A third party audit is an audit conducted by an external independent body, usually for certification purposes. A first party audit is an audit conducted by an organisation on its own management system for its own purposes. Sometimes an organisation contracts out its internal audits, but they are still 1st party audits as the reports are purely for internal consumption and done at the sole behest of the company itself. Internal audits can’t be independent or impartial as everyone is batting for the same team.
Now. I’ve been thinking. Isn’t that more or less how 3rd party certification audits are positioned and dressed up these days? In fact, they even refer to the certified entity as “the client” (the person requesting the audit). They seem happy to flaunt the consultancy they often perform in tandem with the assessment, so certification bodies are hardly independent any more, and then there’s this …
- “It’s not about the badge”
- “It’s all about improvement”
- “The value adding, partnership approach”
Hang on a minute …. THESE ARE INTERNAL AUDITS!!!!
Am I going mad???