 |
Internal audits and pastures new?
By Allan J. Sayle, President Allan Sayle
Associates
If the precedent becomes the norm – will we visit fresh
woods and pastures new?
New thinking and change is always welcome. Auditors must think
and accept new practice, new ideas. Semantics are less important than
business needs and results.
So, are these developments to be welcomed? Yes. Jim Wade has it right
in writing:
| “…it is less a case of eliminating a
requirement and more of taking a fresh look at the requirement and
coming up with creative interpretations that: |
| • |
[primarily] make good business sense in the light
[of] accepted good management practice. |
| • |
[secondarily] meet the requirements of the standard.” |
If the precedent of accepting PR in lieu of internal auditing becomes
the norm, in the ISO 9K registration industry, the following key matters
deserve consideration:
• What does an ISO 9K certificate mean to the user?
• Self-certification
• The effects on auditor training
• The effects on the registration industry.
• The effects on ISO 9K et al.
What does an ISO 9001:2000 certificate mean to the user?
Perhaps the first consideration has to be, who has issued the
certificate? Judging by initial expressions of concern and dissent posted
on the Elsmar Cove by some individuals working for different registrars,
there is now potentially any number of certificates each reflecting individual
registrar’s views about compliance. Each would be based on the particular
registrar’s auditor’s and registrar’s organization’s
interpretation of the meaning of the standard and what is and is not acceptable
as a means of complying with its content.
That being so, one must ask is there a need for a “sanctioned interpretation”
about PR etc, as Mr. Wade describes? Moreover, and more crucially, should
there be any sanctioned interpretations at all? I will not advise on either
of those two questions as they are of less relevance to business actualite.
That actualite raises more important considerations.
Even if the ISO 9001 and registration industries agreed there should be
sanctioned interpretations, if the customer is going to participate in
the PR, does he or should he care about them for his particular business
needs? Does or should he care about a registrar’s interpretation
of the supplier’s compliance: in other words, does that customer
effectively need a registrar’s approval for how it will work with
the supplier and meet ISO 9001: for its own contract?
The answers, of course, are respectively: no; no; and no. In effect, they
strike at the heart of the original purpose of ISO 9000. The customer
and supplier may be guided by some of the standard’s precepts but
will formulate their own practical QMS and certify it with execution of
their contract. This will change the terms and conditions, T’s and
C’s, of the customer’s contracts. No longer will the customer
require compliance with the requirements of the standard: rather it will
be more appropriate for the customer to stipulate the standard shall
be used as a guide.
So, one could argue in accepting a company’s views on how to comply
with ISO 9001:2000, the particular registrar(s) accepting PR et al
have paved the way for the abandoning of registration as a mandatory requirement.
To coin an American expression, have turkeys voted for Thanksgiving? Perhaps
not, for reasons explained below. There is a world beyond ISO 9001:2000.
In the case of auditor training and certification schemes, probably ”yes”,
for those registrars who are providing them. For the RABQSA and IQA’
own schemes, they may well prepare for a significant drop in certifications
(and associated cash flow.) I find it all rather pleasing for, as I mention
elsewhere in this article, the general quality of results has long been
poor.
A fall-off in auditor training, though, is only one possible outcome.
More significant is the possibility for entering a new era of self-certification
by the supplier.
: Self
certification
top of page |
 |
