π Audit Tools for Care Services, aligned with CQC requirements, Regulation 17 (Good Governance), and best practice.
Safety & Risk Audits
Medication Audit
π Medication Audit Safe, Effective, and Accountable Medication Practices Aim: Medication audits are a critical element of clinical governance and regulatory compliance. They ensure that all aspects of medication handling, storage, administration, and recording are carried out safely and in line with legal and professional standards, including those set by CQC, NICE, and local policy.
π₯ Who Should Carry Out the Audit? Registered Managers, Clinical Leads, or Designated Medication Leads Audits can also be supported by external professionals (e.g., pharmacists) or senior staff trained in medication safety The person conducting the audit must have a clear understanding of the medication policy, relevant legislation (e.g. Medicines Act, Controlled Drugs Regulations), and service-specific protocols.
π When Should It Be Done? Monthly audits are best practice Additional audits following any medication error, incident, or change in practice Spot checks may also be completed randomly to ensure ongoing compliance
π How Is It Carried Out? Audits should cover: Storage (temperature, security, stock levels) Administration (accuracy, MAR chart completion, double-checking) Prescriptions and reordering systems Disposal of medication Staff competency and training records Controlled Drug (CD) register if applicable Recording of missed doses or refused medication Evidence of PRN protocols and 'as required' usage Use a standard Medication Audit Tool or Checklist, and ensure findings are documented.
π§ Lessons Learned & Actions Each audit should include a section for analysis and reflection: Were any errors or near misses recorded? What was the root cause? Was staff retraining required? Did policy or process need to be updated? Have actions been logged, assigned, and reviewed? Lessons learned should be shared in team meetings or clinical governance reviews, and changes must be followed up to ensure improvement.
π£ Good Practice Tip: Keep a clear audit trail β completed forms, actions taken, and feedback loops. This is key to demonstrating Regulation 12 (Safe Care and Treatment) and Regulation 17 (Good Governance) under CQC.
π Click here to download the Medication Audit Template.
Infection Prevention & Control (IPC) Audit
π¦ Infection Prevention & Control (IPC) Audit Promoting Safe, Hygienic Environments Across Your Service Aim: The Infection Prevention & Control (IPC) audit is essential to maintaining a clean, safe, and healthy environment for both staff and service users. It ensures that your service is compliant with CQC/Ofsted expectations, NHS infection control guidance, and Health & Safety legislation. IPC audits help identify risks, monitor hygiene practices, and ensure policies are followed in real time, reducing the spread of infection and supporting public health.
π₯ Who Should Carry Out the Audit? Designated IPC Lead, Health & Safety Lead, or Registered Manager In larger services, this may include Facilities Leads, Cleaning Supervisors, or Nurses All auditors should be trained in infection prevention standards and have access to current IPC policies and PPE protocols.
π When Should It Be Done? Monthly IPC audits are recommended as best practice More frequent audits may be required during: Outbreaks (e.g. norovirus, COVID-19) Flu season Following refurbishment or service changes Spot checks and daily walkarounds should complement formal audits
π How Is It Carried Out? Use a structured IPC Audit Tool that covers: Cleaning schedules and documentation Use and availability of PPE (gloves, masks, aprons) Hand hygiene practice and facilities Waste management and clinical waste bins Safe laundry handling Cross-contamination risks (e.g. food areas, medical areas) Staff training and IPC induction records COVID-19 or other outbreak-specific measures, where relevant Visual checks, interviews with staff, and record reviews should all form part of the audit.
π§ Lessons Learned & Actions Each audit should conclude with: A list of non-conformances or areas for improvement Clear corrective actions and responsible persons Timescales for completion and re-audit A summary for discussion in staff meetings or H&S reviews Sharing outcomes promotes team accountability and learning, while reducing the risk of infection spread across your setting.
β Supports Compliance With: CQC Regulation 12: Safe Care and Treatment Health and Social Care Act 2008 (Regulated Activities) UK Health Security Agency (UKHSA) guidance NICE IPC Quality Standards Ofsted premises and welfare checks (in education settings)
π Click here to download the IPC Audit Template.
Health & Safety Audit
β οΈ Health & Safety Audit Ensuring a Safe Environment for Staff, Visitors, and Service Users Aim: The Health & Safety (H&S) audit ensures your service is compliant with relevant health and safety legislation, including the Health and Safety at Work Act 1974, CQC Regulation 12, and Ofstedβs welfare and premises standards. This audit provides a structured review of your organisationβs safety measures, risk controls, and compliance with employer duties, helping to prevent accidents and promote a culture of safety.
π₯ Who Should Carry Out the Audit? The Health & Safety Lead, Registered Manager, or nominated competent person Auditors must be trained in risk assessment and aware of site-specific hazards External audits may also be conducted annually (e.g. insurers, H&S consultants)
π When Should It Be Done? Formal audits at least once per quarter Informal checks (walkarounds, maintenance reviews) monthly Immediately following any accident, near-miss, or change in premises use
π How Is It Carried Out? Use a structured Health & Safety Audit Template that reviews: Fire safety (alarm checks, drills, evacuation plans) Risk assessments (manual handling, lone working, COSHH, slips/trips) Equipment checks (PAT testing, mobility aids, lifts, hoists) Building maintenance (lighting, flooring, handrails, signage) First aid provision and accident logs Staff training records (induction, H&S, first aid, fire warden) Workplace safety signage and PPE availability The audit should include visual inspections, record reviews, and staff consultation.
π§ Lessons Learned & Actions Every audit should result in: A clear list of findings and safety risks Corrective actions with named individuals and deadlines Any training gaps or maintenance issues to be escalated A report filed for discussion at governance or team meetings Outcomes should be monitored and revisited to ensure changes are embedded.
β Supports Compliance With: CQC Regulation 12 β Safe care and treatment Health & Safety at Work Act 1974 The Management of Health and Safety at Work Regulations 1999 Ofsted standards for safe premises and safeguarding Local Authority health and safety inspections
π Click here to download the Health & Safety Audit Template.
Falls Risk
π¨ Falls Risk Audit Monitoring, Reducing, and Learning from Fall-Related Incidents Aim: The Falls Risk Audit is designed to evaluate how well your service is identifying, managing, and learning from the risk of falls among service users. It supports compliance with CQC Regulation 12 (Safe Care and Treatment), NICE guidance (NG5), and health and safety best practices. This audit also ensures that your falls prevention strategies are embedded in everyday practice and regularly reviewed to reduce risk and improve outcomes.
π₯ Who Should Conduct the Audit? Clinical Leads, Falls Champions, Registered Managers, or Senior Support Staff trained in falls prevention External professionals (e.g., NHS falls teams, physiotherapists) may support audits in some services
π When Should a Falls Risk Audit Be Done? Quarterly audits as part of routine quality monitoring Following any fall-related incident, cluster, or hospital admission In preparation for a CQC inspection After significant changes in environment, staffing, or service user profile
π How Is It Carried Out? The audit tool should examine:
π² Are Falls Risk Assessments completed for every service user?
π² Are assessments reviewed after incidents or at least monthly/quarterly?
π² Are care plans updated with clear prevention strategies?
π² Are mobility aids and equipment (e.g., sensor mats, walking frames) used appropriately and checked?
π² Have environmental risks (flooring, lighting, clutter) been documented and addressed?
π² Are staff trained in falls awareness, manual handling, and incident reporting?
π² Are incidents recorded accurately with analysis of root cause, time, and location?
π² Are lessons from falls shared with staff and followed up?
π§ Lessons Learned & Actions Every audit must: Highlight non-conformances or recurrent risk patterns Lead to an action plan with responsible persons and deadlines Be reviewed at team meetings or governance reviews Be used to inform training needs and environmental adjustments Recording learning and showing how it's applied is essential for demonstrating Regulation 17: Good Governance during CQC or commissioning reviews.
β Supports Compliance With: CQC Regulation 12 (Safe care and treatment) Regulation 17 (Good governance) NICE Falls Guidelines (NG5) Skills for Care Falls Awareness Standards Local Authority safeguarding and H&S audit expectations
π Click here to download the Falls Risk Audit Tool.
Incident Audit
π¨ Incident Audit Monitoring, Learning, and Improving from Adverse Events Aim: The Incident Audit supports your service to systematically review all recorded incidents β including accidents, near misses, medication errors, safeguarding concerns, or challenging behaviour episodes. It ensures that you are learning from events, taking appropriate action, and meeting your legal obligations under CQC Regulation 12 (Safe Care and Treatment) and Regulation 17 (Good Governance). By conducting regular incident audits, you demonstrate that your service is responsive, reflective, and committed to continuous improvement and safety.
π₯ Who Should Conduct the Audit? Registered Manager, Deputy Manager, or Designated Safeguarding or Quality Lead May also involve clinical leads, team leaders, or health & safety officers Auditors must be confident in reviewing incident forms, identifying patterns, and understanding regulatory thresholds for notification (e.g. to CQC or Local Authority).
π When Should It Be Done? Monthly or quarterly as part of regular governance Following any serious incident (SI) or multiple related incidents Prior to inspections, contract reviews, or board reporting After policy changes or incidents involving new staff or settings
π How Is It Carried Out? Use a structured Incident Audit Tool to check:
π² Are incident forms fully completed and submitted on time?
π² Are follow-up actions clearly recorded, and have they been completed?
π² Has the incident been reviewed for safeguarding or RIDDOR thresholds?
π² Is there evidence of root cause analysis (where required)?
π² Are trends emerging (e.g. same time, staff, setting, individual)?
π² Have lessons learned been documented and shared with staff?
π² Are care plans, risk assessments, and supervision records updated in response?
π² Have families or external bodies (CQC, LA, ICB) been informed where appropriate?
π§ Lessons Learned & Actions Every audit must include: A summary of key findings A clear action plan with owners and timelines Changes made to policy, training, environment, or care Evidence of communication to staff (e.g. in supervision or meetings) Use audit outcomes to inform team reflection, policy reviews, and staff development. Always revisit actions to confirm theyβve been embedded.
β Supports Compliance With: CQC Regulation 12 β Safe care and treatment CQC Regulation 17 β Good governance Duty of Candour and incident reporting expectations Health and Safety Executive (HSE) and RIDDOR thresholds Local Safeguarding Policies and Procedures
π Click here to download the Incident Audit Template and Action Tracker.
Safeguarding Audit
π‘οΈ Safeguarding Audit Ensuring Protection, Accountability, and Safe Practice Across Services Aim: The Safeguarding Audit is a vital tool in assessing how well your organisation protects children, young people, or adults at risk. It provides a structured method to ensure your service meets statutory safeguarding responsibilities and adheres to national guidance and local procedures. Conducting regular safeguarding audits helps demonstrate compliance with: CQC Regulation 13 β Safeguarding service users from abuse and improper treatment Ofstedβs safeguarding and welfare requirements Working Together to Safeguard Children (2018) Care Act 2014 (for adults)
π₯ Who Should Conduct the Audit? Designated Safeguarding Lead (DSL) Registered Manager or Deputy Manager In larger organisations, the audit may be supported by the Quality Lead or Governance Team Auditors should have up-to-date safeguarding training and knowledge of internal policies, referral pathways, and legislation.
π When Should It Be Done? Every 6 months as part of governance Following any safeguarding incident or referral After policy changes, training updates, or inspection feedback Before commissioning, contract reviews, or compliance visits
π How Is It Carried Out? The audit reviews whether:
π² All staff have received safeguarding training, and it's in date
π² Staff understand how to report and escalate concerns
π² Safeguarding policies and procedures are accessible and up to date
π² Referrals have been made appropriately and recorded
π² Any safeguarding concerns are followed up, with actions recorded
π² Supervision records include safeguarding discussions
π² Safer recruitment practices are followed (DBS, references, gaps in employment)
π² Lessons learned from safeguarding incidents have been shared and embedded
π§ Lessons Learned & Actions Every audit should include: A review of themes, patterns, or gaps in safeguarding practices Recommendations for improvement, with responsible persons and timeframes Follow-up checks to ensure that policies, training, or practice have changed as required Evidence of team-wide learning and discussion in supervisions or staff meetings
β Supports Compliance With: CQC Regulation 13 β Safeguarding service users Regulation 17 β Good governance Local Authority safeguarding policies Ofsted framework: Leadership and Management, and Personal Development National guidance including Keeping Children Safe in Education (KCSIE) and Care Act 2014
π Click here to download the Safeguarding Audit Tool and Policy Review Template.
Accident/Incident Log Audit
π Accident/Incident Log Audit Reviewing Patterns, Preventing Harm, and Strengthening Governance Aim: The Accident/Incident Log Audit ensures that all recorded events β including accidents, injuries, behavioural incidents, and near-misses β are being properly logged, reviewed, and used to inform service improvement. This audit supports compliance with: CQC Regulation 12 β Safe care and treatment CQC Regulation 17 β Good governance Health & Safety at Work Act 1974 RIDDOR (Reporting of Injuries, Diseases and Dangerous Occurrences Regulations) Ofsted's requirements for health, safety, and safeguarding
π₯ Who Should Carry Out the Audit? Registered Manager or Deputy Manager Health & Safety Lead, Quality Lead, or Designated Safeguarding Officer Must be familiar with incident reporting, safeguarding thresholds, and accident investigation procedures
π When Should It Be Done? Monthly or quarterly as part of regular governance After any serious incident, injury, or cluster of related events Ahead of inspections, contract reviews, or regulatory visits
π How Is It Carried Out? Review your Accident/Incident Logs for:
π² Complete and timely entries
π² Consistency with supporting documentation (e.g. body maps, witness statements, MAR charts)
π² Clear outcomes and action taken (e.g. risk assessment updates, staff debriefs)
π² Escalation routes followed (e.g. safeguarding, RIDDOR, CQC notifications)
π² Patterns or repeat incidents (e.g. same time of day, staff member, setting, or individual)
π² Incident categorisation (injury, fall, medication, behaviour, environmental)
π² Linked training, policy changes, or reflective learning recorded
π§ Lessons Learned & Actions Each audit should conclude with: Identification of themes, risk factors, and gaps in reporting A clear action plan with roles, timelines, and follow-up checks Team discussion during supervisions or meetings Changes to care plans, training, staffing, or environment where needed Regular auditing of incident logs builds a culture of safety, transparency, and continuous learning.
β Supports Compliance With: CQC: Regulations 12, 13 (Safeguarding), and 17 Ofsted: Health and safety, leadership and management Local Authority reporting procedures Internal quality assurance and governance
π Click here to download the Accident/Incident Log Audit Template.
Fire Safety Audit
Protecting People, Premises, and Peace of Mind Aim: The Fire Safety Audit is a structured review of your organisationβs fire prevention, detection, evacuation, and staff training systems. It ensures that your service is compliant with the Regulatory Reform (Fire Safety) Order 2005, CQC Regulation 12 (Safe care and treatment), and Ofsted welfare and premises requirements. Regular audits reduce the risk of fire, ensure staff know what to do in an emergency, and provide evidence of your commitment to health and safety.
π₯ Who Should Carry Out the Audit? Fire Safety Lead, Health & Safety Officer, or Registered Manager May be supported by a nominated Fire Warden or external fire risk assessor Auditors should be trained and familiar with the siteβs fire risk assessment and emergency plan
π When Should It Be Done? At least annually as part of a formal audit schedule After a fire drill, incident, or change to the building or staffing Following any updates to fire safety legislation or your local Fire and Rescue Service advice In preparation for CQC, Ofsted, or health and safety inspections
π How Is It Carried Out? The Fire Safety Audit should review:
π² The presence of a current, signed Fire Risk Assessment
π² Functionality and servicing of fire detection and alarm systems
π² Accessibility and condition of fire exits and signage
π² Availability, servicing, and accessibility of fire extinguishers and blankets
π² Completion and logging of fire drills (at least twice yearly)
π² Staff training records (including Fire Warden training)
π² Personal Emergency Evacuation Plans (PEEPs) in place for individuals who require them
π² Testing logs for emergency lighting, alarms, and detection systems
π² Evacuation procedure signage in key locations
π² Any fire safety incidents or near misses recorded and reviewed
π§ Lessons Learned & Actions Each audit should include: Areas of non-compliance or overdue actions Corrective actions with named responsibilities and deadlines Feedback from recent fire drills or simulations Evidence of learning shared with the team Outcomes must be reviewed in team meetings and followed up to ensure fire safety culture is embedded.
β Supports Compliance With: Regulatory Reform (Fire Safety) Order 2005 CQC Regulation 12 β Safe care and treatment Ofsted guidance on welfare and premises Health and Safety at Work Act 1974 Local authority and Fire and Rescue Service guidance
π Click here to download the Fire Safety Audit Template and Log Sheet.
Care & Support Audits
Care Plan Audit
π Care Plan Audit Ensuring Personalised, Safe, and Responsive Support for Every Individual Aim: The Care Plan Audit is used to evaluate the quality, accuracy, and person-centredness of care planning across your service. It ensures that every individual receiving care has an up-to-date, meaningful, and outcomes-focused care plan that reflects their needs, preferences, risks, and goals. Regular care plan audits help services demonstrate compliance with regulatory expectations and provide evidence of safe, effective, and compassionate care.
π₯ Who Should Carry Out the Audit? Registered Manager, Deputy Manager, or Designated Care Planning Lead May also be done collaboratively with the keyworker, nurse, or clinical lead Auditors must be trained in person-centred planning and risk assessment
π When Should It Be Done? Monthly or quarterly on a rotating sample basis Following any incident, change in health, or safeguarding concern During new admissions and at discharge or transition planning Prior to CQC inspections or internal reviews
π How Is It Carried Out? A structured Care Plan Audit Tool should check:
π² Is the care plan up to date and reviewed regularly (e.g. monthly)?
π² Does it reflect the personβs voice, preferences, and lived experience?
π² Are assessed needs clearly documented with outcomes and interventions?
π² Are risk assessments in place and linked to the care plan?
π² Are mental capacity assessments and best interest decisions recorded where appropriate?
π² Are there clear records of family involvement and consent?
π² Are health, social, emotional, and cultural needs addressed?
π² Is there a review log showing regular updates and changes in condition?
π§ Lessons Learned & Actions Each audit should conclude with: Identification of gaps, duplications, or outdated information Corrective actions (e.g. staff training, updated reviews) Discussion in team meetings or handovers Evidence of continuous improvement and shared responsibility All findings should be logged in the Governance File and followed up on the next audit cycle.
β Supports Compliance With: CQC Regulation 9 β Person-centred care CQC Regulation 17 β Good governance NICE guidance on care and support planning Local authority monitoring and quality assurance frameworks Skills for Care best practice resources
π Click here to download the Care Plan Audit Template.
Mental Capacity & Best Interests Audit
π§ Mental Capacity & Best Interests Audit Ensuring Empowerment, Legal Compliance, and Person-Centred Decision-Making Aim: The Mental Capacity and Best Interests Audit reviews how well your organisation applies the Mental Capacity Act (MCA) 2005 and ensures that decisions made on behalf of individuals who may lack capacity are lawful, proportionate, and person-centred. This audit helps you assess the quality of your assessments, documentation, and decision-making processes, while demonstrating compliance with: CQC Regulation 11 β Need for consent Care Act 2014 Human Rights Act 1998 NICE Guidelines on decision-making and mental capacity
π₯ Who Should Carry Out the Audit? Registered Manager, Clinical Lead, or Designated MCA Lead Individuals must be trained in the Mental Capacity Act, Best Interests decision-making, and relevant documentation standards In some services, a Safeguarding Lead or Nominated Social Worker may support this audit
π When Should It Be Done? Quarterly audits are recommended for services supporting individuals at high risk of lacking capacity Immediately after any significant decision made in someoneβs best interest Following incidents involving consent, refusal, or DoLS concerns As part of governance audits, care plan reviews, or before CQC inspections
π How Is It Carried Out? The audit tool should assess:
π² Is there a clear Mental Capacity Assessment (MCA) completed for the decision in question?
π² Is the assessment decision-specific and time-specific?
π² Has the two-stage test of capacity been followed and documented?
π² If capacity is lacking, is there a Best Interests Decision Record in place?
π² Were all relevant people consulted (family, professionals, advocates)?
π² Are least restrictive options considered and explained?
π² Is the personβs voice, values, and preferences reflected in the decision?
π² If a Deprivation of Liberty Safeguards (DoLS) application was required, was it completed and logged?
π² Has the decision been reviewed and reflected upon in supervision or governance?
π§ Lessons Learned & Actions Every audit should result in: Identification of any missing or unclear documentation Training needs for staff around MCA and best interests Revisions to care plans or risk assessments Logged learning in team meetings or reflective practice sessions Outcomes should be reviewed at clinical governance or management meetings and actioned in a timely way.
β Supports Compliance With: Mental Capacity Act 2005 CQC Regulation 11 β Need for consent Regulation 17 β Good governance Human Rights Act 1998 (Articles 5 & 8) NICE Guideline NG108 β Decision-making and mental capacity Liberty Protection Safeguards (LPS) β when implemented
π Click here to download the Mental Capacity & Best Interests Audit Template.
Nutrition & Hydration Audit
π₯ Nutrition & Hydration Audit Promoting Health, Dignity, and Person-Centred Mealtimes Aim: The Nutrition & Hydration Audit is designed to assess how effectively your service meets the dietary, cultural, and hydration needs of individuals in your care. It ensures that food and fluid provision supports wellbeing, safety, and quality of life, while meeting compliance with: CQC Regulation 14 β Meeting nutritional and hydration needs NICE Guidelines on Nutrition Support and Fluid Management Health and Social Care Act 2008 (Regulated Activities) Regulations Ofsted standards on welfare and development (in education settings)
π₯ Who Should Carry Out the Audit? Registered Manager, Chef/Catering Lead, or Nutrition & Wellbeing Lead Can be supported by nurses, senior carers, or multidisciplinary team members (e.g. dietitians or SALT professionals) Auditors should be familiar with each individualβs dietary requirements, risk assessments, and care plans.
π When Should It Be Done? Quarterly audits as part of care governance After a weight loss/gain concern, hospital admission, or change in eating behaviour Following feedback or complaints about meals After reviewing monthly MUST scores or fluid intake records
π How Is It Carried Out? The audit tool should review:
π² Are nutritional needs assessed on admission (e.g. MUST score)?
π² Are care plans up to date with clear dietary needs (e.g. soft foods, fortified meals, allergies, cultural diets)?
π² Are food and drink choices person-centred, inclusive, and culturally appropriate?
π² Is there a clear system to monitor food/fluid intake and act on concerns?
π² Are staff trained in choking prevention, dysphagia, and safe feeding?
π² Is the mealtime experience dignified and well supported (e.g. environment, adaptive equipment)?
π² Are hydration stations, drink rounds, and snack options accessible?
π² Are food hygiene and kitchen safety audits up to date?
π§ Lessons Learned & Actions Each audit should include: Findings and areas for improvement An action plan (e.g. training, menu changes, new equipment) Feedback from service users on meal satisfaction and dining experiences Updates to care plans and risk assessments if issues are identified All outcomes should be logged, reviewed, and shared at staff and governance meetings.
β Supports Compliance With: CQC Regulation 14 β Meeting nutritional and hydration needs Regulation 9 β Person-centred care NICE NG22 β Nutrition support for adults Ofsted standards for food, independence, and child development Public Health guidance on hydration and nutrition
π Click here to download the Nutrition & Hydration Audit Template.
Pressure Ulcer Prevention Audit
ποΈ Pressure Ulcer Prevention Audit Reducing Harm Through Early Identification and Safe Skin Care Practices Aim: The Pressure Ulcer Prevention Audit ensures that your service is effectively identifying, managing, and reducing the risk of pressure ulcers (also known as pressure sores or bedsores). It supports compliance with: CQC Regulation 12 β Safe care and treatment NHS Stop the Pressure Campaign NICE Guidelines CG179 β Pressure ulcer prevention and management Local safeguarding and wound care protocols This audit forms part of your wider tissue viability and falls prevention strategy, helping you safeguard vulnerable individuals and reduce avoidable harm.
π₯ Who Should Carry Out the Audit? Registered Nurses, Clinical Leads, or Tissue Viability Champions In residential settings, the Registered Manager or trained senior care staff may also lead audits with support Auditors should be familiar with pressure area care, risk tools, and skin integrity recording
π When Should It Be Done? Monthly audits for services with individuals at risk Immediately following any new or worsening pressure ulcer During admission reviews, care plan audits, or after hospital discharge Prior to inspections, contract reviews, or safeguarding reviews
π How Is It Carried Out? The audit should assess:
π² Is a Pressure Ulcer Risk Assessment Tool (e.g. Waterlow or Braden) completed on admission and regularly reviewed?
π² Are skin checks completed and documented as per the care plan?
π² Are individuals identified as at risk receiving preventative care (e.g. turning charts, pressure-relieving equipment)?
π² Is there clear evidence of multidisciplinary involvement (e.g. GP, Tissue Viability Nurse, Dietitian)?
π² Are pressure ulcers categorised and managed in line with national guidance?
π² Are safeguarding concerns raised where appropriate for avoidable pressure damage?
π² Is documentation clear, timely, and accurately coded on body maps or wound charts?
π² Are staff trained in pressure area care and the use of appropriate equipment?
π§ Lessons Learned & Actions Following the audit: Document any non-conformances or gaps in care Update care plans, turning regimes, or mattress settings as needed Create a staff action plan where additional training or resources are needed Share learning in clinical meetings or supervisions Consider a root cause analysis (RCA) for Grade 3 or 4 pressure ulcers
β Supports Compliance With: CQC Regulation 12 β Safe care and treatment Regulation 17 β Good governance NICE CG179 β Pressure ulcer prevention and management NHS England β Stop the Pressure initiative Safeguarding Adults Protocols β where pressure damage may indicate neglect
π Click here to download the Pressure Ulcer Prevention Audit Template and Skin Integrity Monitoring Tool.
Service User Feedback Audit
π¬ Service User Feedback Audit Listening, Learning, and Improving Through Lived Experience Aim: The Service User Feedback Audit helps your organisation assess how effectively you collect, review, and act on feedback from the people who use your service. This includes compliments, concerns, complaints, surveys, informal conversations, and co-production activities. It ensures compliance with: CQC Regulation 17 β Good governance Regulation 16 β Receiving and acting on complaints Ofsted's emphasis on voice of the child/service user The Duty of Candour and principles of co-production Capturing feedback and acting on it is essential for demonstrating that your service is responsive, inclusive, and committed to continuous improvement.
π₯ Who Should Carry Out the Audit? Registered Manager, Quality Lead, or Service User Engagement Lead May also involve team leaders, support staff, or family liaison officers Auditors should understand how feedback informs policy, care planning, and service delivery
π When Should It Be Done? Quarterly, as part of ongoing governance and quality assurance After a period of major change, such as a new staff team, environment, or service model Following any formal complaints, compliments, or survey rounds Prior to CQC or Ofsted inspections, or contract performance reviews
π How Is It Carried Out? The audit should review:
π² Are feedback methods accessible and inclusive? (e.g. verbal, written, Easy Read, digital)
π² Are users encouraged and supported to give honest feedback?
π² Are surveys or feedback forms completed regularly (and anonymously if needed)?
π² Are compliments, complaints, and concerns recorded appropriately?
π² Are follow-up actions clearly documented and shared?
π² Is there evidence that feedback influences service development? (e.g. βYou said, we didβ)
π² Is learning from complaints or praise shared with the team?
π² Are service users involved in reviews, planning, or audits?
π§ Lessons Learned & Actions The audit should lead to: A summary of themes in feedback (positive and negative) An action plan to improve communication, service delivery, or user engagement Updates to policies or care practices Shared learning at staff meetings, supervisions, or governance reviews Regular auditing shows that you are not only collecting feedback β but doing something meaningful with it.
β Supports Compliance With: CQC Regulation 17 β Good governance Regulation 16 β Complaints handling Ofsted standards β Personal development, behaviour and attitudes Local authority quality assurance and user voice standards NICE guidance on service user involvement
π Click here to download the Service User Feedback Audit Tool and Action Log Template..
Workforce & Leadership Audits
Staff Supervision & Appraisal Audit
Lorem ipsum dolor sit amet, consectetur adipisicing elit. Autem dolore, alias, numquam enim ab voluptate id quam harum ducimus cupiditate similique quisquam et deserunt, recusandae.
Training & Competency Audit
π©βπΌ Staff Supervision & Appraisal Audit Supporting Staff, Driving Quality, and Demonstrating Leadership Aim: The Staff Supervision & Appraisal Audit evaluates how effectively your organisation provides structured, regular, and meaningful supervision and performance reviews for all staff. It supports compliance with: CQC Regulation 18 β Staffing Regulation 17 β Good Governance Skills for Care guidance on effective supervision Ofstedβs Leadership and Management judgement (for education or children's services) Supervision and appraisal audits demonstrate that your service is well-led, staff are supported, and the workforce is continuously improving.
π₯ Who Should Carry Out the Audit? Registered Manager, HR/People Lead, or Senior Team Leader Auditors must understand the supervision/appraisal policy and what good documentation looks like In larger services, this may be led by the Quality Lead or Training & Development Coordinator
π When Should It Be Done? Quarterly, to review compliance with supervision and appraisal cycles Following staff changes, concerns, or performance reviews Prior to CQC/Ofsted inspections, internal audits, or contract reviews
π How Is It Carried Out? The audit should review:
π² Does every staff member have a supervision schedule in place?
π² Are supervisions held at least every 6β8 weeks (or as policy states)?
π² Are annual appraisals completed for all staff?
π² Do records reflect discussion of wellbeing, performance, development, and safeguarding?
π² Are goals set, reviewed, and followed up on?
π² Are appraisals linked to training plans and CPD?
π² Do supervisors receive training in holding effective supervisions?
π² Is feedback from staff gathered and acted on?
π§ Lessons Learned & Actions Each audit should result in: A summary of compliance rates and missed reviews Identification of any themes, e.g., lack of goal-setting or unclear records A plan to catch up, retrain supervisors, or improve documentation quality Use of outcomes to improve leadership, communication, and staff morale Good supervision improves practice, retention, accountability, and service quality β all key markers of a well-led organisation.
β Supports Compliance With: CQC Regulation 18 β Staffing CQC Regulation 17 β Good governance Skills for Care guidance β Supervision and appraisals Ofsted's judgement area: Leadership and Management Workforce wellbeing and development best practice
π Click here to download the Supervision & Appraisal Audit Tool and Tracking Template.
Recruitment File Audit
π Recruitment File Audit Promoting Safe Recruitment, Legal Compliance, and Workforce Integrity Aim: The Recruitment File Audit ensures that all staff files contain the required documentation, references, and vetting checks to meet safer recruitment practices and regulatory standards. It helps demonstrate your organisationβs commitment to safeguarding, legal compliance, and transparency, supporting: CQC Regulation 19 β Fit and proper persons employed CQC Regulation 17 β Good governance Ofsted requirements for safer recruitment Equality Act 2010 Immigration and employment law Local Authority and Skills for Care safer recruitment guidance
π₯ Who Should Carry Out the Audit? HR Lead, Recruitment Officer, or Registered Manager Must be familiar with safer recruitment policies and hold access to secure staff files May be supported by a compliance or quality officer in larger organisations
π When Should It Be Done? During onboarding, before a new starter begins employment Annually, as part of routine HR governance checks Prior to CQC/Ofsted inspections, contract monitoring, or internal audits After any DBS concern, complaint, or regulatory feedback
π How Is It Carried Out? Each recruitment file should be checked for:
π² Job application or CV β fully completed and reviewed
π² Proof of identity β including photo ID and address confirmation
π² Right to work in the UK documentation
π² Two references β with at least one from a recent employer
π² Disclosure & Barring Service (DBS) check and outcome
π² DBS update service status if used
π² Employment history with gaps explained
π² Interview record β including scoring or notes
π² Offer letter and signed contract
π² Qualifications and training certificates relevant to the role
π² Health declaration and risk assessment (if required)
π² Induction record and supervision/appraisal plan
π² Equal opportunities and safer recruitment monitoring form
π§ Lessons Learned & Actions Every audit should result in: An updated recruitment compliance tracker Identification of any missing, expired, or inconsistent documents A clear action plan to resolve gaps and retrain staff if needed Evidence of follow-up for any safeguarding or vetting concerns Learning shared in governance meetings or with HR teams Maintaining accurate recruitment files not only supports safer care but also protects the organisation legally and reputationally.
β Supports Compliance With: CQC Regulations 19 & 17 Ofsted inspection framework β leadership, safeguarding, and recruitment KCSIE (Keeping Children Safe in Education), where applicable Skills for Care Safer Recruitment Toolkit Employment law, immigration checks, and equal opportunities guidance
π Click here to download the Recruitment File Audit Template and Compliance Checklist.
Agency/Bank Staff Audit
π₯ Agency/Bank Staff Audit Maintaining Safe, Compliant, and Quality-Assured Temporary Staffing Aim: The Agency/Bank Staff Audit ensures that all temporary, bank, or agency workers meet the same high standards as permanent staff in relation to safeguarding, training, compliance, and fitness to practise. It supports compliance with: CQC Regulation 18 β Staffing Regulation 19 β Fit and proper persons employed Regulation 12 β Safe care and treatment Ofsted workforce and safeguarding requirements Local authority and NHS framework expectations This audit helps protect service users by verifying that all temporary staff are competent, safe, and appropriately supported.
π§Ύ Who Should Carry Out the Audit? HR Lead, Compliance Officer, or Registered Manager May be supported by a nominated shift coordinator or care team lead Should work closely with agency providers or internal bank managers
π When Should It Be Done? Every time a new agency or bank worker is deployed Quarterly to review active agency/bank use and compliance After any incident, concern, or inspection involving agency staff During spot checks or workforce reviews
π How Is It Carried Out? The audit should confirm that:
π² Each agency/bank staff member has a completed staff profile on file
π² A valid enhanced DBS check is in place
π² Two professional references have been verified
π² Mandatory training certificates (e.g. safeguarding, manual handling, medication) are up to date
π² Right to work in the UK documentation is verified
π² Proof of qualifications or registration (e.g. NMC, HCPC) where required
π² An induction checklist was completed before or on their first shift
π² Risk assessments have been considered for lone working or clinical tasks
π² They are included in the rota, supervision system, and handover process
π§ Lessons Learned & Actions Following the audit: Create an agency compliance tracker Follow up on any missing or outdated documentation Provide feedback to agency partners regarding suitability, conduct, or training needs Use data to inform rota planning, induction policies, or agency usage reviews This audit is vital in maintaining continuity, reducing risk, and demonstrating safer staffing practices β even when using non-permanent workers.
β Supports Compliance With: CQC Regulations 12, 18 & 19 Ofsted safeguarding and safer recruitment standards Skills for Care safer recruitment toolkit NHS and local authority commissioning requirements
π Click here to download the Agency/Bank Staff Audit Template and Compliance Log.
Lone Working & Community Visit Audit
π§ Lone Working & Community Visit Audit Protecting Staff and Service Users Beyond the Building Aim: The Lone Working & Community Visit Audit ensures your organisation has effective procedures in place to manage the safety, communication, and accountability of staff working alone or delivering care in the community. It helps protect staff from risk, ensures service user safety, and supports compliance with: CQC Regulation 12 β Safe care and treatment Health and Safety at Work Act 1974 Management of Health and Safety at Work Regulations 1999 Safeguarding responsibilities in home and community settings Local authority and commissioning frameworks for domiciliary care
π₯ Who Should Carry Out the Audit? Health & Safety Lead, Registered Manager, or Lone Working Coordinator In community teams, this may include a Team Leader or Clinical Lead Auditors must understand the lone working policy, risk assessment processes, and emergency protocols
π When Should It Be Done? Quarterly, or after any lone working incident or near miss As part of the induction process for new staff assigned to community roles Following feedback, complaints, or safety concerns from staff or clients Ahead of CQC inspections, contract reviews, or internal audits
π How Is It Carried Out? The audit should check:
π² Is there a written and up-to-date Lone Working Policy?
π² Have all community-facing staff received lone working training?
π² Are risk assessments in place for service users, environments, and locations?
π² Are dynamic risk assessments being completed in the field?
π² Is there a working check-in/check-out system (e.g. phone app, SMS, call-in)?
π² Are emergency contact protocols known and accessible to staff?
π² Are staff provided with ID badges, PPE, and mobile phones or location trackers where required?
π² Are staff supported following incidents (e.g. debriefs, supervision)?
π² Is incident reporting linked back to governance and risk planning?
π§ Lessons Learned & Actions Each audit should result in: Identification of gaps in policy, training, or safety equipment A clear action plan to address any concerns Improvements to procedures, systems, or rota planning Shared learning with staff teams and updates to lone worker protocols
β Supports Compliance With: CQC Regulation 12 β Safe care and treatment Regulation 17 β Good governance HSE Lone Working Guidance Safeguarding and risk management frameworks for outreach, domiciliary, and supported living services Commissioner expectations for staff safety and responsiveness
π Click here to download the Lone Working & Community Visit Audit Tool and Safety Checklist.
Governance & Documentation Audits
Policy and Procedure Audit
π Policy and Procedure Audit Ensuring Clarity, Compliance, and Continuous Improvement Aim: The Policy and Procedure Audit reviews the accuracy, relevance, and compliance of your organisationβs documented policies. It ensures that all policies reflect current legislation, best practice guidance, and organisational standards, supporting effective service delivery and staff accountability. This audit also ensures compliance with: CQC Regulation 17 β Good governance Regulation 12 β Safe care and treatment Ofsted's Leadership and Management requirements Health and Safety at Work Act 1974 Sector-specific frameworks (e.g. MCA, GDPR, Equality Act, Infection Control, etc.)
π₯ Who Should Carry Out the Audit? Registered Manager, Governance/Compliance Lead, or Quality Officer In large organisations, this may be completed by a Policy Review Panel or delegated to department leads for specific areas (e.g., HR, clinical, safeguarding) Auditors should be familiar with regulatory expectations and internal quality assurance frameworks.
π When Should It Be Done? Annually as part of scheduled governance audits After changes in legislation, service structure, or external inspection outcomes Before CQC/Ofsted inspections, contract renewals, or quality assurance visits When policies are due for scheduled review or as part of a policy update cycle
π How Is It Carried Out? The audit should assess whether:
π² All policies are present, named, and stored in a central location (paper or digital)
π² Each policy has a clear review date, author, version number, and approval status
π² The content reflects current legislation, best practice, and regulatory guidance
π² Policies are aligned to the service type and reflect actual practice
π² Staff have been trained on the policy and know how to access it
π² Procedures are clear, step-by-step, and free of jargon
π² There is a clear implementation plan (e.g. linked forms, audits, templates, and logs)
π² There is evidence of policy review, version control, and updates when triggered by incidents or learning
π§ Lessons Learned & Actions Each audit should produce: A list of policies due for update or clarification Actions for policy writing, review, or staff retraining An update to the policy schedule or tracker Escalation of critical policy gaps to governance or board level This process ensures staff have access to live, relevant, and effective policies that guide safe and consistent practice.
β Supports Compliance With: CQC Regulation 17 β Good governance Care Act 2014, MCA 2005, Health and Safety at Work Act 1974, GDPR, and other legal frameworks Ofstedβs expectations around leadership, management, and record keeping Local authority contract monitoring standards ISO-aligned quality management systems
π Click here to download the Policy and Procedure Audit Template and Review Tracker..
Complaints & Duty of Candour Audit
π¬ Complaints & Duty of Candour Audit Embedding Transparency, Learning, and Honest Communication Aim: The Complaints & Duty of Candour Audit reviews how well your organisation manages concerns, formal complaints, and notifiable safety incidents. It ensures your responses are timely, respectful, and rooted in a culture of transparency and accountability. This audit supports compliance with: CQC Regulation 16 β Receiving and acting on complaints CQC Regulation 20 β Duty of candour Regulation 17 β Good governance The Health and Social Care Act 2008 (Regulated Activities) Local authority contract and safeguarding expectations NHS complaints and incident reporting frameworks (where applicable)
π₯ Who Should Carry Out the Audit? Registered Manager, Quality Lead, or Complaints Officer In some settings, the Safeguarding Lead or Deputy Manager may co-audit Auditors must be familiar with the organisationβs complaints policy and Duty of Candour procedure
π When Should It Be Done? Quarterly, as part of routine quality assurance Following any serious complaint, safety incident, or external investigation Prior to CQC or Ofsted inspections, contract reviews, or governance meetings After internal learning reviews or trend analysis
π How Is It Carried Out? Use an audit tool to assess:
π² Are there clear systems in place for logging complaints and concerns?
π² Are all complaints acknowledged within the policy timeframe?
π² Is there evidence of investigation, with findings and actions recorded?
π² Were complainants given a clear outcome and apology where appropriate?
π² Are learning and outcomes shared with staff or governance teams?
π² Are complaints used to improve practice, policy, or staff training?
π² For safety incidents, was the Duty of Candour process followed correctly?
π² Are written notifications, explanations, and apologies on record?
π² Are trends and themes analysed and reported to senior leadership?
π§ Lessons Learned & Actions Each audit should lead to: Identification of missed deadlines, poor communication, or process gaps Updates to staff training, complaint templates, or communication strategies Logged actions, with follow-up reviews and governance oversight A review of your Duty of Candour policy and organisational culture of openness Being open, honest, and responsive builds trust, compliance, and service improvement.
β Supports Compliance With: CQC Regulation 16 β Complaints CQC Regulation 20 β Duty of candour Regulation 17 β Good governance NHS Duty of Candour guidance (for healthcare providers) Local authority and safeguarding board complaint expectations
π Click here to download the Complaints & Duty of Candour Audit Template and Action Log..
QIP (Quality Improvement Plan) Review
π QIP (Quality Improvement Plan) Review Driving Accountability, Measurable Change, and Outstanding Practice Aim: The Quality Improvement Plan (QIP) Review is a structured evaluation of how well your service is progressing against agreed actions for development, compliance, and enhancement. It ensures that identified areas for improvement are being tracked, implemented, and embedded β leading to better outcomes for people, stronger governance, and continuous learning. This process supports compliance with: CQC Regulation 17 β Good governance CQC Key Lines of Enquiry (KLOEs) β particularly "Well-led", "Safe", and "Effective" Ofstedβs Self-Evaluation Framework Local authority contract improvement frameworks Best practice standards (e.g. NICE, Skills for Care, ISO systems)
π₯ Who Should Carry Out the Review? Registered Manager, Quality/Compliance Lead, or Senior Leadership Team May involve clinical leads, service managers, or board members in multi-service organisations The QIP should be updated with input from staff, service users, and stakeholders where relevant
π When Should It Be Done? Monthly or quarterly, depending on the size of the service and scale of improvements After inspections (CQC, Ofsted, internal audits) or external reviews Following incidents, complaints, or feedback that highlight areas for development Prior to contract renewals, board meetings, or self-assessment deadlines
π How Is It Carried Out? Use your QIP document to review:
π² Are actions clearly assigned, with owners, deadlines, and RAG (Red/Amber/Green) status?
π² Have actions been completed on time, or reasons for delays recorded?
π² Is there evidence that improvements are being embedded in day-to-day practice?
π² Are changes having a measurable impact on quality, safety, or user experience?
π² Have any new actions emerged since the last review?
π² Is the QIP being used to inform supervisions, audits, and team development?
π² Are updates shared with governance groups, service users, or staff?
π§ Lessons Learned & Actions Following the review: Update RAG ratings and action statuses Add any new issues arising from audits, feedback, or incidents Ensure supporting evidence is available (e.g. training logs, audits, revised policies) Use the QIP to drive team accountability and strategic oversight The QIP should not be a βtick-box exerciseβ β it should reflect the heartbeat of your serviceβs learning and improvement.
β Supports Compliance With: CQC Regulation 17 β Good governance Ofsted SEF (Self Evaluation Form) and ILACS Framework ISO 9001:2015 β Continuous improvement and monitoring Local authority service improvement requirements Internal board reporting and organisational development
π Click here to download the QIP Review Template and Progress Tracker..
Self-Assessment Review (SAR)
π§Ύ Self-Assessment Review (SAR) Reflect, Evaluate, Improve β A Framework for Excellence Aim: The Self-Assessment Review (SAR) is a structured evaluation process that allows organisations to reflect on their own performance, measure progress, and identify areas for development. It promotes transparency, accountability, and ownership of quality across teams and services. SARs are a key part of quality assurance and regulatory compliance, supporting: CQC Regulation 17 β Good Governance Ofstedβs Education Inspection Framework (EIF) Skills for Care and ESFA quality standards Local authority and commissioner contract frameworks
π₯ Who Should Complete the SAR? Registered Manager, Training Provider Lead, or Head of Service May involve a Quality Lead, Governance Team, or staff and stakeholder contributors SARs should include input from: Staff teams Service users/learners Families/carers Stakeholders and commissioners
π When Should It Be Done? Annually β typically aligned with your quality reporting cycle or fiscal year-end After inspections, contract reviews, or significant organisational change When preparing for external validation, funding applications, or strategic planning Mid-year updates may be useful for large or multi-site services
π How Is It Carried Out? The SAR evaluates your performance against a set of quality indicators, including:
π² Leadership and Management
π² Quality of Service or Education
π² User Experience and Outcomes
π² Staffing, Training, and Development
π² Safeguarding and Risk Management
π² Partnerships and Stakeholder Engagement
π² Equality, Diversity, and Inclusion (EDI)
π² Regulatory Compliance and Governance Each area is graded (e.g., Outstanding, Good, Requires Improvement) and supported by: Evidence of impact Identified strengths Areas for improvement Linked actions (often integrated into a Quality Improvement Plan or QIP)
π§ Lessons Learned & Actions Use SAR findings to: Drive strategic planning and investment Inform training, supervision, and policy changes Prepare for CQC, Ofsted, or commissioner inspections Engage staff and stakeholders in a shared vision for improvement Link all SAR outcomes to your QIP, audits, and governance processes for clear evidence of ongoing improvement.
β Supports Compliance With: CQC Regulation 17 β Good Governance Ofsted EIF β Self-assessment and continuous improvement Skills for Care Quality Mark and Learning Provider Assurance ESFA Quality Assurance Framework Local authority quality monitoring standards
π Click here to download the SAR Template and Self-Assessment Toolkit.
Data Protection & GDPR Audit
π Data Protection & GDPR Audit Protecting Privacy, Building Trust, and Meeting Legal Obligations Aim: The Data Protection & GDPR Audit ensures your organisation is meeting its legal duties under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It reviews how personal data is collected, processed, stored, shared, and destroyed β helping you reduce risk, maintain confidentiality, and demonstrate accountability and transparency. This audit supports compliance with: CQC Regulation 17 β Good governance UK GDPR & Data Protection Act 2018 Caldicott Principles (for health and social care settings) Ofsted expectations on record-keeping and learner/staff data Local authority and commissioner data assurance frameworks
π₯ Who Should Carry Out the Audit? Data Protection Officer (DPO) or Registered Manager May also be completed by a Quality Lead, IT Lead, or Compliance Officer Staff conducting the audit should be trained in GDPR principles and internal data handling policies
π When Should It Be Done? Annually, as part of your governance and compliance cycle After any data breach, ICO enquiry, or significant service change Prior to inspections, funding reviews, or contractual audits Whenever introducing a new system, third-party processor, or digital tool
π How Is It Carried Out? The audit should examine the following areas:
π² Is there a named Data Protection Officer (DPO) or responsible person?
π² Is your Privacy Policy up to date and publicly available?
π² Do you have a Record of Processing Activities (ROPA) in place?
π² Is consent obtained where required, and properly documented?
π² Are privacy notices issued for staff, service users, families, and learners?
π² Is personal data stored securely, both digitally and in physical formats?
π² Are data sharing agreements in place with third parties?
π² Are staff trained in GDPR and information governance annually?
π² Is there a data breach log, and is the reporting process clear?
π² Are retention and disposal policies being followed correctly?
π² Are Subject Access Requests (SARs) handled appropriately?
π§ Lessons Learned & Actions Following the audit: Identify gaps, risks, or outdated practices Update staff training, policies, or systems where needed Log actions in your Governance or Risk Register Notify and retrain staff where a data handling error has occurred Review supplier agreements and digital platforms for compliance
β Supports Compliance With: UK GDPR (post-Brexit data regulation) Data Protection Act 2018 CQC Regulation 17 β Good governance Ofstedβs expectations for safeguarding and learner confidentiality NHS Digital, Caldicott, and ICO guidance (if applicable)
π Click here to download the GDPR Audit Template and Data Handling Checklist.