Posted by & filed under QUALITY SYSTEM DEVELOPMENT.

We are breathing a sigh of relief at Qualidoc. The new package is ready for downloading, with samples from updated documents and paid access to the updated version of our popular Internal Audit Checklist, Quality Policy Manual and Quality Assurance Procedures Manual. The policies are critical for establishing the commitment by senior management to the quality system and showing their understanding of what that commitment entails in resources. The procedures show you how.

So why are we so chuffed? This is why….

QUALIDOC is a quality system development package comprising

o QUALITY POLICY MANUAL
o QUALITY ASSURANCE PROCEDURES MANUAL
o INTERNAL AUDIT CHECKLIST

The package is downloaded via the QUALIDOC website for a user fee. Free samples of the upated documents are available via free registration. (310 organisations from 32 countries are registered currently). The older versions are available for a limited time.

QUALIDOC enables the user to implement and maintain:

QUALITY MANAGEMENT SYSTEMS – REQUIREMENTS (ISO9001:2008)

AND

QUALITY MANAGEMENT SYSTEMS – REQUIREMENTS FOR AVIATION, SPACE AND DEFENSE ORGANIZATIONS (AS9100C and AS9101 Revision E)

QUALIDOC can be used to conduct a gap analysis to ensure continuity and clarity of processes, documentation, responsibility and authority within the organisation, from Request for Quotation and contract review (customer requirements) to delivery.

**Anticipated changes in ISO9001:2015 are covered via the Internal Audit Checklist.

QUALIDOC IS ONLINE

Qualidoc’s templates are available through a secure login area of the website for members. Once signed up, members have access to all the documents listed below. This gives the following benefits:
• The Qualidoc templates are stored in a central location
• The default Qualidoc templates are always available, should members need to go back to them
• The templates are always kept up to date with any changes; once these are made by Qualidoc they’re immediately available to all members
• Each section is neatly separated but linked within the website and the document templates, to make it easy to find and use them

QUALITY POLICY MANUAL

This Manual identifies top level organization responsibility and authority for, and commitment to, the quality system, including sample corporate quality policy. It shows what has to be done and what is needed to meet the requirements and who is responsible and has the authority for each quality system process.

QUALITY ASSURANCE PROCEDURES MANUAL
This Manual supports the commitment made in the Quality Policy Manual. Template procedures and basic forms (with links) are provided to establish and maintain the flow of quality system processes, with authority and responsibility.

INTERNAL AUDIT CHECKLIST INDEX
Quality Manual
Management Responsibility and Authority
Customer Requirements (Contract Review)
Documentation Requirements (Quality Records)
Purchasing
Production Planning and Realisation
Inspection and Testing (Receiving)
Inspection and Testing (In-Process)
Inspection and Testing (Final)
Inspection and Testing (Inspection and Test Status)
First Article Inspection (FAI)
Inspection, Measuring and Test Equipment (IM+TE)
Control of Nonconformity: Items and Conditions
Handling, Storing, Packaging, Preservation & Delivery (Shipping)
Resource Management
Service Realisation – Customer Site
Measurement and Analysis
Design and Development Control

QUALITY POLICY MANUAL: TABLE OF CONTENTS

1 COMPANY CERTIFICATION

2 MANAGEMENT RESPONSIBILITY and AUTHORITY
IMH Quality Policy 1
Organization (Responsibility and Authority) 2
Management Review 3
Internal Quality Audits 4
Quality Assurance Organization Chart 5
Corporate Organization Chart 6

3 CUSTOMER REQUIREMENTS 1
(CONTRACT REVIEW)

4 DOCUMENTATION REQUIREMENTS (Quality Records) 1
5 PURCHASING 1

6 PRODUCTION AND SERVICE REALISATION 1

7 INSPECTION AND TESTING

8 INSPECTION, MEASURING AND TEST EQUIPMENT 1

9 CONTROL OF NON-CONFORMITY
Items and Conditions 1
Quality Assurance Team 2

10 HANDLING, STORAGE, PACKAGING, PRESERVATION AND DELIVERY 1

11 RESOURCE MANAGEMENT

12 DESIGN and DEVELOPMENT

Planning and Objectives 1
Design Verification and Validation 2
Design Review 3

13 MEASUREMENT and ANALYSIS

14 DEFINITIONS

QUALITY ASSURANCE PROCEDURES MANUAL

TABLE OF CONTENTS

1 COMPANY CERTIFICATION

2 CUSTOMER REQUIREMENTS (CONTRACT REVIEW)

3 DOCUMENTATION REQUIREMENTS

4 PURCHASING
Supplier Assessment 1
Purchasing Data 2

5 PRODUCTION PLANNING and REALISATION
Process Control 1
Product Identification and Traceability 2

6 INSPECTION AND TESTING
Receiving 1
In Process 2
Final 3
Inspection and Test Status 4
Customer-Supplied Items 5
First Article Inspection 6

7 CONTROL OF MONITORING and MEASURING EQUIPMENT
Calibration and Control 1
IM&TE Sample List 2

8 CONTROL of NONCONFORMITY
Items and Conditions 1
Internal Audits 2

9 HANDLING, STORAGE, PACKAGING, PRESERVATION,
and DELIVERY

10 RESOURCE MANAGEMENT

11 MEASUREMENT and ANALYSIS
Customer Complaints

12 DESIGN and DEVELOPMENT CONTROL

Posted by & filed under AS9100.

AS9100:2016 is floating around in draft. I have read it and it doesn’t keep me awake at night. Risk assessment and management are still flavours of the month.

Tackling risk assessment and management can be intimidating, but if we can keep our heads when all around are losing theirs we shall not waste time and money. We should not lose sight of the business processes which are familiar to us and which we assess every day for their integrity and customer satisfaction.

I believe that we are looking at this horse from the wrong angle. Instead of treating risk assessment and management as a sort of cloudy project from which anything could appear to frighten us, why not start with the following from my Qualidoc Internal Audit Checklist which is based on the AS100C standard combined with ISO9001:2008 (2015)? There are 14 sets of questions covering all sections of the standards.The set below is for auditing Resource Management. If you use the responses to these questions as markers for your risk assessment and management you will have a good grasp of the requirements. I have left three numbered blank spaces at the end of each set of questions to allow the auditor’s mind to consider additional questions. IMH is short for I.M. Happy Company.

 

Have training needs been identified for all personnel whose job activities affect the quality system?
Have personnel been trained in processes identified in the Quality Assurance Procedures?
Have training and certification records been maintained for personnel involved with quality control, purchasing and production?
Are personnel aware of the importance of their activities, and their effect on the quality system and company quality objectives?
Are resources available to implement, maintain and continually improve the quality management system?
Are personnel competent on the basis of appropriate education, training, skills and experience?
Has the necessary competence been established at a suitably early stage for personnel performing work affecting product conformance, especially critical parts and customer special requirements?
Has the appropriate infrastructure been determined, provided and maintained to achieve product requirements, including (as applicable):

  • buildings, workspace and associated utilities,
  • process equipment (hardware and software), and
  • supporting services (transport, communication or information systems),
  • storage environment, especially for critical parts.

 

Has the working environment been assessed to determine the environment needed to achieve product conformity; e.g., noise level, temperature, humidity, lighting or weather?
Is the corporate risk management strategy known to all personnel?
Has the Audit Plan been updated to reflect persistent nonconformances?
Do the results from this section affect any other sections of the Quality System Audit Checklist?
Have the RISKS associated with the above questions been assessed and risk management assigned to the appropriate IMH responsibility and authority?

 

For example, if the answer to “Has the Audit Plan been updated to reflect persist nonconformances”  is “No”, then what are the risks attached to this omission? We are simply looking at consequences for our behaviour. Once you consider the answers to these questions, they will open up risks and once we think of risk assessment and management in these terms, they are not so intimidating. Also it does not depend on numbers but on the judgement of experienced people.

There are risks inherent in every business process, but if you start with the questions I have put together, from which you can establish the integrity of your quality system, you will be able to face an assessors’ questions with equanimity.

 

Posted by & filed under ISO9001: RISK ASSESSMENT AND MANAGEMENT.

 

 

How would you like to have an operation by a surgeon who, when you ask him what your chances were, told you that 99 out of 100 people died during the operation, but you were lucky because you were the 100th patient? I wouldn’t give much hope for a healthy recovery, would you?

I am the first to say that I know very little about statistics. I barely scraped through the mandatory course at university which an unfeeling administration required that I take to complete my studies. My interest and spirits heightened considerably, however, when I realised that the course was more about recognising spurious statistics rather than how to use and compile statistics.

The text for the course was a book by Stephen K. Campbell, “Flaws and Fallacies in Statistical Thinking”. In his chapter on ‘Far Fetched Estimates’ I was delighted to read his section on `Statistics Unknowable Because Some Physical Barrier In­terferes with Data Collection’. He quoted a researcher (Seligman) who was anxious to identify the basis for claims made by various newspapers that the rat population in New York City was in the range of 8-9 million. Apparently the only real study on the matter had been conducted in 1949. Under a grant from the Rockefeller Foundation, researchers had actually gone out and counted rats in a certain area, and extrapolated these figures to the whole of New York City. The whole exercise became ridiculous (not to say useless) when one of the researchers remarked to Seligman:

 

“You can count a rat on the eighth floor, and then other on the seventh floor, and then another on the sixth,

but after all, you might just be seeing the same rat three times.”

 

In keeping with many other people, I believe that statistics are no substitutes for good judgement based on experience and the ability to make imaginative connections. I believe that successful business practice comes from having contract con­ditions set out clearly and concisely, bearing in mind that somewhere down the road you may need contingency time to cover ‘unknowable statistics’; conditions which can’t be an­ticipated from trends, immaculate though your statistical techniques may be.

Suffice it to say that if you intend to be registered, to IS09001, AS9100 or any other international stand­ard, you should look around the company processes and see where statistics could be an advantage. As far as I am con­cerned, you are not required to spend time and money gath­ering information which captures the flavour of the month but will not further your cause in busi­ness.

Yet another quotation from Stephen Campbell:

 

‘”The story is told about an event during a trial follow­ing a calamitous wreck at a railway crossing. A railway worker testified that he had signalled vigorously by waving a lantern. His animated demonstration of the vigour with which he waved the lantern greatly im­pressed the jury, which eventually found the railway and its personnel innocent of negligence. After the trial, the lawyer for the railway commended the man for the effectiveness of his testimony. The rail­way worker, obviously greatly relieved, said: ‘ Thanks’. But for a while there I was afraid the other lawyer was going to ask whether the lantern was lit.”

I rest my case.

 

 

 

 

 

 

 

 

way

when this tool is used). I believe that everything stems from having the contract con­ditions set out clearly and concisely, bearing in mind that somewhere down the road you may need contingency time to cover ‘unknowable statistics’; conditions which can’t be an­ticipated from trends, immaculate though your statistical techniques may be.

Suffice it to say that if you intend to be registered, to IS09000, QS9000, EN46000 or any other international stand­ard, you should look around the company processes and see where statistics could be an advantage. As far as I am con­cerned, you are not required to spend time and money gath­ering information which will not further your cause in busi­ness.

I’ll close this chapter with yet another quotation from Stephen Campbell:

‘The story is told about an event during a trial follow­ing a calamitous wreck at a railway crossing. A railway worker testified that he had signalled vigorously by waving a lantern. His animated demonstration of the vigour with which he waved the lantern greatly im­pressed the jury, which eventually found the railway and its personnel innocent of negligence.

After the trial, the lawyer for the railway commended the man for the effectiveness of his testimony. The rail­way worker, obviously greatly relieved, said, Thanks’. But for a while there I was afraid the other lawyer was going to ask whether the lantern was lit.”

I rest my case.

 

 

Posted by & filed under AS9100.

According to  recent information which has come my way, prime contractors (OEMs) and standards boards are becoming increasingly concerned about the insufficient depth of AS90XX audit reports, which they are returning to certification boards as unacceptable.

Three examples of immediate concern, especially to the aerospace industry, are:

  • DOCUMENT CONTROL (no surprise there) ESPECIALLY CONFIGURATION MANAGEMENT
  •  PROCUREMENT (PURCHASING and SUPPLIER CONTROL)
  • PRODUCT ACCEPTANCE SOFTWARE

Thirteen ANAB NCRs have been recorded against the above in the past three years, primarily in configuration management; some of these were repeat NCRs. This is in addition to the complaints about “insufficient root cause analysis*. As a result, Configuration Management will move to AS9100, Clause 7.1 (Planning of product realization) in the next revision.

As another consequence of this weakness, OEMs are contacting standards boards directly about unsatisfactory audits rather than the certification bodies involved. They have also started conducting their own validation audits with AS91XX suppliers.The irony of this does not escape me, given that prime contractors were at pains some years ago to replace their audits of suppliers with acceptance of certification to international quality management standards such as AS9100 and ISO9001. I remember visiting a company in Ontario expecting to do a day’s work on the quality system, only to find six prime contractors’ supply auditors unexpectedly on site and my client in a panic.

 

For years I have been bleating about the presence of “dodgy assessors” in the quality system assessment market. I am not saying these organisations are responsible for the concerns noted above, but the fact that non-certified assessors have been allowed into the market for many years will not have helped the situation. I have rescued companies that have paid £400 or some similar sum for a so-called “quality manual” which purports to cover their quality system requirements, and a “certificate”. They had no description of management responsibility and authority, let alone that of processes and well-expressed documentation which connect and give stability to the business and confidence to employees.

 

It is not just the money and the lack of respect for the standards; it is the embarrassment of people who are sometimes highly qualified in their field but don’t understand the commitment required to implement and maintain a quality system that is a worthwhile investment. Unfortunately the awful truth dawns when they are refused entry to prime contractors’ Approved Suppliers Lists. Prime contractors will not even consider an application if the company is not certified by a recognised international standards board such as ANAB, SCC and UKAS. All these standards boards carry lists of approved certification bodies.

 

Document preparation and control has been a major weakness and cause of failure in certification audits for as long as I have been in quality management consulting. Poorly-written documentation has a dire effect on the integrity of a quality system. It also affects the choice of measurements, bearing in mind the current enthusiasm for measurement and analysis. As a voice in the wilderness, I maintain that measurement of anything in a quality system is pointless unless the objectives and parameters for that measurement are clearly expressed first of all in words. We have to trust the narrative and the judgement of qualified people; that’s why they were hired in the first place.

 

As Sir Francis Bacon observed: “writing maketh an exact man”.

Posted by & filed under AQAP, AS9100, ISO9001:2015.

 

 

 The draft ISO9001:2015 changes the former “Documentation requirements” to    “Documented information”. Accordingly, this information can refer to:
 ” the management system (3.04), including related processes
(3.12);
  information created in order for the organization to operate (documentation);
  evidence of results achieved (records).”

So how much documentation can we get rid of? In my opinion, not very much.

“Management system” documentation will mean the organization’s quality policy and its commitment to the quality system. It will show who is involved, who has authority and responsibility for the various components of the standard and exemptions if required.

 A Quality Manual is no longer required in the ISO9001:2015 revision, but AS9100C still calls for a Quality Manual and so does AQAP2110.  AS9100C is based on ISO9001 and the revisions to the IAQG 9100-series standards are planned for project completion in early 2016.

At the least I can anticipate some tension between the assessors and certification candidates,  and then between the assessors and the certification bodies as to how much documentation is sufficient to qualify for certification, let alone maintain the integrity of the quality system.

I am pleased to see a move towards removing unnecessary documentation and allowing qualified employees to use their professional judgement. I have been known as “slash and burn Jean” by some of my clients in my zeal to remove redundant documentation which clogs up the quality system. I am concerned, though, about what I perceive as the ambiguity of this clause in the current draft revision.  I am going to stay on the safe side and keep my quality manual in the Qualidoc package available on the website.

By the way, see ASQ Quality Progress magazine in August for my article on Training.

Posted by & filed under WHAT MIGHT ASSESSORS LOOK FOR?.

With all the emphasis on measurement in the ISO9001 standard it is sometimes easy to overlook the importance of the day-to-day production that is just as important. For example, what does “delivery” mean in your business? It could mean delivery to a specific site, or conclusion of system installation, or when the prod­uct leaves your warehouse or site, or when a ship arrives to discharge cargo at a port thousands of miles from your site.  It pays to consider carefully where the company’s responsibility ceases. It is too late when the signatures are dry on the contract.

 

Questions that come to mind: which carriers do you use? Are they available at all hours of the day and night, should you need that kind of service? Are you responsible for delivery to a site other than that of your cus­tomer? Who has authority in your company for releasing the product or service to the customer? Which of your custom­ers’ representatives has the authority to accept delivery of a product or service from you?

 

What does “preservation” imply? It means protect­ing items; for example, by shrink wrapping or other special packaging, surface treatments. Adequate storage will be needed such as racks, shelves, cupboards, packaging materials for production equipment and tooling.

 

 Extra storage space might be easy to estimate, but what about other conditions such as temperature and humidity, critical parts, including parts for which the customer might have set the storage and preservation criteria? You might need something as simple as a protective blind  to protect items from excessive sun. This problem came up in one of my contracts where fabric was glued and the hot sun through a window altered the consistency of the glue as it was being used.  

 

Housekeeping is very important. The assessor will be looking at the general cleanliness and care which is evident (or not) at your facility. Avoidable dirt and clutter could be regarded as lack of commitment to the standard.  The assessors will be looking for anything lying loose which should be under control. This includes parts lying about in the yard or documents scattered on someone’s desk or (worse) have been lying for fifty years in a dark corner or hiding in binders which have faded into the background.  They are uncontrolled as well as being untidy.

The yard is part of your facility so take the time to clean it up, especially if it is apart from the main site but will be included in the certification audit.  The assessor will expect to find that all quality-critical items are secured, maintained and protected from damage, corrosion, and other conditions (such as dirt or damp) that could cause the product to deteriorate.

Your storage areas will be audited, so if you have items waiting for the customer to decide what needs to be done, include these items and their condition in the internal audits.  Make sure they are segregated and identified.

 One of my valuable military aerospace contacts audited a supplier recently and found the housekeeping conditions unacceptable to the point where he shut down the audit; so be warned.

 

 

 

 

Posted by & filed under ISO9001:2015.

Continuing my review of the new clauses, No. 4 Context of the organization includes “Needs and Requirements”.

This is pretty straightforward; you just have to know your customer and your business, and ask the right questions.

“Needs and Requirements” will be those “generally implied or obligatory” for the customer and those who need to know in your internal organization.. These will include specific requirements if they are outside those usually provided for the product or service, such as documented information (records), local, national or international statutes and regulations.

It can also mean

  • social and cultural, financial, technological, economic, natural and competitive environment, whether international, national, regional or local;
  • customers changing needs that can have an impact on the objectives of the organization;  and
  • relationships with, and perceptions, values and expectations of, external and internal interested parties.

All the above can be expressed in clear, concise terms. You can check your current policy against the samples available on the Qualidoc website. A full set of policies and procedures is also available for the very reasonable subscription of £25 per month for current issues.

REGISTER for the free documents – understand where you may have gaps in your quality system or that you have everything covered (unlikely!).

 

My next clause blog will be SCOPE. This means scope of the quality system, but it can also mean the scope of your business. For example, if you design products or services, do you want this design to fall within the scope of the certification? Study this carefully before you include it or exclude it. If you exclude it without sufficient analysis of its connection to the rest of the processes then you could have to review your certification. Discuss it with anyone involved, including subcontracted designers. The description will be on your certification in the wording you have given to the assessors so the time involved in getting it right it well worthwhile.

 

 

Posted by & filed under ISO9001:2015.

 I have seen comments recently via LinkedIn where some contributors to the quality groups seem to be under the impression that no, or little, documentation is required to meet the ISO9001:2015 standard. No such luck; there are specific requirements under “Documented Information” and other clauses of the draft revision.

“Documented information”  replaces “Documentation Requirements”. It is defined as “information that is controlled and maintained by an organisation and the medium on which it is contained.” It can be in any format and media and from any source.  This will certainly include electronic media and the authorised signatories.

Although it appears that organisations will be able to choose when documentation is or is not required, records for quality-critical processes will have to be produced and maintained in current revision status, as before.

Question:  where in your organisation are documents required (records) or when can judgement of experienced and qualified staff be accepted in lieu of documents?

Documents can include those required to describe and manage the management system
and related processes. This means that all quality-critical processes, policies and procedures must be examined for evidence of results achieved.

A written and published quality policy is also required; (register on this website to see example).

The requirements are clear in that the quality policy shall

  • be available as documented information

  • be communicated within the organization

  • be available to interested parties, as appropriate.

  • be reviewed for continuing suitability

 

Ask the question:

If an assessor was examining your organization, would he or she be able to find the evidence (validation and verification) that the requirements of the standard and the quality system objectives had been met?

I think we will be relying on documented evidence as much as ever. I would be happy to hear from anyone who thinks otherwise.

Don’t be in hurry to throw out documentation or to abandon the Master Document List.

[email protected]

 

 

Posted by & filed under ISO9001:2015.

 

 

ISO NEW CLAUSE STRUCTURE

 

From the latest information available to me, the ISO9001:2015 will carry new clauses from 1 – 10. Clauses 1, 2, 3 will be Scope, Normative references and Terms and Conditions, as before.  Clauses 4,5,6,7 will fall within PLAN; Clause 8 under DO; Clause 9 under CHECK; Clause 10 under ACT.

 

Many of the clauses will cross-reference. The information below is my interpretation of what the new clauses mean for quality system development based on my experience and development of quality systems over 27 years. They are simply based on good business practice. Much of this is covered in the QUALIDOC INTERNAL AUDIT CHECKLIST which is available free of charge on this website.

 

I invite you to follow my blogs in which I explain, line by line, the application of the new clauses to current quality systems. (See sample QUALIDOC documentation available at www.qualidoc.co.uk also). The text in bold is my indication to pay particular attention to the statement. When you are answering the questions implied in the clauses, always ask yourself the question: WHO NEEDS TO KNOW?

 

Clause 4: Context of the organization

  • ·        Understanding the organization and its context
  • ·        Needs and requirements
  • ·        Scope
  • ·        Management System

 

4.1  Understanding the organization and its context

Here’s where you identify external and internal issues that affect your business. Ideally these should be covered whenever a contract is in the offing. Consider how the requirements of the quality system, e.g., ISO9001, AS9100D (AS9101 Revision E issued recently) can affect your organization. Include this in your Contract Review (Customer Requirements) NOTE: MAKE SURE YOUR MEASUREMENTS (e.g.,KPIs) DO NOT LAG BEHIND DEVELOPMENTS SUCH AS THOSE IN:  

  • ·        key drivers and trends which can have an impact on the objectives of the organization, including customers changing needs;
  • ·        relationships with, and perceptions, values and expectations of, external interested parties;
  • ·        the social and cultural, legal, regulatory, financial, technological, economic, natural and competitive environment (international, national, regional or local);

INTERNALLY: review organizational structure (including Board of Directors level), roles and accountabilities, (responsibilities and authorities) especially those with signing authority and responsibility at critical stages of product or service planning, development and delivery. 

Do you have the policies, procedures, objectives, including strategies to achieve the organization’s objectives? Are resources in place including information (e.g., capital, time, people (skills, experience), processes, systems and technologies)?

Are reliable information systems in place to allow uninterrupted, timely and accurate flow, responsibility and authority (e.g., approval for processes and management decisions, formal and informal)?; 

What are the standards, guidelines and models adopted by the organization?

Contractual relationships: do these include “grouping” with other subcontractors?

WATCH MY BLOG FOR THE NEXT CLAUSE – “NEEDS AND REQUIREMENTS”. SAVE YOURSELF TIME AND MONEY – SIGN UP FOR THE DOCUMENTS ON THE WEBSITE.

 

 

 

 

 

 

Posted by & filed under Uncategorized.

On one of my contracts I  asked to see the Certificate of Com­pliance from a accredited calibration agency be­cause I concluded that the ‘certificate’ on file was simply a Work Order issued by the technician who had checked the equip­ment. The WO only referenced the certificate number. I wanted the proper certificate to be on file and listed in the Master Document List.

My request languished until the day of the assessment, despite many requests from the QAM. Of course the assessor wasn’t satisfied with the document we had on file. We faxed the calibration agency insisting that we get the proper certificate sometime that day. What we actually received was another copy of the Work Order used by the technician who had calibrated the equipment, with the original certificate number whited out and another number written (hand-written) above. Unfortunately, this came into the assessor’s hands as he was standing by the fax machine with the QAM. I was standing to the side and he turned to me and commented to me that he considered it to be fraud (which it was).

The Operations Manager put in a personal call to the calibration agency to request the certificate. The owner of the agency said that he wasn’t prepared to send a copy because “people sometimes altered the certificates in their own favour”. (I don’t know what he means either). He did eventually agree to fax a copy to the assessor’s office.

The moral of this story is to check, check and keep checking the effect of subcontractors, and their documentation, on the integrity of your quality certification. The time wasted above, let alone the threat to the certification, could have been avoided by being alert to the suitability of documentation that purports to verify the status of your quality system.

 

And, of course, all documents should be verified by responsibility authorities and their revision status impeccable.