Skip to main content


Avetta has launched Subcontractor Management Solution ! Click here

What Is a Supply Chain Audit?

By Avetta Marketing
October 08, 2019
8 minutes
What Is a Supply Chain Audit?

A supply chain audit is a detailed examination of your supply chain. The functions and benefits of supply chain audits include: 

  • Identifying risks in your supply chain so you can protect your revenue and reputation

  • Finding and stopping fraud and systematic errors

  • Improving supply chain performance

  • Creating and demonstrating greater reliability and credibility

  • Gradually increasing your vendors’ compliance with standards

  • Motivating change in the areas of safety, health, environmental sustainability, working conditions, anti-corruption, and others

  • Creating better business relationships with vendors

The activities of supply chain audits include at least these five: 

  • Implementing better data collection hardware and software

  • Managing sources of risk

  • Cross-checking data

  • Keeping and reviewing logs of data changes

  • Measuring vendor performance

Each audit can include several or all of these activities. We will explore each activity below. You’ll periodically perform numbers 2–5 many times, so it is vital to begin adding them to your procedures to practice and improve upon them. 

1. Implementing Better Hardware and Software

Your first step should be to upgrade your software and hardware to more easily capture the data needed for the subsequent steps. You’ll complete audits more rapidly and more often if you start to: 

  • Conduct all business transactions using only digital documents

  • Store all your latest supply chain transaction data in a single, company-wide ERP (enterprise resource planning) software package

  • Capture data from the movements of products using a radio frequency identification (RFID) or barcode system

  • Convert transaction documents into a commonly shareable electronic language using electronic data interchange (EDI) technology

These technologies can allow you to more accurately and quickly capture and share data about supply chain activities, reducing data entry errors and improving data visibility for auditors. Vendors should be trained to use technologies correctly to supply accurate data.

2. Mitigating Sources of Risk

Why should you audit your suppliers? A major reason is to monitor sources of risk that could damage your organization. Auditors can also organize their activities around investigation and mitigation of each source of risk. Risk factors include: 

  • Reputational: Consumers quickly condemn questionable practices anywhere in a supply chain, which can reduce the revenue of an organization. 

  • Price: When market prices of materials change, an organization’s expenses can rise, or the organization can miss out on the advantages of a price drop due to a contracted price.

  • Cybersecurity: Software attacks on supply chains are rising and expensive. Review both your cybersecurity procedures and your personnel roster with access to data.

  • Global Politics: Changes in international conflicts, tariffs, and trade agreements can increase prices. You may need to seek alternate vendors before changes occur.

  • Inventory Management: Inventory must be transported and stored correctly to ensure you always have stock that is undamaged and ready to be used.

  • Contract Management: It must be clear which department owns contracts and oversees vendors’ performance.

  • Quality: Poor quality even in seemingly insignificant areas can derail vital business processes. Hold yourself and your suppliers to high industry standards of quality. 

  • Delivery: Smart planning is crucial to avoid delivery delays of physical or electronic goods. Delays could even include inclement weather that could slow trucks or ships.

  • Legality: You could suffer damage from a vendor engaging in illegal practices, even without your knowledge. Write contracts that shield you from these activities, as well as train vendors to avoid violations.

Mitigation of such risks can include tactics such as:

  • Better training of vendors and employees

  • Updating vendor contracts

  • Switching to new vendors

  • Employing new methods of supply chain management

  • Implementing better quality standards

  • Writing new delivery procedures

3. Cross-Checking Data

This auditing task involves searching for errors and discrepancies by cross-checking the data in different documents related to the same transaction. As examples, auditors can compare the data in a: 

  • Receipt and Purchase Order: Ensure that goods delivered match the goods ordered.

  • Receipt and Shipping Notice: Match the goods delivered to the goods shipped.

  • Receipt and Quality Assurance Report: Test the quality of delivered goods against the contracted quality standards on the receipt.

  • Invoice and Quality Assurance Report: Catch any problems in delivered goods before invoices are paid. Avoid paying for unsatisfactory goods.

  • Shipping Notice and Purchase Order: Ensure that goods to be shipped match the quantities and other specifications on the purchase order.

When auditors detect a data discrepancy, they should first investigate whether it is due to an honest mistake. Vendor training or procedural changes can reduce repeated errors.

If an error is not just a mistake, auditors can search for fraud. Acting almost like a journalist, they should be somewhat skeptical of sources of data, track down leads, and search for hidden activities. Auditors must not live near the vendor, which could corrupt their judgment.

4. Examining Changes in Data Logs

You can set up your electronic data systems to keep a log of any data changes, including information about: 

  • Who is changing data

  • The exact way that the data was changed

  • The location of the changes

Some types of fraud that vendors can perpetrate involve simple data manipulating. For example, a vendor could:

  1. Raise the price of an item within your ERP software

  2. Create a purchase order using that higher price

  3. Send the purchase order to you

  4. Lower the price to its original level

Using a supply chain data log, auditors can find the records of such changes. They can also check that the values match in the latest version of a document, such as a purchase order, that is logged in both your ERP and EDI systems. In fact, some systems can perform these checks automatically.

You could also implement a supply chain auditing blockchain technology, which creates a tamper-resistant data log of electronic activities across all your vendors.

5. Improving Vendor Performance Through Auditing

The data gathered by regular auditing can also be used to objectively measure vendor performance. You can set a number of key performance indicators (KPIs) for each vendor, assign grades to different levels of performance, and then give vendors consistent feedback. Continually seeing their grades can motivate vendors to improve. 

Common KPIs include: 

  • Accuracy of fulfillment

  • Accuracy of invoices

  • Product quality

  • Rate of accepting purchase orders

  • Timeliness of invoicing

  • Timeliness and accuracy of advance shipping notices

Less common KPIs may include: 

  • Transaction timing

  • Pallet configuration

  • Correct labeling

  • Product presentation

The performance levels required for each grade can vary for different KPIs. You can assign more rigorous required percentages to your most important KPIs. For example: 

  • On the accuracy of fulfillment, an A grade might require a 97.5% success rate while a B might require a 95% success rate.

  • On timeliness of sending invoices, an A grade might require only 90% of invoices to be sent within two weeks of shipping. 

A vendor’s overall grade for each KPI should be based on their average for all measured months. Auditors should investigate vendors that score very low. But they should also red-flag performance levels that are too good to be true, which is sometimes the result of falsified data.

Building a Better Supply Chain

You can use our auditing activities and tips to create a supply chain management checklist. Then, break the list into small tasks and transfer them to an organizational calendar. None of your employees or vendors should wonder, “What is a supply chain audit?” Seeing these tasks scheduled will both define audits and reinforce their importance.

When your organization performs these tasks regularly, it’s likely that your rates of fraud and errors will drop and that the performance of your vendors and entire supply chain will improve.

To learn more, visit Avetta Assessment Services or call 844-633-3801, or email [email protected]

Subscribe to our Blog

More from the Avetta Blog

Contractor Management, Health & Safety, Operations, Procurement, Risk Management
May 18, 2022
Contractor Management, C-Suite, Health & Safety, Operations, Procurement, Risk Management
May 16, 2022
C-Suite, Health & Safety, Operations, Procurement, Sustainability
May 11, 2022
Upcoming Events
May 22–25
Orlando, FL
Avetta at ISM
May 23
9 am MDT | 4 pm BST | 5 pm CEST
German Supply Chain Act
May 26
1 pm ET
Contractor Classification
May 26
2 pm ET
Hidden Risks or Safety Risks Most Likely to be Missed
June 1
2 pm ET
The True ROI of Safety | Building the Case for Greater Safety Investment
June 9-10
2022 NSC Midwest Safety Conference & Expo
June 14
1 pm ET
New SEC Proposals for ESG and Climate Disclosure
June 22, 2022
Supplier Summit
June 23
1 pm ET
Safety Culture Title TBD