“how was I supposed to review all of these activities in this area in the two hours allocated and what do I do about the other two departments I should have visited this morning?”
Apply timings to your checklist activities – know if you’re on time
Plan for ‘deep evaluation’ opportunities
Apply a logical route through the system
Keep control of discussions and topics
Avoid distractions where possible
Don’t forget your checklist
Keep it with you – it’s your guide to achieving objective evidence
Keep it flexible – use as and aid memoir
Leave gaps in your checklist for notes and additional items
Refer to your plan of timings, locations, people, etc.
Interviews and discussions
Ask people what they do, what information they receive and then what do they pass on
Structure your interviews – as much information in as little time possible
Choose your questions carefully depending on whether you need confirmation or evidence:
Conformation example question: Are you responsible for signing requisitions?
Evidence example question: What are your responsibilities regarding requisitions?
Open questions usually begin with: HOW, WHO, WHY, WHAT, WHERE and WHEN
Closed questions are inevitable, but since they gather little information, should be kept to a minimum
The interview structure should ideally follow the route of information.
After establishing from the auditee, the inputs, processing and outputs, follow-up phrases should include:
Show me
What happens next?
What if…
Remember, this is not an interrogation!
Sampling
When asking ‘show me’, the auditor should determine the size of the sample which is needed to demonstrate compliance.
Different ways of sampling:
random
targeted
statistical
set percentage
variable
performance based
The samples you take should be representative of the activity under review and the planned time you have available
Also, be prepared to increase the sample size in the event of finding any non-compliance which may indicate possible problems
Observations and corroboration
Observations are a key part of auditing:
activities
documents
discussions
actions
The auditor must continuously be cross-checking that the evidence ties in fully with documented procedures, specifications, standards, regulations, etc.
Verbal confirmation in isolation as evidence should be avoided.
Your awareness during the audit
Don’t just focus on the checklist item, keep your eyes open for clues which might indicate insufficient control or noncompliance. Look out for:
housekeeping
new:
faces, temps, etc.
machinery
products or services
procedures
layout
things out of place
a sense of panic from personnel
Body language
Auditors should be aware of body language (Visual Language) in terms of their own expressions and those presented by auditees. These are guides only and should not be relied upon during audits. Use your own judgement!
Positive visual language examples:
smile: expresses acceptance and puts people at ease
eye contact: shows interest and focus
body mirror: can help to put people at ease and become more trusting
Negative visual language examples:
frown or sucking of teeth in response to a question or answer: concerns people and may make them panic
lack of eye contact: indicates shyness, nervousness or potential for not telling the truth
hand to face or collar pull: indication that some may be unsure about what they are saying, or they may be angry or frustrated
arm barriers: can indicate a person is being defensive if they cross arms in response to questions or answers (noting that some people feel comfortable crossing their arms whilst sitting)