Best Answer pHruit, 14 April 2022 - 10:45 AM
Are you saying that your internal auditor plans to copy/paste the entirety of last year's report? And has determined that they plan to do this before they've actually conducted the physical exercise of auditing the site/systems?
With the greatest respect, that sounds like terrible practice!
It's not unheard of to use the previous report as a template/starting point - pretty much every BRC auditor I've had in the last ten years has done exactly this with the full BRC audit - but obviously they go through the actual auditing process and change details based on what they find. It sounds like your internal auditor isn't planning to do this?
If I found an audit report that was identical apart from the audit dates I'd be extremely suspicious, so I could see the auditor deciding that the internal audit didn't really satisfy the requirements of section 3.5 - how do you demonstrate that all process have *really* been audited if the report is identical to the previous year's?
In practice I'm not sure many auditors would do a comparison of last year / current year audits, but that may depend on how much you have on file for them to look through. And note that this section of the standard is marked as a fundamental requirement, so non-compliance could have serious implications for your grade (up to and including non-certification, in theory).