Govind said:
Recently, I was having a discussion in this subject with one of our management staff.
I was always given the impression that the Third party auditors (Registration body) are not allowed to provide recommendations for correcting deficiencies, since this may be considered as a potential bias.
I wanted to clarify this and reviewed “The Quality Audit handbook” by J.P.Russell. In Page 111, he says that if requested by the client, Auditors may provide recommendations. He suggests placing Recommendations in an appendix separately. Also adds, In most cases, that auditee is not obligated to implement auditor’s recommendation.
This is interesting with current Registrar-Organizations relationships that exist in many cases. Registrars project themselves in advertisements as a “Value added service provider”. Some organizations also expect the 3rd party auditor to provide directions on complex issues with respect requirement implementation. This is a catch 22 situation. If auditor is not providing recommendations, the organizations may not prefer the registrar. If they did, they may become biased towards auditing the Corrective action since they recommended that in the first place!
1. Having said that, would you prefer the registration auditor to provide recommendations?
2. Have you had experiences where you had implemented a different approach from what the registration auditor recommended and convinced the auditor that you were right?
Govind.
Your comments are generally correct, but the issue is not that black and white. I am an auditor and consultant for ISO 9001 and 14001, as well as QS and TS. Auditors are allowed to explain or clarify the standard, the related documents (ie: ISO 9004 - an excellent read, by the way). They are allowed to point out "Opportunities for Improvement," without giving
specific solutions. They are not allowed to strongly urge that you need to do such and such and so on.
So, for example, an auditor can point out that the internal audit records were compliant, but rather basic and don't provide all the information and value that is potentially available. That could be an OFI.
If the client says, "well, whats wrong with them," he can even point out things like, the questions being used are rather generic, better depth to the audits could help improve the system, perhaps better training could benefit the auditors. He can suggest the auditors could make better use of the work instructions as a source of audit material. These are all ideas that are published in ISO 9004 and related documents, and are not consulting. But he is not permitted to go into great detail, or teach the auditors how to do better audits. We used to be able to site generic examples of how others might have tackled an issue, but recently, they are pulling back on that.
The whole principal is the auditor has to be independent, so he is not auditing his own work. If you make your system look like what he would do, the risk is he will lose objectivity. It would no longer be your system.
But, there is much value that can be given without crossing the line. Experienced auditors know where the line is. I have undergone 6 witness audits thus far, and never had a nonconformance or issue with this. But we provided much value during those audits, just like any other.