This is my take as an auditor. I have signed a Confidentiality Agreement prior to the audit. With that being said, I also ask them prior to the Management Review if there is any sensitive information they may not want me to see. If they say yes, I will review their procedure for Mgmt Review (99.9% of companies do have one) and see what it states as far as records, attendance sheets, action/follow up actions, agenda’s etc.. that I can review to support the fact that Mgmt review are taking place. I have not been told yet that I can’t review the minutes to the meeting.
Now, this is what we do where I work. We will show the Mgmt Review Records to our Registrar and Customers but not to the FDA. For our Registrar and Customers if there is any sensitive material we do not want them to see we will sanitize (black it out) a copy of the minutes prior to handing them over and explain why we did it, it has yet to cause any problems. The only thing we show the FDA is the agenda for the meeting to show what issues/systems were discussed and the sign in sheet to show who was in attendance.
Just a thought look at it from the auditors prospective, if you refuse to show any supporting documentation the review is being completed (agendas, sign in sheets, minutes (sanitized)), it gives the impression you are trying to hide something or that you are not doing what you say you are doing.