1 300 899 443
Get An Estimate

Category: Certification Process

ISO/IEC 27701:2025: A New Era for Privacy Certification The world of privacy management is entering a new chapter.

ISO has confirmed that the second edition of ISO/IEC 27701, the international standard for Privacy Information Management Systems (PIMS) is set for publication in October 2025.  This long-awaited update represents a major shift in how organizations can demonstrate compliance and accountability in data protection.     Direct Certification: A Game-Changer for Privacy-Focused Organisations  Since its first release in 2019, ISO/IEC 27701 has functioned as an extension to ISO/IEC […]

Entry/Exit Meetings

Entry Meeting Every audit should start with one.  Why?  So that the scene, the scope, and the intents can be set.  Your auditor then explains the process, confirms the scope, describes reporting, categorisations of findings, confidentiality, and seeks clarification of reporting styles, lunch breaks, and report generation periods.  They might even give an overview of […]

Certification​

As a project manager who designs, implements and gets a quality management system certified, there are just way too many parameters to list and discuss when you should seek certification. The arbitrary milestones of December (for the calendar year KPI) and June (for the fiscal year KPI) leave me a little cold, especially when we […]

External certification auditors

In the bad old days last century, our learned auditing fraternity often took a supposedly very moral, very high ground, very technical, very inflexible attitude toward their task. Having achieved a modicum of extra knowledge in the field of quality management systems gave them, they thought, the right to run riot over the systems and […]

Get an Estimate

More about us and what we need
By submitting this request your email address will be added to our communication list. This list is not shared with anyone else. You will receive our monthly e-news so that we stay in touch. You can unsubscribe at any time if the information we provide is not helpful.
QualityIQ Website © 2024 All Rights Reserved
Facebook Linkedin

In the bad old days last century, our learned auditing fraternity often took a supposedly very moral, very high ground, very technical, very inflexible attitude toward their task. Having achieved a modicum of extra knowledge in the field of quality management systems gave them, they thought, the right to run riot over the systems and the personnel they were auditing. Not all auditors, but many.

It was so bad in the early days, consultants would school clients in how to be adversarial without being overtly obstructive, how to prepare records and files to present to them and so on.

So now, good consultants are very proactive with clients and should coach them how they should interact with certification bodies. If I am retained as a consultant, I will meet up with proposed auditors, review CVs, have a coffee meeting to get to know them and know their interpretation of the standard so that our clients get the best possible outcome.

I don’t try and influence decisions or matters of judgment. I just need to get an idea of expectations and interpretation. Be aware, most auditors are very time poor (who isn’t), and most are subcontractors who do not value ‘free’ customer relationship visits. This does not mean you can’t do it by phone or email. Just make sure you start the relationship before they arrive for their first auditor visit.

Have you ever been subjected to a 3rd party auditor who won’t answer a direct question concerning a particular aspect of your business because they see their answer as consulting? It is a fine line but one worthy of adhering to.

Why? Well mostly because their JAS-ANZ charter as an auditor does not allow them to and especially so on matters they have raised.

You can ask auditors questions concerning the standard, the certification process and perhaps, to some extent, interpretations of these aspects. Though, don’t be surprised if they give the ‘no can consult’ answer if you haven’t framed it correctly.

When is the best time to ask them any question concerning a finding? Well, not at the exit meeting. The best time to ask is when the matter / finding is identified / discovered and you are informed that it will be recorded in the report.

Get clarification. Get the exact example they will cite, be comfortable about the result. Then, after you have considered it (and not necessarily at the time it was discovered) pose a possible solution and seek a determination whether your solution would have avoided or at least mitigated the original finding. If yes, you can start down that track. If no, don’t badger them, rethink, reformulate and ask again.

If your certification provider is reporting findings correctly, you should be able to handle system changes as a result of audit reports without having to consult with them.

External certification auditors

Certification Process

In the bad old days last century, our learned auditing fraternity often took a supposedly very moral, very high ground, very technical, very inflexible attitude toward their task. Having achieved a modicum of extra knowledge in the field of quality management systems gave them, they thought, the right to run riot over the systems and the personnel they were auditing. Not all auditors, but many.

It was so bad in the early days, consultants would school clients in how to be adversarial without being overtly obstructive, how to prepare records and files to present to them and so on.

So now, good consultants are very proactive with clients and should coach them how they should interact with certification bodies. If I am retained as a consultant, I will meet up with proposed auditors, review CVs, have a coffee meeting to get to know them and know their interpretation of the standard so that our clients get the best possible outcome.

I don’t try and influence decisions or matters of judgment. I just need to get an idea of expectations and interpretation. Be aware, most auditors are very time poor (who isn’t), and most are subcontractors who do not value ‘free’ customer relationship visits. This does not mean you can’t do it by phone or email. Just make sure you start the relationship before they arrive for their first auditor visit.

Have you ever been subjected to a 3rd party auditor who won’t answer a direct question concerning a particular aspect of your business because they see their answer as consulting? It is a fine line but one worthy of adhering to.

Why? Well mostly because their JAS-ANZ charter as an auditor does not allow them to and especially so on matters they have raised.

You can ask auditors questions concerning the standard, the certification process and perhaps, to some extent, interpretations of these aspects. Though, don’t be surprised if they give the ‘no can consult’ answer if you haven’t framed it correctly.

When is the best time to ask them any question concerning a finding? Well, not at the exit meeting. The best time to ask is when the matter / finding is identified / discovered and you are informed that it will be recorded in the report.

Get clarification. Get the exact example they will cite, be comfortable about the result. Then, after you have considered it (and not necessarily at the time it was discovered) pose a possible solution and seek a determination whether your solution would have avoided or at least mitigated the original finding. If yes, you can start down that track. If no, don’t badger them, rethink, reformulate and ask again.

If your certification provider is reporting findings correctly, you should be able to handle system changes as a result of audit reports without having to consult with them.