Truth is stranger than Fiction
Registrars, auditors, and employees of the registrars
(including managers) are held in awe and are held above reproach by the client
base when it comes time to talk about audits, certification, and QMS requirements.
Speaking engagements, forums, and public discussions are perfect opportunities
to observe how statements are conveyed – as a requirement or as a personal opinion.
In March 2015, a Linkedin discussion forum was opened by a user to ask if “…if Internal Audit and Management Review is compulsory before Stage 1 audit for the standards...” Her company was issued nonconformances at Stage 1 for failing to perform internal audits and management review meetings. You can find the forum here:
https://www.linkedin.com/groupItem?view=&gid=1268337&type=member&item=5975606131974750211&commentID=5983664446256467968&report.success=8ULbKyXO6NDvmoK7o030UNOYGZKrvdhBhypZ_w8EpQrrQI-BBjkmxwkEOwBjLE28YyDIxcyEO7_TA_giuRN#commentID_5983664446256467968In March 2015, a Linkedin discussion forum was opened by a user to ask if “…if Internal Audit and Management Review is compulsory before Stage 1 audit for the standards...” Her company was issued nonconformances at Stage 1 for failing to perform internal audits and management review meetings. You can find the forum here:
There were three camps of
comments: Yes, No, and “it depends.” It was never fully resolved by those of the “how it depends” camp on what they mean by “how it depends”; these posts were in
the vast minority. A very few commenters knew the correct authority and
requirements - ISO‑17021 at Clause 9.2.3.1 – Stage 1 clearly defines what
activities are performed at a Stage 1 audit, including the status of internal
audits and management review meetings,
“g) evaluate if the internal audits and management review
are being planned and performed, and that the level of implementation of the
management system substantiates that the client is ready for the stage 2 audit.”
The
Yes Camp – and the Appearance of the Opinion - couched as a Requirement
All those who posted from the YES camp, except
one person representing himself as an employee of a registrar, were unable to offer up their source of the so-called requirement that
internal audits and management review were required to be performed prior
to Stage 1. In the LinkedIn forum, the individual responded initially that this was a requirement -
To further justify the claim of requirement, the individual added a subsequent comment-
The individual nails his coffin shut with the following post –
When initially challenged by another consultant, the individual quickly backpedalled and retracted his claim
of “requirement”, suggesting that the forum audience was now somehow “confused”.
When challenged on this and on the claim that “…all major CBs are having consensus on this approach”, the individual continued to evade and elude. In fact, he never addresses or responds to any challenges. Amazingly, as though he’d forgotten he had just stated he was offering opinion, the individual asserted that a client could not move forward with a Stage 2 audit if internal audits and management review are not performed. He insists that none of this is his "interpretation".
File a complaint
He then posts several
subsequent – and evasive – posts which squirm away from being held accountable
for his statements.
So,we filed a complaint through the registrar's main web
page.
And the the Registrar’s Decision is...
“...We understood that it
was a discussion on the LinkedIn independently from any service or contract for
service provision ...
A standard technical requirement can in general be discussed and persons may express different opinions about its interpretation and/or its application. This could be one of the main drivers for standards enhancements/amendment/revision within the committee responsible of the concerned standard's preparation and revision or as feedback from the users.
However, when a service is provided based on a specific standard, the standard requirements should be respected independently from any personal opinion.
[He] clearly stated on LinkedIn that his opinion didn't represent the company's policy (attached a screen shot of his statement).” [Bold emphasis added]
Yes...at the very end of the forum thread and only after being informed that we would post comment to the registrar for his inappropriate - and potentially compromising - perspectives. So, why did the individual start posting in the thread with quoting so-called requirements and insist that none were his "interpretation" ?
A standard technical requirement can in general be discussed and persons may express different opinions about its interpretation and/or its application. This could be one of the main drivers for standards enhancements/amendment/revision within the committee responsible of the concerned standard's preparation and revision or as feedback from the users.
However, when a service is provided based on a specific standard, the standard requirements should be respected independently from any personal opinion.
[He] clearly stated on LinkedIn that his opinion didn't represent the company's policy (attached a screen shot of his statement).” [Bold emphasis added]
Yes...at the very end of the forum thread and only after being informed that we would post comment to the registrar for his inappropriate - and potentially compromising - perspectives. So, why did the individual start posting in the thread with quoting so-called requirements and insist that none were his "interpretation" ?
Hmmm, say that again?
To save face, the individual's manager had soft-shoed and cherry-picked his
words carefully, and we responded to his letter.
...Given that [his] position is one of management, the
international venue would naturally interpret any advice, opinions,
recommendations, and comments from him as possessing authority…
Clearly, [he] speaks…from a position of authority at the beginning of his posts...What he claims is in violation of requirements in ISO 17021 for Stage 1 audits…
Clearly, [he] speaks…from a position of authority at the beginning of his posts...What he claims is in violation of requirements in ISO 17021 for Stage 1 audits…
[He] then quickly backtracks - because he has been openly challenged...
...This advice, opinion, whatever - would represent a conflict of interest at any company for an employee of that company to promote and promulgate such advice or opinion. Even with your disclaimer of his actions, "[He] clearly stated on LinkedIn that his opinion didn't represent the company's policy (attached a screen shot of his statement)", it is irresponsible for an employee, indeed a manager...to promote such public opinions.”
Of course, we never received a second reply from the individual's manager and the individual appears to have been muzzled. Curiously, several additional posts still assert the Yes Camp party line. None have provided their source for this so-called requirement when challenged.
Free Advice is NEVER free
Employees and agents of registrars (the auditors) can offer up their opinion regarding requirements by which certification audits (and anything else, for that matter) are allowed to progress. But your mileage will vary, under threat of issuing nonconformances or under threat of removing an existing certification.
Even with disclaimers from the registrar itself, registrar employees asserting themselves by voicing so-called requirements or their "interpretations" are displaying inexcusable behavior. By acting on these so-called requirements, clients run extreme risk at not passing their certification audits. At best, they’ve compromised their QMS.
It is disappointing that such agents are permitted - even through opinion - to voice the notion that CBs can freely interpret and apply ISO standards as they see fit.
It stopped, for now.
By openly pressing a complaint, certain public behaviors on LinkedIn forums were stopped - but for how long? Clients should quickly and freely voice complaints to their registrar but it easily is seen who is really holding all the cards.
No comments:
Post a Comment