Ready To Start Your ISO9001 Journey?
Make a booking now and find out how we can help you Make Things, Better
Ready To Start Your ISO9001 Journey?
Make a booking now and find out how we can help you Make Things, Better
Understanding your ISO Certification Auditor’s Thinking
6 minutes reading time
(1112 words)
2093 Hits
Even for the experienced ISO Systems manager, audits can be a nervous time. The second guessing of what you have created in your systems and what your ISO certification auditor is going to be looking for can lead to over thinking things and even on extremes the odd restless night.
It does not matter if you are certifying to ISO9001 for quality management, ISO14001 for environmental management, ISO27001 for information security management, ISO45001 for occupational health and safety systems management or even ISO13485 for medical devices quality management systems, the auditor is looking for the same key things across all the standards. We have put together this helpful run down of exactly what you need to know.
What will the ISO Certification Auditor really look for?
Your auditor is looking to assess only three things at the end of the day, and they are not going to be a surprise:
- Do you have all of the mandatory documented information that particular standard you are working to requires.
- Does your documented information that you do have, comply with the standard?
- Do your activities, the things you say you are doing, comply with both the standard and your own documentation. i.e. are you actually doing what you say you are doing in order to meet the standard.
That's it, it's just those 3 things, it's not a lot really.
Pro Tip
Do not overwrite things, don't create procedures you really don't need and will never use and don't write for the auditor or the customer, write it for the users. Once you do release a procedure then you need to make sure everyone knows about it who needs to know and that they actually follow it. If they do not, your auditor will absolutely find them and then you have a challenge.
Do not overwrite things, don't create procedures you really don't need and will never use and don't write for the auditor or the customer, write it for the users. Once you do release a procedure then you need to make sure everyone knows about it who needs to know and that they actually follow it. If they do not, your auditor will absolutely find them and then you have a challenge.
What will annoy your ISO Certification Auditor?
Auditors are human, it may not seem like it sometimes, but they are. That means that they can get a little annoyed with you at times. Especially if you:
- Try to prevent them from doing the audit correctly by attempting to stage manage it and guide them to people and areas you know are perfect.
- Avoid their questions and give a politician type answer.
- Outright lie, this is the fastest way for an auditor to lose trust when they find out, and they will and then they will leave your company, without awarding a certification.
Pro Tip
It is simple, be up front, do not waste theirs or your time. Allow the auditor to run the audit and do not try to cover things up. The aim of the audit is to help you as an organisation and help identify opportunities for improvement.
What will make your ISO Certification Auditor Happy?
It is pretty obvious, don't do things that will annoy them for a start (see above!). Give them clear answers. Be open if you have an issue and talk about what you are putting in place to work it through. The auditor sitting in front of you knows the standard, they know how it can help and they know the pitfalls of others, use that.
Pro Tip
While your auditor is not allowed to consult or explain in detail about how to fix an issue it is absolutely fine to ask for the audit for their opinion when something comes up that either of you are not satisfied with. They are likely to give you some guidance without stepping over the mark of no consulting.
What will your ISO Certification Auditor Expect?
Auditor expects you to be ready for them, their arrival is not a surprise. You need to have an area set aside for them to work privately, to be able to interview staff and that the company has planned for people to be available, after all they have already sent you an audit plan in advance.
The auditor expects that you are going to have a system that is ready and is being used and looked after.
Pro Tip
Remember that you are going to have a long-term relationship with this auditor as auditing companies tend to send the same person for all your ISO certification and surveillance audits. That means you will see them again each year over your certification window. Build a relationship with them.
What can the ISO Certification Auditor can do?
It is important to remember that your ISO auditor is there to audit your entire organisation within an agreed scope so there is no one they are not allowed to speak with during the audit that fits within that scope, don't be a roadblock to that. All your documentation is available to the auditor to see as part of your ISO Systems Audit, no matter if it is confidential, if it is in scope then they can see it in the same way they can visit any pert or area of the company that is included in your ISO System scope.
Pro tip
Keeping in mind the ISO auditor can go anywhere, speak to anyone, and look at anything you have it is important to ensure everyone else in your organisation knows this. Make it clear that they are to be helpful and open with the auditor.
What can the ISO Certification Auditor not do?
As we mentioned before they cannot consult on an issue, they can offer hints and pointers but no detail consulting. They also cannot raise a Non-conformance on something which is not in the standard so if you are doing something over and above the standard and they do not like it that is not enough to raise a non-conformance. Technically they also cannot raise a non-conformance where they cannot prove you do not comply with the standard.
Pro Tip
It is ok to argue and debate with your auditor, you should be ready to do this where it makes sense. If you believe that a non-conformance has been raised for something that cannot be tied back to the ISO standard you are being audited for then you absolutely need to challenge it before they leave and again if it comes through on the report.
If you keep these things in mind both when you are preparing and having the audit, then you are going to be in a good position. The single most important thing to remember however above all else is this, your auditor is there to help you improve, as they find things, and a good auditor will find things, they are doing it to challenge you to improve. If they find absolutely nothing to improve within your company, challenge that because the auditor has not done their job.
Copyright
© Many Caps Consulting | All Rights Reserved
By accepting you will be accessing a service provided by a third-party external to https://www.test.manycaps.com/
Comments