Auditor and Registrar Competence


Fully vaccinated are you?
Staff member
Subject: Re: ISO Conflict of Interest /../Vianna/Borges/Naish
Date: Tue, 13 Apr 1999 12:36:46 -0600
From: ISO Standards Discussion <[email protected]>

From: [email protected]
Subject: Re: ISO Conflict of Interest /../Vianna/Borges/Naish

Ellie's information about BSI and their qualification of auditors and customer feedback is good. But it is not limited to BSI. As a registrar the things Ellie mentioned are the things the registrars are suppose to be doing to keep their cetification through the certification bodies.

I have used TUV Rheinland of North America for a number of audits. I have done some qualifying of registrars and have asked some of the TUV auditors as well as auditors from NSAI and UL about their training. TUV Rheinland has the same focus and does regular training of auditors both inside the company and by sending auditors to training to outside sources to stay in step with other registrars and the auditing community. NSAI indicated their training was primarily in Ireland. I only talked to one UL auditor but was told they also do in house training.

I have only had the opportunity to do a good auditor comparison with TUV where I have been exposed to 5 or 6 auditors. I have however, talked to others who used them and found they had been exposed to auditors other than the ones I had experienced. There was a range of professionalism and value for the dollar. There were a couple that gave you ten dollars worth of value for 2 dollars spent. Then you got five for two and some where you got two for two. But they have most consistently provided good service for what you paid.

I have seen the same thing within every group of individuals I have been in. When I was at Intel Corp. each group had people who put out 150% and those that you got 75% from. In school you have A students who work until midnight studying and those that do an hour so they can skate by with C and D.

In every case we have to let the registrar know. The unforunate side of this is that if it stops at the registrar what we can end up with is the person moves from one registrar to another and we continue to be victims of poor skills.

Like the earlier message, may be we should be communicating the information to the certification body who is listed on the certificate as well. They can be more aware as they do their audits of registrars and watch for internal corrective actions being taken. The registrar is required to address all corrective actions addressed. However, if they see no complaints because the registrar disposes of them the only route is the direct route to the certification body.

I know from talking to a registrar when I had a problem with the response from another registrar that any legitimate complaint sent by you to the certification body has to be addressed by the registrar and is evaluated as a part of the audit of the registrar.

The earlier comment about the company getting what the auditor may have thought they wanted is not out of line with a similar experience I heard of from another company. When the company received a preaudit from one registrar they did not do well. The company thought the registrar was unduly harsh since a sister company had passed their audit with a different resgistrar with the same processes.

So they called the registrar in that did their sister company and had a second pre audit done. while they had made some changes a number of the items considered non confroming remained unchanged. When the second registrar was asked about the differences between the registrars, the auditor said they used to be toughter and more strict in their audits but because the clients complained too much and either took the business elsewhere or threatened to they were much easier on them now.

If this company gets poor audits knowing the first registrar audited strictly to the standard and the second doesn't they are sending an indirect message that they don't want a thorough audit. It is possible this is a similar situation.

Elsmar Forum Sponsor

barb butrym

Quite Involved in Discussions
All audits are different and have many variables, some justified and some not. personality of the auditor comes into play, as it should..... One auditor can say the same as another, but presented differently, get quite a different response. Registrars should, if they don't already (which evidence points most don't), take that presentation of information (ie minor nonconformances and opportunities)and be consistent in how thier auditors approach it. URS of the UK does just that here in the states. Their North east operation, of which I am a part, takes great pride in their client friendly approach. The audits are thorough and professional. The standards, both registrar requirements and ISO/QS xxxx, are strictly adhered to, but no drilling or invasive technicques are allowed. If an issue arises during the audit the client is immediately made aware, absolutely no surprises, and is allowed to correct the situation if he can, and provide evidence of 'gottcha' allowed, more of a 'we have a problem'. If the client presents a case and proves it works, and is not in violation of the standard, then that response is noted, and verified at the next audit, if it works for the company, and meets the intent of the standard then it is allowed. Opportunities for improvement are not show stoppers. We always take into consideration if something is 'value added' or BS, and the effect on the end product or service and the customer. So much is 'auditor dependant' that we try to cut that variation by having each of our auditors go through the same QSLA course (regardless of their previous training) with our trainer of choice, and a internship with our seasoned auditors, prior to sending them out on thier own. They are closely scruitinized to ensure they represent URS, North-east US, they way we want to be portrayed.

I hesitated to respond here as i didn't want to appear as if I were selling the registrar. But as a consultant, I have seen and experienced the pains mentioned above all too often, and when URS asked me to work with them here, I agreed ,only if these terms were met, URS agreed immediately, and have supported all of us here in this endeavor. Their US presence has nearly doubled and is still growing since we started the North-east operation, In addition to consistency in auditors, it has eliminated the cost of international flights. It has been a great incentive for the clients, and the word of mouth "sales" are over the moon. Our customer feedback has been awesome.

OK now off the soap box....Anyone pursuing registration needs to really get to know the registrar and its 'policies/personalities' to the auditors. You need to be comfortable disagreeing with him/her. What do they know about your type of business/clients....will they enforce QS like requirements on a putty knife manufacturer? Do your homework, money is not the endall reason to base your choice on.

David Guffey

It's been too long since someone posted to this, so here's two cents worth.
Barb, you last posted on my father's birthday, so it got my attention.
Barb's point of interviewing cannot be overstressed. Always start out with a long list of potential registrars. Decide what accreditations you want or need. Decide if you want to tolerate large travel expenses. Determine if you must have a "big name" or if you can live with a smaller, but perhaps even more competent name. Deterime the level of registrar expertise in the standard to which you want to register. Does the registrar/auditor(s) have experience in your industry?
After you have narrowed your list to three-to-five desired registrars, request actual auditor visits or at least telephone calls for interview purposes. Determine from that the pervieved competence and perhaps just as important, the "chemistry". Be comfortable with the registrar's appeal process. Is it adequate to satisfy you?
Once you've made your selection and signed the contract, remember your right to request alternate auditors if an experience is not good. And, after all that, remember that in three years you have an opportunity to start over.


Super Moderator
We just got our certificate for ISO 9002. Quite honestly I don't think the auditors we had actually knew the who, what, where, when, how, or why of our operation.

They apparently have been in the business for a while and work for a major Registrar. They definitely knew "their business" and I found them listed on the RAB as certified Lead Auditors. They did identify a couple of "major and minor -D's".

But knowing a little about ISO myself, and knowing our operation since it's beginning, there's no way that I could objectively say "this system conforms to the standard". The system we have is broke, not beyond repair , but still broke. My feelings are echoed by others in the know here too.

Laura M

Out of curiosity...when you say a "couple of majors and minors" I would guess that it is a couple of minors, no more that one major.

Along the "our system is broke" line,
I always found it interesting that a major can be identified if the non-conformance resulted in "probable shipment of non-conforming product"
If that's the case, then a supplier with returned Parts per million over zero has a quality system which resulted in not a "Probable shipment", but a 100% chance of shipping N/C material! So obviously, there is discretion here.
Also, if you just got certified, don't dispair. I remember thinking that, with the N/C's identified there was so much more work to do. It's easy from within to know the problems. Hopefully what you have in place can spring board additional improvement. Your registrar should be looking for improvement at each visit.


Replying to Marc's first post...
TUV Management Service has training once an year in Danvers, MA. All the auditors travel out to participate in cross-training which includes outside training, interpretations, audit techniques and critiques, developments in the standards. This is typically a week long affair. This requirement is imposed by our mothership in Germany.
Within the Danvers, MA organization, the goal is also that on an annual basis, 3% of the time is delegated to training.
When I started with TMS about 3.5 years ago I also had to participate (PASS!!!) the TUV Cert Lead Auditor week long course. This was additional training since when I came to TMS, I already had certification as Lead Auditor RAB and IRCA. Let's not forget QS-9000 certification as well.
I will say this - always check and double-check your auditor's and your registrar's credentials.

Pete Maizitis
Lead Auditor
TUV Management Service

Gerry A. Sherman

All registrars are required to have a continuing education/training program for auditors. On site evaluation of their performance is conducted on a periodic basis and their audit reports should be reviewed constantly to see if the audits are meeting the "policy" of the registrar. I've heard a lot of talk of inconsistancy between auditors, with one identifying a "major" and another identifying a "minor" while someone else misses it altogether. Properly trained auditors with a consistant management policy will have very little variation from auditor to auditor or audit to audit.
As far as identification of "major" vs. "minor", look at ISO 10011. An auditor is responsible to report all observations of departure from requirements. All observations that indicate a breakdown in a system requirement are to be reported as nonconformities.
The registrar should have a clear policy on how the results of audit should be reported. Our position is that isolated occurrences are "observations" and multiple observations would constitute a "nonconformity". We are getting away from major, minor, and concern. The objective is primarily to find out if the system is working or broken.
Registrars are supposed to stay away from consulting.
Thread starter Similar threads Forum Replies Date
A ISO 9001:2015 registrar Auditor requesting copies of procedure prior to audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
D Breach of Contract from Registrar (Auditor Payment Issue) Registrars and Notified Bodies 18
A AATT Aerospace Auditor Requirements for an AS9100 Registrar AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
E Consultant Person who implemented ALSO the Registrar Auditor? Consultants and Consulting 17
B TS 16949 Auditor Availability and Registrar Scheduling Delays Registrars and Notified Bodies 4
C ISO 14001 and OHSAS 18001 Registrar Auditor Credentials Career and Occupation Discussions 8
P Registrar Auditor's Candid Remarks - Should I report him to his office? Quality Manager and Management Related Issues 9
R Registrar Auditor putting more emphasis on training? ISO9001:2008 General Auditing Discussions 8
Z Interviewing an External Auditor? Choose a Registrar for ISO 9001 Registration Registrars and Notified Bodies 30
P Why do you get assigned an auditor from a registrar (that sticks with you) Registrars and Notified Bodies 10
L Questions to ask a New Registrar TS 16949 Auditor Registrars and Notified Bodies 7
M Registrar Nightmare... Document Review and Other Auditor Issues ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 76
M Requesting Auditor Change from Registrar - Feedback, Please Registrars and Notified Bodies 6
Sidney Vianna Does your Registrar have a high Auditor Turnover Rate? Registrars and Notified Bodies 15
Antonio Vieira Bad Auditor - Is it normal to ask the registrar to send a different auditor Registrars and Notified Bodies 9
R Registrar Lead Auditor qualifications - What are the General Auditing Discussions 2
J FMEA Level of Detail - Is the registrar's auditor correct? FMEA and Control Plans 1
Marc Registrar Lawsuits? Troubles at ABS-QE - Auditor Qualifications Registrars and Notified Bodies 1
S Transition training for Internal Auditor from ISO 9001: 2008 to the ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
J IATF CB Auditor questions Internal Auditor Competence IATF 16949 - Automotive Quality Systems Standard 19
Sidney Vianna Food & Beverage Safety Lead Auditor Open Position - USA Job Openings, Consulting and Employment Opportunities 0
M Best accreditation body for AS9100D Lead facility auditor? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
Ed Panek Auditor MDR (Presub audit) finding EU Medical Device Regulations 2
I Freelance VDA6.3 Auditor at TURKEY VDA Standards - Germany's Automotive Standards 0
M VDA 6.3 – Workshop for Certified Process Auditor VDA Standards - Germany's Automotive Standards 2
R CB/Auditor Requiring a change in scope ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 8
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
W Redacting Info Before Giving to Auditor ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
T Quality auditor legal right to see Board meeting minutes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 15
V Certified Auditor - Need of additional certification specific to industry ( GMPs) ASQ vs ECA vs others Professional Certifications and Degrees 1
V Internal Auditor Competency KPI IATF 16949 - Automotive Quality Systems Standard 15
R American Petroleum Institute - Becoming an API Auditor Professional Certifications and Degrees 2
B Lowest cost way to pass Lead Auditor exam ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
B Internal Auditor Competency - Product Auditors Internal Auditing 9
U Internal Auditor not trained but done Audit for some process Nonconformance and Corrective Action 5
Z Auditor Findings ISO 14001:2015 vs. 45001:2015 ISO 14001:2015 Specific Discussions 6
B IATF16949 audit requirement - Auditor request UCL and LCL must be show Xbar-R, IATF 16949 - Automotive Quality Systems Standard 7
A Becoming an ISO27001 3rd Party Auditor Career and Occupation Discussions 4
L ASQ's Biomedical Auditor Course Test ASQ - American Society for Quality 1
M Tips on preparing for IATF 16949 Internal Lead Auditor exam Manufacturing and Related Processes 1
G Same parts but new customer - What will the auditor ask me? IATF 16949 - Automotive Quality Systems Standard 2
Gun46 ISO 9001 : 2015 Lead Auditor Exam General Auditing Discussions 16
K %GRR was between 10-30% so we have to have a "backup plan" per auditor IATF 16949 - Automotive Quality Systems Standard 15
S ISO 13485 Lead Auditor - Debate between our Quality Team and Regulatory Auditor - Internal Auditor Training ISO 13485:2016 - Medical Device Quality Management Systems 42
R ISO 45001 Lead Auditor Exam paper Training - Internal, External, Online and Distance Learning 1
B Internal and external auditor competency to CSR's IATF 16949 - Automotive Quality Systems Standard 20
A Our auditor told if we didn't have a patent we would have to do a validation or verification ISO 13485:2016 - Medical Device Quality Management Systems 6
W Certification for IATF Lead Auditor will expire in 2020 IATF 16949 - Automotive Quality Systems Standard 2
D Impartiality of Internal Auditor ISO 9001/13485 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
Ed Panek Auditor driving us nuts - ESD requirements ISO 13485:2016 - Medical Device Quality Management Systems 23

Similar threads

Top Bottom