Blind Gopher Auditors Comment - Who is responsible?

Ninja · Oct 3, 2013

TPMB4 said:
I wonder if anyone has actually complained to their CB about their audit team being, how shall I put this, lax or not being as thorough as the role requires?? Can anyone let me know if they are aware of a company who complained that their CB audit team were not thorough enough or didn't conduct the audit correctly?

Internal Audit: If they don't find anything wrong, I'd can them during the closing meeting and go find someone better...there are things wrong in any system, you should be able to find them. Finding them and writing them up protects me from losing my cert. during the external audit. It also teaches me how I can do better.

External audit (CB renewal audit): I'd take a blind gopher for an auditor any day of the week.

Sidney Vianna · Oct 3, 2013

Re: External Audit Attendees - Surveillance Audit

Ninja said:
External audit (CB renewal audit): I'd take a blind gopher for an auditor any day of the week.

In my opinion, this approach shows extreme short sightedness: You are basically saying that external audits can not find issues of relevance for your system to correct and/or improve. Let's say you are correct and CB audits are a waste of time. Eventually, your customers (those who required you to be ISO 9001 certified in the first place) will agree with you and, instead of requiring your organization to be certified, they will send their own auditors.

If you think that dealing with a team of third-party, "professional" auditors is a challenge, you will be ecstatic to deal with multiple teams of second-party auditors that, in some cases, will micro-manage you.

Those who are working feverishly, direct or indirectly, consciously or unconsciously, to undermine the value of third-party certification will have their wishes granted: multiple, redundant, conflicting customer audit barrage.

AndyN · Oct 3, 2013

Re: External Audit Attendees - Surveillance Audit

Amen, Sidney!

Ninja · Oct 4, 2013

Re: External Audit Attendees - Surveillance Audit

Sidney Vianna said:
If you think that dealing with a team of third-party, "professional" auditors is a challenge, you will be ecstatic to deal with multiple teams of second-party auditors that, in some cases, will micro-manage you.

I understand your point and agree with it...but we all see the world from where we sit.

1. "If you think that dealing with a team of third-party, "professional" auditors is a challenge"
We have a pretty good third party CB auditor...nice guy, and pretty thorough as well. No real hassle here, and no complaints.

2. ", you will be ecstatic to deal with multiple teams of second-party auditors that, in some cases, will micro-manage you."
I've already got these too...regardless of the skill of the CB auditor. The 2nd party auditors don't know the CB auditor...and aren't likely to rate him in order to decide whether to trust me...they rate me (my process actually) instead.

If a good CB auditor meant that the customers trusted the CB and didn't come do it all themselves anyway, I would support your point 100%.

But it isn't that way in my world. I have a good CB auditor AND all the second party audits.
The 2nd party audits aren't going to go away...so there is no real value to me of the CB audit beyond the paper on the wall no matter how good the CB auditor is...thus the blind gopher comment.

Internal audit (inside or 3rd party) has value every time.

Added thought:
On pondering, there seems to be a basic flawed assumption: That being that if I have a good and thorough 3rd party audit that HAS value...that 2nd parties will RECOGNIZE that value. It makes logical sense, but is untrue none-the-less. In my experience, customers trust only their own people...regardless of how competent, knowledgeable or valuable the 3rd party auditor is.
The result of this is that while the 3rd party audit is thorough and excellent, it does not have the value that it could have had to the auditee (me). That value being the cessation of vast multiple 2nd party audits all finding the same thing the 3rd party audit found.

Sidney Vianna · Oct 4, 2013

Re: External Audit Attendees - Surveillance Audit

Ninja said:
But it isn't that way in my world. I have a good CB auditor AND all the second party audits.

If your clients don't recognize third-party certification and will perform supplier audits, why have certification, then?

Ninja said:
so there is no real value to me of the CB audit beyond the paper on the wall no matter how good the CB auditor is...thus the blind gopher comment.

Not sure how you reconcile that with

Ninja said:
Internal audit (inside or 3rd party) has value every time.

What is an inside third-party internal audit? Irrespective of all that, IF you are going to go through a third-party audit and you would much rather have a "blind gopher" as an auditor, you don't want to have any added value feedback. You just want to go through the motions, in order to keep the certification on the wall. So, you are basically working against the value of the conformity assessment sector. Obviously, you are entitled to that position, but I want to make sure people understand the big picture.

As I've said, many, many times in this forum, we have a fundamental problem with management system certification because the USERS of the certificates and the PURCHASERS of certification services are at odds with their respective objectives. The USERS want CONFIDENCE associated with certification. The PURCHASERS (a significant percentage) of certification services want fast, cheap, easy, no-disruption, etc. audits. And many prefer the blind-gopher-auditor-type.

Because the traditional accredited certification sector makes it difficult for interested parties to discern who are the ones who promote the blind gopher auditor type, it is very hard to keep everyone accountable. But, like in the Industry-monitored certification schemes for automotive and aerospace, accountability is much better assessed.

Ninja · Oct 7, 2013

Re: External Audit Attendees - Surveillance Audit

Sidney Vianna said:
If your clients don't recognize third-party certification and will perform supplier audits, why have certification, then? ... and more above...

Came across a term last week called "Violent agreement"...where two folks are agreeing with each other, but missing each other in the perceived outcome and some of the vocabulary. I think that's what's going on here.

There has been a "rut" on this topic, with many folks questioning the capability of auditors, and the value of the cert, and many great comments on how to actually get value from ISO9000 beyond a piece of paper on the wall.

Then there are some (like me) who get said value, but don't have the value recognized by all of the customers. I'm sure I'm not alone in this.
It is the accountability and oversight to a standard that can make a business thrive. Part of running a good system is making sure that the system is actually being followed...auditing the system. Finding where the system is not followed and correcting things has great value.

My vocab (no promises that it matches yours)
- 2nd party = the customer
- third party = not me or the customer
- internal audit = not by the Certification board
- external audit = by the CB
If I am totally butchering the terms, I beg your forgiveness. I recognize that I might be.

The most value to me is the internal audit (whether from a company employee or from an outside person). This is where it all hangs out, and everything gets looked at.
I'm not perfect...there are issues somewhere. I want them found. If an auditor can't find them, I'll get a new auditor who can.

The whole point of audit by the CB is to verify that the internal audits and training and, and, and...is working well. This was already accomplished in the internal audit, but now a disinterested third party (the CB) is verifying it and saying to the world (by means of a cert) that we're in compliance.

If everyone trusted the CB, the story would end there. But not everyone does. Some do, so the cert on the wall has some value and is worth having...but some don't. Those that don't come in and audit for themselves (2nd party). When you have over 100 customers, and 20 of them come in and audit for themselves, there is a declining value to the CB audit. There is SOME value, since 80 folks didn't show up and audit me...but being audited 21 times in a year is a bit overkill.

If the 20 customer audits don't find anything, I really couldn't care much about the CB audit...I know he isn't going to have a finding...let's just get it over with so I can go back to work.

Stepping back a ways, if the CB audit and the resulting Certification were actually recognized across the board, I would put more value on the CB audit. That I don't has nothing to do with the CB or the CB auditor...it has to do with the level of trust (lack of) that customers put on the results of the CB audit. I'll keep going with the CB since 21 audits is better than 100...but the perceived value of the CB audit is severely lessened by the actions of customers.

Sidney Vianna · Oct 7, 2013

Re: External Audit Attendees - Surveillance Audit

Ninja said:
I'll keep going with the CB since 21 audits is better than 100...but the perceived value of the CB audit is severely lessened by the actions of customers.

The more (welcomed and promoted) blind-gopher auditors we have in the system, the less confidence customers will have on the value of certification. So, by suggesting that you would welcome the blind gopher auditor type any day of the week, you are working against your own interest.

Would you like to retract your statement about preferring blind gopher auditors now?

Jim Wynne · Oct 7, 2013

Re: External Audit Attendees - Surveillance Audit

Sidney Vianna said:
The more (welcomed and promoted) blind-gopher auditors we have in the system, the less confidence customers will have on the value of certification. So, by suggesting that you would welcome the blind gopher auditor type any day of the week, you are working against your own interest.

Would you like to retract your statement about preferring blind gopher auditors now?

I think that feedback (positive or negative) to a CB is a good thing in principle, but the idea that certificate holders bear significant responsibility for the shortcomings of the entire system is a bit much.

I recall a while back seeing a communiqu? from IATF to CBs regarding the general problem of soft-grading by CB auditors. I don't have the numbers in front of me, but I recall that the number of NCs per audit was significantly higher in witnessed audits than in non-witnessed audits, as was the ratio of major NCs to minor NCs. This means that there is a general awareness on the part of ABs that something ain't right.

It's the responsibility of ABs to monitor the CBs, and it appears that a significantly poor job is being done of it. A complaint by a certificate holder about CB performance (or a complaint to a CB about auditor performance) is an act of telling them something they already know, and to think otherwise is not realistic.

This is also a be-careful-what-you-ask-for situation. The number of truly competent people who are willing to live the nomadic life of a CB auditor has to be relatively small. The talent pool just isn't big enough to support the need.

I fully understand Ninja's point of view. Many job shops are understaffed and trying to keep up with a daily dizzying whirlwind of keep-the-customer-satisfied is not an easy task, and when it comes to a CB audit the less friction the better.

Paola4122 · Oct 7, 2013

Re: External Audit Attendees - Surveillance Audit

I aqm going to try to answer your question on why to have the certification if your supplier doesn't recognize it. You have certification with a registar , in order to confirm that your quality managemnt system is in compliance with the standard. In this way when your customer goes and audit your site, they won't find as many gaps if they would in a company that doesn't have a quality managemnt system. The certification process allowds for your company to mature over time, and that is the best interest of your company.

Sidney Vianna · Oct 7, 2013

Re: External Audit Attendees - Surveillance Audit

Jim Wynne said:
but the idea that certificate holders bear significant responsibility for the shortcomings of the entire system is a bit much.

Accountability HAS to be exercised AT all levels, by ALL stakeholders. Registrants, as the buyers of certification services, BEAR significant responsibility for the credibility and integrity of the conformity assessment sector. They are in an unique position to make procurement decisions on who and why they will engage as their certification body. They are also in an unique position to influence behavior of auditors, CB's and AB's, via feedback.

Confronted with customer(s) mandate to attain certification, knowing fully well that what customers really want is attestation of confidence in the supplier's capabilities, a significant percentage of registrants DELIBERATELY seek CB's that are known in the industry for being cheaper, easier, faster between them and the certificate on the wall. Behaviors such as seeking and/or welcoming the blind-gopher auditor types.

Certification that does not result in confidence of the supplier's management system's robustness is a nonconforming output of the conformity assessment activity. The long term viability of management system conformity assessment sector DEPENDS on ALL interested parties remaining accountable to the common goal.

Blind gopher auditors should be filtered out of the system; not welcomed.

Blind Gopher Auditors Comment - Who is responsible?

Ninja

Looking for Reality

Sidney Vianna

Post Responsibly

AndyN

Moved On

Ninja

Looking for Reality

Sidney Vianna

Post Responsibly

Ninja

Looking for Reality

Sidney Vianna

Post Responsibly

Jim Wynne

Paola4122

Sidney Vianna

Post Responsibly

Similar threads