Open letters
INform invites comments, answers and further questions either relating to these letters or posing new topics. Make yourself heard and send us your feedback
Thank you for this valuable publication it is proving to be very helpful to some of us quality management system auditors who also double as quality assurance managers. Keep it up.
Alexio Maseko
Quality assurance manager and auditor
I found the Auditing Practices Group’s article concerning the application of clause 7.5.2 in supplier services organizations (click here) very interesting. I can confirm that from personal experience (and I conduct many audits each year) it is a problem that occurs time after time and is difficult for auditors to deal with and above all for organizations seeking certification against ISO 9001. Certainly the article sheds light on aspects which serve to clarify further the position that should be taken and maintained for the conduction of audits.
A review of this type for all the product-based sectors would be of interest; there is a lot of confusion.
Nicoletta Rizzini
Technical and quality assurance manager
When is IRCA going to incorporate ISO TS 16949:2002 asa certification body, similar to the RBA in the US?
Tom Gardner
IRCA has no plans to launch a sector scheme for automotive industry. This is partly due to demand and partly because the automotive industry has established its own controls, including auditor training and qualification. Of course, the generic quality management system 2000 auditor certification programme is relevant for auditors working in the automotive sector, and a number of supply chain and internal auditors in the industry take that option.
Vincent Desmond
IRCA deputy director
I read with extreme interest the article about to auditor competence, regarding RABQSA’s statement (click here).
For quite a few years this organization has had a tendency to ‘bully’ both clients and their auditor representatives. I had worked under one of its executive management personnel while he headed a registrar organization and I felt that it was a disjointed and confusing organization.
As a certified ISO 9001 lead auditor, owner of an ISO 9001 certified company, quality manager for an ISO 9001 global EPC firm and a ISO 9001 registrar lead auditor my biggest problem came about with the adoption of the new ISO 9001:2000 standard as well as the reduction in audit man-days.
I believe that this combination is the prime culprit in this lacklustre auditing environment. There simply is not enough time to address in any detail the organizational performance associated with their quality management system (QMS). Cost-cutting is the biggest problem. Organizations want to ‘buy’ the certificate and are more likely to obtain one in this shortened period, as the auditor is forced to gloss over details within the system so that topics can be completed either during certification evaluation and/or during the subsequent maintenance audits.
Tim Getzlaff
I totally agree with Simon Feary on this issue of auditor competence (click here). As a registered quality management system lead auditor with both the RABQSA and IRCA, I was going to drop my registration with RABQSA due to the added cost of their new programme. The second reason was because I am not sure you can devise a psychological test to determine who is going to be a good auditor and who is not. The knowledge of the standard is important, but that can be judged by the registrar when they have team audits and review reports.
I have been on audits where some auditors were good and some were just bad. I have been the consultant for companies and witnessed their registrar audits and the same situation occurs.The best way to weed out the bad auditors is through customer complaints, review of auditors by other auditors, and survey results to the registrar. I have also refused to go back to some companies as their auditor because I was not going to put up with the abuse they inflicted on me during an audit.
The business is so competitive that certification bodies are cutting on-site days, sending ‘cheaper’ auditors and reducing the efforts for preparation for an audit just to cut costs so they can get the job. More policing of the certification bodies is needed, but that cost has to be considered and absorbed somewhere in the system. Customers don't want to pay for it - they expect good audits. The certification bodies don't want to pay for it because they have to answer to the boss about profits. Accreditation bodies don't want to pay for it because they are usually tight on money too.
So how does the system improve? It is going to take some self-policing by the auditors and certification bodies. Certification bodies need to blacklist some auditors. Auditors need to report to the certification bodies when they work with someone who is not doing a good job.
Mickey Christensen
TQM Systems
Baton Rouge, Los Angeles
In issue 9 IRCA director Simon Feary (click here) posed the following questions. See below for a response from an auditor in Italy
1. Do you think IRCA’s current certification criteria are effective at evaluating competence?
2. Does the certification criterion include all major categories of auditors who perform management system audits?
3. Do you think it can be improved, and if so, how?
4. If the improvements involve a higher cost, are applicants prepared to accept an increase, and, if so, how much increase?
1. In Italy the effectiveness of IRCA’s criteria is widely demonstrated by the number of registrations and, in the specific case of information security management systems (ISMS) auditors, by the fact that the Italian national registers have introduced IRCA courses (and therefore the mechanisms for certification) within the structure of their programmes. This scheme is enjoying a particular moment of vibrancy, as evidenced in various magazine articles and by the increasing number of certifications issued.
2. The typology of auditors is practically limitless; each organization could gain qualification for their own auditors through a reliable scheme. However, it is important to consider the loss of credibility (and the managerial difficulty) derived from the proliferation of schemes. The schemes which refer to certification and/or to crucial sectors are absolutely indispensable. All others are open to debate. In each case it is important to consider as acceptable all schemes that are concerned with an ISO regulation as their point of reference, such as ISO 19001.
3. The aspect that can be improved upon is communication – from today this has now already improved greatly. IRCA is well-known abroad, but widely misunderstood in Italy, perhaps because of the Italians’ particular difficulty with accepting rules written in another language. This Italian division will without doubt make communication easier and attract other colleagues to the register. However, work to spread the word about IRCA is needed and also a direct presence on Italian soil.
4. The cost of a certification is relative to its credibility and the capacity to generate opportunities for employment. The actual cost [of an IRCA certification] is certainly competitive in the Italian market - perhaps even the lowest cost available. An increase in cost should directly correspond to perceptible services, such as update courses being available in Italy in the Italian language. The absence of a cost for a second exam for registration is certainly what wins the day for IRCA!
As a lead auditor who has been registered for many years now, I respect IRCA as an organization that has given me not only the opportunity to gain employment, but also the possibility to confront different schemes and diverse cultures, broadening my awareness in terms of certification and management systems.
In the Italian market it is potentially an important step, considering the desire and need for certification of competences at all levels, but there is the need for this to be administered in a proactive fashion and to guarantee accreditation to ISO 17024 in order to avoid the hackneyed objections of the national registers and to overcome the last bastions of resistance.
Fabrizio Cirilli
QMS and ISMS lead auditor
ISMS IUG Italian Chapter chair