Understanding your ISO Certification Auditor’s Thinking

Even for the experienced ISO Systems manager, audits can be a nervous time. The second guessing of what you have created in your systems and what your ISO certification auditor is going to be looking for can lead to over thinking things and even on extremes the odd restless night.

It does not matter if you are certifying to ISO9001 for quality management, ISO14001 for environmental management, ISO27001 for information security management, ISO45001 for occupational health and safety systems management or even ISO13485 for medical devices quality management systems, the auditor is looking for the same key things across all the standards. We have put together this helpful run down of exactly what you need to know.

What will the ISO Certification Auditor really look for?

Your auditor is looking to assess only three things at the end of the day, and they are not going to be a surprise:

  1. Do you have all of the mandatory documented information that particular standard you are working to requires.
  2. Does your documented information that you do have, comply with the standard?
  3. Do your activities, the things you say you are doing, comply with both the standard and your own documentation. i.e. are you actually doing what you say you are doing in order to meet the standard.

That's it, it's just those 3 things, it's not a lot really.

What will annoy your ISO Certification Auditor?

Auditors are human, it may not seem like it sometimes, but they are. That means that they can get a little annoyed with you at times. Especially if you:

  1. Try to prevent them from doing the audit correctly by attempting to stage manage it and guide them to people and areas you know are perfect.
  2. Avoid their questions and give a politician type answer.
  3. Outright lie, this is the fastest way for an auditor to lose trust when they find out, and they will and then they will leave your company, without awarding a certification.

What will make your ISO Certification Auditor Happy?

It is pretty obvious, don't do things that will annoy them for a start (see above!). Give them clear answers. Be open if you have an issue and talk about what you are putting in place to work it through. The auditor sitting in front of you knows the standard, they know how it can help and they know the pitfalls of others, use that.

What will your ISO Certification Auditor Expect?

Auditor expects you to be ready for them, their arrival is not a surprise. You need to have an area set aside for them to work privately, to be able to interview staff and that the company has planned for people to be available, after all they have already sent you an audit plan in advance.

The auditor expects that you are going to have a system that is ready and is being used and looked after.

What can the ISO Certification Auditor can do?

It is important to remember that your ISO auditor is there to audit your entire organisation within an agreed scope so there is no one they are not allowed to speak with during the audit that fits within that scope, don't be a roadblock to that. All your documentation is available to the auditor to see as part of your ISO Systems Audit, no matter if it is confidential, if it is in scope then they can see it in the same way they can visit any pert or area of the company that is included in your ISO System scope.

What can the ISO Certification Auditor not do?

As we mentioned before they cannot consult on an issue, they can offer hints and pointers but no detail consulting. They also cannot raise a Non-conformance on something which is not in the standard so if you are doing something over and above the standard and they do not like it that is not enough to raise a non-conformance. Technically they also cannot raise a non-conformance where they cannot prove you do not comply with the standard.

If you keep these things in mind both when you are preparing and having the audit, then you are going to be in a good position. The single most important thing to remember however above all else is this, your auditor is there to help you improve, as they find things, and a good auditor will find things, they are doing it to challenge you to improve. If they find absolutely nothing to improve within your company, challenge that because the auditor has not done their job.

Ready To Start Your ISO9001 Journey?

Make a booking now and find out how we can help you Make Things, Better

Ready To Start Your ISO9001 Journey?

Make a booking now and find out how we can help you Make Things, Better
Mango Logo

Simplify ISO9001 with Mango

Stop waisting time with multiple different systems, see how Mango can manage all of your ISO9001 requirements in one fully integrated solution.

Make a booking now to see how simple it is to integrate your systems, reduce paperwork, save time and be compliant.

Mango QHSE Compliance Software made simple
Reclaim your precious time
Virtual Quality Management Logo
Our Virtual Quality Management Support is designed to help your company achieve improved results plus meet the requirements of any ISO Standard, but at a fraction of the cost.

Copyright

© Many Caps Consulting | All Rights Reserved

ISO27001 and the Operation Clause
ISO27001 and the Documented Information Requiremen...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Saturday, 14 December 2024

By accepting you will be accessing a service provided by a third-party external to https://www.test.manycaps.com/

Subscribe to Our Newsletter

To Get Regular Updates on ISO | Lean | Free Resources
Sorry we need your name
Invalid Input - Sorry we need your last name here
Sorry Can you just check your email address as well
Invalid Input