Define audit boundary · Identify data owners (HR, Legal, Operations) · Send PBC list to client (2 weeks prior)
Audit Scope Document · Data Owner Matrix · PBC List
In-depth interviews (HR, Legal, Operations) · On-site observation (Practices Audit) · Document review (Disclosure Audit)
Interview notes · Observation records · GRI 405/406 data tables
Compare practices vs policies · Compare disclosures vs GRI requirements · Identify gaps and undocumented practices
Gap Analysis Report · Measurement Framework · Priority Recommendations
Compile integrated audit report · GRI-conformant narrative + data tables · Set annual targets with named owners · Third-party assurance ready
Final Audit Report · GRI Disclosure Narrative · Annual Target Plan · Assurance Sign-off
Client prepares all documents via PBC (Prepared-by-Client) list sent two weeks before audit commencement. Audit takes approximately 2 months from engagement to final report.