evaluate audit evidence and draw appropriate conclusions
* Communicate audit findings effectively1
Therefore, knowledge of ISO 9001 requirements and ISO 19011 audit principles are essential for every member of an audit team auditing an ISO 9001 quality management system.
References:
* ISO 9001:2015 - Quality management systems - Requirements
* ISO 19011:2018 - Guidelines for auditing management systems
質問 # 66
Select the words that best complete the sentence:
正解:
解説:
Explanation:
According to the ISO 19011:2018 document, the audit plan should provide the basis for agreement regarding the conduct and scheduling of the audit activities. The amount of detail provided in the audit plan should reflect the scope and complexity of the audit, as well as the risk of not achieving the audit objectives1. The scope of the audit refers to the extent and boundaries of the audit, such as the audit criteria, the audit objectives, the organizational and functional units, and the processes to be audited1. The complexity of the audit refers to the degree of difficulty or intricacy of the audit, such as the number and diversity of the auditees, the audit criteria, the audit methods, and the audit team composition2. The risk of not achieving the audit objectives refers to the possibility that the audit may fail to provide reliable and sufficient audit evidence to support the audit conclusions and report1.
Therefore, the complete sentence is:
In the context of a third-party audit, the amount of detail provided in the audit plan should reflect the scope and complexity of the audit, as well as the risk of not achieving the audit objectives.
References: 1: ISO 19011:2018 - Guidelines for auditing management systems 2: Audit Complexity - an overview | ScienceDirect Topics
質問 # 67
You are carrying out an annual audit at an organisation that offers home security services. You are interviewing the Quality Manager (QM) You: "Would you tell me about your management review process?" QM: "The senior management team plans to review the management system every six months. The review follows a set agenda and records are maintained." You: "May I see the records from the last two management reviews?" Narrative: The Quality Manager gives you the latest record, which shows the last management review took place nine months ago.
The Quality Manager then gives you the previous management review record, which took place one year before the latest review.
You: "Are there any other review reports in the last two years?
QM: "No, these are the only ones."
正解:
解説:
Explanation:
Nonconformity report
ISO 9001 Clause Number: 9.3.1 Nature of problem: Management review has not been conducted at the defined frequency. ISO 9001 requirement that has not been fulfilled: ISO 9001 - "Top management shall review the organization's quality management system at planned intervals." Evidence: The last management review took place nine months ago, and the previous one took place one year before the latest review. The planned interval is six months.
質問 # 68
You will lead a third-party audit next Monday on ABC, an organisation that provides services for cleaning windows from the outside of tall buildings. They work on demand, and usually have 4-5 orders per week. All documented information on these activities is kept at the central office.
On Friday evening, before the audit, you are informed by mail that customers cancelled all orders for the next week; therefore, the auditors will not have the chance to see them working at the customer's premises, but the field supervisors will be available at the ABC offices.
You have prepared the audit plan and the checklist. Choose the best action you would take:
- A. Start the audit on Monday as planned, interviewing the functions that regularly work at the central office, and visit another customer's premises they cleaned the week before.
- B. Complete the audit but ask the quality manager to clean some windows at the ABC's office, simulating the process they carry out at customers' premises.
- C. Ask the Certification Body you work for how to proceed with the audit.
- D. Start the audit on Monday at ABC's as planned, interviewing the functions that regularly work at the central office, and plan visits to ABC customers wherever they may be working during the following week.
正解:C
解説:
According to ISO 19011:2018, clause 6.3.3, the audit plan should be reviewed and revised as necessary to address changes that occur during the audit planning. The audit plan should be agreed upon, preferably in writing, by the audit team leader, the audit client and the auditee1. Therefore, if there is a significant change in the auditee's situation, such as the cancellation of all orders for the next week, the audit plan should be reviewed and revised accordingly, with the agreement of all parties involved.
According to ISO/IEC 17021-1:2015, clause 9.1.4, the certification body should have a process to ensure that the audit team has the competence to achieve the audit objectives, and that the audit methods are appropriate for the scope and complexity of the audit. The certification body should also have a process to ensure that the audit is conducted under reasonable conditions and within a reasonable time frame2. Therefore, if there is a risk that the audit objectives cannot be achieved, or that the audit methods are not suitable, due to the change in the auditee's situation, the certification body should be consulted and informed on how to proceed with the audit.
Therefore, the best action to take is B, ask the certification body you work for how to proceed with the audit.
This action will ensure that the audit plan is revised and agreed upon by all parties, and that the audit team has the competence and the methods to conduct the audit effectively and efficiently. The other options are not correct, as they may compromise the quality and validity of the audit:
*A. Start the audit on Monday at ABC's as planned, interviewing the functions that regularly work at the central office, and plan visits to ABC customers wherever they may be working during the following week:
This action may not be feasible or acceptable, as it may extend the audit duration and cost beyond the agreed terms, and it may not provide sufficient and appropriate audit evidence to verify the conformity and effectiveness of the auditee's processes. Moreover, this action may not be agreed upon by the audit client and the auditee, and it may not be approved by the certification body.
*C. Start the audit on Monday as planned, interviewing the functions that regularly work at the central office, and visit another customer's premises they cleaned the week before: This action may not be relevant or reliable, as it may not reflect the current performance and condition of the auditee's processes. The audit evidence collected from the previous customer may not be valid or representative of the audit criteria, and it may not address the risks and opportunities associated with the auditee's context and objectives. Moreover, this action may not be agreed upon by the audit client and the auditee, and it may not be approved by the certification body.
*D. Complete the audit but ask the quality manager to clean some windows at the ABC's office, simulating the process they carry out at customers' premises: This action may not be objective or impartial, as it may introduce bias and influence in the audit process. The audit evidence collected from the simulated process may not be accurate or authentic, and it may not demonstrate the actual capability and effectiveness of the auditee's processes. Moreover, this action may not be ethical or professional, as it may compromise the integrity and credibility of the audit and the certification.
References: ISO 19011:2018(en), Guidelines for auditing management systems, ISO/IEC 17021-1:2015(en), Conformity assessment - Requirements for bodies providing audit and certification of management systems
- Part 1: Requirements
質問 # 69
You are carrying out an audit at a single-site organisation seeking certification to ISO 9001 for the first time.
The organization manufactures cosmetics for major retailers and the name of the retailer supplied appears on the product packaging. Sales turnover has increased significantly over the past five years.
You are interviewing the new Product Development Manager. You note that a software application called SWIFT is used to help control the product development process.
You have gathered audit evidence as outlined in the table. Match the ISO 9001 clause 8.3 extracts to the audit evidence.
正解:
解説:

質問 # 70
Which one of the following options is the definition of the context of an organisation?
- A. Coordination of internal and external issues that can have a positive or negative effect on an organisation's success.
- B. Complexity of internal and external issues that can have an effect on an organisation's approach to developing and achieving its purpose.
- C. Combination of internal and external issues that can have an effect on an organisation's approach to developing and achieving its objectives.
- D. Comparison of internal and external issues that can have an effect on an organisation's desire to achieve its objectives.
正解:C
解説:
Understanding "Context of the Organization":The term "context of the organization" is defined in ISO
9001:2015 Clause 4.1, which states:
"The organization shall determine external and internal issues that are relevant to its purpose and its strategic direction and that affect its ability to achieve the intended result(s) of its quality management system.
"
The definition emphasizes identifying both internal and external issues that influence the organization's approach to developing and achieving its objectives.
Option Analysis:
* Option A:Correct. This option aligns with the standard definition as it explicitly mentions the combination of internal and external issues that affect the organization's approach to achieving its objectives, which is the essence of Clause 4.1.
* Option B:Incorrect. The term "comparison of internal and external issues" does not reflect the ISO
9001 requirements. The standard does not require a comparison but rather an understanding of these issues.
* Option C:Incorrect. Although it mentions "complexity," the focus of ISO 9001:2015 is on identifying relevant issues rather than the complexity of those issues.
* Option D:Incorrect. This option mentions "coordination" and focuses only on the positive or negative effects. ISO 9001 requires identifying issues but does not emphasize coordination.
Clause Reference and Relevance:ISO 9001:2015 requires organizations to understand their context because internal and external factors can influence the Quality Management System's effectiveness. Understanding this context helps in:
* Addressing risks and opportunities (Clause 6.1).
* Aligning the QMS with the organization's strategic direction.
Why A is Correct:"Combination of internal and external issues" captures the essence of Clause 4.1, making it the accurate definition of the context of the organization.
質問 # 71
You, as auditor, are in dialogue with the quality lead and managing director of a small business that supplies specialist laboratory equipment and furniture.
You: "I'd like to look at how you manage change in the organisation. What changes have you made as a business, say, over the last 12 months?" Auditee: "We have made some strategic changes, the main one being that we no longer manufacture our own products in house." You: "That sounds like quite a significant change. What has been the impact of that?" Auditee: "We now mainly sell other manufacturers' products, under their brand names, and have outsourced manufacture of our own brand products to one of our suppliers. Unfortunately, we had to make six members of our staff redundant. This represents about 20% of our workforce, so this has been quite a challenging time." You: "I'm sure. What were the reasons for making the change?" Auditee: "Our manufacturing section was a small operation, and we struggled to cope with fluctuations in demand. During busy periods, we found it hard to meet lead times, and in quiet periods we had staff with little to do. This was having an impact on customer satisfaction and meant we had to charge premium prices that made our product uncompetitive." You: "How did you go about the change?" The auditor asks to speak to the purchasing manager about the selection of the subcontractor to manufacture the company's own brand products.
You: "How did you choose a supplier to manufacture your products?"
Auditee: "We have had a long-term relationship with a supplier ABC Ltd - we gave them our design drawings, got them to complete a supplier questionnaire and run a couple of trial batches for us. We were happy with the result and we have used them ever since." ISO 9001:2015, clause 8.4.1 outlines situations when controls need to be applied to externally provided processes, products and services. Which one of the following situations is applicable to this scenario?
- A. A process or part of a process is provided by an external provider as a result of a decision by the organisation.
- B. Products and services for which the customer(s) supplies materials
- C. Products and services are provided directly to the customer(s) by external providers on behalf of the organisation.
- D. Raw materials from external providers are intended for incorporation into the organisation's own products.
正解:A
解説:
According to the ISO 9001:2015 standard, clause 8.4.1 requires organizations to ensure that externally provided processes, products and services conform to requirements. Controls must be applied to externally provided processes, products and services when:
The products and services are intended for incorporation into the organization's own products and services.
They are provided directly to customers by the external provider on behalf of the organization.
A process, or part of a process, is provided by an external provider as a result of a decision by the organization.
In this scenario, the auditee has chosen a supplier to manufacture their own brand products based on their design drawings, supplier questionnaire and trial batches. This means that the supplier is providing a process (manufacturing) as a result of a decision by the organization (the auditee). Therefore, clause 8.4.1 applies to this situation.
質問 # 72
XYZ Corporation employs 100 people, and during a Stage 1 certification audit, certain issues are identified with the Quality Management System (QMS). Which two options describe the circumstances in which you could raise a nonconformity against Clause 6.2 of ISO 9001:2015?
- A. The organisation cannot afford to undertake quality objectives all at once.
- B. Quality objectives were not established in alignment with the organisation's quality policy.
- C. Quality objectives are not maintained as documented information.
- D. The consultant has not interpreted ISO 9001 correctly.
- E. Quality objectives are not being implemented by the organisation's personnel.
- F. Establishing quality objectives did not include top management.
正解:B、C
解説:
* Understanding Clause 6.2 of ISO 9001:2015:Clause 6.2 (Quality Objectives and Planning to Achieve Them) specifies that organizations must:
* Establish measurable and relevant quality objectives consistent with the quality policy (Clause
6.2.1).
* Include objectives applicable to product/service conformity and customer satisfaction.
* Document these objectives and their planning as documented information (Clause 6.2.1 &
6.2.2).
* Plan how to achieve the objectives, including defining actions, resources, responsibilities, timelines, and methods for evaluation.
* Analysis of Options:
* A. Quality objectives are not being implemented by the organisation's personnel:Incorrect.
While implementation is critical, this relates more to operational aspects rather than the direct requirements of Clause 6.2. Implementation issues would typically raise concerns under Clause
9.1 (Performance Evaluation).
* B. The consultant has not interpreted ISO 9001 correctly:Incorrect. The consultant's interpretation of ISO 9001 is irrelevant in terms of Clause 6.2 compliance. The focus is on whether the organization aligns with the requirements, not the consultant's role.
* C. Establishing quality objectives did not include top management:Incorrect. While top management involvement is vital for QMS effectiveness (Clause 5.1), this is not a direct requirement of Clause 6.2. Top management alignment is implied but not explicitly mandated for establishing quality objectives.
* D. Quality objectives were not established in alignment with the organisation's quality policy:Correct. Clause 6.2.1 requires that quality objectives be consistent with the organization's quality policy, ensuring they reflect its purpose, strategic direction, and commitment to continual improvement. Misalignment would constitute a nonconformity.
* E. The organisation cannot afford to undertake quality objectives all at once:Incorrect.
Financial constraints are not directly addressed in Clause 6.2. The clause focuses on planning to achieve objectives, which includes defining the necessary resources but does not demand achieving all objectives simultaneously.
* F. Quality objectives are not maintained as documented information:Correct. Clause 6.2.1 specifically requires that quality objectives be maintained as documented information. Failure to document the objectives is a direct violation of this clause.
* Why Options D and F Are Correct:
* D: Misalignment between the quality objectives and the quality policy directly violates Clause
6.2.1, which mandates that objectives support the strategic direction of the organization.
* F: Lack of documentation for quality objectives breaches the requirement to maintain them as documented information under Clause 6.2.1.
* Relevant References:
* Clause 6.2.1: Establishing quality objectives aligned with the quality policy.
* Clause 6.2.2: Maintaining documented information for quality objectives and planning to achieve them.
* Clause 5.1.1: Top management's responsibility to ensure alignment between the QMS and strategic direction.
質問 # 73
You are carrying out an audit at a single-site organisation seeking certification to ISO 9001 for the first time.
The
organisation manufactures cosmetics for major retailers and the name of the retailer supplied appears on the product packaging. Sales turnover has increased significantly over the past five years. The organisation uses a software programme called SWIFT, which is used to record sales, plan production, purchase supplies, print despatch notes, track new product development, perform traceability exercises, carry out mass balance checks, raise invoices, create budgets, and support financial control.
You are nearing the end of the audit and you are reviewing your audit notes. You notice a recurring trend concerning the SWIFT database as shown below:
You ask the Quality Manager to explain how the SWIFT database is controlled. You learn that the Operations Director is responsible for determining and progressing SWIFT software updates. You decide to meet the Operations Director (OD).
You: "Good afternoon."
OD: "Good afternoon."
You: "What responsibility do you have concerning the SWIFT database?"
OD: "I maintain it. If anyone wishes to propose an update to the database, they send me an email with details of their proposal. I then either process the database update myself, or I send the request to the consultant who designed the database 20 years ago. The necessary software changes are made, and the amended software is immediately released to users." You: "Would you explain how the software amendments are controlled?" OD: "Of course. I personally update every computer myself." You: "Do you inform the database users of the changes?" OD: "No I don't. They find out for themselves by using the software, or they come to see me if they have any questions." You: "How do you ensure that the database users use the latest version?" OD: "That's easy, I update every computer myself." You: "During the audit, I noted there were several versions of SWIFT in use (you refer to your audit notes)." OD: "I know. That's because some versions work better than others, and depending on user needs and experiences, we allow users to revert to using an earlier version if they find it works better for them." Based on the scenario, which two of the following statements are true? There is evidence of nonconformity with a requirement defined in ...
- A. clause 7.5.1 Documented information - General
- B. ... clause 7.1.4 Environment for the operation of processes
- C. ... clause 7.5.3 Control of documented information
- D. clause 7.1.3 Infrastructure
- E. ... clause 7.5.2 Documented information - Creating and updating
正解:A、C
解説:
Based on the scenario provided, there is evidence of nonconformity with the requirements defined in:
C: Clause 7.5.1 Documented information - General: The scenario indicates that there is no formal process for informing users about updates to the SWIFT database, which suggests a lack of control over documented information. This could lead to users being unaware of important changes and not using the latest version of the software, which is required by the quality management system1.
E: Clause 7.5.3 Control of documented information: The Operations Director's approach to updating the SWIFT database and the lack of communication to users about these updates indicate that the documented information is not adequately controlled. Allowing users to revert to earlier versions of the software at their discretion further suggests that the organization does not have a proper mechanism in place to ensure the integrity and suitability of documented information2.
These clauses are part of the ISO 9001:2015 standard, which requires organizations to have a systematic approach to controlling and managing documented information as part of their quality management system.
The scenario described shows a casual approach to managing critical software updates, which could affect the organization's ability to consistently meet customer and regulatory requirements.
質問 # 74
Select six of the activities that are specifically required by ISO 17021-1 as part third-party (Certification Body) surveillance audit processes.
- A. Verify legal compliance.
- B. Review the calibration status of the instrumentation.
- C. Confirm effectiveness of internal audit and management review.
- D. Review the status of previously raised findings and audit effectiveness of any outstanding findings.
- E. Handling of customer complaints since last visit.
- F. Conduct a minimum number of annual surveillance audits during the certification period.
- G. Complete a full document review of the quality management system.
- H. Review changes to the QMS since last visit.
- I. Failing to meet financial responsibilities.
- J. Audit use of certification marks on marketing materials.
正解:A、C、D、E、H、J
解説:
The activities that are specifically required by ISO 17021-1 as part of third-party (Certification Body) surveillance audit processes are:
*Option A: Audit use of certification marks on marketing materials. This option is correct because ISO
17021-1:2015 clause 9.6.2.2 requires the certification body to audit the client's use of marks and/or any other reference to certification, as applicable, to ensure conformity with the certification requirements.
*Option B: Review changes to the QMS since last visit. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review any changes affecting the client's quality management system and its ability to continue to fulfil the requirements of the standard used for certification.
*Option C: Confirm effectiveness of internal audit and management review. This option is correct because ISO
17021-1:2015 clause 9.6.2.2 requires the certification body to confirm the continuing effectiveness of the client's quality management system, including the effectiveness of the internal audit and management review processes.
*Option F: Review the status of previously raised findings and audit effectiveness of any outstanding findings.
This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review the status of findings and any corrective actions taken by the client in response to previous audits, and to verify the effectiveness of the implemented corrective actions.
*Option H: Verify legal compliance. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to verify the client's compliance with applicable statutory and regulatory requirements related to the scope of certification.
*Option I: Handling of customer complaints since last visit. This option is correct because ISO 17021-1:2015 clause 9.6.2.2 requires the certification body to review the client's handling of customer complaints related to the certified activities since the last audit.
The following options are not correct:
*Option D: Complete a full document review of the quality management system. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to complete a full document review of the quality management system during surveillance audits. A full document review is only required during the initial certification audit or when there are significant changes to the quality management system or the certification requirements.
*Option E: Failing to meet financial responsibilities. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to audit the client's financial responsibilities during surveillance audits. The certification body may have contractual arrangements with the client regarding the payment of fees, but this is not part of the surveillance audit process.
*Option G: Review the calibration status of the instrumentation. This option is not correct because ISO
17021-1:2015 clause 9.6.2.2 does not require the certification body to review the calibration status of the instrumentation during surveillance audits. The certification body may audit the client's monitoring and measuring resources as part of the quality management system requirements, but this is not a specific activity required by ISO 17021-1.
*Option J: Conduct a minimum number of annual surveillance audits during the certification period. This option is not correct because ISO 17021-1:2015 clause 9.6.2.2 does not require the certification body to conduct a minimum number of annual surveillance audits during the certification period. The certification body may determine the frequency and duration of surveillance audits based on the risk and performance of the client, but this is not a specific activity required by ISO 17021-1.
References:
*ISO 17021-1:2015 Conformity assessment - Requirements for bodies providing audit and certification of management systems - Part 1: Requirements
*ISO 9001 Lead Auditor Course Material, Module 7: Audit Follow-up and Surveillance, Slide 8: Surveillance Audit
*ISO 9001 Lead Auditor Training Course - IRCA Certified, Section 7.2: Audit Follow-up and Surveillance
*Lead Auditor Exam Preparation Guide (EPG) Template - PECB, Section 3.2: Exam Content Outline, Subsection 3.2.1: Section 1 - Audit Fundamentals, Subsection 3.2.2: Section 2 - Audit Principles, Subsection
3.2.3: Section 3 - Audit Process, Subsection 3.2.4: Section 4 - Audit Competencies
質問 # 75
Noitol is an organisation specialising in the design and production of e-learning training materials for the insurance market. During an ISO 9001 audit of the development department, the auditor asks the Head of Development about the process used for validation of the final course design. She states that they usually ask customers to validate the product with volunteers. She says that the feedback received often leads to key improvements.
The auditor samples the design records for a recently completed course for the 247 Insurance organisation.
Design verification was carried out but there was no validation report. The Head of Development advises that this customer required the product on an urgent basis, so the validation stage was omitted. When asked, the Head estimates that this occurs about 50% of the time. She confirms that they always ask for feedback and often make changes. There is no record of feedback in the design file for the course.
The auditor decides to review the training course design process in more depth.
Select three options that provide a meaningful audit trail for this process.
- A. How is the cost of the course calculated?
- B. How is customer feedback integrated into the course?
- C. How is design documentation controlled and managed?
- D. How are students advised about prior learning requirements?
- E. How is technical content of courses verified as correct?
- F. How is the tutor trained to deliver the completed course?
- G. What are the qualifications of the administrative staff?
- H. What risks and opportunities have been notified to interested parties?
正解:B、C、E
解説:
According to clause 8.3 of ISO 9001:2015, the organization should establish, implement, and maintain a design and development process that is appropriate to ensure the subsequent provision of products and services. The design and development process should include the following activities:
*Determining the requirements for the products and services to be designed and developed, considering the intended use, the statutory and regulatory requirements, the customer and other relevant interested parties' needs and expectations, and the potential risks and opportunities.
*Defining the design and development objectives, stages, responsibilities, and authorities, and ensuring the availability of adequate resources and competence.
*Implementing design and development controls, such as reviews, verification, and validation, to ensure that the design and development outputs meet the design and development inputs, and to identify and resolve any problems or errors.
*Maintaining documented information on the design and development inputs, outputs, reviews, verification, validation, and changes, and ensuring the traceability and conformity of the products and services to the requirements.
*Managing the design and development changes, by identifying, reviewing, and controlling them, and evaluating their effects on the products and services and the QMS.
In this case, the evidence statements that provide a meaningful audit trail for the design and development process are B, E, and F, because they relate to the design and development controls, the documented information, and the verification activities that are required by the standard. These options can help the auditor to assess the effectiveness and conformity of the design and development process, and to identify any nonconformities or opportunities for improvement. The other options are not directly related to clause 8.3, although they may be relevant for other aspects of the QMS, such as clause 7.2 on competence, clause 7.3 on awareness, clause 7.4 on communication, clause 8.2 on requirements for products and services, clause 8.4 on externally provided processes, products, and services, and clause 8.7 on control of nonconforming outputs.
References: ISO 9001:2015, ISO 9001 Auditing Practices Group Guidance on Design and Development, ISO
9001 Clause 8.3 Design and development of products and services
質問 # 76
You work as an external quality consultant for an organisation, 'A', which provides packaged food to the public. You are asked to lead a team (you as the leader and two other auditors) to audit a supplier, 'B', to ISO
9001 which provides packaging materials to your organisation. It is 4 pm and the audit is close to an end; you are having an internal meeting with the team to decide what will be presented to the auditee during the Closing meeting. The Closing meeting was scheduled at 5 pm.
You, as Audit Team Leader, audited top management. You explain to the audit team that you identified two nonconformities:
a. There is no documented information on Top Management Reviews, as required in clause 9.3 of ISO 9001:
2015.
b. There is no evidence of Top Management Commitment as required in clause 5.1 of ISO 9001:2015. (e.g., not ensuring the availability of resources to operate the QMS, not ensuring the establishment of objectives, no promotion of improvement, no promotion of the process approach).
All agreed to present these two nonconformities. They went to meet the Top Management of 'B' and noticed that the General Manager and three other managers (Production, Human Resources, and Sales) were present in the meeting room.
Considering the seriousness of the two nonconformities to Top Management, as audit team leader, from the following select the best option:
- A. Present the nonconformities to the whole group and analyse with them how to overcome this situation.
- B. Present the nonconformities to the whole group and inform that you will recommend your company to remove them from the approved suppliers list.
- C. Present the nonconformities to the managers, inform them that the report will be sent within 10 days, close the meeting and leave the site.
- D. Ask the General Manager to have a private conversation in which you present the nonconformities only to him because of their sensitive nature.
正解:A
解説:
According to the guidance on conducting the audit closing meeting1, the audit team leader should provide a summary of the audit findings and conclusions, invite discussions, and agree on timelines for any corrective actions. The audit team leader should also be respectful, constructive, and objective when presenting the nonconformities, and avoid any personal or emotional comments. The audit team leader should also consider the impact of the disruptive event (such as the Covid-19 pandemic) on the auditee's context, interested parties, and risks2, and acknowledge any good practices or improvements observed during the audit. Therefore, option D is the best option, as it follows the best practices for the closing meeting and allows the auditee to understand the nonconformities and their implications, and to participate in the analysis and resolution of the issues. Option A is not correct, as it is not respectful, constructive, or objective, and it does not invite any discussion or feedback from the auditee. It also assumes that the audit team leader has the authority to recommend the removal of the supplier from the approved list, which may not be the case. Option B is not correct, as it does not provide enough information or explanation to the auditee, and it does not allow any discussion or feedback from the auditee. It also does not follow the best practices for the closing meeting, such as providing a summary of the audit, acknowledging any good practices, and agreeing on timelines for corrective actions. Option C is not correct, as it does not involve the other managers who are responsible for the functions or processes that were audited, and who may have valuable input or information to share. It also does not follow the best practices for the closing meeting, such as providing a summary of the audit, inviting discussions, and agreeing on timelines for corrective actions. References: 1: Conducting the Audit Closing Meeting: Sharing the Results2: Auditing ISO 9001:2015 in the Context of a Disruptive Event.
質問 # 77
......
最新の2025年最新の実際に出ると確認されたISO-9001-Lead-Auditor問題集で100%無料ISO-9001-Lead-Auditor試験問題集:https://www.passtest.jp/PECB/ISO-9001-Lead-Auditor-shiken.html
無料提供中2025年最新の無料更新されたPECB ISO-9001-Lead-Auditor試験問題と解答:https://drive.google.com/open?id=19HDsoKIdImus6FrXR6hGgvdmZIeS0FzH