An additional requirement for management system audits is auditor competence.
As stated in ISO 19011 – “Confidence in the results of an audit depends on the competence of the individuals conducting the audit.”
ISO 19011 identifies three components of auditor competence –
- Personal Behavior
- Auditing Knowledge and Skills (Generic for All Management System Auditors)
- Technical Knowledge and Skills (Specific for the Discipline(s) Being Audited)
To be effective, auditors need to possess the appropriate qualities, knowledge and skills in all three of these areas.
The key is determining the qualities, knowledge and skills needed by each individual auditor in order to achieve the objectives established for the audit and the audit program.
There are a number of considerations that may go into this determination.
As outlined in ISO 19011, these include –
- the nature of the organization or activities that are to be audited
- the type, nature and complexity of the audit to be performed
- the size and composition of the audit team
- the role of the auditor – the nature of his or her audit assignment
- any specific requirements imposed by external parties
The important thing is that the combined competence of the audit team members is appropriate for the defined objectives of the audit. For audit teams with more than one auditor, not every auditor needs to be equally qualified to audit every area included within the scope of an audit. It is up to the individual who is tasked with the responsibility of assembling the audit team to ensure that this have been achieved. Usually this is either the audit program manager or the audit team leader.
NOTE: Auditor competence is not explicitly stated in either the definition of an audit or in Clause 9.2 of the ISO management system standards. It was actually deleted from Clause 9.2 in the final editing of ISO 45001:2018. The rationale is that it is required in Clause 7.2 (Competence) of the ISO standards. Unfortunately, since the edit was made in the final editing of the standard, this clarification was not included in the Annex as it was in ISO 14001.auditor competence required depends on nature of audit being performed.