Third-party auditors are those who perform an external and independent audit of an organization’s management system to evaluate if it meets the requirements of a specific standard; if successful, this third-party audit will provide the organization with certification or registration of conformity with the given standard.
A third party audit is carried out by a Registrar/Certification Body (CB) hired by the organization; therefore, in order for someone to be a third-party auditor, he/she needs to be employed by a CB. All CB, before hiring an auditor, need to ensure that the auditor possesses the knowledge and skills necessary to achieve the intended results of the audits they are expected to perform. Some of these are described below.
- Personal attributes that will enable them to act in accordance with the principles of auditing, which include ethical conduct, fair presentation, due professional care, independence, and free use of an evidence-based approach.
- Knowledge on the contents of ISO 19011: 2011, Guidelines for auditing management systems.
- Knowledge and skills on audit principles, procedures and methods, which will enable them to conducted audits in a consistent and systematic manner.
- They should be able to exhibit professional behavior during the performance of audit activities, including being ethical, open-minded, diplomatic, observant, perceptive, versatile, tenacious, decisive, self-reliant, open to improvement, culturally sensitive, and collaborative.
- Knowledge and skills on management system and reference documents that will enable them to comprehend the audit scope and apply audit criteria.
- Sector specific knowledge which will enable them to comprehend the organization’s structure, business, management practices and the legal and contractual requirements applicable to the organization being audited.
As indicated in ISO 19011, someone pursuing to become a third-party auditor can acquired all these knowledge and skills by using a combination of the following:
- Formal education/training and experience that contribute to the development of knowledge and skills in the management system discipline and sector the auditor intends to audit.
- Training programs that cover generic auditor knowledge and skills.
- Experience in a relevant technical, managerial or professional position involving the exercise of judgment, decision making, problem solving and communication with managers, professionals, peers, customers and other interested parties.
- Audit experience acquired under the supervision of an auditor in the same discipline.
After acquiring all the necessary knowledge and skills and successfully being employed by a CB, third-party auditors must pledged to advocate a particular code of ethical conduct in the performance of an audit and they must abide the internal policies and rules of the CB that hires them. All these requirements must be followed in order to protect everyone involved in the audit process.