Open letters
INform invites comments, answers and further questions either relating to these letters or posing new topics. Make yourself heard and send us your feedback
Understanding the process
I must agree with Sam Khattab in INform issue 7’s ‘Open letters’ (click here) where he states that the biggest challenge for an auditor is a real understanding of the process in question.
It is my understanding that an auditor is only deemed competent to audit processes of which they have an in depth subject knowledge. This basic requirement is frequently not met by ISO registrars in Ireland, with the result that regulated industries such as pharmaceuticals place little value on ISO 9001 certification of critical vendors. This has resulted in the International Society for Pharmaceutical Engineering’s good automated manufacturing practice guide being the standard of choice for suppliers of automation systems despite the far superior process approach provided in ISO 9001.
Until auditor registration and ISO registrar accreditation are properly cross-linked to prevent the use of inappropriately qualified auditors, ISO 9001 will continue to be undeservedly disparaged by the regulated manufacturing sector.
If auditing of integrated management systems is perceived to be of more importance than fundamental understanding of the processes, I suspect that the relevance of registration will suffer further. The 1994 standard attracted a lot of criticism arising from check list auditing - the 2000 standard has provided an excellent framework to move forward, and it is up to auditors and registrars to use that framework.
Nigel de Haas
QMS lead auditor, Ireland
Process poser
One of the main changes in the 2000 edition of ISO 9001 was the use of the process approach rather than the systems approach. It follows therefore that auditors should be auditing processes rather than systems yet IRCA doesn't seem to have taken this on board and still talks about ‘full systems audits’ when describing necessary auditor qualifications.
I have a client for whom I do internal audits and I do one of 12 scheduled process audits every month. Each of these takes four days in total and is, in effect, a full systems audit of a specific process such as purchasing, machining, design/engineering etc.
To my mind this is 12 audits per year of 48 days total duration. However IRCA considers this as only one full systems audit. Because of this disagreement I have been unable to upgrade from auditor to principal auditor because it is impossible for me to log up the number of audits required by IRCA. Has anybody else had this problem?
Les Barnes
It would appear that the audits that you are carrying out are in fact internal audits, as you are auditing one element of the company’s activities in isolation from the total system. Note that there is a difference between auditing a process and process audit.
IRCA considers a full system audit to encompass a majority of the elements of the ISO 9001 standard or equivalent (where applicable). A full system audit would consist of auditing the entire organization’s activities. For example, when carrying out an audit the auditor looks at all the processes and their interfaces within the company as a whole. He/she will then audit all the relevant activities associated with these processes and the appropriate elements of the standards which address each stage of each process.
The rationale for our position is that an auditor must practise his/her profession and demonstrate that they have maintained the ability to plan and execute an audit of an organization that meets the requirements of ISO 9001 or equivalent. This is why separate audits of a process within a larger system are not accepted.
IRCA's response
 |
|
 |
|
 |
|
 |
|
 |
|
 |
 |