When a public procurement lawyer who also understands risk management and information security talks about audits, the conversation quickly shifts from emotions to systems. That’s exactly the tone of discussions with Grzegorz Basiński – a Polish expert with more than 25 years of experience in public procurement law, audit and governance, who connects the legal view with process thinking and risk management.
Together with Piotr Krompiewski, they opened a topic that commands respect across the contracting community in the Czech Republic, Slovakia and Poland: the audit.
Just say the word and the room goes quiet. Someone remembers last year’s report. Someone else the spreadsheet they couldn’t find back then. Another person hears the sentence: “Show us how you got from A to B.”
And yet their main point was surprisingly calm:
an audit is not a horror genre. In most cases, it’s simply a comparison of standards with reality.
“An auditor usually isn’t looking for your soul. They’re looking for your procedure.”
An audit is not “someone checking your work”.
It’s a simple comparison: standards versus reality. An audit always stems from a specific legal and methodological framework, not from an impression.
If we take the emotions out of it, three questions remain:
In practice, most audits run on a checklist. An audit tool is not a mysterious mechanism. It’s a structured checklist.
What really scares people? Not the auditor. But the moment someone says:
“Show us why you did it exactly this way.”
And if the answer exists only in the head of a committee member or in informal communication, the stress begins.
“We all know why we set it up this way” is not audit evidence.
1️⃣ “The audit wants A→B. And we only have B.”
The procurement ran correctly. The documents exist.
But the audit question is: “Why was this procedure / these criteria / these weights chosen?”
And the answer? It was experience. It was logic. It was practice.
But it isn’t written down.
An audit doesn’t assess whether you meant well. It assesses whether it can be proven.
And this is exactly where the difference between administration and process management shows up.
2️⃣ A digital platform, but evidence outside the platform
The evaluation happened partly in Excel. Partly in notes.
The final report was uploaded into the system.
Audit question: “Show us how the scoring was created.”
Suddenly you’re looking for file versions. Email communication. Transcripts of notes.
Digitalization without process setup does not create auditability. It only creates storage.
And that’s a difference that is crucial in public procurement management.
3️⃣ Exports without context
The control body wants a complete export of the procurement. A ZIP file. PDFs. Printouts.
And from a well-run process, you end up with a pile of documents without a clear chain of continuity.
Then the audit doesn’t feel like a check. It feels like a reconstruction.
(The author’s sarcastic note: a PDF is not a process. It’s just a very confident file.)
4️⃣ A single bid and increased sensitivity
In Poland, the European Commission has pointed out in recent years an exceptionally high share of procedures with a single bid (around 52% in 2022). That in itself is not a breach of the rules. But it does mean higher sensitivity to the provability of the procedure.
Similarly, the Supreme Audit Office (NIK) repeatedly points to errors linked to setting conditions, equal treatment, or insufficient justification.
The point is simple:
when competition is weaker or the outcome is sensitive, the process has to be stronger.
And that applies across CZ, SK and PL.
Electronic procurement has brought clarity, speed, an audit trail. But only when the tool is set up as a process framework, not as a document repository. The difference between a digital tool and an auditable process is the difference between convenience and responsibility.
A key sentence from Piotr and Grzegorz’s debate was: “Procurement software is not software for creating documents. It is software for creating a process.”
This is the core of the whole thing. The auditor isn’t looking for a document. They’re looking for logic.
A strong process means an audit is just another step in the chain. A weak process means the audit feels personal. From the perspective of public procurement management, this is a fundamental difference:
it’s not about having “everything stored”. It’s about having everything traceable in the logic.
Internal audit, external audit, internal control.
Each of them looks at something different:
When we don’t distinguish these roles, a fog appears.
When we do distinguish them, we know what kind of readiness we are building.
And readiness is a managerial decision, not an administrative reaction.
An audit doesn’t require heroics. It requires a decision to manage the process consciously.
1️⃣ An audit is not a mood, it’s a structure
When you know the standard and stick to the procedure, the audit is a checkpoint, not a drama.
2️⃣ The process must be readable backwards
When someone new takes over the agenda, they must understand the “why”, not just the “what”.
3️⃣ e-procurement is not an output
It’s a management tool. If the process lives outside the system, the audit will show it.
4️⃣ Expect friction
Exports, access outside the platform, paper outputs. The process must stand up even outside its natural environment.
Before the audit comes, ask yourself a few uncomfortable but essential questions:
✔ Do we have a clearly documented decision on the type of procedure and its justification?
✔ Can we trace who set the qualification requirements and evaluation criteria, and why?
✔ Are the steps (call – bids – evaluation – decision – contract – performance) linked into one logical whole?
✔ Is there an audit trail (who, when, how decisions were made)?
✔ Are we able to present the entire process even outside the platform without it losing its meaning?
A checklist is not magic.
It’s prevention against improvisation.
Fear of an audit is understandable.
But it usually doesn’t come from auditors.
It comes from the question of whether the process will stand up without explanation.
The moment “a colleague’s memory” replaces a documented decision, the audit feels personal.
The moment the process speaks for itself, the audit is just a checkpoint.
Maybe unpleasant.
Maybe time-consuming.
But manageable.
So the question is not:
“How will we survive the audit?”
The question is:
Is our process strong enough to stand up without improvisation?
If yes, the bogeyman under the bed disappears.
And only the checklist remains.
“If your main audit strategy is ‘hopefully they won’t ask’, you already know where to start.”
Catalog purchases are often sold as “faster orders” and “less paperwork.” But anyone who has ever rolled out an internal catalog in a public-sector organization (or a large…
In the age of digital transformation, procurement has become more than negotiation and supplier management—it is now a data-driven discipline. The integration of big data analytics into procurement…
Procurement has long been regarded as a back-office function, focused primarily on reducing costs and handling routine purchases. But today’s competitive environment demands a different view. Procurement and…
Privacy Policy here.
