By Inderjit Arora
ISO 9001 lead auditor training should enable auditors to focus on the requirements when auditing and to stay away from the pitfall of guidelines.
Take the case of ISO 9001 or, for that matter, any management system standard. The standard has notes to explain the clauses. ISO 9001’s clause 4.1, for example, has three notes. Are these integral to the clause? Yes and no. Yes, because they are explaining an important aspect of the clause. No, because although these are valuable inputs for designing questions and an in implementing ISO 9001, they can’t be used as requirements. Nonconformities, as the drivers of correction and corrective action, are fundamental to the implementation of ISO 9001. ISO 9001 lead auditor training must clearly outline for students that a nonconformance is the nonfulfillment of a requirement. Notes are not a requirement of the clause.
Similarly, guidelines issued by organizations can never be requirements. Often, leadership takes credit for any success attributed to good guidelines. Ironically, if the guidelines result in any failure, then top management is bound to challenge the competence of mid-level managers by reminding them that guidelines are just guidelines! ISO 9001 lead auditor training, as certified by Exemplar Global, clarifies the need for auditors to focus only on requirements when auditing.
I’m a member of TAG-176, the ISO technical committee that works to monitor ISO 9001 and update it when the time comes to do so. Annex B to ISO 9001 provides TC-176-developed guidance to organizations in implementing ISO 9001. Again, remember that these can’t be used to add or modify the clauses of ISO 9001, or for that matter, to interpret any standard.
When looking at and interpreting ISO 9001 Clause 8.5.5—“Post-delivery activities” or ISO 9001 Clause 9.1.2—“Customer satisfaction,” you may consider the wisdom of ISO 10001:2018: “Quality management—Customer satisfaction—Guidelines for codes of conduct for organizations.” However, if the organization is not conforming to these guidelines, a nonconformity can’t be issued.
Similarly, ISO 10002 guidelines for complaints handling are useful, as are ISO 10003 guidelines for dispute resolution external to organizations, and so on to ISO 10004, ISO 10005, right through to ISO 10019. These are all very important input and yet, nevertheless, guidelines.
ISO 19011:2018: “Guidelines for auditing management systems” is more widely used as the guidance on management of an audit program. This standard also forms a core part of the curriculum for ISO 9001 lead auditor training. The basics of planning and conducting an audit as well as evaluating an auditor’s competence are part of this guideline. Again, these are but guidelines. It is for top management and leadership to correctly interpret and apply the guidelines wisely to their organizations. Auditors, having completed their ISO 9001 lead auditor training, must conduct their audits in an objective manner and provide useful inputs to help management make wise decisions.
ISO 9001 and other management system standards are only as good and useful as the implementation that is carried out. ISO 9001 auditors, too, need a good ISO 9001 lead auditor training foundation to assess the implementation based on interpretations of the clauses of the selected standard. Leadership may choose to implement an integrated management system based on several standards. When auditing and using the various guidelines, it is important that the meaning of guidelines not be mixed with requirements.
This of course does not take away a leadership prerogative of converting any selected guidelines to requirements by so stating it in the management system. The point here is not to mix guidelines and requirements. When these are mixed, it makes a potent mixture for the failure of a management system. ISO 9001 lead auditor training should ensure that your auditors steer clear of auditing to guidelines. Guidelines confuse users, auditors, leadership, and others, resulting in poor implementation of ISO 9001 or any other ISO standard or industry-specific standard. Mixing guidelines and requirements is enemy No. 2 of a management system. Enemy No. 1 is writing a management system to the clauses of ISO 9001 or any other standard.
During the 30-plus years that my company, Quality Management International Inc. (QMII), has helped clients, our experience is that management systems that mix guidelines complicate matters by contravening the caution in the ISO 9001 introduction, section 0.1 (d), second bullet, where it says clearly that it is not the intent of the standard to imply the need for “alignment of documentation to the clause structure of this International Standard.” Yet, during my 20 years of experience, I’ve seen 70 percent of management systems based on ISO 9001 aligned to the clauses. I often ask why. The answer is that it’s easier for auditors to audit. Management forgets that the management system is written for employees, for users—those who work according to processes and not to clauses. QMII’s ISO 9001 lead auditor training, used and improved continuously since the 1980s, enables auditors to prepare for systems that are unique and developed around the users rather than aligned to clauses.
About the author
Inderjit Arora is the president and CEO of QMII. He serves as a team leader for consulting, advising, auditing, and training regarding management systems. He has conducted many courses for the United States Coast Guard and is a popular speaker at several universities and forums on management systems. Arora is a Master Mariner who holds a Ph.D., a master’s degree, an MBA, and a 32-year record of achievement in the military, mercantile marine, and civilian industry.