Supplier Audit Report Template: Format, Sections, and Example Findings
A Supplier Audit Report is a critical document that records the results of an evaluation conducted to assess a supplier’s compliance with contractual, regulatory, quality, ethical, and operational requirements. It is widely used across industries such as manufacturing, pharmaceuticals, food, retail, electronics, and services. A well-structured supplier audit report not only documents compliance status but also helps organizations:
- Identify risks in the supply chain
- Improve supplier performance
- Ensure regulatory and customer compliance
- Support supplier development and corrective actions
This blog provides a complete guide to:
- Supplier audit report format
- Essential sections
- Example findings (compliant, minor, major, critical)
- Best practices for writing an effective audit report
What Is a Supplier Audit Report?
A Supplier Audit Report is the formal output of a supplier audit. It summarizes:
- Audit scope and objectives
- Areas audited
- Findings and visible evidence
- Non-conformities and risks
- Corrective action requirements
It serves as an official record for management review, regulatory inspections, and supplier performance monitoring.
Standard Supplier Audit Report Format
A professional supplier audit report generally follows a structured format to ensure clarity, consistency, and traceability.
Typical Format Overview
- Cover Page
- Audit Summary / Executive Summary
- Supplier & Audit Details
- Audit Scope and Criteria
- Audit Methodology
- Audit Findings
- Non-Conformity Classification
- Corrective Action Plan (CAP)
- Overall Audit Conclusion
- Auditor Details & Signatures
- Appendices (if applicable)
1. Cover Page
The cover page provides essential identification information.
Includes:
- Audit title (Supplier Audit Report)
- Supplier name and address
- Audit type (GMP, SMETA, Quality, ESG, etc.)
- Audit date(s)
- Report reference number
- Confidentiality statement
Example:
This report is confidential and intended solely for the use of [Company Name].
2. Audit Summary / Executive Summary
The executive summary gives management a quick understanding of audit outcomes without reading the full report.
Contents:
- Overall compliance status
- Key strengths
- Major risks identified
- Total number of non-conformities
- Recommendation (Approved / Conditionally Approved / Not Approved)
Example:
The supplier demonstrated general compliance with quality and safety requirements. However, two major and three minor non-conformities were identified related to documentation control and supplier qualification processes.
3. Supplier & Audit Details
This section records basic factual information.
Supplier Information:
- Legal name
- Site address
- Contact person
- Business activity
Audit Information:
- Audit date and duration
- Audit type (Initial, Routine, Follow-up)
- Audit team
- Audit language
4. Audit Scope and Criteria
Clearly defines what was audited and against which standards.
Scope Includes:
- Departments audited
- Processes reviewed
- Products or services covered
Audit Criteria Examples:
- ISO 9001
- GMP (WHO / FDA / EU)
- SMETA / ETI Base Code
- Customer-specific requirements
- Contractual agreements
Example:
The audit covered raw material procurement, production, quality control, and warehousing in accordance with ISO 9001:2015 and customer specifications.
5. Audit Methodology
Explains how the audit was conducted, ensuring transparency.
Common Methods:
- Document review
- Management interviews
- Employee interviews
- On-site inspection
- Record sampling
Example:
The audit was conducted through document review, site inspection, and interviews with management and operational staff.
6. Audit Findings
This is the core section of the report. Findings should be:
- Clear
- Objective
- Evidence-based
- Traceable to audit criteria
Finding Structure
Each finding should include:
- Reference to requirement
- Description of observation
- Objective evidence
- Classification (Compliant / Non-compliant)
7. Non-Conformity Classification
Most organizations classify findings to reflect risk severity.
Common Classification System
| Classification | Description |
|---|---|
| Compliant | Fully meets requirements |
| Observation | Improvement opportunity |
| Minor NC | Isolated or low-risk issue |
| Major NC | Systemic or high-risk issue |
| Critical NC | Serious risk to safety, quality, or legality |
8. Example Audit Findings
Example 1: Compliant Finding
Area: Training
Training records were complete, current, and aligned with job responsibilities. Employees demonstrated adequate knowledge of procedures.
Example 2: Minor Non-Conformity
Area: Document Control
One SOP was observed without an approval signature. However, the procedure in use matched the approved version.
Classification: Minor Non-Conformity
Example 3: Major Non-Conformity
Area: Supplier Qualification
The supplier did not maintain documented approval records for two critical raw material vendors, increasing supply chain risk.
Classification: Major Non-Conformity
Example 4: Critical Non-Conformity
Area: GMP / Food Safety
Inadequate segregation of allergens was observed, posing a potential consumer safety risk.
Classification: Critical Non-Conformity
9. Corrective Action Plan (CAP)
This section records supplier commitments to address findings.
CAP Table Typically Includes:
- Non-conformity reference
- Root cause
- Corrective action
- Responsible person
- Target completion date
Example:
Root Cause: Lack of formal supplier approval procedure
Corrective Action: Develop and implement supplier qualification SOP
Target Date: 30 days
10. Overall Audit Conclusion
Summarizes the final audit decision.
Possible Conclusions:
- Approved
- Conditionally Approved (CAP required)
- Not Approved
Example:
The supplier is conditionally approved subject to satisfactory closure of all major non-conformities within the agreed timeline.
11. Auditor Details & Signatures
Confirms report authenticity and accountability.
Includes:
- Lead auditor name
- Organization
- Signature and date
- Supplier acknowledgment signature (optional)
12. Appendices (Optional)
May include:
- Audit checklist
- Attendance sheet
- Photos (where permitted)
- Detailed evidence logs
Strong supplier audit reporting also supports effective supplier oversight helping organizations understand what supplier oversight is and why it matters for maintaining quality compliance, managing risk and ensuring long term supplier performance.
Best Practices for Writing Supplier Audit Reports
A supplier audit report is not just a record of findings, it is a formal communication tool that drives corrective action risk reduction and continuous improvement. Poorly written reports can lead to misunderstandings, disputes or ineffective corrective actions. Following best practices ensures the report is clear, credible, actionable and defensible.
1. Maintain Objectivity and Professionalism
Audit reports must be fact-based and impartial. Auditors should avoid opinions, assumptions, or emotionally charged language.
Best practice:
- Report what was observed, not what you think happened
- Avoid judgmental words such as careless, negligent, poor attitude
- Use neutral language supported by evidence
Example:
“The supplier has poor document control.”
“Three controlled documents reviewed did not display revision status or approval signatures.”
2. Clearly Reference Audit Criteria
Every finding must be traceable to a specific requirement such as:
- A standard (ISO, GMP, SMETA, etc.)
- Customer requirements
- Legal or regulatory obligations
- Internal procedures
Best practice:
- Cite clause numbers or requirement titles
- Ensure alignment between findings and audit scope
Example:
ISO 9001:2015, Clause 7.5.2 – Documented Information
3. Use a Consistent and Logical Structure
Consistency improves readability and credibility, especially for repeat audits or multi-site suppliers.
Best practice:
- Follow the same format for every report
- Use standard headings and numbering
- Present findings in the same order as the audit checklist
This allows management and suppliers to:
- Quickly locate issues
- Track improvements over time
- Compare audit results across suppliers
4. Provide Clear, Evidence-Based Findings
Each finding should answer three questions:
- What was required?
- What was observed?
- What evidence supports the observation?
Best practice:
- Include document numbers, dates, locations, or sample sizes
- Avoid vague statements
Example:
Five training records sampled (TR-01 to TR-05) showed no refresher training conducted since 2021.
5. Classify Findings Accurately Based on Risk
Non-conformities should be classified based on risk and impact, not quantity.
Best practice:
- Apply consistent classification criteria
- Consider impact on:
- Product quality
- Safety
- Legal compliance
- Business continuity
Avoid inflating or minimizing findings, as this undermines credibility.
6. Write Actionable and Solution-Oriented Findings
Audit findings should guide suppliers toward clear corrective actions.
Best practice:
- Describe the gap clearly so the supplier understands what needs to be fixed
- Avoid prescribing solutions unless required by the audit program
- Focus on system improvements, not individual mistakes
Example:
The supplier lacks a documented procedure for supplier re-evaluation, resulting in inconsistent monitoring of approved vendors.
7. Avoid Naming Individuals
Audit reports should focus on processes and systems, not people.
Best practice:
- Refer to roles or departments instead of individual names
- This promotes accountability without blame
Example:
“Mr. Ahmed failed to update records.”
“Production records were not updated by the responsible department.”
8. Ensure Clarity, Simplicity, and Correct Language
Clear language improves understanding and reduces disputes.
Best practice:
- Use simple, direct sentences
- Avoid jargon or unexplained abbreviations
- Check grammar and spelling carefully
A well-written report reflects auditor competence and professionalism.
9. Align Conclusions With Findings
The audit conclusion must logically reflect the findings reported.
Best practice:
- Ensure the approval status matches the severity of non-conformities
- Do not approve suppliers with unresolved critical risks
- Avoid contradictory statements
Example:
Conditional approval granted pending closure of all major non-conformities within 30 days.
10. Emphasize Continuous Improvement
In addition to non-conformities, recognize good practices and strengths.
Best practice:
- Highlight positive observations
- Encourage best practice sharing
- Balance compliance with improvement
This approach:
- Builds stronger supplier relationships
- Encourages cooperation rather than resistance
11. Ensure Timely Report Issuance
Audit reports should be issued promptly after the audit.
Best practice:
- Issue draft reports within 3–5 working days
- Finalize after supplier acknowledgment or clarification
- Clearly state deadlines for corrective actions
Delays reduce effectiveness and urgency.
12. Maintain Confidentiality and Data Integrity
Supplier audit reports often contain sensitive business information.
Best practice:
- Mark reports as confidential
- Share only with authorized stakeholders
- Ensure secure storage and version control
Before onboarding a new supplier organizations should also review Essential Questions to Ask a New Supplier Before You Start to ensure alignment on quality systems compliance expectations and long term partnership goals.
Partner with AMREP Mexico for Effective Supplier Audits
At AMREP Mexico, we understand that effective supplier audits are essential for maintaining quality compliance and supply chain integrity. A well structured and clearly written Supplier Audit Report enables organizations to identify risks, drive corrective actions and build stronger partnerships with their suppliers.
For expert support in supplier audits quality assurance and compliance through our Supplier Quality services, AMREP Mexico is your trusted partner in strengthening supplier performance and ensuring regulatory and customer requirements are consistently met.
