Is it time for remote auditing to be widely adopted?

Posted by Peter Rogers

We are hearing organisations ask: “why can’t my Certification Body Auditors audit my management system remotely? I use cloud based software, so they don’t need to come to my office to read documents when we can make these and more records available to them through our software”.

Of course the Certification Body (CB) can do remote auditing. There are rules that are set out how to do it. But they often come back with “sorry we can’t do that” or “not in high risk environments”

But why not?

audit

We all have experienced the auditor pouring over documents in a room onsite for a couple of days, either in stage 1 or as part of a surveillance audit far away from any danger apart from a paper cut.

It would appear they maybe a bit frightened of remote auditing. Is it because they will need to learn new skills, techniques or learn to use software? Maybe they like the status quo of tick, flick and copy/paste reporting. Or do they see their revenue dropping?

The average Certification Body Auditor age in Australia is 56 years old. In addition there is no clear training or career path to bring in new or younger auditors. This means there are a reducing number of auditors and hence reduced number of available auditing days.

The results of this are clear to see:

  • Faster tick and flick audits (with fewer hours)
  • Lower quality auditors
  • Certification numbers dropping internationally
  • Companies relying on their own verification processes.

 

Is the answer remote auditing?

The following are some just some parts of a management systems that could be reviewed remotely regardless of the environment the organisation works in:

  • Documents
  • Forms
  • Records
  • Company meeting minutes
  • Audit schedules
  • Audit results
  • Improvements
  • Accident investigations
  • Supplier reviews
  • Calibration and maintenance records
  • Training schedules and records of training
  • NCR’s and corrective actions

So with some simple planning, audits can be easily conducted remotely.

 

Benefits of Remote Auditing

Remote auditing would have a few immediate benefits to the CB, these include:

  • Reduced Auditor fatigue through less flying time and time away from home.
  • An opportunity to train and mentor younger auditors before putting them out into the onsite auditing environment.
  • Identifying the areas that the auditor will look at before arriving on-site so they can add value in the audit, instead of sitting in a room.

Onsite time would be based on:

  • The findings from the remote audit.
  • The level of risk the organisation is exposed too.
  • The organisations compliance record.

 

Remote Auditing Example

An example of this approach is in New Zealand. Over 1000 eligible businesses are able to have remote verification audits.

The programme is described here.

Businesses need to meet certain rules, so not all food businesses will qualify for a remote verification. The business may be suitable if it:

  • Is registered at a national programme level
  • Has a good compliance history
  • Doesn’t export food
  • Has the technology available to connect with the verifier and be able to use it
  • Located at least 1.5 hours from the verifier (to make remote verification cost-effective).
  • Access to a good internet connection.
  • A smart phone or tablet or lap-top with camera and sound
  • Know how to use Skype.
  • Be confident to show the verifier the business in action.

So some industries are taking the lead on this. 

Takeaways:

  1. Remote auditing is possible and allowed, you need to insist that you and your CB look at how it could work for you.
  2. Don’t accept Risk as a reason for not doing it and there are plenty of things that can be done remotely.
  3. It should save you both money and improve outcomes
  4. If your CB won’t change maybe it’s time to change them to one that’s a bit more enlightened.

Tags: External Audit, Audits & Inspections, Internal Audit, Certification Body