Can you share your views on the role of a Quality Managment Systems Auditor, in terms of internal, external, and Certification Body Auditor?

This is concerning audit for "compliance, conformance, controls, effectiveness, efficiency and risks".

Let us start with the Certification Body Auditor, their role is auditing for:
a) compliance?
b) conformance?
c) controls (availability of controls to prevent errors/mistakes/to achieve intended desired result/objectives/targers, weak or strong?)?
d) effectiveness (able to meet the company's vision, mission, quality policy, objectives, goals, targets, achieve KPI, reduce wastes, etc)?
e) efficiency (input output relationship)?
f) risk (example, store not control with lock and key, possiblility result in theft and quality issue)?

Does ISO 9001, 22000, TS, etc require audit on ALL these?

:thanks::thanx::magic:

Pinpin! A lot of quesions!

To give a simple answer, we can combine many of your terms together. Conformance and compliance are (in general terms) the same thing. If it is in compliance it normally means there are controls in place and what's being done is as defined, so all three terms IMHO (and for simplicity) can be used together. There are many factors affecting 'audits' which I won't dwell on and someone may challenge me, but here's the basics:-

When you use the term 'external' that can mean both CB and supplier (customer) audit, so I'll take that you mean a supplier or customer audit for external.

In very broad terms a CB audit is for compliance to a standard like ISO 9001. However the audit must also look to see that the qms is also effective and in control. Efficiency or evaluation of risks is not normally part of a CB audit, but it can be. CB audits are not required by a standard like ISO. You or your customer decide on that.

Supplier audits can also be compliance based, and due to the scope may also look at efficiency and risks. It depends on what the auditor is there for! Supplier audits can be used to comply but are not a requirement of any ISO standard that I'm aware of

An internal audit can be for all purposes and it's often dependent on the maturity of the QMS - in the early stages the auditors may be only focused on compliance, moving on to effectiveness, then efficiency, risks and so on. Of course, internal audits are a requirement of most (all) ISO Management Systems standards.

Go back to the reason for and and quit trying to complicate the simple. I'll refer to ISO 9001:2008 for this one.

8.2.2 Internal audit
The organization shall conduct internal audits at planned intervals to determine whether the quality management system

a) conforms to the planned arrangements (see 7.1), to the requirements of this International Standard and to the quality management system requirements established by the organization, and

b) is effectively implemented and maintained.

That's pretty much the same reagardless of what management system is being audited. Anything else an organization does with its auditors is its business and can can neither be wrong or improper if its needs are met.

The primary job of a management system auditor is to:

1) determine whether the system has been properly designed to meet the requirements of the standard;

2) to determine if the implementation of the design is going as planned and capable of fulfilling both its policy and objectives;

3) and to determine if the system is functioning as it was designed to function and that the policy and objectives are being fulfilled.

ISO 19011 says that the audit objectives should be defined for each audit. Any of those could be included in the objectives of the various audits. Unless already specified in requirements, the client and lead auditor should work together to decide the objectives.

Don't complicate things by bring 19011 into the equation:lol:

Don't complicate things by bring 19001 into the equation:lol:

I didn't. I brought 19011 into it. :notme: I thought maybe an audit guidance document might have some relevance in providing audit guidance.

It's a typo!:frust:

I thought maybe an audit guidance document might have some relevance in providing audit guidance.

Use a guidance document? Unique solution.

I thought maybe an audit guidance document might have some relevance in providing audit guidance.Are you familiar with this ANAB document? 36. Application of ISO 19011 (http://www.anab.org/HTMLFiles/docs/HeadsUp/HU36.pdf) :frust:

Are you familiar with this ANAB document? 36. Application of ISO 19011 (http://www.anab.org/HTMLFiles/docs/HeadsUp/HU36.pdf) :frust:

I am now...