Setting up the ISO9001 for a sole proprietor company

Independent of what, precisely? People often quote words, without understanding the meaning of those words. Some state the auditor MUST come from another department, for example. Is that "independence"? Nope! Independence is freedom from bias etc and being able to demonstrate objectivity. If the auditor deals in facts, then this objectivity is demonstrated. To suggest that a) a CB auditor will have to issue an NC for self audit is incorrect, and just an opinion, not a fact and b) any CB auditor who doesn't take each case on its merits and evaluates the facts, isn't doing their job (and this has been true long before 2015 came along)

 

For some, perhaps. I have audited my own work. I have found that the passage of time allows me to look back at what I'd done and view it objectively. To suggest that it's natural for all to accept what we have created or implemented isn't fair, in my experience.

 

Not so! Not everyone is objective and unbiased. We simply cannot go from one extreme to the other. Saying on one hand that the auditor MUST be independent to then saying anyone can audit their own work is a little extreme isn't it? As quality professionals, aren't we supposed to be the voice of reason?

 

I can appreciate if you are able to perform to the outside of the bell curve. My statement was based on years of working in public education and in industry of various kinds. I still think most of us benefit from at least an occasional second opinion, particularly if we don't have many years of your level of experience.

 

Could you help qualify this statement? There are many, many CBs in the World. Have you seen this as a general practice in all parts of the World?

 

The term independent is used in 9000:2015 in 3.13.1 to describe the process: "...systematic, independent and documented process (3.4.1) for obtaining objective evidence..." but the note points us to 3.4.5: "...carried out by personnel not being responsible for the object audited.

The Note in 3.6.1 describes object as "...can be material (e.g. an engine, a sheet of paper, a diamond), non-material (e.g. conversion ratio, a project plan) or imagined (e.g. the future state of the organization)."

Therefore: when we consider the entire standard and not a single subclause, we can arrive at the understanding that an internal auditor is not specifically required to be independent of the process. The standard has simply reworded the previous version's requirement to not audit one's own work.

 

I believe that, sometimes, we use what a CB would "allow" to taint our viewpoint of what ISO 9001 implementation is about. Regardless of Certification, because it's still only optional, we have to look at this and say, if the sole proprietor would be implementing the requirements, what would they do? How would they know what complied or not. If it doesn't say, in the actual Internal Audit requirement, that "I can't audit my own work", then what will the sole proprietor do? Will they read the definitions? See what it says about internal audits?

A previous tenet of the standards was that it could be implemented by ANY size of organization. Can this be true still, based on what's posted? Should an organization of 1 be forced to obtain a (costly) external resource to perform the audit?

 

If a CB will issue a NC for this I suggest it is time for the Dispute process so the auditors can get the straight story. There may be no better way to cure the tendency to over-think this.

 

"Object" includes the suggested example of project plan. So let's look at an annual schedule as a project plan. Someone who did not make the schedule should audit the schedule. A object can also be an individual audit.

I expect the terminology would have been "process" versus "object" if the entire audit process was expected to be audited by someone else. In this way a 2-person organization could avoid auditing their own work.

A one-person organization would be more challenged. I do believe the standard wants to maintain objectivity by not auditing our own work (the objects described as examples in 3.6.1). For this I, and many others have often suggested people reach out to their local ASQ chapter, Small Business Development Center (SBDC) or even a college department for capable persons to help out. Ideally a swap of audit services might be made with another organization so as to avoid big costs.