Page 233 - The Handbook for Quality Management a Complete Guide to Operational Excellence
P. 233
220 P r o c e s s C o n t r o l Q u a l i t y A u d i t s 221
• Auditee comments on the report (if applicable)
• Supplementary appendices
The audit report is the “official document” of the audit. Audit reports
should be prepared in a timely fashion. Ideally, the deadline for issuing
the report should be determined in the audit plan prepared beforehand.
Audit reports should describe the purpose and scope of the audit; the
entity audited; the membership of the audit team, including affiliation
and potential conflicts of interest; the observations of the audit; and rec-
ommendations. Detailed evidence supporting the recommendations
should be included in the report. Audit reports may include recommen-
dations for improvement. They may also include acknowledgment of cor-
rective action already accomplished. The formal report may draw upon
the minutes of the meetings held with the auditee. It should also note the
auditee’s views of previously reported findings and conclusions.
Auditor opinions are allowed, but they should be clearly identified as
opinions and supporting evidence should be provided.
Anyone who has been an auditor for any time knows that it is some-
times necessary to report unpleasant findings. These results are often the
most beneficial to the auditee, providing information that in-house per-
sonnel may be unwilling to present. When presented properly by an outside
auditor, the “bad news” may act as the catalyst to long-needed improve-
ment. However, the auditor is advised to expect such reactions as denial,
anger, and frustration when the findings are initially received. In general,
unpleasant findings should be supported more extensively. Take care in
wording the findings so that the fewest possible emotional triggers are
involved. The sooner the auditee and auditor can begin work on correct-
ing the problems, the better for both parties.
If a report is prepared by more than one person, one person will be
designated as senior auditor. The senior auditor will be responsible for
assembling and reviewing the completed report. If the audit was con-
ducted by a second party, distribution of the report will be limited to des-
ignated personnel in the auditor and auditee’s organizations, usually
senior management. If a third-party audit was conducted, the audit report
will also be sent to the client, who in turn is responsible for informing the
auditee’s senior management. In certain cases (e.g., government audits,
financial audits), the results are also made available to the public. How-
ever, unless otherwise specified, audit reports are usually considered to
be private, proprietary information that cannot be released without the
express written permission of the auditee.
Post-Audit Activities (Corrective Action, Verification)
Audit reports often contain descriptions of problems and discrepancies
encountered during the audit. However, not all problems are equal; some
are more serious than others. A well-written audit report will classify the
10_Pyzdek_Ch10_p209-226.indd 220 11/16/12 4:55 PM
