Auditors can not provide consulting, advisory services to their certified clients since this would create a conflict of interest or threat to impartiality, as described by ISO 17021.

However, in blogs, virtual communities and discussion groups, such as The Cove, auditors come through and answer very specific questions, sometimes, providing elaborate interpretations to unique, company-specific scenarios.

As many posters participate anonymously, it is conceivable that an auditor could inadvertently (or not) provide consulting to a client. Not much one can do about it, but the loophole exists.

Kind of like the old tree fell and nobody heard it bit. If they are not consciously consulting - especially (although not exclusively) for pay - to a client they are auditing, it sure seems like a very benign situation. Some folks might pace the floor at night over it, but to me it seems like there are bigger issues to fret.

It is kind of like that Windex thread....

Of course because CB auditors has interest that might compromise their actions. An organization that wants to learn more or need personalized advice has 3 options:

1. Get a consultant
2. Attend seminars/trainings (I believed that CB is doing this)
3. Get info from the internet.

As for option 3, the forum contributors are not liable for any losses resulting from the use of advices. Besides, finding the specific information in some forums and blogs can be a big challenge. I am lucky I was able to find elsmar cove (Covers) that really provides valuable information and worth the time reading.

Good points Sid. Maybe that's why I only give AndyN's folks advice:lol:

Seriously........When I tell people about this place I let them know that I can't answer their questions with direct absolutes because of the potential for COI.

I came across a checklist of mine once while I was auditing an internal audit process at a client. Is that a conflict of interest? I was auditing the results of the audit process, not the checklist itself...

Auditors can not provide consulting, advisory services to their certified clients since this would create a conflict of interest or threat to impartiality, as described by ISO 17021.

However, in blogs, virtual communities and discussion groups, such as The Cove, auditors come through and answer very specific questions, sometimes, providing elaborate interpretations to unique, company-specific scenarios.

As many posters participate anonymously, it is conceivable that an auditor could inadvertently (or not) provide consulting to a client. Not much one can do about it, but the loophole exists.

Personally, I've always believed that the whole registration scheme is based on conflict of interest, with registrars being paid by the auditees while ostensibly representing customer interests. I think this is one reason that customer (2nd party) audits continue apace, despite suppliers being registered. I understand that this is a controversial viewpoint, but when I've raised it in the past the ones most likely to argue against it are those associated with CBs.

If you don´t openly know that they are your client, then I don´t see that it can be COI....

It's not the simple offering of advice that creates a conflict, it's offering advice to the same organization you are being paid to assess as a representative of a registration body. Thus I do not see a conflict in an open space like this one, or else one might as well also not be permitted to write articles etc. while working as an auditor.

How can you not know?

Sidney, Randy and Andy (or any other CB auditors I don´t know of) don´t know where all the Covers work... if I where certified by either DNV, BSI or NQA would that mean that either one of the three could not answer any direct question made my me ?

COI is a tricky thing... The same way auditors sign confidentiality agreements they should also be "correct" and not openly give consulting to a person they know is a customer of their CB.

Thus I do not see a conflict in an open space like this one, or else one might as well also not be permitted to write articles etc. while working as an auditor.

Exactly - rock solid argument! I agree 100% :agree1:

... I do not see a conflict in an open space like this one, or else one might as well also not be permitted to write articles etc. while working as an auditor.

Exactly - rock solid argument! I agree 100% :agree1:

What he said.

Sidney, Randy and Andy (or any other CB auditors I don´t know of) don´t know where all the Covers work... if I where certified by either DNV, BSI or NQA would that mean that either one of the three could not answer any direct question made my me ?

COI is a tricky thing... The same way auditors sign confidentiality agreements they should also be "correct" and not openly give consulting to a person they know is a customer of their CB.If I was under a contract to audit someone and I saw them post a question about management systems in one of the forums here, to be safe I would simply not answer. But if someone I don't recognize posts a question, a conflict of interest doesn't clearly present itself because my answer is unlikely to affect the outcome of an audit I am contracted to perform. The term implies one knows the client is receiving the advice.

Sidney, Randy and Andy (or any other CB auditors I don´t know of) don´t know where all the Covers work... if I where certified by either DNV, BSI or NQA would that mean that either one of the three could not answer any direct question made my me ?

Ted,
If you'll look back you may see that I try to provide more than one possible solution or path or try to avoid specific absolutes. Occasionally I may not be successful. I have much the same problem when I'm doing a training course......How do you do implementation training without saying "Here's how to do it"? When you're being paid (in my case BSI) a whole bunch a day to say "Here's how to do it" it's pretty hard to not say "Do it this way". I know that we have a ton of our clients here and I know that Sid does as does Andy, Aaron and a few others...I've even been narced off because of a comment or two.

I guess what I'm trying to say is that each of us has probably created a line that we as individuals do not or will not cross with providing information and even discussing our organizations and the organization of others in our industry.

Ya know what's really scary about this? It's not that I'll have a COI, it's that someone may actually pay attention and do what I say......That's really spooky:mg:

Ya know what's really scary about this? It's not that I'll have a COI, it's that someone may actually pay attention and do what I say......That's really spooky:mg:

Especially for me, since you've been using my 'help'.......:lol:

Personally, I've always believed that the whole registration scheme is based on conflict of interest, with registrars being paid by the auditees while ostensibly representing customer interests. Without a doubt, the fact that registrants are the registrar’s customers and can terminate the contractual relationship, and thus, applying undue pressure onto the registrar/auditor, represents a risk to the CB management of impartiality and makes many people to question the credibility of the certification process. How many suppliers wilfully terminate a business relationship with their customers? The vast majority of registrars that advertise their services focus on the immediate, customer-paying customers. None (that I am aware of) develop marketing campaigns towards the users of the certificates, i.e., their customer's customers. ISO 17021:2006 even makes a clear reference to that effect in paragraph 4.2.2: It is recognized that the source of revenue for a certification body is its client paying for certification and that this is a potential threat to impartiality Further, ISO 17021 requires a CB to evaluate it’s financial health to prevent compromises to our impartiality, due to economic pressure.

Because of the inherent risks to process integrity, the accreditation layer was developed and incorporated into the process. Theoretically, the risk of losing it’s accreditation should make a CB perform their duties with integrity, professionalism and competence, certifying and maintaining certified only those systems that are deserving. In the real world, however, we all agree that the “policing aspect” of both the certification and accreditation layers don’t catch all wrong doings, loophole-developing and deliberate circumvention of established rules.

Most management system professionals knowledgeable of the accredited certification process would agree that we have room to enhance the robustness of the programs. Certificates are not perceived as something 100% reliable, from the users perspective. And, certification that provides no confidence to the user of the certificate is not a sustainable proposition, in the long term.
I think this is one reason that customer (2nd party) audits continue apace, despite suppliers being registered.As I said, if certificates don’t provide confidence to the registrant’s customers, customer (2nd party) audits will remain part of the business scene. I would like to make a couple of points about this, though:

¨3rd party certification of a QMS was never intended nor designed to replace supplier monitoring/oversight. It should be perceived as a COMPONENT of the supplier oversight activity.
¨2nd party audits bring a whole different set of problems, as well: incompetent (not all obviously) auditors, micro-managers, hidden agendas, adversarial/confrontational relationships, etc…
¨A significant percentage of quality problems attributed to suppliers are, in reality, due to customer dysfunction, such as back-dated delivery PO’s, erroneous, obsolete specs provided by customers, etc.
¨With a global supplier base, not many companies can afford effective supplier oversight, 12 time zones away and an universe apart, culturally speaking.

While some might see the return to 2nd party audits, when certificates don’t provide the confidence to the users, I disagree. I still believe that the sustainable solution finds it’s path through ACCOUNTABILITY. If your registered supplier performance is substandard, engage with their CB. Keep their registrar accountable to you, the process and your supplier. If the CB seems not to care about your feedback, as an user of their product (the certificate), keep the accreditation body accountable by bringing them into the picture.
In summary, we should not fool ourselves, trying to deny the obvious shortcomings of the accredited certification process. However, the 2nd party audit approach leaves a lot to be desired as well.

The reason why the management system certification business has grown dramatically in the last two decades is because it has theoretical merit. The key is to make theory a reality.