Best Practice vs. Standard Compliance
Throughout the process of moving from 1994 to 2000 I am always trying to get more out of the limited resources at hand by developing "best practices". Being a multi-site registration it gets expensive to send qualified personnel out to the off-site locations to conduct audits. In addition, I always want to send the best qualified person(s). Now IMHO the requirement for qualified person(s) doesn’t end with just auditing skills … it includes an understanding of the products and services being produced, the processes being used and the “know the customer” factor. With all this in mind … what is a "best practice" when assigning auditors to audit a given area/process/etc? Does clause 8.2.2 restrict me from selecting the absolute best auditor because: “Selection of auditors and conduct of audits SHALL ensure objectivity and impartiality of the audit process. Auditors SHALL not audit their own work.”
Here is my thought: I would like to train some of the managers who frequently visit these off-site locations as a course of their normal business routine to become auditors. They are by my estimation the best qualified technically because they manage the job from A to Z (they don’t do the work). They understand the processes the best and have the best “view” of what works and what doesn’t. For example, if I trained the Division Manager of division XYZ (who doesn’t work at the off-site location and therefore is not auditing his/her own work) to audit one of his/her sub-departments (for this example divisions are made up of several small departments) is this by definition a problem with “objectivity and impartiality” since the manager is responsible for the very work in the department he audited? Is it absolutely impossible for the Division Manager to be open-minded enough to conduct the audit and most likely have to report some form of nonconformance against himself? An ideal QMS should work for the benefit of the company by detecting process problems and fixing them, and if top management truly supports this concept then no manager should be “afraid to report nonconformances”. If this is true, does objectivity and impartiality become less of a concern than finding the problem and fixing it?
This seems to make good business sense which is the purpose of a well run QMS, but I also have to balance “good business sense” by smartly following the intent of the standard. Would a simple resolution be to have these managers sign a type of pledge to conduct these audits without any impartiality and to remain objective regardless of the findings? At least the signed pledge would be objective evidence that the manager completely understands the concept and has agreed to “leave any impartiality at the door” during an audit. Not living in a perfect world I know this can’t be done 100%, but is it a reasonable method to satisfy all requirements? I would like to hear from third party auditors Marc has invited to this site … as well as the regulars of course. DISCLAIMER: This is not an attempt to “lip service, cheat, or short-cut” the standard, but as always to be effective and efficient with the resources at hand and to follow the intent and spirt of the standard.