External Auditor Confidentiality Agreement

B

brandomenon

I have searched the forums trying to find if this has been covered before. I apologize if this is a re-thread.

We have very few customer audits, but there is one scheduled for next week. Because of the lack of customer auditor traffic through my door, I don't have a standardized form for auditors to sign to protect confidentiality and to define responsibilities and limitations during the audit.

Is this something that most people have in place? Does anyone have a sample agreement or portions that they would be willing to share?

:thanks:

Brandomenon
 

Randy

Super Moderator
Let me ask....What do you really expect to get from a piece of paper other than a warm fuzzy?
 

Sidney Vianna

Post Responsibly
Leader
Admin
We have very few customer audits, but there is one scheduled for next week. Because of the lack of customer auditor traffic through my door, I don't have a standardized form for auditors to sign to protect confidentiality and to define responsibilities and limitations during the audit.
I don't have one to share, but would like to offer a "what if" question.

What if you present the customer auditor with a confidentiality agreement as s/he shows up at your door and s/he says s/he won't sign it, before legal reviews it. Will you prohibit the auditor from performing the audit?

This needs to be discussed and resolved before the auditor shows up. Otherwise, you can have one seriously pissed customer rep.
 
B

brandomenon

I don't have one to share, but would like to offer a "what if" question.

What if you present the customer auditor with a confidentiality agreement as s/he shows up at your door and s/he says s/he won't sign it, before legal reviews it. Will you prohibit the auditor from performing the audit?

This needs to be discussed and resolved before the auditor shows up. Otherwise, you can have one seriously pissed customer rep.

I agree that it will cause problems if it is a surprise on audit day. I will get it to the auditor before, so at the very least they will have some idea of things I'm not going to let them do while they are here, plus the expectation that shared information during the audit needs to be kept confidential between the customer and supplier.

If they really don't want to sign it, I wouldn't force them to, but it might limit what they can see. This isn't meant for malice, just to communicate between our company and the incoming audit team that there may be sensitive information involved during the audit process and that we have the right to protect that information.

If this is not common, as both of the replies so far indicate, then I may not bother. I appreciate the input and the follow-up questions.
 

Sidney Vianna

Post Responsibly
Leader
Admin
If this is not common, as both of the replies so far indicate, then I may not bother. I appreciate the input and the follow-up questions.
Restricting access of customer auditors is somewhat typical in business. Check the Automotive Customer Audit with 'Improvements' thread.

If I were a customer auditor and a supplier allowed unrestricted access to all the information about other customer products, especially competitors', I would be VERY concerned that they would also be allowing my competitors to see sensitive information of my products. :mg:
 
J

JaneB

I agree with your logic, brandomenon, and think it's sound.

If they're customers or suppliers (ie, not third-party auditors) then the relationship between you should I think be subject to a few defined principles and guidelines. Apart from anything else, it gives you early warning if they and you aren't on the same page!

And yes, restricting access to what you will show them and what you won't is quite normal.
 

JoCam

Trusted Information Resource
Hi Brandomenon,

We use a Non Disclosure Agreement for all Customers wishing to audit and Suppliers of our custom made components, I've attached a copy for your perusal. You can include details of Customers restrictions during the audit in the information section at the beginning.

This NDA should be sent and returned signed prior to allowing the Auditor on site.

Please note that this is written to English Law, and that if you were to use this example you will need to seek advice about the corresponding Canadian Law.

Hope it helps,

Jo
 

Attachments

  • NDA.doc
    37.5 KB · Views: 620
J

JaneB

I've seen examples of and signed stuff like this on various occasions. The one JoCam's posted (thanks!) of course is drawn up by a lawyer. If that isn't required - or you don't have time/resources - I'd write your own plain English one that captures what you want to say & have agreement on.
 

Hershal

Metrologist-Auditor
Trusted Information Resource
An audit from your customer has been adequately addressed here. This is in fact somewhat different than an assessment by an accrediting body or an audit by a registrar, where confidentiality is typically part of the contractual agreement for services.

As has been mentioned, control what they see, that is normal and in truth expected; but you should make sure there are no issues with signing the agreement with the customer before they show up.
 
Top Bottom