CALL US 1-888-553-2256
CountryCountry

ISO 9001 Blog

Mark Hammar

How to create an ISO 9001:2015 human resources audit checklist

Human resources, the management of the people within an organization, is an important part of the Quality Management System (QMS), so you would expect the ISO 9001:2015 standard to have requirements for the human resources procedure. Not surprisingly, the standard does include requirements about how you need to deal with human resources in your organization, even though it does not require the creation of a human resources procedure. Read this article to learn what to include in your ISO 9001:2015 human resources audit checklist.

What does ISO 9001:2015 say about human resources?

While the ISO 9001:2015 standard does not use the term “human resources” in the requirements, two main sub-clauses talk about how to manage the people in your QMS. Both of these main sub-clauses fall within the support section of the standard, clause 7.

Clause 7.1.2 People

This is a fairly short clause that states that you need to determine the people that you need for two separate activities. Firstly, you need to determine the people necessary to operate the processes of your QMS, these being every process to deliver on customer needs from communication through to delivery.

Secondly you need to determine the people needed to achieve conformity of products and services, which would include not only people to create the products and services, but also those required to make them meet the needs of customers. After determining what kind of people are required for your QMS, the standard also states that you need to provide these people.

Clause 7.2 Competence

This clause provides the biggest set of requirements for the human resources procedure in the ISO 9001:2015 standard. There are four sub-clauses, which are basically a 4-step process for ensuring people know what they need to know, as follows:

ISO 9001:2015 human resources audit checklist
Figure: Building competence

Determine the competence: What skills and knowledge do people need to know to perform activities in your organization? This includes everyone under your control that can affect the performance and effectiveness of the QMS. Determining the competence for processes is referenced many times in the ISO 9001:2015 requirements, always meaning that you need to identify what people need to know for the correct performance of tasks before the tasks are started.

Ensure people are competent: Now that you know what skills and knowledge are required, how do you ensure people have these competencies before they start to work? This can be accomplished through education, training or experience, but it needs to match what you have determined to be necessary.

Acquire competence: Any human resources professional will tell you that it is rare to find the perfect candidate for every position, often there is some skill or knowledge missing. So, when this is the case, what are you going to do about it? Will you train the employee to fill the competence gap? What type of training will it be, in-house or external, formal or on-the-job? Most importantly, how are you going to ensure that the action taken has been effective in giving the person the competence needed?

Retain evidence: Finally, what documented evidence do you need to show that people are competent? This could include the job description that listed the competencies, and could also entail all of the training records collected for an employee to show how to perform tasks associated with his position. In many cases, these are the human resources files that are kept about employees in the organization.

For more on implementing the competence requirements of ISO 9001, see this article: Using Competence, Training and Awareness to Replace Documentation in your QMS.

Don’t let your human resources procedure tie your hands

One thing to note for the human resources procedure, don’t make it too specific when it does not need to be. For instance, you can define the competence requirements for an internal auditor to be a formal audit training course; and if you do this you need to ensure that every auditor in your organization has this qualification. On the other hand, if you determine your competencies to include knowledge of the management system standard and skills in process auditing you could gain these competencies in different ways such as job-shadowing another auditor and reading and passing a test on the ISO standard. The formal auditor training would be one way to gain these competencies, but not the only way.

What goes in the human resources audit checklist?

It is important to remember that any audit checklist needs to not only look at the ISO 9001:2015 standard requirements, but also address the process that has been put in place at the organization. The human resources procedure indicates how your organization has interpreted and implemented the requirements of the standard, and these decisions become part of the QMS and must be audited as well. So, ensure that when you create your audit checklist you include requirements from both sources so that you can not only check that your organization is doing what the standard requires, but also what has been determined to be necessary to make human resources work for you.

To learn how to perform a complete ISO 9001 internal audit, see this free online training ISO 9001:2015 Internal Auditor Course.


About the author:

Mark Hammar is a Certified Manager of Quality / Organizational Excellence through the American Society for Quality, and has been a Quality Professional since 1994. Mark has experience in auditing, improving processes and writing procedures for Quality, Environmental and Occupational Health & Safety Management Systems, and is certified as a Lead Auditor for ISO 9001, AS9100, and ISO 14001.

If you enjoyed this article, subscribe for updates

Improve your knowledge with our free resources on ISO 9001 standard.

Leave a Reply

Your email address will not be published. Required fields are marked *

OUR CLIENTS

OUR PARTNERS

  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.