How to prepare your business for any audit

Qualsys has helped over 400 businesses to be confident they are audit ready 24/7. Here are 15 lessons we’ve learned to prepare businesses for supplier, regulatory and certification body audits.

auditing 5-1

Engage leadership 

1. Consistency. We have learned that the impact of quality depends more on this decision than any other: What is the North Star Metric for the company? Is it to be more profitable? Is it to expand market share? Work it out and repeat this message everywhere and anywhere in your business. 

2. Social proof. Capture feedback from customers, employees and suppliers. Use these soundbites to demonstrate the bigger picture when influence

3. Reciprocity. What does your leadership team care about? It's unlikely to be the number of documents your team are creating. They are more likely to care about profit, efficiency and risk. Talk to them about something they will care about. 

4. Liking. "We don't like them." This is the answer to a survey of over 30 top executives about how they feel about the quality function. This is a really hard challenge to overcome. People like those who like them or who they perceive as friends. Finding common ground with leadership's goals, praising their successes and building a positive rapport will help you get the most out of your relationship with them.  

5. Authority. Work with your marketing team to develop your personal brand. Your leadership will be much less inclined to read your policy document than company news out there for the world to see. They definitely will read the company’s press releases, news articles and company social media feed. Boost your reputation in the company by promoting your insights, ideas and projects to an external, global audience.

6. One central policy. Many businesses have hundreds of policies which just becomes overwhelming so people switch off and read nothing. Create a single policy which is targeted for leadership, which then links to all others to limit the overload.


Empower employees

7. Develop your sales pitch. Shadow a superstar sales rep. They speak the language of the customer and leadership. Replicate this language in the boardroom, policy documents and when with the auditor. 

8. Focus on why, then what. Too many quality practitioners send around emails that there is an audit without explaining why it matters to their employees. Start all communications with the 5 Why's and you'll instantly notice an increase in engagement. 

9. Factual vs emotional communications: Qualsys finds data and statistics are much more powerful than emotional messages. 

10. A holistic management system. Put quality, health and safety, environment, information security, risk, business continuity etc. policies, processes and procedures all in a single system. All training requirements, issues, equipment, suppliers, audits etc, associated with the policies should be managed through this central system.  

11. No incidents is not a good thing. No news is not good news. It may just mean they haven't been reported or haven't been fed back to the correct department. Tools such as Kiosk by Qualsys make it easier than ever for employees to collect incident, near-miss, issue data into their management system within several clicks. 

12. Don’t bore with the detail. The average length of a quality manual is 21,000 words. Make the information easy to digest by breaking it up into headers, bullet points and summary sections. 

13. Targeted quality management. Send specific notifications little and often  to the people who need it rather than more general catch all emails. Your engagement will increase rapidly. 

14. 360 reviews. It can be very hard to take criticism from peers when the feedback is anonymous. However, nobody is perfect and it can be incredibly beneficial to hear some ideas from peers and empowering to know what you're doing well. Plan at least one 360 review per year to identify weaknesses and opportunities for personal development. This will also demonstrate to your auditor your commitment to continuous improvement.  

15. Routine audit program. By "routine" we don't mean monotonous and the same. We mean plan a complete audit schedule which looks at how change is being managed, the management system, how well quality is embedded, and so on. Mix up the questions and the auditors to avoid bias and subjectivity. 


Managing the auditor

14. Give your auditor the keys. A real sign of confidence is to send your auditor access to your central management system with all of your policies, procedures, training records, risk assessments, supplier compliance records, audits etc. With EQMS, you can lock down which areas of the system they see if there is something either confidential or sensitive you do not want them to access. 

15. Don't take it personally. Most auditors are trained in the latest techniques and processes. However, there are still a minority who will nit pick a small, insignificant detail. It's important everyone takes a risk based approach, but if you're stuck with an auditor who has other ideas, don't take it personally.


Is this all we know? 

The key to a successful audit is context. What are the risks? What are the processes? What are the objectives of their business? 

If you would like to arrange a health check of your management system, please email 


New call-to-action


Topics: Engagement, Customer Success, Audits

Share your thoughts on this article