From Compliance To Value-Added Auditing

Downloaded by Wahyu Prasetianto at 13:41 31 December 2014
Total Quality Management

Vol. 17, No. 7, 879 892, September 2006
From Compliance to Value-Added

Auditing Experiences from Swedish
ISO 9001:2000 Certified Organisations
RN DAHLGAARD &
BOZENA POKSINSKA, JENS JO

RGEN A. E. EKLUND
JO

Quality Technology and Management, International Graduate School of Management and Industrial
Engineering, Linkoping, Sweden; Centre for Studies on Human, Technology and Organizations,
International Graduate School of Management and Industrial Engineering, Linkoping, Sweden
ABSTRACT This paper presents the results of a questionnaire survey of the auditing practices and
the value of certification audits in 269 Swedish ISO 9001:2000 certified organisations. Certification
audits help to improve the quality management system and increase the motivation for quality work.
Certified organisations want auditors not only to issue a certificate, but also to share their own
experiences and give suggestions for improvements. Audit conclusions, which imply consultancy
work, are a common practice among auditors. Furthermore, there exist great differences
regarding the required conditions for certification. The differences primarily depend on the
auditors, but also on the certification bodies. Finally, the study also indicates that the audit
procedure has improved after the ISO 9000 revision in 2000.
KEY WORDS : Certification audits, ISO 9001:2000, QMS, survey, certification bodies
Introduction
Quality audits have gained prominence in the last 30 years as a tool for assessing the
effectiveness of quality assurance efforts and, more recently, for the evaluation of compliance with quality standards such as ISO 9000. Auditing is an important function for the
effective deployment of quality management systems (QMS).
The primary aim of a certification audit is to examine whether existing quality processes
and activities comply with the standard requirements. Usually an audit consists of two
stages. First, auditors assess the compliance of quality assurance procedures and related
Correspondence Address: Bozena Poksinska, Quality Technology and Management, Department of Mechanical
Engineering, International Graduate School of Management and Industrial Engineering, 581 83 Linkoping,
Sweden. Email: bozpo@ikp.liu.se
1478-3363 Print=1478-3371 Online=06=07087914 # 2006 Taylor & Francis
DOI: 10.1080=14783360600595294
880
B. Poksinska et al.
documentation with the standards requirements. In the second stage, auditors typically
evaluate whether actual quality assurance activities conform to the documented procedures and are actively implemented.
However, are certification audits only supposed to ensure compliance with the standard
requirements? Is a certificate the only goal of third party audits? Some authors argue
(Wealleans, 2000) that certification auditors must stick to noting pure compliance with
the assessment standard. Anything else is unprofessional and can be dangerous. On the
other hand, the revision of ISO 9001 in 2000 made some requirements non-prescriptive.
ISO 9001:2000 includes requirements that are not specific or traceable. Some quality professionals are expressing concerns about the auditability of the standard (Russell, 2001). If
conformance to requirements is not verifiable and traceable, the credibility of the audit
function could be questioned. Some authors argue that certification audits are losing
importance and there is a crisis in its sense and credibility (Anttila & Vakkuri, 2001).
In addition, the certification itself does not provide a competitive advantage anymore; if
the certificate has no commercial or marketing benefit then organisations can control
their quality just as well without third party registration. The role of quality system auditing is changing and the certification bodies themselves recognise that they need to change
their auditing practices more towards management audits. The certification itself is not
enough to keep and win the customers (Anttila & Vakkuri, 2001).
No studies were found that have investigated the certification bodys role in achieving
benefits from ISO 9000 and sustainable development. However, there are many indications pointing to a substantial role for audits not only for the effectiveness of quality
systems, but also for organisational learning and continual improvement. Audits may
provide audited organisations with a unique opportunity to receive advice, new ideas
and help from the outside. Organisations are obviously best placed to manage the processes they own on a day-to-day basis, yet when involved in the daily routine, time to
think ahead is scarce and one can be blind to defects in ones own backyard. Auditors
may intervene at this level and share their own experience acquired through visits to
other departments or organisations. External auditing has great potential to improve the
effectiveness of QMS and to contribute to long-term learning and continual improvement
of organisations (Barthelemy & Zairi, 1994; Poksinska, 2003). On the other hand, some
authors believe that adding value by identifying improvements is not what customers
want. If organisations wanted business advice they would seek a contract with a recognized consultancy firm, not with an ISO 9001 auditor (Wealleans, 2000, p. 24).
There are plenty of criticisms about the certification bodies. One needs to acknowledge
that third party auditors are not truly independent. After all, they are paid for the certification services by the organisation they audit and they wish to continue being paid. There is a
lot of talk about the big differences among different auditing organisations regarding what
is required to become certified. Some certified organisations claim that unofficially there
exists a kind of ranking of auditing organisations, from those that are very demanding to
those that have low requirements (Poksinska, 2003).
A further criticism concerns the certification bodies focus on documentation. There are
many complaints that auditors require a lot of documentation and that most remarks are
concerned with missing documents. The documentation is mostly created to satisfy the
auditors claims, not to provide value for the organisations. This type of remark and
non-conformity reporting does not provide any value for the certified organisations and
their customers, just increases the bureaucracy. It might be that the bureaucracy often
From Compliance to Value-Added Auditing
881
criticised in ISO 9001-3:1994 is, to some extent, created by certification organisations,

which find it easier to look at documents than to investigate and assess organisational processes (Poksinska et al., 2003; Williamson et al., 1996). Williamson et al. (1996) investigated attitudes and methods of auditors from five large auditing organisations (BSI
QA, Lloyds Register QA, SGS Yarsley, Beta QI and NQA). Summarising the results,
the survey indicated that auditors focus primarily on the task of deciding whether or not
an organisations quality system is effectively documented and place less emphasis on
the outcomes of the system. The auditors also stated that their primary task is to judge
compliance of a documented management system against the criteria of ISO 9001-3;
the major problem being seen is poor documentation of systems.
This paper presents the results of a questionnaire survey investigating the auditing practices and the value of certification audits in Swedish organisations. The paper aims to
answer the question of whether external audits are only a tool to ensure that there is a compliance with standard requirements or also a tool to develop organisations through learning, continual improvement and a problem-solving culture. The questionnaire also gave an
opportunity to explore several further questions and hypotheses. One question was
whether auditors are a homogeneous population or whether the certification body influences the auditors opinion and way of working. Another question was what is actually
the auditors role desired by the certified organisations.
Research Methodology and Questions
The questionnaire was developed based on the authors experiences and inspiration from
the literature (Barthelemy & Zairi, 1994; Biazzo & Garengo, 2004; Pivka, 2004; Williamson et al., 1996). The questionnaire was sent to an international network of researchers
with a request for comments and suggestions for improvements. After the questionnaire
was revised, it was translated into Swedish and sent again for comments to a Swedish
network of researchers. As the next step, two seminars were organised: one with quality
managers and another one with researchers from Linkoping University. The questionnaire
was then revised again. Finally, the questionnaire was tested with ten quality managers
from different organisations in the region. The respondents were asked to fill in the questionnaire and comment on the questions. The purpose of this testing was to find out if there
were any difficulties with answering the questionnaire and if the questions were interpreted as intended.
A questionnaire was sent to every tenth organisation that had achieved ISO 9001:2000
certification, irrespective of its size, nature of business, certification date, etc (528 organisations in total). The addresses were taken from the database at www.isofakta.com. The
questionnaire was addressed to the quality managers. The response rate after two weeks
was about 33%. At that time the first reminder was sent. The reminder increased the
response rate only by 3% and the decision was made to call the participating organisations.
The purpose of that was not only to increase the response rate, but also to find out the
reasons for non-response. The calls showed that many questionnaires did not reach the
addressees. The Isofakta database included the name of the quality manager only for
some organisations. If the name was missing the letter was addressed to the person
responsible for quality. This way of addressing meant that these letters were sometimes
regarded as junk mail and put aside by the personnel sorting the post, or else the quality
managers found it unimportant. Addressing to an individual also had disadvantages. Some
882
B. Poksinska et al.
quality managers had left the organisations and the name on the envelope caused the letter
not to be forwarded to the new quality manager. The final response rate was 51%.
Of the 269 respondents, 49% could be defined as small organisations (max. 50
employees), 33% as medium (between 50 and 250 employees) and 18% as large (over
250 employees). As mentioned previously, the questionnaire was addressed to quality
managers. Fifty-two percent of respondents were quality managers. Twenty-six percent
were quality and environmental managers. Eleven percent were CEOs and 11% were
others. The last two groups of respondents came from small organisations where there is
no formal position of a quality manager. Under the category of other were most frequently
marketing and production managers. A t-test for differences in responses between the
different respondent groups was performed, but no significant differences were found.
The following questions were included in the questionnaire:
.
.
.
.
.
.
.
.
.
.
.
.
What facts guided the organisation in the choice of the certification body?
Do there exist differences in the required conditions for the certification?
Which role for an external auditor would be best for the certified organisations?
Do auditors focus too much on documentation?
Do auditors demand too much or too little?
Do audits help to improve the QMS?
Do organisations learn from external audits?
Do auditors improve motivation for quality work?
Do auditors have good competence?
Which sources of information are used by auditors in performing an external audit?
What are the audit conclusions?
Has the audit procedure for ISO 9001:2000 improved in comparison to ISO 90013:1994 procedure?
. What is the satisfaction grade with the certification audits?
. Are there any other benefits from external audits besides the certificate? Which?
The data were analysed with SPSS 12. Simple statistics as well as ANOVA, t-tests, and
regression models were used.
Results
Almost all Swedish organisations are certified with seven certification bodies:
Semko-Dekra, Det Norske Veritas, Bureau Veritas, LRQA Integria, SFK Certifiering,
Sveriges Provnings- och Forskningsinstitut (SP) and BMG Trada. Semko-Dekra and
DNV have together about 40% of all certificates in Sweden. The analysis of the market
share obtained in the questionnaire was compared with the real market shares from the
respective certification body. There was a good match between the numbers, which
shows that the survey sample is a good representation of the total population. The
names of the certification bodies were codified with Greek letters.
Motives for the Choice of the Certification Bodies
The respondents were asked to indicate which of the different motives guided them in the
choice of the certification body. Multiple responses were possible. The most frequently
883
circled answer was the good reputation of the certification body (see Table 1). The other
frequent answers were known from other relationship, recommended by external consultant, cheaper than the others, and recommended by a colleague. The first five
ranked motives, except cheaper than the others, could be summarised as previous
experience with the certification body. A certification body was chosen because the
auditees or someone else had a good experience with the auditor. Motives such as
low or high demands for the certification did not play an important role. In addition
to the given motives for the choice of the certification body, it was also possible to
write in another motive. The most frequent other motive was the internationalism of
the certification body.
Cross-tabulation of the different motives with certification bodies revealed further interesting aspects. Some certification bodies were more frequently chosen because they are
cheaper, some because they have a good reputation. For example Betas and Deltas
customers indicated most frequently the motive cheaper than the others, whereas 19%
of those who indicated the reason good reputation were Gammas customers, which
accounted for 39% of all motives indicated within the certification body. Furthermore,
Alfa and Sigma are most frequently recommended by external consultants. The reason
behind this is that these certification bodies often hire consultants to audit organisations
in case they need some special competence within an area.
Differences in Required Conditions for the Certification

The questionnaire showed that there exist differences regarding the required conditions for
the certification. On the seven-point scale (1: no difference at all; 7: very great differences), 51% of respondents chose one of 5 (26%), 6 (13%) or 7 (12%), which means
that there are great differences in what is required to became certified. Only 3.5% of
respondents found that no differences exist at all.
The next question asked if the differences depend on the certification body or the
auditor. Most respondents found that the differences depend both on the certification
body and the auditor (65%). Thirty-four percent found that the differences depend exclusively on the auditor. Finally, only 1% found that they depend solely on the certification
Table 1. Motives for the choice of the certification bodies
The certification body was chosen because it
Percent of answers
has good reputation

was known from other relationship
was recommended by external consultant
is cheaper than the others
was recommended by a colleague
is situated close to our organisation
is more demanding than the others
is the only one possible in our business sector
is less demanding than the others
is international
other
Total
117
80
67
47
45
25
14
5
3
17
20
440
26.6
18.2
15.2
10.7
10.2
5.7
3.2
1.1
0.7
3.9
4.5
100
884
B. Poksinska et al.
body. While the differences among the auditors seemed to be obvious, the differences
among the certification bodies were only a hypothesis. Auditors are recruited from a
variety of backgrounds and most of them have considerable previous experience in
quality management. They are also different persons and for this reason they may differ
in their way of auditing. It is, however, interesting to determine whether certification
bodies influence the auditors opinion via training and organisational culture. As shown
later in this paper, there are also significant differences among auditors within the different
certification bodies.
Role of an External Auditor
One of the problems of the current auditing practice is disagreement about the auditors
role. According to SWEDAC, the Swedish accreditation body, the only goal with a third
party audit is a certificate, and auditors should not give any advice or make other contributions to make the QMS more effective. On the other hand, certification bodies are
not truly independent. They are paid and wish to be paid by organisations that want to
be certified and they need to listen to their customers, but what do the customers actually want? Are they really interested in advice from auditors? Wealleans (2000) claims
that identifying improvements is neither what customers want nor the intention of the
regime.
For this reason, one question asked: Which role for an external auditor would be best
for the certified organisations, in your opinion? The questionnaire included seven descriptions of the auditors role. The first description was closest to the traditional auditors role,
checking compliance with the standards requirements. The last description was closest to
the improvement consultants role. The other descriptions were intermediate between the
traditional and the consultants role. The results are presented in Table 2. The descriptions
Auditor shall share own experience and give suggestions for improvements and Auditor
shall give an objective view on the QMS effectiveness received the highest means.
Table 2. Role of an external auditor
Auditor shall share own experience and give suggestions for

improvements.
Auditor shall give an objective view on the QMS
effectiveness.
Auditor shall evaluate whether actual quality management
activities conform to the documented procedures.
Auditor shall assess whether the QMS is suitable to achieve
corporate objectives and improvement.
Auditor should do both: evaluate the compliance with the
standards requirements and work as an improvement
consultant
Auditor shall primarily check whether the documented
procedures comply with the standards requirements.
Auditors shall stick to noting pure compliance
with the standard. Going beyond this role is unwelcome.
1: strongly disagree. 7: strongly agree
Mean
SD
269
6.14
1.292
269
5.90
1.232
269
5.55
1.517
269
5.43
1.623
266
5.29
1.906
269
4.54
2.054
266
2.12
1.429
885
Noticing that the description Auditors shall stick to noting pure compliance with the
standard. Going beyond this role is unwelcome had the lowest mean, one can draw the
conclusion that certified organisations not only want auditors to issue certificates, but
also to contribute to the improvement of the QMS. The descriptions Auditor should do
both: evaluate the compliance with the standards requirements and work as an improvement consultant and Auditor shall primarily check whether the documented procedures
comply with the standards requirements received relatively many extreme answers
which means that some people strongly disagreed and some people strongly agreed. In
the first case, some respondents commented that auditors cannot be consultants,
because it would mean that they would audit themselves.
Perceptions of Audits and Auditors
In the next question, the respondents were asked, bearing in mind their current auditors
and last audits, to indicate to what extent they agree with various statements about
audits and auditors. The results are presented in Table 3. The first three statements
concern some benefits from external audits that were identified in the previous studies
of ISO 9001-3 certified organisations (Barthelemy & Zairi, 1994; Poksinska, 2003). As
shown in Table 3, respondents found that audits help them considerably to improve the
QMS and that they learn from external audits. Furthermore, they found that auditors
improve motivation for quality work.
The next statement measured whether auditors focus too much on documentation. The
results showed that this is not the case. The statement was also tested for differences
between small and large organisations and significant differences in the mean scores
were found (ANOVA test, significant at the 0.05 level). Small organisations were more
negative and agreed more that auditors focus too much on documentation. This result is
not surprising since small organisations have less need for document support than have
large organisations. Significant differences were also found among certification bodies,
but these will be discussed separately in the section on Differences among certification
bodies.
The next statement concerned the competence of auditors. Respondents found that auditors have generally good competence. Further analysis (regression model) as well as comments in the questionnaire showed that competence of an auditor is the most important
Table 3. Perceptions of audits and auditors
Audits help us much to improve our QMS

We learn a lot from external audits.
Auditors strongly improve motivation for quality work
Auditors focus far too much on documentation
Auditors have good competence
Auditors make too heavy demands
Auditors make too low demands
Auditors succeed in obtaining a true and fair view of the
actual quality practices in our organisation
Mean
SD
268
268
268
264
268
264
264
265
5.10
5.09
4.61
3.14
5.61
2.83
2.79
4.34
1.597
1.599
1.567
1.569
1.286
1.484
1.631
1.492
886
B. Poksinska et al.
factor influencing satisfaction with the certification audit. According to the Kano model
for customer satisfaction (Kano et al., 1984), good competence of the auditors is a
basic need that must be satisfied. If respondents found that their auditors have low
competence, the satisfaction grade with the audit was also low.
Furthermore, the results showed that auditors make neither too low nor too high
demands. The statements were tested for differences between small and large
organisations and significant differences were found for Auditors make too low
demands. Large organisations agreed more that auditors demand too little than did
small organisations. Small organisations have been slow to adopt quality improvements
in a systematic way. The main barrier is that most small organisations have limited
resources and therefore find it difficult to appoint a full-time quality manager (Gustafsson
et al., 2001). For this reason it is not surprising that they perceive the demands auditors put
on them in a different way than do large organisations.
Finally, the last statement tested whether auditors succeed in obtaining a true and fair
view of the actual quality practices in certified organisations. The mean value (4.34)
was a bit above the middle (4) on the seven-point scale. This indicates that auditors
neither fail nor succeed in this matter. This statement induced many comments from
respondents saying that auditors succeed in obtaining a true and fair view if the audited
organisation wants that. It depends very much on the audited organisation what kind of
picture an auditor obtains when auditing an organisation.
Sources of Information Used in External Audits
The next question asked Please indicate to what extent the following sources of information are used by your current auditors in performing an external audit?. The question
provided a predefined set of information sources, but it was also possible to add some
additional sources.
As can be read from Table 4, interviews with the quality manager are the most
frequently used source of information. The quality manager is a person who manages
Table 4. Sources of information used in performing an external audit
Interviews with quality manager

Evidence of corrective actions
Reports from internal audits
Interviews with top management
Documented procedures and instructions
Quality manual
Customer complaints and satisfaction measurements results
Improvement action plans
Interviews with process owners
Evidence of performance measurements
Observations of activities and the surrounding work environment
Evidence on progress of improvement projects
Definitions of customer requirements and expectations
Interviews with employees in non-managerial position
1: Not at all; 7: Very much
Mean
SD
265
267
268
268
267
267
268
267
260
267
266
265
267
268
5.98
5.50
5.48
5.39
5.31
5.22
5.19
5.13
5.02
4.93
4.81
4.74
4.58
4.43
1.276
1.281
1.336
1.289
1.279
1.598
1.384
1.364
1.417
1.540
1.358
1.484
1.483
1.588
887
contacts and coordinates audits with the certification body. It is unclear how respondents
interpreted the word interview. It might be that they did not have in mind systematic,
structured or formalised interviews, but rather all talks held during the certification audit.
The next five sources of information, excepting interviews with top management, are
related to different documents. These results are very much in line with the Williamsons
et al., study (Williamson et al., 1996), which investigated attitudes and methods of auditors (auditors as respondents). In their study the most popular choice was evidence of corrective actions. Quality procedures and records was the second most popular reply and
documented evidence of reviews was the third most popular. Only a few auditors admitted
to using other evidence during an audit, such as staff understanding their responsibilities
and customer requirements. In this study, interviews with employees in non-managerial
positions obtained the lowest mean. According to the authors experience, this source of
information is, however, an effective tool for assessing if an organisation lives up to the
quality policy and objectives it has committed itself to promote. The variable Auditors
succeed in obtaining a true and fair view of the actual quality practices in our organisation also showed weak positive correlation with the variables Observations of activities and the surrounding work environment (r 0.3, p , 0.001), Improvement action
plans (r 0.29, p , 0.001), Interviews with employees in non-managerial positions
(r 0.2, p , 0.001). These results indicate that this kind of information source is
important for obtaining and drawing relevant audit conclusions.
Audit Conclusions
In the next question on the questionnaire, the respondents were asked to indicate to what
extent the audit conclusions addressed different issues. The question again included a
predefined set of different audit conclusions with the possibility to add ones own experiences. The results are presented in Table 5.
One should notice that the two highest ranked audit conclusions are related to compliance audit. Both statements describe the assessment of compliance of the quality manual
and other documented procedures with the standards requirements. The statement Auditors identified improvement opportunities and possible areas of risk received the third
highest mean. Even if this audit conclusion goes beyond the role of simply issuing a certificate, it is limited only to identifying areas of improvement and risks. It is up to the
audited organisation how to use this audit conclusion. In contrast, the audit conclusion
If non-conformities were found, the auditors made suggestions for corrective actions,
which received the second to lowest mean in the survey, gives more concrete solutions
for handling problems. This kind of advice is closer to consultancy work. Wealleans
(2000) expressed concerns that for auditors to give advice might be dangerous. They
spend only a very short time at the audited organisation, far too short a time to make
sound judgements and give valuable advice. As a result, audited organisations may act
upon poorly informed advice and implement changes for the worse and not for the
better. However, the authors do not believe that organisations listen blindly to auditors
advice. Bearing in mind the argument that certification bodies are not really independent,
because they are paid by auditees, it is unrealistic to assume that organisations feel obligated to listen to the advice of assessors. Previous studies in the area showed that even
non-conformities are not always handled. If a non-conformity was regarded as unjust or
888
B. Poksinska et al.
Table 5. Audit conclusions
Auditors evaluated whether the documented procedures

comply with the standards requirements.
Auditors checked whether the quality manual complies
with the standards requirements.
Auditors identified improvement opportunities and possible
areas of risk.
Auditors provided information to top management regarding
the organisations ability to meet quality objectives.
Auditors described the extent of conformity of the management
system with the audit criteria.
Auditors emphasised the areas of the QMS that they found to
be especially effective or successful.
Auditors provided valuable insights for the organisation into
how the QMS could become more efficient and useful.
Auditors identified problems, which, if resolved, will enhance
the organisations performance.
If non-conformities were found, the auditors made suggestions
for corrective actions.
Auditors encouraged and stimulated the organisation to go beyond
the requirements of the standard.
1: Not at all; 7: Very much
Mean
SD
266
5.41
1.295
268
5.29
1.538
268
5.19
1.444
268
5.08
1.631
266
4.95
1.461
268
4.82
1.470
268
4.74
1.527
268
4.28
1.516
268
4.18
1.658
267
3.94
1.708
not valuable, it was simply not handled. It was just important to motivate the decision to
the certification body and the certificate was not endangered (Poksinska et al., 2003).
Differences among Certification Bodies

Several variables from the questionnaire were tested for differences between certification
bodies. One-way ANOVA and post hoc Boneferroni tests were used. Several significant
differences were found.
One of the hypotheses was that the auditors way of auditing and the mediated view
on the QMS may influence the view of the system in the audited organisations. In one of
the questions, respondents were asked to indicate what is the main function of the QMS
at the respondents organisation. The ranking of the different functions is presented in
Table 6; the Mean represents the average for all certification bodies. To test the
above hypothesis, ANOVA with post hoc Boneferroni tests were performed. Significant
differences were found in two cases (see Table 6). For Deltas customers the QMS has
significantly less importance for how the organisation works than for Gammas and
Sigmas customers. In the second case, again Deltas customer had a significantly
lower mean on the function Our QMS is a tool to improve internal efficiency compared
to Sigmas and Gammas customers. These results indicate that the above hypothesis is
accepted.
Further significant differences were found in the use of different information sources
when performing certification audits. Certification bodies used to different extents the following sources of information: interviews with the quality manager, interviews with
889
Table 6. The main function of a QMS and differences between certification bodies
(I)
Certification
body
(J)
Certification
body
Mean
difference
(I-J)
Dependent Variable
Mean
Our QMS is a tool for continual

improvement of our organisation
Our QMS is a tool to fulfil the
customers needs and requirements
Our QMS is a tool for managing
and improving quality of our
products
Our QMS is a tool for handling
documentation
Our QMS is a tool to improve
internal efficiency
Our QMS is a tool for standardizing
organisational processes
Our QMS has great importance for
how our organisation works
Our QMS is a tool for effective
company management
5.53
No significant differences found
5.52
5.13
5.00
4.89
Sigma
Delta
1.03
Gamma
Delta
1.02
0.05
0.05
Gamma
Delta
1.19
Sigma
Delta
1.20
0.01
0.01
4.89
4.69
4.07
Sig
employees in non-managerial positions, quality manuals, documented procedures and

instructions, reports on handling non-conformities. It is important to mention that it was
always the same certification body that distinguished itself by significantly greater
focus on the quality manual and documented procedures and instructions and less use
of interviews with employees in non-managerial positions. At the end of the analysis it
was possible to identify a clear profile of this certification body, which could be described
as documentation oriented.
Significant differences were also found in audit conclusions. The documentationoriented Delta distinguished itself again in the audit conclusion Auditors checked
whether the quality manual complies with the standards requirements. Further differences were found in the audit conclusion Auditors identified problems, which, if resolved,
will enhance the organisations performance. Here, Sigma distinguished itself, and on the
whole could be described as a more development-oriented certification body.
Finally, one-way ANOVA and post hoc Boneferroni were also performed on the different
perceptions of audits and auditors. Significant differences were only found in one aspect,
namely Auditors focus too much on documentation. It was again Delta that had a significantly higher mean for focus on documentation than did the other certification bodies.
Satisfaction with External Audits
On the whole, the certified organisations were satisfied with the auditors work. On the
question Which general grade do you want to give external audits? 57% of respondents
assigned grades 6 and 7, where 7 was very good and 1 was very bad. None found that
external audits are very bad, but about 8% assigned grades 2 and 3.
890
B. Poksinska et al.
Benefits from External Audits

A further question asked if there exist benefits from external audits other than the
certificate. Twelve percent of respondents found that the certificate is the only benefit.
This result might seem to be surprising with regard to the generally high satisfaction
with external audits. However, the satisfaction does not fully correlate with the perceived
benefits from the certification audit. In the group no other benefit besides the certificate
there were respondents who were very satisfied and less satisfied with external audits, but
they, however, differed in the view on the expectations on the auditors role. The group
with great satisfaction had a significantly higher mean on the role Auditor shall primarily
check whether the documented procedures comply with the standards requirements.
Finally, the respondents were asked to indicate in an open question which benefits
besides the certificate they perceive from external audits. All answers were analysed for
affinities and five groups of benefits were found. The first group, new ideas and suggestions for improvements, accounted for 32% of all answers. Under this group were classified such statements as new ideas, suggestions for improvements, hints for solution of
problems, and sharing experience gained from other organisations. In the second group,
drives the quality work forward, which accounted for 22% of all answers, were classified
such statements as continuous improvement and it prevents stagnation. In the third
group (17.2% of answers), exert pressure on employees, were classified statements
such as: puff of flame and smoke, it creates respect by employees, it forces one to
work with the system despite being overworked, people take it more seriously,
quality manager can motivate in this way that some work needs to be done. The
benefit external expert who opens the eyes (16.3% of answers) implies that it is good
to have visits from competent people from outside, because one can be blind to defects
on ones home turf.
Audit Procedure for ISO 9001:2000 and ISO 9001-3:1994
Another question asked if the audit procedure for ISO 9001:2000 has changed in comparison to ISO 9001-3:1994. As shown in Table 7, there are great differences between the two
audit procedures. The respondents mostly agreed that the audit procedure for ISO
9001:2000 is more focused on assessing the effectiveness of the QMS. Furthermore,
Table 7. Difference between audit procedure for ISO 9001:2000 and ISO 9001-3:1994
Audit procedure for ISO 9001:2000 is

more focused on assessing the effectiveness of the QMS.
Audit procedure for ISO 9001:2000
improved in comparison to ISO 9001-3:1994 procedure.
prevents stagnation and promotes improvement of the QMS
is less focused on documentation.
There is no difference between audit
procedure for ISO 9001:2000 and ISO 9001-3:1994
1: Strongly disagree; 7: Strongly agree
Mean
SD
236
5.31
1.369
229
5.05
1.650
234
5.02
1.512
232
4.69
1.609
231
3.50
1.965
891
it was found that the new audit procedure prevents stagnation and promotes improvement
of the QMS. This is a positive result, since the old ISO 9001-3:1994 was criticised for
being stagnant. It was possible to achieve certification yet not to change anything in the
organisation (Sanders, 1994). It was also found that the audit procedure for ISO
9001:2000 is less focused on documentation.
Conclusions
The most frequent motive guiding organisations in the choice of the certification body was
that it should have good reputation. The judgement whether a certification body has a good
reputation or not was made based on the respondents own experience or on recommendations from consultants and colleagues. Not without importance was also the price for
the certification audit. Motives such as low or high demands did not play an important
role. The cross-tabulation of the different motives with certification bodies revealed that
some certification bodies are chosen more frequently because they have good reputation,
others because they are cheaper. There were also some certification bodies that were more
frequently recommended by consultants.
The questionnaire showed great differences regarding the required conditions for certification. The differences primarily depend on the auditors, but also on the certification
bodies. Analyses of the results highlight significant differences between the certification
bodies. These results indicate that certification bodies may influence the auditors
opinion via, for example, training and organisational culture. Significant differences
were found, among others, in the extent of use of different information sources and the
audit conclusions from the certification audits. An interesting result was that in the case
of one certification body it was possible to describe an auditing profile that could be
characterised as documentation driven.
A hypothesis was also considered that an auditors view on ISO 9001 and auditing way
might influence the audited organisations view of the quality management system. The
analysis of the main functions of the QMS at respondents organisations revealed significant differences between customers from different certification bodies. These results
support the hypothesis.
In the opinion of respondents, the auditors should not only issue a certificate, but also
share his or her own experiences and give suggestions for improvements. Auditors
should give an objective view on the QMS effectiveness. An integration of the auditors
and consultants roles, although desired, causes problems for some respondents,
because it means that auditors audit themselves.
Certified organisations found that audits help them to improve the QMS and that they
learn from external audits. Furthermore, they also found that auditors improve motivation
for quality work. The fact that auditors focus too much on documentation is a myth,
because it is not the case in the respondents eyes. Auditors also have good competence
and that is the most important condition for good audit results. In addition, auditors
demand neither too much nor too little. Finally, it depends on the audited organisation
if auditors succeed in obtaining a true and fair view of the actual quality practices in
the certified organisations.
The three most important information sources used in performing audits were interviews with quality managers, evidence of corrective actions and reports, and evidence
from internal audits. The results showed that auditors mostly rely on documented evidence
892
B. Poksinska et al.
and use less subjective evidence, such as their perceptions of attitudes and opinions. The
least used source of information appeared to be interviews with employees in nonmanagerial positions.
The highest ranked audit conclusions were related to the assessment of compliance of
the quality manual and other documented procedures with the standards requirements.
Further conclusions included identifying improvement opportunities and possible areas
of risk and providing information to top management regarding the organisations
ability to meet quality objectives. In addition, audit conclusions, which imply consultancy
work, are a common practice of auditors.
Even if certified organisations are generally satisfied with external audits, about 8%
were not satisfied. The dissatisfaction was mostly related to insufficient competence of
auditors. The most important additional benefits from certification audits are new ideas
and suggestions for improvements and help to drive the quality work forward.
Finally, the survey showed that the audit procedure for ISO 9001:2000 changed after
the standard revision. The new audit procedure is, among other things, less focused on
documentation and more focused on assessing the effectiveness of the QMS.
References
Anttila, J. & Vakkuri, J. (2001) ISO 9000 for the creative leader (Tampere: Tammer-Paino Oy).
Barthelemy, J. L. & Zairi, M. (1994) Making ISO 9000 work: the role of auditing, The TQM Magazine, 6(3),
pp. 44 47.
Biazzo, S. & Garengo, P. (2004) Development of a tool for assessing ISO 9001: 2000 audits, The Sixth Annual
Conference on Quality Management and Organizational Development, CNAM, Paris, 23 October 2003.
Gustafsson, R. et al. (2001) Experiences from implementing ISO 9000 in small enterprises a study of Swedish
organisations, The TQM Magazine, 13(4), pp. 232246.
Kano, N. et al. (1984) Attractive quality and must-be quality, Hinshitsu (The Journal of Japanese Society for
Quality Control), 14(2), pp. 3944.
Pivka, M. (2004) ISO 9000 value-added auditing, Total Quality Management, 15(3), pp. 345353.
Poksinska, B. (2003) Behind the ISO 9000 and ISO 14000 certificates. An Investigation of Quality and Environmental Management Practices in Swedish Organisations. Licentiate Thesis No. 1032, Department of Mechanical Engineering, Linkopings universitet.
Poksinska, B. et al. (2006) ISO 9001:2000 in small organisations - lost opportunities, benefits and influencing
factors, International Journal of Quality & Reliability Management, 23(5), pp. 490512.
Russell, J. P. (2001) Auditing ISO 9001:2000, Quality Progress, 34(7), pp. 147 148.
Sanders, R. L. (1994) Will ISO 9000 improve my records management program?, Records Management
Quarterly, October, pp. 4753.
Wealleans, D. (2000) The Quality Audit for ISO 9001:2000 - A Practical Guide (Gower).
Williamson, A. et al. (1996) Quality system auditors attitudes and methods: a survey, International Journal of
Quality & Reliability Management, 13(8), pp. 39 52.

From Compliance To Value-Added Auditing

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

From Compliance To Value-Added Auditing

Caricato da

Copyright:

Formati disponibili

Downloaded by Wahyu Prasetianto at 13:41 31 December 2014

Total Quality Management