Preparing For An Audit

Most MedTech companies treat audits as one-off events. (And it costs a lot more than money) This mindset costs: • Market access • Investor trust • Years of work product • And lots of money    But the biggest cost isn't financial. It's human lives. The ones that depend on life-saving devices that are getting locked out of the market. Not because their technology wasn’t good enough. But because of preventable mistakes. Because they treated compliance as an event. Not a culture. Passing a Notified Body Audit isn’t luck. It’s discipline. It’s daily habits. It’s system-level thinking. Here are 4 ways the best MedTech companies prepare (and how you can too): 1. They build audit-ready systems Your documentation must tell a complete story: • Align QMS to ISO 13485:2016 and MDR Article 10 • Justify risk management with defensible rationales • Show proactive surveillance in PMS reports • Close CAPAs fully with evidence of resolution • Validate claims with clinical performance data 2. They eliminate silent compliance risks Fix problems that quietly undermine audits: • Complete missing risk–benefit rationales • Update and control all key documents • Close gaps in complaint and vigilance logs • Strengthen post-market surveillance • Link CAPAs directly to audit findings 3. They train for audit readiness every day. Turn audit behavior into muscle memory: • Run mock audits and rotate team roles • Train clear, non-speculative auditor responses • Assign scope ownership across all functions • Focus answers — no speculation or improvisation    4. They set up audit execution in advance. Plan logistics that create calm, not chaos: • Prepare a dedicated audit room with indexed files • Assign document fetchers and tech support • Track requests and responses live during audits • Maintain a calm, professional audit environment Here’s the truth: An audit isn’t something you survive. It’s a mirror that reflects how you operate every day. What’s the biggest audit challenge your team is facing right now? ♻️ Find this valuable? Repost for your network. 💡 Follow Bastian Krapinger-Ruether for actionable tips on MedTech compliance and QM.

I became an auditor to discover financial truth. An audit is a mirror to a company's reality. I learned this early in my career. Transactions are not just debits and credits. They are about people and their choices. Audits surface what culture tries to hide. Late reconciliations, rushed reviews, brittle controls. Behind each symptom is a habit. If we treat an audit like a fight, we lose the lesson. If we treat it like an opportunity, the company grows. Here are my 7 tips to help you prepare for an audit: 1. Close cadence: ➞ Every task has an owner, a deadline, and reviewer. ➞ Have a clear plan so the audit starts on time. 2. Reconciliations: ➞ Bank, ledgers, intercompany, inventory, payroll.  ➞ Verify, explain, clear or escalate. 3. Evidence on first click: ➞ Policies, contracts, approvals, and calculations. ➞ Saved with transactions for easy access. 4. Cutoff discipline: ➞ Shipments, revenue, accruals, and provisions ➞ Completed promptly with clear timestamps. 5. Segregation of duties: ➞ Nobody does everything. ➞ Share tasks to lower collusion or fraud risks. 6. Open door policy: ➞ Staff can flag pressure or errors without fear. ➞ Encourage proactive disclosure. 7. Review within 72 hours: ➞ After close, capture errors and fix root causes. ➞ Prompt improvements save you time. When leaders do this, their audit costs reduce and trust increases. Run this ritual for your next audit and let me know how it goes. How do you keep better financial records? ------- ➕ Follow Jonathan Maharaj FCPA for finance‑leadership clarity. 🔄 Share this insight with a decision‑maker. 📰 Get deeper breakdowns in Financial Freedom, my free newsletter: https://lnkd.in/gYHdNYzj 📆 Ready to work together? Book your Clarity Session: https://lnkd.in/gyiqCWV2

If you’re reading financials and only looking at revenue and profit — you’re missing the real story. Most of the risk is buried in the details. Here are 5 red flags in financial statements that quietly warn you before the crash: 1. Rising Receivables with Flat Revenue If you’re not growing, why is more cash stuck with customers? 2. High ‘Other Income’ Propping Up Profits Core operations should drive margins. Not one-off income from asset sales or interest. 3. Frequent Changes in Accounting Policies Switching depreciation methods or revenue recognition often = managing earnings. 4. Contingent Liabilities That Are Too Vague If you see lawsuits, guarantees, or claims with no clear estimate — there’s risk they aren’t pricing in. 5. Negative CFO But Positive PAT Profitable on paper, bleeding in reality. Cash flow always tells the truth. You don’t need a CFA to spot red flags. Just pattern recognition and curiosity. What’s the one financial red flag you never ignore? #CreditRisk #FinancialAnalysis #DueDiligence

How did 1 year look like in internal audit at a Big4? Note: Experiences may differ. To help you understand the kind of exposure one can get, I have shared the 4 core projects I spent ~75% of my time on. Each had different scopes, challenges and learning outcomes. (all manufacturing clients) 1. Price Supplementary & Logistics Audit (Audited pricing changes, logistics data and CTO checks): Heavy manual punching from PDF to Excel – built early Excel shortcuts; 2-week outstation audit across 3 plants – attended opening meetings, understood how field audits differ from remote ones; limited client talk at HO but meaningful exposure at plants; saw how audit checklists are implemented physically; absorbed audit mindset from seniors – how to test, replicate, and present findings cleanly. 2. Manpower Audit (Audited headcount, attendance, payroll controls): First time seeing client disagreements; taught me how seniors respond to resistance with calm and facts; identified major finding involving overtime misuse; used Power BI for heavy data – visualized anomalies in data, but still had to manually verify with physical records; tight deadlines before final meetings taught me focus under pressure; learned how observations need backing, not just assumptions. 3. Spare Parts Division Audit (Audit scope: procurement, warehousing, dealer incentives): Joined mid-audit – needed 1–2 weeks to catch up on past discussions; performed testings, peer reviews, closing file work; first time giving review comments and receiving feedback on mine; interacted with mid-level client staff – understood how audit tone shifts based on level; explored Alteryx for workflow automation – basic but eye-opening on how tech fits into audit; best mix of autonomy and learning – not new, not too senior; realized how documentation, communication, and teamwork drive a smooth close; favorite audit of the year. (learnt why seniors fear reviews!) 4. Compliance Audit (FEMA & Customs): Audit focused on regulatory filings; reviewed filings, policy adherence, import/export documentation; used AI tools to summarize provisions, minimal Excel compared to others; interacted with senior – observed how findings are communicated differently at that level; relaxed audit timeline, but required depth of understanding; a little less worried about IDT now. Apart from finance, I do not think there was any business process I did not at least get some exposure to. I was trained heavily in Excel, BI and used AI extensively during audits, and even got to try Alteryx to build simple workflows. For anyone still unsure about this domain – I hope this helps bring some clarity. Yes, as a first-year article, a lot of what I did was manual and repetitive at times – but that should not be a deciding factor in choosing or rejecting internal audit. That kind of work exists in every domain you enter. What matters more is what you make of it.

𝗜𝗳 𝘆𝗼𝘂 𝗴𝗮𝘃𝗲 𝗺𝗲 𝟯𝟬 𝗺𝗶𝗻𝘂𝘁𝗲𝘀 𝘄𝗶𝘁𝗵 𝗮𝗻 𝗮𝘂𝗱𝗶𝘁 𝗰𝗼𝗺𝗺𝗶𝘁𝘁𝗲𝗲, 𝗜 𝘄𝗼𝘂𝗹𝗱 𝗻𝗼𝘁 𝗿𝗲𝘃𝗶𝗲𝘄 𝘁𝗵𝗲 𝗺𝗶𝗻𝘂𝘁𝗲𝘀. 𝗜 𝘄𝗼𝘂𝗹𝗱 𝗮𝘀𝗸 𝗳𝗼𝘂𝗿 𝗾𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀. Minutes record what already was discussed without looking for context or quality of the discussion. What I look for is whether the questions in that room were the right ones. In many of my investigations, the audit committee did exist. The difference was in how numbers were actually looked at. These four questions usually reveal that. 𝟭. 𝗗𝗼 𝘆𝗼𝘂 𝗵𝗮𝘃𝗲 𝗮𝗰𝗰𝗲𝘀𝘀 𝘁𝗼 𝗱𝗮𝘁𝗮 𝗯𝗲𝘆𝗼𝗻𝗱 𝘄𝗵𝗮𝘁 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗽𝗿𝗲𝘀𝗲𝗻𝘁𝘀? If the answer is no, the committee is reviewing a curated version of reality. Oversight without independent data access can’t be oversight at all; at the best its ratification. 𝟮. 𝗛𝗼𝘄 𝗱𝗼 𝘆𝗼𝘂 𝗱𝗲𝗳𝗶𝗻𝗲 𝘁𝗵𝗲 𝗿𝗼𝗹𝗲 𝗼𝗳 𝘁𝗵𝗲 𝗲𝘅𝘁𝗲𝗿𝗻𝗮𝗹 𝗮𝘂𝗱𝗶𝘁𝗼𝗿? If the answer includes fraud detection, there is a fundamental misunderstanding of the mandate. The Standards on Auditing are clear on this. Audit committees that rely on the external auditor to catch fraud have an assurance gap they may not know exists. 𝟯. 𝗛𝗼𝘄 𝗺𝘂𝗰𝗵 𝘁𝗶𝗺𝗲 𝗱𝗼 𝘆𝗼𝘂 𝗮𝗰𝘁𝘂𝗮𝗹𝗹𝘆 𝘀𝗽𝗲𝗻𝗱 𝗿𝗲𝘃𝗶𝗲𝘄𝗶𝗻𝗴 𝗮𝗻𝗱 𝗰𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗶𝗻𝗴? A committee that meets for 90 minutes before the full board, reviewing 200 pages distributed 48 hours earlier, cannot exercise meaningful scrutiny. The architecture exists, but not the time required to use it. This was very evident in research I did for the listed companies. 𝟰. 𝗪𝗵𝗮𝘁 𝗲𝘅𝗽𝗲𝗿𝗶𝗲𝗻𝗰𝗲 𝗱𝗼𝗲𝘀 𝘁𝗵𝗲 𝗰𝗼𝗺𝗺𝗶𝘁𝘁𝗲𝗲 𝗵𝗮𝘃𝗲 𝗶𝗻 𝗱𝗲𝗮𝗹𝗶𝗻𝗴 𝘄𝗶𝘁𝗵 𝘀𝗶𝘁𝘂𝗮𝘁𝗶𝗼𝗻𝘀 𝗶𝗻𝘃𝗼𝗹𝘃𝗶𝗻𝗴 𝗳𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝗺𝗮𝗻𝗶𝗽𝘂𝗹𝗮𝘁𝗶𝗼𝗻? Financial qualification and investigative experience are built through different careers. Most audit committees are composed entirely of the former. Experience of how manipulation actually appears in numbers is less common. That perspective, often described as a forensic lens, is usually developed through investigation. Its absence is a structural gap worth examining. Four questions. Thirty minutes. Sometimes that is all it takes to see where the gaps are. 𝗜𝗻 𝘆𝗼𝘂𝗿 𝗲𝘅𝗽𝗲𝗿𝗶𝗲𝗻𝗰𝗲, 𝘄𝗵𝗶𝗰𝗵 𝗼𝗳 𝘁𝗵𝗲𝘀𝗲 𝗳𝗼𝘂𝗿 𝗶𝘀 𝘁𝗵𝗲 𝗵𝗮𝗿𝗱𝗲𝘀𝘁 𝘁𝗼 𝗴𝗲𝘁 𝗿𝗶𝗴𝗵𝘁? #AuditCommittee #CorporateGovernance #FraudRisk #RiskManagement #FinancialReporting #ForensicForesight #Compliance

Over the years, I’ve learned that the most valuable insights don’t just sit in reports—they emerge from conversations. Audits that truly drive impact don’t happen because we asked more questions; they happen because we asked better ones. That’s why my team and I dedicate time to engaging with stakeholders at every level. We’ve found that the most powerful questions: Challenge assumptions – Are we following this process because it works, or just because it’s always been done this way? (We recently found a control weakness buried under a “legacy” practice—one no one had questioned in years!) Reveal blind spots – What risks are hiding in plain sight? (One of our audits uncovered language barriers in employee surveys, leading to 72% of workers being unintentionally excluded from providing feedback!) Drive meaningful conversations – How can we turn compliance into a strategic advantage? (I’ve seen firsthand how shifting the conversation from “compliance burden” to business enabler opens doors for better governance.) This is why I see internal audit as more than just oversight—it’s a catalyst for innovation. This year, my focus has been on reinforcing our role as trusted business partners. Moving from checklists to collaborative discussions. Turning audits from a retrospective exercise into a forward-looking strategy. Ensuring our insights don’t just highlight risks—they drive value. And it all starts with asking the right questions. #InternalAudit #RiskManagement #Leadership #StrategicValue

The Sweet Trap: A New Auditor's Tale Sanjay was excited about his first solo audit. Fresh out of training, he wanted to show everyone how good he was at his job. Walking into NT International Company Ltd. with his laptop and notebooks, he felt ready to find any mistakes in their work. During his first week, Sanjay found several problems in how the company bought things. He was proud of his findings. When he showed them to Vikrant, the Finance Head, something unexpected happened. "This is amazing work, Sanjay!" Vikrant said with a big smile. "You've found things that even experienced auditors missed." Sanjay couldn't stop grinning. This was exactly what he wanted to hear. Over the next few days, Sanjay became too relaxed. He thought he had already done the hard part by finding these problems. He started taking longer breaks and didn't look as carefully at other things. After all, he already had good findings to show his boss. But Vikrant had a plan. Two days before the final meeting, Sanjay sat down with Vikrant to discuss his findings. Vikrant pulled out a thick folder. "About those problems you found," Vikrant started, his friendly smile gone. Then, one by one, he showed Sanjay why each of his findings was wrong. Everything Sanjay thought was wrong had a good explanation. All the things Sanjay thought were mistakes were actually normal business practices he didn't understand fully. Sanjay felt sick to his stomach. His "great findings" were nothing. He hadn't just failed to find real problems – he'd fallen for a simple trick. Vikrant had praised him to make him overconfident, and it worked perfectly. That evening, Sanjay sat at his desk staring at his empty report. He felt embarrassed and angry at himself. But as he thought about what happened, he learned something important. He realized being a good auditor isn't about finding a few problems quickly. It's about being careful, understanding everything properly, and not letting praise make you careless. Sanjay took out a notebook and wrote: "Remember: A good auditor stays careful from start to finish." Years later, Sanjay became a senior auditor. He always told this story to new team members. "When someone seems too impressed by your work," he would say with a smile, "that's when you need to look even harder." He kept his old notebook as a reminder of his first audit. It taught him that in auditing, like in a long race, starting well isn't enough – you need to stay strong until the end.

The 5-Step Marketing Audit Framework That Transformed My Campaigns After auditing 150+ marketing campaigns across B2B and B2C sectors, I've refined this systematic approach that consistently uncovers hidden growth opportunities. Here's the exact framework I use: Step 1: Business Environment Analysis Start with the macro view - economic shifts, industry trends, and competitive landscape. This foundation shapes everything that follows. Step 2: Internal & External Assessment Honest SWOT analysis. Your strengths might be your biggest blind spots if you're not leveraging them correctly. Step 3: Market & Customer Analysis Segment beyond demographics. Behavioural patterns and unmet needs reveal your next breakthrough opportunity. Step 4: Marketing Strategy Review Audit your brand positioning, product offering, pricing strategy, and distribution channels. Misalignment here kills conversion rates. Step 5: Financial Metrics & Performance Focus on high-impact activities. I use the 80/20 rule religiously - 20% of your efforts drive 80% of results. The game-changer? Customer Lifetime Value (CLV) analysis. When I integrated CLV into campaign optimization at 411 Locals, we maintained $11 CPL while scaling to 130K leads. What's your biggest marketing audit revelation? Drop it in the comments - I'd love to hear your experience. P.S. Save this framework for your next campaign review. Trust me, your ROI will thank you.

India is taking corporate governance more seriously than ever, from tighter SEBI oversight to growing investor expectations, it’s clear — governance is no longer optional. It’s foundational.   Despite this national shift, many companies — even well-established ones — continue to delay audits, defer accountability, and underestimate the long-term cost of weak internal systems.   As a founder, watching this unfold pushed me to ask: How can we do better — and do it early?   At EndureAir Systems Pvt. Ltd., our journey has been a steep learning curve:   📌 FY 22-23: It took us 6 months to close the books. 📌 FY 23-24: We brought it down to 3 months. 📌 This year? We completed our audit and closed the books in just 15 days.   Not because we rushed, but because we were ready.   That’s what happens when you invest in internal structures that are on par with the external controls expected of you.   Here’s what I’ve learned along the way:   1️⃣ Start early Build your governance muscle before you're forced to. It saves a lot of pain later. 2️⃣ Embed it in your culture Governance isn’t a department — it’s a mindset that should run across every function. 3️⃣ Get the right advisors The right voices in the room bring clarity, checks, and much-needed perspective. 4️⃣ Strong governance gives you back your time For founders especially, it removes the burden of a 6-month audit cycle and frees you to focus on product, people, growth, and scale.   We’re still learning, but this year felt like a true shift — not just in process but in mindset. #CorporateGovernance #ESG #AuditReady #StartupIndia #FounderJourney #GovernanceMatters #Leadership #Transparency #BuildInIndia #BusinessEthics #ScalingRight #IndiaInc #StartupLeadership #SustainableBusiness #InternalControls #EthicalLeadership #SEBI #InvestorTrust #StartupCompliance #GrowthWithGovernance Startup Incubation and Innovation Centre, IIT Kanpur (incubatoriitk) Startup India Entrepreneur India  

If customs walks in today, are you ready? Most aren’t and the penalties prove it. What triggers a customs audit ? 1. Random Selection Part of risk-based targeting systems to keep audits fair.  2. Red Flags Errors or inconsistencies in import declarations can raise alarms.  3. Industry Targeting   Customs focuses on industries with high fraud risks like electronics and pharma.  4. Prior Non-Compliance Past penalties or lack of response can trigger scrutiny.  5. **Related Party Transactions**   Intra-company deals face extra checks for pricing issues.  6. FTA Claims   Large claims for Free Trade Agreements may lead to reviews.  Common Mistakes That Trigger Penalties  - Misclassification  Customs uses data analytics to find errors. This can lead to a duty shortfall of up to three times.  - Undervaluation Transfer pricing reports can expose undervalued goods, resulting in fines and interest.  - FTA Misuse  Lack of origin support during claims can mean repayment of duties plus penalties.  - Poor Recordkeeping Random audits can catch missing documents, leading to fines.  - Misdeclared Dual-use Goods   These can lead to serious legal issues.  - Inconsistent Broker Instructions   Discrepancies can cause loss of benefits.  Preparation Best Practices - Assemble a Compliance Task Force    Include Trade Compliance, Finance, Logistics, and Legal teams.  - Review Historical Import Data Analyze reports from brokers and customs tools for the last 12 to 36 months.  - Validate HS Classifications  Cross-check with product specs and rulings.  - Review Valuation Methodology   Ensure all dutiable elements are included in declared values.  - Confirm Origin Documentation  Match each FTA claim with valid supplier declarations.  - Check Recordkeeping Protocol   Keep all documents accessible.  - Audit FTA Claims  Randomly select entries to trace back to source.  - Examine Related Party Transactions  Ensure customs values are based on fair market pricing.  - Spot Audit Broker Instructions  Pull recent declarations to check accuracy.  - Prepare a Compliance Report   Summarize risks and actions taken.  **Do's**  ✅ Designate a single point of contact for customs.   ✅ Be transparent but only provide requested information.   ✅ Keep an audit log of all communications.   ✅ Prepare an intro presentation outlining import processes.   ✅ Provide documents promptly and in order.  **Don'ts**  ❌ Don’t argue or blame other departments.   ❌ Don’t offer unsolicited documents.   ❌ Don’t allow unscheduled interviews with untrained staff.   ❌ Don’t say “we’ve always done it that way.”  **Post-Audit Actions**  Review findings with your broker or legal team.   Respond within the deadline to correct inaccuracies.   Implement corrective actions and document them.   Schedule a follow-up audit within six months.   Update SOPs and training based on findings.