Auditors are those people who get to the battlefield after it is over and then stab the wounded
- April 7th, 2008
Does that describe your auditors (internal of external) that you are employing? We have such a problem with auditors in industry currently in South Africa. Common problems experienced by organizations include:
- Auditors not registered with SAATCA or IRCA (International Registrar for Certified Auditors)
- Auditors not following the ISO19011 auditing guidelines
- Auditors not competent in terms of qualifications and experience
- Auditors auditing in a field which they are not competent in (eg. health & safety auditors auditing environment because it looks similar and easy)
- Auditors being unprofessional (arriving late, handing in 4-page audit reports or the client having to beg three months later to get hold of the audit report)
- Auditors not knowing how to compile an audit report according to international audit report writing principles
The list is endless. Let us have a look at the ISO19011: 2002 guidelines for auditors. This document gives the foundation of who, what and how an auditor should be, do and act as well as the framework for doing a systematic audit from A to Z.
The principles of auditing are:
• Ethical Conduct: The foundation of professionalism – Trust, integrity, confidentiality & discretion
• Fair Presentation: The obligation to report truthfully & accurately – Audit findings, conclusions & reports are reflected truthfully & obstacles & unresolved opinions are reported
• Due Professional Care: The application of diligence & judgement in auditing – Care with their task & confidentiality
• Independence: The basis for the impartiality of the audit & objectivity of the audit conclusions – Independence & free from bias & conflict of interest
• Evidence-based Approach: The rational method for reaching reliable & reproducible audit conclusions in a systematic audit process – Verifiable & based on samples
The ISO19011 guideline then gives further information regarding the competency of an auditor and lead auditor (Adapted from Table 1, Page 27 of ISO19011).
A further checking tool is to look at the registered auditors on the SAATCA (South African Auditing and Training Certification Body) website www.saatca.co.zaTo be registered as such an auditor a strict protocol is maintained which include the above ISO19011 criteria as well as the handing in of a comprehensive CV of the prospective auditors, the continual professional development you have done over the past year, sponsor reports and a report on your professional abilities. Then the SAATCA board sits and decides if they would allow you to be registered under their name. It is quite a process but well worth it. Remember: the easier it is to be accepted as an auditor at other institutions the more you need to ask yourself if this “status” will benefit you as an individual and what credibility this qualification will have in the market place?
Before you have an audit done on your site, verify the auditor status, competency and registrations against the SAATCA database to ensure you are getting a competent individual to audit your organization.
ISO19011 also identifies the systematic approach to be followed in the auditing process (Adapted from ISO19011, Page 10):
1. Initiating the audit
- appointing the audit team leader- defining audit objectives, scope and criteria- determining the feasibility of the audit- selecting the audit team- establishing initial contact with auditee
2. Conducting document review
- reviewing relevant management system documents, including records, and determining their adequacy with respect to audit criteria
3. Preparing for the on-site audit activities
- preparing the audit plan- Assigning work to the audit team- Preparing work documents
4. Conducting on-site audit activities
- conducting opening meeting- communication during the audit- roles and responsibilities of guides and observers- collecting and verifying information- generating audit findings- preparing audit conclusions- conducting closing meetings
5. Preparing, approving and distributing the audit report
- preparing the audit report- approving and distributing the audit report
6. Completing the audit
7. Conducting audit follow-up
Is this process followed by your auditors? If not you need to investigate why the audit is not done according to international guidelines.
13 Responses to “Auditors are those people who get to the battlefield after it is over and then stab the wounded”
Leave a Reply
How to Conduct an ISO/OHSAS Audit
I would like to give you a glimpse of how I normally conduct an ISO/OHSAS audit (without indicating that this method is perfect or totally correct).
April 13th, 2011 & Filed in Management SystemsSix Mistakes Managers Make with Occupational Health & Safety
A manager is not without fault and is not a perfect species, and despite our best intentions we often also make mistakes and slip-ups that can have a big impact …
March 17th, 2011 & Filed in SHEQ LeadershipInside ISO31000 – Risk Management Systems
During the previous article we started to unpack ISO31000: Risk Management – Principles and Guidelines standard. We looked at the framework encompassing the …
February 16th, 2011 & Filed in Management SystemsAmputations Related To The Workplace
Amputations are widespread in the workplace. Most of all workplace amputations occur in the manufacturing sector. The rest occur in construction, agriculture, wholesale, retail and service industries.
November 17th, 2010 & Filed in Health & Safety
For an audit to be effective it must add value to the organisation. This can only be achieved if :
the auditor is competent
the auditee is open
the evidence is objective
the auditor is supportive and not policing.
Findings and continuous improvements are well defined.
Reports of the audit is comprehensive and clear.
Hi
I have a small question that maybe you can help with.I did ISO 9001 emplemetion course in 2005 and currently responsible for all qa functions at my work place but would like to further my auditing qualification. Do you know if there is any specific cause that i can do. Currently studying TQM attended the lecture you recently presented at Unisa
Hallo Percy
The next step in the career-path development is to do the Integrated SHEQ Auditors course followed by the Moody International/IRCA course. Both are offered by Advantage ACT. Looking forward to seeing you there. Look at your inbox to see the information docs on each.
Regards
Christel
Very informative. The systemic approach in auditing process will help me prepare for our audits.
Question: what should be included in an internal audit programme?
Hi Christel
I am a safety consultant for professional consulting company in the construction industry(building). My question is, may i do audits on contractors even though i dont have a auditors accreditation. I have only samtrac and hira but i do have experiance in auditing from previous work that i did??
Hi Lourens
Thank you for the feedback. The issue is one of competency and proving it. Should something go worng – how would you proof to a court of law that you were the most competent person to do the audit? ?You can maybe proove experience, but knowledge? If your company is an ISO/OHSAS certified company you may not audit unless you have met the requirements of ISO19011 page 27 table 1. It basically boils down to a 40 hour theoretical course and 120 hours of auditing experience and 5 years of working experience. I hope this helps. Regards Christel.
i am a dietician, currently working at catering company, I want to persue my career to food ssfety management system auditor. which route can i take to achive that.
Hi Sylvia
Wonderful! We do not have enough auditors in this field. Excellent choice. I am sending you the career-path development route for this discipline.
Regards Christel
[...] wondered if this was original, so I googled it, and found this post by Christel Fouche. I expected it to be funny, but it was rather serious; no reference to the quote [...]
Hi
We still “battle” with the old auditor approach of “stabbing the client in the back” instead of viewing this activity as being on the clients’ side and assisting the client with identifying opportunities for improvement. Auditors and the client should be playing for the same team and should aim for achieving the same end goal – legal compliance or ISO/OHSAS certification. Regards Christel.
Hi Christel,My name is Amina,SHE Practitioner in Polokwane,have completed the following short courses with Nosa:ASHEPP(Application of She Ptinciples & Procedures,Intro to SAMTRAC & SAMTRAC,lately was approached by someone who wants to start a contruction company,he want me to be their Auditor,what are the requirements for auditing,how should i advise him?
Hi Amina
ISO19011 requires 5 criteria to become an auditor or lead auditor:
1. must have matric or grade 12
2. must have 5 years of working experience
3. 2 of the 5 years must have been spent in the area in which you want to become an auditor in (eg. Q or H&S or E)
4. must have done a 5 day auditors course
5. must obtain 120 hours ofauditing experience in the presence of a lead auditor
I have sent you the auditor career-path document.
Regards Christel.
Goeie more Christel,Ek het nou weer die nuwe OHS act en Constuction Regulations deeglik deur gelees.My vraag tov “a competent person” spesifiek vir aanstelling as 16(2) en 6(1) mense in my safety file.Wanneer is die persoon “competent”?Ek stel bv ‘n boilermaker aan as 6(1) wanneer die werk meestal herstel werk of maintenance werk by ‘n fabriek is.Hy het sy geldige kwalifikasie.Die 16(2) is wat ons noem “Site manager” of “Representative.Het nou die dag kursus gedoen by Xstrata om te verseker ek verstaan die verantwoordelikhede van ‘n 2.6.1 aanstelling op die myn.Ek nou bekommerd iets gebeur en die DVA se my aanstellings is nie korrek nie.Sal jou hulp waardeer.