A brave new world for auditors?

The last three decades have seen a paradigm shift in the responsibilities for third-party auditors, from a focus on compliance to organisational governance.

In the early 1990s when ISO 9000 and third party certification came to the UK marketplace, organisations were required to develop and implement their quality management system. This included a quality manual, documented procedures and work instructions to complete it. Considered as a set of “design inputs” to the quality management system, the ISO requirements were a “one size fits all” solution for meeting multiple supplier quality manuals.

As a result, life as a certification body auditor was straightforward. First, the auditor verified that the organisation’s quality management system complied with the ISO requirements and then, if everything looked in order, planned the audit of the implementation at the organisation’s premises. This simple compliance approach to audits led to the rise of the expression that ISO 9000 certification was simply a case of, “say what you do; do what you say”.

To ensure that certification body auditors were competent to perform these audits, securing the professional qualification as a lead assessor was often a pre-requisite. The qualification involved meeting education and work experience requirements, as well as attending a week-long training course and passing an extensive written examination. Training providers were accredited through the International Register of Certificated Auditors (IRCA).

Changes to the auditing landscape

As the ISO 9000 standard has developed with market input – often under the influence of the automotive, aerospace and medical device industries – the auditor’s role has experienced a paradigm shift from assessing (customer) quality assurance towards organisational quality management and – with the advent of ISO 9001:2015 – alignment to the organisation’s business operations, including strategic planning.

It’s widely recognised that training alone doesn’t make someone competent to perform their work.

With the inclusion of industry-specific quality tools and an emphasis placed on the ‘flow down’ of customer-specific requirements, the landscape of auditing looks less and less like it did in the early 90s. 

Indeed, as demands on the certification auditor increase, it might be seen that the auditor is now required to be less like an independent third party and more like a supplier quality assurance (SQA), with knowledge of specific customer requirements. 

For example, data published by Recall Masters indicates that more than 47.2m vehicles “were accounted for in recalls, mandated by the National Highway Traffic Safety Administration (NHTSA)” in the US for the 2018 calendar year. This was at a time when third party certification to ISO/TS 16949 requirements (ISO 9001 with automotive supplier additions) should have drastically reduced these in-field failures, increasing the burden on the certification auditor to check compliance for all related requirements.

It’s widely recognised that training alone doesn’t make someone competent to perform their work. Lead assessor courses that are currently available may be a foundation to address the basics of auditing, but can they truly address the required competencies of all the quality tools and techniques needed for auditors? 

In 2019, we celebrated the journey of the quality profession from being an inspection profession to one that now manages business process effectiveness, including customer requirements and regulatory compliance. Over the past 30 years, we’ve seen the increasing burden on auditors to ‘inspect’ quality systems implementation against a set of design input requirements (ISO et al). Are we seeing the undoing of 100 years of progress?

Lead assessor training/competencies should be a more extensive, even-phased approach to address the need for not only auditing practices, but also quality tools and business governance. It cannot simply be left to continual professional development (CPD) to keep auditor competencies current.

Do you either agree or disagree to the argument in this article? Send a response to [email protected]