
by Denise Robitaille
There’s a long-held opinion that utilizing the same auditor for multiple sequential surveillance audits breeds a familiarity that threatens the impartiality of the auditor and the integrity of the audit results. In fact, there are some accrediting bodies that require their certification bodies to be rotating auditors on an established frequency to mitigate this perceived threat
Human nature notwithstanding, to my knowledge, there are no empirical data that substantiate this concern. Just because an auditor is familiar with a client’s quality management system (QMS) doesn’t automatically impugn the integrity of his or her work. The presumption is that auditors lose the ability to do their jobs if they’re familiar with a client. Considering how deeply the fundamental auditing principle of objectivity is embedded into the profession, the likelihood of biased auditing would seem remote.
Putting my personal bias to the side, I think this subject deserves further discussion. On the one hand is the legitimate, although unsubstantiated, concern of eroding objectivity. On the other hand is the benefit that can be derived from continuity. Let’s take a look at both sides of this coin in greater detail.
Conceding the point that there is no evidence supporting the presumption that auditors can become overly familiar with clients, thereby undermining the credibility of the audit process, the concept of “fresh eyes” is not without merit. It’s a good idea to have someone assess an organization’s QMS without the expectations that familiarity can create. However, these “fresh eyes” don’t necessarily see things more clearly or have better insight. They simple come at things from a different perspective and may observe something that has eluded another auditor. Because an audit isn’t an inspection, the rule of thumb is to aggregate adequate objective evidence to conclude that a process or system conforms to specified requirements and is effective. The manner in which an organization achieves these goals relies on its unique applications of the requirements. It’s up to each auditor to select the best evidence to arrive at a conclusion of conformance and effectiveness. There shouldn’t be vast differences between the two auditors’ approaches but there will be variances. The advantage, then, of rotating auditors is that a risk that may have been unclear to one auditor might be crystal clear to another. As a result, the organization enjoys the benefit of having a potential problem identified and ultimately mitigated before it becomes a serious problem.
However, the stated reason for rotating auditors doesn’t sound quite so lofty. The underlying principle of this approach suggests lassitude or cronyism. It presumes that familiarity would incline an auditor to be less professional and less objective.
I have several organizations for which I’ve conducted surveillance audits for years. I’ve handed off the jobs to another auditor as required by the registrar and then returned to the client at the beginning of a new cycle. These organizations get the same due diligence from me that they got five years ago. They still know that if their systems have serious breakdowns they will incur major findings. They expect me to do my job.
The benefit my return visits bring is an ability to assess improvements and to revisit earlier risks to see how they’ve been addressed. I can remember what was working well, what projects were in the pipeline, and what areas were starting to show signs of degradation of control.
I chafe under the presumption that an organization is going to get a pass because I’ve been auditing it for years. It would be the same as assuming that an inspector would become complacent about checking parts after a certain amount of time on the job or that a controller will eventually stop asking for travel expense reports.
My audit notes are reviewed by the registrar before a certificate is issued. Is it possible that I could be falsifying them? Anything is possible, I suppose. However, my integrity and my good name are on the line. This is my profession.
So, this message goes out to the accrediting bodies and anyone else who is mandating that new auditors be routinely cycled in. If the purpose of rotating auditors is to get a fresh look at processes, fine. If, however, the reason you require rotating auditors is because we’re all suspected of fraud or complacency, then stop and consider how insulting it is to auditors whose avowed commitment is to professionalism and objectivity in service to our clients.
About the author
Denise Robitaille is the author of 10 books on various quality topics. She’s an internationally recognized speaker who brings years of experience in business and industry to her work in the quality profession. As the principal of Robitaille Associates, she has helped numerous companies in diverse fields to achieve ISO 9001 registration and to improve their quality management systems. Robitaille is vice chair of the U.S. TAG to ISO/TC 176, the committee responsible for updating the ISO 9000 family of standards. She’s also a RABQSA-certified lead assessor, an ASQ Certified Quality Auditor, and a fellow of ASQ.
Her books include The Corrective Action Handbook, The Management Review Handbook, The Preventive Action Handbook, Root Cause Analysis, Managing Supplier-Related Processes, and Document Control, all published by Paton Professional. She also co-authored The Insiders’ Guide to ISO 9001:2008.
Her newest book, 9 Keys to Successful Audits, is available now.