One of our lovely readers asked us to write about BRC auditor calibration, so that’s that’s exactly what we did!

Consistency when carrying out auditors is so crucial. So, how do BRC and the Certification Bodies make sure that their auditors are consistent in their approach?

We did some research and this is what we found…

First of all, let’s look at how you become a BRC auditor

To apply to be a BRC auditor you need to have:

  • A degree or equivalent which is relevant to the subject you want to audit (e.g. food)
  • A lead auditor qualification
  • At least a 2-day HACCP qualification
  • At least 5 years industry experience
  • Have been involved in BRC audits in the past

If you have all that, then you need to have completed BRC training in the Standard(s) you want to audit.

So, in order to be an auditor you need to know how to audit (lead auditor qualification), have an understanding of HACCP (2-day course), have industry experience and BRC audit experience. Makes sense.

I don’t personally think a 2-day HACCP course will give you the skills you need to be able to audit HACCP, but that’s just my opinion. And as for the degree – I think this would eliminate a lot of really good auditors.

However, the only element of this that would provide consistency is the BRC training course. And, if you’ve been on one of these (as I have) you’ll know that it teaches you what the Standard says, but it doesn’t teach you what you need to do to be compliant.

So, if it doesn’t teach you what you need to be compliant, how does an auditor know what they need to see as evidence?

Once you are an auditor

You may have heard that BRC auditors now need to complete product specific training courses.

These courses ensure that the auditors understand the process of how the product is made and the safety implications. Which is great, as it’s really important for the auditor to know the fundamentals of the production process.

However, this doesn’t provide consistency.

BRC Certification Body star rating

The BRC assess the Certification Bodies to ensure that they are performing against a set criteria. Each Certification Body has to adhere to set of KPIs and every 6 months the BRC carries out a performance review.

The results of these performance review gives them their star rating, that you see on the BRC Directory.

When carrying out these reviews the BRC will look at:

  • How well the Certification Body communicates with BRC
  • The quality of the audit reports
  • If their auditors are compliant with the required training
  • How long it takes the Certification Body to upload audit reports to the BRC Directory
  • How audits are completed and reported

So, the elements that assist with BRC auditor calibration, would be the quality of the audit reports and how audits are completed and reported.

They do this by auditing the process to their guidelines, but unfortunately this doesn’t assess how the practical side of the audit was conducted. It just checks if the audit report was filled out correctly and if the steps of the audit were aligned with the requirements.

BRC do carry shadow audits with the Certification Body’s auditors, but I’m not sure how many they do or what happens with the results.

If anyone at BRC is reading this, perhaps you could explain this in the reply box below?

Technical review

Each audit report is reviewed before it’s approved and the certificate is generated.

During this process the Certification Body’s technical team assess the content of the audit report to ensure that they agree with the findings. At this stage they can remove or add non-conformances, if they don’t agree with the auditor.

Which means, this is the chance to ensure that there is consistency across audits completed by the Certification Body. It doesn’t stop there being inconsistencies between Certification Bodies though.

And, the technical review can only pick up theoretical inconsistencies, which have been documented. It won’t pick up practical inconsistencies.

Auditor calibration meeting

The BRC also require the Certification Bodies to carry out an annual auditor calibration meeting, to ensure that all auditors are on the same page.

I’m presuming BRC also hold an annual calibration meeting with all the Certification Bodies too, so that the ‘calibration’ can be distilled down to the auditors.

The reality

The Standard, even with the Interpretation Guide isn’t always clear. Every audit situation is different and not everything is black and white. We can only try to minimise the grey…

We’ve all had experience of auditors being inconsistent and the frustration this causes.

The auditors also have similar frustrations. I don’t know how many times I’ve been challenged on the non-conformances I’ve raised, because “that’s never been picked up before”.

An audit is only a snap-shot and you can’t look at every tiny little thing, but it would be good to try and make sure the BRC auditors are as consistent as possible.

We get audited at sites, to make sure the lab testing we do is consistent. It’s part of the Standard to do proficiency testing or ring testing. We think that BRC should do this too, to check that everyone understands the clauses in the Standard, in the same way and would apply the same non-conformance, in the same situation.

GlobalGAP have an Integrity Team, who carry out audits of their auditors, where they carry out an audit of a site, who has just been audited. They take the audit report and check to make sure that the non-conformances raised reflect the standard of the site. Perhaps this would be an alternative solution.

Your options

It is your right to decline an auditor if you don’t get on with them or you don’t think they are consistent. Please be aware though, that you should tell your Certification Body this when you book the audit, otherwise you may find they don’t have any other auditors available.

What are your thoughts?

So, what do you think? Have you had any experiences of auditor inconsistency that you would like to share? And, if you’re an auditor – do you have any suggestions on how consistency could be achieved?

You don’t need to use your real name, so you can share without fear of anyone knowing who you are. Only we see your email address and we will keep it secret.

Have your say…

14 thoughts on “BRC auditor calibration

  1. We have had 3 different auditors in the last 3 years. This year we will be having the same one as last year, so that’s fine. Each auditor was, as you may expect, different in their approach to the audit. However, there was also considerable inconsistencies in the way they conducted the audit and their attitude towards the guideline duration for the audit (please bare in mind that we are a Broker, so our audit is paperwork based). The guideline is a 10 hour audit, which is way too long and unnecessary. One of the auditors insisted on taking the full 10 hours, which makes for a very long day for all concerned, just going through paperwork etc, and the other 2 kept it to 8 hours or less, which was much more reasonable, and still covered everything that needed to be covered. Interestingly, the auditor who took the full 10 hours, also gave the most non-conformances and for the pettiest of reasons (things which really were not important and should just have been advisories). That said, we did achieve a grade A when graded for the first time in 2018 and improved this to AA last year.
    I think my point, at the end of the day, is that auditors are not always objective, as a good auditor should be, but very subjective instead. They have their own views of how things should be done and what is needed for compliance with the standard, and do not keep an open mind and consider whether the requirement can still be satisfied by what the site has put in place to cover it. In doing this they can make people, who often do know their stuff, feel small and confused by the whole process. I believe good auditor discusses and advises different points as well as identifying non-conformances, and is not just there to find fault. Ausits should be a learning process and form part of the site’s continuous improvement programme. Audit duration guidelines should also be made more realistic and site relative.
    Rant over, thank you :-).

    1. Thanks for sharing your thoughts and experiences David. I agree I’ve had experiences of auditors giving non conformances because they think that a system should work they way they would have done it, rather than seeing that the system complies. For example, one of our sites got a non conformance because the auditor said that the hazard analysis should be a 1, 2, 3 system, not a high, medium, low method. A good auditor should be impartial and not apply their personal opinions. Rant over here too! 🙂

      1. Agreed completely. Our most ridiculous NC was for only having job titles on our Organisation Chart! The auditor said it should name the people, which now means the organisation chart has to be amended every time there is a change of staff. Whereas, before, we just changed it if there was a change of job title or area of responsibility etc…

      2. If I was present at the audit, I wouldn’t accept the HACCP non conformance Kassy. I’ve had a few incidents of ‘show me where in the standard it say’s we must do it this way’. I’m not being awkward but an NC must relate to a specific requirement of the standard…my rant over as well! I think that NC’s are sometimes poorly written in that the objective evidence doesn’t have sufficient detail and the requirement of the clause is rarely quoted.

    2. Just a quickie to add regarding the duration time of an audit. This is set by BRCGS and yes it is a guideline and an auditor can reduce the time on site but there are a number of justifiable criteria that must be meet and the auditor must run this by the Certification body at the time, who in return would seek authority from BRCGS.
      Having been an auditor for several years to the various BRC standards there is a lot to cover in an audit – yes it is a snap shot of a site – however, the audit still has to cover in excess of 185 individual clauses (Food) of which there are many contribruting factors that can “drag” an audit out. Just a small example of these are, experience and capability of auditor, knowledge of the subject matter, preparedness of the site being audited. Often as an auditor you spend so much time waiting and waiting and waiting for a site to produce the required evidence or dealing with stalling tactics – this all eats into the duration time. A good auditor will not simply rush through the clauses but provide the right level of challenge – this all takes time.
      I strongly agree with the need to review the degree requirement – you cannot beat on the ground experience gained through working within a technical field. I see so many graduates with limited or no industry experience wanting to go straight into an auditor role, thinking they will get that vital experience as the grow into the role. You then lose the pragmatic and realism that an industry expert would have. The category exams have helped with this, as grandfather rights do not give you the necessary knowledge of individual product categories.

  2. Thankyou for highlighting many of the controls that BRCGS has in place aiming to ensure consistency across the 29,000 audits that take place each year. We believe that we have some of the best auditors in the world, ensuring our protocols are consistently maintained and are instrumental in embedding safety throughout the supply chain. As you have outlined we have rigorous auditor requirements both for initial approval and continual registration. We don’t discount auditors that do not have a degree – we agree that there are some very experienced people that may not have the traditional degree background.
    Auditor competency is always a hot topic and we have particular focus on what makes a good auditor, how we can ensure consistency across auditors and how we can help Certification Bodies calibrate auditors and keep them up to date with emerging industry issues. BRCGS has a wealth of data, built up over the last 10 years, that can be easily analysed in a number of ways through BRCGS database. Dashboards available allow BRCGS and Certification Bodies to conduct in-depth management reporting, allowing benchmarking across auditors, countries and industries identifying risks and auditing inconsistencies that warrant further investigation. The aim is to enhance audit consistency.
    More recently we have focused on helping Certification Bodies develop their auditors’ soft skills and BRCGS have in place specific requirements for witness assessment including mandatory training and reporting to ensure assessments carried out internally by Certification Bodies every 2 years drives auditor consistency.
    As the scheme owner, we do have a large global compliance team who undertake a number of activities. We employ a consistent risk-based approach to planning all our compliance activities. As well as the publicly available KPI ratings, we conduct office audits around the world at Certification Bodies as well as witness audits of auditors. Sanctions are put in place where necessary which includes suspension of underperforming Certification Bodies and individual auditors.
    BRCGS continue to undertake one-day visits to certificated sites to gain an insight primarily into how our scheme is being delivered by our Certification Bodies, as well as emphasising our continued expectations to sites. Increasingly, these global visits are unannounced.
    BRCGS encourages feedback and have a number of routes for this. Every site will receive an invitation to complete our post audit survey. The survey results show 94% of sites are satisfied with the service from their Certification Body and rate BRCGS auditors to be of a high quality, with 88% being good to excellent.
    We also have a confidential complaints app via
    The compliance activities for 2019 are outlined within our annual brochure available from our website

    Karen Betts
    Head of Compliance BRCGS

    1. Hi Karen
      Having read through the report I have a few observations…
      The report says that there was over 29,000 audits carried out in 2019, by 1,840 auditors. The compliance audit programme completed 171 site visits in 2019. That’s a 0.58% coverage of the total number of audits. It also means that it will take nearly 11 years at that rate, to ensure that every auditor is covered.
      Also, the fact that the emphasis seems to sit again with the site, following a site visit audit – where the site has to complete all non-conformances found, to retain their certification seems harsh. If the site visit audit was to take place at the time of the actual audit (i.e. as a witnessed audit) this would not happen.
      The report also says that 42 witnessed audits took place, with only 4 auditors needing further training. That’s nearly 10% of the audits carried out. Surely, this isn’t ‘an excellent result’ as the report says. To me (and this is only my opinion) it highlights that witnessed audits are the way to go. For the sites, it would be good if there was more transparency in these results as well – to give them reassurance.
      Do BRCGS hold any events to try to improve auditor consistency? Getting auditors together routinely as a team, to ensure that there is consistency, would seem to be an obvious solution.
      I look forward to hearing your thoughts.

  3. I am lucky to have a good audit body who has consistency in their auditing standards, across all of their auditors. I also find it best to try and get your BRC Training to the same standards as the auditor too – as that way you’re on a level playing field when it comes to changes.

    In terms of the requirements for a BRC Auditor – I have to agree with what you’ve highlighted.

    A degree does indeed put a blocker on for a lot of good quality Technical Managers who would like to move into an auditing role. I think that being a Technical Manager for a number of years can be far better than a degree.

    2 days HACCP isn’t enough. There’s no two ways about this. If you’re in a position to scrutinise HACCP for compliance against a system like BRCGS, then you need to have a qualification that matches the standard of your auditee as a minimum. Level 3 HACCP is a 2-day and gives you a great basis for maintaining a HACCP plan, but if you’re auditing someones HACCP I think you should be holding a valid Level 4 certification. It’s the level many retailers are demanding – so as an auditor, you should be meeting that standard too.

    5 years industry experience is also quite vague. Does 5 years as a spec-tech qualify? How does that sit next to someone who has 5 years direct TM experience.

    When you look at the list of requirements, you can see how “easy” it can be for someone to move into BRCGS Auditing. When someone is fresh out of University with their qualifications, done a quick 2-day HACCP they probably got when spending 5 years as a technical administrator, and having experience of BRC audits being a broad statement – its easy to see how standards can be so varied.

    You could have an auditor auditing in the industry with the absolute minimum experience, trying to dissect the systems of someone with a life-time of experience, more qualifications, and real-life experience of managing and implementing technical requirements.

    I’m not suggesting that auditors should be old, but I think there needs to be some real requirements on the Auditor to ensure that those who are enforcing the standards are not lesser qualified that the people they are trying to audit.

  4. Just to add a little input here.

    If a potential auditor doesn’t have a degree, it doesn’t rule them out. Instead they require 10 years relevant experience rather than 5.
    The key here however is relevant experience. In addition to completion of category exams, an auditor needs to demonstrate how they have experience in the category.
    Some other things not mentioned is that an auditor now also needs to do a GFSI exam as part of their sign off. They also need to do at least 10 shadow audits and a number of witness audits as required by the CB.

    If a site does not feel their auditor has been fair, I would always recommend a discussion with the CB and if required with BRCGS. In my experience BRCGS are always willing to listen the concerns of sites, have tried to make this as easy as possible for sites and will always resolve those concerns with the Certification Body.

    I would add that healthy competition is a good thing. There are a number of 5 star CBs out there, and it is a sites right to change CBs if they feel the need to. So if you feel let down by the CB or the auditor, use the BRCGS Directory to find a different CB.

    Finally I would recommend that sites talk to consultants, such as Techni-k. Consultants have very real experiences with multiple CBs, and can be an extremely valuable resource in recommendations of different CBs if the sites current has let them down.

  5. Thank you so much for this very insightful article!
    I enjoy reading all the comments and have a question please.
    What does it mean when a certification body doesn’t report any star rating on the BRCGS Directory?

    Many thanks

  6. Hi my fake name is Daniel, I’m a TM of a food industry group which bought 3 years ago a small old company in the U.K. and I’m managing their technical team. The old owner of this small company had the not very good idea (you will read why) to start the adventure into the BRC accreditation.. the site is old, not very well maintained and when I started I realised there were plenty of issues also against fundamental parts of the BRC food safety std no much matter what version, I’m talking about fundamentals (eg. Supplier approval, foreign body risk assessment, building maintenance, allergen risk assessment, traceability, etc). the site managed to get the accreditation, although the grade varied through a variety of grades from D to A without the site going through massive changes instead. When our group took over this company some noticeable implementations took place and we managed to maintain an A grade and get a AA eventually, then back to an A (ver.8) and then disaster, we got a C and now after 6 months got ripped out to another C with a very long list of NCs in an audit which was very “to the book” and very picky although I give credit the NCs were legit and in general terms considering what is required on the std, we are definitely far off to a theoretical A grade.. Nevertheless, I have more than 10 years of experiences with U.K. retailers and different factories as I am a BRC trained auditor as well and I’ve assessed different sites in U.K. and in EU… almost all the site I got on my sight directly or by desktop assessment, we’re accredited with BRC A or AA grade. I’m telling you, a very big % of them wouldn’t never have a A grade if audited in the same way we have been audited in these last couple of audits. Quite few Customer lifted up their selection threshold to a BRC grade A mandatory and now we will lose a lot of business (hundred thousands of £).. which wouldn’t have ever happened if the auditors were a minimum consistent! I’ve seen site grade A accredited which were a utter disgrace, one of the most important U.K. retailer stopped to reference to BRC due to its inconsistency (said by few of the auditor of their third party auditing Co.)The problem is, that it is actually when you get a nice grade which probably you don’t deserve, that the inconsistency take place, but it is when you fall down again when you or actually, your sells team realise it…

    1. Blimey ‘Daniel’ you’ve had a torrid time and I think anyone reading this will relate to what you’ve said! Thank you for sharing.

Share your thoughts…

Your email address will not be published.

We've tagged this article as: