Internal Auditor competence for ISO 14001

QAQT

Registered
#1
Hi, everyone! I have been a long time lurker of the Cove and while I used to have an account it was tied to a very old work e-mail address that I can no longer access. I have been browsing for a while on this topic and while several questions I had have already been answered I have one that I think needs individual attention.

I work in a medical device manufacturing company who is gearing up for ISO 14001 certification early next year. As I am the process owner for the internal audit process the EHS crew has come to me regarding finding someone to perform an internal audit against ISO 14001. Up until now myself and my team have been strictly QMS auditors, and while we can obtain training and be able to perform internal audits against ISO 14001 I have suggested they contract out the first EHS internal audit in order to give myself and my team time to get trained and figure out how we are going to demonstrate our proof of competency to ISO 14001. One team member has about 30 years of QMS auditing experience and I have about 15 years myself, so would a thorough training course with an exam at the end that issues a certificate be suitable enough to withstand the scrutiny of a 3rd party surveillance audit if we are able contract out our initial EHS internal audit? If not, then what sort of documentation (in your experience) has served to satisfy NB/CB auditors that the team is competent and capable? We have done well with presenting our ISO 13485 Lead Auditor certificates, but have struggled in the past with other regulations, such as CMDR, when we have done "read and understand" style training.

I appreciate the time you have taken to read my post, and your feedback!!! Thank you.
 
Elsmar Forum Sponsor

Randy

Super Moderator
#2
I'm a 3rd party guy (and nothing else) and I couldn't care less about your level of environmental training as long as your audits and reporting demonstrate a good level of competency when it comes to planning & performance. There's no requirement that you be a regulatory expert, an environmental engineer or have attended some whiz bang ems auditing course. Can you determine requirements and identify objective evidence that they've been met?
 

QAQT

Registered
#3
Can you determine requirements and identify objective evidence that they've been met?
That is the issue we have recently been struggling with as a CB auditor issued a minor non-conformance regarding an experienced auditor who has read and demonstrated knowledge of a country specific regulation not having any objective evidence of what was determined to be proof of competency. The auditor had identified gaps in processes based on the written requirements of the regulation, however the 3rd party auditor wanted to call into question the validity of the entire internal audit process due to lack of proof of competency to regulations utilized as audit criteria.
 

kalehner

Involved - Posts
Advertiser
#4
If your head count is under 200 my advice is to find a contractor to help with the internal audits. Find someone who also does contract audits for certification bodies that can track their accreditation up to International Accreditation Forum (IAF). These folks usually know what they are doing and you will likely get better audit(s). Larger organizations have more resources to invest in employee internal auditor competence. Smaller organizations do better to outsource.
 

QAQT

Registered
#5
Thanks, Kalehner. We are a larger organization, however the tight timeline we have in order to comply with the ISO 14001 certification does not allow adequate time for our internal people to be trained and demonstrate competency. Hench my suggestion of going ahead and contracting out the first internal audit, then we can carry out the rest on our own.
 

kalehner

Involved - Posts
Advertiser
#6
I would just contract for the audit but make sure the contractor is competent to do it. You will likley waste more resources fooling around than if you just get it done.
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#7
There's no requirement that you be a regulatory expert, an environmental engineer or have attended some whiz bang ems auditing course. Can you determine requirements and identify objective evidence that they've been met?
Between being an "expert" and knowing nothing, there is a huge gap. As we all know, many organizations suffer tremendously from ineffective internal audits. What makes an internal auditor competent is something that is highly subjective.

On the issue of knowledge of environmental regulations, I believe, just like in the quality discipline, internal auditors have to have SOME understanding of the regulations; not expert level knowledge, but SOME knowledge; otherwise, the system might have some massive holes and the internal auditor would NEVER be able to identify it.
 

Randy

Super Moderator
#8
That is the issue we have recently been struggling with as a CB auditor issued a minor non-conformance regarding an experienced auditor who has read and demonstrated knowledge of a country specific regulation not having any objective evidence of what was determined to be proof of competency. The auditor had identified gaps in processes based on the written requirements of the regulation, however the 3rd party auditor wanted to call into question the validity of the entire internal audit process due to lack of proof of competency to regulations utilized as audit criteria.
OK very big question... Was the internal audit ,and from the sound of it your 3rd party audit, a regulatory compliance audit or was it a management system audit? 2 totally different worlds.

Knowing CB auditors like I do and based on what I've seen over a long period of years, one of them questioning regulatory competence is almost funny and sad at the same time because a majority of them have no 1st hand experience managing environmental regulatory compliance. Historically auditors have come from the quality arena, they've taken an environmental lead course, they've been given or taken some "charm school" environmental courses and then wham, bam, through the processes defined by IAF & ANAB or whoever they're sprinkled with chicken blood or stump water and become Lead Auditors....I know because as some here can attest to, I taught those environmental lead auditor courses by the dozens on top of dozens and then some of the "charm school - gee whiz" environmental specific stuff that comes from the need to meet 40CFR and a dozen other environmental regulatory generators.

I've seen very good, in fact extremely well conducted EMS, OHS and QMS audits where the auditor wasn't any kind of SMO or even close to one, competency was demonstrated through performance and output of the individual.

A very serious problem with outsourcing (and I've done contracted internal audits) is that many of the persons that do them don't know the real distinction between a regulatory compliance audit and a management systems conformance audit, so system requirements wind up taking a back seat to the regulatory fu-fu, that when I come in wearing my big bad CB 3rd party auditor hat, the potential for me to have a field day is presented to me like a big bowl of juicy warm blackberry cobbler with ice cream...I'm gonna dig in....And I have!

The only real correct way to do anything is to figure out what works for you in meeting whatever obligations you need to meet, and if your CB dude says or indicates that he's not happy, show him the door because his happiness, wishes, dreams, and hopes are not part of equation that you're paying dearly for.
 

kalehner

Involved - Posts
Advertiser
#9
when I come in wearing my big bad CB 3rd party auditor hat, the potential for me to have a field day is presented to me like a big bowl of juicy warm blackberry cobbler with ice cream...I'm gonna dig in....And I have!
One of the important competencies that auditors must poses are personal behaviors. Auditors displaying the behavior describe above should be sorted from the flock by the CB. That is why I recommend looking for someone actively contract auditing for an accredited CB.

Quoting ISO 19011:2018...

7.2.2 Personal behaviour
Auditors should possess the necessary attributes to enable them to act in accordance with the principles of auditing as described in Clause 4. Auditors should exhibit professional behaviour during the performance of audit activities. Desired professional behaviours include being:
a) ethical, i.e. fair, truthful, sincere, honest and discreet;
b) open-minded, i.e. willing to consider alternative ideas or points of view;
c) diplomatic, i.e. tactful in dealing with individuals;
d) observant, i.e. actively observing physical surroundings and activities;
e) perceptive, i.e. aware of and able to understand situations;
f) versatile, i.e. able to readily adapt to different situations
g) tenacious, i.e. persistent and focused on achieving objectives;
h) decisive, i.e. able to reach timely conclusions based on logical reasoning and analysis;
i) self-reliant, i.e. able to act and function independently while interacting effectively with others;
j) able to act with fortitude, i.e. able to act responsibly and ethically, even though these actions may not always be popular and may sometimes result in disagreement or confrontation;
k) open to improvement, i.e. willing to learn from situations;
l) culturally sensitive, i.e. observant and respectful to the culture of the auditee;
m) collaborative, i.e. effectively interacting with others, including audit team members and the auditee’s personnel
 

Randy

Super Moderator
#10
One of the important competencies that auditors must poses are personal behaviors. Auditors displaying the behavior describe above should be sorted from the flock by the CB. That is why I recommend looking for someone actively contract auditing for an accredited CB.

Quoting ISO 19011:2018...

7.2.2 Personal behaviour
Auditors should possess the necessary attributes to enable them to act in accordance with the principles of auditing as described in Clause 4. Auditors should exhibit professional behaviour during the performance of audit activities. Desired professional behaviours include being:
a) ethical, i.e. fair, truthful, sincere, honest and discreet;
b) open-minded, i.e. willing to consider alternative ideas or points of view;
c) diplomatic, i.e. tactful in dealing with individuals;
d) observant, i.e. actively observing physical surroundings and activities;
e) perceptive, i.e. aware of and able to understand situations;
f) versatile, i.e. able to readily adapt to different situations
g) tenacious, i.e. persistent and focused on achieving objectives;
h) decisive, i.e. able to reach timely conclusions based on logical reasoning and analysis;
i) self-reliant, i.e. able to act and function independently while interacting effectively with others;
j) able to act with fortitude, i.e. able to act responsibly and ethically, even though these actions may not always be popular and may sometimes result in disagreement or confrontation;
k) open to improvement, i.e. willing to learn from situations;
l) culturally sensitive, i.e. observant and respectful to the culture of the auditee;
m) collaborative, i.e. effectively interacting with others, including audit team members and the auditee’s personnel
Yeah, but that's kinda like the "Pirates Code"....A guide and CB auditors fall under ISO 17021
 
Thread starter Similar threads Forum Replies Date
C Internal Auditor lack of Competence Internal Auditing 76
R Internal Auditor Competence - ISO14001 Annex A A.5.5 Internal Audit Internal Auditing 21
M ISO 14001 Internal Auditor Competence ISO 14001:2015 Specific Discussions 14
S ISO 13485 Lead Auditor - Debate between our Quality Team and Regulatory Auditor - Internal Auditor Training ISO 13485:2016 - Medical Device Quality Management Systems 17
B Internal and external auditor competency to CSR's IATF 16949 - Automotive Quality Systems Standard 20
D Impartiality of Internal Auditor ISO 9001/13485 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 18
M IATF 16949 7.2.3 Internal Auditor Competency - Trainer's competency Internal Auditing 7
C Recommendations for UK-based ISO 13485 internal auditor training ISO 13485:2016 - Medical Device Quality Management Systems 1
A External Auditor issue with Internal Audits Internal Auditing 7
S IATF 16949: Is "Certified" Internal Auditor mandatory? IATF 16949 - Automotive Quality Systems Standard 9
S Internal Auditing for API Spec Q1 - auditor qualification requirements Oil and Gas Industry Standards and Regulations 6
J Your opinion on the better training org for IATF16949 Internal auditor and Lead Auditor IATF 16949 - Automotive Quality Systems Standard 3
Q Internal Auditor Training requirements for ISO 14001:2015 ISO 14001:2015 Specific Discussions 5
E Informational I would like to get some Internal Auditor Training Internal Auditing 31
Q What is the difference between normal and licensed internal auditor? VDA Standards - Germany's Automotive Standards 9
J IATF 16949 CAR - Internal Auditor Requirements IATF 16949 - Automotive Quality Systems Standard 15
A ISO 13485 - Internal Auditor Independence and Process Owners ISO 13485:2016 - Medical Device Quality Management Systems 3
Q AS 9100D internal auditor training requirements Internal Auditing 16
A Other Discussion Boards - Internal Auditor Coffee Break and Water Cooler Discussions 5
E Online training for an internal auditor to AS9120B AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 2
Q Internal Auditor Trainer's Requirement Internal Auditing 4
D IATF 16949 - Internal Auditor Training/Certification Requirements Training - Internal, External, Online and Distance Learning 2
R Internal Auditor vs. Public Accountant - Accounting Student Needing Help Career and Occupation Discussions 4
C IATF 16949 Cl. - 7.2.3 Internal Auditor Competency IATF 16949 - Automotive Quality Systems Standard 1
C IATF 16949:2016 Cl. 7.2.3 Internal Auditor Competency Requirements IATF 16949 - Automotive Quality Systems Standard 39
Q IATF 16949 Cl. 7.2.3 - Internal Auditor Competency and Records IATF 16949 - Automotive Quality Systems Standard 5
R Internal Auditor auditing Internal Audit Procedure (AS9100) Internal Auditing 18
Q How can an Internal Auditor Trainer's Competency be Evaluated - IATF 16949 Cl. 7.2.3 IATF 16949 - Automotive Quality Systems Standard 7
H ISO/IATF Internal Auditor Recommendations For Manufacturer In California, USA Internal Auditing 3
Casana 2nd Party and Internal Auditor Qualifications & Training IATF 16949 - Automotive Quality Systems Standard 13
P Problem with IATF 16949 Clause 7.2.3 Requirements (Internal Auditor Competency) IATF 16949 - Automotive Quality Systems Standard 3
B Competency of Trainer for Internal Auditor Training (IATF 16949) IATF 16949 - Automotive Quality Systems Standard 11
C ISO 13485:2016 - Internal Auditor Training vs. Lead Auditor Training Training - Internal, External, Online and Distance Learning 4
J Dinged on Internal Audits for supervising an auditor I was training Internal Auditing 10
M Internal Auditor --> Licence needed? Internal Auditing 6
V Internal Auditor Training Documents and PPT Document Control Systems, Procedures, Forms and Templates 5
V Internal Auditor Training Documents and PPT Internal Auditing 3
V Certified Internal auditor is necessary? ISO 9001 requirement? Quality Management System (QMS) Manuals 4
D Can the Plant Manager be our ISO Representative and an Internal Auditor? Internal Auditing 26
M ISO 13485 Audit Questions - Internal Auditor Training and other Requirements ISO 13485:2016 - Medical Device Quality Management Systems 10
M Questions about AS9100 Internal Auditor Training AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 14
R Can a external auditor raise a finding that is already identified in Internal Audit ? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
P Can internal ISO 17025 Auditor conduct ISO 9001 Audit ISO 17025 related Discussions 7
P Internal Auditor Training - Audit exercises Internal Auditing 5
D Training Material for Internal Auditor Requirements Training - Internal, External, Online and Distance Learning 4
U TS16949 Internal Auditor Training - Is On-line training OK? Training - Internal, External, Online and Distance Learning 1
F Internal Audit quiz - Auditor Qualifications and Requirements Internal Auditing 34
C Should I get an Internal Auditor Certification of Exemplar Global / RABQSA? Internal Auditing 17
K Take QMS Lead Auditor or IMS Internal Auditor Course? Career and Occupation Discussions 3
M TS16949 8.2.2.5 Internal Auditor Qualification IATF 16949 - Automotive Quality Systems Standard 4
Similar threads


















































Top Bottom