Académique Documents
Professionnel Documents
Culture Documents
Article information:
Access to this document was granted through an Emerald subscription provided by 273599 []
For Authors
If you would like to write for this, or any other Emerald publication, then please use our Emerald for Authors service
information about how to choose which publication to write for and submission guidelines are available for all. Please
visit www.emeraldinsight.com/authors for more information.
The current issue and full text archive of this journal is available at
www.emeraldinsight.com/0951-3574.htm
auditing and
ISO auditing and the construction ISO
the construction
of trust
of trust in auditor independence
Dogui Kouakou and Olivier Boiral
Department of Management, Universite Laval, Quebec City, Canada, and
1279
Yves Gendron
Abstract
Purpose This paper aims to examine, through a qualitative study, how auditor independence is
socially constructed within the network of individuals involved in the realization of ISO 14001 audit
engagements ISO auditors, consultants, and managers of certified companies. The paper analysis
focuses on the sense-making strategies used by actors within the network to develop and sustain trust
(or doubt) in professional independence.
Design/methodology/approach This study is predicated on a theoretical perspective centered on
sense-making processes and the construction of inter-subjective meanings around claims to expertise.
Interviews were conducted with 36 Canadian practitioners including ISO auditors, managers of
certification bodies, accreditation inspectors, consultants, and corporate environmental managers to
better understand how confidence into auditor independence is constituted in the flow of daily life
within the small group of people involved in the surroundings of ISO 14001 audit engagements.
Findings Practitioners use a range of sense-making strategies to construct and maintain the belief
that IS0 14001 audits meet the professional requirements of auditor independence. As such, the
constitution of confidence involves stereotyping, distancing, storytelling and procedural mechanisms
that are collectively mobilized in the production of a culture of comfort surrounding the concept of
auditor independence.
Originality/value Through interviews with a range of actors involved in the achievement of ISO
14001 audits, the study provides insight into the production of meaning related to one of the chief
claims surrounding auditing expertise, that of professional independence. This paper also points to a
lack of self-criticism in the ISO auditing community since practitioners seem disinclined to adopt a
reflective attitude of professional skepticism towards the claim of auditor independence.
Keywords ISO 14001, Auditor independence, Construction of meaning, Environmental auditing,
Sense-making strategies
Paper type Research paper
1. Introduction
Since being introduced in 1996, the ISO 14001 standard on environmental management
systems (EMS) has spread rapidly, being adopted by over 223,000 organizations
throughout the world by 2009 (ISO, 2009). Based on traditional management principles
(Plan-Do-Check-Act), the ISO 14001 system is intended both to promote environmental
practices within certified companies and improve the companies corporate image
through the adoption of an internationally recognized standard. The concretization of
these claims relies significantly on the standards certification process. Certification
The authors thank the auditors and other practitioners who participated in the interviews
conducted as part of this study. The authors benefited from the comments made by the two
reviewers. The authors also gratefully acknowledge the financial support of the Social Sciences
and Humanities Research Council of Canada.
Accounting, Auditing
& Accountability Journal
Vol. 26 No. 8, 2013
pp. 1279-1305
q Emerald Group Publishing Limited
0951-3574
DOI 10.1108/AAAJ-03-2013-1264
AAAJ
26,8
1280
AAAJ
26,8
1282
course of their daily tasks and act on the outcomes of those reflections sometimes
innovatively, sometimes not represents a fundamental aspect of social life (Giddens,
1990). Reflective acts of sense-making are at the core of individual agency and human
relations. To make our point clearer: broader discourses and structures do not
deterministically impact the behavior of individuals; they are necessarily interpreted
and translated along the way in the minds of actors. It is through these interpretations
and translations that an inter-subjective sense of reality may emerge within a
community. Therefore, studies on sense-making matter, allowing us to better
understand how meanings and realities are constructed within practice communities
(Berger and Luckmann, 1966).
The paper is structured as follows. It begins by providing a background analysis of
the literature on the notion of independence and ISO 14001 certification and develops
the theoretical perspective adopted to conduct the investigation. Next, the paper
describes the way the investigation was conducted, highlighting how interviewees
were selected and the data collected and analyzed. The empirical section examines how
confidence in professional independence develops in the field through a range of
sense-making strategies. The conclusion reflects on some of the key implications of the
study, not least in relation to the audit explosion thesis (Power, 2003b).
2. Setting the stage
2.1 The fragility of auditor independence
Independence is one of the central claims upon which the legitimacy of auditing
technologies is predicated (Sikka and Willmott, 1995). Yet auditor independence does
not have a single, fixed and universally recognized meaning. On the contrary, the field
is characterized by rivalry between competing meanings of independence (Sikka et al.,
1998). In spite of continuous meaning contests, some thresholds that auditors should
not cross, if they want to be able to sustain the claim of independence, are widely
recognized in auditing literature. These thresholds emphasize that an auditor cannot be
considered independent when s/he is an advocate for the auditee, participates in
management decisions or audits systems that s/he has previously strongly supported
and advocated (Gendron et al., 2001). In addition, a few broader definitions of auditor
independence are commonly accepted in the literature. In the financial auditing
context, independence is generally characterized by an absence of external pressures or
personal relations that may compromise the objectivity and integrity of auditors
(Mautz and Sharaf, 1964; Independence Standards Board, 2000). Although the concept
of independence is not defined in ISO 14001, the ISO 17021 standard, which specifies
general requirements for ISO certification bodies, relates independence to the concept
of impartiality. According to ISO 17021, impartiality is viewed as the actual and
perceived presence of objectivity and supposes freedom of conflict of interests,
freedom from bias, lack of prejudice, neutrality, fairness, open-mindedness,
even-handedness, detachment, balance (ISO, 2002, p. 2). In a study on juridical
dilemmas in environmental audits, Lang (1999, p. 112) proposed a general definition of
auditor independence: the objective and unobstructed inquiry by an independent
environmental auditing function to avoid potential conflicts of interest and the marring
of objectivity by personal relationships.
In sum, the notion of auditor independence presupposes a degree of personal and
professional distance between auditor and auditee. However, a number of studies have
questioned the extent to which auditors, especially financial auditors, abide by their
professions independence policies. Interview evidence suggests that financial auditors
abilities to withstand client pressures are eroding, increasingly endorsing the role of
business advisors rather than that of guardians of the public interest (Humphrey and
Moizer, 1990). Concerns have also been expressed at the extent of non-audit services
that large audit firms provide to auditees (Suddaby et al., 2007). In addition, the rising
presence of non-auditors in accounting firms has been questioned, given that these
individuals do not tend to share the sense of ethics traditionally associated with the
audit function (Wyatt, 2004).
In particular, recent studies have pointed to a growing commercial culture within
accounting firms that threatens auditor independence (Suddaby et al., 2007, 2009). For
instance, the breakdown of Arthur Andersen is often viewed as the outcome of
conflicts of interest caused by the dual role of auditor and consultant performed
simultaneously (Cooper, 2005). While the collapses of Enron, WorldCom and others
have resulted in the introduction of seemingly stricter regulatory standards (in
particular those relating to the separation of consultancy and auditing roles), the
independence of financial auditors has continued to be a target of criticisms in recent
years (Gendron and Spira, 2010; Kornberger et al., 2011).
Financial auditor independence, therefore, appears as a fragile notion, with a
number of studies questioning its legitimacy. Whereas the above concerns are raised in
the context of the financial auditing literature, they nonetheless arguably apply, to a
large extent, to other areas, including ISO auditing and environmental audits in general
(Boiral and Gendron, 2011). Accordingly, the practice of environmental auditing has
been largely inspired by the domain and experiences in financial auditing (Boiral and
Gendron, 2011; Etzion and Ferraro, 2010; Green and Li, 2012; Power, 1997a). In their
comparative analysis of financial and ISO auditing, Boiral and Gendron (2011)
highlight several similarities between the two areas, not least in terms of social
expectations regarding rigor and independence, decoupling between formal policies
and concrete practices, structural deficiencies (conflicts of interest, superficiality, etc.),
the ascendancy of commercialism, etc. Whatever the specificities of ISO 14001
auditing, the certification process is based on similar institutional arrangements
arising from the audit society (Power, 1997b, 2003b) and its obsession with control,
rationality and social legitimacy[1]. As a result, auditor independence and the
prevention of conflicts of interest constitute significant professional referents in
financial and ISO 14001 audits alike (Boiral and Gendron, 2011).
2.2 ISO 14001: the quest for social legitimacy and the role of auditor independence
The ISO 14001 requirements are based on the implementation of a management system
that aims to improve environmental performance through control over those activities
and practices viewed as being at the source of the main environmental impacts (Boiral,
2007; Delmas, 2001; Jiang and Bansal, 2003). This system is very similar to the ISO
9001 standard on quality management and founded on classic management principles:
.
Management commitment and environmental policy.
.
Objectives, targets and programs.
.
Structure and responsibility.
.
Implementation and operational control.
AAAJ
26,8
1284
.
.
The principle of we say what we do, we do what we say, which is at the heart of the
ISO management system, is assumed to reinforce the rigor of environmental
procedures and facilitate certification audits (Boiral, 2007). The certification process is
based, to a large extent, on the verification of the ISO documentation as prepared by
the company. This documentation is supposed to reflect the companys internal
systems and actual practices. Although organizations can establish, for internal
purposes, management systems in line with ISO 14001 principles without seeking
certification, the latter aims to provide a key signal about effective implementation.
Certification bodies or registrars are accredited by national standardization
agencies, such as the Standards Council of Canada (SCC), which also establish policies
to ensure that the specific auditors in charge of certification processes meet
qualification and experience criteria[2]. National standardization agencies verify,
through onsite inspections, the extent to which certification bodies and auditors
comply with independence and competence criteria. Nevertheless, the rigor of these
inspections can vary from one agency to another and the professional norms of ISO
auditors are far from being as developed as those of financial auditors (Boiral and
Gendron, 2011; Deegan et al., 2006). In particular, the training and deontological
requirements of ISO auditors are not necessarily well-formalized and monitored. The
voluntary and non-regulatory nature of ISO certification may have played a role in the
elaboration of what can be viewed as less demanding norms of professional practice.
The independence of ISO auditors is governed by relatively broad standards, which
rely on terminology quite comparable to that in the domain of financial auditing.
Article 3.1 of the ISO 19011 standard on the practice of quality system audits and
environmental audits stipulates that auditor independence is at the heart of audit
practice, defined as a systematic, independent and documented process for obtaining
audit evidence and evaluating it objectively to determine the extent to which audit
criteria are fulfilled (ISO, 2002, p. 1). ISO 17021, which specifies general requirements
for ISO certification bodies, stresses impartiality in fact and appearance:
Being impartial, and being perceived to be impartial, is necessary for a certification body to
deliver certification that provides confidence. [. . .] To obtain and maintain confidence, it is
essential that a certification bodys decisions be based on objective evidence of conformity (or
non-conformity) obtained by the certification body, and that its decisions are not influenced
by other interests or by other parties (ISO, 2006, p. 3).
2002; Jiang and Bansal, 2003). Organizations may also adopt the standard to take
advantage of business opportunities ( Jiang and Bansal, 2003). Further, ISO 14001
certification is based on a rationale of self-regulation that enables firms to provide
governments with tangible evidence of their voluntary commitment to the
environment (Christmann and Taylor, 2006; Murphy and Yates, 2009), in the hope of
preventing further government regulation in the area. Organizations may also use ISO
14001 to provide financial markets with evidence of their commitment to the
environment (KPMG, 2008); this might be particularly useful given the emergence of
ethical and environmental investment funds (Aras and Crowther, 2009).
However, irrespective of the reasons for adopting ISO 14001, certification is
designed to improve the credibility of the management system implemented by the
organization. The literature suggests that in the eyes of stakeholders, certification
helps to increase the visibility of environmental commitments and practices, which are
otherwise likely to remain relatively opaque (Jiang and Bansal, 2003). Self-disclosures
are not particularly persuasive in a world where people and organizations are assumed
to be driven primarily by self-interest hence the relevance of ISO auditing.
Not unlike financial audits, ISO 14001 audits are thus designed to foster and
increase stakeholder trust and confidence. In contemporary society, the production of
trust through third-party auditing extends to a wide range of areas, including
environmental management (Power, 1997a). Regardless of the activity area, the
assumption is that auditors operate as independent referees or judges whose work
promotes good organizational governance and reinforces the social legitimacy of
auditees. Literature indicates that the production of trust through auditing procedures
is proportional to social perceptions of auditor impartiality and integrity as well as the
absence of conflicts of interest (Boiral and Gendron, 2011; Hudaib and Haniffa, 2009;
Mahony, 1995; Sikka and Willmott, 1995).
2.3 Independence concerns in ISO audits
Although the analogy with financial auditing may be useful for appreciating a series of
significant independence concerns in the domain of environmental auditing, it is
important not to overlook several key features of ISO 14001 audits, i.e. the audit being
focused on EMS rather than financial data, the voluntary nature of ISO standards, the
specific type of auditor training, etc. Most studies examining ISO auditing have sought
primarily to describe the general steps involved in such engagements and their
importance for organizations (Beckmerhagen et al., 2004; Zutshi and Sohal, 2003).
A small number of studies have described the role of ISO auditors and consultants,
focusing on the nature of auditing and consultancy services and the procedures to assess
quality of services (Ammenberg et al., 2001; Casadesus et al., 2002). Although very few
studies exist on the independence of ISO 14001 auditors, some articles cast doubt on the
reliability of ISO audits in general, thereby indirectly questioning the extent to which
auditors abide strictly by their communitys norms of competencies and independence
(Boiral, 2003, 2007; Christmann and Taylor, 2006; Jiang and Bansal, 2003; Walgenbach,
2001). By and large, these criticisms are in line with Powers (1997b) audit society
thesis, which posits that contemporary society has developed an obsession with control
through what oftentimes amounts to shallow rituals of verification.
Some studies have emphasized the relatively superficial and ceremonial nature of
ISO auditing (Boiral, 2003, 2007; Walgenbach, 2001), concluding that it does not allow
AAAJ
26,8
1286
AAAJ
26,8
1288
AAAJ
26,8
1290
Participants were selected from three main data sources: the databases of the Canadian
associations of accredited auditors (ISO 14001 auditors and certification bodies), the
internet (ISO 14001 consultants and certified organizations), and recommendations or
referrals by interviewees. Most referrals agreed to take part in the study, whereas
roughly one half of the people contacted without referral (in particular ISO 14001
auditors) declined, invoking reasons of unavailability. All participants had to have a
minimum of two years of professional experience in ISO 14001 certification or that of
environmental management.
The total number of interviews was determined by two factors. First, it became
apparent, after roughly twenty interviews, that very little new information was being
generated from additional interviews. Second, a range of 20 to 30 interviewees is
generally sufficient to conduct a meaningful qualitative study, without developing a
sense of being overwhelmed in the data (Creswell, 1998). This is due, in part, to the
sheer amount of data gathered during the interviewing process.
4.2 Data collection
We collected data based on semi-structured interviews lasting 90 min each on average.
We conducted the interviews between 2007 and 2009. The interview guide was largely
structured around four main topics:
(1) Basics of auditor independence. Definition, dimensions, importance, etc.
(2) Main threats to auditor independence. Conflicts of interest, familiarity with
clients, etc.
(3) Extent to which the norms of auditor independence relating to ISO 14001 are
met in Canada. Current situation, tendencies, examples of threats to
independence, cases of conflict of interest, etc.
(4) Potential solutions for strengthening auditor independence. The role of the SCC,
the process of auditor accreditation, conflict of interest statements, etc.
In total, we conducted 20 face-to-face interviews and 16 more over the phone.
Subsequent email correspondence with some participants helped to clarify information
and (where necessary) complete interview transcripts. All interviews involved one
participant, except in two cases where meetings were held with two individuals
because of limited availability.
A number of studies show that telephone interviews constitute a valid method of data
collection, providing results comparable to face-to-face interviews (Holt, 2010; Stephens,
2007). Additionally, telephone interviews may be necessary when participants are
geographically dispersed (Stephens, 2007). In this research, the geographical dispersion
of interviewees was particularly high and, in some cases, the auditors we interviewed
were conducting audits in timber and mining companies located in remote areas. Due to
these circumstances, we feel justified in using phone interviews as part of this study.
One of the main challenges we faced was establishing a trusting relationship with
participants. Trust was fostered by developing an informed consent protocol validated
AAAJ
26,8
1292
While the first strategy relates to the symbolical order, the others mainly rely on
substantive layers of meaning in elaborating a sense of trust in auditor independence.
The substantive-based strategies were often articulated in the interviews when threats
to independence were discussed.
5.1 Drawing on symbolization
Symbolization is mobilized, for instance, through statements that celebrate the
importance of auditor independence through vague generalities and textbook-like
recipes. Accordingly, most participants spontaneously emphasized the key role of
auditor independence in ISO 14001 processes. It is presumed, without any
demonstration, that the credibility of the certification process is closely linked to
auditor independence and the absence of conflicts of interest. For instance:
Independence is fundamental because its the basis of the validity of a certification. If the
body used to audit the system wasnt independent, the impartiality of the audit would be
compromised, as would the results (Regional director of registrar 4).
A number of participants also took solace in the alleged capacities of ethical rules to
shape a general framework guiding individual behavior. Reification abounds, with
policies and rules possessing some intrinsic power to ensure compliance. Thus:
The quality of the service we provide depends to a great extent on the ethical behavior of
auditors and on compliance with the rules of professional conduct. Objectivity, rigor, a critical
approach, and the clarity of our work and communication are also key factors. I make it a
point of honor to say things clearly and I would rather be clearly wrong than confusingly
right. My aim isnt to tell the client what they want to hear, but to tell them what they must
hear (Full-time lead auditor 3 in registrar 3).
In general, participants derived comfort from ethical rules that clearly identify
unacceptable practices, thereby establishing a credible and reassuring sense of order in
their eyes. Auditor independence is then clearly in the purview of controllability. For
instance, interviewees often emphasized the importance of not acting simultaneously
as judge and party in the audit process. They noted further that auditors must avoid
developing personal relationships with company managers, because it may
compromise their judgment:
It is important not to have worked in the company in the past ten years. In my view, its also
important not to have a close acquaintance in the company. For example, it may be a problem
if you know the environment manager. Its important not to have either professional or
personal relationships with anyone; you need to be totally independent (Full-time lead auditor
in registrar 2).
A prior professional involvement in the company youre about to audit or personally knowing
managers in the company youre about to audit are clear cases of conflict of interest
(Freelance auditor 5 in several registrars).
I cant speak for other people, often expressed in a tone and attitude skeptical of the
questions relevance.
However, about one third of the interviewees who initially downplayed or denied
the existence of threats to independence, subsequently provided examples of such
threats. Overall, by combining all of the data, we found that approximately half of the
participants eventually acknowledged the possibility of disturbances impinging upon
auditor independence, although many interviewees remained vague on the matter. In
the majority of cases, no specific examples were given:
Its a reflection of society. I would guess that, as compared to the other auditors, between 5
and 10% of auditors have a relatively flexible interpretation of the professions independence
policies, which implies that policies are likely to be undermined at some point. Yes, I have
heard about certain problems but its always a delicate matter. Sometimes you hear about
registrars being struck off by the SCC. Its a sign that something happened, but precisely
what, I dont know (Manager of the environment program and lead auditor in registrar 1).
Interviewees were often careful to soften their tone when discussing independence
concerns. When concerns emerged, participants tended to downplay their seriousness by
distancing themselves as much as possible from the problematic situations. The
acknowledgement of concerns surrounding independence was, thus, rarely direct or
explicitly linked to the personal experience of specific practitioners. Instead, the
disturbances tended to be addressed indirectly, distantly and diffusely without
compromising the integrity and compliance of the participants professional milieu. This
tendency involved a range of social distancing strategies aimed at reflectively maintaining
ones sense of confidence in auditor independence. Essentially, these strategies relate to the
construction of geographical, status, time, and methodological boundaries.
About one third of interviewees relied on a social distancing strategy that constrains the
occurrence of disturbing situations to remote locations, especially marginalized countries
and certain parts of Europe. These geographical boundaries construct a marked sense of
morality between us and them (Said, 1979). Typically, geographical distancing relates
lack of independence to remote problems of under-development, cultural differences, or
fragilities of certification bodies abroad. By contrast, Canada tends to be viewed as a
country where auditor independence is closely and rigorously monitored:
I also cover countries such as Mexico, India, Chili, and Brazil, and I know for a fact that there
are conflicts of interest in those countries. I once saw a past submission of a certification body
(in another country) where the result of the certification was guaranteed. It is totally incorrect
to guarantee the outcome of certification. This is a major problem (Environment and forestry
certification coordinator of a certified client 3).
Another social distancing strategy (used by about one fifth of participants) involves the
construction of tight boundaries between audit failures and the principle of independence.
In this scenario, linkages with independence concerns are broken and replaced with
elements that auditors see as easier to address and resolve. Accordingly, some
interviewees maintained that audit failures tend to involve deficiencies or malfunctions
that have no bearing on the personal integrity and independence of the auditors. The most
frequently cited concern in this respect is the competence of certain types of auditors:
In my view, independence is not an issue, but competence sometimes is. Its important to
distinguish between the two (Consultant 7, President of a consultancy firm and freelancer in
registrar 1).
AAAJ
26,8
1294
Finally, several participants stated that auditors are able to extirpate themselves from
the nexus of social influences to perform their audit engagements on a genuinely
independent basis. In particular, discussions grounded in the experiential realm,
emphasizing the necessity of limiting audit evidence to objective facts, reflected this.
Thus, rumors and journalistic fantasies are discounted without hesitation, based on
methodological rigor and skills:
Its important to be independent, completely independent, and to avoid preconceptions for
example things that might be said in newspapers. I once did an audit in a company that had
been criticized in the newspapers because of its pollution levels and had been sued in court.
When I started the 14001 audit, everyone was very worried and said that I was biased
because I had read the newspapers. I explained that I was not at all biased and that my work
would be based on the documents provided by the company. I told the managers that my
judgment would be based entirely on what I was given and that I had no interest in
anything the newspapers might have to say (Full-time chief auditor 6 of registrar 2).
tends to appear abnormal or even unacceptable from the point of view of audited
organizations. Generally, a certification audit is performed only after an organizations
compliance is assessed through a pre-certification audit to identify and (wherever
relevant) rectify beforehand the major cases of non-compliance. In addition, audit firms
are chosen and paid by organizations seeking primarily to obtain or renew their
certification. Renewal occurs every three years, within the context of a market subject
to vigorous competition between auditors. As a result, the ISO 14001 certification
process involves commercial pressures that can certainly undermine auditor
independence.
Some interviewees illustrated these commercial pressures by referring to bonuses
paid by some companies to their respective in-house environmental managers, based
on the number of cases of non-compliance identified by the auditors[3]. Thus, in the
following example, the environmental manager expected a bonus tied to the outcome of
the audit. Although the bonus was not directly paid to the auditors, pressures were
clearly exerted on them for financial reasons:
Its not always easy to remain independent. In fact, in some cases, I found it really difficult.
For example, some large companies pay bonuses depending on the number of
non-conformities identified in the audit. I remember a situation in which we turned up to
perform the audit and we wanted to raise an issue of non-conformity. A kind of barrier then
appeared in front of us. The environment manager would go to great lengths to show us that
it wasnt in fact a case of non-conformity, or to convince us that it wasnt, simply because his
bonus was at stake (Freelance auditor 1 in registrar 1).
In this context, auditors, who refuse to grant certification, exhibit a behavior that may
seem heroic insofar as it goes against the grain of auditees expectations, the tendency
of taking audit success for granted, and the commercial interests that underlie the
practice. The few examples of companies that fail to pass the audit criteria, as
mentioned in the interviews, enabled the participants to highlight auditors behaving
with integrity and independence despite surrounding institutional pressures:
One of my colleagues once found out that the auditee had committed fraud by providing
documents that had been written the day before. He immediately suspended the audit. The
company wasnt certified; it failed the certification. Yes, the audit was stopped! The company
was told it had to be more rigorous and had to correct its ways (Full-time lead auditor in
registrar 2).
Once the audit was finished, I went into the meeting room, where about thirty people were
waiting for me, and I told them that I wouldnt be granting certification. Their system wasnt
ready for certification, they just werent ready. I said: There are major issues of
non-compliance. Once youve done your homework, Ill come back. Our guidelines are very
clear and must be supported by management. We dont want third-rate certifications!
(Full-time auditor 5 in registrar 1 and former consultant)
The interviews also suggested that confidence in the moral conduct of auditors is
reinforced by the professional inspections carried out by the SCC. In addition to
promoting the diffusion of voluntary standards aimed at improving organizational
practices, the SCC is charged with accrediting certification bodies, carrying out
inspections on a periodic basis to ensure that bodies comply with the formal norms of
practice, notably the principles specified in ISO 19011 (quality and EMS auditing) and
ISO 17021 (assessment and requirements for bodies providing certification of
AAAJ
26,8
management systems). In other words, through the agency of inspections, the SCC may
be viewed as a safeguard ensuring the conditions required to guarantee independence
are complied with. All of the ISO 14001 auditors interviewed in this study emphasized
the importance of this role and the fairly rigorous nature of the inspections performed
by the SCC:
1296
I was inspected seven times by them, by the SCC. They are very, very rigorous (Consultant 7,
President of a consultancy firm and freelancer for registrar 1).
As a matter of fact, a sense of power ensuing from the SCC inspections transpires from
the interviews. Participants maintained that non-conformities identified during SCC
inspections can have significant consequences for ISO 14001 certification bodies and
the auditors they employ. Furthermore, the role of the SCC is not limited to monitoring
the audits performed by certification bodies; the SCC also acts as investigator and
judge conducting investigations into allegations of misconduct, deciding on
sanctions, managing complaints, defining the rules for improving auditor
independence, etc.:
When we get a complaint, we conduct an investigation to find out what went wrong. If there
are recurrent problems, the Council can set in motion a procedure that will initially involve
suspending the organization. At a later stage, we may choose to remove the entity from the
list of organizations that are deemed to be competent (SCC Inspector 3).
So far Ive been involved in five witness audits by the SCC, so I know what its like. If they
think we havent done what we were meant to do, our accreditation within the SCC, in fact our
raison detre in business, will be in peril (Full-time lead auditors 3 and 4 in registrar 4).
Some interviewees stated that audit and consultancy services were clearly separated
within certification bodies or that the latter provided no consultancy services at all.
This perception was shared by auditors and non-auditors alike. However, specific
doubts about the effectiveness of the internal mechanisms isolating consultancy from
auditing services were raised in a few interviews with ISO 14001 consultants.
Examples involve pre-audit activities designed to ensure organizations seeking
certification are prepared for the certification audit. According to certain participants,
pre-audit activities can be likened to a form of consultancy and may, therefore, raise
questions about the distinction between consultancy and audit services. Other
examples highlight the ambivalent role of some freelance auditors, who carry out
audits on a contractual basis, at the request of certification bodies. Accordingly, some
bodies provide consultancy services to auditees while seeking to maintain
independence through the employment of freelance auditors who (in theory) did not
provide consultancy services to these organizations. Freelance auditors are then
believed to act as a kind of screen enabling the certification body to maintain an
apparent distinction between the two types of activities. However, in some cases, the
distinction is relatively artificial:
There was this auditor who worked on a freelance basis for a well-known registrar and who
also provided consultancy services. He provided consultancy services linked to one of the
requirements of the EMS. So he was working, as auditor, for the registrar of a specific client
for which he was also providing consultancy services. We therefore told the lead auditor not
to have the relevant part of the EMS audited by this particular freelance auditor. But he still
went ahead and did it! (Consultant 5 and associate director of a consultancy firm)
Interviewees also pointed to other types of organizational and procedural controls that
can strengthen auditor independence. One of these controls occurs prior to the audit
process, where a range of mechanisms are used in some registrars to ensure that
rank-and-file auditors are not involved in commercial or fee negotiations with clients.
AAAJ
26,8
1298
In spite of some doubts being expressed towards their actual effectiveness, our
analysis indicates that procedural controls play an important role in the production of
an inter-subjective sense of shared meaning regarding the claim of independence being
under control in the ISO auditing community.
6. Discussion and conclusion
Through a series of interviews, we examined the construction of independence in the
context of ISO 14001 audit engagements. Our analysis focused on the sense-making
strategies, as mobilized within the network of individuals involved in the backstage of
such engagements, to develop and sustain the belief that auditor independence is under
control in the community. These strategies are instrumental in the construction of a
collective sense of confidence, supported through a web of symbolic attributions as
AAAJ
26,8
1300
Notes
1. Institutional arrangements relate to the web of policies, structures, rules and regulations that
collectively define the roles and responsibilities of auditors within a given domain of
practice, as well as how they are nominated and compensated.
2. ISO 19011 specifies the educational, training and ongoing learning requirements that ISO
14001 auditors should meet. In Canada, ISO 14001 auditors normally obtain their credentials
from Eco Canada or the Association quebecoise de verification environnementale. These two
associations are officially recognized by the SCC as having the power to designate qualified
environmental auditors.
1301
3. Pressures are probably more common and salient in the case of ISO 9001 certification, which
is often required by clients to secure a contract, particularly on international markets. ISO
14001 audits are less likely to be a requirement for securing contracts.
4. We were unable to obtain official data on the frequency of sanctions imposed by the SCC.
Contacted on the matter, the SCC specified that this information was confidential.
References
Alvesson, M. and Willmott, H. (2002), Identity regulation as organizational control: producing
the appropriate individual, Journal of Management Studies, Vol. 39 No. 5, pp. 619-644.
Ammenberg, J., Wik, G. and Hjelm, O. (2001), Auditing external environmental auditors:
investigating how ISO 14001 is interpreted and applied in reality, Eco-Management and
Auditing, Vol. 8 No. 4, pp. 183-192.
Anderson-Gough, F., Grey, C. and Robson, K. (2001), Tests of time: organizational
time-reckoning and the making of accountants in two multi-national accounting firms,
Accounting, Organizations and Society, Vol. 26 No. 2, pp. 99-122.
Andrews, R.N.L., Charm, J., Habicht, H., Knowlton, T., Sale, M. and Tschinkel, V. (2001),
Third-party auditing of environmental management systems: US registration practices for
ISO 14001, Panel Report of the National Academy of Public Administration, May, available
at: www.dep.state.pa.us/dep/deputate/pollprev/ISO14001/NAPA.pdf (accessed 28 July 2007).
Aras, G. and Crowther, D. (2009), Corporate sustainability reporting: a study in disingenuity?,
Journal of Business Ethics, Vol. 87 No. 1, pp. 279-288.
Archel, P., Husillos, J. and Crawford, C. (2011), The institutionalisation of unaccountability:
loading the dice of corporate social responsibility discourse, Accounting, Organizations
and Society, Vol. 36 No. 6, pp. 327-343.
Ball, A., Owen, D.L. and Gray, R. (2000), External transparency or internal capture? The role of
third-party statements in adding value to corporate environmental reports, Business
Strategy and the Environment, Vol. 9 No. 1, pp. 1-23.
Baudrillard, J. (1998), The Consumer Society: Myths & Structures, Sage, Thousand Oaks, CA.
Beckmerhagen, I.A., Berg, H.P., Karapetrovic, S. and Willborn, W. (2004), On the effectiveness of
quality management system audits, TQM Magazine, Vol. 16 No. 1, pp. 14-25.
Berger, P.L. and Luckmann, T. (1966), The Social Construction of Reality, Penguin Books, New
York, NY.
Boiral, O. (2003), ISO 9000: outside the iron cage, Organization Science, Vol. 14 No. 6,
pp. 720-737.
Boiral, O. (2007), Corporate greening through ISO 14001: a rational myth?, Organization
Science, Vol. 18 No. 1, pp. 127-146.
Boiral, O. (2012), ISO certificates as organizational degree? Beyond the rational myths of
certification, Organization Studies, Vol. 33 Nos 5/6, pp. 633-654.
AAAJ
26,8
1302
Boiral, O. and Gendron, Y. (2011), Sustainable development and certification practices: lessons
learned and prospects, Business Strategy and the Environment, Vol. 20 No. 5, pp. 331-347.
Bourguignon, A. and Chiapello, E. (2005), The role of criticism in the dynamics of performance
evaluation systems, Critical Perspectives on Accounting, Vol. 16 No. 6, pp. 665-700.
Business Improvement Network (2002), Reactions to ISO secretary-generals police yourselves
call to ISO 9000 community, ISO Management Systems, Vol. 2, March/April, pp. 55-61.
Casadesus, M., Viadiu, F.M. and Saizarbitoria, I.H. (2002), Quality service of ISO 9000
consultants, International Journal of Quality & Reliability Management, Vol. 19 Nos 8/9,
pp. 980-1013.
Christmann, P. and Taylor, G. (2006), Firm self-regulation through international certifiable
standards: determinants of symbolic versus substantive implementation, Journal of
International Business Studies, Vol. 37 No. 6, pp. 863-878.
Cohen, J.R. and Holder-Webb, L.L. (2006), Rethinking the influence of agency theory in the
accounting academy, Issues in Accounting Education, Vol. 21 No. 1, pp. 17-30.
Cooper, B.J. (2005), Where were the gatekeepers? Corporate collapses and the role of
accountants, in Campbell, T. and Houghton, K. (Eds), Ethics and Auditing, ANU E. Press,
Canberra.
Corbett, C.J. and Kirsch, D.A. (2001), International diffusion of ISO 14000 certification,
Production & Operations Management, Vol. 10 No. 3, pp. 327-342.
Covaleski, M.A., Dirsmith, M.W., Heian, J.B. and Samuel, S. (1998), The calculated and the
avowed: techniques of discipline and struggles over identity in Big Six public accounting
firms, Administrative Science Quarterly, Vol. 43 No. 2, pp. 293-327.
Creswell, J. (1998), Qualitative Inquiry and Research Design: Choosing Among Five Traditions,
Sage, Thousand Oaks, CA.
Czarniawska, B. (2004), Narratives in Social Science Research: Introducing Qualitative Methods,
Sage, London.
Deegan, C., Cooper, B.J. and Shelly, M. (2006), An investigation of TBL report assurance
statements: UK and European evidence, Managerial Auditing Journal, Vol. 21 No. 4,
pp. 329-371.
Delmas, M. (2001), Stakeholders and competitive advantage: the case of ISO 14001, Production
and Operations Management, Vol. 10 No. 3, pp. 343-358.
Delmas, M.A. (2002), The diffusion of environmental management standards in Europe and in
the United States: an institutional perspective, Policy Sciences, Vol. 35 No. 1, pp. 91-119.
Dervin, B. (1992), From the minds eye of the user: the sense-making qualitative-quantitative
methodology, in Flazier, J.D. and Powell, R.R. (Eds), Qualitative Research in Information
Management, Libraries Unlimited, Englewood, CO, pp. 61-84.
Douglas, M. (1966), Purity and Danger: An Analysis of Concept of Pollution and Taboo,
Routledge, New York, NY.
Durocher, S. and Gendron, Y. (2011), IFRS: on the docility of sophisticated users in preserving
the ideal of comparability, European Accounting Review, Vol. 20 No. 2, pp. 233-262.
Etzion, D. and Ferraro, F. (2010), The role of analogy in the institutionalization of sustainability
reporting, Organization Science, Vol. 21 No. 5, pp. 1092-1107.
Flyvbjerg, B. (2001), Making Social Science Matter: Why Social Inquiry Fails and How It Can
Succeed Again, Cambridge University Press, Cambridge.
Gendron, Y. (2006), Reforming auditor independence: voicing and acting upon auditors
concerns and criticisms, Advances in Public Interest Accounting, Vol. 12, pp. 103-118.
AAAJ
26,8
1304
Lang, J.C. (1999), Legislative, regulatory and juridical dilemmas in environmental auditing,
Eco-Management and Auditing, Vol. 6 No. 3, pp. 101-114.
Lincoln, Y.S. and Guba, E.G. (1985), Naturalistic Inquiry, Sage, Newbury Park, CA.
Maclean, M., Harvey, C. and Chia, R. (2012), Sensemaking, storytelling and the legitimization of
elite business careers, Human Relations, Vol. 65 No. 1, pp. 17-40.
McPhail, K. (1999), The threat of ethical accountants: an application of Foucaults concept of
ethics to accounting education and some thoughts on ethically educating for the other,
Critical Perspectives on Accounting, Vol. 10 No. 6, pp. 833-866.
Mahony, P. (1995), Auditor independence fact or fantasy?, Accountancy Ireland, Vol. 27 No. 2,
pp. 6-8.
Malsch, B. and Gendron, Y. (2013), Re-theorizing change: institutional experimentation and the
struggle for domination in the field of public accounting, Journal of Management Studies,
Vol. 5, pp. 871-899.
Mautz, R.K. and Sharaf, H.A. (1964), The Philosophy of Auditing, American Accounting
Association, Sarasota, FL.
Meyer, J.W. and Rowan, B. (1977), Institutional organizations: formal structure as myth and
ceremony, American Journal of Sociology, Vol. 83 No. 2, pp. 340-363.
Moore, D.A., Tetlock, P.E., Tanlu, L. and Bazerman, M.H. (2006), Conflicts of interest and the
case of auditor independence: moral seduction and strategic issue cycling, Academy of
Management Review, Vol. 31 No. 1, pp. 1-29.
Murphy, C.N. and Yates, J.A. (2009), The International Organization for Standardization (ISO):
Global Governance Through Voluntary Consensus, Routledge, New York, NY.
Naslund, L. and Pemer, F. (2012), The appropriated language: dominant stories as a source of
organizational inertia, Human Relations, Vol. 65 No. 1, pp. 89-110.
ODwyer, B. (2011), The case of sustainability assurance: constructing a new assurance service,
Contemporary Accounting Research, Vol. 28 No. 4, pp. 1230-1266.
Paterson, F. (2002), The auditors tale: conformity assessment as seen by a practitioner,
ISO Management Systems, Vol. 4, July/August, pp. 47-52.
Patton, M.Q. (1990), Qualitative Evaluation and Research Methods, 2nd ed., Sage, Newbury Park,
CA.
Pentland, B.T. (1993), Getting comfortable with the numbers: auditing and the micro-production
of macro-order, Accounting, Organizations and Society, Vol. 18 Nos 7/8, pp. 605-620.
Power, M. (1997a), Expertise and the construction of relevance: accountants and environmental
audit, Accounting, Organizations and Society, Vol. 22 No. 2, pp. 123-146.
Power, M. (1997b), The Audit Society: Rituals of Verification, Oxford University Press, Oxford.
Power, M. (2003a), Auditing and the production of legitimacy, Accounting, Organizations and
Society, Vol. 28 No. 4, pp. 379-394.
Power, M. (2003b), Evaluating the audit explosion, Law and Policy, Vol. 25 No. 3, pp. 185-202.
Said, E.W. (1979), Orientalism, Vintage Books, New York, NY.
Schutz, A. (1967), The Phenomenology of the Social World, Northwestern University Press,
Evanston, IL.
Shore, C. and Wright, S. (2000), Coercive accountability: the rise of audit culture in higher
education, in Strathern, M. (Ed.), Audit Cultures: Anthropological Studies in
Accountability, Ethics, and the Academy, Routledge, London, pp. 57-89.
Sikka, P. (2009), Financial crisis and the silence of auditors, Accounting, Organizations and
Society, Vol. 34 Nos 6/7, pp. 868-873.
Sikka, P. and Willmott, H. (1995), The power of independence: defending and extending the
jurisdiction of accounting in the United Kingdom, Accounting, Organizations and Society,
Vol. 20 No. 6, pp. 547-581.
Sikka, P., Puxty, A., Willmott, H. and Cooper, C. (1998), The impossibility of eliminating the
expectations gap: some theory and evidence, Critical Perspectives on Accounting, Vol. 9
No. 3, pp. 299-330.
Stein, M. (2004), The critical period of disasters: insights from sense-making and psychoanalytic
theory, Human Relations, Vol. 57 No. 10, pp. 1243-1261.
Stephens, N. (2007), Collecting data from elites and ultra elites: telephone and face-to-face
interviews with macroeconomists, Qualitative Research, Vol. 7 No. 2, pp. 203-216.
Strathern, M. (2000), New accountabilities: anthropological studies in audit, ethics and the
academy, in Strathern, M. (Ed.), Audit Cultures: Anthropological Studies in Accountability,
Ethics, and the Academy, Routledge, London, pp. 1-18.
Suddaby, R., Cooper, D.J. and Greenwood, R. (2007), Transnational regulation of professional
services: governance dynamics of field level organizational change, Accounting,
Organizations and Society, Vol. 32 Nos 4/5, pp. 333-362.
Suddaby, R., Gendron, Y. and Lam, H. (2009), The organizational context of professionalism in
accounting, Accounting, Organizations and Society, Vol. 34 Nos 3/4, pp. 409-427.
Tillmann, K. and Goddard, A. (2008), Strategic management accounting and sense-making in a
multinational company, Management Accounting Research, Vol. 19 No. 1, pp. 80-102.
Toffler, B.L. (with J. Reingold) (2003), Final Accounting: Ambition, Greed, and the Fall of Arthur
Andersen, Broadway Books, New York, NY.
Walgenbach, P. (2001), The production of distrust by means of producing trust, Organization
Studies, Vol. 22 No. 4, pp. 693-714.
Weick, K.E. (1995), Sensemaking in Organizations, Sage, Thousand Oaks, CA.
Weick, K.E. (2012), Organized sensemaking: a commentary on processes of interpretive work,
Human Relations, Vol. 65 No. 1, pp. 141-153.
Whittle, A. and Mueller, F. (2012), Bankers in the dock: moral storytelling in action, Human
Relations, Vol. 65 No. 1, pp. 111-139.
Wichuk, K., McCartney, D., Fraser, D., McLeod, S. and Karapetrovic, S. (2008), ISO 14001:
An Expert Discussion of Current Practical Issues, Auditing Association of Canada,
Kananaskis.
Williams, P.F. (1992), Prediction and control in accounting science, Critical Perspectives on
Accounting, Vol. 3 No. 1, pp. 99-107.
Wyatt, A.R. (2004), Accounting professionalism they just dont get it!, Accounting Horizons,
Vol. 18 No. 1, pp. 45-53.
Young, J.J. (2003), Constructing, persuading and silencing: the rhetoric of accounting
standards, Accounting, Organizations and Society, Vol. 28 No. 6, pp. 621-638.
Zutshi, A. and Sohal, A. (2003), Environmental management system auditing within Australian
companies, Managerial Auditing Journal, Vol. 18 No. 8, pp. 637-648.
Corresponding author
Yves Gendron can be contacted at: yves.gendron@fsa.ulaval.ca
1. Pavel Castka, Daniel Prajogo, Amrik Sohal, Andy C.L. Yeung. 2015. Understanding firms selection of
their ISO 9000 third-party certifiers. International Journal of Production Economics . [CrossRef]