A loss prevention program without audits is like a cheeseburger without the cheese—you’re kind of missing an essential component of the definition. The industry evidence is strong enough to argue that in terms of loss prevention, one audit is better than none, two better than one, and three per store the best of all that nets the best loss results. All audits, however, are not created equally. An audit has a specific function and focus, the details of which are much like deciding what type of cheese you want on the cheeseburger. The selection determines the experience and maturity of taste plays a role.
Determining the “right” type of audit starts with deciding on the intended goal. The goal is determined by where an organization is along the spectrum of loss prevention development. The first audit ever conducted has different requirements than the audit used in a ten-year old program. The reason: the audit form will impact its function.
The first decision to make is whether the audit will go wide or whether it will go deep.
Wide: Regardless of length, a “wide” audit intends to provide an overview of many areas of the business. It contains a wide selection of questions from a wide selection of functions to determine basic compliance and to identify potential areas of risk and exposure.
Deep: A deep audit is more specific. It focuses on fewer areas, but delves deeper into the functions of those areas to more accurately understand points of concern.
Experience suggests that if a company has never audited then they probably don’t have the evidence required to develop the most effective deep audit. Consequently, it makes the most sense and provides the greatest value to develop a wider audit for the first year or two. At this stage it is important to review as many areas as possible—things like customer service, basic operational practices and behaviors, and areas related to safety.
Once the majority of surface concerns have been identified and addressed, the next audit evolution is the development of a more specific and deeper audit. The sign that it is time to move on is usually the audit scores. As the average rises above the passing line or 85 to 95 percent, there is factual evidence that the most basic functions have been improved and it is time to advance.
The major risk in the wide-audit approach is to be overzealous in length and content. There is a limit to the time and resources available. No audit can be all things to all people in the organization. A slice for each is fine, but creating a behemoth document with two hundred questions will serve only to frustrate and to devalue the goal of the process. Proper selection of the questions is key, as is an understanding that a wide audit is not intended to provide deep detail of any particular area.
In other words, a wide-approach may not correlate with shrink and loss results. Why? Well because when we include questions on topics such as safety and some psychical security things such as alarm codes, those function don’t often impact shrink. Expired fire extinguisher certificates seldom cause loss…unless of course there is a fire.
The deep audit is a more specific tool for understanding causes of loss and areas of risk. In a deep audit for example, we may forego questions about greeting customers or safety inspections to focus on cash handling practices, exception reviews and inventory control. The questions become more specific and we deepen the review from “how many days” we look at to “how many weeks or months” we inspect.
The down-side in a deep audit is we give up inspection of the more core elements of operations. In conducting a deep audit program we have to rely on good practices, habits, and culture to ensure the foundation we built with the wide audit continue on without our attention. The deep audit is the place where an organization can discover the practices and elements that do correlate to shrink results. By its nature, the deep audit is more investigative in nature.
The question of wide or deep is really a question of LP and audit maturity. And maturity is based on the time and the sophistication of the operations. Every company that doesn’t have a formal and objective audit program should have one. Starting with a wide audit sets the stage for better focus and builds the foundational practices through review and training required for a long-term and effective loss prevention effort. When that is accomplished then we should move on to the deeper levels and gain more specific information. So it’s not really a question of which, it’s a question of when.