7.2 Competence.

Thank you for this reset.

There are a couple of things wrong with the NC as far as I can tell:

1) No explicit requirement for that particular training is stated in the standard. Unclear if is stated in procedures or customer requirements. While I do agree it is a good idea to get training to the new standard, my opinion is not a "shall."
2) It does not align with the criteria (per my own CB's procedures) for a major, including:

• Exact repeat of a previous valid nonconformance
• Systemic problem
• Threatens quality of product and/or service to the customer

We do tend to get drawn off into protracted debates about the relative role and value of training. It is easy to forget the original focal point. Again, thank you.

 

I can appreciate the argument, Yukon, but you said "doubtful." I would not feel empowered to issue a NC based on doubt and "would be". In something like this I would need to show cause and effect via objective evidence in to enforce via a nonconformity. You did say the CB would have to determine competency based on implementation outcomes. That is, regrettably also a judgment unless one has hard data of required things not done.

The description does not match the criteria of a Major according to rules I have to follow, either.

This would be a good case for a dispute to the registrar.

 

It's simply a case of mission creep, Tony. We see it all the time. CB auditors frequently do a poor job (it's well known, particularly in the auto industry, history shows) and, as a result, the accreditation bodies make the CBs do "training" but rarely actually test competency.

As a result of this training, many of those hapless auditors then roll that down to their clients. "If I had to do it, then you'll have to, as well". Of course, because they didn't get tested for competency, they are simply happy to see a certificate instead, like it means anything. I'm going to be offering a range of certificates available for people who would like to read the standard and once they answer a couple of questions I set them, I'll email them said certificate, free.

 

Same here - was working with a company on AS9100 compliance. They are a services (only) company and there's no rules to prohibit certification to AS9100 (unlike IATF for example). The CB auditor comes in, and in less than 2 hours has completely thrown under the bus all the work done to that point, citing the company needed documented procedures for ALL of the requirements (didn't do design, for example). Sadly, the client folded and acquiesced to an ego, instead of demonstrated professional assistance...

 

Please allow me to refresh your memory on one of your post's (#38) from this thread:

By your own words, Yukon, even if the QMS is working properly (i.e., you, as a trained auditor, ensured sufficient evidence to support the organization's conformance to the requirements) would issue a nonconformance because you BELIEVE (i.e., lacking in actual evidence) there has be inadequate and ineffective training.

However, let's spell out your scenario keeping the Original Poster's thread in mind:

1. The OP's organization is meeting all of the documented requirements.
2. This implies that staff have been educated by a competent individual, in this case, the OP.
3. There are undoubtedly records of training for the staff, because our OP knows this is a requirement (see #1)
4. But getting back to the Original Poster, who has auditor training from a previous organization to a previous standard, was competent enough to read the new standard, identify the changes, and work with (and train where appropriate) staff within his organization to ensure that the organization met the new requirements.

You, however, failing to find a piece of a paper with the OP's name on it and a course that focuses on the new requirements (although, you do also seem to wear a marketing hat quite often by your efforts to push a CB webinar several times) would issue a nonconformance, despite all evidence collected during your very own audit pointing to the OP's demonstrated competence.

This entire thread is about the OP's competence...not the staff of his organization.

 

It's Roxane...just one 'n'.

If these are nonconformances because they fail to demonstrate conformance to a documented ISO 9001 requirement, then these are your nonconformances.

The organization's root cause analysis may be related to the OP's competence, but there is no documented requirement for the OP to have been formally trained on the new standard. No one here disagrees that it would be helpful, but you have failed to show us the 'shall' in this case.

 

The role of the auditor is to identify the nonconformances based upon the evidence provided (or not provided) as said evidence (or lack thereof) pertains to the documented requirements of the standard.

Your three examples related to documented requirements of ISO 9001:2015. They may warrant the issuance of nonconformances.

As an auditor, the role is to identify and document those situations.

You are not to provide a root cause. You are not to provide a solution. You are not to issue a nonconformance based on your belief to a nonexistent shall. Since you, as this self-proclaimed expert, have all this experience, surely answering the question of "where is the shall?" is an easy exercise for you. The fact that we have gone on this long and asked you the question several times to no avail, really does raise a red flag.

Show us the shall, Yukon. Show us exactly where it says in ISO 9001:2015 that the OP requires formal training in order to help his organization transition to ISO 9001:2015. None of us debate the training (and associated records) required for the staff, should such training be deemed appropriate as part of the transition initiative. But that is scope creep (i.e., not the OP's question).

There are other skills associated with auditing (beyond being open-minded which I mentioned earlier) - active listening (or reading in this case) and being observant. So, please, allow me to once again inform you, my name is Roxane...just one 'n'.

Do you think that all of us here just woke up yesterday and said "I want to be an ISO 9001 auditor"? The majority of our moderators have experience that mirrors yours, with the added skills of being open-minded, understanding, possessing a sense a humour, probing, active listening/reading, compassionate, honest and I could go on. We have managed to get our organizations certified and transitioned. We have run management systems for small companies all the way up to global organizations. We have CB auditors. We have people on the technical committees. Your experiences and resume are nothing new nor unique here.

Our members deserve to know that our intent is to help and provide suggestions that will add value to their organizations, while minimizing risk. Our members have nothing to gain by reading posts that do not even contain a response to "where is the requirement".

 

Unfortunately, Yukon, by associating your nonconformance examples to training, you are essentially saying that they would not have occurred because of your belief regarding the OP's training (or lack thereof). By citing your belief that it's related to the OP's training, you are now providing a root cause for your 3 nonconformance examples.

You have no evidence that it was the OP's training (or lack thereof) that caused your nonconformance examples. Perhaps Management had their hearts set on certain objectives. Perhaps Management wanted some fluffy QP. There is no evidence that says it relates to the OPs competence.

 

Roxane said it best, in my view.

Writing a NC for competency is a delicate thing. It was described as a judgement call and there are other clauses to point to.

I once had a client who did away with their EMS Manager position and gave the responsibility to a neophyte, who did not receive training; as a result, that person was not aware of not completing some required tasks. I could have written it as incompetence, but that would not have gotten the tasks done. I wrote the NCs to the clauses describing the missing tasks. The second time this happened, I wrote against Management of Change because by that time it was clear they were shifting their responsibilities model to a collateral duty; if that was their goal, they would need to replace competency with procedures so exacting that any intelligent person could get it right. It helps that their EMS was very simple.

This example is not a direct reflection on the one discussed here, but only serves to show we have choices that would not require us to pass judgment on a client. Not only that, as has been pointed out even taking a class might not rise this person to the expected level. What to do then? Let the organization decide, but they should fix the system issues first. I have yet to see a class that would make another person get more involved with setting objectives and more closely match them to policy.