Rank: Forum user 
|
Hi,
Has anyone had an external audit carried out by the BSI group especially on 18001 and/or 14001? I work in a consultancy role and the number of sites I have been involved with who have no conformities at all from the above is worrying.
The same sites on further inspection either by another external auditor picked up a number of high level corrective actions such as COSHH, DSEAR, lack of Leadership commitment, Fire Safety, Planning and Resources, Communication and Engagement amongst others. In addition, there are Pre-safety start ups, Record keeping, Incident investigations and RCA (root cause analysis) also identified as needing corrective actions. What I am trying to figure out is why are these companies/sites able to retain certification and why are these not picked up by the BSI auditors. One comment from a site manager is they can steer the auditors to wherever directions they want them to go to avoid them picking up any non-conformities. In addition, it appears there is a systemic failure on the part of the auditors not to pick up 'difficult' areas such as COSHH etc. when carrying out their audits. How is that a site with no updated COSHH assessment can have no corrective action? How is it that such sites have had a BSI audit yearly and none of the auditors picked on these.
In my opinion, these may put the companies/sites in a difficult position as the SHE Managers or site managers and indeed the business will be under the impression they've got everything covered until there is a major failure.
Is this a common issue with other consultants and how can we make sure we guard against these when we visit such companies/sites?
|
|
|
|
|
|
Rank: Super forum user 
|
Auditing is based upon sample.
Just like an MOT valid solely at time of inspection and specifically for those matters inspected. As the certificates are now duration limited (3 year) the overall audit plan is intended to touch upon each clause of the standard at least once during the certificates validity - usually documented in the re-certification plan. Each independent auditor will have their own plan so it is feasible one may look at COSHH on the first visit whilst another may not look at COSHH until their sixth (assuming 6 month intervals). It is the role of internal auditors to continually examine the businesses systems - unfortunately if they audit by tick box this is where a business gains a false sense of security. As with everything in the realms of HS&E only the courts decide if a business has done everything reasonable and sufficient - everyone else merely provides advice.
|
 1 user thanked Roundtuit for this useful post.
|
|
|
|
Rank: Super forum user
|
BSI themselves will be accredited to audit to these standards by UKAS. I have been done over by UKAS and I know that they are (or at least were) thorough. Why are you clients having other external auditors and are they working to the same standards?
|
|
|
|
|
|
Rank: Forum user
|
Having just had 2 9001 BSi audits I can say both of my auditors were thorough with what they looked at but as has been pointed out, its only a sample and what they see / find on the day.
|
|
|
|
|
|
Rank: Super forum user
|
I think a lot of it is down to the way that certification/surveillance audits are carried out. Yes, any audit is a sample, but logically the larger the sample, the more accurate it is likely to be. Certification audits generally take less than a day, and with the best will in the world, will be very limited in what they pick up, plus they are more easily 'guided' by the organisation towards favourable aspects and away from problem areas. The auditor will simply not have the time to probe very deeply, and so results can be quite superficial.
In my consultancy and auditing days, I carried out five-day audits (occasionally up to ten days). This timescale permits a more thorough examination of the management of health and safety, and the time to follow up on things. Few organisations would be willing to meet the costs of an audit for certification that took this length of time, so the system relies on one-day audits, which will have limited usefulness and are bound to miss things.
|
|
|
|
|
|
Rank: Forum user
|
If an organisation's internal audit plan is robust and their internal auditors are competent, the organisation should find, raise and address nonconformances before the external auditor, regardless of what certification body the external auditor belongs to.
|
1 user thanked UncleFester for this useful post.
|
|
|
|
Rank: Super forum user 
|
Historically I've used both BSI and LRQA, I've found LRQA to be more 'robust' BUT people (sic) put these institutions on a pedstal, why wouldn't they? the fact is that if you can privide 'objective evidence' during the audit they simply cannot issue non-conformities particualry of a 'major' variety
At £900+ a day you are a valued customer, are they really going to issue major non-conformities unless of course they simply have no choice?
BSI and LRQA and other certifying bodies are commercial entities
|
|
|
|
|
|
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.