Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Internal Auditor Competency

Discussion in 'ISO 19011 - Auditing Management Systems Guidelines' started by Andy Nichols, Nov 19, 2020.

?

How competent in the ISO standard (9001, 14001 etc) does an internal auditor need to be?

This poll will close on Dec 19, 2020 at 4:25 PM.
  1. Highly Competent

    0 vote(s)
    0.0%
  2. Somewhat Competent

    0 vote(s)
    0.0%
  3. Competent, but not on ISO requirements

    1 vote(s)
    100.0%
  1. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,793
    Likes Received:
    1,916
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    How competent in the ISO requirements does an internal auditor have to be?
     
  2. John C. Abnet

    John C. Abnet Well-Known Member

    Joined:
    May 23, 2017
    Messages:
    478
    Likes Received:
    323
    Trophy Points:
    62
    Location:
    Upper Midwest- USA
    Good prompt @Andy Nichols .

    So...
    ISO 9001 (for example) indicates "the organization shall determine... necessary competence.." (7.2)

    This obviously is somewhat gray and leave it up to, as it states, the organization.

    ISO 19011, as defined within same,..."...does not state requirements, but provides guidance..."
    Although ISO 19011 uses the word "competence" 54 times, it is a useful guide, but ONLY a guide.

    Competence within ISO 9000:2015 (3.10.4) is defined as "the ability to apply knowledge to achieve intended results"

    What are the intended results? Per ISO 9001:2015 (9.2.1) "...provide information on whether the quality management system...
    a) conforms to 1) the organization's own requirements, 2) the requirements of the international standard,
    b) is effectively implemented and maintained


    Evidence of competence, therefore, is being able to show that the internal audit process is providing those intended results.


    Based on all of this, the short answer is , there is NO requirement specific to the "...necessary competence..." of an internal auditor.

    We can infer, however, that in context, the requirement in ISO 9001 (7.2) is that internal auditors need indeed be competent, just not to a specific level of competence as, again, the "...necessary....(amount) competence...." is left to the organization to determine.



    Summary:
    Based on my professional experiences, I do indeed advocate for internal auditors receiving proper training and mentorship. Indeed, I advocate for internal auditors to be highly competent. However, in terms of what is REQUIRED,....very little specifics are stated beyond the need for the organization to determine what is necessary. My vote, based on the available answers and facts stated in the applicable guides and governing standards, is...
    "c"- Competent but not an ISO requirement" (maybe a better answer option would be "d"- competent at a level determined by the organization)

    Be well.
     
  3. Jennifer Kirley

    Jennifer Kirley Moderator Staff Member

    Joined:
    Jul 31, 2015
    Messages:
    868
    Likes Received:
    608
    Trophy Points:
    92
    Location:
    USA
    I suppose it depends on what is expected of them and by whom. I audited to 9001, 14001 and 18001 while in the semiconductor industry. A good understanding of the standard helped me to help my employer maintain preparedness for our CB audits, but the site's Quality Manager wished I instead delved deeply into process failure modes. So, it comes down to the definition of success for that process.
    ...Just my 2 cents...
     
  4. yodon

    yodon Well-Known Member

    Joined:
    Aug 3, 2015
    Messages:
    131
    Likes Received:
    72
    Trophy Points:
    27
    What a loaded question! :)

    While @John C. Abnet correctly points out there is no specific requirement, competency really runs the gamut here. There's competency with the standard (and applying the concepts, not just verbatim regurgitation), competency in understanding the company's QMS and processes, competency in organizing audits, competency in interviewing and dealing with people, competency in identifying issues and potential issues, competency in writing correct findings, etc.

    A 'somewhat competent' auditor may tick the box but not help the company.
     
    Andy Nichols likes this.
  5. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    3,793
    Likes Received:
    1,916
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I like this! I am running the same poll at Linkedin, too. There's been a good response there (it's in an auditor forum) and a number of "somewhat competent" voters. I like this response because it deals with many competencies which are frequently overlooked, in my experience.
     

Share This Page