A first-party audit is an internal audit . ISO defines internal audits, or first-party audits, as audits conducted by, or on behalf of, the organization itself . That means the people participating can be the organization’s own auditors or external people acting on its behalf, such as a consultant. ( ISO )
Therefore:
A. An auditor certified by CQI and IRCA can participate in a first-party audit, provided the auditor is acting for the organization or on its behalf. Certification status does not prevent participation in an internal audit. This is consistent with the principle that first-party audits are defined by who the audit is for , not by the auditor’s credential. ( ISO )
D. An auditor from a consultant organisation can also participate, because first-party audits may be carried out on behalf of the organization by a qualified external consultant. ( ISO )
E. An auditor trained in the CQI and IRCA scheme can participate for the same reason: training route does not change the audit type; the audit remains first-party if it is conducted by or for the organization. ( ISO )
F. An auditor trained by the organisation clearly can participate, since internal audits are commonly performed by trained internal auditors from within the organization. ( ASQ )
The two that do not participate in a first-party audit are:
B. A certification body auditor
C. An auditor from an accreditation body
A certification body auditor performs a third-party audit , not a first-party audit. An accreditation body auditor/assessor evaluates certification bodies or similar conformity assessment bodies, not the organization’s own internal audit program. These are external oversight roles, not first-party audit roles. ( ISO )
So the correct answer is:
B, C
