Blockchain AuditCloud — Secure shifting of corporate audits to the cloud
The full article was originally published by Daniel Trauth on Medium. Read the full article here.
This use case was created within the project Blockchain Reallabor für das Rheinische Revier, funded by the Ministry of Economics, Innovation, Digitisation and Energy of the State of North Rhine-Westphalia, with the aim of forming a thematic community of interests. If you feel addressed, please contact us (firstname.lastname@example.org), Alexander Stoffers from NextAudit or contact the project directly via email@example.com or https://blockchain-reallabor.de/. The original publication by the Blockchain Reallabor can be found here (german).
Audits fulfil the task of checking and proving whether, for example, a production process meets the quality requirements on the basis of selected test criteria . Possible criteria for the production process include productivity (output quantity in relation to input quantity), process stability, the guarantee of the function to be fulfilled and scalability. Audits are generally differentiated between First Party (product audit, process audit, system audit), Second Party (supplier audit) and Third Party (certification audit). They take place at fixed time intervals and are carried out by a neutral auditor and an accompanying, uninfluenced observer. Based on the information provided, the auditor evaluates the products/processes, prescribes any measures to be implemented and reports the results of his inspection to the responsible management. For companies from different industries, it is essential for success to have a valid certification. Especially for safety-critical components and their production processes, certification and corresponding audits are of central importance .
Audits are characterised by seven principles, compliance with which is extremely difficult to prove . All persons involved in the audit process (including auditors and observers etc.) should act with integrity, objectivity, care, confidentiality, independence, factual support and risk orientation. This requires honesty, responsibility, competence, impartiality, objectivity, sensitivity and security of information with regard to any influences on their ability to judge when auditing products/processes. These qualities are currently difficult to guarantee or prove. The potential distrust in the intermediary with regard to the neutral evaluation and handling of the provided product/process specific information as well as the one-time testing of the products/processes within a defined time interval (scheduled) can affect the trust of the customer.
Due to the lack of trust in the intermediary, a very large number of supplier audits are carried out in the industry, as each customer audits his supply chain independently. The lack of trust thus leads to over-auditing in the economy, which should be avoided from an economic point of view. A simple example: Both VW and BMW purchase parts from supplier Rehau. VW audits Rehau with school grade 1, next week BMW will come and audit Rehau with school grade 1, because the same scheme is used. An audit was economically superfluous.