1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Improving Auditor Competence

Discussion in 'ISO 19011 - Auditing Management Systems Guidelines' started by yodon, Mar 12, 2020.

  1. yodon

    yodon Well-Known Member

    Joined:
    Aug 3, 2015
    Messages:
    198
    Likes Received:
    115
    Trophy Points:
    42
    Mr. Andy Nichols (everyone should recognize the name) penned what I felt was a very thought-provoking article in "The Auditor" newsletter from Exemplar Global (I have no connection other than being a reader).

    The premise is that auditor competency based on professional development is probably under-serving the auditees now that the standards have shifted to organizational governance.

    Given the issues seen with companies (and as Andy points out in the article, the rise in automotive recalls), it'd be hard to say that the audit process is being fully effective!

    Andy concludes the article by suggesting that "Lead assessor training/competencies should be a more extensive, even-phased approach to address the need for not only auditing practices, but also quality tools and business governance." I'm posting here to get thoughts on what specific things auditors should / could be doing to improve competence. I see a lot of posts here and on other forums about less-than-stellar findings auditors make. What can Auditing Organizations do to start improving auditor competence or improve the audit experience?
     
    Andy Nichols likes this.
  2. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    There are many instances that less-than-stellar performance of auditors, as we've read from QFO and Elsmar, are not just attributed to their knowledge and skills but, mostly, in their ability to apply them. I prefer to use the definition of competence from the previous 2011 version of 19011 because it has more meaning when it further defined the word ability. Ability, as per 2011 version, implies the appropriate application of personal behaviour during the audit process. Two of the most appropriate personal behaviour to improve auditors' ability to apply knowledge and skills to achieve intended results (i.e. competence) are being open-minded (i.e. willing to consider alternative ideas or points of view) and being open to improvement (i.e. willing to learn from situations, and striving for better audit results). Without these two characteristics, auditors will remain "inspectors" of management systems against a set of "design input" requirements (i.e. ISO standards).

    For a concrete recommendation, auditors should be made aware of their performance. One way of doing that is by becoming an active member of professional forums like this forum.
     
  3. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Agreed - however, experience shows that poor auditors don't get "caught" when witness auditors are used to peer review and, recently, I discovered that oversight auditors are pretty useless, too. They aren't recruited on their ability to address performance with the witnessed auditor, more on their ability to audit (which is dubious at best).

    Secondly, even though CBs get feedback from clients, most fear retribution. I have a client who was screamed at by a (female) CB auditor at their AS9100 audit! The report doesn't show any level of incompetency, of course. The client was almost in tears. The CB did nothing, so the client switched CBs at the risk of delays etc. And the CB doesn't know this auditor works for them? IMHO a) a lot of CBs are out of control of this resource and b) clients don't report performance accurately.

    My article was actually not so much about performance, it's about the need to have auditors who are full rounded (competent if you will) in Quality Tools (and more). It's not a requirement of any (professional) CPD - sure IATF auditors are supposed to "know" Core Tools, but clearly they don't very well...
     
    Last edited: Mar 16, 2020
    John C. Abnet likes this.
  4. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Long time ago when I was a product engineer at a Japanese computer storage manufacturer here in my country, we were audited against the 1994 version of ISO 9001. At the closing of the 1st stage audit, the CB auditor was casually asked by our top management about the knowledge of the people on ISO 9001. The CB auditor replied (this I can't forget) in an exasperated tone saying "They don't know a damn sh!#". I reckon that this was due to the "ISO language" the CB auditor was using which most of the auditees are not familiar with. She asked questions like "How do you control nonconforming products?" instead of asking "If there are NGs, what do you do?" Due to this "language" barrier, we, our QMS, were found wanting and the CB auditor declared that we're not ready for the 2nd stage audit. The Japanese top and Filipino middle management, who are proud and believed that we have established a well functioning and well documented QMS (I still believe it today) although not in the ISO language, aborted the contract with the CB and look for another who has the ability to communicate with our QMS language.
     
    Andy Nichols likes this.
  5. John C. Abnet

    John C. Abnet Well-Known Member

    Joined:
    May 23, 2017
    Messages:
    709
    Likes Received:
    510
    Trophy Points:
    92
    Location:
    Upper Midwest- USA
    Indeed, @Andy Nichols article is a must read and very thought provoking.

    On that note, maybe we should NOT be asking auditors to do more than confirm compliance with the standards.(??)

    Is it feasible, to make every auditor a "GM" with the ability to assess the defectiveness beyond the demonstrated compliance? Does an auditor even have access to all numbers and metrics (in some cases proprietary)of a complex organization and the expertise to make such an assessment?

    It IS feasible, in the case of a soccer referee, to know the rules,...FIFA's 17 "Laws of the game", compare the actual situation to the rule, and apply the rules consistently. Gap? ...cry foul. However, if we expected all soccer referees to go beyond comparing player conduct to rule, and instead ask them to assess the actual skills and performance of the team, hmmm....not sure our results would be consistent.

    I would also assume there is some "noise" in the data specific to the trend of increasing recalls. Social responsibility, social media with its real time accurate (and not so accurate) feedback and criticism, and past recall fiascoes, have all certainly caused CEO,s to "pull the trigger" on a recall sooner than they may have done 40 years ago.

    Complex topic. I'm sure I do not have answer.
     
    Andy Nichols likes this.
  6. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    As if, by magic, an IATF Auditor posted this (terse) response to posts on LinkedIn:

    "No Andy, you are not correct. The certification is a voluntary activity, a strategic decision of the organization. When deciding this, the organization must be knowledgeable regarding the norm: e.g. IATF 16969, CBs in contract with IATF and Rules for obtaining and maintaining IATF certification and be sure all conditions are met. How many times did you read Rules (e.g. 5th edition)? The CB only assess the conformity of operation of the organization against IATF 16949, based on Rules."

    I has posted this - I thought simple, harmless post:

    "Shouldn't the CB selected by the client be informing them of the various requirements? Surely, it's their job to apply the rules in the publication?"

    Which was a response to this:

    The requirements for a Stage 1 Audit or Readiness Review can be found in the Rules for IATF Recognition (6.5.1 and 6.5.2) which includes evidence of one full cycle of internal audits followed by a Management Review. You should also note that internal audits include management systems audits, manufacturing process audits and product audits. It is worth purchasing a copy of the rules as a reference: https://www.iatfglobaloversight.org/iatf-publications/

    My point being, the rules are for the CBs - why should an organization buy yet another document which isn't FOR them? Clearly, the IATF auditor who pointed out my apparent error isn't competent in the manner ISO 19011 prescribes... (not that it counts, but I've been around certification longer than the auditor has, but maybe I'll overlook that)
     
    Last edited: Mar 19, 2020
  7. Eric Twiname

    Eric Twiname Well-Known Member

    Joined:
    Jul 31, 2015
    Messages:
    329
    Likes Received:
    232
    Trophy Points:
    42
    Location:
    Northeast USA
    Is it inflammatory to mention the visually challenged subterranean mammal here?
    Probably...so I won't bother...
     
  8. tony s

    tony s Well-Known Member

    Joined:
    Sep 10, 2015
    Messages:
    1,350
    Likes Received:
    1,054
    Trophy Points:
    112
    Location:
    Laguna Philippines
    Yeah. It is explicitly written in IATF 16969.:rolleyes:
     
  9. John C. Abnet

    John C. Abnet Well-Known Member

    Joined:
    May 23, 2017
    Messages:
    709
    Likes Received:
    510
    Trophy Points:
    92
    Location:
    Upper Midwest- USA
    Well, now you've done it @Andy Nichols . Now you've kicked the sleeping dog that lives inside of me!

    I am a huge proponent of the ISO series of standards, their intent, and what can be accomplished by implementing properly in their applicable context and scope. I admire the effort that goes into establishing and organizing the ISO global standards.

    Regarding IATF. I support the 16949 standard as well. My professional experience has been that the IATF standard is not as well thought out and organized as the ISO standards I am familiar but, nonetheless, the principles of IATF 16949:2016 are sound and organizations can benefit from applying them if done so properly.

    The issue I take is with exactly what you describe so well in your previous post in this thread (and your Linkein article) @Andy Nichols . As we all know the AIAG started with/as the "big 3". The same group then determined that, in addition to Ford's "Q-1" requirements and Chyrsler's "Pentastar" requirements and GM's "SPEAR" requirements, QS-9000 was needed in order to communize (good idea, although each of the big 3 still kept many of their own individual program requirements). Throughout all of this the governing standards and guides were made available to the supply chain, for a price, by the same groups that were mandating the requirements. This of course has continued to evolve to and included the current IATF standard. See a pattern here? The same groups that create the requirements, also create and sell the documents needed to support compliance to those requirements (and of course now offer software, and education, etc..etc...). My point is there is a financial incentive for the AIAG/IATF (automotive) groups to update and add to requirements and documentation.
    Conflict of interest? Hmmmmmm.
     
    tony s and Andy Nichols like this.
  10. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Good point John, and I agree. It's a good topic, perhaps for another thread.
     
    John C. Abnet likes this.