Auditing, Conflict of Interest, and Credibility: Conducting a Credibility Assessment

Auditing, Conflict of Interest, and Credibility: Conducting a Credibility Assessment

Auditing, conflict of interest, and credibility: What you need to know about conducting a credibility assessment. By James Sullivan.

So, your company has decided to seek certification to verify its management of social, environmental, or even financial aspects. To do this the company must subject itself to an audit and you have been put in charge of making sure that it happens. Now what? How do you make sure that the expense and risk of an audit can both help the company in its day-to-day work and provide the credibility that you need for your customers, clients, workers, investors, as well as NGO and community groups?

Your first step is to develop a call for proposals and invite bids from audit firms. But, how do you assess the credibility of the auditor and the system that they employ?

It may seem redundant for the subject of an audit to be wary of these items; after all, auditors sell credibility. However, just as in every other purchase – caveat emptor. As a major element of the commodity being offered for sale, credibility should be evaluated along with price, timeliness and other factors. In an evaluation of credibility for an audit process it is necessary to understand the system to be employed and the role of the auditor. Because credibility is most easily compromised by real or perceived conflicts-of-interest, this credibility assessment will focus on conflicts-of-interest as a critical element, more important than other elements such as reputation. Once the audit is completed, there should be no reason to believe that the decision of the auditor is based on anything other than your company’s conformance to the standard.

A conflict-of-interest, which is either real or perceived, should be taken seriously. In terms of audits, a conflict-of-interest is any circumstance that would or could bring about a decision by the auditor for any reason other than conformance with the standard. An auditor should not be asked to evaluate the results of its own work or the work of any other company, organization or agency that has the potential to influence the outcome. For this reason consulting services performed by anyone who has influence over the decision of the auditor is of particular concern, examples can include:

  • Consulting work done by either the auditor or a body related to the auditor; or:

  • Consulting work done by the organization responsible for the development or endorsement of the standard; or:

  • Consulting work done by the organization that accredits the auditor.
The following is a credibility assessment tool that can be used in the evaluation of each proposal received.

1. Credibility of the System

Take the time to understand the system against which you are seeking to be audited. It is not enough to just understand the specifics standard that your company is expected to achieve. You should also know how the system is run, who makes those rules and who is responsible for seeing that they are applied.

a. Are the standards written by an independent organization that is neither related to your company nor its industry association?

b. Are the standards written by an organization that is neither the auditor nor related to the auditor?

c. Are the standards revised on a regular basis?

d. Are the auditors that implement the system accredited by an independent agency?

e. Does the accreditation agency have the power to compel the auditor to make improvements?

f. Is the accreditation agency proactive in its oversight of auditors that it accredits?

g. Can you confirm that neither the accreditation agency nor the organizations that wrote or endorsed the standard perform consulting services related to this standard?

2. Credibility of the Auditor

Any hint that the auditor is not fully independent can jeopardise the value of a certificate or audit finding. Think through the relationships that your company may have with the auditor and its owners.

a. Can you confirm that the auditor has not provided your company with any consulting services?

b. Can you confirm that your company has not used any consulting services by firms owned or managed by the same owner or manager as the auditor?

c. Has the auditor explicitly stated that it will not provide consulting services in the process of performing the audit?

d. Is the auditor on probation or subject to any major corrective actions ordered by the accreditation agency?

e. Will the audit decision be taken by individuals who are independent of both the financial management of the audit firm and of the individuals who conducted the on site analysis for the audit?

f. What is the reputation of the auditor as seen by other clients and by the groups for whom the audit is intended to assure?

3. Bonus Questions

For the company that wants to go the extra distance, the following steps will provide extra assurance.

a. Does the auditor have a proven track record of professionalism whenever its integrity has been questioned?

b. Does your harshest critic recommend the system and the auditor?

No situation is ever perfect, but if you know where the deficiencies are you can put in place extra provisions that can improve the credibility of the audit. Even with audits it is possible to specify your needs, as long as the minimum demanded by the standard is achieved. You can ask, for example, that the audit be done to a more rigorous standard and that the auditor attest this to in a public statement. If this is not possible then an up front, clear statement by the company of the shortcomings may go a long way toward protecting the reputation of your company.


By James Sullivan, an independent consultant and formerly the Deputy Executive Director and Operations Director at the international headquarters of the Forest Stewardship Council. Contact him at [email protected].

This piece reprinted from Ethical Corporation magazine, a GreenBiz News Affiliate.