ISO 9001:2015 auditability is a key concern for all CB’s over the next five years. So, what does auditability really mean? It first starts with the quality of the risk auditors.
Some of the issues to consider are:
- Companies may adopt different risk taxonomies, frameworks, classification schemes or risk systems/standards that are industry-specific.
- Companies may adopt a similar standard, such as ISO 31000, but use different risk assessment methods such as those defined in ISO 31010.
- CB auditor need a breadth and depth of risk knowledge, skills, and abilities. CB auditors will need to be sensitive to the scope of risk, nature of the risk, timing of risk, risk stakeholders, risk assessment process, risk tolerance, risk appetite, risk management controls, and organizational culture.
- CB auditors must be sensitive to risk and make appropriate adjustments in assessing conformance to ISO 9001:2015.
- CB auditors will be conducting process-based, risk assessments. These will require knowledge of the sector, industry, organization, business model, and market in which it operates, product, legal, social, political and cultural environment in which it operates.
- CB auditors depending on the scope of the assessment may need knowledge of the supply chain.
Lesson Learned: Interview your CB auditor to ensure they can add value to your ISO 9001:2015 conformity assessment.
Bio:
Greg Hutchins PE and CERM (503.233.101 & GregH@QualityPlusEngineering.com) is the founder of:
CERMAcademy.com
800Compete.com
QualityPlusEngineering.com
WorkingIt.com
He is the evangelist behind Future of Quality: Risk®. He is currently working on the Future of Work and machine learning projects.
He is a frequent speaker and expert on Supply Chain Risk Management and cyber security. His current books available on all platform are shown below:
