Question
My manager and I have a question about internal lead auditor and auditor qualification. As stated in section 8.2.2 of ISO 9001:2008, “the organization shall conduct internal audits at planned intervals to determine whether the quality management system…”
Our question is do internal lead auditors and auditors have to be certified by an organization or trained by a certified lead auditor? May a person read ISO 19011:2011 and with his/her experiences in his/her field then perform audit tasks as stated in section 8.2.2 of ISO 9001:2008? If yes, would an ISO registrar consider it to be a non-conformance finding?
Thank you in advance for taking time to answer our question.
Response
Thanks for contacting ASQ’s Ask the Experts program. With regard to your question, it is important to know that ISO 9001:2008 does not prescribe any specific requirements for the qualifications of persons conducting QMS audits. ISO 19011:2011, provides guidance not mandatory requirements for determining Auditor qualifications. As you are aware, an internal audit is one of the most valuable tools that an organization has to determine the effectiveness of its quality management system as well as to identify opportunities for improvement.
For this reason, it is essential that the personnel or consultants used to conduct audit activities, have the qualifications and experienced needed to provide these services. As a minimum, I would suggest that your internal audit personnel attend Auditor classroom training accredited by ASQ, RABQSA or IRCA. This training should be supported by arranging for their participation in future audits as an audit team member. This audit should preferably be conducted by an individual who has a current certification as an ASQ CQA or an RABQSA or IRCA Lead Auditor.
Another consideration is to ensure that the Lead Auditor can provide an audit log as evidence of his/her past audit experience. The Lead Auditor should also provide evidence of their continued training to maintain their competency as an Auditor. Another key point, is to ensure that the Lead Auditor has a working knowledge of your organization’s product line, processes or services. The importance of using trained and experienced Auditors can’t be overstated.
I hope this helps.
Best regards,
Bill Aston
ASQ Senior Member
Managing Director of Aston Technical Consulting Services
Kingwood, TX
www.astontechconsult.com
For more about this topic, please visit ASQ’s website.
The advice given by Bill is a good summary of what needs to be considered when selecting someone to manage your internal audit program. A couple of other points worth making, ISO 19011 includes many references to ‘competence’ and a registrar may well apply this to the effectiveness of your audits and auditors. Therefore regardless of ‘formal qualifications’ identifying poorly planned and executed internal audits will attract the attention of the certification auditors. Also on the question of providing an audit log as evidence of his/her past audit experience and providing evidence of their continued training to maintain their competency as an Auditor there are other alternatives. If the person selected has been qualified through a ‘competency based’ training course there is no requirement to keep a log or maintain continuing education. There is however a requirement to remain certified by other means. (www.exemplarglobal.com) has full details.