Ethics: Audit Question points auditor to a possible nonconformance


Quite Involved in Discussions
An ethical question:

You are being audited for a registration audit or customer audit. You are asked a question which points the auditor to a possible deficiency in the system. You can explain away the deficiency but at the same time your explaination would point to another deficiency you are aware of (but not the auditor).

Do you:

A) Take the hit on the first deficiency and not lead the auditor to the additional deficiency?


B) Explain away the first deficiency, leaving yourself open to expose or lead the auditor to the additional deficiency?

Opinions please!


I vote for B. Take the hit on the second (real) deficiency.

Reason? Besides being basically honest and aboveboard, I would be directing our corrective action towards the real problem, rather than on the problem that I can explain away.

If you're going to get a write-up, at least let it be where it belongs.



I agree with Lucinda. I consider the object of any audit to be to improve the QMS. If there was a deficiency, then why wasn’t it dealt with prior to the audit? If there is a corrective/preventive action in place already, then all the audit will do is to verify the need of the action. If there is no cpa, then a nonconformance is warranted. Perhaps by pointing the deficiency out during the audit, then it will finally get taken care of. I view ALL audits as positive things! The organization will not benefit by hiding things from auditors.


I'll take "A"

Hey, why not? I 'll take the other side. "A" could lead to "B" could lead to "C" and on. Why not throw all your dirty laundry on the floor and let the auditor have a field day. For you non-military types, that means a good clean up. We all have stuff we would not like an auditor to know about. You wouldn't be here if everything was perfect. If it was, you'd be a "Moderator":vfunny: Management resistance to what is 100% may hamper you in your efforts to 100% compliance. Nobody is perfect and nobody knows what the auditor would consider a NC. That's in your own head. Your boogey man. You don't have the right to allow an auditor to "discover" other things you think are wrong. Answer the question, the first question and take the hit. Answer the question, no more and no less. That's the first thing they tell employees being audited. Don't be a "Dear Aunt Blabby":bonk: :ko: :smokin:

M Greenaway

I would also answer A.

The main purpose of a third party audit is to achieve certification, to that end I would answer direct questions with direct honest answers. If the auditor then found something else so be it.

As stated you already know about the second problem, as such you would probably have in mind to fix it (if it is significant) hence what value would be added by declaring this to the auditor.

The purpose of an audit is not to find perfection, just to determine if systems are in place and are being operated and are effective, in order to demonstrate this you need to have something going wrong dont you ?


Quite Involved in Discussions
One of the rules of being audited: answer the question being asked only and honestly.


Super Moderator
Trusted Information Resource
You got the answer the question you were asked right. And that is always my policy, I'd still choose B, I would not take anybody by the hand and lead them to a nonconformance, but I'd still try to explain away the one they were heading for.

If you can't dazzle them with brilliance, baffle 'em with bulls**t. Who knows, sometimes auditors give up too easily and never find the "BAD" thing luking in the closet. If you discover it and they don't, fix it on your own before they find it the next time around.

Al Dyer

When an auditor asks you a question, answer with as few words possible and let them follow-up if they are not satisfied. Once you start "expalining" you will probably end up removing your foot from your mouth and the auditor will dig even further to find something.

It's not our job to supply ammunition, it's the auditors job to assess the system based on his/her experience and training.

I've sat around too many tables where people can't just answer a question and start to ramble and use the words usually, sometimes, might, etc....

I guess that means I choose "A".:ca:


An Example

Straying a little bit from the original “ethical” question, as we are prone to do, :eek: let’s expand some more on choice “A”. This does not involve the MR ‘s answering the Auditor’s questions, rather the employees knowlingly or more like unwittingly offering the company up for dinner.

Recently, Management invited OSHA in as part of OSHA “Consultation” services. I will not attempt to explain the reason because I’m still P.O’d about it. Anyway, all employees were instructed to answer only the questions asked. Do not expand on the answer. Keep it short and sweet. (and honest). There were three instances of personnel who either became intimidated by the Inspector and started to ramble or were trying to show the Inspector how smart they were. Their “opinions” could have resulted in citations had we not been under the “Consultant” umbrella. Each time the employee started with “ I know OSHA regulations want this but…..” In fact, they were laboring under long time misconceptions about the regulations because they never read them. It was a word of mouth thing with the originator stating his opinion without qualifying it as just that. In other words they were “fessing up” to things that were barely related to the question.

The second time an OSHA Inspector came in, he asked the same people some other questions. I had reminded them to just answer the question honestly and shut up. I also explained their complicity in assisting the Inspector, the first time, to bang us over the head with some minor opinionated issues that we only complied with because we wanted to project a “Proactive” image. (If it were actual citations, we would have fought them)
This time, the Inspector found issues, on his own, without help from us. They always do.

If we really want to use External Auditors to “Continually Improve” your QMS, then just “drop trow” and give them free rein to look at everything. Offer no resistance. Don’t escort them. Let them interview disgruntled employees with an axe to grind or employees like I mentioned above. Keep the MR out of it until you receive the findings. You think your system is impeccable? You’ll find out, quick. I know that before we go through a Certification audit, training will focus on just answering what you are asked or showing what it is requested. Our Internal Audits will also help to “muffle” those individuals who know even less about ISO than OSHA. Already, as result of our ISO Familiarization training, I’m hearing “This is what ISO wants…..” and they are incorrect. I know, some will say they need better training. No, some people just need a muzzle.
Top Bottom