Published: 28 Jun 2017
In part five of our series, Richard Green explains the responsibility of the auditor to effect change and improvement.
While providing an organisation’s stakeholders with the necessary assurance that the business is meeting its legal requirements and other requirements is a key function of audit, there is arguably a more important role for the management system auditor. Whether acting as a first, second or third party assessor, auditors are ideally placed to drive through organisational improvement.
For third party (certification body) auditors this ability is somewhat restricted as a result of not being able to directly offer their clients consultancy. Nevertheless, by ensuring that the organisation is fully meeting the improvement requirements contained within clause 10 of the latest Annex SL-based management system standards, the third party auditor is still able to make an important contribution in moving an organisation forwards.
For first and second party auditors there are no such constraints. These individuals should, indeed must, actively seek out opportunities to improve their own organisation’s policies, processes and people, and in the case of second party assessors, the performance of their external providers.
The improvement imperative
Any organisation which fails to improve is living on borrowed time. And while you would be hard pushed to find a member of top management who claimed not to recognise this, history is littered with examples of once-great brand names that have either disappeared altogether or who are simply a shadow of what they used to be.
The CQI Competency Framework recognises the imperative to improve. It poses two questions for quality professionals to consider in respect of their own organisations, or in the case of an auditor, the organisation they are assessing. These questions are:
Is there a commitment to continual improvement and redefining management intent?
Is there a culture of objective evaluation?
In this part of the series we will consider the first of these questions.
Annex SL defines continual improvement as ‘reoccurring activity to enhance performance’, with performance itself being defined as ‘measurable results’. It is noted that performance can relate to the ‘management of activities, processes, products and services, systems and organisations’.
Continual improvement is mandated in Annex SL-based standards, it is not something that the organisation can chose to undertake or not undertake. As auditors we should therefore be seeking objective evidence that not only are the organisation’s products and services improving through time but so too are the means by which these are created and delivered. In order to determine this we need to review the results of internal audits and management reviews, the organisation’s response to non-conformity and corrective actions, its management of risk and opportunities, its handling of internal and external issues and the result of its analysis and evaluation activities in order to satisfy ourselves that the organisation continues to learn and develop.
We must also confirm that management intent, as set out in the organisation’s policies, strategies, objectives and plans, is being periodically revisited. The rationale behind this is that the context of the organisation is a principal input into these documents and this is subject to change over time. So, while an organisation may have been satisfying its stakeholders previously, this does not necessarily guarantee that it still is.
While external auditors are necessarily limited to ensuring continual improvement is taking place, internal auditors should not only be confirming that this is occurring, they should be proactively including opportunities for improvement into their audit reports as a matter of course.
The power to influence
Too often internal auditors are perceived as ‘poor relations’ to certification body auditors. While their technical knowledge may not always be to the same level as their external counterparts, and while they may not possess the same extent and depth of audit experience, their potential to add value to their organisation by identifying and delivering improvement is far greater as a result of them permanently operating within the business.
So why are internal auditors so often undervalued? In part, this could be down to a collective inability to translate the potential for improvement into actual improvement. If the auditor is to effect real and lasting change, leadership skills are required to convince those in positions of authority that it is time to alter the status quo.
If you are one of those internal and external auditors who have identified the need to develop their improvement and/or leadership competencies, the CQI offers a range of suitable training courses.
In the final article in this series we consider the role of the auditor in answering the question: is there a culture of objective evaluation?
Richard Green, CQP MCQI, is the CQI representative for ISO 17021-3, ISO 19011 and ISO 45001, and managing director of Kingsford Consultancy Services