Does auditor have conflict of interest? Should we ask for different auditor?


Audit Consultant

Do we ask for different auditor due to potential conflict of interest?

Small, relatively new company with new technology that is growing in demand has a scheduled certification audit. We were planning on discussing some very confidential items. Auditor who is scheduled has been at the company once before for audit. I never met him. I am very new to working with the company in a permanent quality and regulatory role but have over 20 years in the business and never had this situation, to my knowledge.

Two situations - Should we ask for a different auditor due to potential conflict of interest?

1. Upon speaking to the auditor on Friday he mentioned wife works in quality for a medical device company in same town. There are two highly competitive similar companies in town. It seems to me the auditor should be asked what company his wife works for and if one of the competitors, ask for a different auditor. What is your opinion?

2. Researched same auditor background and found a website he has that lists he has one of our serious competitors as a client. The information does not state when or how long. If current, the answer is clear. If not current or recent, what is your opinion?

Elsmar Forum Sponsor

Jen Kirley

Quality and Auditing Expert
Staff member
Welcome to The Cove! :bigwave:

I have a couple of questions. You say "Auditor who is scheduled has been at the company once before for audit." Does this mean the auditor was employed by the company, or was contracted to audit there? How long ago?

Auditors should be able to assure confidentiality is maintained. However, if it was up to me I would ask the client how they feel about these relationships. I'd like to see what other Covers say.

Audit Consultant

Thank you for your reply.

Auditor is a member of the Registrar. He was in last for a SA a year ago. I accepted a job five weeks ago with the company being audited and am representing them as VP Quality and Regulatory, along with the VP of R&D.


I would say you have a valid reason to be uncomfortable with the auditor. I don't believe there's any reason to be timid about requesting someone more suitable, certainly when you're working with a new technology and closely held proprietary information/processes. Further, even a small amount of distrust in the auditor/auditee relationship will inhibit a productive audit, so you need to either establish a firm trust in the auditor's commitment to maintain confidentiality, or have them replaced with someone you do trust. There's nothing wrong with being aggressive when it comes to protecting your company's confidential information. Perhaps the best course of action would be to sit down with the auditor and lay out your concerns for discussion.

Dean Frederickson

I think if you are uncomfortable with the auditor, you have every right to request a different auditor. You shouldn't be subjected to worry over what amounts to be a conflict of interest. Just my:2cents:

Kevin H

If I understand correctly, the auditor in question has been in once before for a surveillance audit by your registrar. He's now scheduled back for a certification audit (is this a recertification?) This same auditor consults and has a competitor of yours as a client (this would imply that he is knowledgeable in your field of business). His wife also works in the medical field, and happens to work for one of your competitors. (Note, I don't see this as a conflict of interest.)

Auditors are supposed to be bound by professional ethics, that they do not discuss details of their clients business outside of the business operations - I have not experienced that provides names and details of confidential information of client companies. I have experienced them use a broad brush and say something along the lines of " I've seen this problem/issue addressed in this way." Of course, my personal experience is just that, and saying that an auditor is not supposed to discuss confidential details doesn't mean that it hasn't occurred.

On the other hand, as he has already done a surveillance audit of your organization, I'd suspect that if he was going to discuss details of your business with competitors he's already gained all the information he would need to do so.

Audit Consultant

Thank you. It is a Re-Cert. While I am thrilled he has the appropriate background experience to audit, the items he will see for this audit will be dramatically different than the prior one in the area of technology and other items, hence the question. I would say I agree about the wife scenario assuming it is not one of the serious competitors. The fun part of all this is I was just advised of the client list/background portion last evening and the audit begins in 2 hours. I wrote here for a sanity check and am receiving it. While I have been a certified auditor, I didn't take assignments for conflicting companies. However, in this day of rapidly changing technology and mergers, sometimes an auditor or consultant may not realize there could be a conflict of interest. Thank you so much.

Wes Bucey

Quite Involved in Discussions
I guess I am an old fogey. I believe in laying all cards on the table when all the betting is done to see who holds what cards.

Seems to me it is time to talk frankly to auditor and his superior about your concerns and clear the air rather than unfairly tarring the auditor with a brush he may not deserve. They will either voluntarily withdraw the auditor or give you assurances confidentiality will be maintained.


Super Moderator
Confidentiality, objectivity and impartiality always come into play and should not be overlooked. Can the auditor meet these requirements?

Conflict of interest? Confidentiality? Where do they start?

Last year I conducted 3 onsite audit training courses at the headquarters locations of some our Registration/Certifcation competitors. Was this a COI? They asked me nothing, I have not stated and I have not been asked anything. That's what confidentiality is about.

As suggested discuss it and if you feel uncomfortable ask for another auditor. You're the customer.

Audit Consultant

Well, I'm happy to report that all went well today. I asked the auditor about his client list on the website and let him know that a least one of the clients is a major competitor and it turns out he did not do consulting for them but audited them under the registrar about a 18 months ago. We talked a bit more about his consulting practice and background and all checked out fine.

Thank you to all for responding. I have read the blogs from time to time and really enjoyed them. For my first time interacting with this blog I have had such a great expereince. Now to process some overnight ECN's.
Thread starter Similar threads Forum Replies Date
N Does 13485 auditor have a right to inspect non-CE products? ISO 13485:2016 - Medical Device Quality Management Systems 5
Q Who does a QC (Quality Control) Auditor report to? General Auditing Discussions 11
S ISO 14001 Clause 4.1 Organization and its context - What does an Auditor expect? ISO 14001:2015 Specific Discussions 12
S Does anyone have any pointers on TS 16949 Internal Auditor Training IATF 16949 - Automotive Quality Systems Standard 4
T What does an auditor review when auditing a AS9102 FAIR? AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 5
K How does an Internal Auditor document non-ethical or illegal practices Internal Auditing 10
D NADCAP Audit - No work in house - How does a NADCAP auditor audit the process? AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 8
K What does an AS9100 RABQSA auditor get paid? Career and Occupation Discussions 12
G Does BSI do ISO 9001/TS 16949 Lead Auditor training? Training - Internal, External, Online and Distance Learning 5
eternal_atlas Does the age of the lead auditor matter in QMS audits ? General Auditing Discussions 32
J Does a Lead Auditor need to be present at an audit? IATF 16949 - Automotive Quality Systems Standard 8
Sidney Vianna Does your Registrar have a high Auditor Turnover Rate? Registrars and Notified Bodies 15
K Lead Internal Auditor Training - Does the lead auditor require additional training? Internal Auditing 6
M Does anyone know how to become a 2nd party auditor? General Auditing Discussions 0
I Internal Auditor Training - Does TS 16949 Require Formal Training or Certification? Internal Auditing 19
T Does your auditor give you a "schedule" (what times/who will be audited?) IATF 16949 - Automotive Quality Systems Standard 6
M Internal Quality Auditor vs. QMS Lead Auditor - How much $ does each make? Career and Occupation Discussions 6
D Does Manufacture can submit CE mark application under MDD with NB for his New product after May 2020? EU Medical Device Regulations 3
A What does this sentence "this symbol shall be used in the orientation shown" mean in ISO 780:2015? Other Medical Device Related Standards 4
L Turkish Requirements - Does the Software need to be translated? CE Marking (Conformité Européene) / CB Scheme 2
R Where does IATF 16949 address Process mapping? IATF 16949 - Automotive Quality Systems Standard 3
J Does Pakistan Medical Device Import License allows parallel import? Other Medical Device Regulations World-Wide 0
BeaBea Interesting Discussion Where Does Marketing/ Advertisement of Products fit in to ISO 9001? Process Maps, Process Mapping and Turtle Diagrams 35
P Does anyone have a API Q1 Documentation Package? Quality Management System (QMS) Manuals 1
N What is our product classification? (Does Unclassified classification still exists) Other US Medical Device Regulations 14
C Does a CE mark infer meeting all applicable standards? CE Marking (Conformité Européene) / CB Scheme 4
N Small Company - Internal audit process - Who does the audit? Internal Auditing 16
J Does anyone have an excel IATF 16949 Internal Audit checklist I could use? IATF 16949 - Automotive Quality Systems Standard 7
A Does AS9100 require traceability to operators performing the work? AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 4
I Does anybody use Detection in medical device Design FMEA? ISO 14971 - Medical Device Risk Management 18
A EN ISO 14971:2019 does not include the Annex Zs ISO 14971 - Medical Device Risk Management 4
Watchcat Does "Similar Device" = "Predicate"? EU Medical Device Regulations 7
C Document Control Stamps - Does anyone still stamp their documents? Document Control Systems, Procedures, Forms and Templates 21
Y Does Solidworks (2D/3D drafting modules) need validation? Other Medical Device and Orthopedic Related Topics 5
M Definition Open Audit - What does an Open Audit mean? Definitions, Acronyms, Abbreviations and Interpretations Listed Alphabetically 3
I Does training have to be written? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
P What does UPH/m² mean? Quality Tools, Improvement and Analysis 3
L "IATF-Compliant" IATF 16949:2016 certification? What does this mean? IATF 16949 - Automotive Quality Systems Standard 13
D Why does Official Journal list superseded standards? EU Medical Device Regulations 6
B Record Management - Does the QMS need to control templates of records? Records and Data - Quality, Legal and Other Evidence 17
MDD_QNA QR Code Standard ISO/IEC 15417:2007 - Does anyone use it? Other Medical Device Related Standards 3
R Does any here use an internal auditing tool that works on different platforms? Internal Auditing 3
Sidney Vianna IAQG SCMH explains "positive risk"..........but does it? AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 3
D Where does "as far as possible" stop? FMEA - EN 14971 ISO 14971 - Medical Device Risk Management 29
W Does anyone have an API Q2 checklist for internal auditing? Oil and Gas Industry Standards and Regulations 1
G Does pitch/increment/resolution of a ruled scale apply to measurement uncertainty as line item? Measurement Uncertainty (MU) 10
L External power supplies: How close does the safety report have to match the end-use application? IEC 60601 - Medical Electrical Equipment Safety Standards Series 4
Watchcat Does 820.30 include the manufacturing process? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
Watchcat Does ISO 13485 7.3 include the manufacturing process? ISO 13485:2016 - Medical Device Quality Management Systems 14
R When does the FDA consider a component a medical device? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 17
Similar threads

Top Bottom