CAPR, Follow-up, and Sharing in the Sedex SMETA Audit: How This Creates Added Value for Buyers and Suppliers

Sedex SMETA Audit Completed – What Happens Next? 

Once a Sedex SMETA audit has been completed, attention typically focuses on the audit report. It consolidates the results of the social audit and forms the basis for the next steps. In practice, however, audit reports are used in different ways: while some organizations systematically follow up on them, in others they remain primarily a formal proof of adherence to social standards for business partners. 

Importantly, the SMETA audit is not designed as a pass-or-fail assessment. The organization Supplier Ethical Data Exchange (Sedex), which developed the SMETA audit, describes it as follows: “It aims to help the company/site find any management and operational issues via desktop and on-site auditing to identify the areas of continuous improvement.” With SMETA Version 7.0, Sedex has further strengthened this objective. 

DQS is approved as an Affiliate Audit Company (AAC) and conducts Sedex SMETA audits worldwide. In this article, you will gain practical insight into the implementation of a SMETA audit. 

Overview of Post-Audit Activities 

A Sedex SMETA audit always represents a snapshot in time. It shows how a site performs in terms of social standards at the time of the audit. However, it reveals little about how the results are handled afterwards. 

Only the post-audit activities reveal how identified issues are addressed and what progress has been made. This transparency can contribute to more resilient supply chains and business relationships. 

Post-audit activities in a SMETA audit include the Corrective Action Plan Report (CAPR), possible follow-ups (desktop reviews or on-site follow-up audits) and the sharing of audit results. 

These activities are interconnected: the CAPR contains corrective actions for identified issues, follow-ups make their implementation status visible, and sharing ensures that the information is accessible to relevant business partners. 

Important: All post-audit activities serve to document and verify audit results. They do not include consulting services or instructions on how to implement corrective measures. Responsibility for implementation lies with the management of the audited sites.

Common Findings in SMETA Audits: What Do the 2025 Audit Data Show? 

The following analyses are based on anonymized data from SMETA audits conducted by DQS in 2025. The aggregated evaluation does not allow any conclusions to be drawn about individual organizations or sites, but it shows which audit findings are most frequently documented in SMETA audits.

SMETA Audits 2025: Most Frequent Audit Findings 

The following overview shows the ten most frequent findings identified in SMETA audits in 2025: 

• Not all emergency exits are properly marked and lighted. 
• A committee exists but workers do not know about the worker committee, its function and/or who their representatives are. 
• Machines lack appropriate safety guards (e.g. eye or needle guards on sewing machines, belt/hand guards on other machines). 
• Personal Protective Equipment (PPE) provided but incidents of workers not using PPE where appropriate. 
• Written human rights policy in place but does not meet the full requirement to be approved at the most senior level, communicated to all personnel, and trained to relevant personnel. 
• First aid box available but contents are missing, out of date or otherwise inadequate. 
• No evacuation plan or designated emergency exit route. 
• Site has not established resource targets and/or has not developed a plan to reach them. 
• Unsafe handling of electrical equipment e.g. no rubber mats in front of electricity panels. 
• Lack of a detailed grievance procedure that has been communicated to all workers. 

SMETA Audits 2025: Most Frequent CAR Findings 

Collaborative Action Required (CAR) findings refer to non-compliances that cannot be resolved by the audited site alone but require joint action by several parties (supplier, customer/client, or other business partners). 

The overview shows the five most frequent CAR findings identified in SMETA audits in 2025: 

• A living wage gap analysis has not been completed.  
• A wage improvement plan (with Living Wage as the goal) has not been completed.  
• There is no dedicated equity approach regarding recruitment, training, development and promotion processes. 
• A wage improvement plan (with Living Wage as the goal) has been completed but it is missing key elements. 
• A living wage gap analysis has been completed but it is missing key elements.

CAPR in the SMETA Audit: Significance, Content and Benefits 

While the audit report documents all results of a social audit, the CAPR (Corrective Action Plan Report) focuses specifically on the issues that require follow-up. Organizations can use it as a basis for potential improvements.  

What is a CAPR and what information does the report contain? 

The CAPR is a structured report that links audit findings with specific corrective and preventive actions. It is aligned with the audited organization. 

The corrective and preventive action plan contains basic information about the audited site and the audit performed. The core of the report is the list of audit findings identified as Non-Compliance or Non-Conformity (NC). Each finding is described using the following elements: 

• Code area 
• Workplace Requirement 
• Area of non-conformity/non-compliance: Ethical Trading Initiative (ETI) Base Code, local law or customer-specific requirements 
• Description of the finding  
• Corrective and preventive action  
• Timeframe for remediation: immediate, 30, 60 or 90 days 
• Type of verification (desktop review or on-site follow-up audit)  
• For the previously mentioned CAR findings – deviations that require coordinated action by several parties – the timeframe may be longer, as the causes are often complex and require coordination between multiple stakeholders. 
• In the CAPR, particular focus is placed on describing the audit finding and the corrective and preventive measures. To illustrate what this may look like, we use the two most common findings from 2025 as examples: 
• Not all emergency exits are properly marked and lighted. 
• Description: Two emergency exits in the production area were not equipped with illuminated exit signs, which could delay safe evacuation in an emergency. 
• Corrective and preventive actions: Installation of illuminated exit signs, inspection of all other escape route signage, and introduction of inspection procedures. 
• Employees are unaware of the worker committee or their representatives.  
• Description: A worker committee exists, but interviews revealed that employees were not aware of its existence, its function, or their respective representatives. 
• Corrective and preventive actions: Information sessions, notice board announcements, written communication, and quarterly refresher training. 

What value does a CAPR provide? 

The CAPR is the central management tool after a SMETA audit. It translates documented findings into concrete measures and deadlines, thereby creating the basis for a structured follow-up process. For suppliers, it provides internal clarity and prioritization; for buyers, it increases transparency regarding how identified risks are addressed. The value of the CAPR lies in the systematic management and documentation of non-compliances within the supply chain.

Follow-up in the SMETA Audit: Role and Benefits 

The follow-up builds on the CAPR: auditors verify whether the documented corrective and preventive actions have been initiated or implemented. 

What does follow-up mean in practice and how does it work? 

A follow-up audit verifies whether the deviations documented in the CAPR have been addressed. Usually, the purpose is not to conduct a new assessment of the site, but rather to review selected audit findings. 

Using the earlier examples: Are all exit signs now illuminated? Has an information session about the worker committee taken place? 

SMETA does not generally require follow-ups. In practice, however, clients often expect identified deviations to be addressed and verified. Two forms are common: 

An on-site follow-up audit takes place at the facility and is used when the scope or severity of the deviations requires renewed inspection or interviews. 

A desktop review is conducted remotely, for example on the basis of submitted documents or other appropriate evidence. 

What value does a follow-up provide? 

Follow-ups in SMETA audits independently verify whether the measures documented in the CAPR have actually been implemented. For buyers, this increases the reliability of supplier assessments; for suppliers, it provides credible evidence of progress. 

The value lies in the objective verification that identified deviations have been addressed. During a follow-up assessment, auditors look for improvements, not just strict compliance. If a site has made progress on a partially implemented corrective action, this progress is also documented.

Sharing in the SMETA Audit: Transparency and Benefits 

Sharing audit results via the Sedex platform is a straightforward way to provide relevant information to business partners. It is a recurring process that can take place after the audit as well as after any follow-up, reflecting updated information. 

What does sharing audit results mean in practice and how does it work? 

In the SMETA context, sharing audit results refers to the targeted and controlled distribution of audit information to relevant business partners. Because the information is sensitive, it is precisely defined which information is visible to which recipients. 

Important: Sharing within the SMETA framework is intended exclusively for communication between business partners within the supply chain, not for public reporting. 

What value does sharing provide? 

Sharing ensures that relevant audit results are communicated to business partners in a controlled and structured manner. It creates a shared information basis within the supply chain. 

For buyers, this facilitates risk assessments in the context of ESG and due-diligence requirements. For suppliers, it increases the visibility of how they address audit findings. The value lies in the transparent and standardized communication of audit results. 

Value for Both Sides: Buyers and Suppliers 

CAPR, follow-ups and sharing create value for both sides of the supply chain – albeit in different ways. 

Often, buying organizations require a SMETA audit. Post-audit activities show how social standards are implemented by their suppliers and where risks exist. This supports them in fulfilling legal due-diligence obligations and meeting increasing ESG requirements. 

For suppliers, these activities represent more than a compliance task: they enable them to demonstrate adherence to standards to business partners, build trust and identify risks in areas such as working hours, remuneration or occupational health and safety. 

DQS – Your Partner for Social and Sustainability Audits 

DQS is your competent partner for social and sustainability audits. As an Affiliate Audit Company (AAC), we have been conducting Sedex SMETA audits worldwide for almost ten years and are approved as an audit company by leading organizations in the consumer goods industry. Through smooth audit planning and meaningful audit reports, we contribute to the success of your sustainable sourcing strategy.