Proposed Change to 3rd Party Audit Process - Limiting Scope of Audit

[Randy]

I'm trying to wrap my head around this because scope has been limited to what's specified on the certificate, stated in their "Scope" statement and what has been agreed to in the contract (within accreditation requirements).

I've got clients right now, and have for years, that have aspects of their operations (product lines and such) out of scope.

 

[Sidney Vianna]

Let me try another angle:

Why should CB audit teams waste their time assessing the system through evidence collected from orders emanating from the registrant's customers that could care less about the work of the CB and the certificate?

Why shouldn't we limit the evidence sampled from orders from customers who "believe enough" in the value of certification to request the supplier to achieve certification?

To me, a focused-audit would add more value to the process and reduce the chance of the CB claiming their audits are performed on a (totally) random basis, and, by result, becoming much more accountable to the actual users of the certificates; such accountability, by the way, is something that some CB's and auditors love to reject under the guise of "random" samples.

I am surprised that some people in the industry does not realize and understand the difference between certificates (what the registrants buy) and confidence (what the registrant's customers want). The death spiral of commoditizing and trivializing certification leading to miniscule profit margins.

We will only revert the trend when people in the industry understand the fact that a certificate which does not enhance confidence is a nonconforming product. And, right now, there are very few mechanisms in place to keep CB's accountable to the stakeholders that make them exist.

 

[Marc]

Should the CB be doing customer's supplier audits?

 

[Randy]

I do a couple, but then we won't do either's certification work

 

[Sidney Vianna]

There are many CB's that perform second party assessments, but it would be a conflict of interest for CB's to be involved with third party certification of companies they audit on behalf of, as well as companies they certify.

Third party certification was developed and envisioned as a means to reduce repetitive, redundant and conflicting second party QMS audits. If it were delivering on its original intent, we would not see the flatlining/drop in certification numbers around some markets.

In order to make the accredited management system certification valuable to Industry at large, somethings need to change. The purpose of the focused audits is to foster better engagement of CB's and the ACTUAL USERS of the services rendered by the CB's and the certificates they issue. Anyone who knows anything about quality understands that the PDCA cycle only works when you have a constructive feedback from relevant stakeholders.
Currently, there is very little engagement and feedback emanating from the registrants customers back to the CB's. I propose, as a means to enhance credibility of the certification sector, that CB's engage, voluntarily or otherwise, much more closely with the users of their certificates.

 

[Marc]

<snip> Third party certification was developed and envisioned as a means to reduce repetitive, redundant and conflicting second party QMS audits. <snip>

I'm sorry, but I heard the same "reasoning" way back in the QS-9000 days 20+ years ago. It didn't work then, and as IATF 16949 today it still doesn't work as "advertised".

 

[Sidney Vianna]

When a product/service does not deliver on it's intended objectives, you can kill the product line.

Or, you can, using something such as the PDCA cycle, engage with the users of the product and ascertain what are the drawbacks and re-engineer the product and service delivery in a way that all stakeholders see value in it (check my Cove signature).

The third party certification sector fails in understanding who the REAL USERS of certificates are. People keep pandering to registrants as the CB selection decider as the only stakeholder they need to entice to sign a contract, neglecting the end users (registrant's customers). Until they are forced to address this conundrum, certification numbers will continue to flatline and/or drop.

 

[Marc]

When a product/service does not deliver on it's intended objectives, you can kill the product line. <snip>

What about when a company has potentially hundreds of customers buying the same product?

 

[Sidney Vianna]

Even then, using simple Pareto analysis techniques, one can prioritize audits accordingly. As I said in a previous post, scenarios such as this or scenarios where the certified organization is a business-to-consumer organization, does not lend itself for what I am proposing.

But, the current process, where audits are totally random, in terms of orders reviewed and assessed does not make much sense, in my estimation.

Remember, in the IAQG ICOP certification scheme, auditors are expected to spend time assessing orders from aerospace customers proportionately to the amount of aerospace business they get from their aero customers. There is a reason the IAQG put that requirement in AS9101.

 

[Big Jim]

Third party certification was developed and envisioned as a means to reduce repetitive, redundant and conflicting second party QMS audits. If it were delivering on it's original intent, we would not see the flatlining/drop in certification numbers around some markets.

It would be immensely helpful if they would do a better job of communicating that original intent. That's where it should start.