by Don Brecken
In the July–August issue of The Auditor, Peter Holtmann, president and CEO of Exemplar Global (formerly RABQSA International Inc.), defined a business improvement auditor as “a professional who evaluates the design, development, and delivery of an organization’s business plan, financial plan, risk management plan, human resource practices, and application of continuous improvement tools such as Six Sigma, lean, and balanced scorecard.” His definition provides much-needed clarity on this topic. Nevertheless, I thought I would propose my own definition here: Business improvement auditing is the use of quality assessment tools and other proven organizational improvement techniques to evaluate and improve an organization.
Business improvement auditing should not be confused with other quality audits. Auditors who perform quality audits, such as registration and surveillance audits, supplier audits, or internal audits are bound by the particular audit scope, auditor codes of conduct, standards, audit procedures, and applicable rules and guidelines. Business improvement auditing is not nearly as restricted.
This article outlines my particular views on business improvement auditing, which are backed by a unique combination of professional and personal experiences. These experiences, to name a few, include years in quality leading a variety of quality and operations assessments including registration and surveillance audits for a major registrar; performing Baldrige and other operations assessments; leading organizationwide audit programs and quality improvement efforts; instructing hundreds of undergraduate and graduate students on the practical application of quality improvement tools and techniques; implementing ISO 9001, AS9100, ISO 17025, and other quality management systems (QMS); and other professional development activities required to sustain my business improvement auditor credentials through Exemplar Global.
Exemplar Global offers a business improvement auditor certification (QMS-BI). This advanced auditor grade means the certified professional is fully qualified to lead registration and surveillance audit teams (like a lead auditor) and also has the requisite skills and abilities to consult on business improvement activities. When engaged in registration and surveillance-type quality audits, however, the Exemplar Global business improvement auditor is bound by the particular standards and rules associated with these audits.
Who can perform business improvement audits?
Almost anyone can perform business improvement audits because businesses can contract with anyone they believe can help them improve. Business leaders would be wise, however, to check the business improvement professional’s background, including references, education levels, and business improvement credentials. Business leaders might consider hiring a business improvement professional who is certified as an Exemplar Global Quality Management System Business Improvement Auditor (QMS-BI) to help identify improvement opportunities.
Exemplar Global’s code of conduct for certified persons prohibits its certified auditors from accepting any assignment they are not competent to perform. Makes sense, doesn’t it? You wouldn’t want a doctor performing heart surgery on you or a loved one unless he or she was qualified to perform that unique procedure. What qualities would you look for in a heart surgeon? You would check the surgeon’s credentials, experience, track record, participation in research and education, and patient satisfaction. You would look for board certification and referrals from other local doctors you may know.
How do business improvement audits differ from quality audits?
Quality audits, whether internal or third-party surveillance and registration audits, have boundaries defined by the relevant standards, guidelines, the audited organization’s quality audit procedure, and the audit scope. For example, ISO 9001:2008 defines requirements for an organization’s internal audits, its quality audit program, how area management is responsible for corrective action, and how auditors and audit programs should follow guidance provided in ISO 19011. Business improvement audits, on the other hand, are bound only by the contractual agreement with the audit client.
Any good auditor is able to identify gaps in compliance, should they exist. Business improvement auditors, however, have the knowledge, experience, and the proper credentials (or license per the audit scope) to also recommend improvements. Suppose a quality auditor and a business improvement auditor found no nonconforming conditions during an audit engagement. Does this mean there is no opportunity for improvement? Absolutely not. The quality auditor would put his or her stamp of approval on the audit and move on to the next client. The business improvement auditor, however, might recognize that there are other, better ways of doing these things and make his or her recommendations.
An organization’s QMS should serve as a business improvement tool. Clause 8.5.1 of ISO 9001, Continual improvement, requires the organization to continually improve the effectiveness of its QMS through the use of its quality policy, quality objectives, audit results, analysis of data, corrective and preventive actions, and management review. Because the QMS requires these components be used for improvement, the business improvement auditor should assess whether each component is effectively leveraged to improve the organization. Most, if not all of the information the business improvement auditor will need for this assessment should be evident if the auditor knows where to look.
Practical approach to business improvement auditing
The scope of a quality registration or surveillance audit should be well-defined to help the auditor focus on predetermined areas of the organization. The business improvement audit scope, however, will usually be quite broad. The overall objective is to identify opportunities for improvement and to make recommendations the organization can use to improve. Making recommendations for improvement and even helping the organization to make those improvements are the most important differences between quality auditing and business improvement auditing.
Many business improvement auditors may be tempted to hang out with the organization’s executives looking through financial records, strategic or business plans, risk management plans, and spending time interviewing the leadership team. Although this is good and eventually does need to happen, this business improvement auditor would rather begin elsewhere. My approach is to first evaluate how the organization goes about making its own improvements. If the organization is registered ISO 9001, for instance, the business improvement auditor might be wise to begin where the standard requires the organization to continually improve.
As mentioned already, ISO 9001:2008’s clause 8.5.1 specifically requires the organization to continually improve its effectiveness through the use of “…the quality policy, quality objectives, audit results, analysis of data, corrective and preventive actions and management review.” Effective organizations are those that perform well in these areas. In doing so these organizations treat their quality system as a business management system; they use the following QMS components to run the business.
- Quality policies and other signature statements. Documents such as these illustrate the organization’s vision, mission, and core values, and they should be more than just slogans posted in the front lobby. The business improvement auditor will evaluate how effectively these doctrines are communicated, understood, practiced, and periodically evaluated for improvement by management. These signature statements should be compelling and reflect what’s most important to the organization.
- Quality objectives. Quality objectives should be strategic business objectives. Effective organizations will develop these objectives during strategic planning sessions and effectively cascade these objectives to everyone in the organization. The business improvement auditor will evaluate if everyone in the organization has a stake in achieving these objectives. The quality and other business objectives should align with what’s most important to the organization.
- Audit results. These should be used to drive improvement. The business improvement auditor will evaluate the effectiveness of the organization’s internal quality audit program. Effective organizations will have a robust audit program that deploys a variety of audit techniques. Audit results should include not only internal quality audits but also other audit results, such as surveillance and registration audits, supplier audits, and statutory and regulatory assessments. Audit results point to areas in need of improvement and should drive the scheduling of future audits.
- Analysis of data. Data analysis should be performed on key processes within the organization. Effective organizations gather process data appropriate to the organization. The business improvement auditor evaluates how effectively the organization identifies levels and trends of performance and how these compare to appropriate benchmarks. Process and other data appropriate to the organization should be collected, evaluated, and used to make decisions to run the business.
- Corrective and preventive actions. These should be used to eliminate nonconforming or potential nonconforming conditions. Effective organizations perform thorough root cause analysis and corrective action on nonconforming conditions to ensure these conditions do not repeat for the same reason(s). The most effective organizations will also be aggressive with preventive action. The business improvement auditor will evaluate how effective the organization is at using corrective and preventive actions to drive improvement.
- Management reviews. Management reviews should be a major driver of improvement in any ISO 9001-registered organization. Effective organizations take management reviews seriously and hold them on a regular basis. Management reviews have distinct inputs and outputs. The inputs include specific information or facts related to the status of particular organizational attributes (see ISO 9001:2008 clause 5.6.2). The outputs include decisions and actions taken based on these inputs. Business improvement auditors will evaluate the robustness of the review process, whether all the required and appropriate other inputs are reviewed by those responsible to take decisions and actions, and whether the decisions and actions taken are supported by the facts. Management reviews should be seen as management by facts.
Other areas business improvement auditors should focus on early in the audit engagement are the organization’s approach to managing the organization as a system of interrelated processes and key performance indicators for these processes. “The process approach is at the heart of a quality management system (QMS) defined by ISO 9001,” writes Sandford Liebesman in his September 2009 Quality Progress article titled “The Right Approach.” Liebesman adds, “And, as everyone knows, it’s necessary to have the old ticker checked out from time to time.”
ISO 9001 requires these processes be established, documented, maintained, and continually improved. Process owners should ensure their process effectiveness and effective interaction with other processes. The business improvement auditor will audit these processes to ensure each has an approach that is deployed where needed, continually improved, and is effectively aligned with other processes. If the organization’s processes are not well documented, the business improvement auditor has the skills and ability to guide the organization in defining them. The business improvement auditor will evaluate process results to ensure each process delivers intended results with levels of performance, positive trends, evaluated against appropriate comparisons or benchmarks, and ensure each is linked to what is important to the organization.
If the organization’s processes are well documented, the business improvement auditor can advise the organization on lean tools and techniques such as value stream mapping, lean, and Six Sigma methodologies to further improve.
Don’t settle for less
This article was not intended as an endorsement of one personnel certification provider over another; Exemplar Global just happens to be the personnel certification provider with which I am most familiar. To paraphrase Exemplar Globals’s QMS auditor certification requirements, a business improvement auditor is recognized as having lead auditor qualifications as well as demonstrated knowledge of business improvement and risk management tools. If you are an Exemplar Global lead auditor (QMS-LA), you may wish to consider advancing to the grade of RABQSA business improvement auditor (QMS-BI). The Exemplar Global business improvement auditor can still lead audit teams performing surveillance and registration audits but this more advanced auditor grade will allow you to do so and be much more as a quality professional.
If you are in a position to specify or purchase auditing or consulting services for your organization, be sure the professionals you contract with have the requisite skills, abilities, and credentials to do the job. If you are an auditor interested in performing business improvement audits, you should consider earning the appropriate credentials. The appropriate auditor credentials will assure your audit clients that you are qualified to perform such audits. If you are a quality management system registrar, consider hiring certified business improvement auditors and adding business improvement audits to your list of audit services.
About the author
Don Brecken is a Fellow of the American Society for Quality (ASQ), director for ASQ Region 10, a past chair of ASQ Section 1001 (Grand Rapids), examining chair for the Education Division of ASQ, and has served on the Malcolm Baldrige National Quality Award Board of Examiners. He is an ASQ Certified Manager of Quality and Organization Excellence (CMQ/OE) and Exemplar Global Certified Business Improvement Auditor (QMS-BI).
Brecken earned his MBA in strategic management from Davenport University’s Sneden graduate school. He has three undergraduate degrees in business with a technical specialty in quality leadership. He has instructed graduate and undergraduate courses in quality management, strategic management, operations management, and leadership.
Brecken is the southwest Michigan business advisor and management faculty for Ferris State University.