SELF AUDIT PRINCIPLE AND DOCUMENT RETENTION STANDARDS

This section is missing from most Procurement Policies because very few people recognize its importance, or even consider its existence. Just like most modern urinals have an automated flush system that releases water into the bowl every few minutes (even without being used), it is standard practice for procurement policies to contain self-audit requirements, and processes that allow them run violation reports, and sense check those same guidelines periodically.

The perception of the procurement function is only further clouded by damaging audit reports. These reports come as a shock to the business and give the impression that someone has been caught doing something wrong. Now, what if you could have “arrested” yourself and fixed the issues long before the audit? There is a verse in the Holy Scriptures that says, “make peace with your adversary while you are on your way to court.” This puts further emphasis on doing self-checks and course corrections long before an audit is conducted.

Every good procurement policy should contain a procedure for self-audits, and procurement leaders must have a process for conducting these periodically. Possible violations are detected early, and updates are made to the policy to prevent future incidents, or to redesign defective procedures.

Document Retention

Procurement documents contain commercial transactions but are also legal in nature. Purchase Orders, Terms and Conditions, Contracts, Non-Disclosure Agreements, Memoranda of Understanding, Letters of Intent, etc. When there are disputes over the fulfilment of obligations, these documents are used for reference by courts, and investigating bodies to determine what rights pertain to either party, or to prove that the correct processes were followed in reaching a decision. It is always embarrassing to Senior Management when procurement teams cannot produce such documents or spend so much time searching through disorganized computer folders and physical cabinets.

Twice in my career, I have had to pull out documents from my personal archives in response to an enquiry that had legal implications. A few months after I had resigned from a previous company, I got a call regarding a transaction that I had managed while I was there. As part of my handover tasks, I had ensured that all hard and soft copies of transactions were in the care of my successor. Unfortunately, he also left the organisation, and this created a gap. When I got the call asking if I had copies of these documents, I simply accessed my archived folders and sent the files to my former Boss.

The lesson here is this; every procurement policy must have clear guidelines for document retention.

What documents should be retained? Where/How should they be stored? How long should they be in storage? Some organizations go as far as storing sensitive documents at an off-site location. This is done as part of a Business Continuity Plan and ensures that such documents can be retrieved if the office premises are affected by some unforeseen disaster.

Under the Data Protection laws, certain transaction records are required to be stored for up to 10 years, and in the case of police incident reports, permanently. Now you see why this is not just a policy decision, it’s a matter that has legal implications.