Auditors’ Code of Practice

Ross Woods, 2021
Based on “Code of Practice ASQA Auditors and Course Accreditation Assessors.”

Overall ethical standards

  1. Be honest and act with integrity.
    1. Act fairly without favouritism, patronage or prejudice.
    2. Ensure your personal beliefs or opinions do not influence your findings.
    3. Avoid any real or apparent conflict of interest.
    4. Refuse any inducement or gift in your role as auditor.
  2. Show respect and courtesy.
    1. Treat everyone with respect, courtesy, honesty, fairness, and equity.
    2. Do not retaliate if faced with intimidating, hostile or offensive behaviour.
    3. Do not give personal criticism of any personnel.
    4. In audit interviews and meetings, give information about your role and explain how their comments will contribute to yor conclusions about compliance.
  3. Keep information confidential.
    1. Do not improperly use information gained through audits.
    2. Do not disclose any information gained through audits unless authorized or required by law (e.g. police investigation, court subpeona).
  4. Act within your competence.
    1. Do not act outside your expertise.
    2. Ask your supervisor for advice or assistance if you get stuck.
    3. Participate in ongoing professional development relevant to your role.

Conducting audits

  1. Inform auditees.
    1. Inform the auditee fully about the audit. Be fair, open and transparent.
    2. Inform the auditee in advance of the audit and give a reasonable opportunity to provide evidence of compliance.
    3. Inform the auditee about how to lodge a complaints or appeals about the audit process and outcomes.
    4. When conducting on-site audits, give auditees at least two weeks’ notice, unless the auditee agrees otherwise, or the rules of the organization permit it.
    5. Clearly inform the auditee of the process and outcomes by ensuring they understand:.
      1. the audit process.
      2. the range of outcomes of the audit.
      3. the implications of non-compliance.
      4. how to address any non-compliances identified in the audit.
      5. who they can contact if they have any questions or concerns and how to do so.
    6. Encourage auditees to ask questions about anything they might not fully understand and give clear and unambiguous responses.
  2. Act systematically.
    1. Focus on outcomes.
    2. The auditor's primary role is to determine whether the auditee has complied with the requirements of the relevant standards, based on the evidence provided.
    3. Do the audit in a systematic manner, based on an appropriate sampling strategy where appropriate, to ensure that all parties can be confident in the audit findings, conclusions and recommendations.
  3. Audit new and continuing programs differently.
    1. In new programs, the auditee has not yet implemented systems or processes. When auditing these programs:
      1. Check all documentation and preparation complies with standards.
      2. Examine the systems and processes to confirm whether auditee will comply with requirements when fully implemented.
    2. In continuing programs, the auditee should have already implemented satisfactory systems or processes. When auditing these programs:
      1. Check the recent past history of compliance and any changes made as results of reviews.
      2. Wherever possible, relate evidence to outcomes from implementation of systems and processes. If that implementation has not achieved the outcome/s required by the relevant standards, you should examine the auditees systems or processes.
  4. Base your findings on evidence.
    1. Be flexible about the specific form that evidence might take, and do not act on any preconceived notions about the form of evidence.
    2. Interpret evidence according to the auditees’s size and scope of operations and the context in which it operates. Do not use a ‘one size fits all’ approach to evaluate evidence.
    3. Base judgements solely on the evidence presented, without bias.
    4. Base your findings about compliance on evidence that is valid, current, sufficient and authentic:
      1. Valid. Is the evidence clearly related to the relevant standard?
      2. Current. Is the evidence current?
      3. Sufficient. Has the auditee provided sufficient evidence for me to make a judgment about compliance?
      4. Authentic. Is the evidence authentic?
  5. Act fairly.
    1. Give auditees sound reasons to support your findings of non-compliance.
    2. Give auditees reasonable opportunities to present evidence.
    3. Be fair in addressing gaps. Give auditees opportunity to respond to non-compliances that you have identified before making a recommendation. Make the judgement by focusing on the following points:.

End