Auditing Customer Satisfaction

It is important for organizations to satisfy their customers. Satisfied customers tend to spend more and refer other customers. Dissatisfaction customers spend less and tend to dissuade other potential customers. Customer satisfaction impacts organizational profitability as well. Dissatisfied customers tend to require more resources than satisfied customers, and more resources are required for the organization to find new customers.

 QS-9000 states: "The supplier shall have a documented process for determining customer satisfaction,…" [4.1.6]. ISO 9001:2000 states: "…the organization shall monitor information relating to customer perception as to whether the organization has met customer requirements." [8.2.1]. Customer satisfaction is also discussed, or eluded to in ISO 9001:2000 in clauses:

• 5.2
• 6.1
• 7.2.3,
• 8.4
• 8.5.2

There are many ways to meet these requirements and many organizations use more than one method. As internal auditors it is important for us to look at the entire program to determine if there is a process, and how effective it is. In order to accomplish this, we need to look at two important factors. 

• What information is being collected
• What is being done with the information

What information is being collected

Let's examine each of these to determine what internal auditors need to look at and for:

It is important for the internal auditor to understand that no standard requires any particular type of customer satisfaction assessment tool or method. The most common is the survey, but surveys are not required. ISO 9004:2000 gives some ideas of sources of information:

• Customer complaints
• Communicating directly with customers
• Questionnaires and surveys
• Subcontracted collection and analysis of data
• Focus groups
• Reports from consumer organizations
• Reports in various media
• Sector and industry studies

Determining what form the information will be in is one of the many decisions of an organization. As internal auditors, we should not get too distracted by looking at the correctness of the decision. Our function is to ensure that a decision was made (and followed). If an internal auditor thinks that a certain form of information gathering would be more appropriate or useful, we can make that known, but internal auditors must refrain from attempting to second-guess management.

How to audit

So what should internal auditors look for? The first step is to determine who the auditee should be. In many organizations the Sales function will be responsible for customer satisfaction. In others, it may be top management or customer satisfaction may even have its own department. Look at the quality manual. Somewhere (usually in the Responsibilities and Authorities or even in the section that deals with customer satisfaction) there should be outlined who has responsibility for customer satisfaction.

Once you determine who to audit, then look at the satisfaction plan (if possible). The plan may or may not be in writing, based on the QMS. Determine what questions to ask from the plan. If the plan is not in writing, then you will end up determining the questions during the actual audit. 

The evidence you are looking for will center on what the plan requires. Is the organization doing what they say? Are there any records that indicate customer satisfaction information is being collected? Where does this information go?

What is being done with the information

Customer satisfaction data needs to be analyzed and acted on. Important issues here are: Who is doing the analyzing, what data are they considering and what action is being taken in regard to the data. How the data is analyzed and who does the analysis, is of course up to the organization. The results of the analysis are also not the concern of the internal auditor. 

Customer satisfaction data does not have to be analyzed by itself. It may be part of a more complex overall analysis of other business metrics. There are plusses and minuses either way. It all depends on the organization and its needs and resources available.

How to audit

When auditing customer satisfaction, the internal auditor must remember two things: First, There is a significant difference between the requirements of the standard and 'best practices'. The standard only requires that customer satisfaction be considered, and acted on (5.2, 5.6.2 b, 8.2.1, 8.4.a). It does not require any specific action. It does not even specifically require action (review output, 5.6.3 does not mention customer satisfaction.

 The second thing to remember is to look for evidence that the customer satisfaction data is, in fact, being analyzed. Evidence of this would be reflected in things such as; notes, customer survey forms, management review records. If your organization has a customer satisfaction department, there should be plenty of evidence If you don't, you might get your answers through asking pointed question to those responsible for the analysis.

Summary:

Auditing customer satisfaction can be a tough task for internal auditors. The key is to keep focused on the evidence, not on the customer satisfaction data itself. Worry less about the appropriateness of the data and more on whether the organization is following the plan. Remember it is an audit of the QMS not individuals!

As always...Good Auditing!

How do you show your support of your QMS? Where can you find little tokens of appreciation for all the work folks do to obtain and maintain registration? Visit SearchManufacturing.com's ISO resources page for links to banners, flags, etc. You can find them at:

http://www.searchmanufacturing.com/Manufacturing/Quality/iso.htm

Q – If we have a combined Quality Management System and an Environmental Management System, should the Management Representatives be the same person, or different?

A –Just because you have a merged system, there is no requirement to have a single management rep. I think the key factor would be the type of business. For an organization with complex or a large number of significant aspects, then having a management rep just for the EMS makes sense. With an integrated system, there needs to be good communication and coordination between the management reps when you have two (or more).

top of page

www.mmtc.org

ISO 9001:2000 Clause 4.2.2 Quality manual

"The organization shall establish and maintain a quality manual that includes

a) the scope of the quality management system, including details of and justification for any exclusions"

Back in the good ol' days, we could use just about any excuse to register to 9002 instead of 9001. Even if we really did no design work, we would just state "not design responsible" and that was sufficient. We have heard that registration bodies are now looking closely at this clause. Before you try to justify excluding 7.3, ask yourself the following questions:

1. Have you done design in the past?
2. Do you participate in any of the design activities referenced in 7.3?

If you answered 'yes' to either question, then you will probably not be able to exclude design from your QMS. Of course, if you can still legitimately justify exclusion, you will probably be able to do so.

top of page

November 2001's question:

 As part of the audit, you are auditing the second shift. You are following a control plan through the machining department. You notice a team leader has a folder marked "Procedures" at his workstation. The procedure is obsolete. When questioned about the procedure, the team leader responds that he knows the procedure is obsolete. He is the only one that uses it, and he only uses it to keep performance notes on the back of the pages. These notes are important in the performance evaluation of his team, and will be discarded after the next round of performance evaluations.

The answer: 

The requirement is that obsolete documents are guarded so that they will not be used. The procedure is being used as scrap paper in a manner that does not violate any part of document control…except…What is the possibility someone else could pick up the procedure and use it? If the procedure was clearly marked "obsolete" or "do not use" or some other designation, then there would not have been a problem. As it was, there was no safeguards to preclude the use of the obsolete document.

 top of page

Changes, changes, changes. It never seems to end. Just when we get used to one set of rules, the rules seem to change again. The Registrar Accreditation Board (RAB) has announced several changes due to the direction from the International Accreditation Forum (IAF). I am not attacking either organization, or the changes in Guide 62 (Guide 66 for EMS). The two major recent changes are design responsibility and "rolling reassessments". Both are discussed briefly in this newsletter.

The point I am trying to make is that internal auditors must be made aware of changes that can impact the QMS. These changes need to be brought to the attention of top management, so they can be integrated into the business operating system (5.6.2 f). Internal auditors need to be aware of the changes, because it might impact how and what they audit. 

If you are a Management Rep., it is important you contact your registrar to see if the changes affect you. You also need to communicate this information up, down and across the organization (5.5.3)

Dave

...Good auditing!

Copyright notice: internal-auditor.com is fully protected under US and International copyright laws. Copying, or re-transmitting all, or any part of internal-auditor.com is expressly forbidden without prior written consent from Ruth Ellen Carey Communications.
internal-auditor.com is a publication of Ruth Ellen Carey Communications. 

Because this site uses information from many different sources, it must be pointed out that any advice, tips, information, etc., provided should be regarded as opinion and not fact! What works well for one company may be a disaster for another. Also, what one registrar, or auditor may allow, another may not. As always, reflect on what you read, see if it fits into your own quality system, and if it conflicts with your auditor...you've got to make a decision