BRCGS has a very well developed compliance program - certainly the most robust of any of the GFSI benchmarked standards. The website has a pretty good overview, and the annual BRCGS compliance report is always well received by the industry.
Compliance has a number of inputs: ranging from site or specifier complaints, to random selection. Primarily, it is driven by analysis of activity on the BRCGS Directory - assessing audit data by category, region, CB, auditor and so on. Anomalies in data - say one auditor who always gives the same non-conformities, or a region with excessive audit duration, triggers a question, and often times the compliance team works with the certification body first, to understand if there is a specific reason - say an auditor who works only in a very narrow category would likely have similar non-conformities in many audits.
It has a number of different outputs, everything from desk audit reviews of reports, to utilization of the BRCGS Directory to identify trends in regions, CB's, auditors and categories.
Yes, the outcome may well be a site receives a visit from one of the BRCGS compliance auditors. In general, they are only a single day in length, targeting either a specific question, or coming in to assess if the grade awarded during the audit fits the general situation. They generally provide the CB the opportunity to shadow, as a learning opportunity, but not always.
Essentially, no one is a big fan of it happening, but when taken in context of the outcome - the strength of the BRCGS program, and it's reputation, people generally realize that being part of the program means supporting the quality systems that made it that way.
