ISO 17021-2 updates

The working group developing ISO 17021-2, the new standard defining audit competence within a third party context, convened for the second time at ISO’s headquarters in Geneva in February.

To remind those who have been out of the loop, the intent of this new standard is to describe the competences that accredited certification bodies need to demonstrate throughout the entire audit process. The title ‘Requirements for third party auditing of management systems’ reflects the scope; it is not just about the competence of auditors, but about other aspects of the audit process including audit planning and audit management. The standard is intended to complement or even replace ISO 19011 as the primary reference document for auditing within the third party environment. ISO 19011 suffers from one key deficiency. It is a guidance standard and not a requirements document, which means it has always struggled to acquire the legitimacy that many of us in this field believe it deserves.

The initial meeting in November last year focussed on the big picture issues of what competence means in practice, with one auditor certification body (RABQSA) giving an account of how it had put the ISO 17024 competence approach into practice, and one accreditation body (ANSI) outlining its position on defining and examining competences. Representatives of various certification bodies detailed their positions, which predictably were not always consistent with RABQSA’s, ANSI’s, nor even with each others’. In other words, a typical first meeting where participants tested the temperature.

Although this healthy variation in positions was anticipated, what was unexpected was the willingness to accept a competence-based approach to audit. This laid a very positive platform for the second meeting in February. This meeting focussed more on detail. One sub-group detailed all the competences required to be demonstrated during an audit (based on the activities described in ISO 19011), and then determined the extent to which these needed to be demonstrated. The second sub-group looked at which parts of ISO 19011 could be incorporated into ISO 17021-2 as requirements.

While at the conclusion of the meeting the general consensus was that it had been positive and constructive, few doubted that some considerable challenges lay ahead. Some are structural, for instance, whether to restrict this to quality and environmental management systems, or make it generic to all management systems, and incorporate technical specifics in informative annexes. Others are methodological such as what is to be accepted as valid methods for measurement of competences.

The next meeting is scheduled for June 2007.