An audit report is a product and outcome of any external or internal audit. Audit reports are the result of an evaluation against a set of criteria. The report indicates how the audited organisation complies with the assessed criteria. Some say the audit report must be comprehensive and include all the details of audited elements. Others believe that the audit report should not have too much detail and only include positive and negative observations. The question is, what should a good audit report look like? What level of detail is required? Is there anything that should not be addressed in the report? What about corrective actions or root cause analysis? How to write the audit non-conformities?
In this article, we will focus on the key elements that should be included in an audit report.
1) Audit Scope and criteria
The audit scope and criteria form the basis of every audit. They indicate what has been audited against which specific criteria.
Let's look at this example, if a client’s intake department against the Intake procedures was audited, your report must contain this information otherwise the readers would not understand where, what or who had been audited.
2) Summary of positive observations
It is recommended that you start your audit report with some positive observations or best practices that observed during the audit. These observations indicate the best practices you observed during the audit. Ensure to support your positive observations with some objective evidence.
Please note that you do not have to make a positive observation in your report just for the sake of it! You can skip this section if you have not seen any positive observations.
3) Summary of gaps and non-conformities
The audit gaps are the findings that do not comply with the assessed criteria. The report must include a summary of the non-conformities and what was not in compliance with the criteria.
4) Categories of audit findings
There are various audit finding categories across different industries and organisations. These categories define the significance of an audit finding. It can be major, minor, observation, opportunity for improvement, or be an area of concern.
The report must include the category of each audit finding, and how significant they were. Whether they were major or minor findings, depending on the audited scheme, the outcomes can be different. It is important to make sure that audit nonconformities are in line with the categories of the audited program.
5) Audit findings, description and detail
Never forget that the audit objective aims to look for compliances. It is recommended to write the description of both conformity and nonconformity within the report. However, the organisations are more interested to see their non-conformances. In general, there are some consequences for the non-conformities, such as corrective actions, change management, etc. whereas the conformities don’t trigger any actions.
Being specific is a key factor when it comes to writing non-conformities. Each non-conformity must be supported by objective evidence. You cannot report an audit non-conformity on the basis of what you think or guess.
6) The auditor statements
In this section you should write down a general statement about the health of the audit process such as:
7) Auditor conclusion
The audit report is usually finished by a conclusion. The following suggestions are useful when writing the conclusion to your report:
The level and content of the report can vary due to many reasons. These points are some tips better to be considered regardless of the type or complexity of the audit report.
A good understanding of the auditing process is essential for business success. Businesses who fully understand their systems and procedures perform better as a team with less stress and more effective outcome.
To learn more about the audit process, check out our Internal Auditor Training Course.
LMS TRG is an Exemplar Global Recognised Training Provider for courses in Management Systems Auditing. We come together from various specialist backgrounds to produce unique online learning experiences. Our team is composed of auditors, management systems consultants and providers, with over fifteen years of experience in delivering high-level quality training. We were founded with the policy of being pioneers in fully online and smart training solutions. To learn more click here.
Our email content is full of value, void of hype, tailored to your interests whenever possible, never pushy, and always free.