The new IRCA Corporate Auditor

IRCA has recently launched a new certification product - the Corporate Auditor. The programme has since been accredited by the United Kingdom Accreditation Service (UKAS) against the standard ISO 17024. We would like to use this issue of INform to provide readers with the background and purpose of this new product.

Corporate Auditor image

A new level of Competence

Some time ago IRCA completed some fascinating research with end users of systems certification and employers of auditors.  The message was that the current systems auditor is competent when it comes to technical industry competence, to understanding compliance to specific systems, and to managing audit processes.

However, there was a clear need for a new kind of auditor who can provide meaningful audit findings for top management on how the management system(s) can support the organization’s business strategy and objectives and to meet its stakeholders’ needs. In other words, there was a need for the auditor and for audit to move from the tactical to the strategic, from compliance to excellence.

The Corporate Auditor was the result of this research and the competences for this grade are quite familiar in many ways:

Understanding Business

Planning the audit

Leading, organising & directing the audit team

Managing the audit process

Gathering audit evidence

Evaluating findings and drawing appropriate conclusions

Communicating

Adapting and coping

 

The fundamental difference is the issue of 'understanding the business' and how the management system supports the organization's business objectives and stakeholder requirements, including the needs of customers, regulatory bodies and so on. This means that the Corporate Auditor must have an understanding of business issues ranging from business planning and strategy to project management and even finance.

The Corporate Auditor must be able to apply this knowledge to fulfil his or her key function: to provide value to those organizations that rely significantly on accredited certification as a means of establishing that their management system is optimally configured to deliver their business and corporate objectives.

The Corporate Auditor will fulfil this function through his or her ability to interact with top management, and by identifying management system problems and risks that may prevent the organization from meeting its business objectives, and also by identifying opportunities for improvement.

A new type of examination

In developing this innovative product we have not only provided a certification at the very highest level of competence, we have also employed the latest thinking in testing that competence. That thinking comes from the relatively new standard: ISO 17024:2003, Requirements for bodies certifying persons. ISO 17024 dictates that examination must meet three requirements: it must be independent, valid and fair.

This new competence-based examination means that we no longer rely on self declarations in the form of work experience and audit records, or on training courses. Instead, auditors must demonstrate they are able to apply the skills knowledge and personal attributes at a one-day Assessment Centre which employs a combination of examination methods.

  1. An occupational personality questionnaire
    This questionnaire tests the candidate's attributes. The test is not pass or fail because humans have behavioural traits (a tendency to be overly accommodating) and we need to test that candidates recognize these traits and can manage their behaviour appropriately in an audit context.
  2. A competence-based interview
    The interview lasts 90 minutes and is based on the candidate's application form and a case study audit provided by the candidate in advance. It is in this interview that our trained examiners look for evidence that the candidate is able to understand an auditee organization in terms of stakeholder and business requirements and deliver an audit which focuses on this and how the organization's system supports these stakeholder needs and its own objectives. The interview is also an opportunity for the examiner to probe any behavioural traits that the occupational personality questionnaire (see 1 above) highlighted for review.
  3. A written in-tray task
    This 70 minute task is undertaken by the candidate alone and requires the candidate to work through a large amount of information and data to provide a cogent report and findings for top management, mirroring the challenge faced by auditors on-site and the level of outcome required from a Corporate Auditor.
  4. A collaborative group task
    This 70-minute task is similar to the individual written task, except in this case the candidates operate as a team of 4 to 6, working through a pile of information and data and agreeing findings for top management, again mirroring the challenge faced by auditors on-site and the level of outcome required from a Corporate Auditor. The group task is again an opportunity for the examiner to probe any behavioural traits that the occupational personality questionnaire highlighted for review.

During the Assessment Centre a single candidate will be examined by up to 4 qualified examiners: an expensive but extremely robust system, which is now accredited by UKAS against ISO 17024.

ISO 17021-1 and ISO 17021-2

There is a more general shift away from the qualification-based approach to the competence-based or output-based approach in the certification industry. This is embodied in the standards ISO 17021 part 1 and 2 – which both focus on the concept of 'competence' for all concerned in the third party audit process. It is likely that accreditation bodies will increasingly expect certification bodies to take this competence approach with their audit staff.

Those of us involved in the auditor certification side of the industry have been grappling with the competence concept since 2003 when our own accreditation standard, ISO 17024, was published, so we have some insight and, I venture, we can help.

We don't expect that certification bodies will want to progress all their auditors to the new Corporate Auditor grade - that is not its purpose. However, this product does show how competence can be defined in terms of the application of knowledge, skills and attributes to a defined performance level, and how competence can be examined in a robust manner.

The Corporate Auditor programme is intended to complement, not replace, the qualification based programmes by providing a premium certification grade positioned above the other grades.

'The programme is intended for the very best'

It is very demanding and evidence to date indicates that less than 10% of those currently on the IRCA register are likely to pass the evaluation. Employers of Corporate Auditors can now demonstrate to key, high-complexity or high-value clients that they have auditors of the best calibre demonstrated through an ISO 17024 compliant and independent third party certification.

It is also worth noting that there is one grade only in this programme, which has as its core in the demonstration of generic auditing skills. It is not restricted to any one management system context (QMS, EMS, OHSMS, etc). Instead it focuses on the generic knowledge, skills and attributes defined in ISO 19011:2002, Guidelines on Quality and/or Environmental Management Systems Auditing.

Audit 2020

The Corporate Auditor speaks to the requirement for management systems audit to become excellence focused, not simply compliance focused, delivering a significant change in value for all stakeholders. It also provides an insight into the trend towards the competence approach embedded in ISO 17021 and ISO 17024. IRCA recognizes that this future may take some time to come into being, but we are here and ready to help…

For more information on the Corporate Auditor programme: http://www.irca.org/certification/certification_13.html

 
Online Forums logo
Give us your opinions now in the Online Forums.