‘We call them unscheduled (vs. surprise) audits, in that they are not part of the originally planned, annual first-party audit plan.”
ADVERTISEMENT |
“We sometimes need to have unscheduled audits, but they are normally not intended as surprise audits. The auditor may agree with the auditee on an unscheduled audit if the circumstances so warrant. It is to be viewed as a contingency plan when the audit findings necessitate it. We even have that in third-party audits, and they are normally called ‘special audits.’”
“There are formal and informal audits... I prefer the word ‘random’ rather than ‘surprise’ and as a courtesy try to minimize disruption and schedules.”
I came across these statements in an ongoing discussion thread in a LinkedIn group titled “Can We Have Surprise Audits in Addition to the Planned Internal Audits?” A fascinating discussion on several levels, not the least of which was a lack of consensus on the definitions used to describe internal audit types. Judging by the experience, position, and general demeanor of the participants, I figure them to be an intelligent crowd. So how do five professionals come up with five different terms to denote the same activity?
Rather than a disagreement about the proper use of the Queen’s English, the terminology seems more of a manner of couching or labeling in order to ascribe an underlying mindset of the auditor/auditee relationship, as well as the purpose of the internal audit itself.
“Catching a kid with his hand in the candy jar.”
“Found doing something wrong.”
“Adversarial system that will find some shortcomings.”
Once the fog of semantics is dispelled, what we see is actually a group of managers divided into three basic philosophical camps: Those who feel “surprise” audits are the manifestation of a “gotcha” culture that focuses on blame; those who feel “unscheduled” audits are the normal function of “validating” that employees are doing what they should be doing according to the defined processes; and those who feel that anything other than planned, scheduled audits will sabotage the other planned internal audits and erode all support for the management system (kind of like NSA “unscheduled” auditing of emails and phone calls).
My initial assessment concerning the veracity of this group was verified as the discussion continued. After mature exchanges grew into common ground, most folks agreed that unscheduled audits done for the right reason, conducted in a courteous manner, seeking to improve processes rather than “catch” people, could indeed be useful tools.
“Audits should be done in the spirit of making the system better. If they are presented as such, they will usually be supported by the rest of the team.”
“If the deviation turns out to be a good idea after review, we can refine our system a little more.”
“People who don’t follow a document may, in fact, be getting a better result than the written method.”
All good points. Especially when coupled with one of my favorite comments: “If the deviation turns out to be a good idea after review, we can refine our system a little more. But we would ask that next time they came up with an idea, don’t just make a change on their own. Procedure says the review comes first.”
Add new comment