Skip to main content

9.2 Hosting the Customer Audit

A customer audit is not a friendly visit; it is a verification of contract compliance. The auditor's goal is to find risk; your goal is to demonstrate control. Success relies on architecture, not just good coffee. You must control the flow of information, the environment, and the narrative. If you allow an auditor to wander freely or access raw data without context, you will fail.

Audit Strategy: The "War Room" ProtocolArchitecture

WhenDo anot customer or regulatory body (FDA, ISO Registrar) auditsallow the facility,auditor successto reliessit onat controllingyour desk. You must physicalize the flow"Firewall" of information. The audit is a formal examination, not a casual tour.concept.

The "Front Room" vs. "Back Room" ArchitectureDynamic:

  • The Front Room: This is wherethe stage. It contains the Auditor sits. It should be clean, sparse, and devoid of any loose papers. OnlyAuditor, the Audit HostHost, and the necessaryrelevant Subject Matter Expert (SME). areIt allowedis here.sparse. No loose papers, no whiteboards with strategic secrets, and no access to the internal network.
  • The Back Room (War Room):Room: This is the command center.engine. It is staffed by scribes, document runners,scribes and Quality Engineers.runners.
    • The Scribe: Sits in the Front Room (silently) and types every question the auditor asksrequest into a live chat channel displayed in the Back Room.chat.
    • The Runner: In the Back Room, seesSees the request (e.g., "Show me the training record for Operator A"), retrieves theit, document, reviews it for errors,errors, and physically walks it intoto the Front Room.

The Filter:Filter Rule:

  • NeverIf hand a document to an auditor without reviewing it first. If a record has a missing signature, fix it (via proper Good Documentation Practices)signature or bea preparedcoffee tostain explainThen the Back Room catches it before the auditor sees it.
  • If a record is missing → Then the Back Room prepares the explanation immediately, so the Host is not caught off guard.

    • The "Pre-Flight" Clean Sweep

    AuditDo Etiquettenot wait for Floorthe Staff Every employee must be trained on howauditor to answer an auditor. The golden rule is: "Answer onlyfind the questionrogue asked.Post-it note. Execute a "Search and Destroy" mission 48 hours prior.

    The "Red Flag" Hunt:

    • Infrastructure:
      • If a chemical bottle (IPA/Flux) is unlabeled → Then it is a hazmat violation. Bin it.
      • If the "Red Tag" quarantine cage is unlocked → Then the audit is over. Lock it and pocket the key.
    • Production Line:
      • If an operator has a "cheat sheet" or handwritten note taped to the machine → Then destroy it. The only valid document is the controlled Work Instruction (WI).
      • If personal items (bags, food) are in the ESD zone → Then remove them.

    Interview Discipline (The Miranda Rights)

    The most common source of audit findings is an operator talking too much. Train your staff on the "Answer Only" protocol.

    The Logic of Interaction:

    • Auditor: "Do you calibrate this torque driver?"
    • Bad Answer: "Yes, weusually doon it every Tuesday,Tuesdays, but sometimes Bob forgetswas becausesick he'slast busy,week, so we dodid it Wednesday." (ThisYou volunteersjust volunteered a non-conformance).
    • Good Answer: "Yes." (Stop talking. Wait for the next question).
    • Auditor: "Can you showShow me the sticker?sticker."
    • Good Answer:Action: (PointsPoint to sticker).the sticker. Do not explain the history of the sticker.

    The

    Pro-Tip: Self-AuditIf Checklistyou (Thedo "Pre-Flight"not Check)

    Beforeknow the auditoranswer, arrives,say "I will verify that with the siteengineer." mustNever conductguess. A wrong answer is a "Cleanfinding; Sweep"a self-audit.delayed Thisanswer checklistis mimicsjust thedue most common findings from ISO and Customer audits.diligence.

    Facility & Infrastructure

    • [ ] Are all ESD wrist strap testers calibrated and plugged in?
    • [ ] Are fire extinguishers unblocked and inspected?
    • [ ] Are all chemical bottles (IPA, Flux) labeled with contents and hazard warnings (GHS)?
    • [ ] Is the "Red Tag" quarantine cage locked?

    Production Line

    • [ ] Are Work Instructions (WI) at the latest revision? (Check the revision date against the master list).
    • [ ] Are there any "rogue documents" (post-it notes, cheat sheets) taped to machines? Remove them immediately.
    • [ ] Are all torque drivers and calipers within their calibration date?
    • [ ] Are personal items (food, drinks, bags) removed from the ESD Protected Area (EPA)?

    Documentation

    • [ ] Are training records signed and up-to-date for every operator on the line today?
    • [ ] Are reflow oven profiles from the last shift saved and compliant?
    • [ ] Is the Maintenance Log for the SMT machine filled out for yesterday?

    The Audit Closing Meeting

    TheThis audit concludes withis a negotiation, not a sentencing hearing.

    Closing Meeting where findings are presented.Logic:

    • The Rule of No Surprises:If Thethe Auditauditor Host should havepresents a pulsefinding based on everya findingmisunderstanding → beforeThen thisclarify meeting.it immediately with evidence. Do not wait for the final report.
    • Accepting Findings:If Acknowledgethe finding is valid non-conformancesThen accept it professionally. Do not arguemake aboutexcuses feelings;("We arguewere onlybusy"). facts. IfState the auditorcorrection claimstimeline a(e.g., record"We iswill missing, but you found it in the Back Room, produce it immediately to downgrade the finding.
    • The Recovery Plan: State clearly thatsubmit a CAPA plan will be issued within the5 agreed timeframe (usually 5-10 business days)days").

    Final Checklist

    AuditControl PhasePoint

    Critical ActionRequirement

    ResponsibilityRisk Avoided

    PreparationFront/Back Room

    Run100% theof "Cleandocuments Sweep"filtered Self-Auditthrough 2Back days prior.Room.

    QualityAccidental ManagerDisclosure / Bad Data

    ExecutionClean Sweep

    Establish "War Room" channel; filterRemove all docs.uncontrolled notes (Post-its) from the line.

    QADocument EngineersControl Failure

    Floor EtiquetteInteraction

    "AnswerOperators answer only whatthe isspecific question asked."

    AllVolunteering EmployeesNon-Conformance

    ClosingQuarantine

    ClarifyRed findings;Tag agreearea onmust CAPAbe timeline.physically locked.

    SiteCritical LeadershipSystem Failure

    Escort

    Auditor is never left alone on the production floor.

    Safety / Security Breach


    Back to top