Published: 27 Feb 2017

In the first part of our series on the Competency Framework for auditors, Richard Green explains why auditors must challenge top management and how to tackle the problem of ‘intent’ 

Quality professionals have always struggled to articulate what they do. While engineers ‘engineer’, teachers ‘teach’ and project managers ‘project manage’, the notion that we ‘quality’ doesn’t really resonate.

After a series of high-profile quality failures at the start of this decade, stakeholders became keen to understand our role. Time and time again they saw the people charged with ensuring quality, fail to prevent disasters. To restore confidence in the quality profession it was clear that something radical had to be done.

We can call for objective evidence in the form of policy statements, strategies, plans, objectives, and personal targets

The CQI developed its Competency Framework in 2014. At its core is the belief that to be an excellent quality professional, irrespective of your quality role, competence is required in five key areas. The framework tells us that every quality professional must possess knowledge and skills in organisational governance, assurance, improvement, leadership, and context, and this includes management system auditors.

As well as consisting of five areas, the Competency Framework is also made up of six questions:

Two questions about governance:

  • Is management intent defined?
  • Is management intent fit for purpose?

Two questions about assurance:

  • Is management intent effectively implemented?
  • Does it produce the desired outcomes?

Two questions about improvement:

  • Is there a commitment to continuous improvement and redefining management intent?
  • Is there a culture of effective evaluation?

By asking these questions at the operational and organisational level quality professionals, including auditors, can identify, report and address risks while meeting stakeholders needs and protecting the reputation of the organisation. 

This series of articles will examine each of the six questions from a management system auditor perspective, starting with governance. 

Why does a management system auditor need to understand governance?

Governance represents the heart and soul of an organisation. It sums what the organisation stands for – its purpose and beliefs, the foundation for its culture.

In the Competency Framework, quality professionals are tasked with answering the question: is management intent defined? Or in plainer language: has the management of the organisation decided what it wants the organisation to achieve?

As auditors, no matter whether we are engaged in first, second, or third party audits, we are ideally placed to answer this question.

We can call for objective evidence in the form of policy statements, strategies, plans, objectives, and personal targets. This evidence gives us a ‘golden thread’, mapping intent from the highest levels of the organisation to those on the shop floor.

We should question top management to ensure they understand their stakeholder’s expectations and are clear as to how these will be met.

We should have similar conversations with a cross-section of employees from across the organisation to ensure these messages have not only been communicated by senior management but they have also been properly understood by stakeholders.

We need to become more assertive, diplomatic, analytical and astute while expanding our understanding as to how the businesses we audit operate

Given that many of an organisation’s stakeholder groups will rarely, if ever, have direct access to the business, it is important that they can rely on us as auditors to act as their advocates.

We are morally and professionally bound by both the CQI and IRCA code of conduct and ISO 19011 (Guidelines for Auditing Management Systems) to carry out our duties in a professional manner. The latter reminds us of the need to truthfully and factually report what we see and to be impartial and objective in terms of our conclusions. However, this isn’t always straightforward.

Challenging top management on governance issues can be daunting and in some cultures this notion is completely alien. However, if we want to secure professional credibility, challenging management is vital.

Practically, this means  enhancing our soft skills, our technical knowledge or both. We need to become more assertive, diplomatic, analytical and astute while expanding our understanding as to how the businesses we audit operate.

As audit professionals, we need to stay on top of our game. What we are required to do and how we are required to do it changes through time.

The CQI recognises this and has introduced a learning and development portfolio which supports the acquisition of new audit-related skills and knowledge. The portfolio of CQI and IRCA Certified Training is specifically target to the five core competencies of governance, assurance, improvement, leadership and context. 

Next time

Making sure management intent is defined is one thing ­– next time we will consider the role of management system auditors in determining whether what has been defined is really fit for purpose.

Richard Green, CQP MCQI, is the CQI representative for ISO 17021-3, ISO 19011 and ISO 45001, and managing director of Kingsford Consultancy Services.