By Jackie Stapleton
There was a young female consultant, let’s call her Courage, who was supporting her client during a recent certification audit. Courage the Consultant has a fantastic relationship with her client, and together they had invested not only a lot of time but also passion into building the Integrated Management System.
The system was already certified, and this was a surveillance audit. Their experience soon turned sour when Arrogant the Auditor arrived. Arrogant the Auditor had something to prove and stepped outside of his role as an external auditor and felt the need to consult as well, just to show how clever he was. He loved to share resources and documents of his own with the client, pointing out to Courage the Consultant, and her Client that his were much better.
Arrogant the Auditor even thought it was necessary to bring up the system documents on the big screen in front of all in attendance and start giving some training and lessons by asking ‘Now, what do you see wrong with this document?’. It got to the point where the client actually said to Courage the Consultant that he had to leave the room as it was like watching her get into trouble from her dad.
I was absolutely horrified when I had this story told to me. As an auditor, we do not consult. We do not mix these 2 activities into one. Especially and even more so when you are an external auditor.
ISO 17021 Conformity assessment does emphasize the importance of avoiding conflicts of interest. Auditors must not be consulting the organization being audited, not in the recent past, nor in the near future. The intent is to ensure auditors write nonconformities without the intention of gaining consulting business and to maintain an audit of independent minds. This stipulation is aimed at preserving the impartiality and integrity of the audit process.
Putting Conflict of Interest aside, what about the Personal Behaviours that ISO 19011 Guidelines for auditing management systems refer to? I’ve just gone through and picked a few that relate to the behaviour of Arrogant the Auditor, and this is what I’ve found:
Ethical – fair, truthful, sincere, honest and discreet.
Open-minded – willing to consider alternative ideas or points of view
Diplomatic – tactful in dealing with individuals
How was Arrogant the Auditor not meeting these personal behaviours?
- Imposing his own materials and opinions and undermining the consultant’s work
- Instead of objectively reviewing the system, he seemed more interested in showcasing his own resources and knowledge
- Publicly critiquing the work of the consultant in a manner that embarrassed her and the client indicates a lack of discretion
- An unwillingness to value others inputs
- Showed a disregard for the feelings and efforts of others involved
- His approach was more confrontational than cooperative
The Auditor-Client-Consultant (ACC) Framework
In light of the specific dynamics between auditors, consultants, and clients, it’s essential to visualize the appropriate professional boundaries that uphold the integrity of the audit process. The ACC Framework illustrates the distinct roles and ethical interactions that should exist among these three parties, ensuring clarity and objectivity are maintained.
- Role: The Auditor is responsible for the objective evaluation of the Client’s systems and processes.
- Interaction with Client: The Auditor provides audit findings to the Client, which are to be impartial and independent assessments of the Client’s conformance with relevant standards.
- Separation: The Auditor does not give advice or support to the Client that would constitute consulting.
- Role: The Consultant offers expertise and support to the Client, aiding in the implementation, improvement, and maintenance of systems and processes.
- Interaction with Client: There is a two-way interaction between the Consultant and the Client, indicating ongoing support and advice. This relationship is essential for the Client to effectively implement and maintain the systems that the Auditor will evaluate.
The Client Section:
- Role: The Client is at the centre of the framework, implementing and maintaining systems and processes within their organization.
- Interaction with Consultant: The Client engages with the Consultant to receive advice and support in the areas highlighted by the audit findings or for general system improvement.
- Interaction with Auditor: The Client receives audit findings from the Auditor, which are used to inform decisions about system improvements and compliance.