Home Resources Blog December 2017

What The Code Of Practice Requires You To Do

11 December 2017
QuEST Forum’s Code of Practice (CoP) includes several requirements specifically aimed at TL 9000-registered companies: do you know what they are?

QuEST Forum's code of practice

Did you know that QuEST Forum publishes a Code of Practice (CoP)? Since it always used to be billed as “Code of Practice for TL 9000 Certification Bodies”, most TL-registered organizations probably felt they could safely ignore it – no doubt feeling (not without justification) that, what with the TL 9000 Requirements Handbook, the Measurements Handbook and the Product & Service Category Tables (with their frequent updates) plus the TL 9000 Information Alerts, they already had plenty to keep track of.

But, with the latest Revision 7.2 of the CoP, it’s been renamed “Code of Practice for the TL 9000 Certification Process” – reflecting the fact that it does not apply exclusively to certification bodies (CBs), and actually never really did. In fact, it includes several requirements specifically aimed at TL-registered companies! Do you know what they are?

Your code of practice requirement no. 1

When a nonconformity is raised during a CB audit, the organization must provide the CB with a corrective action plan within 30 days. That plan must include details of any containment actions (corrections) taken, the results of root cause analysis of the issue, and target implementation dates for the corrective actions decided on.

Furthermore, if the nonconformity is a major, then the organization must provide evidence within 90 days that the action plan has been implemented. This happens to align with NQA’s own requirements for NCR responses across most management system standards, not only TL 9000.

Your code of practice requirement no. 2

The organization must provide its CB with prescribed Pre-Audit Information no less than three weeks prior to each audit. The list of the required information includes a cross-reference of TL 9000’s requirements to the organization’s processes (also known as a requirements applicability matrix) and, for multi-sites and the like, a list of which processes are performed at the particular sites to be audited.

Information about employee counts, products and services, outsourced entities and any significant changes is also required. NQA’s TL 9000 Pre-Audit Information form has been designed to capture all of the required Pre-Audit Info. Once an organization has completed the form once, it can merely update it as needed for future audits.

Your code of practice requirement no. 3

This requirement applies only to organizations whose registration includes product category 7.1.1 Installation or 7.1.4 Tower Construction. Such an organization must work with its CB auditors to facilitate an audit of an active installation or construction site during its Stage 2 audit and at least once during each subsequent 3-year certification cycle. The organization must work with its customer and with the audit team to coordinate access to the site. Note that a remote (a.k.a. virtual) audit of the site may be performed if it can be done effectively and satisfies International Accreditation Forum requirements (documented in IAF MD 4).

During any other audit year in which the installation process will be audited but an active site will not be visited, the organization must make an installer available to be interviewed, and must provide for review any requested documented information which it has retained as evidence of process activities. If the audit team decides that, after all, they need to visit an active site, then the organization again has to look after the arrangements needed to make that happen within a reasonable timeframe.

The code of practice: “nice to know”

In addition to the three requirements listed above – which are “need to know” for organizations – the Code of Practice as a whole can definitely be considered “nice to know”, since it provides a comprehensive list of what the CB’s audit team will be looking for when it comes to visit. The CoP lays out a laundry list of specific things that the auditors will ask about, including any product recalls, any customer audits, and any corrective actions that are overdue or else have been open for more than nine months.

There are also detailed directions for the audit of the TL 9000 Measurements process, most of which aligns with the organization’s requirements in clause 3.5.2 of the Measurements Handbook. (Refer as well to my blog post about auditing the Measurements.)

A look through the CoP, to learn something about how the audit team will be going about its work, will be useful for organizations getting newly certified to TL 9000, as well as for new quality managers, process owners and anyone who hasn’t experienced a TL audit before. The current Rev. 7.2 is available at this link.

Author: Rick Hill, NQA USA TL 9000 Program Manager