ISO9001-Always same Auditors

ISO 9001 – Auditors for years in the same Company

In Switzerland, companies conducting audits use the same auditors for years in the same companies/organisations. This practice is tolerated by The Swiss State Secretariat for Economic Affairs, SECO – The Government accreditation body.

In Switzerland, companies conducting audits use the same auditors for years in the same companies. It is a win-win situation for the certification company (for example same routine over years = less expenses) and for the Company itself (same auditors = high fulfilment rate).

The Swiss State Secretariat for Economic Affairs, SECO – The Government accreditation body – confirms, that only in EN 9104:2013 / EN 9100, EN 9110 and EN 9120, certification companies are obliged under chapter 8.3.8 to change auditors after 2 consecutively certification cycles.

For ISO 9001, there is no obligation to change an auditor after he or she has conducted the audit in the same company or organisation after 2 consecutively certification cycles.

The negative impact in terms of quality is obvious.

According to John F. Mascaro, ASQ Audit Division and Vice-Chair Technology, the ISO makes standards and does not get involved in the certification business.

However, according to his assessments, there should be a rotation of auditors because when the same auditor continually performs audits on the same auditee, the auditor will become overly familiar to the Management System that he/she audits and most likely, will not be able to add much value to the organization audited, or worse, act more like a “Consultant”. Too much familiarity between the auditor and auditee and their Management System may cause a less effective audit result.

Vladimir Simic – Quality Manager with over 40 years of experience hints, that the ISO 17021-1:2015 and ISO TS 17021-2 up to 10 provide enough basis for regulating these issues. If the assessment situation is correct, if the auditors and the certification bodies, through their training, ensure the achievement of the audit goals, and the goal changes in each audit of the annual surveillance and recertifications, then the issue is not essential to evaluate the validity and usefulness of certificates in the market.

It is the responsibility of the certification body to take care of these ethical and coral elements of auditing and composition of the audit teams. What the mentioned standards require and why they are not in practice, should be addressed to the accreditation bodies and the policies of the certification bodies themselves. In the end, the market knows who is who. If a certified organisation only wants a certificate on the wall, not the real improvements to their management systems with standard implementations which are they basically used for, then they do not care who audits them and are more likely to rejoice in the witness by the known auditor.

Don’t just describe processes

Don’t just describe processes: Master them.

There is hardly a company which can survive on the market today without quality management and the process descriptions associated with it. Whether Six Sigma, TQM, EFQM etc. companies are constantly striving to adopt specific methodological knowledge together with the necessary tools and to put it to everyday use.
These systems are necessary to achieve continuous improvement of processes, quality and ultimately the creation of added value.

The challenge however lies in the fact that they are based more on theories about processes and their impact on the company and less on how processes within the company actually run. For example, passing a driving test is certainly not a guarantee that the successful candidate will adhere to traffic rules.

Success in the sense of sustainable optimization can be said to have been attained by the company only if it has a wealth of experience in dealing with the methodology and if the associated quality culture is alive and well.

Key performance indicators alone or the processing of issues during audits can provide an indication of weaknesses but rarely any information about their causes. Such conclusions are often based on subjective perceptions or hypotheses.

It is therefore not enough to know about the Business Excellence Methods mentioned above but also to know how to resolve problems and to assess and reduce risks in a structured manner. Only methods, such as the “Operation Efficiency Assessment” enable complete and practical experience of business processes and have an insight into the reality as it really is an not what  it should be in theory or on paper.