ISO 14001 Internal Auditor Competence

[Mike Smith]

Internal Auditors Competence

Our company was just recommended for certification to ISO14001. Of the 3 minors we received, one was for not addressing auditor competence. Since we were QS9000 certified, we decided to use the same auditors for both standards. We sent two auditors to EMS auditing class. The other four did not attend, but have been auditing for years. We did use these four for internal auditing to ISO14001. Are these auditors qualified for EMS or is it just a matter of revising a document to state that experienced auditors are competent to audit both QS and EMS.

 

[RoxaneB]

Our company was just recommended for certification to ISO14001. Of the 3 minors we received, one was for not addressing auditor competence. Since we were QS9000 certified, we decided to use the same auditors for both standards. We sent two auditors to EMS auditing class. The other four did not attend, but have been auditing for years. We did use these four for internal auditing to ISO14001. Are these auditors qualified for EMS or is it just a matter of revising a document to state that experienced auditors are competent to audit both QS and EMS.

The other 4 may not have attended but how could demonstrate their understanding of the standard? They may know HOW to audit, but they do not necessarily know WHAT to audit if they have received no training on the standard.

ISO 19011 is for guidance only (for better or for worse...that's another rainy day debate for the Cove). YOU determine what works for YOUR company. But with not even half of your Internal Auditors trained on 14K, I, too, would question their competency.

Within my organization, I developed an Internal Auditor Assessment form. Only a Lead Auditor (designation to that position is determined via an inhouse process) can perform an Assessment.

Criteria include:

• Understanding of audit process
• Understanding of ISO Standard
• Time management
• People skills
• Investigative
• Follows proper safety protocols
• Objetive manner
• Note taking

From there, the possible recommendations include:

• Maintains Trainee status
• Maintains Team Internal Auditor status
• Maintains Lead Internal Auditor status
• Upgraded to Team Internal Auditor status
• Upgraded to Lead Internal Auditor status

There is a structured process to be followed in the training of our Internal Auditors and for them to be deemed "competent." I realize that not every organization can have a similar rigid programme in place (for resource issues, lack of manpower, etc.), but as a minimum, I would have your remaining Auditors trainined on the 14K standard....even if the 2 who went offsite conducted the training.

 

[Randy]

Read the following and then ask yourself the question again:

4.4.1 Structure and responsibility
Roles, responsibility and authorities shall be defined, documented and communicated in order to facilitate effective environmental management.

4.4.2 Training, awareness and competence
4.5.4 Environmental management system audit

There is quite a bit of difference between QMS and EMS Auditors as defined by ISO 19011:2002. Refere to specific skills for QMS in 7.3.3 and specific skills for EMS 7.3.4.

EMS auditing is a mine field of potential liability issues for all parties involved and resonsible organizations shouldn't depend upon any jack-legged auditor (no offense intended).

 

[Icy Mountain]

More standards

ISO 10011-2-1994, Guidelines for Auditing Quality Systems, Criteria for Q Sys Auditors(sorry, it's the best I have) Section 5, Training paraphased "Training in the following areas SHOULD be regarded as particularly relevant: knowledge and understanding of the standards they are auditing, assessment techniques, additional audit management skills."
Along with all the other threads about YOU determining what is required for "competence", I would argue that if the 2 trained auditors were providing oversight of "untrained" auditors, they are getting OJT. They already meet 2/3 of the requirement above. Who says they must go pay somebody to be knowledgable about 14001. I would consider anyone who read ISO14001 to be in the 99th percentile knowledgewise.

 

[db]

...resonsible organizations shouldn't depend upon any jack-legged auditor (no offense intended).

You talking about me again?

I think part of the answer would be dependent on your EMS and your environmental aspects. I would suspect that in a straight forward assembly operation with no "real" significant aspects, you can easily train your 4 remaining internal audits to audit part, and eventually all of the EMS. But if you have some real nasty stuff out there, and there is a possiblity of major environmental impacts, then perhaps even attending lead auditor training might not be enough. They might also need some formal regulatory training as well.

As Marc so often puts it: "one size does not fit all". That may be a mis-quote, but the idea is close. (see Marc, I do listen from time to time)

 

[Randy]

ISO 10011-2-1994, Guidelines for Auditing Quality Systems, Criteria for Q Sys Auditors(sorry, it's the best I have) Section 5, Training paraphased "Training in the following areas SHOULD be regarded as particularly relevant: knowledge and understanding of the standards they are auditing, assessment techniques, additional audit management skills."
Along with all the other threads about YOU determining what is required for "competence", I would argue that if the 2 trained auditors were providing oversight of "untrained" auditors, they are getting OJT. They already meet 2/3 of the requirement above. Who says they must go pay somebody to be knowledgable about 14001. I would consider anyone who read ISO14001 to be in the 99th percentile knowledgewise.

Well seeing as the document you referenced is no longer a valid ISO standard your statement is moot. Yes ISO 19011 is a Guidance document, but if the guidance is used potential for deviation is minimized.

db....where did you come in?

 

[energy]

You got it!

Are these auditors qualified for EMS or is it just a matter of revising a document to state that experienced auditors are competent to audit both QS and EMS.

IMHO, you state they are competent. You've addressed the issue of competency. As to, "Are these auditors qualified?". What do you think? You have them in that capacity. Do they seem to understand what's required of them? Are the audit results adequate? Three minors would indicate that there is nothing "glaring" to indicate that your auditors are incompetent. Just the fact you haven't addressed it. Some would have you believe that only they are competent. That you need this and that. Go with what's best for you.

 

[Randy Stewart]

EMS auditing is a mine field of potential liability issues for all parties involved

This is the biggest issue Mike IMO. It's not just parts to a customer, it can affect a lot more. Storm water drainage is a hugh issue here in MI and what we thought drained to a retention pond we found out differently.

When looking at an ISO 14001 auditor remember it's not what they know they don't know that will hurt, it's what they don't know that they don't know that bites you in the bum.

 

[Icy Mountain]

I'm not doggin ya, I'm confused

Well seeing as the document you referenced is no longer a valid ISO standard your statement is moot. Yes ISO 19011 is a Guidance document, but if the guidance is used potential for deviation is minimized.

My copy of ANSI/ISO/ASQ Q9001-2000 Section 8.2.2 references ISO 10011-1, -2 and -3 for guidance.
Has BSR/ISO/ASQ QE19011-2002 been adopted in the US? The only copy for sale at asq.org appears to be in the DIS category. Anyway, can you paraphrase the sections on training requirements. I'm trying to learn and it sounds like you're living this stuff daily.

 

[Randy]

1st...it's an international standard. Who cares if it's been adopted by the US. The US representative body to the ISO (actually IOS) is ANSI and voted in favor of adoption in 2002. The standard officially went into print Nov 2002 and superceeds 10011-1,-2,3 & 14010, 14011, & 14012 (they have been withdrawn as ISO standards....they don't exist).

You can purchase a copy directly from the ISO, or BSI or most other competent organizations (apparently the ASQ ain't cuttin here either with timeliness)

As for paraphrasing...I'll give you an excerpt form the text. 1st you need to remember that this is a guidance document and is not auditable unless you specify it as a system document. The word "should" is used instead of "shall" and that is what differentiates between auditable and not.

7.3.4 Specific knowledge and skills of environmental management system auditors
Environmental management system auditors should have knowledge and skills in the following areas.
a) Environmental management methods and techniques: to enable the auditor to examine environmental management systems and to generate appropriate audit findings and conclusions. Knowledge and skills in this area should cover
-environmental terminology,
-environmental management principles and their application, and
-environmental management tools (such as environmental aspect/impact evaluation, life cycle assessment,
environmental performance evaluation, etc.).
b) Environmental science and technology: to enable the auditor to comprehend the fundamental relationships between human activities and the environment. Knowledge and skills in this area should cover
-the impact of human activities on the environment,
-interaction of ecosystems,
-environmental media (e.g. air, water, land),
-management of natural resources (e.g. fossil fuels, water, flora and fauna), and
-general methods of environmental protection.
c) Technical and environmental aspects of operations: to enable the auditor to comprehend the interaction of the auditee’s activities, products, services and operations with the environment. Knowledge and skills in this area should cover
-sector-specific terminology,
-environmental aspects and impacts,
-methods for evaluating the significance of environmental aspects,
-critical characteristics of operational processes, products and services,
-monitoring and measurement techniques, and
-technologies for the prevention of pollution.

The requirements are the same for internal & external auditors.