ISO Auditor: Job Description
An ISO auditor’s main role is conducting audits. He/she does this on a daily basis. To be able to understand the work of an ISO auditor better, it is important to learn the tasks being done during an ISO audit.
Let’s say there’s a company that wants to be ISO certified. In order to confirm if this company can be officially certified based on ISO standards, an audit will be conducted. An audit is divided into several different phases. The following are the detailed steps required to conduct an audit:
- Planning phase
- Coverage of the audit needed will be identified.
- Identification of people from the auditee who are directly responsible based on the coverage of the audit.
- All necessary documents will be identified.
- Specific elements of the company that need to be audited will be identified.
- Time frame needed to complete the audit.
- Assignment of team members who will conduct the audit.
- Instructions will be given to the members of the team as to each member’s role and scope of responsibility in the audit.
- Development of an individual checklist.
- Audit Phase
- The auditors and the auditee will have an opening meeting which includes introductions and a brief discussion of the scope and purpose of the audit to be led by the ISO lead auditor. He/she also provides an overview of the processes involved when conducting an audit, especially when it comes to non-compliance. The date and time of the closing meeting is also arranged as well as arrangements for the departure of the auditors.
- The actual audit is now conducted. This is administered using the checklist that was previously developed and will be updated and expanded as necessary. It will be determined during this phase as to whether the implemented system is considered compliant or non-compliant. This will be based on objective data that has been collected, examined and documented. Any non-compliant processes will be marked and specified with justification included. For every activity being audited, the auditor will indicate whether it is acceptable, not acceptable and/or not applicable. Comments will also be made as necessary. The auditee should sign and acknowledge every non-compliant activity that is found.
- Results of the audit are now evaluated. Once the audit is finished, the audit team will meet and talk about their findings. Non-compliant activities and their validity will be reviewed. These findings are finally documented as CAR (Corrective Action Request) and only the nature of the non-compliant activity is mentioned.
- The auditors and the auditee meet once more for the closing meeting. The ISO lead auditor will now mention a summary of the finding and will ensure that the CAR is clearly understood by the auditee. The auditee is then asked to respond to the findings and is expected to administer action plans to ensure that the non-compliant activities will be compliant. This meeting can also be utilized for the auditee to mention that the evidence provided is not enough for the corrective action recommended. If the lead auditors agree to this, then the CAR for the specific non-compliance will be closed out and this is documented. The auditee also has the option not to acknowledge non-compliance. This, too, is documented.
- Audit Report. This is prepared under the guidance of the lead auditor. Important information regarding the audit is included in this report, such as:
- The name/company name of the auditee
- The coverage of the audit
- Time frame needed to complete the audit.
- Identification of people from the auditee who are directly responsible based on the coverage of the audit, including company representatives/employees and the audit criteria (e.g. quality system standard)
- Documentation of non-compliant activities
- Audit results
- If a follow-up audit is deemed necessary, it is to be stated here. Follow ups are usually for purposes of ensuring that CAR is implemented for non-compliance and closed out once accomplished. A deadline is usually given to correct non-compliance.
- General observations during the audit, such as compliant processes that may still be improved.
Aside from ISO audits, auditors are also required to ensure that they are always updated with current ISO standards, other requirements including legal requirements and about general trends (e.g. quality) in the management systems that they specialize on.
In conclusion, ISO auditors have a lot of tasks that need to be accomplished. Because of the fact that each organization has a different need, every audit is different and therefore allows more experience to be gained. ISO auditors also interact a lot with people like supervisors such as the ISO lead auditor, fellow auditors, and the personnel of the auditee. It is not unusual for conflicts to arise and therefore it is an expectation of auditors to be able to handle such situations as professionally as possible. Lastly, because of the nature of their work, ISO auditors will have a tendency to travel a lot in order to audit organizations or companies worldwide, therefore they might not see their families as often as they would want or compared to other types of jobs.
It is just as exciting as it is challenging to be an ISO auditor. This job is very demanding and one should take into consideration everything that has been mentioned in order to decide whether he/she truly wants to pursue this career.