Let's begin with the question: What does an ISO Lead Auditor do?
When the expression Lead Auditor is used, it refers to an auditor who leads an ISO management system audit, usually independent of the organization being audited.
That is, a lead auditor of a Certification Body providing an independent third-party assessment of the level of compliance by an organization with the requirements of ISO 9001 (a QMS Audit) or of another specified ISO Standard.
Upon successfully passing an audit, and based on an Audit Report produced by the Lead Auditor, the Certification Body issues a Certificate of compliance.
Where do Lead Auditors work?
The Finance profession tends to use expressions like an internal auditor and lead auditor as if they applied to the finance function only.
ISO Management System Standards apply to any functions - quality, environment, energy, medical device manufacture, food safety, occupational health and safety, information security, etc. Therefore, career options for internal auditors and lead auditors are practically endless.
It's best, however, to refer to ISO Internal Auditors and ISO Lead Auditors regarding these Standards.
Where do the different ISO Standards fit in?
An auditor trained in the requirements of ISO 9001, the quality system standard, is not equipped to audit against the requirements of, say, ISO 14001, the environmental management system standard,
So, an ISO 9001 Lead Auditor would need additional training (an ISO 14001 Lead Auditor Extension Course) before they were capable of conducting an ISO 14001 audit.
How then does one become a Lead Auditor?
It’s not about getting a Certificate
Once upon a time, it was – certification equals competency - and organizations like IRCA built a recognized Register of Lead Auditors.
As ‘the only game in town’ lead auditor training was taken not only by Certification Body Lead Auditors but also by Consultants and QHSE Managers (especially in their role as Audit Program Managers) wishing to develop their skills and expertise.
Since 2011, a Lead Auditor Certificate alone is no longer acceptable as proof of competency as ISO 19011, Guidelines for auditing management systems, made clear. It defined competence as the ‘ability to apply knowledge and skills to achieve intended results’.
Registers of Lead Auditors are redundant. And they are redundant because they are pointless as they do not demonstrate competency.
What are the required Lead Auditor Competencies?
ISO 19011 sets out 5 headings in determining auditor competence, namely,
- General: organizational knowledge, skills and experience; working at a supervisory or managerial level is essential.
- Personal behavior: a range of personal attributes and professional behaviors are needed including ethical, open-minded, diplomatic, observant, perceptive, tenacious, decisive, culturally sensitive, ability to act with fortitude, etc.
- Knowledge and skills: to successfully complete an audit generic competence (incl. auditing skills) and a level of discipline and sector-specific knowledge and skills (i.e. of the applicable ISO Standard and of the economic sector being audited) are required
- Achieving Auditor Competence: after ISO Auditor Certification, you can build experience by participating in a number of audits in the role of Team Auditor.
- Achieving audit team leader competence: with sufficient experience, being able to successfully lead an audit team and interact with the auditee and carry out the associated administrative tasks (audit findings, audit conclusion, audit report, etc.)
So, what are the steps involved in becoming a competent ISO Lead Auditor?
We've identified 7-steps to ISO Lead Auditor Competency
Here are the steps you need to take:
Step 1: Satisfy yourself that you have the temperament and personal attributes needed to be a successful Lead Auditor.
Step 2: Check that you have the technical experience, subject expertise, supervisory and managerial experience needed to conduct an audit.
Step 3: Complete an ISO Lead Auditor Certification Course – either a 5-day conventional course or a 30-hour online course.
Step 4: Undertake internal audits as often as possible – 3 times-a-year is considered the minimum needed to maintain auditing skills. But you need to do more.
Step 5: Approach one or more Certification Bodies requesting auditing work. Good technical and sectoral skills will open opportunities here. For example, you may initially be engaged as a Technical Expert to accompany an Audit Team. Or you may be asked to act as an Observer to build your on-the-job understanding of the CBs processes.
Step 6: Next comes working for a CB as a Team Auditor. CB’s processes require a minimum number of such audits before you are ready to progress.
Step 7: Finally, having been successfully evaluated by the CB as competent, you are asked to lead an Audit Team – you are the Lead Auditor.
‘Horses for Courses’
Of course, working for a Certification Body may not be your ambition. You may be considering a Lead Auditor Course to deepen your knowledge and skills as a Consultant or as a QHSE Manager. That’s perfectly sound thinking and leaves open the door taken by many consultants and QHSE Managers further on in their careers to boost their income by working for a Certification Body.
More Information on auditing
For more in-depth information, we recommend you read ISO 19011:2018, especially:
- Part 7: Competence and evaluation of auditors, and
- Annex A: Additional guidance for auditors planning and conducting audits.
- ISO 9001 Lead Auditor Certification Course
- ISO 13485 Lead Auditor Certification Course
- ISO 14001 Lead Auditor Certification Course
- ISO 17025 Lead Auditor Certification Course
- ISO 27001 Lead Auditor Certification Course
- ISO 45001 Lead Auditor Certification Course
- Affordable ISO Lead Auditor Training Online
- If you manage a QMS, don't take a Lead Auditor Course!
- Do ISO Lead Auditor Training Days Matter?
- ISO Auditor Certification: boosts your job prospects
- How deGRANDSON's e-Training Courses Differ from Others
Note: First published in July 2019; revised and updated in April 2022.
deGRANDSON Global is an ISO Certified Educational Organization
We have chosen ISO 21001 certification because, unlike IRCA and Exemplar badges (which in our opinion are commercially compromised), it is based on independent third-party assessment. It is a ‘university grade’ standard in use globally by schools, colleges, and universities to demonstrate their competence.