Auditor Competencies in their Sciences and/or Disciplines

There is a question for discussion, down a bit.

Under ISO/IEC 17011, which all Accrediting Bodies (ABs) must comply with, they must send competent assessors to customers.

If the customer organization provides ISO9001/ISO 14001, etc. then the assessors must be competent in those sciences and/or disciplines. Typically the assessments are then under ISO/IEC 17021, but IAF also oversees ISO/IEC 17024.

If it is a laboratory or inspection body, then the standards are ISO/IEC 17025/17020, again, the assessors must be competent in those sciences and/or disciplines.

However, if the customer of the AB, such as a Registrar, is providing ISO9001, ISO 14001, ISO 18001, etc., then the organization such as a manufacturer undergoes audits.

How often do such organizations, whether manufacturers, environmental, laboratories, or others, have confidence that the Auditor/Assessor actually has competency in their business areas?

How many would like to know what they can require if they do not have confidence?

As per expectations of ANAB and 17011, before being allowed to audit critical functions under 9001, 14001, RC etc. I must have submitted a form that describes my experience in the SIC in sufficient terms to lend confidence that I would understand the ins-and-outs adequate to evaluate that client's system's effectiveness. The form is approved by management and the SIC gets added to a list under my name in the database.

While it's not required to qualify under one of these SICs, ideally the candidate does so and the qualifier can feel satisfied about competency via direct observation.

Jennifer, you are correct regarding requirements. Yet we see post after post where the obvious question is the independence and/or competency of the auditor.

To me that suggests that the requirements, or more precisely, the enforcement, may have gaps.

That is what this post is for, to at least allow some blowing off of steam.

Hope this helps.

FDA recently has disclosed a five year plan to radically change their field inspection system. Certain inspectors will be assigned to medical devices only, all inspectors will be managed out of Maryland and the regional offices no longer will have anything to do with medical device inspections, and every inspector will be a specialist in a narrow range of device types and Product Codes. Thus if I make Left Handed Widgets in Boston and you make Left Handed Widgets in San Diego, and we're the only two makers of that specialized device type, we almost certainly will have the same inspector, who will know a lot about that device type in addition to having a general knowledge of the GMPs/QSR.

With this inspector-specialization system, inspectors also will be expected to be subject matter experts for 510(k) / PMA / IDE reviews and management of adverse event situations and public health problems.

Enforcement is undoubtedly weak, as these forums show.

If one is cynical - and of course nobody here is, being all of a constructive mindset - the reason, as has been said before, is that clients pay CBs, CBs pay ABs. It's not in the financial interests of any of these businesses to be too critical; if one is, one fears being in turn the victim of critical thinking. It's all in line with the public charters, articles of association and so forth - but not IMHO nearly effective enough. Worse, it's all shrouded in secrecy, hidden disingenuously behind client confidentiality, so there's no real, public accountability.

What to do? Well, if one has no respect for one's auditors, why employ them? Why get certified?

If the answer is, "We're bound by contract to get certified", then either one manages the CB assertively (with inherent risk. Complain about an incompetent auditor and they follow procedure and send another; better the devil you know, etc.); or one forges a constructive relationship of mutual respect (best strategy I think, can be done if CB has a decent pool of competency) ;or one manipulates the audit, e.g. by sending the honest loose cannons on vacation during audits (nobody does that, of course).

Of course, if it all worked, we'd barely need Elsmar Cove and then what would we do?

Pat

Hershal is on target, slightly off center as well, but that's OK. I still run into many auditors auditing that have nearly no hands on or real world personal experience in the subject matter of audits, especially in safety and environmental. By and large most environmental auditors have never had to manage an environmental program and all the fun things that go with it like Title V's (5's), multiple MACT's, SPCCP's, regulators in their face, NESHAP, SARA reporting, form R's and every other buzz word/phrase...The same holds true for health & safety auditors, they may be able to spell safety and they may have been on a plant safety committee, but they don't have the solid safety background that would allow them to differentiate whether something is an acute or chronic safety/health issue.

I'll go a step further with aerospace....I absolutely and seriously doubt that a majority of AS type auditors have background like someone like me in aviation. Oh sure, they may have been a QC or QA type, maybe worked in a manufacturing facility for whatever, but to have hands on experience from front to back, top to bottom, and in flight verification/validation, no way Jose.

However, what we've got, we've got...Take a fluff crash course, pass an exam and have someone sign you off and Wham-Bam you can audit.

What's the solution? It would be easier to predict earthquakes.

In defense of many (definitely not all) auditors, I have encountered auditors from regulatory bodies, registrars and customers who were extremely well versed (book knowledge) and field experienced (practical hands-on knowledge) in the subject matter they were auditing.

Just as one example, my FAA inspector blew my socks off when he was able to converse knowledgeably about metallurgy one day, stress factors, force vectors, and emf interference the next visit and then fly a field test of a multi-engine jet transport the following week. His major problem was having to suck up to less knowledgeable, but more politically savvy superiors in the FAA.

I found that some of these folks were able to "educate" their auditees without crossing the line into consulting, advocating, or dictating. I wish more auditors could fit that pattern.

Thanks for the reminder on balance, Wes.

You remind me that many good auditors rely, not upon their own technical experience, but that of the client's staff - who, after all, know what's really going on. A good auditor can encourage people to identify NCs and evidence, provided the management hasn't driven fear into the organization - and sometimes, even when they have.

With that in mind, I think the most valuable audit competencies are the ability to listen, and an interview technique that's non-threatening.

Pat

pldey42 said:

Thanks for the reminder on balance, Wes.

You remind me that many good auditors rely, not upon their own technical experience, but that of the client's staff - who, after all, know what's really going on. A good auditor can encourage people to identify NCs and evidence, provided the management hasn't driven fear into the organization - and sometimes, even when they have.

With that in mind, I think the most valuable audit competencies are the ability to listen, and an interview technique that's non-threatening.

Pat

Click to expand...

Sure, but as a professor of mine once noted over 50 years ago, a big part of assessing someone else's work is the ability to
"separate flyspecks from pepper before ingesting"

which was her "non-vulgar" description of "bulls**t detector." It implies you have to have some knowledge for the separation to be effective.

I, myself, have been guilty on more than one occasion of seasoning my offerings with flyspecks instead of pepper. I find that more flyspecks than pepper never helps anyone's digestion.

People who are experts in the products and process of the system they are meant to be auditing may not have also had the time to become excellent management system auditors.

The lead auditor is meant to decide when additional technical expertise is needed to plan the audit or to conduct the audit investigation.

If such expertise is needed to fulfill the audit objective then the lead auditor is obliged to make recommendations to the audit client for the audit to be feasible.

If such expertise is not forthcoming then the lead auditor advises the audit client that the audit objective cannot be fulfilled.