How often should we have Assessment / Surveillance Visits?

[cncmarine]

I agree with you regarding the whole concept of accreditation. But we need to have a standard.

What I don't like is the RAB and Registrars losing focus and getting greedy. "Value added auditing" is a scam and none of us need to invest in it. The creation of new programs and revisions are all based on their bottom line.

 

[Carl Keller]

CNC, yes, I think having a standard is a good thing.

Having a standard that is not universally and consistently applied is a BAD thing.

"Findings" that have no merit based directly on the standard are a very BAD thing.

"Value added" auditing that is actually "non-value added" is a very, VERY BAD thing.

While I recognize the value of a QMS, I have little faith in the current registration/accreditation system for ISO 9001. It is a scam. I can make better use of the money by implementing initiatives from internal sources (like the employee running the equipment)

Carl-

 

[cncmarine]

I think we can both agree that there is nothing value added in the current process.

 

[Paul Simpson]

By agreement

I have only yearly registration audits. I advise every company to go that route.

I am happy you have a system that suits you. It sounds like you and your registrar have agreed an assessment process that both satisfies your needs and meets the requiremtns of the accreditation body. The process for deciding visit frequency and duration is a joint one based on

• meeting the requirements of the accreditation rules (see comments from Sidney Vianna and howste above
• giving you a gap between audits
• keeping the assessment duration down to a manageable time

depending on how well you communicate with your registrar depends on how involved you are in the process.

For some of us (and customers) accreditation is the only way. But I believe that the registrars are starting to lose their creditability with some of their new ideas.

Concepts such as process auditing and value added auditing are moving away from the evidence based approach.

I don't understand this comment. Registrar credibility depends on how well they are seen to assess to the requirements and on how credible their registrations are to their registered firms' customers. The only way to audit process based systems is by using a process audit approach - still by looking for evidence - that much hasn't changed. Value added auditing is alittle more difficult to define but tends to come from identifying areas for improvement by auditing a clients (process based) system.

 

[cncmarine]

Paul,

The only way to audit process based systems is by using a process audit approach - still by looking for evidence

That’s the key isn't it.....I agree that process auditing is different than Value Added but Paul you can't tell me that interpretation isn’t moving into the system.


Value added auditing is a little more difficult to define but tends to come from identifying areas for improvement by auditing a clients (process based) system

In other words…its Consulting not Auditing

Thanks for you thoughts Paul…but I think you do understand

 

[Carl Keller]

Paul,

Audit frequency is rarely a "joint" decision based on my experience.

Usually a registrar has a set frequency spelled out on their contract.

As far as "value added auditing" , I really don't need a third party coming in and telling me how to run my system "better".

It is bad enough they interpret the standard any which way they feel like, having someone unfamiliar with our processes and customers needs is definitely not something I would choose to pay for. I can think of better things to do with the company dollar.

Carl-

 

[cncmarine]

Very well said Carl

 

[Paul Simpson]

Choose your partner carefully.

Paul,

Audit frequency is rarely a "joint" decision based on my experience.

Usually a registrar has a set frequency spelled out on their contract.

It depends who you talk to. The registrar I work for gives the client the option. In most industries there are advantages with 6 monthly visits - the visit duration is more manageable and doesn't take the management representative's time for too long. Believe it of not some clients prefer to see their auditor more frequently and use them as a sounding board for their system. Other clients have simple systems and can have their annual audit duration covered in the one visit. With some companies the discussion is more in depth to understand what would be best for them. The accreditaion criteria allows for a number of ways of delivering a credible registration.

As far as "value added auditing" , I really don't need a third party coming in and telling me how to run my system "better".

Unfotunately the "third party knows best" idea has been around for a long time - a lot of organizations use consultants to help them take their systems forward. With third party registrars you don't get the consultancy but you get the outside view. As someone who does both consultancy and third party auditing I am in a good position to ask a Quality Manager why they do something and ask if they have considered any other alternatives to make the system more efficient or effective.

It is bad enough they interpret the standard any which way they feel like,

Different problem. dealt with ad nauseam in other threads but I have only one suggestion. The next time you see an interpretation you don't agree with challenge it. Third party auditors are not there to impose their wills on companies.

having someone unfamiliar with our processes and customers needs is definitely not something I would choose to pay for. I can think of better things to do with the company dollar.

Carl-

I take it then your company is not registered?

What you have described is, after all, what an independent third party assessment and registration is about. Albeit the assessor should at least be familiar with the technology you use and the market place you are operating in.

 

[Carl Keller]

Paul,

I am sure some registrars do have the option and most will do whatever is necessary to seperate you from your money, I only meant that typically, they have a boiler plate contract that spells out the expectation and fees.

I am not against third party consulting, but I don't want it forced upon me by my registrar. If I want a consultant, I will contract one specifically for the task at hand.

Interpretation- you are right, dealt with ad-nauseum. BTW, I have challenged many times, and won every time. It is pretty easy, just say this "show me specifically in ISO 9001 2000 where it says we have to do it" If they can show you, you have to do it, if not, you don't.

Yes, we are registered. I have worked for registered, unregistered and declared compliant organizations. The latter being the most effective I have had the pleasure of developing.

An independent third party assessment should be focused on whether your organization meets the applicable standard. No more, no less. No "interpretation", no "it would be more effective if..." Just tell me if I meet the standard and move on. If I want a huckster in a leisure suit to sell me a dog and pony show with no merit and no ROI, I'll hire a black belt.

Carl-

 

[Sidney Vianna]

Paul,

The only way to audit process based systems is by using a process audit approach - still by looking for evidence

That’s the key isn't it.....I agree that process auditing is different than Value Added but Paul you can't tell me that interpretation isn’t moving into the system.


Value added auditing is a little more difficult to define but tends to come from identifying areas for improvement by auditing a clients (process based) system

In other words…its Consulting not Auditing

Thanks for you thoughts Paul…but I think you do understand

If you would be so kind to review the document available at http://isotc.iso.org/livelink/livelink/3553372/APG-HowtoAddValue.doc?func=doc.Fetch&nodeid=3553372

and enlighten us about the conceptual flaws or weaknesses contained therein, it would be appreciated.