Getting Ready For Your Audit - 8 Things You Need To Know

There are several steps to become ready for your external audit, from updating policies and procedures to reviewing single details of each process and practice. Knowing your rights and responsibilities can assist you in comprehending the auditing process. You will be going to learn about very key points regarding your rights and responsibility as an auditee (a person/organization audited by an Auditor). Below are the most common points you should be aware of and follow:

1. Know your auditor

You are about to be audited externally, and the Certification Body (CB) has appointed an auditor to conduct your audit. It is your right to ask for more information about your selected Auditor. You have the right to say no if you believe that the Auditor is not the best option for your business. 

• The CBs have to follow a certain process to allocate someone to audit your organization. Meaning you can be confident that the selected Auditor has already passed many key selection criteria in most cases.
• You don’t have the right to select your Auditor due to the potential for conflict of interest. The CB can also say no to your choice due to the potential audit risk.

 2. Review the audit plan and make sure it suits your business

The CB and their allocated Auditor have to contact you regarding the audit plan. Key information such as audit date, duration, the audit team, etc., should be communicated well before the audit. Normally, the audit plan should be communicated three weeks before the audit. You can ask for a date that suits you and your team. You are not able to cancel your booking a week or ten days before the audit as that may cause financial implications. In force majeure circumstances, the CB might waive the cancellation fee.

3. Provide proper resources for your auditor

As a host, you should provide an environment that suits the audit. This includes a room with a desk and a chair to sit on, a printer if needed and other office equipment. You also have to allocate resources such as a management representative or a guide to assist the Auditor on the audit day. You should evaluate your circumstances and contact your Auditor if anything may impact Auditor’s accessibility to the required resources.

4. Auditors are not consultants. Their scope of work is to evaluate your compliance

As an auditee, you should be well prepared for your audit. The auditors' work scope is to evaluate your compliance against specific criteria. It is not part of their scope to give you consultation on topics such as how to improve your business or how to fix your issues. These matters are not part of the auditor’s working cope; however, the auditors may share good practices observed in similar industries if it does not breach confidentiality.

 5. Ask your auditor to provide evidence for their nonconformities

Nonconformities can be part of audit outcomes. The audit findings are very handy in helping to identify your business's potential gaps; however, not all audit nonconformities may be correct findings or bring value to your business. It is your right to discuss your concern with your auditor about the validity of their nonconformity. The Auditor must provide objective evidence to support their findings. 

6. Not to accept the audit nonconformity if you believe it is an incorrect nonconformity

If you believe that the nonconformity is not a valid audit finding, you should ask your auditor to provide the evidence and inform you about the audit criteria they used as a basis for the audit nonconformity. It is your right not to accept an invalid audit nonconformity. The auditor uses audit criteria and evidence to evaluate your compliance. Often the evidence is not entirely provided to your Auditor, or the auditor may have an incorrect interpretation of your evidence. Discuss your concern with your auditor if you think their audit nonconformity is incorrect. Note: having an audit nonconformity doesn’t mean that your system is failing. Usually, it is part of any audit process to have some feedback or non-conformities. If you think the audit finding is correct and valid, you should accept it.

 7. Give your feedback to the Certification Body if you are not happy with the audit

The audit is finished and your effort to satisfy your auditor to remove invalid findings did not come to any resolution. The audit findings bring no value, on top of that, it may impact your operation's integrity too. You failed to justify their invalidity and you may find your auditor was not reasonable. in this case, you should share your feedback with the Certification Body. Your feedback is an essential factor in helping Certification Bodies understand their auditor performance and identifying any potential opportunities for improvement.

8. What if the Certification Body did not address your complaints?

In most cases, your complaints will be addressed by the Certification Bodies. If not, then you have the choice to escalate your complaint to the body that is accredited the Certification Body. You can find their name by looking at the Certification Body website. In Australia, JAS-ANZ is the body responsible to accredit the Certification Bodies. The name of these Accreditation Bodies and can be found by a simple search. There are some other bodies such as NDIS Commission that also can be helpful for the NDIS provider (applicable only in Australia).

Knowing your rights and responsibility is an essential factor in the success of the audit. Make yourself familiar with the audit-specific process and learn about the steps. The more you educate yourself about the audit process, the less stressed you'll be and the smoother your audit process will be going ahead.

Who We Are

At core, LMS TRG is a compliance consulting and training organisation that builds and delivers powerful and practical products for people and businesses. Born and bred in Melbourne, Australia with an amazing team of expert auditors, consultants, and entrepreneurs.

Our area of expertise lies in providing training and guidance on compliance with the National Disability Insurance Scheme (NDIS) and the International Organisation for Standardisation (ISO). We also assist organisations in implementing effective management systems that are tailored to their specific needs and requirements. Our comprehensive approach to compliance training and management systems ensures our clients have the knowledge and tools necessary to meet regulatory requirements and industry standards. We are committed to helping our clients achieve success and maintain a culture of excellence in their operations.

We Care for each other, our members, and our society.

We Dare to discover and experiment, trying to be different and be fearless, and innovative.

We share our knowledge and experience, work together and continue to support our members.