FAQ – AuditOne Process
How does the platform handle data security?
On the network level, your data is completely secure and conforms to the highest standards applicable to any other client using Amazon Web Services — we are EU Safe Harbor compliant/certified. Your data is protected via a sophisticated authentication and permissions framework. This means any data is only accessible to users who are authenticated and to whom you authorize data access.
How does the AuditOne platform handle data confidentiality?
Each company posts information and designates whether it’s public, shared (and if so with whom) or private.
Will multiple sites or only one site be audited?
An audit to the appropriate standard (for the category of products produced in this facility) will be required for each site.
What if an organization disagrees with an auditor’s findings?
Our governance process has a dispute resolution section. The AuditOne governance document (link) details the dispute resolution process.
How can an organization work with Brand Owners to handle a failed-audit?
Each brand owner will configure their risk tolerances for supplier audits and make a determination on the path forward.
How will you ensure the audit posting process is simplified?
The AuditOne platform was built to make this process as simple as possible. Currently the platform enables auditors to post the audit to the platform. Future updates, including our mobile audit product, will allow auditors to upload in real-time.
How do you handle the increased risk suppliers would face as result of a failed audit?
AuditOne will do everything possible to provide resources to enable suppliers to prepare for an audit. This will include training as well as the ability to do a GAP analysis in advance of the scheduled audit.
Why were these Certifying Bodies (CBs) selected?
These firms were pre-approved by the brand owners participating in the program based upon the CBs qualifications and experience.
What training do the CBs get for these standards?
The CBs receive approval from the standards bodies based upon their training programs, audit surveillance programs and standards review.
If we reach out to the other brand owners listed as accepting AuditOne now they will be fully on board with accepting Audit One audits?
Yes, the letters supplied signifying the acceptance of AuditOne are official and signed by company representatives.
If we are a distributor, do we have to load each individual supplier that we use into the platform?
Yes, and insure that they are audited to the standard required as part of the AuditOne program.
Does the program require existing certificates to be reissued? On which terms?
If existing certificates meet the AuditOne program requirements, they can be used, they will need to be authenticated by the certification body or standard owner.
How is AuditOne funded?
AuditOne operating costs will funded by a referral fee which will be added to each transaction on the platform. In this case, it will be a percentage of the audit cost.
Once certified to AuditOne using BRC standard, can we used the BRC certification for a non-Audit One member customer?
Absolutely! We believe that the more you socialize AuditOne with your customers, the more audits will be eliminated. Some suppliers are asking their customers to accept AuditOne in lieu of a scheduled audit.
So, what you are saying is that you are going to audit to one of the current standards, not a new standard created by AuditOne?
That is correct, we have selected standards that are readily available – in some cases added addendums or worked with the standard organization to develop.
Documents – typically documents are viewable in an audit, not downloadable to a site. How do you manage that part of the process?
Once the audit is complete, the audit report will be uploaded to the supplier’s profile. Then the supplier will be able to grant access to their participating customers.
Is SQF one of the accepted audit bodies?
Not at this time -the program is open to all certification bodies that meet the criteria established