Guide

How to audit docs before a regulatory inspection

1

Read time:

7 min

2

Why it matters:

Most inspection findings are about provability, not quality - and you can fix them in advance.

3

Who it's for:

QA managers, compliance managers, and operations directors preparing for an ISO or regulatory audit.

Summary:

The time to find a documentation gap is before an inspector does. A pre-audit review walks your controlled documents through the same tests an ISO or regulatory auditor will apply - inventory, version control, approvals, change history, retrieval - so you fix the gaps on your own terms. This guide gives you a 10-step checklist to run before your next inspection. Where the gaps trace back to scattered files and no audit trail, a controlled documentation system is the fix, and Author-it is built for it.

A pre-inspection documentation audit checklist with most checks passed and one flagged - proving which version was current on a date - the gap to fix before the auditor.

Why a pre-inspection documentation audit is worth doing

Most inspection findings aren't about the quality of the work. They're about whether you can prove it - the right version, approved, with a traceable history, produced on request. A pre-audit review surfaces those gaps while you still have time to close them, instead of discovering them live in front of an auditor.

It's especially worth doing if your documents live across shared drives, email, and personal folders. For the ISO-specific angle, our guide on keeping ISO-certified operations compliant is a good companion; this one is the practical pre-inspection checklist.

The 10-step pre-audit checklist

Work through each. If you can't answer cleanly, that's a gap to close before the inspection.

  1. Document inventory: can you list every controlled document and say where the authoritative copy lives?
  2. Single source: is each document one authoritative version, or are there competing copies in different places?
  3. Version control: can you prove which version was current on a specific past date?
  4. Controlled copies: are distributed or printed copies tracked, and withdrawn when superseded?
  5. Access and permissions: is edit access limited to the right people, and is it logged?
  6. Change history: does every change carry a record of who changed what, and when?
  7. Approval and sign-off: can you show each document was reviewed and approved before it was used?
  8. Translation currency: are translated versions in step with the source, or lagging behind?
  9. Cross-reference integrity: do documents that cite each other point to current versions, not superseded ones?
  10. Retrieval test: can you produce any requested document and its full history in minutes, not days?
The auditor's retrieval test - produce a procedure and its change history: a shared drive takes days and stays unsure, a controlled source answers in seconds.

What to do with the gaps you find

Group what you find. Some gaps are process - a missing sign-off step, an untracked distribution list - and you can fix those with procedure. But if the same root cause keeps appearing - no single source, no reliable version history, no audit trail, translations drifting - that's structural, and no amount of process discipline fully fixes documents scattered across tools that were never built for control.

That structural pattern is the signal that you've outgrown managing controlled documentation in general-purpose files.

Where Author-it fits

Author-it closes the structural gaps directly. One controlled source per document, component-level version control so you can retrieve any past state, a full audit trail of every change, built-in Review and Approve with recorded sign-off, and translation managed against the source so languages stay in step. The retrieval test that takes days on a shared drive takes seconds.

Author-it has done this in regulated industries for 25+ years, which is the experience a pre-inspection scramble tends to make you wish you'd had sooner. To see where your documentation stands today, run the Structured Content Challenge, or see how it works for regulated manufacturing.

Pre-audit FAQ

Q: How do I audit my documentation before an inspection?

A: Run your controlled documents through the tests an auditor will apply: confirm you have a complete inventory, one authoritative source per document, provable version history, tracked controlled copies, logged access, complete change records, recorded approvals, current translations, valid cross-references, and fast retrieval. Where you can't answer cleanly, you've found a gap to close before the inspection.

Q: What is a pre-audit documentation review?

A: A self-assessment you run ahead of an ISO or regulatory inspection to find and fix documentation gaps before an auditor does. It checks not just whether documents exist but whether you can prove their control - correct version, approved, with a traceable history, produced on demand. It turns audit surprises into planned fixes.

Q: What documentation gaps fail an ISO or regulatory inspection?

A: The common ones are about provability, not content: no single source so competing versions exist, inability to prove which version was current on a date, missing or incomplete change history, approvals that were never recorded, superseded controlled copies still in circulation, and translations out of step with the source. Each is a finding waiting to happen.

Q: How far ahead of an inspection should I audit my documentation?

A: Far enough to fix what you find - typically several weeks to a few months, depending on scope and how much is structural. Process gaps can be closed quickly. Structural gaps like no single source or no audit trail take longer because they involve changing how documentation is managed, so the earlier you surface them the better.

Q: How do I fix documentation gaps I find?

A: Split them into process gaps and structural gaps. Process gaps - a missing sign-off step, an untracked distribution list - you fix with procedure. Structural gaps - no single source, no version history, no audit trail, drifting translations - need a controlled documentation system. A Component Content Management System like Author-it provides the single source, version control, audit trail, and approval workflow those gaps require.

Q: What is the difference between document control and records management?

A: Document control governs living documents - procedures, specifications, policies - making sure the current, approved version is the one in use and its history is traceable. Records management governs completed records that evidence an activity happened. Inspections test both, but most documentation findings come from weak document control: the wrong version in use, or a history you can't prove.

Published on:

Author:

June 16, 2026

Jamie Simmonds

Documentation Manager

Tags

Manufacturing
Utilities
Compliance
manufacturing
utilities