Future-proof auditing - considerations on the context of the organization

CONTENT

• Future-proof auditing - Considerations on the context of the organization
• The audit must follow suit
• Rethinking auditor competencies
• Interdisciplinary audit teams 2.0
• Expanding the focus of knowledge
• Conclusion: ISO 9001 grows with us
• DQS - pioneering the certification of management systems

Future-proof auditing - Considerations on the context of the organization

In a world of continuous change, Clause Four of ISO 9001 is of great importance because it provides the necessary impetus to keep the quality management system (QMS) flexible, adaptable, and future-proof. Ensuring the long-term relevance and effectiveness of the QMS, especially in the VUCA* world, is on the agenda. The "expertization" of ISO 9001, which goes hand in hand with this, is undoubtedly more than just a fad; it is a significant trend that responds to the increasing demands on quality, efficiency, and international competitiveness.

Terms such as globalization and internationalization, growing complexity in the supply chain, digitalization, and sustainability have long been everyday topics in quality management. As a certification company, we observe that this development is meeting with acceptance. More and more companies are recognizing the value of a highly optimized quality management system to assert themselves in an increasingly complex and dynamic business environment and act with agility: quality management as change management.

From a change management perspective, the "expertization" of ISO 9001 is not just a trend but a necessary development. The ability to effectively manage change while maintaining high-quality standards is crucial in today's business world. Companies that refine—or "expertize"—their ISO 9001 processes are laying the foundation for managing change and using it as an opportunity for growth and innovation.

*Translator's note: VUCA is an acronym based on the leadership theories of Warren Bennis and Burt Nanus, to describe or to reflect on the volatility, uncertainty, complexity and ambiguity of general conditions and situations.

The audit must follow suit

As a certification body, it is our perception that the increase in complexity emanating from the context of the organization necessarily leads to a parallel development. Audits of quality management systems in accordance with ISO 9001 increasingly require - or should require - the involvement of other specialists in addition to the QM auditor. This is particularly true in technological or regulatory environments, and by the way, it is not just the external certification audit, but also the internal audit. The challenge - for DQS as a certification body and for each organization - is to look for new constellations in the composition of auditor teams and to measure their performance against the reality of the issues.

In other words, the scope of an ISO 9001 certificate for a particular organization naturally defines the specific areas, processes, products and services of that organization, which in turn are covered by its quality management system. And this is where we get to the analogy to the audit, because the scope must reflect the technical and methodological skills of the team of auditors, i.e. the ability of the auditors to to assess and validate the defined scope appropriately.

Rethinking auditor competencies

The need for industry-specific knowledge is not in question. On the contrary, in recent years the German Accreditation Body (DAkkS) has further tightened the requirements for auditor competence in accordance with ISO/IEC 17021-1 in recent years.

Auditors must demonstrate sound specialist knowledge in their audit areas, practical industry experience, and regular further training in order to keep up to date with the latest standards and industry developments. However, it is now also crucial that auditors are able to look beyond the boundaries of their industry. To put it more concretely, an auditor must also have an eye on current aspects of digitalization, sustainability, legislation, or modern societies in order to provide an appropriate and up-to-date assessment of the QM system

Two immediate examples are the European NIS2 directive for cyber security and the new ISO requirements on climate change.

Interdisciplinary audit teams 2.0

It will no longer always be possible to combine the necessary variety of skills and specialist perspectives in one person. This does not mean that long-standing all-rounders in a particular sector will no longer be in demand; on the contrary. However, in many cases, they will no longer act alone but will be the leader or part of an interdisciplinary team of auditors - even if it is "only" about ISO 9001. By combining industry-specific knowledge and cross-functional skills, interdisciplinary teams are the answer to the complex demands of modern audits and to better understand economic, regulatory, and social environments in addition to the narrower scope.

All of this leaves its mark when preparing a certification audit; new challenges arise. The complexity of the planning process is increasing, and the impact on audit costs is obvious. Much more important, however, is the question of how we, as a certification company, can expand the competencies and skills of our auditors beyond the traditional knowledge of regulations and the industry.

Expanding the focus of knowledge

Technical progress in recent years has significantly boosted knowledge transfer: Training has become more digital, and there are more online offerings with more flexible schedules and less travel required. Documentation can be optimized through chats and video recordings. These developments allow us to expand the range of topics covered in further education and training courses - a decisive advantage in times of increasing specialization.
For example, because we have become faster, we can now specifically promote in-depth training on cross-regulatory developments in legislation or standardization or excursions on topics such as the auditing of artificial intelligence. The continuous development of such knowledge offerings will continue to accompany us in the coming years - both for existing auditors and for onboarding new auditors.

Conclusion: ISO 9001 grows with us

Even if auditing a QMS has become challenging, it is the best chance of improving. The expertization of ISO 9001 expresses the complexity and uncertainties of our time - and at the same time, further development in many areas. The upcoming revision of ISO 9001 also shows that the QM standard has a strong raison d'être since it is constantly updated.

Note: The above article was first published on the German DGQ blog on October 4, 2024. It is published here with their kind permission.

DQS - pioneering the certification of management systems

DQS, the "Deutsche Gesellschaft zur Zertifizierung von Managementsystemen" was founded in 1985 by DGQ (Deutsche Gesellschaft für Qualität e.V.) and DIN (Deutsches Institut für Normung e.V.) as Germany's first management system certification body.

We are the only major certification body to focus on management systems and processes. We have played a pioneering role in this for many years. In 1986, DQS issued Germany's first certificate in accordance with ISO 9001, the world's most important standard for management systems.

In 1991, DQS was the first certification body in Germany to be accredited for ISO 9001/2/3 by the then TGA GmbH (today: Deutsche Akkreditierungsstelle GmbH, DAkkS). Today, our range of services covers around 200 international regulations and national standards. Our claim always begins where checklists end. Take us at our word!

Expertise and trust

Please note: Our articles and materials are written exclusively by our in-house experts for management systems and long-standing auditors. If you have any questions for our authors about the content, please contact us. We look forward to hearing from you.