VDA_6.3_EN_Yellow_Volume_.pdf.pdf - 第22页

20 • Pr ocess auditor s must not accep t assignmen ts that would cau se them a conflic t of interest s. • Process auditor s must not ac cept assignmen ts that they cannot carry out properly beca use of a lack of expertis…

3.2 Product/process-related knowledge of the auditors

The quality of an audit is determined to a large extent by the product/process-

related knowledge of the auditors. There are various ways to gain this

knowledge and to use it during an audit. This can for example be done by:

• Getting experts involved when evaluating product/process-specific

aspects if the process auditor doesn’t have the necessary expertise

• Auditors doing their own research prior to the audit, e.g. by consulting

specialist literature, online forums and industry standards as well as

knowledge databases

• Coordination with internal and external experts

• Drawing conclusions from previous audits

In order to systematically capture and expand this “expert knowledge” and to

make it available to the auditors, it is recommendable to build up a knowledge

database. The sources of such knowledge can for example be typical errors

that have occurred or internal lessons learned. It must be ensured that infor-

mation (from the customer, from the supplier, or from within the organization)

remains confidential.

In addition, it should be noted that the resulting questions do not lead to addi-

tional requirements that go beyond the contractually agreed requirements.

Knowledge databases can for example be made available in the form of Wikis

or process-related lists.

3.3 Code of conduct for auditors

• Process auditors must use their professional skills and judgment,

while respecting the law and upholding the principles of honesty and

integrity.

• Process auditors must continually develop their expertise. They main-

tain their knowledge and skills with respect to audit procedures, QM

systems, products and processes as well as specialized methods,

procedures and relevant standards. They must be familiar with the

quality requirements for products as well as the specific process risks

and the possible impact on the manufactured products.

• Process auditors must always behave in a way that does not endan-

ger the image and reputation of their own organization.

• Process auditors must not accept assignments that would cause

them a conflict of interests.

• Process auditors must not accept assignments that they cannot carry

out properly because of a lack of expertise.

• Process auditors are bound to secrecy regarding confidential infor-

mation that they have acquired through their professional activities.

4 Notes on conducting remote audits

Process audits according to the present VDA 6.3 audit standard are generally

conducted on site.

Taking risks factors/influencing factors for auditors, auditees as well as prod-

ucts and processes into account, remote audits can in individual cases be

carried out.

The organization conducting the audit bears overall responsibility for planning

the scope/the elements of the audit and selecting the audit method, provided

that the customer has not stipulated otherwise. It is recommendable to define

a company-specific procedure for internal and external audits.

4.1 Definition of a remote audit

“Remote audits” are defined in the ISO 19011 and can be carried out inter-

nally as well as externally.

4.2 Definition of a hybrid audit

Hybrid audits are a combination of a remote audit and an on-site audit. In this

regard, chapter 4.6 “Suitability of individual process elements/questions for

conducting remote audits (process elements P2-P7)” must be taken into ac-

count.

4.3 Instructions for use

Generally, remote audits cannot constitute a full process audit (P2-P7) in ac-

cordance with VDA 6.3. This is due to a lack of transparency during the audit

process and due to technical, legal as well as data protection issues. The

same applies to potential analyses (P1), which can only be carried out to a

limited extent without a visit to the supplier’s premises. However, provided

that risk factors / influencing factors are taken into account, hybrid audits can

be considered full audits.

The “

rule” (see chapter 6.1) regarding the number of evaluation questions

is still applied.