Audit - Definition of what an audit is - Is there more to auditing?

[M Greenaway]

Stumbled on this quite interesting site, which will open up on the discussion forum (read the slating comments on ISO auditors).

http://www.iia.org.uk/knowledgecentr...discussion.cfm

[Claes Gefvenberg]

Thank's Martin,

Yes.... Interesting site.... Were you thinking about any particular post?

/Claes

[M Greenaway]

None in particular Claes, just though it might interest others.

I stumbled on it today thinking 'who are these guys trying to steal the IRCA's limelight' and was very interested in the 'wider' world of auditing shown in this website. I was particularly interested in the comments made in the discussion forum that showed a certain disdain for ISO9000 internal auditors that felt they knew it all about auditing.

I was also interested to read there definition of what an audit is, particularly the openness of it being a 'consultancy' exercise as well - in the ISO world we would smart at such suggestions.

I think those interested in auditing could do well to see what these guys are about - I even saw that someone was doing an MSc in Auditing !!

I think the site also shows how the ISO9000 world is in 'catch up' regarding auditing effectiveness, comments made in the discussion forum suggest that these guys see ISO auditors as 'box ticking policemen' - perhaps true, very interesting !

[Jimmy Olson]

The problem with considering the comments on that site is that it is not geared towards quality auditors, but financial auditors instead.

Financial and business auditors have always looked down their noses at quality auditors and consider quality audits a waste of time. However, with things changing, they may be looking to the quality auditors when they have to start looking at business processes.

[Jimmy Olson]

Hi Jim

Sorry to dissapoint you, but I won't be drawn into a debate on semantics by a trick question.

[Jimmy Olson]

Ok Jim, I will give you the benefit of the doubt

When I mentioned Quality Auditors I was using a generic term to refer to a traditional ISO Quality Systems Auditor. This is in contrast to a Financial Auditor who will primarily focus on the finance side of a business. As it stands now, there is a difference between the two, even though they are similar. But, both sides are going to have to adapt in the futre as they begin to merge.

[Jimmy Olson]

Jim,

I do think the role of a quality auditor does need to change. I know of too many internal auditors that could quote the standard word for word, but don't understand anything about how their company operates. In order to be an effective auditor I think you need to understand the various processes of the company and how they all relate to each other.

I'm not sure about managers being part of the audit team, but they definitely need to support the audit program (so I guess in a way they would be part of the team). The auditor role should still fall to one or two people (or however many depending on company size). But the auditor should have a wider range of skills and knowledge than what is provided in a traditional ISO 9001 auditor course. This is why I see a merging of auditors being a good idea. If you have a person who understands the company processes and also has an understanding of business practices, I think this would be an ideal person to conduct audits. This would also be very beneficial to the company as well.

Sure, you're required to check compliance to the standard, but why stop there? Check to see if all the processes are effective and efficient and look for areas to improve.

[M Greenaway]

Jim

My thoughts are that you cannot check for compliance to ISO9001 from a desk, you have to see what is actually being done complies.

I do agree that efficiency and effectiveness checks, and the degree to which we meet objectives are better done by other formal measurement methods, and in fact ISO9001 tells us to do this 'outside' of the audit process in clause 8.2.3 on measurement of processes.