English (UK) hello@isochecklist.com
Help & FAQ Contact Us
Cart (0)
HomeInternal AuditAudit Training

ISO Internal Auditor Training Guide

Everything you need to know about becoming a competent internal auditor for ISO 9001, ISO 14001, ISO 45001 and other management system standards.

What Does an Internal Auditor Do?

An internal auditor conducts planned, systematic audits of the organisation's management system — whether that is a Quality Management System (QMS) under ISO 9001, an Environmental Management System (EMS) under ISO 14001, or an Occupational Health & Safety Management System (OH&S MS) under ISO 45001.

The purpose of these audits is to verify that the management system conforms to both the requirements of the relevant ISO standard and the organisation's own documented policies, procedures, and processes. Internal auditors are not there to find fault — they are there to provide objective evidence of how well the system is working and where it can be improved.

Key responsibilities of an internal auditor include:

  • Planning and conducting audits against the standard's requirements and the organisation's own documented procedures
  • Gathering objective evidence through interviews, observation, and document review
  • Recording audit findings — including nonconformities, observations, and positive findings
  • Reporting results to management in a clear, factual manner
  • Identifying opportunities for improvement across the management system
  • Following up on corrective actions to verify they have been effectively implemented

Key Competencies for Internal Auditors

ISO 19011:2018 (Guidelines for auditing management systems) outlines the personal behaviours and competencies expected of auditors. A competent internal auditor needs a combination of knowledge, skills, and personal attributes:

  • Knowledge of ISO standards — A thorough understanding of the relevant standard (ISO 9001, ISO 14001, ISO 45001, or others) including its structure, intent, and specific requirements
  • Understanding of audit principles — Familiarity with the principles that underpin effective auditing: integrity, fair presentation, due professional care, confidentiality, independence, and an evidence-based approach
  • Interview and communication skills — The ability to put auditees at ease, ask open-ended questions, listen actively, and probe for detail without being confrontational
  • Analytical and problem-solving ability — The capacity to assess evidence objectively, identify patterns, distinguish between isolated incidents and systemic issues, and determine root causes
  • Report writing skills — The ability to document findings clearly and concisely, distinguishing between facts and opinions, and writing nonconformity statements that are accurate and actionable
  • Objectivity and impartiality — The discipline to audit without bias, set aside personal opinions, and base all conclusions on verifiable evidence
  • Attention to detail — A careful, methodical approach that ensures nothing is overlooked and all relevant evidence is captured accurately

Internal Auditor Training Options

There is no single “correct” path to becoming a competent internal auditor. Organisations typically use one or more of the following approaches, depending on budget, timescales, and the auditor's existing experience:

Formal Training Courses

Classroom-based or online courses are the most structured route. A typical internal auditor course runs for 2–3 days and covers the standard's requirements, audit planning, conducting the audit, reporting, and corrective action follow-up. Many courses are accredited by professional bodies such as IRCA (International Register of Certificated Auditors) or CQI (Chartered Quality Institute), which adds credibility to the training and the auditor's qualifications.

On-the-Job Training

Pairing a new auditor with an experienced colleague is one of the most effective ways to build practical skills. The trainee shadows the lead auditor through several complete audit cycles, gradually taking on more responsibility — from note-taking to conducting interviews, and eventually leading audit sessions independently.

Self-Study

For individuals who prefer to learn at their own pace, self-study using guides, published standards, practice checklists, and online resources can be a viable option. While self-study provides a good theoretical foundation, it should ideally be supplemented with practical experience to develop the soft skills needed for effective auditing.

Combination Approach

The most effective training strategy combines formal education with hands-on experience. A typical path might include completing a formal training course, followed by shadowing experienced auditors on several real audits, then conducting audits under supervision, and finally auditing independently. This blended approach ensures auditors have both the theoretical knowledge and the practical skills they need.

The Audit Process Step by Step

Whether you are auditing a single department or an entire management system, the audit process follows a consistent sequence of stages. Understanding each stage helps auditors stay organised and ensures nothing is missed:

  1. Planning — Define the audit scope, criteria, and objectives. Agree on the audit schedule, allocate resources, and assign audit team members. Consider risks and previous audit results when setting priorities.
  2. Preparation — Review relevant documents including the standard, procedures, process maps, previous audit reports, and corrective action records. Prepare an audit checklist tailored to the area being audited.
  3. Opening Meeting — Introduce the audit team to the auditees, confirm the scope and objectives, explain how the audit will be conducted, clarify the reporting process, and answer any questions.
  4. Conducting the Audit — Gather evidence by interviewing process owners and operators, observing activities as they happen, and examining records and documents. Use the checklist as a guide but follow the trail of evidence wherever it leads.
  5. Recording Findings — Document all findings as you go. Classify them as nonconformities (major or minor), observations (potential issues or areas for improvement), or positive findings (examples of good practice). Each nonconformity should state the requirement, the evidence, and the gap between them.
  6. Closing Meeting — Present the audit findings to the auditee and their management. Summarise what was audited, highlight positive findings, present any nonconformities, agree on corrective action responsibilities and timescales.
  7. Reporting — Write a formal audit report that includes the audit scope, criteria, team, findings, conclusions, and any agreed actions. Distribute the report to relevant parties within the agreed timeframe.
  8. Follow-up — Verify that corrective actions have been implemented within the agreed timescales and, critically, that they are effective in preventing recurrence. Close out findings only when satisfactory evidence is provided.

Our Audit Resources

Training is only part of the equation — having the right tools and templates makes the practical side of auditing far more manageable. We have developed a range of resources specifically designed to complement your auditor training:

  • Internal Audit Checklist— A comprehensive, clause-by-clause checklist that guides you through every requirement of the standard. Ideal for both new and experienced auditors to ensure thorough coverage during audits.
  • Audit Templates— Ready-to-use templates for audit plans, audit schedules, audit reports, nonconformity reports, and corrective action tracking. These templates save time on documentation so you can focus on the audit itself.
  • Audit Report Templates— Professional audit report templates that help you present your findings clearly and consistently. Includes sections for scope, methodology, findings, conclusions, and recommended actions.

Learn about process audits as a complementary audit technique that focuses on the effectiveness of individual processes rather than standard clauses.