Lessons in Tact and Fairness: When Auditors Cross the Line

There was a young female consultant, let’s call her Courage, who was supporting her client during a recent certification audit. Courage the Consultant has a fantastic relationship with her client, and they had put in a lot of, not only time but passion into the Integrated Management System they had built. The system was already certified, and this was a surveillance audit.

Their experience soon turned sour when Arrogant the Auditor arrived. Arrogant the Auditor had something to prove and stepped outside of his role as an external auditor and felt the need to consult as well, just to show how clever he was. He loved to share resources and documents of his own with the client, pointing out to Courage the Consultant and her Client that his were much better.

Arrogant the Auditor even thought it was necessary to bring up the system documents on the big screen in front of all in attendance and start giving some training and lessons by asking ‘Now, what do you see wrong with this document?’. It got to the point where the client actually said to Courage the Consultant that he had to leave the room as it was like watching her get into trouble from her dad. 

I was absolutely horrified when I had this story told to me. As an auditor we do not consult. We do not mix these 2 activities into one. Especially and even more so when you are an external auditor.  

 "Most people do not listen with the intent to understand; they listen with the intent to reply.”
 – Stephen Covey

ISO 17021 Conformity assessment does emphasize the importance of avoiding conflicts of interest. Auditors must not be consulting to the organization being audited, not in the recent past, nor in the near future.

The intent is to ensure auditors write nonconformities without the intention of gaining consulting business and to maintain an audit of independent mind​​. This stipulation is aimed at preserving the impartiality and integrity of the audit process. 

Putting Conflict of Interest aside, what about the Personal Behaviours that ISO 19011 Guidelines for auditing management systems refers to? I’ve just gone through and picked a few that relate to the behaviour of Arrogant the Auditor, and this is what I’ve found: 

Ethical – fair, truthful, sincere, honest and discreet.  

Open-minded – willing to consider alternative ideas or points of view 

Diplomatic – tactful in dealing with individuals 

How was the Auditor not meeting these personal behaviours? 

• Imposing his own materials and opinions and undermining the consultant’s work 

• Instead of objectively reviewing the system, he seemed more interested in showcasing his own resources and knowledge 

• Publicly critiquing the work of the consultant in a manner that embarrassed her and the client indicates a lack of discretion 

• An unwillingness to value others inputs 

• Showed a disregard for the feelings and efforts of others involved 

• His approach was more confrontational than cooperative 

The Auditor-Client-Consultant (ACC) Framework  

In light of the specific dynamics between auditors, consultants and clients, its essential to visualize the appropriate professional boundaries that uphold the integrity of the audit process. The ACC Framework illustrates the distinct roles and ethical interactions that should exist among these three parties, ensuring clarity and objectivity are maintained. 

The Auditor: 

• Role: The Auditor is responsible for the objective evaluation of the Client's systems and processes. 

• Interaction with Client: The Auditor provides audit findings to the Client, which are to be impartial and independent assessments of the Client's conformance with relevant standards. 

• Separation: The Auditor does not give advice or support to the Client that would constitute consulting.  

The Consultant: 

• Role: The Consultant offers expertise and support to the Client, aiding in the implementation, improvement, and maintenance of systems and processes. 

• Interaction with Client: There is a two-way interaction between the Consultant and the Client, indicating ongoing support and advice. This relationship is essential for the Client to effectively implement and maintain the systems that the Auditor will evaluate. 

The Client Section: 

• Role: The Client is at the centre of the framework, implementing and maintaining systems and processes within their organization. 

• Interaction with Consultant: The Client engages with the Consultant to receive advice and support in the areas highlighted by the audit findings or for general system improvement. 
• Interaction with Auditor: The Client receives audit findings from the Auditor, which are used to inform decisions about system improvements and compliance. 

Your Next Steps

1. Decide what type of Auditor you want to be.

2. Set yourself up for success by completing a recognized qualification.  

3. Work with an expert. 

Continue the Conversation with the LTS Podcast

This article is just the beginning. Join us for the extended discussion on the podcast, available on Spotify and YouTube.