Subject: Re: ISO Conflict of Interest /../Vianna/Borges/Naish
Date: Tue, 13 Apr 1999 12:36:46 -0600
From: ISO Standards Discussion <[email protected]>
From: [email protected]
Subject: Re: ISO Conflict of Interest /../Vianna/Borges/Naish
Ellie's information about BSI and their qualification of auditors and customer feedback is good. But it is not limited to BSI. As a registrar the things Ellie mentioned are the things the registrars are suppose to be doing to keep their cetification through the certification bodies.
I have used TUV Rheinland of North America for a number of audits. I have done some qualifying of registrars and have asked some of the TUV auditors as well as auditors from NSAI and UL about their training. TUV Rheinland has the same focus and does regular training of auditors both inside the company and by sending auditors to training to outside sources to stay in step with other registrars and the auditing community. NSAI indicated their training was primarily in Ireland. I only talked to one UL auditor but was told they also do in house training.
I have only had the opportunity to do a good auditor comparison with TUV where I have been exposed to 5 or 6 auditors. I have however, talked to others who used them and found they had been exposed to auditors other than the ones I had experienced. There was a range of professionalism and value for the dollar. There were a couple that gave you ten dollars worth of value for 2 dollars spent. Then you got five for two and some where you got two for two. But they have most consistently provided good service for what you paid.
I have seen the same thing within every group of individuals I have been in. When I was at Intel Corp. each group had people who put out 150% and those that you got 75% from. In school you have A students who work until midnight studying and those that do an hour so they can skate by with C and D.
In every case we have to let the registrar know. The unforunate side of this is that if it stops at the registrar what we can end up with is the person moves from one registrar to another and we continue to be victims of poor skills.
Like the earlier message, may be we should be communicating the information to the certification body who is listed on the certificate as well. They can be more aware as they do their audits of registrars and watch for internal corrective actions being taken. The registrar is required to address all corrective actions addressed. However, if they see no complaints because the registrar disposes of them the only route is the direct route to the certification body.
I know from talking to a registrar when I had a problem with the response from another registrar that any legitimate complaint sent by you to the certification body has to be addressed by the registrar and is evaluated as a part of the audit of the registrar.
The earlier comment about the company getting what the auditor may have thought they wanted is not out of line with a similar experience I heard of from another company. When the company received a preaudit from one registrar they did not do well. The company thought the registrar was unduly harsh since a sister company had passed their audit with a different resgistrar with the same processes.
So they called the registrar in that did their sister company and had a second pre audit done. while they had made some changes a number of the items considered non confroming remained unchanged. When the second registrar was asked about the differences between the registrars, the auditor said they used to be toughter and more strict in their audits but because the clients complained too much and either took the business elsewhere or threatened to they were much easier on them now.
If this company gets poor audits knowing the first registrar audited strictly to the standard and the second doesn't they are sending an indirect message that they don't want a thorough audit. It is possible this is a similar situation.
Phyllis
Date: Tue, 13 Apr 1999 12:36:46 -0600
From: ISO Standards Discussion <[email protected]>
From: [email protected]
Subject: Re: ISO Conflict of Interest /../Vianna/Borges/Naish
Ellie's information about BSI and their qualification of auditors and customer feedback is good. But it is not limited to BSI. As a registrar the things Ellie mentioned are the things the registrars are suppose to be doing to keep their cetification through the certification bodies.
I have used TUV Rheinland of North America for a number of audits. I have done some qualifying of registrars and have asked some of the TUV auditors as well as auditors from NSAI and UL about their training. TUV Rheinland has the same focus and does regular training of auditors both inside the company and by sending auditors to training to outside sources to stay in step with other registrars and the auditing community. NSAI indicated their training was primarily in Ireland. I only talked to one UL auditor but was told they also do in house training.
I have only had the opportunity to do a good auditor comparison with TUV where I have been exposed to 5 or 6 auditors. I have however, talked to others who used them and found they had been exposed to auditors other than the ones I had experienced. There was a range of professionalism and value for the dollar. There were a couple that gave you ten dollars worth of value for 2 dollars spent. Then you got five for two and some where you got two for two. But they have most consistently provided good service for what you paid.
I have seen the same thing within every group of individuals I have been in. When I was at Intel Corp. each group had people who put out 150% and those that you got 75% from. In school you have A students who work until midnight studying and those that do an hour so they can skate by with C and D.
In every case we have to let the registrar know. The unforunate side of this is that if it stops at the registrar what we can end up with is the person moves from one registrar to another and we continue to be victims of poor skills.
Like the earlier message, may be we should be communicating the information to the certification body who is listed on the certificate as well. They can be more aware as they do their audits of registrars and watch for internal corrective actions being taken. The registrar is required to address all corrective actions addressed. However, if they see no complaints because the registrar disposes of them the only route is the direct route to the certification body.
I know from talking to a registrar when I had a problem with the response from another registrar that any legitimate complaint sent by you to the certification body has to be addressed by the registrar and is evaluated as a part of the audit of the registrar.
The earlier comment about the company getting what the auditor may have thought they wanted is not out of line with a similar experience I heard of from another company. When the company received a preaudit from one registrar they did not do well. The company thought the registrar was unduly harsh since a sister company had passed their audit with a different resgistrar with the same processes.
So they called the registrar in that did their sister company and had a second pre audit done. while they had made some changes a number of the items considered non confroming remained unchanged. When the second registrar was asked about the differences between the registrars, the auditor said they used to be toughter and more strict in their audits but because the clients complained too much and either took the business elsewhere or threatened to they were much easier on them now.
If this company gets poor audits knowing the first registrar audited strictly to the standard and the second doesn't they are sending an indirect message that they don't want a thorough audit. It is possible this is a similar situation.
Phyllis