Competence

All staff involved in the certification decision making process and any supporting processes must meet certain competence requirements and maintain a competence record with Assurco.

Auditor Competence

People who conduct audits for the purposes of accredited certification must meet our competence criteria for each scheme and industry including:

• A.2.1 Knowledge of business management practices.
• A.2.2 Knowledge of audit principles, practices and techniques based on ISO 19011 Guidelines for auditing management systems.
• A.2.3 Knowledge of specific management system standards/normative documents
  • ISO 17021 Part 2: Competence requirements for auditing and certification of environmental management systems
    [Technical Specification]
  • ISO 17021 Part 3: Competence requirements for auditing and certification of quality management systems
    [Technical Specification]
  • ISO 17021 Part 6: Competence requirements for auditing and certification of business continuity management
    systems [Technical Specification]
  • ISO 27006: Part 1: Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of information security management systems.
• A.2.4 Knowledge of certification body’s processes.
• A.2.5 Knowledge of client’s business sector, based on IAF ID1 or NACE Codes.
• A.2.6 Knowledge of client products, processes and organisation.
• A.2.7 Language skills appropriate to all levels within the client organisation.
• A.2.8 Note-taking and report-writing skills.
• A.2.9 Presentation skills.
• A.2.10 Interviewing skills.
• A.2.11 Audit-management skills.

Certification Committee Competence

People who review audit reports and make certification decisions must meet our competence criteria for each scheme and industry including:

• A.3.1 Knowledge of audit principles, practices and techniques.
• A.3.2 Knowledge of specific management system standards/normative documents.
• A.3.3 Knowledge of certification body’s processes.
• A.3.4 Knowledge of client’s business sector, based on IAF ID1 or NACE Codes.

Office Staff Competence

People who review certification applications, determine audit team competence, audit team members and audit time (based on MD 5, ISO 27006-1) must meet our competence criteria for each scheme and industry including:

• A.4.1 Knowledge of specific management system standards/normative documents.
• A.4.2 Knowledge of certification body’s processes.
• A.4.3 Knowledge of client’s business sector, based on IAF ID1 or NACE Codes.
• A.4.4 Knowledge of client products, processes and organisation.

Evaluating Competence

Each individual’s competence record may include the following evidence against each of the competence requirements:

• B.2 Review of records
• B.3 Feedback
• B.4 Interviews
• B.5 Observations
• B.6 Examinations

Impartiality Committee Competence

The members of the impartiality committee must meet basic competence and eligibility criteria:

• I.1 Knowledge of audit principles, practices and techniques.
• I.2 Knowledge of certification body’s processes.
• I.3 Language skills appropriate to all levels within the client organisation.

In addition the Impartiality Committee must operate to the established Terms of Reference which includes:

• No shareholder or director will be eligible to vote on impartiality matters.
• Declare to the committee any conflict of interest or potential conflict of interest.

Competence Profile

A competence profile will be maintained for all auditors, certification committee members and office staff to record evidence of competence and the methods through which it was evalutated.

All people are expected to maintain their competence profile and keep it up-to-date.