It isn’t just about getting an ISO Certificate.
Your organization needs to get value from the Certification Body Audits and, if you don’t, move to another Certification Body.
We at deGRANDSON Global are regularly asked about a policy for changing Certification Bodies. Certification Body (CB) contracts are of three years duration. This is the universal norm. Unfortunately, many organizations renew contracts without giving the matter much thought. This is a mistake.
You should, as with any key supplier, evaluate their performance periodically. And coming towards the end of a 3-year cycle would seem the ideal opportunity to do so. So here are some reasons you might want to change CB – the list is not prioritised.
Many significant corporates change their financial auditors on a 5-year or 10-year cycle as a matter of policy, no matter how satisfied they are with past performance. Many also apply the same policy to their choice of CB. In both circumstances, the Board is keen to get a fresh perspective.
Audit Teams, even though lead by a professional and suitably trained Lead Auditor, can go ‘native’ and become too friendly with the auditee’s staff. Naturally there then tends to be a reluctance on the part of the Audit Team to be exacting in grading findings and to be lenient in their Audit Conclusion – you get to keep your Certification even though there are serious failures of the system that are not going to be corrected.
You’re paying them to be rigorous, not to give you ‘an easy ride’. A new Audit Team (perhaps, from the same CB) will find it easier to ask the tough questions.
Some Audit Teams avoid engaging with Management. This is because they don’t ask the hard questions or encourage a critical examination of what benefits the organisation is getting or should be getting from its quality management system or other management system.
During the audit interviews, staff are not being asked challenging questions, e.g., to justify why certain jobs are done the way they are. There is no depth to the questioning – few, if any, ‘what-if’ questions. A good audit should be a learning experience for the persons interviewed.
Auditors don’t follow an audit trail by checking processes sequentially. E.g. the auditors never take a signed delivery docket and track the associated activities and records back through the operational processes until they get to a customer inquiry and/or an inquiry for a raw material sent to a prospective supplier. This kind of audit activity will quickly establish whether a set of operational processes is' sound'.
While documentation constitutes strong evidence, it is not the only evidence an Audit Team should seek. We all know that documentation can be ‘doctored’.
Good auditors will spend substantial time collecting other forms of evidence, such as,
1) structured interviews with staff at all levels and functions within the organisation,
2) observing people usually working while conducting the interviews, and
3) checking and counting physical objects (stock counting, checking product labelling, checking calibration stickers, and the like).
Evidence from a variety of sources forms the basis for a fairer and more reliable audit conclusion.
To get through the audit plan, the Audit Team consequently takes smaller samples and has less evidence than is deemed necessary to make a reliable audit conclusion. As a result, an unwarranted positive audit conclusion could mean a nasty surprise when the next Supplier Audit takes place.
They don’t appear to have a deep understanding of what’s essential to your business, and they miss things. Things that Customers doing Supplier Audits are unlikely to miss.
The Team is too easily distracted, and if they spend too much time on one item, they need to make more effort to ensure that all the items in the plan get covered. Consequently, some processes that go unaudited. And again, too little evidence upon which to make a reliable audit conclusion.
A classic time-wasting tactic. Sometimes encouraged by the auditee. The end result: processes go unaudited. And you’re being ‘robbed’.
If any of the reasons above apply to your organisation, consider changing your Certification Body or, at least, the Audit Team. Failure to do so may mean a 'timebomb' in your system waiting to be found during a Supplier Audit by a critical Customer. Or it may mean that the many benefits and improvements your management system should be prompting (and helping you achieve) are needlessly foregone.
If you demand value for money, you'll regularly change your Certification Body or Audit Team. And while you're at it, why don't you train your internal auditors? So I couldn't resist getting a plug-in.
Click on the image thumbnail to see the image in full size or click the button on the other side to go to our ISO Lead auditor overview page to learn more about our lead auditor courses.
In October 2021, we secured certification to three education-related ISO Standards. As a result, we now have a university-grade management system conforming to the requirements of …
We have chosen ISO 21001 certification because it is based on independent third-party assessment, unlike IRCA and Exemplar badges (which we believe are commercially compromised). In addition, it is a ‘university grade’ standard globally by schools, colleges, and universities to demonstrate their competence.