7.2 Competence.

It's funny how some think that training equates to learning.

It's a paradox, isn't it, that the very people who wrote the standard, TC 176, don't offer "training" in the standard.

So how is anyone supposed to get training in ISO 9001, if the writers don't offer it?

In which case, if the training comes from others who have simply read the standard, what makes their training any good? Why should I take training when the people who offer training are only 1 step ahead of me, in that have read the standard? If CBs have ZERO experience of implementation (which, by the way they are banned from doing), what makes them "right"? The answer is - they aren't! All they have to do is evaluate if the client is doing what the standard says. But that, when it's not required to be documented, is where the wheels come off their collective wagons, because they don't know how to audit without a prescriptive documented requirement...

 

Let's reflect a minute. Who decides what "good design" is? The QC person in the white coat at the end of the production line? NO! Who decides what good manufactured product is? The QC person at the end of the line? Better not! So why, oh why, do we insist on entertaining the idea that after creating a QMS, describing it in documents (if we feel it's necessary) we then give it over to someone who has ZERO design expertise or implementation experience to see if it's "OK". Bizarre! The QC people are least qualified to make judgment about the design and implementation of the product and the same is true for auditors...

 

Let's clear one thing up right now, Yukon. When I jest, it is made apparent through the use of emoticons and/or emojis. Having been a moderator over on another site for well over 10 years, plus a moderator here since the beginning, I'd say it's safe to say that my posts are more often on the side of trying to help people rather than misleading or mocking. I would also hazard a guess that since that post has received some "likes", our readers here are a savvy group who appreciate real world analogies (i.e., taking the requirements - and intents - of the Standard and putting them into simple, easy-to-relate-to language instead of continually framing everything around my many (i.e., double digit) years of experience of implementing and auditing business management systems aligned with multiple standards (e.g., ISO 9001, ISO 14001, ISRS, Sarbanes-Oxley) and organizational requirements...even re-reading that, if I was to take that latter approach, how pompous I would sound).

Secondly, it strikes me that despite my attempt to simplify. perhaps you did not thoroughly understand my post. I apologize if I was not clear and please allow me to try again. My post focuses on the competency of the driver, or in this case, the Original Poster (herein referred to as the OP) in his role within a small organization to formalize a management system that meets all of the requirements of ISO 9001 (while hopefully still adding value to the organization's bottom line). At no point in my post did I discuss communication to staff (leadership or otherwise) within the organization. My response was solely focused on the ability of the OP to become familiar with the new standard.

Building upon that, as the OP has already had Lead Assessor training and successfully implemented QMSs with other organizations, I'd hazard a guess that he knows the fundamentals such as, but not limited to:

• identifying processes;
• working with internal stakeholders to both identify and prioritize gaps between the current system and the requirements; and,
• conducting audits - both the technical skills (e.g., planning, evidence gathering, note-taking, etc.) and the soft skills (e.g., opened-minded, personable, objective, accepting of the fact that "one size does not fit all", etc.)

The Lead Assessor training, which the OP has already successfully completed, more than likely included learning the standard that was applicable at that time.

The OP now works for a small organization where resources (both human and financial) are likely limited (granted, this is a presumption on my part) and taking this course over again would very little value to his goal of a successful QMS implementation. Yes, the requirements have changed but the fundamental concepts of developing and implementing and auditing a QMS have not. The OP is becoming familiar with (re: aware) and trained on the requirements of the new standard via research, asking questions, and being willing to accept that things have changed from when he last went down this path.

Would going on the training again help? Predominantly when it comes to understanding the requirements. However, having been trained on how to read the standard and work through the shalls, going on such training now is not mandatory. An option, yes, but it is not the only solution available to him and his organization.

If an external auditor comes in and finds a robust, healthy, stable system that consistently meets all the requirements - standard, customer, etc. - there is no reason to question his competency or his ability to communicate the requirements within his organization.

 

The fact that the requirements need to be known, understood, and communicated is not in disagreement. Where we disagree is on HOW this knowledge is gained. You may prefer the traditional classroom style of training; perhaps you're even willing to accept virtual classroom training (for those sites who cannot fly their staff to other cities or afford multiple days of food and accommodation). While formal training is ONE solution to addressing knowledge, etc., it is not the ONLY solution. This more realistic, open-minded, with-the-times approach does appear to be, at a minimum, a considered possibility by many of the posters in this thread. Considering that some of them have also experienced transitions from one version of a standard to the next, I'm grateful to see that the majority of our members recognize the importance of finding solutions that are focused on supporting the organization and not simply asking "what will make my auditor's life easier."

 

So...let me see if I understand you... if the organization's system is working, but you BELIEVE the training is neither adequate nor effective (despite the EVIDENCE indicating that it was adequate and effective since the QMS is working), you'd issue a finding?

No wonder organizations and leaders question the value-add of ISO 9001 if that's the message being sent.

 

100% agree Roxane. Some auditors have forgotten (if they actually knew) their role.

 

In your scenario, an organization's QMS is effective and meets all requirements - both to the standard and to consistently meeting customer, etc. requirements - and you have the audacity to say they are not competent or aware because they (in this case the OP based on how this thread started) do not have a piece of paper, despite obviously being trained because the QMS meets ALL of the requirements?!?!

I call foul.

If the OP's organization has implemented an effective QMS that meets all requirements, spearheaded by the initiative led by the OP, then the OP is competent, trained (formally or informally...it honestly does not matter...but if it makes your life easier, the OP can say type up something saying he joined QFO in February 2019 and training has been ongoing ever since).

As for training management, welcome to management review. The OP can start off by saying, "Okay, ladies and gents, we have a revised standard, here are the changes, here's what they meant to us, here are our gaps...now let's figure out how we can meet them." There you go...trained. Management review has a dated record. There's a piece of paper - electronic or otherwise.

And as how we progress on addressing gaps, as processes are subsequently tweaked, revised, or created, the appropriate stakeholders will be trained to ensure they are aware of what's going and outputs will be measured to confirm competency (i.e., consistent desired results are achieved). A training record of some sort will probably be generated. Another piece of paper - electronic or otherwise.

However, the management piece and the employees piece, is outside of scope for the OP's initiating question which focuses on his knowledge.

So you see the value coming from having to NOT fill in the rest of the questionnaire? Because often times the ones I've needed to fill in say I don't need to fill in the rest because I have a recognized QMS. Based on your posts, I'm going to guess you've experienced something different.

There are internal and external benefits to implementing an effective and efficient QMS include, but are not limited to:

• Increased process control
• Increased quality of product/service
• Increased productivity
• Increased efficiency
• Increased employee engagement
• Access to new/wider markets due to consistent performance

The gains from having a framed piece of paper in the front lobby, however, range any where from neutral to positive, and can be impacted by the organization's current position in the market, other competitors, a multitude of other factors. So, while I agree that there are many benefits to be gained from implementing an effective and efficient QMS, you have not successfully articulated the value of becoming certified, especially if you stick to the "thou shalt have formal training" approach for all individuals.

This speaks to training the staff. In the OP's opening post, the issue is about demonstrating his own knowledge. When I read your statement above, now it sounds like you're okay if he doesn't go off on formal training.

What you have failed to do is successfully argue how the OP, with training on an older version, is not competent, especially if he does spearhead the implementation of an effective and efficient QMS.

Please show exactly where it says he needs to go on training to the new standard.

 

ISO 17021 may be applicable to those auditing on behalf of/as representatives of a CB, however, that does not mean it applies to the organizations seeking ISO 9001 certification.

 

Training is for animals, isn't it, RCB? When we want a behaviour change, we train. Understanding something like a new version of the ISO standard doesn't require training, as you correctly point out in your Toyota post. Those who believe training is the panacea for all ills is ignorant of what training accomplishes, compared to "awareness" and "education". My kids were given sex education, so they could be aware. It's illegal to provide sex training. And it's NOT a crass example. Training is to develop skills. Mentoring, coaching, classroom, simulations whatever helps to increase skills. Education improves understanding. Together they are powerful.

I've often thought is is lost on some folks who conveniently miss the sequence of words used in the ISO standard: Competency, Awareness and Training... It's that way for a reason, not because some committee member happened to type it that way.

 

Exactly, RCB. ISO/IEC 17021 has absolutely zero to do with internal audits. It can't have, because an organization can implement ISO 9001 and be compliant and never become certified and, as we know ISO/IEC 17021 isn't mentioned, unlike ISO 19011 and even that should be taken with a grain of salt because it's a "one-size-fits-all" for auditing and, as such has to cover much more than just internal audits.

 

Oh, I am so glad you opened that ISO 19011 door.

1. No one here has denied that Internal Auditors require training.
2. No where does it state that the Internal Auditors require external training.
3. A small company with limited resources will hopefully be savvy enough to send one person on such training, but it's not really required (an organization is not certified to ISO 19011 nor does ISO 9001 require external training...if it does, please clearly indicate the 'shall' for us).
4. That individual from 3. will then create their own program, including criteria for internal auditor competency, and train their own internal auditors.
5. Our OP has already had such training re: internal auditing and how to do it.
6. You, yourself, said in post #36 of this thread:

7. So, if our OP has Auditor training, he is now able to develop his own internal audit program and internal auditor criteria. If there is any question/evidence regarding the outcomes of said internal audit process, now you have the potential to discuss competency, but until then, the requirements are met regarding internal audits.
8. You, yourself, said in post #42 that no external/formal training was required regarding the new standards requirements.

9. Any additional training provided to organizational staff from the OP is outside of the scope of his original question which was about him being to demonstrate his own competency.

Have you read Section 7 of ISO 19011, including that part which discusses auditors being open-minded? A black-and-white, rigid interpretation and application of the standard's requirements does little, if anything, to cultivate a culture of quality within the organization.

 

Ummm...you opened that door by bringing up ISO 17021 which is for CBs. Does ISO 17021 also require that companies pursuing ISO 9001 certification have internal auditors that meet the same requirements? Is ISO 17021 even applicable to those companies?

The answers are "no" and "no".

So even mentioning it in a thread where we are discussing the implementation of QMS at the organizational level muddies the discussion, unless you were implying that the OP (not the leadership, not the staff, but the OP) requires some form of formal training on the new standard...and then we are back to square one, because, once again, that is not stated in the ISO 9001 standard, and if all requirements of the QMS are performing effectively and efficiently, you cannot say that the individual is lacking in competency.

No one here disputes that training is extremely beneficial when implementing a QMS. Nor will anyone here dispute that lead auditor training can be super-handy to have. However, our OP has already had such training. And since you said in post #42, that buying the standard was essentially good enough for our OP (who will then train staff where appropriate on the changes...but this is out of scope of the OP's original question, because it's about HIM and not the rest of the organization), being a trained auditor he knows how to read the standard - even with the changes.

Ergo, at this point, there is NO evidence to suggest he is not trained, not competent, and/or not aware.

 

Y'know, it occurs to me, RCB, that the idea of internal auditors needing to be competent in ISO 9001 is a farce. As you and I know, even so-called ISO experts are all over the map on understanding the requirements, so heaven help an organization who "trains" their auditors on ISO 9001 and use it only once a year to audit from!

Training on the skills of an auditor, I totally get: Being open minded, flexible, having critical thinking skills, similar to those described in ISO 19011 would be far greater value. Add to those, the ability to use language, including spelling, grammar, and punctuation correctly, would be some basics of far greater significance. Being able to throw around references to some arcane standard doesn't impress anyone, least of all top management. Until internal auditors use the language of the C suite, any ability to quote chapter and verse on a standard that no-one else reads is useless.

 

It (transition training for 3rd party auditors) is, however a requirement for CB accreditation to the new version. I offer that there are enough differences in 2015 version of 9001 that taking a new class is worthwhile. Also for 45001, not so much for 14001. It is about the extent and nature of the changes.