Skip to content
EMS handbook

9.2 Hosting the customer audit

A customer audit is a rigorous verification of contract compliance and process capability. The auditor’s goal is to evaluate operational controls; the engineering goal is to confidently demonstrate mature predictability in the factory. Success relies entirely on pre-planned architecture and disciplined execution. It is important to organize the flow of information, the physical environment, and the narrative.

The audit architecture (the structured flow)

Section titled “The audit architecture (the structured flow)”

A structured, professional setting must be provided for the audit to ensure information is presented accurately and completely.

The Room Dynamic:

  • The Front Room: This is the primary meeting space. It contains the Auditor, the official Host (Quality Director/Plant Manager), and the currently relevant Subject Matter Expert (SME). It should be organized and focused on the audit.
  • The Back Room: This is your support hub, located out of sight and staffed by your document control and engineering team.
    • The Scribe: Sits in the Front Room (silently) and logs auditor requests into a live internal chat channel.
    • The Runner: Sits in the Back Room, retrieves the requested document, reviews it for completeness and accuracy, and then delivers a clean copy to the Front Room.

The Filter Rule:

Whenever a requested document has a missing secondary signature or is otherwise incomplete, the Back Room catches it before it goes to the auditor. When a mandated record is missing, the Back Room prepares the mitigation strategy and the CAPA draft immediately, allowing the Host to be prepared with a proactive response.

The “pre-flight” preparation

Section titled “The “pre-flight” preparation”

A thorough 5S sweep of the areas to be audited must be executed prior to their arrival.

The Readiness Check:

  • Infrastructure:
    • All chemical bottles (e.g. IPA, Flux) on workstations must be verified as properly labeled per safety standards.
    • The MRB quarantine cage must be ensured to be locked and under proper access control.
  • Production Line:
    • All unauthorized “cheat sheets” or handwritten notes taped to equipment must be removed. Only revision-controlled Work Instructions (WIs) must be ensured to be in use.
    • Personal items must be confirmed to be kept out of designated ESD zones.

Interview discipline (the “answer the question” protocol)

Section titled “Interview discipline (the “answer the question” protocol)”

Operators may unintentionally provide ambiguous or out-of-context information during audits. Staff must be trained on a clear, professional communication protocol.

The Logic of Interaction:

  • The Auditor Ask: “Do you calibrate this electric torque driver?”
  • The Unhelpful Answer: “Yes, usually every Tuesday, but the tech was sick last week, so we skipped it and did it Wednesday instead.” (This volunteers a potential non-conformance without context).
  • The Professional Answer: “Yes.” (Wait for the next question).
  • The Auditor Follow-up: “Show me the calibration sticker.”
  • The Prepared Action: Safely point to the sticker. Do not elaborate on the history of the sticker unless explicitly asked.

Pro-Tip: If the answer to an auditor’s specific question is unknown, it should simply be stated, “That data will be verified with the lead engineer.” Guessing must be avoided; retrieving accurate data demonstrates professional diligence.

The closing meeting

Section titled “The closing meeting”

The closing meeting is an opportunity for professional alignment and clarification.

The Closing Logic:

Should the auditor present a drafted finding based on a technical misunderstanding of your process, clarify it immediately with objective engineering evidence. Resolving it before the final report is issued is highly efficient. When a finding is factually valid, accept it professionally and firmly state your correction timeline (e.g. “Understood. We will submit a formal 8D CAPA within 5 business days”).

Final Checkout: Hosting the customer audit

Section titled “Final Checkout: Hosting the customer audit”
Monitored Control PointEngineering RuleRisk Avoided
Front/Back Room SegregationRequested documents should be reviewed by the Back Room to ensure completeness.Presenting incomplete, inaccurate, or out-of-context data.
The Clean SweepUncontrolled notes must be removed from the line prior to the audit.Document Control Compliance Failures.
Operator InteractionOperators are trained to answer only the specific question asked, clearly and concisely.Volunteering confusing or contradictory information.
Quarantine IntegrityThe MRB/Red Tag area must be locked and verified.Systemic Process Control Failure.
The VIP EscortThe Auditor must be accompanied at all times while on the production floor.Safety Risks and Intellectual Property Exposure.