MQAS ISO audit policy for Management of Extraordinary Events or Circumstances affecting Maverick Quality advisory services (MQAS) and Certified Organizations

1. Scope: This policy is applicable for management systems certification -for surveillance and recertification audits. This policy shall be applicable to management systems for which MQAS is accredited.
2. Definition:

   Extraordinary event or circumstance: A circumstance beyond the control of MQAS, commonly referred to as “Force Majeure” or “act of God”. Examples are war, strike, riot, political instability, geopolitical tension, terrorism, crime, pandemic, flooding, earthquake, other natural or man-made disasters.

   During the extraordinary circumstances travel is not reasonable due to travel restrictions, safety reasons, closing of national borders etc and above all to the health of participants.

3. Policy: When the extra ordinary circumstance occurs (present case of COVID 19), MQAS shall decide for certification activities for its clients taking in consideration -

   
   Client’s operations are being carried out. The operations have not been stopped.

   
   The conditions prevailing because of COVID 19 shall be discussed with client. The client shall be communicated the plan for virtual audit in advance. MQAS shall develop plans for carrying out certification activities as detailed below.

   1. Surveillance Audits – Virtual audits shall be carried out. In case the certified organisation is not in a condition for audit due to conditions prevailing on account of COVID 19, the audit shall be carried out within 3 months of due date. (due date-Surveillance audits shall be conducted at least once a calendar year, except in recertification years. The date of the first surveillance audit following initial certification shall not be more than 12 months from the certification decision date.). The period of three (3) months is as per guidelines of NABCB – issue 01 March 2020. and same is modifiable so as to meet the mandatory requirement of accreditation body / apex organisation.
   2. Recertification Audits- Virtual audits shall be carried out. In case the certified organisation is not in a condition for audit due to conditions prevailing on account situations mentioned under section “definition” above, the audit shall be carried out within 6 months of due date. The period of six (6) months is as per guidelines of IAF ID 3 and same is modifiable so as to meet the mandatory requirement of accreditation body / apex organisation.

   
   It shall be kept in mind that if audits are being carried out at later date than due date because of extra ordinary circumstances, the next audit shall be done at due dates as per the audit cycle.

   
   NABCB shall be informed of virtual audits

   
   Deviations from the Audit and certification process of MQAS shall be documented. It shall be kept in mind that total audit time shall not be reduced. However, planning time increase may be required.

   Virtual audits shall be carried out using audio/ video and data sharing facility with ability to control, see, hear, question and intervene shall be used for covering audit sessions. MQAS shall keep the evidences of invitations, opening and closing meeting and audit sessions by any means of session snapshot, recording etc., The records shall be kept for 2.5 years. The security and confidentiality of electronic or electronically-transmitted information/data shall be kept in view by MQAS and the organization being audited.

   
   The following aspects shall be discussed with client for audit planning and carrying out audit.

   1. The mail id and phone number of the auditees for sending electronic invitation. The auditees shall have the audio / video connectivity during the audit sessions and they shall be available for the audit as per audit plan.
   2. There may be parallel sessions in the audit plan and client shall facilitate for these parallel sessions.
   3. The client shall be able to show the required documents for audit like project documents, processes, document related to support functions etc. Client should be able to present soft files. Documents should be shared, as required in audit.
   4. Client has no objection to record the session.