Featured Product
This Week in Quality Digest Live
Quality Insider Features
Eric Whitley
Seven tips for efficient maintenance
Rick Gould
As climate change reveals the vulnerabilities of infrastructure, ISO is providing the tools to assess risk and adapt to it
Alonso Diaz
The need for transparency in a changing regulatory landscape
Zhanna Lyubykh
Consequences and costs of abusive supervision
Dario Lirio
Modernization is critical to enhance patient experience and boost clinical trial productivity

More Features

Quality Insider News
Industrial Scan&Sand solution wins RBR50 Innovation Award
Reduces the time it takes to complete an XRF measurement
Hexagon’s calibration service meets advanced manufacturing needs in Canada
Attendees will learn how three top manufacturing companies use quality data to predict and prevent problems, improve efficiency, and reduce costs
Unique global product configuration event fosters an atmosphere of learning, not selling
Project annotations, images, videos, and more in a stereo microscope’s field of view
More than 40% of directors surveyed cite the ability of companies to execute as one of the biggest threats to improving ESG performance
How to quickly prototype 4x machine vision applications on one small embedded system

More News

Mike Micklewright

Quality Insider

Treating Your Registrar as a Supplier

What to pay for and how to get it

Published: Monday, February 27, 2006 - 23:00

Why don’t registrar auditors audit clause 7.4 Purchasing of ISO 9001 when it comes to purchasing their services? After all, they’re providing a service that affects the quality of your operations, processes, and eventually, products.ISO 9001 states that your company “Shall evaluate and select suppliers based on their ability to meet your requirements.” Do you ever state your requirements to your registrar? Probably not, because it’s their contract that you sign. And even if your company issues a contract to the registrar in the form of a purchasing order, it’s unlikely that you add any of your requirements. The registrar normally has complete control of the contractual relationship, and you have no way out until the contract is up. Have you ever thought about what you and your company really want from an audit? Do you just go through the motions?

What if you wanted to try out a registrar’s services for only the initial audit? A company may evaluate sample parts from a potential supplier as part of the initial selection process. Why does your company have to be locked in to a three-year contract? What if you don’t like your supplier’s performance? How can you get out of a contract that doesn’t even state your specific needs?

During the selection process of a registrar, your company should define criteria for acceptable audit performance before you bring them on board and before you sign a long-term contract. I’ve never heard of this being done, yet I can’t imagine that a registrar would turn the work down.

How to evaluate a registrar’s performance
Clause 7.4 also states that “the selection, evaluation, and re-evaluation criteria shall be established,” I challenge you to evaluate your registrar’s performance based on defined criteria. Some of the criteria that you might consider include:

Registrar—home office:

  • On-time shipment of certificate
  • Lead time to receive the certificate
  • Expediency in answering questions
  • Contract clarity
  • Document control


  • Legibility of audit records
  • Value-added audit
  • Percentage of time spent auditing (rather than discussing personal stories)
  • Quality of nonconformities recorded (clear reference to requirement not met and clear identification of non-conforming evidence)
  • Easily understandable
  • Percentage of nonconformities issued/ nonconformities stated (100 percent = best)
  • Number of times the auditor provided advice (0 = best)
  • And/or, from clause 7.2 Personal Attributes of ISO 19011
    • Open-minded
    • Perceptive
    • Versatile
    • Tenacious
    • Decisive

Of course, a rating scale would need to be developed for each criterion your company chooses (from the above list or elsewhere), as well as criteria for acceptability and the consequences of a contractor’s failure to meet your requirements.

If the registrar is sub-par, I challenge you to issue a corrective action report (CAR) to them. If they don’t respond to your CAR “without undue delay,” Issue another CAR.

I’ve only seen one company evaluate its registrar’s performance on an ongoing basis. They also evaluate my performance as their internal auditing provider.

Issue a purchase order to your registrar

Clause 7.4 of ISO 9001 also states that “purchasing information shall describe the product to be purchased, including … requirements for approval of product, procedures, processes.”

I challenge you to issue a purchase order to your registrar that states, “Registrar to conduct ISO 9001 certification audit, pass us, and issue no nonconformities.” Then at the closing meeting, when the auditor recommends you for certification and issues three minor nonconformities, you reveal the purchase order the auditor never read and say “Thanks for the freebie!” I say this as a joke, yet, I say it to make a point.

The point I’m trying to make is more of a question: “What does top management really want from an audit and how would you state your requirements in a purchase order?” The requirements should be reflective of and consistent with the criteria that you choose to evaluate your registrar. Following are a few examples:

  • Does top management want a value-added audit in which the auditor issues many preventive actions originating from the identification of nonvalue-added processes, steps, activities, documents, that could or do lead to excessive waste and nonconformances? Then let your registrar know.
  • Do you want the auditor to focus on suspect processes? Then let your registrar know.
  • Do you want a tough and tenacious auditor? Then let your registrar know.
  • Do you want your certificate in one week instead of 4 or six weeks? Let your registrar know.
  • Do you want all nonconformities recorded as CARs? Let your registrar know.
  • Do you want the CARs to better cite evidence and do you want the auditor to record the nonconformities on your internal CARs? Let your registrar know.

Your company is paying for a service. Unless your top management only wants a certificate and is accustomed to wasting money, you should be stating your requirements in the spirits of ISO 9001 and ISO 9004 in order to improve the effectiveness of this process.

When registrars don’t meet the contractual requirements
I recently participated in a two-day Stage 1 assessment as an observer for my client. The lead auditor didn’t realize until just before the end of the two-day period that it was a Stage 1 assessment. He’d thought he was doing a Stage 1 pre-assessment audit, even though we had shown him the signed contract. My client and I were very disappointed in the auditor’s performance throughout the entire two-day audit. We complained to headquarters, had a lengthy teleconference and they rectified the situation in the short-run.

However, I was concerned with what they were doing to identify and eliminate the root cause so that this type of problem wouldn’t happen in the future. I prepared a CAR thinking that my client would forward this on to the registrar. My client’s managers still haven’t done so and they probably won’t. They’re a little gun-shy, because they feel they’d be shooting themselves in the foot by issuing a CAR to a company that issues CARs for a living. They should not feel this way.

Voice of the customer
What’s the voice of the customer? What are you asking for? Are the registrars providing you with what you want? Too often, the customer’s voice, either directly stated or implied, is that they only want the certificate because their customers are demanding it. This is exactly what registrars provide—a certificate, often even when a company hasn’t earned it. Such registrars are simply meeting the requirements of their customers.

So who’s at fault? Is it the registrar’s fault? It’s the clients’ fault for not expressing their voice and their requirements properly. Owners and top management are responsible for developing the systems, philosophies, and policies within the company. If these aren’t developed adequately, owners and top management are to blame.

If you just wanted a certificate from your auditor, you paid an awful lot for a piece of paper.

If you believe in the spirit of ISO 9001 and ISO 9004, and if you built an ever-improving Quality System, you would then demand tough audits, both internally and from your Registrar.

Who is the real customer?
The real customer is ISO 9001, and if it were real, it’d be crying because so many companies don’t fulfill the requirements, yet they bear its name.

The registration system is at fault, and no one is fixing it. Yet, every five years, the standard is subject to an overhaul. How about an overhaul of the registration system? When are we going to improve its effectiveness continually?

One way for your company to start is to demand more from your registrar.


About The Author

Mike Micklewright’s picture

Mike Micklewright

Mike Micklewright has been teaching and facilitating quality and lean principles worldwide for more than 25 years. He specializes in creating lean and continuous improvement cultures, and has implemented continuous improvement systems and facilitated kaizen/Six Sigma events in hundreds of organizations in the aerospace, automotive, entertainment, manufacturing, food, healthcare, and warehousing industries. Micklewright is the U.S. director and senior consultant for Kaizen Institute. He has an engineering degree from the University of Illinois, and he is ASQ-certified as a Six Sigma Black Belt, quality auditor, quality engineer, manager of quality/operational excellence, and supply chain analyst.

Micklewright hosts a video training series by Kaizen Institute on integrating lean and quality management systems in order to reduce waste.