The SA8000 process requires all accredited Certification Bodies delivering SA8000 services to conduct a combination of announced, semi-announced, and unannounced audits in the 3-year SA8000 certification cycle. These activities are not necessarily conducted to “catch” certified organisations in wrongdoing – they can be a highly effective tool for verifying continuing compliance at an SA8000-certified organisation.
The purpose of the semi-announced and unannounced audits are to provide as little notice as possible to the certified organisation to preclude them from altering normal activities and practices in order that a more realistic view of the certified organisation be achieved. Advanced notice of the exact date of the SA8000 audit, regardless of the reason, will diminish the effect of such an audit and should be avoided to the extent possible.
See SAAS Procedure 200 for normative requirements on the conduct of required SA8000 audits. The number of semi-announced and unannounced audits varies depending on the risk assessment for each country.
SAAS requirements for semi-announced and unannounced audits by their very nature do not contemplate any notification of the organisation prior to the audit. The certified organisation should be aware that the audit will generally take place at intervals within the certification cycle, as defined in SAAS Procedure 200.
These audits are part of the contractual arrangement with the certified organisation and should be fully explained to the client by the certification body prior to signing the contract to deliver the SA8000 audit. It is incumbent upon the SA8000-certified organisation that they make plans specifically for the undertaking of an unannounced or semi-announced audit in such a way that they anticipate possible eventualities that could arise should the key management resources not be available on the day(s) of the audit. In this way, alternate management could be made available to be responsible for critical areas and to make necessary documents available.
Unannounced Audit Considerations
There may be situations where serious obstacles must be overcome in applying the policy of semi-announced and unannounced audits. In certain situations, the conduct of such an audit will not be practical, such as unforeseen obstacles which no amount of prior planning will overcome. Such situations described to SAAS include:
- a requirement for travel documents such as visas;
- the need for special travel arrangements such as armed guards;
- and no lodging facilities for auditors in remote areas, etc.
Therefore, SAAS recognizes that in such impossible circumstances, the CB shall have to substantiate its reasons through appropriate documentation and those reasons will be evaluated by SAAS accordingly in the course of its periodic oversight to determine if the reasons are valid and justifiable.
Again, the purpose of the audit is to maintain the credibility and transparency of the SA8000 system by assessing an organisation which has not received prior warning of the audit in order that the system is viewed in its natural state. It is therefore necessary that each certification body consider this requirement as one that is critical to the process and must be conducted to the extent possible. Exceptions will be allowed based upon individual circumstances, such as those described above, but each CB is required to maintain a system for formal approval of the exception given by the controlling certification office whenever such an exemption is undertaken.