Remote Auditing Policy

PostedJune 13, 2026

UpdatedJune 22, 2026

Byadmin

Please click the links in the Table of Contents below to see specific sections of the policy, or you can download a PDF at the bottom of this article.

Can I Have a Remote Audit
Types of Remote Audit
Responsibilities During Remote Audits
Pre-Audit Planning
Conducting the Audit
Audit Reporting
Competence Requirements
Risk Management

The Remote Auditing Procedure to ensure an established structured and consistent approach for conducting remote audits.

Remote auditing enables flexibility and efficiency while maintaining the integrity and reliability of audit outcomes, however we must ensure that all remote audits comply with international standards, safeguard impartiality, and uphold confidentiality. There are also associated risks with remote methods that need to be mitigated an kept under review.

Can I Have a Remote Audit?

Remote auditing may be used when circumstances such as geographical constraints, health and safety considerations, or client preference make on-site audits impractical, provided that the audit objectives can still be achieved effectively.

Our office team will work with the client and the audit team to ensure a remote audit is appropriate and feasible.

Types of Remote Audit

Remote Audit: An audit conducted without full on-site presence, using ICT tools to gather evidence and interact with auditees.

Hybrid Audit: A combination of on-site and remote activities, where certain elements (e.g., document review) are performed remotely and others (e.g., physical inspections) on-site.

ICT (Information and Communication Technology): Tools such as video conferencing platforms, secure file-sharing systems, and remote access applications used to facilitate remote audits.

Responsibilities During Remote Audits

Role	Responsibilities
Audit Team Leader	Plans and executes remote audits, ensures ICT suitability, verifies auditor competence.
Auditors	Apply remote auditing techniques effectively, maintain confidentiality, ensure evidence integrity.
Technical Support	Provides ICT setup, troubleshooting, and secure connectivity.
Client Organisation	Grants access to systems, documents, and personnel; agrees to remote methods and security measures.

Pre-Audit Planning

1. Feasibility Assessment

During the planning process, and at each audit stage, we will Assess whether remote auditing is appropriate by considering:

Audit scope and complexity.
Risks such as connectivity issues and data security.
Competence of audit team and auditee in ICT use.
Legal or contractual restrictions.
Whether the technology needs to be tested before the audit (often covered during the initial call or quoting stage).

2. Agreement with Client

Clients must agree:

The ICT platforms and backup communication methods.
Satisfactory Confidentiality and data protection measures.
Permissions for recordings/screenshots, if required.

Any AI notetakers or tools should follow our Use of AI Policy.

3 Audit Plan

The following information can be found in the audit plan, report or the calendar appointment with the client:

Objectives, scope, and criteria.
Dates, times, and time zones.
ICT tools and contingency plans.
Roles and responsibilities.
Identification of remote and on-site activities.

Conducting the Audit

1 Opening Meeting

An opening meeting will be conducted via video conference and will include all relevant aspects of the Opening and Closing Meeting Procedure.

2 Audit Activities

Remote audit activities may include:

Document review via secure file-sharing or screen-sharing.
Interviews via video conferencing.
Observation using live streaming or drones.
Verification of digital twins or virtual models.
Reviewing floor plans, satellite images, street view or other information about a site.

Auditors are reminded of the importance of making decisions based on objective evidence from a representative sample of records.

Confidentiality

It is essential to maintain confidentiality by only using encrypted platforms, restrict access to authorised participants, and securely store shared data.

Audit Reporting

Where an audit is conducted remotely, the audit report will include the following:

Remote methods used and their effectiveness.
Limitations encountered and mitigation measures, if any.
ICT tools and security measures.
Declaration of confidentiality and impartiality.

Competence Requirements

In accordance with our Competence System, our auditors must demonstrate:

Knowledge of remote auditing techniques.
Ability to manage ICT tools securely.

Risk Management

Remote auditing risks are addressed within the our Risk Register and reviewed regularly.

In addition, any audit specific risks should be reported to the office and addressed.

References

ISO/IEC TS 17012:2024
ISO 19011:2026
ISO/IEC 17021-1
IAF MD 4:2025

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.