Can anyone be an auditor?

SQMC Director of Training, Karen MacKenzie, examines the core qualities of a (good!) auditor's personality.

There are two enlightening documents which ensure that we don't leave judging the character of an auditor to chance, or personal opinion: the international standards ISO 19011:2011 and ISO 17021:2015.

ISO/IEC 17021-1:2015 ("Conformity Assessment - Requirements for bodies providing audit and certification of management systems")

From ISO 17021-1 we read that the auditor is expected to manifest the following characteristics:

  1. ethical, i.e. fair, truthful, sincere, honest and discreet;
  2. open-minded, i.e. willing to consider alternative ideas or points of view;
  3. diplomatic, i.e. tactful in dealing with people;
  4. collaborative, i.e. effectively interacting with others;
  5. observant, i.e. actively aware of physical surroundings and activities;
  6. perceptive, i.e. instinctively aware of and able to understand situations;
  7. versatile, i.e. adjusts readily to different situations;
  8. tenacious, i.e. persistent and focused on achieving objectives;
  9. decisive, i.e. reaches timely conclusions based on logical reasoning and analysis;
  10. self-reliant, i.e. acts and functions independently;
  11. professional, i.e. exhibiting a courteous, conscientious and generally business-like demeanour in the workplace;
  12. morally courageous, i.e. willing to act responsibly and ethically even though these actions may not always be popular and may sometimes result in disagreement or confrontation;
  13. organized, i.e. exhibiting effective time management, prioritization, planning, and efficiency. 

ISO 19011:2011 ("Guidelines for auditing management systems")

And ISO 19011 states that 'adherence to these principles is a prerequisite for providing audit conclusions that are relevant and sufficient and for enabling auditors, working independently from one another, to reach similar conclusions in similar circumstances'.

Integrity: the foundation of professionalism

Auditors should:

  • perform their work with honesty, diligence, and responsibility;
  • observe and comply with any applicable legal requirements;
  • demonstrate their competence while performing their work;
  • perform their work in an impartial manner, i.e. remain fair and unbiased in all their dealings;
  • be sensitive to any influences that may be exerted on their judgement while carrying out an audit.

Fair presentation: the obligation to report truthfully and accurately

Audit findings, audit conclusions and audit reports should reflect truthfully and accurately the audit activities. Significant obstacles encountered during the audit and unresolved diverging opinions between the audit team and the auditee should be reported. The communication should be truthful, accurate, objective, timely, clear and complete.

Due professional care: the application of diligence and judgement in auditing

Auditors should exercise due care in accordance with the importance of the task they perform and the confidence placed in them by the audit client and other interested parties. An important factor in carrying out their work with due professional care is having the ability to make reasoned judgements in all audit situations.

Confidentiality: security of information

Auditors should exercise discretion in the use and protection of information acquired in the course of their duties. Audit information should not be used inappropriately for personal gain by the auditor or the audit client, or in a manner detrimental to the legitimate interests of the auditee. This concept includes the proper handling of sensitive or confidential information.

Independence: the basis for the impartiality of the audit and objectivity of the audit conclusions

Auditors should be independent of the activity being audited wherever practicable, and should in all cases act in a manner that is free from bias and conflict of interest. For internal audits, auditors should be independent from the operating managers of the function being audited. Auditors should maintain objectivity throughout the audit process to ensure that the audit findings and conclusions are based only on the audit evidence. For small organizations, it may not be possible for internal auditors to be fully independent of the activity being audited, but every effort should be made to remove bias and encourage objectivity.

Evidence-based approach: the rational method for reaching reliable and reproducible audit conclusions in a systematic audit process.

Audit evidence should be verifiable. It will in general be based on samples of the information available, since an audit is conducted during a finite period of time and with finite resources. An appropriate use of sampling should be applied, since this is closely related to the confidence that can be placed in the audit conclusions.

So we conclude that it takes a certain kind of person to be an auditor, and we can help develop you to become such through our IRCA-certified training and CPD courses. Contact our advisors for guidance!