Did the dog REALLY eat your homework…?

How we help our clients to STOP ticking boxes

How we help our clients to STOP ticking boxes

In case you’re interested… For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It’s a one stop shop for fast info to start accelerating...

read more
Stop Confusing Acceptance Criteria with Tolerance Limits

Stop Confusing Acceptance Criteria with Tolerance Limits

In case you're interested... For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It's a one stop shop for fast info to start...

read more
How we help our clients achieve Project Success

How we help our clients achieve Project Success

In case you’re interested… For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It’s a one stop shop for fast info to start accelerating...

read more
Construction Project Tenders – Getting Started

Construction Project Tenders – Getting Started

If you're an emerging Contractor looking to land your first tender award, this is the article you can't afford to miss! I've worked with Contractor's of all shapes and sizes, from the multi-billion international giants to the small sole traders. To even qualify for...

read more
Emergency Response Planning: 5 tips for success

Emergency Response Planning: 5 tips for success

Our sunburnt country is currently facing devastating impacts from heavy rain and flooding. Here at IMAS we hope everyone is safe and supported during this heartbreaking time. I myself, along with my neighbours have been trapped on our property for four days now, cut...

read more
What is risk based thinking?

What is risk based thinking?

Back in 2015 there was a game-changing shift for ISO 9001 (Quality Management Systems - Requirements). Everyone was used to the normal Plan-Do-Check-Act (PDCA) cycle. Everyone knew they had boxes to tick and processes to follow. And yet...there was still something...

read more
How to have a better auditor/auditee relationship

How to have a better auditor/auditee relationship

The auditor and auditee relationship is delicate. On one hand, you have a professional who puts their heart and soul into their work that is suddenly up for “examination”. On the other hand, you have a professional who is measuring evidence against requirements. It is...

read more
How we help our clients to STOP ticking boxes

How we help our clients to STOP ticking boxes

In case you’re interested… For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It’s a one stop shop for fast info to start accelerating...

read more
Stop Confusing Acceptance Criteria with Tolerance Limits

Stop Confusing Acceptance Criteria with Tolerance Limits

In case you're interested... For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It's a one stop shop for fast info to start...

read more
How we help our clients achieve Project Success

How we help our clients achieve Project Success

In case you’re interested… For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It’s a one stop shop for fast info to start accelerating...

read more
Construction Project Tenders – Getting Started

Construction Project Tenders – Getting Started

If you're an emerging Contractor looking to land your first tender award, this is the article you can't afford to miss! I've worked with Contractor's of all shapes and sizes, from the multi-billion international giants to the small sole traders. To even qualify for...

read more
What is an effective Assurance Programme?

What is an effective Assurance Programme?

The term "Assurance Programme" gets thrown about quite a bit. Sadly, this is the aspect of the management system that I consistently see ISO 9001 certified organisations struggling with. In this article we'll explore why we need an effective assurance programme and...

read more
Emergency Response Planning: 5 tips for success

Emergency Response Planning: 5 tips for success

Our sunburnt country is currently facing devastating impacts from heavy rain and flooding. Here at IMAS we hope everyone is safe and supported during this heartbreaking time. I myself, along with my neighbours have been trapped on our property for four days now, cut...

read more
What is risk based thinking?

What is risk based thinking?

Back in 2015 there was a game-changing shift for ISO 9001 (Quality Management Systems - Requirements). Everyone was used to the normal Plan-Do-Check-Act (PDCA) cycle. Everyone knew they had boxes to tick and processes to follow. And yet...there was still something...

read more
How to have a better auditor/auditee relationship

How to have a better auditor/auditee relationship

The auditor and auditee relationship is delicate. On one hand, you have a professional who puts their heart and soul into their work that is suddenly up for “examination”. On the other hand, you have a professional who is measuring evidence against requirements. It is...

read more
How we help our clients to STOP ticking boxes

How we help our clients to STOP ticking boxes

In case you’re interested… For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It’s a one stop shop for fast info to start accelerating...

read more
Stop Confusing Acceptance Criteria with Tolerance Limits

Stop Confusing Acceptance Criteria with Tolerance Limits

In case you're interested... For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It's a one stop shop for fast info to start...

read more
How we help our clients achieve Project Success

How we help our clients achieve Project Success

In case you’re interested… For more strategies on reducing project nonconformity and rework, saving money and time, improving your client relationship and winning more work, check out our free resource library. It’s a one stop shop for fast info to start accelerating...

read more
Construction Project Tenders – Getting Started

Construction Project Tenders – Getting Started

If you're an emerging Contractor looking to land your first tender award, this is the article you can't afford to miss! I've worked with Contractor's of all shapes and sizes, from the multi-billion international giants to the small sole traders. To even qualify for...

read more
Emergency Response Planning: 5 tips for success

Emergency Response Planning: 5 tips for success

Our sunburnt country is currently facing devastating impacts from heavy rain and flooding. Here at IMAS we hope everyone is safe and supported during this heartbreaking time. I myself, along with my neighbours have been trapped on our property for four days now, cut...

read more
What is risk based thinking?

What is risk based thinking?

Back in 2015 there was a game-changing shift for ISO 9001 (Quality Management Systems - Requirements). Everyone was used to the normal Plan-Do-Check-Act (PDCA) cycle. Everyone knew they had boxes to tick and processes to follow. And yet...there was still something...

read more
How to have a better auditor/auditee relationship

How to have a better auditor/auditee relationship

The auditor and auditee relationship is delicate. On one hand, you have a professional who puts their heart and soul into their work that is suddenly up for “examination”. On the other hand, you have a professional who is measuring evidence against requirements. It is...

read more
What is risk based thinking?

What is risk based thinking?

Back in 2015 there was a game-changing shift for ISO 9001 (Quality Management Systems - Requirements). Everyone was used to the normal Plan-Do-Check-Act (PDCA) cycle. Everyone knew they had boxes to tick and processes to follow. And yet...there was still something...

read more
How to have a better auditor/auditee relationship

How to have a better auditor/auditee relationship

The auditor and auditee relationship is delicate. On one hand, you have a professional who puts their heart and soul into their work that is suddenly up for “examination”. On the other hand, you have a professional who is measuring evidence against requirements. It is...

read more

I want to start a very candid conversation about objective evidence, what is it really, why do we have it, and why is it so important? This topic is for both members of an organisation and also for auditors.

1: What is Objective Evidence?

There’s a plethora of articles and information online about this in detail. A really great article to check out is available from “The Auditor Online”. You can check out their article Objective Evidence: An Auditor’s Secret Weapon here.

The message I want to get across today however is that objective evidence is something tangible, based on facts (not your opinion, not your interpretation, not should haves and not would haves…) cold, hard facts that can be produced to prove or otherwise demonstrate a certain thing, event, activity or outcome either occurred, conformed or complied with a requirement.

2: Why is Objective Evidence important?

Let me walk you through a simple scenario…then tell me how important you feel objective evidence would have been.

Imagine you’re driving home from work. The road is quiet, there’s not a single car in sight. The speed limit is 80 km per hour and your speedo says you’re doing 78. A police vehicle passes you travelling in the opposite direction. They quickly turn around and you see the red and blue lights. You pull your car over. The officer approaches your window and asks if you know why you’ve been pulled over. 

Not a clue you think to yourself. The car is registered. There’s no outstanding fines. Your license is up to date. You KNOW you weren’t speeding…The officer proceeds to tell you they believe you to be speeding at approximately 90 km per hour….uh….what? They believe  you to be speeding? You ask as politely as possible how they came to such a conclusion. The officer quickly chips in “I see cars all the time, I know what 80 looks like and you were not doing 80”. You’re pretty sure they didn’t use a radar to confirm that. Meanwhile, you’re issued with a fine and demerit points. 

Off you go to court to challenge the penalty. The problem is…because of a lack of objective evidence, the officer is unable to prove you were speeding…but you’re also unable to prove you were not speeding

What a mess!

We need objective evidence to:

  • Make informed decisions
  • Verify the existence of a thing
  • Verify an activity at a point in time took place effectively
  • Check the system works
  • Enable effective investigations
  • Demonstrate conformity; and,
  • Yes…to cover your backside

3: Not all Objective Evidence is created equally

When I’m coaching clients on establishing a truly integrated business management system, this topic comes up a lot. If you go through all the ISO standards, the common phrase used is “retain documented information as evidence of xyz”. After a while…it gets tempting to slap the same cumbersome process of indexing and filing EVERYTHING. Every text message, every email, every photo, every note passed in a meeting. This can result in wasted resources and information getting lost. In case you missed it, we recently touched on a similar concept in our previous publication “You’re probably overthinking it”.

Objective evidence is very important…but one set of documented information may not be as important as another set. I teach my clients to apply a risk matrix to the objective evidence asking yourself two questions:

Question 1: How likely is it, that this information could be lost, destroyed, hacked, misplaced, deleted or otherwise rendered inaccessible?

Question 2: If this does happen…how might this affect me and my organisation? (This can range from little or no effect right up to imprisonment).

The classification of documented information turns up in detail in ISO 27001:2015, specifically the Annex A (reference control objectives and controls) item A.8.2: Information Classification. The objective of the control required under the Annex is “to ensure that information receives an appropriate level of protection in accordance with its importance to the organisation”.

The Annex then requires three controls for Classification, Labelling and Handling of Information (assets). What it does require specifically is a control to ensure that information is appropriately classified as determined by legal requirements, value, criticality and sensitivity. It is for this reason that I coach the adoption of a risk matrix. This will very clearly determine if documented information that might be produced as objective evidence carries High, Medium or Low risk. You know exactly where to spend time, energy and other resources on effective management specifically on what information.

> Does it matter if you can’t find 1 out of 100 emails sent asking a customer if they’re happy with your service? Probably not.

> Does it matter if you can’t find the only copy of a document that proves a structure was verified as safe before you permitted the public to access it? Yes. It matters very much.

4: How badly could not having Objective Evidence actually affect me?

Well that depends on the objective evidence requested, it’s purpose and the reason for the request. If you’re sitting for an ISO 9001 certification audit and you can’t prove you obtained customer feedback, well you’re probably getting a nonconformity. If you’re sitting a courtroom trying to prove you weren’t negligent in providing a safe workplace…well…that’s a different story.

Whether I’m coaching business managers or auditors, I use the “my dog ate my homework” analogy. Most of us tried this or something similar in school. What we’re really saying is “I didn’t do it…I knew I needed to do it…but I didn’t…and now I want to shift blame to minimise the impact on me”. That didn’t cut it back in school, and it’s not going to work now.

Imagine that worst case scenario…standing before a Coroner trying to prove you and your organisation did a certain thing, checked something, verified something and are not contributing factors in a preventable death, and you can’t. Not a nice place to be.

And auditors….don’t for a second assume you’re immune to being hauled before a coroner (internal or external auditors). Your reports can and will be used as evidence in a court room. If you assessed something as conforming you had better be able to trace your finding back to the objective evidence you used to make that determination.

The bottom line:

If you can’t prove it with objective evidence….then it never happened or it doesn’t exist.

If you need help making sense of your documented information and objective evidence requirements, contact us to find out how we can help you.

Karice Grundon PCQI, 18 March 2021

Karice Grundon PCQI is an experienced Certified Lead Auditor and Management System designer across several ISO standards, a mentor for emerging auditors in the profession and the Director and Principal Consultant of Integrated Management & Assurance Solutions Pty Ltd. If you would like to learn more about Karice or get in contact, you can do so through LinkedIn or directly through our company website . Don’t forget to subscribe to follow Karice for future content.

Comments

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Envelope

We are just one Email away from working together!

+61 467 831 326