Supplier Audits
Learn how to ensure your suppliers meet your standards—before their risks become your problems.
Sustainable organisations are built by robust and effective relationships between themselves, and their suppliers.
These relationships can be complex and when the correct contingencies are not set in place, this reliance becomes even greater and the risks can be huge.
Suppliers need to be reliably and consistently providing the service you expect from them.
They must follow the rules (legal, safety, or quality). And can not put your business at risk by not following any of the previous.
Effective management of your suppliers cannot be overlooked and they should be treated like a silos within own organisation.
An emphasis on the alignment between your quality expectations and their supplied resources.
A supplier audit is a formal evaluation of a supplier’s processes, systems, and practices to ensure they meet your company’s requirements for quality, compliance and performance.
These audits are conducted to verify that suppliers are actually doing what they claim—such as following ISO standards or using ethically sourced materials.
They help businesses identify potential risks before they escalate into serious issues, like product failures or legal trouble.
Audits also strengthen the relationship between buyer and supplier by encouraging transparency and better communication, which ultimately leads to improved quality and reliability.
During a supplier audit, several key areas are typically reviewed. These include the supplier’s quality control systems (like ISO 9001 compliance), their production processes and equipment, and how they source raw materials.
Auditors also look at environmental practices, labor conditions, delivery performance, and how well the supplier maintains documentation and traceability across their operations.
Let’s break down the different types of supplier audits.
System Audits
A system audit examines a supplier's entire quality management system (QMS) to ensure it is well-organized and complies with standards like ISO 9001.
It focuses on policies, procedures, documentation, overall quality practices, and the commitment of management to training and continuous improvement.
Example: Checking if a supplier’s ISO 9001 system is implemented correctly, with documented procedures and internal audits.
Process Audits
A process audit zeroes in on a specific process or workflow within the supplier’s operations.
Evaluating the inputs and outputs of a process, the methods and controls in place, as well as the equipment and operator skills.
It also examines the process's capability and consistency in meeting quality standards.
Example: Auditing the welding process on an assembly line to ensure proper technique, inspection, and safety controls are in place.
Product Audits
A product audit inspects the final product to ensure it meets required specifications and quality standards.
It focuses on physical measurements, visual inspections, functionality or performance tests, and checks for proper packaging and labelling.
Example: Inspecting a batch of electronics to ensure every unit passes testing, has no defects, and meets the design spec.
Compliance Audits
A compliance audit verifies that a supplier complies with applicable laws, regulations, and industry standards.
It focuses on legal requirements like labor and safety laws, checks for industry certifications such as REACH, RoHS, and GMP, and ensures adherence to ethical codes of conduct.
Example: Auditing a factory in another country to ensure no child labor, proper waste disposal, and adherence to local labor laws.
Audit Type | Focus Area | Goal |
|---|---|---|
System | Entire management system | Ensure system structure & effectiveness |
Process | Specific process or operation | Ensure consistent and controlled execution |
Product | Final product/output | Confirm it meets quality/specs |
Compliance | Rules, laws, and standards | Verify legal/ethical/contractual adherence |
Audit Process: Step-by-Step
Let’s break down the process for a supplier audit.
Planning
Every audit begins with a solid foundation, and that’s where planning comes in.
At this stage, the team outlines the overall purpose of the audit. Including what it's meant to uncover or improve.
Whether it's compliance verification, process evaluation, or risk identification, the goals should be clearly defined.
From there, the scope is determined, identifying which areas or processes will be examined, and the criteria are selected.
These might be industry standards, regulatory requirements, or internal benchmarks.
Once that framework is in place, suitable auditors are chosen, typically based on their relevant expertise and objectivity.
The supplier is then notified, giving them time to prepare and gather any necessary materials ahead of the audit.
Pre-Audit Questionnaire
Before auditors set foot on site, the supplier usually completes a self-assessment.
This takes the form of a pre-audit questionnaire, designed to offer an early look into the supplier’s current operations, policies, and systems.
It helps auditors identify red flags or areas that warrant a deeper dive during the actual audit.
Think of it as a diagnostic snapshot—it doesn't replace the audit, but it does help focus it.
For suppliers, it's also a chance to reflect internally and address any obvious gaps before the formal evaluation begins.
Audit Execution
This is where the process moves into action.
The audit itself may involve several types of evaluation: compliance, system, process, or product audits, each with its own lens.
For on-site audits, the auditors typically start with walkthroughs, observing how things operate on the ground.
They’ll speak with employees across various levels, not just to confirm compliance, but to gauge how well procedures are understood and followed in practice.
Documentation and records are also reviewed closely and what’s written down should align with what’s actually happening.
This stage is hands-on, methodical, and often a mix of structured questioning and real-world observation.
A) System Audit
This audit evaluates the supplier’s overall organizational structure and the effectiveness of its quality management system.
It involves reviewing system documentation, assessing compliance with standards such as ISO 9001 and examining how resources including personnel and infrastructure are managed.
The audit also verifies whether process controls are in place and functioning effectively.
B) Process Audit
A process audit focuses on specific manufacturing or service delivery activities.
It assesses the efficiency and effectiveness of these operations, ensuring they adhere to defined procedures and industry standards.
Auditors also examine how risks are managed within the process and review related documentation and records for accuracy and completeness.
C) Product Audit
This type of audit involves inspecting finished products or production batches to identify defects and confirm compliance with quality specifications.
It also includes verifying the accuracy of packaging and labelling as well as evaluating product handling and storage procedures to ensure proper care and safety.
D) Compliance Audit
Compliance audits focus on the supplier’s adherence to legal, regulatory and corporate requirements.
They involve reviewing environmental and safety compliance, ethical practices and corporate policies.
Labour standards and social responsibility commitments are also assessed to ensure full regulatory and ethical alignment.
Audit Report
After the audit concludes, everything is compiled into a formal report.
This includes a summary of key findings—both areas where requirements were met and where they were not.
Non-conformities are outlined clearly, but so are strengths.
Often, the report will also contain a risk assessment to help prioritize which issues are most urgent or potentially damaging.
Alongside the findings, auditors typically offer recommendations or rooms for improvement, not just for correcting problems but for improving processes overall.
The goal isn't just to critique but to provide value through practical guidance.
Follow-Up
An audit doesn’t end with the report—it’s the follow-up that ensures real change happens.
The supplier is expected to respond with a Corrective Action Plan (CAP), detailing how each issue will be resolved, who’s responsible, and when it’ll be done.
In some cases, a follow-up visit or re-audit might be required, especially if critical problems were found.
This step is crucial for accountability and continuous improvement. It also closes the loop, transforming the audit from a one-time review into a catalyst for lasting operational enhancement.
Summary
To truly manage risk and build reliable supply chains, organizations should prioritize effective supplier audits.
They offer a practical way to verify that suppliers are meeting expectations, not just on paper, but in real operations.
They enable you to facility your supplier and understand if they have the scope, which will allow them to grow with you.
This, being crucial because your processes are only as good as the resource they are supplied with.
Tips for Effective Supplier Audits
Build strong relationships—audits should be collaborative, not confrontational
Tailor the audit to the specific industry and product
Use checklists and standardized scorecards
Document everything clearly
Conduct regular audits, not just one-offs
