Auditors and CB's further investigating certified QMS' with ethical breaches?

Sidney Vianna

Post Responsibly
Staff member
Admin
#1
In that APG paper, last paragraph reads:
If auditors become aware of any deliberate legal noncompliance that could affect the image and credibility of the QMS before, during, or after the audit (including, for example, breach of antitrust law, labour law, health and safety or environmental regulations) then this should be taken into consideration and investigated further, as appropriate. Apart from the regulatory authority’s action, it is for the auditors to assess the effectiveness of the QMS in meeting customer requirements (stated or generally implied) and report this to the certification and registration body management to take appropriate actions.
Reminds me of the case which led me to start this thread, back in 2005. Wondering how many auditors and CB's "further investigate" if any of their certified clients are caught in ethical breaches which brings the "effectiveness" of the certified QMS into question.
 
Last edited:
Elsmar Forum Sponsor

BoardGuy

Quite Involved in Discussions
#2
Well the first item would be, are the auditors trained in antitrust law, labour law, health and safety or environmental regulations at the national, state, county and city level. If the auditor has not been trained by the CB and found to be competent in these areas of expertise then he or she could not make that determination.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#3
Auditor and CB's would not be conducting a criminal investigation; thus no need to have competence in those areas. What the paper is suggesting is that auditors and CB's should react to situations where an ethical breach has or might have happened. The case that led to the thread linked in my previous post was a good example, but there are many more out there.
 

Randy

Super Moderator
#4
Well the first item would be, are the auditors trained in antitrust law, labour law, health and safety or environmental regulations at the national, state, county and city level. If the auditor has not been trained by the CB and found to be competent in these areas of expertise then he or she could not make that determination.
But some of us are;)

In the case of a suspected breach of ethics as illustrated by the OP, my personal code of ethics, and the professional ethics of who I represent, requires me to notify someone of authority in my chain of command (specifically identified in procedures I must follow), pack my stuff and inform my point of contact why I'm leaving. As for investigation, it's not within the defined scope of my duties, though quite capable of performing an investigation I wouldn't mainly because of potential libility and litigation.

Now if I can see that a "breach" was some type of innocent error or ommission, I'd still notify my point of contact for the client and the organization I represent and ask for a decision.

Either way, communicate and document because knowledge without action could = culpability

If I've misunderstood the Thread please let me know

Oh yeah, great memory Sidney
 

BoardGuy

Quite Involved in Discussions
#5
Yes I understand what is being said but you must remember that under just the basic requirements of ISO 9001:2015 Clause 7.2 the organization (CB) must determine the necessary competence of person(s) doing work (auditing) under its control… ensuring that these persons are competent (on [FONT=&quot]ethical breaches and regulations[/FONT][FONT=&quot]) [/FONT]based on appropriate education, training, or experience.

[FONT=&quot]If the CB’s are requiring their clients to meet this requirement, then why are they exempt? Should they not also meet Clause 7.2 by providing training to their auditors on [/FONT][FONT=&quot]antitrust law, labour law, health and safety or environmental regulations if they are required to identify legal noncompliance[/FONT][FONT=&quot]?[/FONT]
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#6
If the CB’s are requiring their clients to meet this requirement, then why are they exempt? Should they not also meet Clause 7.2 by providing training to their auditors on antitrust law, labour law, health and safety or environmental regulations if they are required to identify legal noncompliance?
the paper talks about IF the QMS CB/Auditor becomes aware of a breach. They SHOULD NOT be looking for one, as this is outwith of the scope of a QMS audit.

But, for example, if I am conducting an ISO 9001 audit in a company in the USA and I see what is (potentially) a labor violation of child-labor, I will react. I will ask questions and, even though I am not fully educated in labor laws, I will bring it up and confer about the situation. If there is, indeed, a breach of labor laws, my employer will become aware of the situation and legal counseling might start.

As for your question about auditor competence, the ISO 17021-2,-3,-4, etc... in addition to 17021-1 has very clear requirements on the establishment of auditor and certification personnel competence.
 
#8
According to this piece of news, the IAF will establish an Ad-hoc Task Force to study fraudulent behavior by certified organizations.

:popcorn:
In my opinion a comprehensive portal indicating all certified companies should work. The accreditation requirement indicates only an option to check the certificate published by the CB. What we need may be an option like IATF for all issued certificates.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#9
What we need may be an option like IATF for all issued certificates.
I see that you have just a few posts so, chances are, you have not seen many of the threads we have here at The Cove.

Yes, TRANSPARENCY should be a key component of the accredited certification that would ameliorate the situation. But the IATF database is nothing but opaque. No external party has access to that database. The one and only meaningful Industry controlled database that promotes transparency and accountability out there is the IAQG OASIS database, an instrument that I have been voicing for over 14 years should be used as a model for the "forthcoming" IAF database. Check out the thread @ IAF Database - Repository of (properly) Accredited Management System Certs
 
Thread starter Similar threads Forum Replies Date
B Internal Auditor Competency - Product Auditors Internal Auditing 9
M Question for Auditors - "Off the Record" Conversation? General Auditing Discussions 14
I What direction do you provide your internal auditors on OFIs? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 38
M Choosing Auditors - ISO 9001 / ISO 27001 (UK) IEC 27001 - Information Security Management Systems (ISMS) 2
E Choosing an ISO 9001 registrar with auditors familiar with our industry Registrars and Notified Bodies 10
ScottK Question for Auditors on 7.1.4 in the ISO9001:2015 revision ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
S MDR (Medical Device Regulations 2017/745) training recommendation for Auditors EU Medical Device Regulations 1
S How can we demonstrate to MDSAP auditors that we have the requisite training ISO 13485:2016 - Medical Device Quality Management Systems 9
M CB and Internal auditors most common nonconformities against AS9100D AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 16
C Selecting potential internal auditors Internal Auditing 3
K Tips for dealing with third party auditors General Auditing Discussions 11
J ISO 9001 Competency - Forklift License and Internal Auditors ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 9
oldqamanager How will you handle Clause 6.1 - Risks and Opportunities for AS9100 Rev. D Auditors? Risk Management Principles and Generic Guidelines 22
T Can a Lead Auditor Train other Auditors? Internal Auditing 4
A Professional Headhunters for External Auditors Career and Occupation Discussions 7
W DCMA and AS9100C - Dedicating a week and 5 auditors to perform a AS9100C audit AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
Crimpshrine13 ISO/TS 16949 CBs & Auditors not following up on the schedules IATF 16949 - Automotive Quality Systems Standard 43
H Any ISO 9001 consultants/auditors in Oahu, Hawaii ? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
S Subject Matter Expert Training for Auditors Internal Auditing 13
S Is it a Finding if all Internal Auditors are from the Quality Department? Internal Auditing 18
R Are ISO 9001 Lead Auditors in demand? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
B ISO/TS16949 Internal Auditing - How many auditors? Internal Auditing 4
D Number of Internal Auditors Best Practice Quality Manager and Management Related Issues 18
A Training Supplier Auditors ISO 13485:2016 - Medical Device Quality Management Systems 5
T Would my AS 9110 certificate lapse due to non availability of auditors ? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 11
T Kids in the office from an auditors standpoint ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
T Qualification System of Internal Auditors is not Effective General Auditing Discussions 5
S Internal Auditors shall not audit their own work? Internal Auditing 21
R Female auditors earn 18% less than male auditors - IRCA Salary Survey 2014 Career and Occupation Discussions 0
J Wanting to Train our Internal Auditors Ourselves Internal Auditing 7
S Recertification Frequency for TS 16949 Lead Auditors General Auditing Discussions 4
Sidney Vianna As a profession we, auditors, are not doing enough - Simon Feary speech Registrars and Notified Bodies 36
Ninja Blind Gopher Auditors Comment - Who is responsible? Registrars and Notified Bodies 23
R Auditors Auditing Against ISO 9001:2015 Draft ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 33
R Auditors can NOT audit their own work audit finding Internal Auditing 17
Q Qualified Internal Auditors for AS9100 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 37
B API approved Auditors in India Oil and Gas Industry Standards and Regulations 3
M How to measure effectiveness and efficiency of the established QMS as Auditors ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 14
R Should internal auditors be compulsorily certified as internal auditors ? Internal Auditing 11
W Is formal training required for Internal Auditors? Internal Auditing 7
K Auditors are trying to drive this business General Auditing Discussions 36
K Auditor Objects to List of Internal Auditors General Auditing Discussions 6
Mikishots AS91X0 Third Party Auditor Cycling and Changing Auditors AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
D What Factors to consider to determine the Number of Auditors Internal Auditing 3
E Who Audits the Auditors in a Company? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
P Which training system or LMS (Learning Management System) to train Auditors? Training - Internal, External, Online and Distance Learning 8
A ISO 19011:2012 - Emphasis on Risk Analysis, Competence of Auditors and Vocabulary Internal Auditing 2
D AS 9104/1 has New Requirements for 3rd Party Auditors AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
somashekar EXAM for Energy Managers and Energy Auditors (INDIA) Miscellaneous Environmental Standards and EMS Related Discussions 2
Ajit Basrur FDA guidance on accepting audit reports by other auditors/regulators US Food and Drug Administration (FDA) 1

Similar threads

Top Bottom