Marc
4th June 2004, 04:20 PM
misc.industry.quality
Christopher Paris Senior Member Username: oxebridge miracle workers
Post Number: 74 Registered: 4-2003
Rating: N/A Votes: 0 (Vote!)
Yes - Zero Votes!
Posted on Thursday, June 03, 2004 - 7:06 pm: (Reprinting this here with permission. Comments welcome.)
CP
================ IAAR Considers Imposing RAB Requirements on Internal Auditors
June 1, 2004
Oxebridge Quality Resources has learned that members of the Independent Association of Accredited Registrars (IAAR) are currently in debate over whether or not to require internal auditors of registered companies to comply with the RAB Approved Internal Auditor Course requirements, or equivalent programs. Currently, the requirements for the training of a company's internal auditors is left to that company.
The IAAR is comprised of 35 accredited North American registrars of ISO 9001, ISO 14001 and other management systems. The purpose of the organization is to harmonize interpretations between its member registrars, provide baseline codes of conduct for such registrars, and to act as a facilitator organization between the registrars and the International Accreditation Forum (IAF).
Two anonymous sources have provided Oxebridge with evidence that IAAR members are in discussions, through e-mail exchanges, as to whether or not IAAR member registrars should require ISO 9001 and ISO 14001 registered companies to train their internal auditors in accordance with ANSI-RAB's "QMS Internal Auditor" courses or similar courses offered by IRCA. These two-day courses typically cost approximately $800 per student. Many registrars sell the very same training under a loophole in the IAF's ISO Guide 62 Guideline which allows registration companies to perform training without it being considered "consulting."
The information received by Oxebridge indicate that there is some debate on the matter, but that representatives of those registration companies which sell training services are generally in favor of the idea.
All activities of the IAAR are restricted to members only, so the debate will not be made public until after a decision is made, or the idea may wither without further discussion.
Neither ISO 9001 nor ISO 14001 make any requirements on the training of internal auditors, and neither document specifically calls out any particular training curriculum. If adopted, the IAAR idea will mark a dramatic shift in registrar actions, who would then be able to impose requirements not specifically stated in the ISO standards. It will also turn back the clock on those companies moving forward with unique, and sometimes controversial, internal auditing programs that are focus on process improvement instead of blind adherence to ISO 9001 checklists.
Worsening matters is the fact that content of the ANSI-RAB courses are not developed with any ISO-approved standards as the source material. For example, ISO 9001:2000 was released in December 2000, and followed almost immediately by an ANSI-RAB "transition course" for all auditors who had been trained to ISO 9001:1994; however, the corresponding auditing standard --- ISO 19011 --- was not released until almost three years later. ANSI-RAB develops its course curricula on its own, unilateral criteria, not ISO 19011. The greatest failing of the current ANSI-RAB courses is an emphasis on the "8 Management Principles" instead of basic training on how to audit according to ISO 9001's required "process approach." This latter fact led to an almost international failure of registration auditors to understand process management, prompting the IAF in September 2002 to scold registrars for not properly understanding the "process approach" requirements of ISO 9001.
Oxebridge will continue to resist any activities by registration/certification bodies on the imposition of directives not supported by language within the applicable standards. Furthermore, Oxebridge will continue to call for a ban on all consulting activities by registrars, in order to improve the current state of ISO 9001 and reduce conflicts of interest.
Top of pagePrevious messageNext messageBottom of page Link to this message
John R. Broomfield Senior Member Username: jbroomfield
Post Number: 212 Registered: 2-2001
Rating: N/A Votes: 0 (Vote!)
Posted on Thursday, June 03, 2004 - 8:20 pm: This is melodramatic. Such an imposed addition to the requirements of the system standard is unlikely to fly until the registrars themselves are required by the IAAR and the accrediting agencies to use certified lead auditors to lead their own audits that may or may not certify conformity of management systems to the said system standards.
Posted on Friday, June 04, 2004 - 7:21 am: Well..
1.) Currently, all US registrars DO require certified Lead auditors to lead audits. Where that requirement comes from, I'm not sure (IAAR or RAB).
2.) There is a separate move afoot to require all auditors within registrars to be Leads --- meaning audit teams would not include provisionals, QS-A's, etc.... presumably with the only exception being for those in training, whom the client does not typically pay for.
Top of pagePrevious messageNext messageBottom of page Link to this message
Colin Gray Senior Member Username: cgray
Post Number: 116 Registered: 2-2001
Rating: N/A Votes: 0 (Vote!)
Posted on Friday, June 04, 2004 - 7:32 am: RAB etc does NOT require US registrars to use registered lead auditors. I know of many unregistered auditors working for registrars. A few of them are even reasonable auditors. Registrars are supposed to follow 19011 which imposes the same basic requirements but surprise surprise RAB is corrupt (they are very close with some registrars that it would cause a lot of trouble for). Who gives a **** waht the IAAR says. its not mandatory to join them and more, becuase they charge a hefty annual fee, it is a "barrier" to new and dynamic registrars.
I think there should be a move to have registered auditors only (but i know its wrong and so would never support it). however, i know many registered auditors who couldnt audit their way out of a paper bag so that is not a solution it is just adding to the problem.
Of course if the accreditation agencies did their job (did i hear recently that RAB is increasing their witnessed audits 10 fold....if only their auditors...... Top of pagePrevious messageNext messageBottom of page Link to this message
Randall Daily Senior Member Username: rdaily
Post Number: 73 Registered: 8-2001
Rating: N/A Votes: 0 (Vote!)
Posted on Friday, June 04, 2004 - 10:59 am: Chris says
"Well..
1.) Currently, all US registrars DO require certified Lead auditors to lead audits. Where that requirement comes from, I'm not sure (IAAR or RAB).
2.) There is a separate move afoot to require all auditors within registrars to be Leads --- meaning audit teams would not include provisionals, QS-A's, etc.... presumably with the only exception being for those in training, whom the client does not typically pay for. "
Chris you're wrong here. I'm a RAB Registered EMS-LA (there's a whole lot fewer of us than the QMS guys I'll guarantee you that) and it didn't carry a bit of weight with a majority of registrars. Finding audits was tougher that locating teeth in a chicken. The registrars have to prove their auditors are competent regardless of the individual auditors credentials. The registrar detemines who is a Lead based upon their plan that is approved by the NAP organization.
As for demanding that internal auditors successfully attend an accredited course...here's that answer I'd give "Bite my butt!". I'd toss the RAB and use UKAS, JAB or some other accredited registration body.
As for the failure to teach a process approach to auditing...maybe that's how you do it and who you associate with does it, but the organization I used to represent stresses the process approach. Top of pagePrevious messageNext messageBottom of page Link to this message
Christopher Paris Senior Member Username: oxebridge
Post Number: 76 Registered: 4-2003
Rating: N/A Votes: 0 (Vote!)
Posted on Friday, June 04, 2004 - 11:18 am: Hmm, all I can think of then is that the registrars I'm familiar with must have internal requirements for using Leads... I will look into that. Of course, if auditors demand requirements that their own auditors don't even meet, the situation is even more laughable.
As for jumping to UKAS, that is what one registrar specifically said he/she feared.
A number of registrars are now teaching the process approach internally, as a result of IAF's gripes. Left to their own devices, and those of RAB, it would have never happened. The better ones were teaching it before. But the quality of training is different between each registration company. I'm seeing some companies with a wide desparity in individual auditor's understanding of the process approach.
In any case, it begs the question as to why the IAAR members would even consider such a ludicrous idea to begin with, other than just as another means to push folks around. As always, the "good" registrars will come out shining. But this is one more thing that will result in pissed off end users, something ISO 9001 can ill afford.
I'm all for the "bite my butt" response!
Comments, folks?
Christopher Paris Senior Member Username: oxebridge miracle workers
Post Number: 74 Registered: 4-2003
Rating: N/A Votes: 0 (Vote!)
Yes - Zero Votes!
Posted on Thursday, June 03, 2004 - 7:06 pm: (Reprinting this here with permission. Comments welcome.)
CP
================ IAAR Considers Imposing RAB Requirements on Internal Auditors
June 1, 2004
Oxebridge Quality Resources has learned that members of the Independent Association of Accredited Registrars (IAAR) are currently in debate over whether or not to require internal auditors of registered companies to comply with the RAB Approved Internal Auditor Course requirements, or equivalent programs. Currently, the requirements for the training of a company's internal auditors is left to that company.
The IAAR is comprised of 35 accredited North American registrars of ISO 9001, ISO 14001 and other management systems. The purpose of the organization is to harmonize interpretations between its member registrars, provide baseline codes of conduct for such registrars, and to act as a facilitator organization between the registrars and the International Accreditation Forum (IAF).
Two anonymous sources have provided Oxebridge with evidence that IAAR members are in discussions, through e-mail exchanges, as to whether or not IAAR member registrars should require ISO 9001 and ISO 14001 registered companies to train their internal auditors in accordance with ANSI-RAB's "QMS Internal Auditor" courses or similar courses offered by IRCA. These two-day courses typically cost approximately $800 per student. Many registrars sell the very same training under a loophole in the IAF's ISO Guide 62 Guideline which allows registration companies to perform training without it being considered "consulting."
The information received by Oxebridge indicate that there is some debate on the matter, but that representatives of those registration companies which sell training services are generally in favor of the idea.
All activities of the IAAR are restricted to members only, so the debate will not be made public until after a decision is made, or the idea may wither without further discussion.
Neither ISO 9001 nor ISO 14001 make any requirements on the training of internal auditors, and neither document specifically calls out any particular training curriculum. If adopted, the IAAR idea will mark a dramatic shift in registrar actions, who would then be able to impose requirements not specifically stated in the ISO standards. It will also turn back the clock on those companies moving forward with unique, and sometimes controversial, internal auditing programs that are focus on process improvement instead of blind adherence to ISO 9001 checklists.
Worsening matters is the fact that content of the ANSI-RAB courses are not developed with any ISO-approved standards as the source material. For example, ISO 9001:2000 was released in December 2000, and followed almost immediately by an ANSI-RAB "transition course" for all auditors who had been trained to ISO 9001:1994; however, the corresponding auditing standard --- ISO 19011 --- was not released until almost three years later. ANSI-RAB develops its course curricula on its own, unilateral criteria, not ISO 19011. The greatest failing of the current ANSI-RAB courses is an emphasis on the "8 Management Principles" instead of basic training on how to audit according to ISO 9001's required "process approach." This latter fact led to an almost international failure of registration auditors to understand process management, prompting the IAF in September 2002 to scold registrars for not properly understanding the "process approach" requirements of ISO 9001.
Oxebridge will continue to resist any activities by registration/certification bodies on the imposition of directives not supported by language within the applicable standards. Furthermore, Oxebridge will continue to call for a ban on all consulting activities by registrars, in order to improve the current state of ISO 9001 and reduce conflicts of interest.
Top of pagePrevious messageNext messageBottom of page Link to this message
John R. Broomfield Senior Member Username: jbroomfield
Post Number: 212 Registered: 2-2001
Rating: N/A Votes: 0 (Vote!)
Posted on Thursday, June 03, 2004 - 8:20 pm: This is melodramatic. Such an imposed addition to the requirements of the system standard is unlikely to fly until the registrars themselves are required by the IAAR and the accrediting agencies to use certified lead auditors to lead their own audits that may or may not certify conformity of management systems to the said system standards.
Posted on Friday, June 04, 2004 - 7:21 am: Well..
1.) Currently, all US registrars DO require certified Lead auditors to lead audits. Where that requirement comes from, I'm not sure (IAAR or RAB).
2.) There is a separate move afoot to require all auditors within registrars to be Leads --- meaning audit teams would not include provisionals, QS-A's, etc.... presumably with the only exception being for those in training, whom the client does not typically pay for.
Top of pagePrevious messageNext messageBottom of page Link to this message
Colin Gray Senior Member Username: cgray
Post Number: 116 Registered: 2-2001
Rating: N/A Votes: 0 (Vote!)
Posted on Friday, June 04, 2004 - 7:32 am: RAB etc does NOT require US registrars to use registered lead auditors. I know of many unregistered auditors working for registrars. A few of them are even reasonable auditors. Registrars are supposed to follow 19011 which imposes the same basic requirements but surprise surprise RAB is corrupt (they are very close with some registrars that it would cause a lot of trouble for). Who gives a **** waht the IAAR says. its not mandatory to join them and more, becuase they charge a hefty annual fee, it is a "barrier" to new and dynamic registrars.
I think there should be a move to have registered auditors only (but i know its wrong and so would never support it). however, i know many registered auditors who couldnt audit their way out of a paper bag so that is not a solution it is just adding to the problem.
Of course if the accreditation agencies did their job (did i hear recently that RAB is increasing their witnessed audits 10 fold....if only their auditors...... Top of pagePrevious messageNext messageBottom of page Link to this message
Randall Daily Senior Member Username: rdaily
Post Number: 73 Registered: 8-2001
Rating: N/A Votes: 0 (Vote!)
Posted on Friday, June 04, 2004 - 10:59 am: Chris says
"Well..
1.) Currently, all US registrars DO require certified Lead auditors to lead audits. Where that requirement comes from, I'm not sure (IAAR or RAB).
2.) There is a separate move afoot to require all auditors within registrars to be Leads --- meaning audit teams would not include provisionals, QS-A's, etc.... presumably with the only exception being for those in training, whom the client does not typically pay for. "
Chris you're wrong here. I'm a RAB Registered EMS-LA (there's a whole lot fewer of us than the QMS guys I'll guarantee you that) and it didn't carry a bit of weight with a majority of registrars. Finding audits was tougher that locating teeth in a chicken. The registrars have to prove their auditors are competent regardless of the individual auditors credentials. The registrar detemines who is a Lead based upon their plan that is approved by the NAP organization.
As for demanding that internal auditors successfully attend an accredited course...here's that answer I'd give "Bite my butt!". I'd toss the RAB and use UKAS, JAB or some other accredited registration body.
As for the failure to teach a process approach to auditing...maybe that's how you do it and who you associate with does it, but the organization I used to represent stresses the process approach. Top of pagePrevious messageNext messageBottom of page Link to this message
Christopher Paris Senior Member Username: oxebridge
Post Number: 76 Registered: 4-2003
Rating: N/A Votes: 0 (Vote!)
Posted on Friday, June 04, 2004 - 11:18 am: Hmm, all I can think of then is that the registrars I'm familiar with must have internal requirements for using Leads... I will look into that. Of course, if auditors demand requirements that their own auditors don't even meet, the situation is even more laughable.
As for jumping to UKAS, that is what one registrar specifically said he/she feared.
A number of registrars are now teaching the process approach internally, as a result of IAF's gripes. Left to their own devices, and those of RAB, it would have never happened. The better ones were teaching it before. But the quality of training is different between each registration company. I'm seeing some companies with a wide desparity in individual auditor's understanding of the process approach.
In any case, it begs the question as to why the IAAR members would even consider such a ludicrous idea to begin with, other than just as another means to push folks around. As always, the "good" registrars will come out shining. But this is one more thing that will result in pissed off end users, something ISO 9001 can ill afford.
I'm all for the "bite my butt" response!
Comments, folks?
