9.2 Auditor competence, evaluation, personal behaviours & IRCA certification grades

Key Takeaways

  • ISO 19011 Clause 7 separates generic auditor competence, needed by every management-system auditor, from discipline- and sector-specific competence needed for the standard and industry being audited.
  • ISO 19011 specifies personal behaviours auditors should demonstrate, including being ethical, open-minded, diplomatic, observant, perceptive, decisive, self-reliant, acting with fortitude, and culturally sensitive.
  • Auditor competence is evaluated through a four-step process: determine competence needed, establish evaluation criteria, select an evaluation method, and conduct the evaluation using combined methods.
  • Auditors maintain competence over time through continuing professional development, further audits, training, and periodic performance review or witnessed audits.
  • The CQI-IRCA scheme grades auditors from Provisional Auditor through Auditor, Lead Auditor, and Principal Auditor based on training plus verified audit experience, with registration maintained through annual CPD.
Last updated: July 2026

Everything a lead auditor does — planning, conducting, grading nonconformities, writing reports — depends on the auditor being genuinely competent and behaving in a way that earns trust from the auditee. ISO 19011:2018 Clause 7, Competence and evaluation of auditors, sets out exactly what that means.

Required Knowledge and Skills

ISO 19011 splits auditor competence into generic competence (needed by every management-system auditor, regardless of discipline) and discipline- and sector-specific competence (needed for the specific standard and industry being audited — here, ISO 9001 and the client's sector).

Generic knowledge covers understanding of:

  • Audit principles, procedures, and methods, so the audit is planned and run consistently.
  • The management system standard and any normative/reference documents used as audit criteria.
  • The organization and its context — structure, culture, processes, and how it manages risk.
  • Applicable statutory, regulatory, and contractual requirements relevant to the client.

Generic skills matter just as much: applying audit procedures competently, managing audit time, prioritizing significant matters, communicating effectively (including through an interpreter where needed), gathering evidence through effective interviewing, listening, observing, and document review, understanding when and how to sample appropriately, and verifying that collected information is accurate and sufficient to support conclusions. A lead auditor also needs discipline-specific skills for leading a team — assigning responsibilities, resolving conflicts within the team, and managing the overall audit process under time and resource pressure.

Personal Behaviours

Knowledge and skill are necessary but not sufficient — ISO 19011 also specifies the personal behaviours an auditor should demonstrate, because an audit is fundamentally a human interaction that depends on trust. The standard lists:

  • Ethical — fair, truthful, sincere, honest, and discreet.
  • Open-minded — willing to consider alternative ideas or points of view.
  • Diplomatic — tactful in dealing with people.
  • Observant — actively aware of physical surroundings and activities.
  • Perceptive — instinctively aware of and able to understand situations.
  • Versatile — able to adjust readily to different situations.
  • Tenacious — persistent and focused on achieving objectives.
  • Decisive — able to reach timely conclusions based on logical reasoning and analysis.
  • Self-reliant — able to act and function independently while interacting effectively with others.
  • Acting with fortitude — able to act responsibly and ethically even though the actions may not always be popular and may sometimes result in disagreement or confrontation.
  • Open to improvement — willing to learn from situations and strive for better audit results.
  • Culturally sensitive — observant of and respectful to the culture of the auditee.
  • Collaborative — effectively interacting with others, including audit team members and the auditee's personnel.

For the exam, the most commonly tested behaviours are diplomacy under pressure (staying calm and professional when a finding is disputed), decisiveness (not endlessly re-checking evidence that already supports a clear conclusion), and acting with fortitude (raising a nonconformity even when it is unwelcome news for a senior stakeholder).

Evaluating and Maintaining Auditor Competence

ISO 19011 treats auditor competence as something to be actively evaluated, not assumed after initial training. The standard describes a four-step process:

  1. Determine the competence needed for the specific audit programme — discipline, sector, audit type, and role (team member versus team leader).
  2. Establish evaluation criteria, both qualitative (demonstrated behaviour, knowledge, and skills) and quantitative (years of relevant experience, number of audits completed, hours of audit-related training).
  3. Select an evaluation method — commonly a combination of: review of records (qualifications, training, work experience); feedback from peers, auditees, or audit team leaders; interviews; observation during a live or witnessed audit; and testing (written or oral).
  4. Conduct the evaluation, combining methods for an objective, consistent, fair, and reliable result — a single method rarely provides sufficient evidence on its own.

Competence is then maintained and improved through ongoing professional development: keeping current with changes to ISO 9001 and ISO 19011, sector developments, and legal/regulatory changes; participating in further audits, training, and mentoring; and undergoing periodic performance appraisal or witnessed-audit review by an audit programme manager.

The IRCA Auditor Certification Route

CQI and IRCA operate the best-known independent auditor certification scheme in this field, sitting on top of — not instead of — the competence requirements above. Progression through IRCA's QMS auditor scheme runs through grades of increasing seniority:

GradeTypical requirement
Provisional AuditorCompleted a certified training course (e.g., this lead-auditor course); little or no verified audit experience yet
AuditorTraining plus a minimum amount of verified audit experience gained as part of an audit team
Lead AuditorFurther verified experience, including experience leading and managing an audit team
Principal AuditorExtensive, senior-level verified experience across multiple audits and sectors

The route starts with completing an accredited training course like this one — the certificate of achievement is generally treated as valid evidence of underpinning knowledge for five years, which is why the exam and course sit at the very entry point of the pathway rather than at its end. From there, a candidate accumulates supervised or witnessed audit experience on real audits, then applies to IRCA with documented evidence of training and experience to be awarded the appropriate grade. Registration is not permanent on award: auditors must maintain it through continuing professional development (CPD), logging ongoing training, audit activity, and development each year — the same "evaluate and maintain competence" philosophy ISO 19011 sets out for any management-system auditor, applied by a professional body rather than a single certification body.

Test Your Knowledge

During an audit, an auditee's process owner becomes visibly frustrated and pushes back hard when the auditor identifies a gap between documented procedure and actual practice. The auditor stays calm, acknowledges the process owner's concerns, and tactfully explains the objective evidence supporting the finding without escalating the conflict. Which ISO 19011 personal behaviour is this auditor primarily demonstrating?

A
B
C
D
Test Your Knowledge

Under the CQI-IRCA auditor certification scheme, what is generally required to progress from Provisional Auditor to the Auditor grade?

A
B
C
D
Congratulations!

You've completed this section

Continue exploring other exams