An auditor (from the Latin audire “to hear, hear, listen, interrogate”) is a person who carries out an audit and checks through questioning, observing and listening how a person or organization is developing and whether specifications are being adhered to.
In quality, hygiene, environmental, data protection and occupational safety management
The auditor regularly reviews the management system in commercial enterprises, administrations and organizations.
The internal auditor has been assigned the management in internal audits , the development of quality management in departments and branch offices of a company by the system and process audits , as well as suppliers through supplier audits. Working closely with quality management, his superior is the quality management officer (QMB) . In small and medium-sized companies, he carries out some or all of the internal audits himself.
The external auditor is independent of the company to be examined and regularly reviews the current status of the management system on behalf of a certification company as part of the ongoing certification, usually annually. The entire management system, important central and point-by-point individual further processes are examined. If the result is positive, an initial certification is granted or the maintenance of the certificate is confirmed.
The external auditor is deployed in the sector in which he has in-depth professional experience that can be verified by the certification company.
- Data protection audit
- Audit of the information security management system
- Good Agricultural Practice (GAP) audit
- Audit of Good Manufacturing Practice (GHP, English: GMP), especially in the pharmaceutical industry
- Good Clinical Practice Audit (GCP)
- Good Laboratory Practice (GLP) audit , especially in the pharmaceutical industry
- Ethics audit , assessment of compliance with ethical standards (no child labor, no gender discrimination, no racial discrimination)
- Hygiene audit , assessment of medical and social facilities, restaurants or other food companies for compliance with hygienic standards such as hazard analysis and critical control points (HACCP) or International Featured Standard (IFS)
- Legal compliance audit , review of legal certainty (contracts, laws, standards)
- Supplier audit of suppliers of raw materials , purchased parts or services in order to analyze the supplier's performance and, if necessary, improve it
- Risk management audit, review of risk management
The training of auditors in quality and environmental management is regulated in ISO 19011 and is adopted by many other management systems. There are numerous providers of training for internal and external auditors for the various management systems and audit types.
- Internal auditor
- The training of internal auditors is often carried out as so-called in-house training; the trainer goes to the company and trains the designated employees there. The requirements of the company can be specifically addressed and instructed using practical examples from your own company. The training ends with an exam.
- External auditor (in Germany)
- External auditors are trained at certified training centers, such as the DGQ , the DQS or the TÜV . The passed QMB exam is considered a pre-qualification. After completing the course, the participant is required to pass a written examination in order to obtain a certificate bearing the logo of the German Accreditation Council (DAR) or the successor organization, the German Accreditation Service (DAkkS).
- In order to be allowed to work as an auditor for a certification company, the examinee must meet further criteria. First he has to observe an experienced auditor for a certain number of person-days as an "observer", then in turn audit a certain number of person-days himself under the supervision of an experienced auditor. Only when these times have been achieved within a certain period and the prospective auditor has received a positive assessment from the experienced auditor is it possible to obtain approval as an auditor. For this purpose, the results of the written test as well as the audit log and the assessment must be submitted to the responsible body. This office then decides whether and for which industries (depending on the apprenticeship / degree) the applicant is admitted. However, a newly approved auditor may only carry out periodic audits alone or work in a team with a lead auditor. Only when the “new” auditor has carried out a certain number of audits can he act as an acting lead auditor (lead auditor under supervision) under the supervision of a lead auditor. After a certain number of audits as an acting lead auditor, he can in turn be approved as a lead auditor himself and may then also carry out initial certifications on behalf of an accredited body. In order to recertify his personal auditor certificate, he has to prove a set number of audits every three years. These are to be evidenced by confirmations from the supervised companies or audit reports. If an auditor wants to expand his qualification to include a further branch, he usually has to hold a "technical discussion" with the accredited body, in which he has to prove that he has sufficient knowledge to be able to audit companies in this branch.
Other Q professions
- Quality Management Officer (QMB)
- quality manager
In administration and jurisdiction
The term was used in a variety of ways earlier: Auditors were a. Officials of the Roman Curia : The papal embassy secretary was called auditoriate. Even today, a higher-ranking diplomatic employee of a nunciature is referred to as " Uditore ", as are the legal advisers of the papal authorities. Later, the examining magistrates at church courts were also called auditors.
In Switzerland , the federal auditor stands for a public prosecutor for military justice or, in certain cantons (e.g. the canton of Zurich ), for a legal trainee (trainee at a court or a public prosecutor's office to prepare for the bar exam ).
In religious communities
In Manichaeism , parts of Gnosis and later movements that followed this, such as the Cathars , for example, those members were referred to as auditores or audientes who did not want to or could not assume all the obligations of this religion, and therefore only as "listeners" to ritual performances and Faith instruction (comparable to the catechumenate of Christianity) took part (cf. also Electi ).
- Integrated management system
- In the English-speaking world, the controller is described by the term auditor.