Sofema Aviation Services (SAS) considers the challenges related to effective EASA compliance audit oversight
Reality Check – Attempting to hide information during an audit is not only a red flag but may constitute a reportable occurrence depending on the impact on safety or compliance.
As a Compliance Auditor, you must remain impartial but firm, safeguard the integrity of the audit process, and uphold the organisation’s obligations under EASA regulations.
Your response must be methodical, professional, and aligned with both internal procedures and EASA requirements.
If you have suspicions of incorrect behaviour you can perform an unscheduled audit – Noting that the overall audit program should include a small number of unscheduled audits which helps to deliver a strong and robust program.
Evaluate the Audit Context: Scheduled vs. Unscheduled
- Scheduled Audits are announced, planned, and conducted with adequate notice. Expectations for transparency and preparedness are higher. Any attempt to withhold information during such audits may indicate deliberate non-compliance.
- Unscheduled Audits are typically conducted due to any reason not necessarily but may include complaints, or evidence of anomalies. In this context, resistance or concealment may confirm the reason for the audit and warrants heightened scrutiny.
Important Note: In either case, the attempt to obscure or withhold information is a breach of the audit protocol and could suggest deeper systemic issues.
Record Observations Objectively
Document all behaviors and actions factually:
- Time, place, and circumstances under which the suspected concealment occurred.
- Specific information or documentation that was denied, redacted, delayed, or inconsistently presented.
- Any non-verbal signs of avoidance (e.g., evasiveness, inconsistencies in team member statements).
This documentation may later support a non-conformance (NC) report or further escalation.
Apply a Structured Interviewing Approach
Ask the auditee to clarify or justify the unavailability or inconsistency:
- Use open-ended questions: “Can you walk us through how this process is normally documented?”
- Compare verbal responses with documented procedures and previous audits.
- Observe whether explanations are credible or appear rehearsed or inconsistent.
Maintain a calm, neutral tone — avoid accusatory language to preserve professional decorum.
Escalate According to Audit Protocol
If the situation persists:
- Suspend the audit temporarily to consult with the Compliance Manager or Accountable Manager (if applicable).
- Refer to your internal Audit Escalation Procedure, which may involve:
- Immediate notification to senior management.
- Reclassification of the audit scope (e.g., from standard to investigative).
- Formal notification to the Competent Authority, particularly if safety is compromised or fraud is suspected.
Raise a Non-Conformance or Observation
Depending on severity:
- Major Non-Conformance (Level 1) if the concealment affects safety, airworthiness, or is a clear breach of regulation.
- Minor Finding (Level 2) if the intent or impact is unclear but the behavior deviates from expected openness and cooperation.
Clearly reference the applicable regulatory or organisational requirement breached
Determine Need for Further Investigation
If the withheld information may indicate deeper systemic issues (e.g., unrecorded maintenance, falsified records, or unqualified personnel), initiate a Root Cause Analysis (RCA) or launch a Focused Audit.
Communicate with the Competent Authority
If the issue escalates into potential fraud, deliberate falsification, or a breach that affects safety or compliance, you are legally and procedurally obligated to notify the competent authority (e.g., the relevant CAA or EASA).
Follow-Up Actions
- Require corrective action from the department or individual.
- Impose additional audits or monitoring.
- Include the incident in internal compliance review meetings.
- Reinforce training on audit cooperation and ethical compliance.
Next Steps
Follow this link to our Library to find & download related documents for Free.
Sofema Aviation Services and Sofema Online provide Classroom, Webinar, and Online Training, offering a combined 1000 Regulatory Compliant & Vocational Training Courses. Please see the websites or email [email protected].
Tags:
EASA compliance audit, heightened scrutiny, team member statements, Follow-Up Actions, Further Investigation, Audit Protocol, Unscheduled Audits, Scheduled Audits, Audit Context, EASA, Transparency, regulatory-compliant, Data, Competent Authority, SAS blogs, Safety, EASA requirements
