Does auditor have conflict of interest? Should we ask for different auditor?

[Audit Consultant]

Question:
Do we ask for different auditor due to potential conflict of interest?

Situation:
Small, relatively new company with new technology that is growing in demand has a scheduled certification audit. We were planning on discussing some very confidential items. Auditor who is scheduled has been at the company once before for audit. I never met him. I am very new to working with the company in a permanent quality and regulatory role but have over 20 years in the business and never had this situation, to my knowledge.

Two situations - Should we ask for a different auditor due to potential conflict of interest?

1. Upon speaking to the auditor on Friday he mentioned wife works in quality for a medical device company in same town. There are two highly competitive similar companies in town. It seems to me the auditor should be asked what company his wife works for and if one of the competitors, ask for a different auditor. What is your opinion?

2. Researched same auditor background and found a website he has that lists he has one of our serious competitors as a client. The information does not state when or how long. If current, the answer is clear. If not current or recent, what is your opinion?

Thanks.

 

[Jen Kirley]

Welcome to The Cove!

I have a couple of questions. You say "Auditor who is scheduled has been at the company once before for audit." Does this mean the auditor was employed by the company, or was contracted to audit there? How long ago?

Auditors should be able to assure confidentiality is maintained. However, if it was up to me I would ask the client how they feel about these relationships. I'd like to see what other Covers say.

 

[Audit Consultant]

Thank you for your reply.

Auditor is a member of the Registrar. He was in last for a SA a year ago. I accepted a job five weeks ago with the company being audited and am representing them as VP Quality and Regulatory, along with the VP of R&D.

 

[Benjamin28]

I would say you have a valid reason to be uncomfortable with the auditor. I don't believe there's any reason to be timid about requesting someone more suitable, certainly when you're working with a new technology and closely held proprietary information/processes. Further, even a small amount of distrust in the auditor/auditee relationship will inhibit a productive audit, so you need to either establish a firm trust in the auditor's commitment to maintain confidentiality, or have them replaced with someone you do trust. There's nothing wrong with being aggressive when it comes to protecting your company's confidential information. Perhaps the best course of action would be to sit down with the auditor and lay out your concerns for discussion.

 

[Dean Frederickson]

I think if you are uncomfortable with the auditor, you have every right to request a different auditor. You shouldn't be subjected to worry over what amounts to be a conflict of interest. Just my

 

[Kevin H]

If I understand correctly, the auditor in question has been in once before for a surveillance audit by your registrar. He's now scheduled back for a certification audit (is this a recertification?) This same auditor consults and has a competitor of yours as a client (this would imply that he is knowledgeable in your field of business). His wife also works in the medical field, and happens to work for one of your competitors. (Note, I don't see this as a conflict of interest.)

Auditors are supposed to be bound by professional ethics, that they do not discuss details of their clients business outside of the business operations - I have not experienced that provides names and details of confidential information of client companies. I have experienced them use a broad brush and say something along the lines of " I've seen this problem/issue addressed in this way." Of course, my personal experience is just that, and saying that an auditor is not supposed to discuss confidential details doesn't mean that it hasn't occurred.

On the other hand, as he has already done a surveillance audit of your organization, I'd suspect that if he was going to discuss details of your business with competitors he's already gained all the information he would need to do so.

 

[Audit Consultant]

Thank you. It is a Re-Cert. While I am thrilled he has the appropriate background experience to audit, the items he will see for this audit will be dramatically different than the prior one in the area of technology and other items, hence the question. I would say I agree about the wife scenario assuming it is not one of the serious competitors. The fun part of all this is I was just advised of the client list/background portion last evening and the audit begins in 2 hours. I wrote here for a sanity check and am receiving it. While I have been a certified auditor, I didn't take assignments for conflicting companies. However, in this day of rapidly changing technology and mergers, sometimes an auditor or consultant may not realize there could be a conflict of interest. Thank you so much.

 

[Wes Bucey]

I guess I am an old fogey. I believe in laying all cards on the table when all the betting is done to see who holds what cards.

Seems to me it is time to talk frankly to auditor and his superior about your concerns and clear the air rather than unfairly tarring the auditor with a brush he may not deserve. They will either voluntarily withdraw the auditor or give you assurances confidentiality will be maintained.

 

[Randy]

Confidentiality, objectivity and impartiality always come into play and should not be overlooked. Can the auditor meet these requirements?

Conflict of interest? Confidentiality? Where do they start?

Last year I conducted 3 onsite audit training courses at the headquarters locations of some our Registration/Certifcation competitors. Was this a COI? They asked me nothing, I have not stated and I have not been asked anything. That's what confidentiality is about.

As suggested discuss it and if you feel uncomfortable ask for another auditor. You're the customer.

 

[Audit Consultant]

Well, I'm happy to report that all went well today. I asked the auditor about his client list on the website and let him know that a least one of the clients is a major competitor and it turns out he did not do consulting for them but audited them under the registrar about a 18 months ago. We talked a bit more about his consulting practice and background and all checked out fine.

Thank you to all for responding. I have read the blogs from time to time and really enjoyed them. For my first time interacting with this blog I have had such a great expereince. Now to process some overnight ECN's.