Auditor and Registrar Competence


Fully vaccinated are you?
Subject: Re: ISO Conflict of Interest /../Vianna/Borges/Naish
Date: Tue, 13 Apr 1999 12:36:46 -0600
From: ISO Standards Discussion <[email protected]>

From: [email protected]
Subject: Re: ISO Conflict of Interest /../Vianna/Borges/Naish

Ellie's information about BSI and their qualification of auditors and customer feedback is good. But it is not limited to BSI. As a registrar the things Ellie mentioned are the things the registrars are suppose to be doing to keep their cetification through the certification bodies.

I have used TUV Rheinland of North America for a number of audits. I have done some qualifying of registrars and have asked some of the TUV auditors as well as auditors from NSAI and UL about their training. TUV Rheinland has the same focus and does regular training of auditors both inside the company and by sending auditors to training to outside sources to stay in step with other registrars and the auditing community. NSAI indicated their training was primarily in Ireland. I only talked to one UL auditor but was told they also do in house training.

I have only had the opportunity to do a good auditor comparison with TUV where I have been exposed to 5 or 6 auditors. I have however, talked to others who used them and found they had been exposed to auditors other than the ones I had experienced. There was a range of professionalism and value for the dollar. There were a couple that gave you ten dollars worth of value for 2 dollars spent. Then you got five for two and some where you got two for two. But they have most consistently provided good service for what you paid.

I have seen the same thing within every group of individuals I have been in. When I was at Intel Corp. each group had people who put out 150% and those that you got 75% from. In school you have A students who work until midnight studying and those that do an hour so they can skate by with C and D.

In every case we have to let the registrar know. The unforunate side of this is that if it stops at the registrar what we can end up with is the person moves from one registrar to another and we continue to be victims of poor skills.

Like the earlier message, may be we should be communicating the information to the certification body who is listed on the certificate as well. They can be more aware as they do their audits of registrars and watch for internal corrective actions being taken. The registrar is required to address all corrective actions addressed. However, if they see no complaints because the registrar disposes of them the only route is the direct route to the certification body.

I know from talking to a registrar when I had a problem with the response from another registrar that any legitimate complaint sent by you to the certification body has to be addressed by the registrar and is evaluated as a part of the audit of the registrar.

The earlier comment about the company getting what the auditor may have thought they wanted is not out of line with a similar experience I heard of from another company. When the company received a preaudit from one registrar they did not do well. The company thought the registrar was unduly harsh since a sister company had passed their audit with a different resgistrar with the same processes.

So they called the registrar in that did their sister company and had a second pre audit done. while they had made some changes a number of the items considered non confroming remained unchanged. When the second registrar was asked about the differences between the registrars, the auditor said they used to be toughter and more strict in their audits but because the clients complained too much and either took the business elsewhere or threatened to they were much easier on them now.

If this company gets poor audits knowing the first registrar audited strictly to the standard and the second doesn't they are sending an indirect message that they don't want a thorough audit. It is possible this is a similar situation.

Elsmar Forum Sponsor

barb butrym

Quite Involved in Discussions
All audits are different and have many variables, some justified and some not. personality of the auditor comes into play, as it should..... One auditor can say the same as another, but presented differently, get quite a different response. Registrars should, if they don't already (which evidence points most don't), take that presentation of information (ie minor nonconformances and opportunities)and be consistent in how thier auditors approach it. URS of the UK does just that here in the states. Their North east operation, of which I am a part, takes great pride in their client friendly approach. The audits are thorough and professional. The standards, both registrar requirements and ISO/QS xxxx, are strictly adhered to, but no drilling or invasive technicques are allowed. If an issue arises during the audit the client is immediately made aware, absolutely no surprises, and is allowed to correct the situation if he can, and provide evidence of 'gottcha' allowed, more of a 'we have a problem'. If the client presents a case and proves it works, and is not in violation of the standard, then that response is noted, and verified at the next audit, if it works for the company, and meets the intent of the standard then it is allowed. Opportunities for improvement are not show stoppers. We always take into consideration if something is 'value added' or BS, and the effect on the end product or service and the customer. So much is 'auditor dependant' that we try to cut that variation by having each of our auditors go through the same QSLA course (regardless of their previous training) with our trainer of choice, and a internship with our seasoned auditors, prior to sending them out on thier own. They are closely scruitinized to ensure they represent URS, North-east US, they way we want to be portrayed.

I hesitated to respond here as i didn't want to appear as if I were selling the registrar. But as a consultant, I have seen and experienced the pains mentioned above all too often, and when URS asked me to work with them here, I agreed ,only if these terms were met, URS agreed immediately, and have supported all of us here in this endeavor. Their US presence has nearly doubled and is still growing since we started the North-east operation, In addition to consistency in auditors, it has eliminated the cost of international flights. It has been a great incentive for the clients, and the word of mouth "sales" are over the moon. Our customer feedback has been awesome.

OK now off the soap box....Anyone pursuing registration needs to really get to know the registrar and its 'policies/personalities' to the auditors. You need to be comfortable disagreeing with him/her. What do they know about your type of business/clients....will they enforce QS like requirements on a putty knife manufacturer? Do your homework, money is not the endall reason to base your choice on.

David Guffey

It's been too long since someone posted to this, so here's two cents worth.
Barb, you last posted on my father's birthday, so it got my attention.
Barb's point of interviewing cannot be overstressed. Always start out with a long list of potential registrars. Decide what accreditations you want or need. Decide if you want to tolerate large travel expenses. Determine if you must have a "big name" or if you can live with a smaller, but perhaps even more competent name. Deterime the level of registrar expertise in the standard to which you want to register. Does the registrar/auditor(s) have experience in your industry?
After you have narrowed your list to three-to-five desired registrars, request actual auditor visits or at least telephone calls for interview purposes. Determine from that the pervieved competence and perhaps just as important, the "chemistry". Be comfortable with the registrar's appeal process. Is it adequate to satisfy you?
Once you've made your selection and signed the contract, remember your right to request alternate auditors if an experience is not good. And, after all that, remember that in three years you have an opportunity to start over.


Super Moderator
We just got our certificate for ISO 9002. Quite honestly I don't think the auditors we had actually knew the who, what, where, when, how, or why of our operation.

They apparently have been in the business for a while and work for a major Registrar. They definitely knew "their business" and I found them listed on the RAB as certified Lead Auditors. They did identify a couple of "major and minor -D's".

But knowing a little about ISO myself, and knowing our operation since it's beginning, there's no way that I could objectively say "this system conforms to the standard". The system we have is broke, not beyond repair , but still broke. My feelings are echoed by others in the know here too.

Laura M

Out of curiosity...when you say a "couple of majors and minors" I would guess that it is a couple of minors, no more that one major.

Along the "our system is broke" line,
I always found it interesting that a major can be identified if the non-conformance resulted in "probable shipment of non-conforming product"
If that's the case, then a supplier with returned Parts per million over zero has a quality system which resulted in not a "Probable shipment", but a 100% chance of shipping N/C material! So obviously, there is discretion here.
Also, if you just got certified, don't dispair. I remember thinking that, with the N/C's identified there was so much more work to do. It's easy from within to know the problems. Hopefully what you have in place can spring board additional improvement. Your registrar should be looking for improvement at each visit.


Replying to Marc's first post...
TUV Management Service has training once an year in Danvers, MA. All the auditors travel out to participate in cross-training which includes outside training, interpretations, audit techniques and critiques, developments in the standards. This is typically a week long affair. This requirement is imposed by our mothership in Germany.
Within the Danvers, MA organization, the goal is also that on an annual basis, 3% of the time is delegated to training.
When I started with TMS about 3.5 years ago I also had to participate (PASS!!!) the TUV Cert Lead Auditor week long course. This was additional training since when I came to TMS, I already had certification as Lead Auditor RAB and IRCA. Let's not forget QS-9000 certification as well.
I will say this - always check and double-check your auditor's and your registrar's credentials.

Pete Maizitis
Lead Auditor
TUV Management Service

Gerry A. Sherman

All registrars are required to have a continuing education/training program for auditors. On site evaluation of their performance is conducted on a periodic basis and their audit reports should be reviewed constantly to see if the audits are meeting the "policy" of the registrar. I've heard a lot of talk of inconsistancy between auditors, with one identifying a "major" and another identifying a "minor" while someone else misses it altogether. Properly trained auditors with a consistant management policy will have very little variation from auditor to auditor or audit to audit.
As far as identification of "major" vs. "minor", look at ISO 10011. An auditor is responsible to report all observations of departure from requirements. All observations that indicate a breakdown in a system requirement are to be reported as nonconformities.
The registrar should have a clear policy on how the results of audit should be reported. Our position is that isolated occurrences are "observations" and multiple observations would constitute a "nonconformity". We are getting away from major, minor, and concern. The objective is primarily to find out if the system is working or broken.
Registrars are supposed to stay away from consulting.
Thread starter Similar threads Forum Replies Date
A ISO 9001:2015 registrar Auditor requesting copies of procedure prior to audit ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 24
D Breach of Contract from Registrar (Auditor Payment Issue) Registrars and Notified Bodies 18
A AATT Aerospace Auditor Requirements for an AS9100 Registrar AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 10
E Consultant Person who implemented ALSO the Registrar Auditor? Consultants and Consulting 17
B TS 16949 Auditor Availability and Registrar Scheduling Delays Registrars and Notified Bodies 4
C ISO 14001 and OHSAS 18001 Registrar Auditor Credentials Career and Occupation Discussions 8
P Registrar Auditor's Candid Remarks - Should I report him to his office? Quality Manager and Management Related Issues 9
R Registrar Auditor putting more emphasis on training? ISO9001:2008 General Auditing Discussions 8
Z Interviewing an External Auditor? Choose a Registrar for ISO 9001 Registration Registrars and Notified Bodies 30
P Why do you get assigned an auditor from a registrar (that sticks with you) Registrars and Notified Bodies 10
L Questions to ask a New Registrar TS 16949 Auditor Registrars and Notified Bodies 7
M Registrar Nightmare... Document Review and Other Auditor Issues ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 76
M Requesting Auditor Change from Registrar - Feedback, Please Registrars and Notified Bodies 6
Sidney Vianna Does your Registrar have a high Auditor Turnover Rate? Registrars and Notified Bodies 15
Antonio Vieira Bad Auditor - Is it normal to ask the registrar to send a different auditor Registrars and Notified Bodies 9
R Registrar Lead Auditor qualifications - What are the General Auditing Discussions 2
J FMEA Level of Detail - Is the registrar's auditor correct? FMEA and Control Plans 1
Marc Registrar Lawsuits? Troubles at ABS-QE - Auditor Qualifications Registrars and Notified Bodies 1
K Best Internal Auditor Training Internal Auditing 18
M BSI 13485 Lead Auditor Certification ISO 13485:2016 - Medical Device Quality Management Systems 5
Ed Panek Auditor Feedback ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 12
S AS9120 - New Internal Auditor Training requirement? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
K Becoming a Trainer for ISO/AS Lead Auditor and AATT Courses Professional Certifications and Degrees 2
Q Lead Auditor Training Training - Internal, External, Online and Distance Learning 31
K Qualified MDR internal auditor? EU Medical Device Regulations 8
N Special characteristics - Auditor said we are required to create our own, if no customer char. exist. IATF 16949 - Automotive Quality Systems Standard 10
C VDA 6.3 Auditor Expiration - Grace Period? IATF 16949 - Automotive Quality Systems Standard 7
B Auditor from other country ISO 14001:2015 Specific Discussions 5
Crusader ASQ AS9100 Lead Auditor Training Career and Occupation Discussions 27
J New QMS Auditor - seeking opportunities to gain audit experience Career and Occupation Discussions 3
A " I, as a 3rd party auditor, retain the obligation to determine whether or not the process is "effective"... Discuss. Registrars and Notified Bodies 5
X Looking for 17025 auditor to perform internal audit on IT software testing laboratory ISO 17025 related Discussions 3
B Internal Auditor Competence for Automotive CSR's IATF 16949 - Automotive Quality Systems Standard 6
Ed Panek Auditor Comment about MDR vs MDD EU Medical Device Regulations 10
K 3rd party auditor for ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 4
K AS9100 - Looking for advice on how to become a CB Auditor AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
Ed Panek Question from 13485 Auditor ISO 13485:2016 - Medical Device Quality Management Systems 2
S Rude Customer Auditor General Auditing Discussions 18
G Medical Device Auditor (CMDA) certification exam by ASQ - looking for input Career and Occupation Discussions 3
Sidney Vianna IAQG News New IAQG Resources - AS9104-3 Requirements for Aerospace Auditor Competency & Training Courses AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
D Internal auditor competence assessment Internal Auditing 13
Robert Stanley Can You Reject an Auditor? Registrars and Notified Bodies 48
Sidney Vianna Job Opening in the USA - IATF 16949 Lead Auditor Position Job Openings, Consulting and Employment Opportunities 0
R Lead auditor scenario (Need help) is this non conforming to ISO13485 Manufacturing and Related Processes 2
P Does FDA require certification for quality system internal audit for auditor? Qualification and Validation (including 21 CFR Part 11) 1
P Looking to outsource Internal Audit - MDSAP competent auditor needed Other Medical Device Regulations World-Wide 9
S Transition training for Internal Auditor from ISO 9001: 2008 to the ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
J IATF CB Auditor questions Internal Auditor Competence IATF 16949 - Automotive Quality Systems Standard 19
Sidney Vianna Food & Beverage Safety Lead Auditor Open Position - USA Job Openings, Consulting and Employment Opportunities 0
M Best accreditation body for AS9100D Lead facility auditor? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6

Similar threads

Top Bottom