What could be the behaviour of a second part auditor in case of Supplier audit, in case he/she notices a ncn vs Supplier QMS, already certified by a third part auditor?
...SNIP....
Could the supplier affirm that they have the certification in their hands and so the third part auditor was satisfied with the evidences in registration audit?
Thoughts???
...SNIP....
Could the supplier affirm that they have the certification in their hands and so the third part auditor was satisfied with the evidences in registration audit?
Thoughts???
If the customer relies on the certificate in question, as a component of their supplier monitoring process, the second party auditor (via the proper channels) MUST bring the concern up to the CB. If management system certificates are to be relied upon, are to add value to business stakeholders, are to provide confidence in a supplier's system robustness, etc., the supplier AND THEIR CB's must be kept accountable. Thus, the registrant's customer MUST communicate with the supplier CB and express their concern.
ISO 17021 has provisions for special audits, in cases an interested party is concerned about the appropriateness of a continuing certification.
CB's don't like when someone "questions" one of their certificates, but, if we are to be providers of confidence, rather than certificate-mills, we must take action on meaningful feedback.
The one thing that we need to be careful about is the fact that, sometimes, the second-party auditors don't have in-depth knowledge of standards and might be "uncomfortable" with something that is totally acceptable by the standard.