In this blogpost trilogy, I discuss three different types of audits. In this article you will read more about the third party audit, also known as the certification audit.
This blogpost is a part of a trilogy about audits. Read our first blogpost in the series and learn more about internal audits.
A third party audit is a type of audit that you pay for, which leads you to expect some added value in return. In this case, you expect the auditor to find something new or unexpected to improve your management system. Because, let’s be honest, you already know where some of the nonconformances in your quality management system lie.
So what you really want them to find is a flaw in your management system you weren’t aware of. Because that’s something that would really add value to your management system.
When the certification auditor doesn’t find unexpected flaws, the auditor doesn’t add any value to your company. If that’s the case, I’m convinced you must inform your certification organisation.
When I was still working as a quality manager in a factory, I was audited for ISO 9001. The outcome of the ISO audit was that if non-conformances popped up, I had to put my nonconformances on a red paper I had to put on the blocked pallet, to make sure that it was visible to everybody in the organisation. Of course, everybody in the factory was already informed about this nonconformance, because the product with this nonconformance was already blocked in our system…
It was the only flaw the auditor came up with and it didn't add any value to our management system. It wasn’t something I could improve my management system for. And I, of course, was aware of many other nonconformances that could be improved in our management system, but the auditor simply didn’t pick them up.
Although one minor nonconformance could sound great for your company, I picked up the phone and called the certification organisation. I told them the auditor didn’t have to come back to our factory because he simply didn’t add any value.
You paid the certification organisation to conduct an audit. The goal of this audit should be to obtain a certificate or to keep the certificate. This means you have a commercial relationship with the certification company.
This commercial relationship might impact the value of the audit for your management system. The certification organisation wants to gain or keep their customers. If the outcome of the audit is negative, they will lose a customer, which also means you just might go to another certification company to receive the certificate anyway.
Some certification companies even hire freelancers to conduct the audit on their behalf. Because the freelancer, as well as the certification organisation, might lose a customer, which makes the financial impact even bigger.
As a result, when the certification audit is done by a freelancer, the risk of having even less value coming out of these certification audits is even bigger.
So the outcome of a certification audit will mostly be positive.
One time, a company wanted to receive a certificate and asked for a certification audit. The first time they got the audit done, they got a C on the outcome and received the certificate.
After reassessing the audit the following year, they received an A.
But the year after that, a new auditor came by again. This time, the auditor had to call the certification organisation during the audit, because the auditor wasn’t sure if the company was even gonna pass this follow-up audit at all.
The answer of the certification organisation to the auditor was to at least give the company a B on their audit. On top of that, when top management of that company heard about the B, they weren’t happy about the result. They wanted to receive an A on their audit outcome, just like they received during all of the previous audits.
Three months later, they got the A back on their wall.
In my opinion, it’s highly unlikely to have fixed all of the nonconformances in the time span of just 3 months time…
So be aware: some certification organisations are willing to do anything in order to keep their customers.
Make sure to use my tips to get everything out of your third party audit. Want to know more about the third party audit? Don’t hesitate to contact me!
You can read part one of this blogpost trilogy here, where I discuss how an internal audit can add value.