AUDITS

BUSINESS
Auditing is one of the fundamental examination and evaluation tools which makes it possible to assess practically all aspects of an organization’s performance. It enables the diagnosis and constant monitoring of the ongoing processes, boosts internal communication, employee involvement and effectiveness in all areas of management
We have comprehensive experience in auditing from over 1000 businesses and public sector organizations. At your behest, we are prepared to conduct an audit of any kind, in any area of your business activity.

digital transformation readiness audit

quality audit

supplier audit – second-party audit

food safety audit - BRC and IFS

legal compliance audit

financial audit

infrastructure audit

RODO/GDPR audit

information security audit

environmental audit

occupational health & safety audit

energy audit

CSR (Corporate Social Responsibility) audit

anti-corruption and anti-bribery audit

IT systems audit

business continuity audit

clinical audit

laboratory quality audit

Gap Analysis

third-party audit – certification bodies support

forensic audit

process audit

digital transformation readiness audit

Rapid technological changes, frequently defined as the „fourth technological revolution”, are happening in all areas of life, including business organizations and management. The new reality requires organizations to adjust as quickly as possible to the imminent technological changes, therefore they need to constantly examine and upgrade their digital readiness level and  verify whether they can exploit their full business potential and opportunities in the new environment.
Digital transformation readiness audit is conducted according to our original SenseMaking Practices© methdology and includes the examination of such issues as the automation of the manufacturing process, use of algorithms, artificial intelligence (AI), the Internet of Things, intellectual and emotional readiness of employees for the transition to a more automated work environment, and many other issues involving a strategic modification or change of their business models to become consistent with the digital reality. We diagnose business organizations’ development opportunities in this domain and collect relevant data to work out a transition strategy from the „analogue” stage of development to the new “digital” level.

quality audit

A quality audit is the process of systematic examination of a quality system carried out by an internal or external auditor.  The auditor verifies the effectiveness of business processes with regard to satisfying the customers’ requirements, compliance with internal regulations, as well as process measurement and control mechanisms with respect to their conformity to ISO 9001 ,  while taking into consideration risks and opportunities.  Also examined are: process planning methods, process validation principles, control of monitoring and measuring devices and their measurement traceability, procedures for dealing with non-conforming result/product, product identification and traceability, product safety and protection, applicable product/service exclusions, employee competency requirements, customer satisfaction survey results, monitoring  and measurement results, corrective actions, implemented decisions and improvement actions.
We will carry out a quality audit in your business organization to assess its business activity. Relying on our original SenseMaking Practices© methodology, we will assess the existing process risks, customer satisfaction level, product/service conformity, process control, existing documentation and control procedures. On the basis of the report results we will propose improvement actions for your business processes

supplier audit – second-party audit

A supplier audit (second-party audit) is the fundamental tool used by a company to ensure a supplier is meeting the requirements specified in the contract. It is also used to assess he is meeting these requirements throughout the delivery process. The supplier audit verifies whether the specified requirements and criteria are being fulfilled, assesses the existing  procedures, documentation and required employee qualifications, consumer complaint and non-conforming product/service handling procedures, and communication efficacy.
At your behest, we will carry out an audit of your organization’s suppliers to verify their level of compliance with contract requirements. Using our original SenseMaking Practices© methodology we will evaluate the supervision level  of the contract/purchase order/commission implementation, identify and indicate risk areas in your cooperation with the suppliers, and suggest necessary control measures with regard to order fulfilment and process supervision at your supplier’s venue. On this basis, we will propose guidelines to improve the cooperation with your suppliers and enhance the supervision process of their operations

food safety audit – BRC and IFS

The main concern and focus of a food safety audit is whether a company is meeting the requirements of the HACCP. It verifies the risks of the occurrence of physical, chemical and microbiological hazards during the food manufacturing  processes, as well as the reliability and validity of the critical control points CCP supervision, and the monitoring principles and procedures with regard to the control points (CP). Good hygiene practices (GHPs) and good manufacturing practices (GMPs) are evaluated in terms of their effectiveness and influence on product quality. Relevant product documentation and specifications are reviewed, as well as procedures for dealing with non-conforming products, purchasing process control procedures, packaging standards, conformity with the manufacturing environment requirements and delivery requirements, as well as the level of meeting customer  requirements specified in contracts, and conformity with the BRC/IFS criteria
We will carry out a food safety audit in your organization according to the specified BRC or IFS criteria. Relying on our original SenseMaking Practices© methodology, we will estimate to what degree your organization meets the requirements, assess the agreed practices and their effectiveness, existing risks, the reliability of monitoring and control with regard to the manufacturing process. On the basis of our report we will propose recommendations to optimize your company’s food safety system

legal audit

A legal audit is an appraisal of an organization’s operations to determine its compliance with applicable statutory law, internal regulations and procedures, binding agreements, implemented code of ethics and standards of professional conduct. The audit verifies danger areas which may be due to the instability of legislation, changes in judicature or incorrectly formulated legal relations, and assesses to what degree the organization meets the applicable legal requirements. It also assesses the company’s incompliance with the law, incorrect application of the law, or the effect of unfavourable rulings in contentious matters on the organization’s performance and status.
We will carry out a legal compliance audit in your organization, conducted by acknowledged law experts. During the audit we will rely on our original SenseMaking Practices© methodology, and the requirements of ISO 19600 – Compliance management systems. We will assess to what degree your company meets the legal requirements, evaluate the implemented practices and their effectiveness, existing compliance risks, the reliability of monitoring and control with regard to the provisions of the applicable law. On the basis of our report we will propose recommendations to assure your company’s legal compliance.

financial audit

The financial audit is based on national and international  financial reporting standards. Prior to the audit, an auditor needs to acquire applicable information about the specificity of the company’s domain of operation to be able to accurately identify potential risks and plan examination procedures. The  review consist in carrying out audits of financial reports and  examination of statutory financial statements, as well as an assessment of individual and consolidated financial statements  against the requirements of the International Financial Reporting Standards (IFRS).
Our certified statutory auditor will carry out a financial audit at your company to verify your accounting policy, compliance with the law, internal regulations and how binding agreements and contracts affect your financial statements. The auditor will examine the bookkeeping ledgers and present a reliable report pertinent to the evaluation of your organization’s financial condition.

infrastructure audit

The purpose of an infrastructure audit is to examine and verify a company’s compliance with the provisions of the construction law, machinery directives, machinery safety requirements, occupational health and safety requirements, and to identify infrastructure-related risks. The review assesses the suitability of the infrastructure to the organization’s operations, measures  the effectiveness and cost effectiveness of the infrastructure utilisation, verifies the documentation with regard to its compliance with applicable requirements, compliance of property taxes and betterment levies.
We will carry out an audit of the infrastructure in your organization. Relying on our original SenseMaking Practices© methodology, we will assess the risks, examine the external and internal factors affecting the infrastructure, legal compliance, documentation, the frequency and results of inspections, process suitability, cost effectiveness, fixed assets  and their usefulness and depreciation with use. On the basis of our report we will propose measures to revise your organization’s business financial plan.

RODO/GDPR audit

RODO/GDPR audit examines an organization’s compliance with applicable laws regarding the protection of personal information of natural persons in terms of information reliability and transparency, purpose limitation, minimisation and accuracy, processing, storage and retention, accountability, integrity, and confidentiality. The auditor verifies the existing information security policies, technological and operational infrastructure, agreements pertaining to personal information processing, assesses potential risks, existing documentation, procedures and the effectiveness of solutions to date.
Applying our original SenseMaking Practices©methodology , we will carry out in your organization an audit examining  your compliance with the RODO/GDPR regulations. We will assess the existing  risks, susceptibilities, the effectiveness and reliability of the existing security measures, information security level your organization’s compliance with applicable legislation. On the basis of our report we will suggest technological and organizational improvement solutions to optimize the security of personal information at your company.

information security audit

An information security audit examines the effectiveness of the technological and organizational IT security measures implemented by an organization as a result of risk assessment with regard to processed information and data. The audit assesses employee awareness level, existing information security policies and management, human resources organizational structure, physical and environmental security, information categorization and protection principles, including personally identifiable information, access control, IT system and network management, applications management, systems development, IT incident management, operational continuity, compliance with applicable requirements, and indicates areas for improvement. The audit follows the requirements of ISO 27007 for information security management systems.
During the information security audit at your organization we focus on assessing process risks and opportunities. Relying on our original SenseMaking Practices© methodology and following the requirements of ISO 27001 – information security management systems, we will evaluate the identified risks, susceptibilities, the efficiency of existing security measures and their reliability, general security level and compliance with applicable requirements. On the basis of our report we will propose technological and organizational solutions to improve your organization’s information security system.

environmental audit

An environmental audit examines an organization’s compliance with environmental legislation in applicable aspects of its operation. It verifies the effectiveness of processes responsible for the identification and management procedures regarding pertinent environmental aspects and effects, including the risk of a harmful effect of the company’s activities on the natural environment. Other assessed areas include the organization’s effectiveness in terms of objectives, tasks and programmes oriented at environment protection in applicable aspects and procedures governing environmental accidents, while areas for improvement are indicated.

We will carry out an environmental audit in your organization to examine compliance with applicable environmental requirements and legislation. Using our original SenseMaking Practices© methodology and following the guidelines of ISO 14001, we will assess the risks, aspects and influences of your organization on the natural environment, the effectiveness of your environment management system with regard to crucial environmental aspects, evaluate environmental accidents and employee awareness. On the basis of our report we will propose measures to improve your organization’s environment management system.

occupational health and safety audit

Occupational health and safety (OH&S) audit examines an organization’s compliance with applicable legislation defining employee health and safety conditions in the workplace. It examines employee exposure to hazardous phenomena and events, verifies work environment monitoring procedures, risk assessment results with regard to all work positions, adequacy of protection measures, identifies particularly hazardous work and activities, examines communication and consultation efficiency within the organization, and the effectiveness of implemented improvement measures in terms of the H&S results.

We will carry out a reliable OH&S audit in your organization. Relying on our original SenseMaking Practices© methodology, and conforming to the requirements of the ISO 45001 – Occupational health and safety, we will evaluate the effectiveness of risk assessment for all work positions, protection measures used, assess legal compliance, work conditions and their respective monitoring principles, accidents and existing documentation. We will also examine your organization’s conformity with the requirements of the machinery directive, review machinery documentation  and existing safety assessment principles for machinery and devices. On the basis of our report we will propose measures to improve your OH&S management system.

energy audit

An energy audit evaluates and analyses the energy performance and energy efficiency of devices and installations in an organization and verifies energy measurement principles and reporting methods. Additionally, it assess designing and purchasing procedures for devices and systems, indicating factors influencing their energy performance.
We will carry out a reliable energy audit in your organization. Relying on our original SenseMaking Practices©methodology and following the guidelines of ISO 50001 – Energy management, we will assess the risks, analyse and evaluate energy performance and efficiency of your infrastructure, effectiveness of planning and management of device purchasing processes, measurement and reporting methods. On this basis we will propose measures to improve your organization’s energy management system.

Corporate Social Responsibility (CSR) audit

A corporate social responsibility audit examines an organization’s social performance against the social objectives and commitments it has set for itself with regard to its employees, stakeholders and the environment. It reviews legal compliance in the areas of employee rights, supplier agreements, signed contracts, OH&S standards, natural environment protection policies, transparency of operations, and ethical standards. It also evaluates activities which have contributed to the sustainable development by considering  stakeholder expectations.
We will conduct a corporate social responsibility audit in your organization to verify your established social objectives against  their actual fulfilment. Applying our original SenseMaking Practices© methodology and following the guidelines of ISO 26000 – Social responsibility, and SMETA – Sedex Members Ethical Trade Audit , we are going to evaluate your organization’s activities, CSR risks, stakeholder requirements and your follow through on your CSR commitments. On the basis of our report we will propose measures to improve your social responsibility policy.

anti-bribery and anti-corruption audit

An anti-bribery audit is a method of detecting in an organization threats related to conflicts of interest, price fixing, bribery, document fraud, non-disclosure of information, misuse of resources, misappropriation of funds, embezzlement, money laundering, abuse of position, misuse of inside information, and unethical conduct.
We will carry out an anti-bribery audit in your organization based on our original SenseMaking Practices© methodology  and the requirements of the ISO 37001 – Anti-bribery management systems. We will analyse processes, risks and interconnections, verify information, examine the documentation and collect evidence. On the basis of our report we will propose concrete preventive measures to reduce the risk of corrupt behaviour in your organization.

IT systems audit

The main purpose of an IT audit is an examination of the management controls within an organization’s existing IT infrastructure. The key aspects examined relate to the systems’ conformity with the latest standards, resilience to external threats, and risks related to areas of particular susceptibility. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity and operating effectively to achieve the organization’s objectives, and indicates areas for improvement.
We will carry out an audit of the IT systems in your organization, based on our original SenseMaking Practices© methodology and the requirements of the ISO 20000 –  IT managements systems. We will identify and assess risks and susceptibilities, your ICT infrastructure performance and quality levels of provided services. We will verify the policies in place and the effectiveness of the established operational, technological, as well as organizational controls. On the basis of our report we will propose measures to improve your ICT management system.

business continuity audit

A business continuity audit examines risks in an organization’s  processes and the effectiveness of provisions that are in place to determine if they are effectively safeguarding the organization’s activities against disruptive incidents.
We will carry out a continuity audit in your organization to assess the influence of continuity disruptions on your organization’s operation, products and services on offer, and existing processes. Applying our original SenseMaking Practices© methodology and in conformity with the requirements of ISO 22301 – Business continuity management systems, we will assess the risks, processes, reliability and effectiveness of business continuity plans, employee awareness, compliance with applicable requirements and agreements, and security levels. On the basis of our report we will propose measures to improve your planning and recovery procedures regarding the critical areas of your organization’s activity.

clinical audit

A clinical audit examines the quality of  healthcare services against the relevant clinical and management standards, focusing on patient safety, effectiveness of clinical procedures, compliance with applicable law, payer requirements, utilisation of resources, medical records and documentation, personal information security and effectiveness of existing processes.
We will carry out a clinical audit in your healthcare facility to evaluate the quality of provided services. Using our original SenseMaking Practices© methodology, and accreditation standards for hospitals and primary care providers (issued by Centrum Monitorowania Jakości w Ochronie Zdrowia/Polish Centre for Monitoring Quality in Healthcare), we will evaluate the effectiveness of your clinical activity, identify and assess the risks of adverse events, verify the accuracy of clinical procedures, billing  procedures, compliance with the law and binding contracts. On the basis of our report we will propose effective measures to improve the quality of services in your healthcare facility.

laboratory quality audit

A laboratory quality audit evaluates a quality management system in a laboratory. The examination includes processes, laboratory facilities and equipment in terms of utilisation suitability and maintenance of the control and measurement instruments, measurement traceability, legal compliance and conformity with other requirements applicable to organizations performing tests and /or calibrations.  Also evaluated are the processes of identification of measurement uncertainties, estimation of measurement uncertainties,  sample handling, analytical procedures and analytical methods validation, quality control documentation, Out-of-Specification (OOS), Out-of-Expectation(OOE) and Out-of-Trend(OOT) results handling procedures, stability testing, non-conforming product handling procedures, etc.
We will carry out a laboratory quality audit in your facility to evaluate the quality and effectiveness of your activities.  Applying our original SenseMaking Consulting Group methodology , we will assess your risks, processes, compliance with requirements, tools, infrastructure, methods, and documentation. On the basis of our report we will propose effective measures to improve your laboratory quality management system.

Gap Analysis

Gap Analysis is the process through which a company compares its actual performance to its potential or desired performance to determine whether it is meeting expectations and using its resources effectively.  Gap analysis seeks to answer the questions “where are we?” (current state) and “where do we want to be?” (target state). The purpose of the gap analysis is to identify the differences – gaps – between the company’s optimal allocation of its resources, processes and activities, and the current state. The technique allows for a more comprehensive examination of areas which are in need of improvement. The process consists in defining and documenting the differences between the organization’s current performance and its possibilities and potential for growth.
We will carry out a gap analysis in your organization concentrating on possibilities, opportunities and organizational potential. Relying on our SenseMaking Practices© methodology we will indicate gaps and areas for improvement in your current management system, particularly with regard to legal compliance, standards, benchmarks, business directives and strategies, products and/or services on offer and existing processes.

third-party audit – certification bodies support

At the request of a certification body we can carry out a third-party audit in an organization in any of the areas listed below.
With our team of experienced and highly-qualified auditors we offer our professional auditing expertise with ISO 9001, ISO 14001, ISO 45001, ISO 27001, ISO 22301, ISO 20000, ISO 22000/IFS/BRC/HACCP, SA8000, SMETA, CSR, ETI Base Code, MSUES. Our auditors are accredited with many credentialing bodies in Poland and abroad, such as PCA(Poland), UKAS(Great Britain), RvA (Holland), COFRAC (France), DAkkS (Germany) and ANAB (USA.

forensic audit

A forensic audit is an investigative process in which an auditor, also called a forensic accountant, applies accounting methods to the tracking and collection of forensic evidence, usually for investigation and prosecution of criminal acts such as embezzlement or fraud, and other dishonest acts allegedly committed by an organization’s management, employees or counterparties. The forensic auditor investigates and analyses the activities of and interconnections between the employees and counterparties, which may lead to the disclosure of information leaks, economic or industrial espionage acts, trade secret breaches, or loss-generating activities.
At your request, we can carry out a forensic audit and internal investigation at your organization. We will collect evidence, assess your losses, verify collected information and evidence against the actual state of affairs and suffered financial loss, and propose effective measures to prevent fraudulent incidents from happening in your organization in the future.

process audit

The objective of a process audit is to examine an organization’s internal processes in order to evaluate their quality capability. The audit results in an assessment of the processes’ effectiveness, conformity, durability and resilience to disruptive factors such as nonconformities, non-conforming results, non-conforming products and servicesj.
We will carry out a process audit in your organization focusing on their effectiveness and performance. Using our original SenseMaking Practices© methodology and reference models, we will verify process risks, planning provisions, process conformity with requirement criteria and ways in which to meet them, process control criteria and interconnections between them, deviations and utilisation of resources. On the basis of our report we will propose effective measures to improve your business processes. Read more about process management here.