Audit Training

Module 4 - Competence and

Evaluation of Auditors
General Considerations (1)
■ Confidence and reliance in the audit process depends on the competence of those
involved in planning & conducting the audits, including auditors and team leaders.
■ Competence has to be evaluated through a process that considers personal
behaviours and the ability to apply the knowledge and skills gained through
education, work experience, auditor training and audit experience.
■ This process should take into consideration the needs of the audit programme and
its objectives.
■ Some of the knowledge and skills are common to auditors of all management system
disciplines, others are specific to auditors of specific management system
disciplines.
■ The evaluation of auditors must be planned, implemented and documented in
accordance with the audit programme to provide an outcome that is objective,
consistent, fair and reliable.
General considerations (2)
■ The evaluation process should include four main steps:
– Determine the competence of audit personnel needed for the audit programme
– Establish the evaluation criteria
– Select the appropriate evaluation method
– Conduct the evaluation
■ The outcome of the evaluation process should provide a basis for:
– audit team selection
– determination of training and other competence enhancement needs
– ongoing performance evaluation of auditors
■ Auditors should develop, maintain and improve their competence through continual
professional development and regular participation in audits.
Determining Auditor Competence
Overall Considerations
■ In deciding the appropriate knowledge and skills, consider the following:
– the size, nature and complexity of the organisation(s) to be audited
– the management system disciplines to be audited
– the objectives and extent of the audit programme
– other requirements, like those imposed by external bodies, where appropriate
– the role of the audit process in the management system of the organisation(s) to
be audited
– the complexity of the management system to be audited
– the uncertainty in achieving audit objectives
Personal Behaviours (1)
An auditor must possess (or develop) the following 14 qualities:
1. Ethical : fair, truthful, sincere, honest and discreet
2. Open minded : willingness to consider alternative ideas or points of view
3. Diplomatic : tact in dealing with people
4. Observant : active observation of physical surroundings and activities
5. Perceptive : aware of and able to understand situations
6. Adaptable : adjust readily to different situations
7. Tenacious : persistence, focus on achieving objectives
8. Decisive : reaching timely conclusions based on logical reasoning and analysis
9. Self reliant : acting and functioning independently while interacting effectively with
others
Continued …
Personal Behaviours (2)
An auditor must possess (or develop) the following 14 qualities: (cont.)

10. Acting with fortitude : willing to act responsibly and ethically even though
these actions may not always be popular and may sometimes result in
disagreement or confrontation

11. Well organised : exhibiting effective time management, prioritisation, planning

and efficiency

12. Open to improvement : learning from situations, striving for better audit results

13. Culturally sensitive : observe & respect cultural traditions of the auditee

14. Team player : works well with other audit team members
Knowledge and Skills – System Auditors (1)
Auditors should have knowledge and skills in audit principles, procedures and techniques so the auditor can
apply those appropriate to different audits and ensure that audits are conducted in a consistent and systematic
manner, including:
– apply audit principles, procedures, methods and techniques
– plan & organise the work effectively, to conduct the audit within agreed time schedule
– prioritise and focus on matters of significance, understand the types of auditing risks
– collect information through interviewing, observing, and reviewing documents & data
– understand the appropriateness and consequences of using sampling techniques
– verify the accuracy of collected information, confirm the sufficiency & appropriateness of audit
evidence to support audit findings and conclusions
– assess those factors that may affect the reliability of audit findings and conclusions
– use work documents to record audit activities, prepare audit reports
– maintain the confidentiality and security of information
– communicate effectively
Knowledge and Skills – System Auditors (2)
Auditors should have knowledge and skills in management system and reference documents
so that the auditor can comprehend the scope of audit and apply audit criteria, including:
– the application of management systems to different organisations
– interaction between the components of the management system
– specific management system standards, applicable procedures or other
management system documents used as audit criteria
– recognising the hierarchy of reference documents
– application of the reference documents to different audit situations
– control and protection of information, data, documents and records
– organisational context: to enable the auditor to comprehend the auditee's structure,
business and management practices. Knowledge and skills in this area should cover:
– organisational types, governance, size, structure, functions and relationships
– general business and management concepts, processes and related terminology
(including planning, budgeting and management of personnel)
– cultural and social aspects of the auditee
Knowledge and Skills – System Auditors (3)

Auditors should have knowledge and skills in applicable legal and other requirements so
that apply to the auditee so that the auditor can work within, and be aware of, the
organisation’s legal and contractual requirements, including:

– laws and regulations

– basic legal terminology

– contract and liability

Knowledge and Skills – Lead Auditor
Lead auditors should have the knowledge and skills to manage and provide leadership to the
audit team in order to facilitate the efficient and effective conduct of the audit, including to:
– balance the strengths and weaknesses of the individual audit team members
– develop a harmonious working relationship among the team members
– manage the audit process, including:
■ plan the audit and making effective use of resources during the audit
■ managing the uncertainty of achieving audit objectives, preventing/resolving conflicts
■ protecting the safety and health of the audit team members during the audit
■ organising & directing audit team members, directing and guiding the auditors-in-training
■ represent the audit team in communications with the audit client and auditee
■ understand and respect the experts’ opinions
■ lead the audit team to reach audit conclusions, prepare & complete the audit report
Knowledge and Skills – Discipline & Sector Specific (1)

■ An auditor who intends to audit a specific type of management system should have
the discipline and sector specific knowledge and skills that are appropriate for
auditing the particular type of management system and industry sector.

■ Each auditor in the audit team does not need to have the same competence.

■ However, the overall competence of the audit team needs to be sufficient to meet the
audit objectives.
Knowledge and Skills – Discipline & Sector Specific (2)
The discipline and sector specific knowledge and/or skills of auditors should include:
– understanding of the discipline and sector specific management system
requirements and principles, and their application
– understanding applicable legal and other requirements relevant to the discipline and
sector so as to enable the auditor to work within, and be aware of, the requirements
those apply to the organisation being audited
– knowledge and skills specific to the jurisdiction and/or auditee’s obligations,
activities and products
– understanding of the information (e.g. body of knowledge) that is fundamental to the
business and technical processes, sufficient to enable the auditor to evaluate
management system elements associated with the discipline
– understanding of discipline-specific knowledge related to the particular sector,
nature of operations, or workplace being audited sufficient for the auditor to evaluate
the auditee’s activities, services, processes, products and services
– understanding risk management principles, methods & techniques relevant to the
discipline and sector to enable the auditor to examine the auditee’s approach to
managing risk
Education, Work Experience, Training and Audit
Experience (1)
■ Auditors should have completed an education sufficient to acquire the knowledge and
skills.

■ They should have work experience that contributes to the development of the
knowledge and skills. This work experience should be in a technical, managerial or
professional position involving the exercise of judgment, decision making, problem
solving and communication with managers, professionals, peers, customers and/or
other interested parties. Part of the work experience should be in a position where the
activities undertaken contribute to the development of knowledge and skills in a
management system for which they intend to audit.

■ They should have completed training in audit principles, procedures & techniques.

■ They must acquire audit experience under a lead auditor’s supervision.

Education, Work Experience, Training and Audit
Experience (2)
■ An audit team leader should have acquired additional audit experience to develop
the knowledge and skills. This additional experience should have been gained by
working under the direction and guidance of an audit team leader.
■ Auditors who intend to become an audit team member in the audit of combined or
integrated management systems should have:
– the competence necessary to audit at least one management system discipline
forming part of the combined or integrated management systems, as long as the
audit team includes auditors with competence for all disciplines, and
– an understanding of the interaction and synergy between the different
management systems.
Note: An audit team leader conducting audits of combined or integrated management
systems should meet the above recommendations and have discipline specific
competence to coordinate the auditing of multiple disciplines.
Establishing the Evaluation Criteria

■ The criteria may be qualitative (such as having demonstrated personal behaviours,

knowledge or the performance of the skills, in training or in the workplace) and
quantitative (such as the years of work experience and education, number of audits
conducted, hours of audit training).
Selecting the Appropriate Evaluation Method (1)

■ The evaluation should be conducted using two or more of the methods selected from
those in Table 1 (next slide).

■ In using Table 1, the following should be noted:

– the methods outlined represent a range of options and may not apply in all
situations

– the various methods outlined may differ in their reliability

– typically, a combination of methods should be used to ensure an outcome that is

objective, consistent, fair and reliable
Table 1 – Select the Appropriate Evaluation Method
Evaluation Method Objectives
Review of Records To verify the background of the auditor
Feedback To provide information about how the
performance of the auditor is perceived
Interview To evaluate personal behaviours and
communication skills, to verify information
and test knowledge and to acquire
additional information
Observation To evaluate personal behaviours and the
ability to apply knowledge and skill
Testing To evaluate personal behaviours and
knowledge and skills and their application
Post-audit Review To provide information on the auditor
performance during the audit activities,
identify strengths and weaknesses
Examples
Analysis of records of education, training,
employment and audit experience
Surveys, questionnaires, personal
references, testimonials, complaints,
performance evaluation, peer review
Personal interviews
Role playing, witnessed audits, on-the-job
performance
Oral and written exams, psychometric
testing
Review of the audit report, interviews with
the audit team leader, the audit team and,
if appropriate, feedback from the auditee
Conducting the Evaluation

■ In this step the information collected about the person is compared against the set
criteria.

■ Where a person expected to participate in the audit programme does not meet the
criteria, additional training, work and/or audit experience, and a subsequent re-
evaluation should be performed.
Maintenance and Improvement of Competence
■ Auditors should maintain their auditing competence through regular participation in
management system audits and continual professional development. It involves the
maintenance and improvement of competence.
■ This may be achieved through additional work experience, training, private study,
coaching, seminars and conferences or other relevant activities.
■ Auditors, audit team leaders and audit managers should continually improve their
competence.
■ The organisation needing to conduct audits should establish suitable mechanisms
for the continual evaluation of the auditors, team leaders and audit managers .
■ The continual professional development activities should take into account results of
post audit reviews, changes in the needs of the individual and the organisation
needing to conduct audits, the practice of auditing, standards and other
requirements.
 CONCLUDING REMARKS
■ Coming to the end of this training session, you have learned about various aspects
and requirements of auditing a Management System.

■ We hope that the information provided in this training kit was helpful to you.

■ Please utilise this knowledge, participate in internal audits, and improve your audit
skills.

■ An important suggestion:

– We strongly recommend every potential auditor and audit manager to procure a

copy of the ISO19011:2011 standard from the ISO (Geneva) or the licensed
publisher of ISO standards in his / her country. This will serve as a reference
book for conducting the audit process in a standardised manner.

■ Thank You !