ISO 14001 and OHSAS 18001 Registrar Auditor Credentials

[Confussed]

Question

What are the requirements of the auditor being sent to perform a compliance audit of a company?

Does the auditor have to be a IRCA or RABQSA Auditor in the the system? If he holds a ISO9001:2008 Lead Auditor cert can he perform compliance audits in OHSAS or ISO14001 for a Registrar?

If not then why get them?
Where is this requirement?

Thanks and have a Merry Xmas

 

[Randy]

Re: ISO 14001 and OHSAS 18001 Registar Auditor Credentials

Auditors don't do compliance audits, they perform CONFORMANCE audits...Bg difference

Requirements are set forth (for Certification Bodies/Registrars) in ISO 17021 and they are basically the same regardless of scheme and leave qualification and competence determination to the individual organization unless specifically stated otherwise in scheme requirements

 

[Confussed]

Re: ISO 14001 and OHSAS 18001 Registar Auditor Credentials

I appreciate the info on my question. Which means Registrars can use auditors who don't have training in the applicable Management System.

That is if your correct.

 

[Sidney Vianna]

Re: ISO 14001 and OHSAS 18001 Registar Auditor Credentials

The process for determining third party auditor competence by certification bodies is getting more complex by the day, as a result of the pressure coming from accreditation bodies to ensure that auditors are properly qualified.

As mentioned before, each CB has some latitude to determine their own processes for auditor and team competence establishment. However, the AB's are scrutinizing this aspect of CB operations very carefully and a number of discipline specific competence documents are being developed. For example, check the thread @ EMS auditor competence ISO Standard published - ISO/IEC TS 17021-2:2012.

In principle, a QMS lead auditor would have to undertake significant additional training before they could perform audits in other disciplines such as EHS.

 

[Randy]

Normally as a rule of thumb (at least in my experience) No Lead Auditor course for a scheme, you can't audit the scheme....And the RAB & IRCA won't certify you either...

Just remember, competence isn't based upon training or taking a course only, it's derived from a combination of education, training, experience and a demonstrated ability to apply it all successfully....The formula for all of them is normally left to the organization to establish

 

[Colin]

I agree with the comments made by both Randy and Sidney but I share your confusion. IRCA registration (in the UK at least) has almost become like the 'emperor's clothes'. In other words, it is not mandatory to be IRCA registered but the impression has been created that it is.

True, there was a time when most CB's required it but those days have gone for many CB's. Furthermore, it is a frustration that being IRCA registered does not remove the need for auditors to have to demonstrate their competence for each CB they work for. As a self employed auditor I work with a number of CB's and I have to prove my competence for each one individually.

 

[Confussed]

OK if a CB wants to hire an auditor to perfom a audit for them and the company is ISO9001:2008 and the auditor holds a ISO14001 RABQSA/IRCA ISO14001 cert does that make the auditor qualified?

I think "no"

If yes then is it not a waste of time to gain all of the diff auditor certifications?

But I know AS9100 you have to actually have the training and certification. Is this the only one using logic?

 

[LRE67]

Question

What are the requirements of the auditor being sent to perform a compliance audit of a company?

Does the auditor have to be a IRCA or RABQSA Auditor in the the system? If he holds a ISO9001:2008 Lead Auditor cert can he perform compliance audits in OHSAS or ISO14001 for a Registrar?

If not then why get them?
Where is this requirement?

Thanks and have a Merry Xmas

When you read Element 4.5.2 of the ISO 14001 Standard, you will not find the word "audit" contained anywhere in the statement. It talks of "Evaluation of compliance". I would think that anyone in the organization who knows the most about applicable legal requirements and other requirements to which the organization subscribes would be the most qualified to do the "evaluation". It's sort of like doing an employee evaluation. The person who knows the most about that employee (i.e. work habits, productivity, skills, etc.) should be the one evaluating him or her.

 

[Randy]

OK if a CB wants to hire an auditor to perfom a audit for them and the company is ISO9001:2008 and the auditor holds a ISO14001 RABQSA/IRCA ISO14001 cert does that make the auditor qualified?

I think "no"

If yes then is it not a waste of time to gain all of the diff auditor certifications?

But I know AS9100 you have to actually have the training and certification. Is this the only one using logic?

And you would be correct...As previously stated the CB has to develop their own method, under Accreditation Body rules...such as ANAB and ISO 17021, to qualify people who will audit. I came to my present employer with RAB EMS Lead Auditor credentials and still had to go through the training and review process before I was awarded the status I hold today. I currently hold 9 seperate Lead credentials for different types of "systems" and all of them required some formula being met for education, training, experience and demonstrated performance.

This is no secret, it's not being hidden, it's just that nobody is paying attention.