8.2.2 The Internal Auditor – 2023 Update

By Scott Dawson
September 15, 2021

Selecting the Right People for the Internal Auditor

Through this informative guide, we’ll walk you through the role details, qualifications, training requirements, and responsibilities of an ISO internal auditor.

Role Of The Internal Auditor

The internal auditor role is normally staffed by a number of experienced employees from throughout the organization. The purpose of the internal audit is to confirm that the company’s documentation meets requirements (e.g. ISO9000, OSHA, etc.) and that day-to-day operations follow the documentation. So, the internal auditor must serve as:

  • A catalyst
  • An interface between different groups
  • An advisor
  • A reporter of fact
internal auditor

As the auditor serves in this role, he/she must be careful to bring an objective, professional perspective to the job. This means the auditor is not:

  • An inquisitor
  • A fault finder or rock thrower
  • Biased (for or against)
  • Dishonest
  • A policeman
  • An inspector of products

Selection of candidates for the role of internal auditor should be made based on several factors:

ISO Internal Auditor Role Qualifications

Personal Interest

Desire to take on extra responsibility.


Knowledge, skills, abilities, experience.

Work ethic

Ability to high quality and efficiency without direct supervision.

Specific minimum qualifications that should guide the selection of auditors include:


Demonstrated competence in clear and fluent oral communications and in written concepts and ideas.


Three to four years full-time workplace experience.

Understand the role of individual units within the overall organization.

Personal Qualities

Communication skills






Personal Attributes

Open-minded and mature

Sound judgment

Analytical skills and tenacity

Ability to perceive situations in a realistic way

Understand complex operations from a broad perspective

Auditor Training

There’s more to becoming an auditor than having an interest in the field and the right qualities for the job — though these characteristics are undoubtedly important. To earn an ISO 9001 auditor position, you must have the necessary education, go through extensive training, and acquire the proper certifications to ensure you’re fully equipped to take on the role.

Specific skills for internal auditing are supported by training in:

auditor in training
  • Knowledge and understanding of the standards used.
  • Assessment techniques of questioning, evaluating, and reporting.
  • Audit management and auditing skills such as planning, organizing, communicating, and directing.


Most auditor positions require candidates to have at least a bachelor’s degree in a related field, such as finance, accounting, business, economics, or data analytics. Typically, an accounting degree is preferred, as this major equips students with the educational qualifications necessary to earn their Certified Public Accountant (CPA) license.

Accounting programs teach individuals accounting and bookkeeping methods, along with how to apply economic theories to businesses and financial systems. An accounting degree also ensures students can handle statistics and perform the mathematical operations necessary for accounting processes.

Though a bachelor’s degree is standard, some employers prefer applicants to have a master’s degree in accounting or business administration with a focus on accounting to give them more advanced knowledge and skills.


Though not required, many people pursuing a career as an ISO 9001 auditor will attain an internship that allows them to achieve practical, hands-on experience in the field. This experience gives these individuals a sense of what ISO internal audits entail and provides a feel for whether the profession is a good fit for them. Internships also give students the chance to network with other professionals and get noticed by potential employers.

trainers for auditors

Once hired, all auditors must go through a training phase where a certified professional supervises them as they learn the job’s responsibilities. Trainees will also work alongside an experienced employee who can give them personalized guidance as they navigate their everyday tasks. The length of this training varies by the accounting firm and specific auditing position — for example, an internal auditor vs. lead auditor — but most trial periods last a year or longer.

CPA Certification

Though having a Certified Public Accounting license isn’t always necessary to start a career in auditing, most firms require their employees to obtain this certification. To earn your CPA license, you must complete at least 150 hours of relevant academic coursework and pass the Uniform CPA Examination. This four-part test includes a mixture of multiple-choice and simulation questions covering the areas of:

  • Auditing and attestation.
  • Financial accounting and reporting.
  • Regulation.
  • Business environment and concepts.

You can take all four sections at once or in segments, but you must pass them within 18 months of completing the initial section.

ISO Internal Auditor Responsibilities

The tasks of the internal auditor include:
  • Obtain and assess objective evidence fairly.
  • Remain true to the purpose of the audit without fear or favor.
  • Evaluate constantly the effects of audit observations and personal interactions during an audit.
  • Treat concerned personnel in a way that will best achieve the audit purpose.
  • Perform the audit process without deviating due to distraction.
  • Commit full attention and support to the audit process.
  • React effectively in stressful situations.
  • Arrive at generally acceptable conclusions based on audit observations.
  • Remain true to a conclusion despite pressure to change that is not based on evidence.

Auditor Selection

The selection of appropriate individuals to invest the training and time commitment should consider matching personal qualifications with an understanding of the role and responsibilities of the auditor. Another important factor to consider is that the audit team must consist of individuals from a variety of functions. This supports the requirement that auditors must not audit their own function or department in order to maintain objectivity:

Selecting an internal auditor

“…selection of auditors and conduct of audits shall ensure objectivity and impartiality of the audit process. Auditors shall not audit their own work.” (ref. 8.2.2, ISO9000).


Becoming an Internal Auditor

Internal auditors conduct assessments to verify a company’s documentation meets ISO 9001 requirements. If you’re interested in conducting ISO internal audits, you must first gain the proper skills, qualifications and training to earn an auditing position, including the necessary education, experience, and personal attributes. With so many ISO auditor responsibilities, it’s vital to know the ins and outs of this field before taking the steps to become an auditor.

Book ISO Internal Audit Services at Core Business Solutions Today

For ISO auditing services from expert consultants who care, choose Core Business Solutions. We’re committed to helping small businesses succeed by implementing management systems that embrace simplicity and innovation.

Contact us to learn more about our services today!

Related Articles:

ISO 9001 Clause 5.2 – The Quality Policy

ISO 9001 Clause 5.2 – The Quality Policy

Quality Policy Explained - 2023 Update ISO 9001 is a quality management system (QMS) standard. It helps you build a QMS that pushes your business toward continual improvement. And it all comes...