Article Directory
Welcome to the TRECCERT article directory, where we feature news and insights on information security, data protection, business continuity, risk management and more. The information provided is based on research and acts as a valuable platform for ICT professionals to keep up with current developments, trends and more. To stay up to date and informed, check out the latest articles below.
Lead Auditor Tips on Creating an Effective Audit Team
According to ISO, auditing is “a systematic, independent and documented process for obtaining objective evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled”. Auditing is a crucially important activity for any organization that is interested in complying with applicable requirements and improving its processes and performance. As such, competent individuals, who are able to conduct various audit activities and use different methods, are necessary. Depending on the type of audit, there are different roles of auditors. One of the most sought-out roles related to auditing is the role of the Lead Auditor.
According to ISO, auditing is “a systematic, independent and documented process for obtaining objective evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled”[1]. Auditing is a crucially important activity for any organization that is interested in complying with applicable requirements and improving its processes and performance. As such, competent individuals, who are able to conduct various audit activities and use different methods, are necessary. Depending on the type of audit, there are different roles of auditors. One of the most sought-out roles related to auditing is the role of the Lead Auditor.
Lead Auditors are the persons in charge of leading an audit team. They generally perform second or third-party audits to evaluate the level of compliance of organizations with specific frameworks or requirements of international standards. The role of Lead Auditors is detrimental to many organizations, regardless of the function or the size of the organization.
In terms of functions, the career alternatives of Lead Auditors are numerous. Lead Auditors often have a proven set of skills with a couple of years of experience in the specific field. In addition to years of experience, many lead auditors have specialized certifications in management systems, information security, compliance, and other relevant fields. While there is a large assortment of types of certifications available for auditors, one of the most remarking certifications for Lead Auditors are the ones based on ISO Management System standards. Based on ISO standards, Lead Auditors may apply their knowledge in several fields such as information security, quality, business continuity, environment, energy, food safety, and more.
Lead Auditors have a key position between heads of departments and senior auditors. According to ISO 19011, the core competencies of Lead Auditors include leadership and their knowledge of audit principles, methods, processes, standards, information on auditee, and applicable requirements. Additionally, a critical competence of Lead Auditors is to select audit team members that are suitable for the needs of the audit team. However, as with anything involving people, building an effective team can be quite challenging.
In order to overcome this obstacle, the Lead Auditor should initially establish effective practices for screening and evaluating members of an audit team. This will ensure that there are objective criteria in place that influence recruitment decisions. It is important to keep in mind that the Lead Auditor can also take further action to acquire the competence of the audit team, including training and mentoring new auditors.
While technical competence is highly important for any audit team, it takes more than that for them to be effective. Collaboration between the audit team members is a key requirement to achieve effectiveness. In order to establish a positive culture that promotes collaboration and enables effectiveness, Lead Auditors should consider the following actions:
Establish Shared Goals and Objectives
High-performing audit teams have shared goals and objectives as well as defined responsibilities. Lead Auditors often fail to understand that individual tasks derive from shared team objectives. Those Lead Auditors see those two as being separate from each other, however when the link between the individual tasks and team objectives is missing, then the audit team members would lack an understanding of how their work is contributing to the overall purpose.
Have a Defined Role
Effective audit teams have a Lead Auditor with a defined role. The Lead Auditor is responsible to supervise the audit team and establish a line of command in order to achieve audit goals. Lead Auditors’ primary role is to make decisions and prepare for the consequences of their decisions. Another role of the Lead Auditor is to understand the differences between “managing” and “leading” an audit team. Knowing such differences indicates that the Lead Auditor takes responsibility not only to lead and establish commands but to deal with change proactively, create opportunities, create value as well as influence and inspire the audit team.
Establish Team Values
The Lead Auditor has the responsibility to build an audit team that revolves around four key values: honesty, loyalty, reliability, and trust. These are unwritten norms that direct how the work is done. For example, building an audit team where team members support and respect each other when dealing with difficulties is a sign of a healthy relationship in a team. Another value of a healthy team is when audit team members understand that their roles are connected to each other, and recognize that together they provide a greater output than the sum of their separate work. Communication is of high importance for the creation of shared team values, and that will be the focus of the next tip.
Establish Open Channels of Communication
The Lead Auditor should establish open lines of communication for audit team members. The purpose of this is to proactively address issues and concerns of the team members as well as build a collaborative environment where every member’s perspective and ideas are respected and utilized to conduct an effective audit.
Embrace Diversity
Last but not least, the Lead Auditor should convey the message that diversity in a team is not something that divides, but something that unites them. Every audit team member should expect diversity within the team and should adapt to the differences in style, attitude, and work ethic. At the end of the day, we are all different, so being accepting and respectful towards the differences of team members is what makes an exceptional audit team.
If you found this article helpful for creating an effective audit team and if you are interested in gaining competency as a Lead Auditor, please view our MS Lead Auditor course.
However, if you have audit experience and are looking to attest your skills as a Lead Auditor, find below the TRECCERT available certifications that you can earn after successfully passing the exam and fulfilling the requirements:
[1] ISO 19011 – Guidelines for Auditing Management Systems