APSCA Code and Standards of Professional Conduct (Code)  
Guidance 1  
ISSUE:  
Audit Effectiveness and Auditor Safety  
Applicable APSCA 5.2.6 and Definition of Social Compliance Audit  
Code Section:  
Date Issued:  
March 11, 2021  
Background  
To effectively execute (complete) a Social Compliance Audit, the Member Auditor must be  
able to obtain and evaluate sufficient competent evidential matter (evidence) to confirm  
performance related to all areas in scope through effective performance of all audit  
procedures as outlined in the APSCA Competency Framework.  
A key consideration in the effective execution (completion) of a Social Compliance Audit is  
unfettered (unrestricted) access. This would include physical access to operations; access to  
records; and access to workers to perform confidential worker interviews all of which  
provide the sources of information and evidence critical to the audit process.  
In certain circumstances, the general conditions - whether specific to an operation or a  
geographic region - can create an environment that limits the ability of the Member Auditor  
to properly execute all elements of a Social Compliance Audit, whether as a result of limited  
access to key elements or threats to workers or unacceptable levels of risk for safety of the  
Member Auditor.  
The definition of a Social Compliance Audit and the APSCA Competency Framework define  
the minimum elements in the execution of a Social Compliance Audit. Additionally, Section  
5.2.6 of the Code requires Members to establish policies and procedures to ensure the  
safety, protection, and security of their auditors and requires auditors to comply with such  
policies and procedures.  
Document Name:  
Version & Date:  
Replaces:  
Code Guidance on Audit Effectiveness and Auditor Safety D-117  
Version 1 March 11 2021  
Author/Owner: APSCA  
Authorized by: Executive Board  
Date Printed: 22 April 2021  
nil  
This document is no longer version controlled once printed.  
Page 1 of 4.  
APSCA Code and Standards of Professional Conduct (Code)  
Guidance 1  
Guidance  
Should the conditions related to the execution (completion) of a Social Compliance Audit  
limit the auditor’s access or preclude (prevent) the effective completion of all required audit  
procedures, the Member should not accept or should delay the audit until such time as the  
conditions allow for the auditor to conduct all required audit procedures in an effective  
manner.  
Additionally, if in the professional judgement of the Member, the conditions related to the  
execution (completion) of a Social Compliance Audit present an unacceptable risk to the  
safety of the auditor, the Member should not accept or should delay the audit until such  
time as the conditions allow for the auditor to complete the audit in a safe and effective  
manner.  
Conditions that prevent the effective execution (completion) of a Social Compliance Audit  
might impact other services differently. It is a requirement of Members to clearly define the  
scope of any service and, to the extent a service is a Social Compliance Audit, to ensure the  
Social Compliance Audit is conducted in full compliance with the requirements of the Code.  
Case Examples  
While not exhaustive, the case examples presented below are intended to provide a view on  
the application of Guidance 1.  
Case 1  
A Member Firm was requested to perform a Social Compliance Audit at a facility  
where the Member Firm, from previous engagements, understood that management  
had created an environment where the potential spaces for worker interviews may  
be subject to surveillance (observation) and workers understood that all discussions  
may be overheard by management. Previously, there had been indications that  
there had been consequences (penalties) for workers who made comments that  
could be understood as negative toward the factory or management. In this case,  
alternative locations are not possible. Presently, there is no sense that the factory  
would allow unfettered (unrestricted) access for the performance of confidential  
worker interviews.  
Document Name:  
Version & Date:  
Replaces:  
Code Guidance on Audit Effectiveness and Auditor Safety D-117  
Version 1 March 11 2021  
Author/Owner: APSCA  
Authorized by: Executive Board  
Date Printed: 22 April 2021  
nil  
This document is no longer version controlled once printed.  
Page 2 of 4.  
APSCA Code and Standards of Professional Conduct (Code)  
Guidance 1  
In this situation, the Member Firm should follow appropriate process steps to  
evaluate the ability to effectively conduct a Social Compliance Audit at this facility.  
Based on the facts and circumstances, there is an expectation that an auditor could  
not perform all required audit procedures in an effective manner. On that basis  
Members should not schedule or perform a Social Compliance Audit at this facility.  
To the extent there were changes in conditions allowing for the performance of all  
audit procedures, a Member could accept and perform the Social Compliance Audit.  
Further, as stated in the Guidance provided, conditions that prevent the effective  
execution (completion) of a Social Compliance Audit might impact the completion of  
other services differently.  
Case 2  
A Member Firm was requested to perform a Social Compliance Audit at a facility. In  
the past, there had been instances where factory representatives suggested to an  
auditor that a negative audit result would have significant consequences for the  
auditor and the auditor’s family.  
In this case, the Member Firm should follow the appropriate process steps to  
evaluate the safety risk for the auditor, and any potential steps to reduce the risk to  
an acceptable level. After consideration of the threats, viewed to be credible, and if  
steps to mitigate the risk could not be implemented - there should be an expectation  
that an auditor could not effectively perform the Social Compliance Audit and  
Members should not accept or perform a Social Compliance Audit at this facility.  
To the extent there were changes in conditions at the facility at some point in the  
future or other factors mitigating the risk to the auditor potentially including  
changes in ownership and management of the facility, a Member could logically  
accept and perform the Social Compliance Audit to the extent there were no longer  
significant safety risks for the auditor.  
Further, as stated in the Guidance provided, conditions that preclude the effective  
execution (completion) of a Social Compliance Audit might impact the execution of  
other services differently.  
Document Name:  
Version & Date:  
Replaces:  
Code Guidance on Audit Effectiveness and Auditor Safety D-117  
Version 1 March 11 2021  
Author/Owner: APSCA  
Authorized by: Executive Board  
Date Printed: 22 April 2021  
nil  
This document is no longer version controlled once printed.  
Page 3 of 4.  
APSCA Code and Standards of Professional Conduct (Code)  
Guidance 1  
Case 3  
A Member Firm was requested to perform a Social Compliance Audit at a facility  
located in an area considered a hot spot with significant incidences of a disease  
involving an easily transmittable infection/disease, such as COVID-19. In planning  
the Social Compliance Audit, the facility indicated that they had not taken any  
practical steps to avoid exposure or transmission of the infection and that there had  
been cases recently reported among the workers in the facility.  
In this situation, the Member Firm should follow the appropriate process steps to  
evaluate the health risk for the auditor and identify any potential steps to reduce  
the risk to an acceptable level.  
If the Member Firm reasonably concluded that the auditor would be in an  
environment that presented a significant risk of exposure to the disease and there  
were not appropriate steps being taken at the facility (e.g. screening; personal  
protective equipment) to mitigate risk, the Member Firm should not schedule or  
perform a Social Compliance Audit at this facility.  
If there were changes in conditions or sufficient safety precautions were being taken,  
a Member could accept and perform the Social Compliance Audit to the extent there  
were no longer significant personal health risks for the auditor.  
Case 4  
A Member Auditor was performing a Social Compliance Audit at a facility where the  
related Member Firm had previously conducted an audit without an issue. During  
the factory walk through and management interviews, factory management gave the  
Member Auditor a sense the Member Auditor’s safety would potentially be at risk if  
the overall result of the audit was not positive for the factory. In response to the  
situation, the Member Auditor contacted the Member Firm to report on the  
circumstances with the factory and the related safety concern.  
After consideration of the threats, viewed to be credible, and the fact that there  
were no immediately available steps to mitigate the risk - there should be an  
expectation that the Member Auditor could not effectively perform the Social  
Compliance Audit and the audit should be immediately terminated.  
To the extent there were changes in conditions at the facility at some point in the  
future or other factors mitigating the risk to the auditor potentially including  
changes in ownership and management of the facility, a Member could logically  
accept and perform the Social Compliance Audit to the extent there were no longer  
significant safety risks for the auditor.  
Document Name:  
Version & Date:  
Replaces:  
Code Guidance on Audit Effectiveness and Auditor Safety D-117  
Version 1 March 11 2021  
Author/Owner: APSCA  
Authorized by: Executive Board  
Date Printed: 22 April 2021  
nil  
This document is no longer version controlled once printed.  
Page 4 of 4.