At surveillance audit, the auditor reviews records for the 3-month period unlike re-certification audit where whole year records are reviewed. That's what I was told by the auditor and know from my experience being certified since 2010. The rest is the same: your FSMS will be reviewed against all sections of ISO 22000:2018 and ISO/TS 22002-1:2009 for compliance, and of course - traceability exercise. Review all your records to make sure they're fully completed, accurate and signed. Review your programs & policies to ensure compliance to the new standard. Make sure: whatever is written in your programs must be actually done. As I was told by a CFIA inspector recently: you'd rather have less written than done:)