Never ask a question to which you don't know the answer....

The first rule of auditing is really quite simple: Do not ask a question to which you do not know the answer. To get to why, let's first look at the purpose and some methods of auditing.

The purpose of an audit

When developing your scheme it is important to know what happens in an audit - this knowledge will form the basis for a well designed and effective scheme. 

First of all a quick reminder of what audits are not... they are not research, investigation or enforcement. 

An audit is an examination of the system, product or service to determine conformity or nonconformity with stated requirements. To undertake the audit an auditor approaches an audit with the expectation of conformity, after all a client would not reasonable hire a conformity assessment body to conduct an audit if they did not feel that they are already in conformity with the scheme requirements. So, an audit is conducted with the sole purpose of auditing the client's explicit or implied assertion that the system, product or service being audited is in full conformity with the standard. Auditors make determinations of conformity or non-conformity based on the evidence observed in the audit.

Auditors do not punish, conduct research or launch investigations.

Conducting an audit

So...back to the first rule of auditing: Do not ask a question to which you do not know the answer.

An auditor does her job by examining evidence provided by the client with an eye to determine if the evidence demonstrates conformity. The evidence that is evaluated can include documents, interviews,  and visual inspections.

In the audit, the auditor should record the evidence evaluated and note when it is in conformity and when it is not.

When asking questions, the auditor should always ask open-ended questions, ones that do not give an expected answer to the person being asked. (i.e. do not ask "You don't put that in this box, do you?" instead ask "What do you do next?") Auditors should listen to the responses and ask further questions to probe further as needed. 

The auditor should ask for objective evidence to support the answers. (i.e. "Why do you do that?")

What this means for your scheme.

As you work on your scheme, carefully consider what the requirements are that apply to the client. Are your requirements designed to be assessed for conformity by the auditor - or are your asking the auditor to play another role. 

Auditors do conformity assessment only. The requirements that your scheme lays out should be clear to the client and easy (as much as possible) for the auditor to determine, based on objective evidence, whether or not the client conforms.