Auditor, like Audio and Auditorium, is derived from the Latin word meaning “shut up and listen.” But, because of who they are, sometimes auditors do the opposite of this, and it causes a lot of problems. So, for yet another public service, here is a list of Things your ISO auditor should never say. Several of these, in fact, are grounds for the client immediately terminating the audit.
You’re Cute
It may still come as a shock to people outside North America, but the above two words may be considered sexual harassment. Once the auditor makes a statement like this, there is a suggestion that he or she may give the auditee some kind of special consideration on the basis of something like appearance. As an auditor one of things you signed onto with the code of conduct is impartiality. Statements like the above may be grounds for immediate termination of the audit. Better just to leave any statements regarding anybody’s appearance out of the equation.
PS: I never physically touch anybody during an audit with the exception of handshake or an occasional elbow bump. I will have a post about body language later, but there are ways to convey openness without physical contact.
I really hate those (fill in the blank)
Auditors spend a lot of time alone in the car, and for entertainment purposes listen to various types of talk radio. Occasionally, this has the effect of swaying an otherwise reasonable person to radicalize. As long as this is left in the car, that is up to the auditor. However, when the auditor starts to repeat some of this stuff in the audit, it’s another potential red flag with regard to impartiality. This may also hold equally true for sports teams, movie stars, religion, or any of a dozen things that for whatever reason the auditor forms an opinion about. In fact, use of the word “hate” in and of itself signals that the auditor may have extreme opinions that affect the auditor’s objectivity to a given auditee or client company.
So, for the common good, it is better for the auditor to just keep it friendly and positive. I try to use the word “love” a lot in my audits. Nobody ever complained about “love speech.”
Things your ISO auditor should never say: I’m Looking for a Job. Here is my resume.
It is not a secret that some of the auditors began doing so “between jobs”. There is nothing at all wrong with that, unless the auditor uses his or her position as an auditor to potentially solicit an employment opportunity. Even though the auditor may be the nicest guy ever, it does set up a possible situation where there might be an implication of favorable treatment in an audit in exchange for something later on.
There are some potential gray areas on this, one of which may be this blog. If I refer to this during an audit, is that a solicitation? If you , as a client, are reading this, is there any implying that I want you do anything nice for me? We can talk about that but if I am contributing to your knowledge as a public service, free of any sort of obligation, maybe it is fine. p.s. I don’t really want a job. I have several already. PS. There are several other gray areas that are considered accepted practice that we can discuss later.
The point being, an auditor should not be soliciting anything during the audit, because it implies that he or she may be improperly influenced and conduct the audit unfairly. That may also be grounds for immediate termination of the audit by the client.
At my old company, we fixed this problem by doing X
This is probably a little less serious, but some auditors are in the habit of making statements as to how a client should fix a problem.
The trouble with that is, the auditor may be wrong. About once a year I go into an audit, find something clearly silly, but the client will say “yeah, our old auditor told us to do that.” That puts me, the new auditor in a difficult situation.
The auditor is allowed to give several options as to how to fix a given quality systems problem. The client then gets a choice as to how to deal with it, and the client owns it. The auditor may, within the boundaries of his or her confidentiality agreements, share “industry best practices”, whatever that is. But, the auditor should not be giving specific advice, because that is consulting, and not auditing. It also opens up the auditor to potential liability issues in case something happens and someone is damaged somehow.
This is a typical practice of overreaching auditors that see a vacuum in a system and fill it with his or her own biases and experiences, rather than allow the client to be the client. They’re trying to be helpful.
I’m Requiring you to have X
I had a couple of different consulting clients wherein the auditor issued non-conformances based on their own requirements. In one case, the auditor “required” the client to use turtle diagrams as a way to communicate the processes. In another, he required the client to perform internal audits of the calibration system using specific methods determined by him. Neither of these is a requirement of the standard.
It is not the auditor’s job in any fashion to require the client to do anything. It is the auditor’s lone job to determine the requirement, determine whether the requirement is being met, and call it good or not good on that basis.
Overreaching auditors are problematic because they cause the client to second-guess the auditor, rather than write procedures that work for them.
The ISO standard has in it the phrase “the organization shall” over 90 times, and in most cases it is “the organization shall determine. ” It says “the auditor shall determine” a total of zero times.
This being the case, if an auditor ever tells you to make an explicit change in your system, process, or anything else, keep in mind that he or she shouldn’t be saying that and act accordingly.
I will be lenient on you if you give me something of value
You are aware, of course, that your auditor has solicited a bribe. Also, from what I understand, there was a period in the past where “something of value” equaled a golf game, and it was not completely unheard of for the auditor and the client to go out for some fresh air during audit time. Even if these exact words were never uttered, there was an implication.
I don’t think this practice is widespread in North America anymore, but it may be going on elsewhere.
The irony is, in the purest sense, the auditor can’t give anything to you, nor take anything away. It is his or her only job to determine the requirements of your system, and see if you are meeting them. Thank goodness, it is the technical committee at the registrar that has to police their systems. So, the auditor is actually incorrectly implying that he or she has some sort of power in this situation. He or she is not capable of doing you any real favors.
PS: Can you see where the combination of the first and last of these auditor statements can be very problematic?
Client Recourse
The clients have a responsibility to feed back to the registrar incidents like this. The registrars are not strong in policing their auditors for the most part. The first level of appeal is directly to the auditor. A reasonable auditor will realize the mistake, and make corrections in his or her behavior.
The second level of feedback is the registrar’s customer contact point, and this varies from registrar to registrar, but as a client you need to have access to this. Typically there is a technical supervisor, or customer service supervisor, or some level higher than the auditor that needs to know about auditor behavior issues.
There is another level of feedback which is the accreditation body that certifies the auditor. Mine is Exemplar Global. There are a few others. The auditor may or may not tell you which of these bodies certified him or her.
Either way, if these things go unreported, they tend to continue.
Also, keep in mind that in any of the cases I have ever heard of it happening, the registrar is so embarrassed at the situation, they aggressively take steps to solve the problem promptly. The registrars are basically very responsible.
Please feel free to share your stories.
Here is my link to Udemy course, “How Not to Fail at ISO9001”
https://www.udemy.com/course/how-not-to-fail-at-iso9001/learn/lecture/34733460#content
Here’s the link to my Quality Systems Training. You can hire me to give this training in person, complete with questions and answers, and along with a few decades worth of horror stories about product quality, dangerous products, and why people don’t do their jobs.
www.jimshell.com/quality-systems-training/