hygiene zone
quality tools
quality techniques
human issues
quality awards
quality extra
visitor tools


Stay Informed
Sign up below to receive our Occasional Newsletter.

We Respect Your Privacy!

Web SaferPak
SaferPak: Food Packaging Safety, Food Safety, Business Improvement and Quality Management
       Home     About     Contact

Internal audits and pastures new?
By Allan J. Sayle, President Allan Sayle Associates

Does the idea of process review comply with ISO 9001:2000?
Might process review as a surrogate for internal audits accord with my publicly expressed views?
If the precedent becomes the norm – will we visit fresh woods and pastures new?
Self certification
Effects on the registration industry
What should be the ISO position and that of the TC committee?
Appendix 1
Appendix 2 - My publicly expressed views over the years

Self certification

Why not? The idea of certificates of compliance, CofC’s, is certainly not new and the customer can visit and satisfy itself of the validity. Since NKUK is indicating it does involve its customer in the PR, the customer will be visiting its supplier and can quickly determine the efficacy of the supplier’s PR. “We meet the requirements of ISO 9001:2000” may be sufficient. Or, more likely, for reasons stated above, “Our QMS meets the guidelines expressed in ISO 9001:2000”. Or, “our QMS meets the intent of the guidelines of ISO 9001:2000”.

What is the difference in value of such statements from a CofC stating, “This steel meets ASTM 316L”. Such testimonies have been accepted for decades: and registrars such as DNV and Lloyds commonly accepted CofC’s in issuing “Certificates of Fitness” for the likes of oil platforms installed in the North Sea.

The key question would seem to be, if I were a customer, would I accept a self-certificate? One’s answer is “Yes”, depending on the product involved and whether or not I decide to participate in the supplier’s PR at the supplier’s premises where my supplies are produced.

In any case, in light of the (too many) horror stories circulating over the years since ISO 9K came into being and its registration industry appeared, like many others I have been unwilling to take much notice of the certificates issued anyway: they have never been the deciding factor in any assessment undertaken of a supplier’s QMS, for reasons I have explained on numerous times elsewhere.

Effect on auditor training?

If registrars accept there is no need to perform internal audits in the conventional manner, they must accept there is no need to require qualified auditors or audit training for the purposes of qualifying company auditors. Of course, auditor training for their own people is an entirely different matter they must resolve together with their accreditation bodies.

It would also follow anyone trained on an audit course delivered (sold) by a registrar may wish to claim a refund if that registrar was accepting PR as the internal audit surrogate before the training was sold, especially if that registrar issued a corrective action request based on failure to train internal auditors.

So, why bother with auditor training? Why bother with certification? The answer rests in the prospective auditor’s own organization’s aspirations. If it wants to compete in the global market place it must move towards “value assessments”, as noted in that 2005 keynote address. And, as delegates who attended heard my sidebar remark, registrars do not have the experience or capability of offering any course in that topic, though I have little doubt some will disingenuously claim otherwise and try to peddle the same old stuff in a relabeled bottle (as will many of the familiar names in the “consulting” arena, perhaps under the auspices of the so-called professional bodies).

To survive, quality “auditors” must move into the new age of value assessing. And, that will also mean a different type of person with a different set of basic qualifications will become the “assessors”.

We can expect a major shift in the nature of “auditor” training and in the body of knowledge fundamental to so-called auditor qualifications. I have my thoughts, experience and material at hand, upon which at present I will not enlarge.

The alleged NKUK statement – inevitable and predicted outcome of poor audit training.

Few people working in today’s quality arena should be in the least way surprised that a company’s people regarded internal audits as being activities chasing up with schedules “for the benefit of the certification body”. That has been a fairly typical use of audits by many firms. It reflects, of course, the level of service delivered by auditors that results in a lack of top management support for auditing. And, in the majority of cases I have seen, it is a direct result of poor quality training delivered to those auditors.

One must consider how many people have been trained on “recognized” or “registered” courses purporting to be “audit training courses”. A number of registrars have offered such courses over the years and, until ISO 9001:2000 emerged embracing the “process approach” the content was generally based on the old “docs and stickers” stuff I have derided for over 30 years! Neither Yell nor NKUK ever have been clients of mine and I am confident that had they been so, they would not have gained the impression of “audits” and their use that they have: at any level of their staff.

So, that at least two firms are trying to be “audit free”, as Mr. Wade puts it, is a reflection on the state of audit training generally available in the marketplace, of the effectiveness of schemes for registering or recognizing those courses. I suspect there are many more harboring similar feelings and “yearning to be free,” as Emma Lazarus would describe those tired, poor and huddled masses of firms!

And, as those who attended my various speeches and seminars know well I have been forewarning of the need to “raise sights, raise standards...” and so forth, and of the eventual demise of “auditing” if conducted in the way typical of so many. Indeed, at a meeting organized by the IQA, held at Cranfield Institute, November 1990, and attended by all the then “certification bodies” (registrars) and “recognized” training “providers”, I expressed my views about all and sundry in blunt terms warning of the eventual damage that would occur: my remarks were received with displeasure. I retract not one of them.

Though my course was one of the first four recognized by the IQA in the mid 1980s, I pulled out of its scheme at the beginning of the 1990s as I fundamentally disagreed with its requirements and did not want to be associated with courses under that or similar schemes. (In fact, I was criticized for teaching my “Task Element” approach – i.e. the process approach – instead of the then current text of ISO 9001:1987 family, which neither embraced nor contained that approach!) As more and more individuals and firms piled into “audit training”, it became a commodity and I found one was tarred with the same brush as a result. Accordingly, I stopped offering my audit training on a public basis preferring to work in-house for clients on an exclusive basis and have only presented my course publicly on two occasions in the last 10 years: each time by invitation of the ASQ.

Prudent management knows it needs an assurance tool and has shunned the others’ types of internal audits, as they did not deliver the results they needed. But, that poor level of service was and seems still sufficient to satisfy registrars and maintain certification. That, in and of itself, does not speak highly of certification or registrar standards. But then, who trained them, to what standards were they examined and then certified as “Lead Auditors” or “Lead Assessors”? Not me, not mine and not my course, I am relieved to say.

Based on any number of inquiries I receive for training, it seems an growing number of firms believe an individual can be fully trained in only a few hours to become an “auditor”. That reflects the skills and competence level they see applied by “qualified auditors.” It also evinces their low expectations of the quality of service received. Such assignments are politely refused but the inquirers frequently allege other trainers confidently claim a half-day or day is all that is needed. Their arrant nonsense is calculated to win business and make a fast buck without regard to the consequences for the quality profession as a whole.

And, even the schemes that claim someone needs only a couple of days of training to become a qualified internal auditor are misguided. Auditing is auditing whether the auditee is external or internal but the schemes and course providers think business is well served by devoting less time to training internal auditors than to external ones. And, of course, management encounters more closely the service (or lack thereof) delivered by internal auditors than external ones. Can one, therefore, be surprised if internal auditing gets the “press” exemplified in Mr. Wade’s posting, allegedly derived from NKUK?

The solution being used by those two particular firms highlights the failure of the registered training courses, the schemes and the methods taught: consistent with my criticisms, spoken and written, over the years. To use a Jack Welch sentiment it is time to fix them or close them and I have no grounds for believing those presently involved or running them could do the first. If after some 15 - 20 years those involved could not make the schemes and courses deliver the level of service business needs, why should one think they could now? Perhaps in pursuing PR, ill-served firms are tacitly saying, “enough is enough. If you could not get it right by now, you never will.” That is, management has started to take that second course: close them.


Next: Effects on the registration industry



Back to previous page



























top of page

home :: about :: contact :: terms

© 2006 SaferPak Ltd.