Comprehensive guide to HR audits

The ultimate guide to HR audits

Everything you need to know about HR audits: what they are, who should conduct one, and how to perform one.

New call-to-action

What is an HR Audit?

According to the Society of Human Resource Management (SHRM), “an HR audit involves devoting time and resources to taking an intensely objective look at the organization’s HR policies, practices, procedures and strategies to protect the organization, establish best practices and identify opportunities for improvement.”

An HR audit can help you understand whether your HR practices are benefitting or hampering your organization. It provides feedback about HR initiatives and their effect on business objectives. It can provide a road map for needed changes to HR policies, procedures, and metrics to boost performance of human capital in the organization. Typically, these HR audits focus on compliance, best practices, and strategy.

Table of contents

  1. When to conduct an HR audit
  2. Who should conduct an HR audit?
  3. Conducting the audit
  4. Collecting and analyzing data
  5. Presenting findings, recommending changes and implementing continuous improvements

When to conduct an HR audit Back to top

We propose taking a three-year, phased approach to your HR audit. It allows the organization to focus on each component below. Other options include mini-audits every six months, scheduled annual check-ups, or conducting an audit following any major event (new ownership, new management, new HR direction, etc.) While we don’t encourage knee-jerk audits, we have written about the 4 red flags that signal you need an HR audit.

To maximize the value of the HR audit, while minimizing disruption to operations, it is imperative to plan for your initial HR audit or subsequent check-ups. An HR audit planning calendar can be an invaluable tool to ensure you keep the project running on-time. The planning calendar should set:

  • A timeline for data collection (especially if data will be collected from multiple teams/departments)
  • Date(s) for reporting findings to key stakeholders
  • Dates for reporting change implementation status to key stakeholders

Who should conduct an HR audit? Back to top

A thorough HR audit will analyze human resource compliance, payroll and benefits compliance, and HR strategy. Ideally, the person or entity conducting the HR audit will have:

  • Expertise and experience in the various HR functions, as well as payroll and employee benefits;
  • Time and ability to acquire and analyze data, synthesize the analysis into reportable findings, and develop a plan for future improvements; and
  • Ability to work with key stakeholders to implement and execute the plan for future improvements.
DIY or external HR audit?

If you are thinking of conducting an in-house, or do-it-yourself, HR audit, an HR audit project checklist can help you identify the expertise needed, the time needed to acquire and analyze data, and assess whether you will get buy-in from key stakeholders. The checklist can also be helpful determining whether an external HR auditor can complete the project in a timely and satisfactory manner.

An external auditor can approach the HR functions with an objective perspective which may alleviate any tension between the HR department and other departments or key stakeholders. A neutral observation tends to unearth other potential issues or bottlenecks since the external auditor is not aware of the current routines within the entity. Additionally, an external auditor’s experience with other companies, can help the organization learn about new ideas that could better assist the HR function.

Consider time and cost of the DIY route

The final decision may come down to time and cost. Start with the internal cost first. Consider who will be involved in acquiring the data, analyzing it, and developing findings and suggesting improvements. Keep in mind the opportunity cost of other projects that will sit idle while the audit is ongoing. Additionally, if the internal HR auditors are not accustomed to interviewing employees, consider the additional cost of interview time of employees compared to an experienced auditor who can complete the interviews more efficiently. Finally, consider the data. If the data to be acquired and analyzed is readily available and integrated into current operations, the time needed will be reduced.

In addition to the cost of hiring an external auditor, consider the possibility of the external auditor finding anything that may result in litigation. If you have concerns that certain HR practices may pose a litigation threat, consider incorporating an external legal advisor to help conduct the audit.

In sum, consider the audit scope, work hours required, and data collected to determine the appropriate team to carry out the HR audit.

Conducting the audit Back to top

An HR audit should focus on three different areas: HR compliance, payroll and benefits compliance, and HR strategy. We suggest conducting a three-part, three-year HR audit, where each area is the sole focus of the HR audit for that year. This allows the organization adequate time to gather the relevant data, analyze it, and begin implementing suggested changes. We have found that trying to complete one, over-arching HR audit is difficult to plan, implement, and complete.

HR compliance
Employee policies & handbook

The first area we suggest reviewing for HR compliance is your employee policies. Not only can employment laws change at any time, but the courts’ interpretation of those laws can impact employers. It is important to regularly review your employee handbook to ensure policies are legally compliant and aligned with organizational practices. An outdated handbook that is not followed can be more problematic than having no employee handbook at all. In this area, we review what policies you have in place in consideration of federal and state employment laws and make recommendations for changes based on required and recommended policies.

Examples include:

  • EEO policy
  • Anti-harassment policy
  • FMLA policy, if required
  • Employment at will, if applicable in your state
  • ADA accommodation
  • Drug and alcohol policy

Interested in learning more about why you should have an employee handbook? Here are seven reasons you need an employee handbook.

Equal Employment Opportunity (EEO) laws

The next area is practices related to the recruitment, selection, hiring, and promotion processes. The organization needs to ensure these various processes comply with EEO laws. These EEO laws prohibit specific types of job discrimination in certain workplaces. Those types of discrimination include:

  • Age
  • Disability
  • Equal pay/compensation
  • Genetic information
  • Harassment
  • National origin
  • Pregnancy
  • Race/color
  • Religion
  • Retaliation
  • Sex
  • Sexual harassment

Some specific prohibited employment policies/practices related to recruitment, selection, hiring and promotion include:

  • Job advertisements showing a preference for, or discouraging of, certain applicants based on the protected categories above. An example would be a job posting asking for recent college graduates.
  • Employers cannot base hiring or promotion decisions on stereotypes and assumptions about a person and their protected category above. An example would be an employer not hiring a middle-aged employee because the employer presumed the applicant didn’t know how to use social media.
  • Employers cannot consider a person’s protected category when deciding to discipline or discharge an employee. An example would be an employer laying off the oldest workers because of their age.

Is your organization paying women less than men? Here is an article about actions that can encourage equal pay.

Affirmative Action Program (AAP)

In addition to EEO laws, some organizations must also comply with AAP. The DOL states, “[for] federal contractors and subcontractors, affirmative action must be taken by covered employers to recruit and advance qualified minorities, women, persons with disabilities, and covered veterans.” Affirmative action can include training, outreach efforts, and other activities. These activities need to be included in the organization’s personnel policies, implemented, kept on file and updated at least annually.

American with Disabilities Act

Finally, the American with Disabilities Act also applies to recruitment, selection, hiring and promotion activities. It applies to organizations with more than 14 employees. According to the Equal Employment Opportunity Commission, an individual with a disability is a person who:

  • Has a physical or mental impairment that substantially limits one or more major life activities,
  • Has a record of such an impairment, or
  • Is regarded as having such an impairment.

A qualified employee or applicant with a disability is an individual who can perform the essential functions of the job in question with or without reasonable accommodation. An employer is required to make a reasonable accommodation to the known disability of the qualified applicant/employee if it would not pose an “undue hardship” on the organization. Some examples of accommodations include:

  • A sign language interpreter during a job interview for a deaf applicant.
  • Regularly scheduled breaks for a diabetic employee to eat properly and monitor blood sugar/insulin levels.
  • Someone to read information posted on a bulletin board for a blind employee.

Some organizations can even receive federal tax incentives for employing people with disabilities and promoting the accessibility of public accommodations.

Personnel files and required documentation

The next area to focus on HR compliance is a review of personnel files and required documentation, including I-9 forms.

Federal and state laws require retention of some records for defined periods of time. In addition, there are recommended ways of organizing your files and access should be limited. We conduct a review of your I-9 process to assess whether forms are completed within the required timeframes, whether individuals completing the Form I-9 on behalf of the company are appropriately trained and review a sample of the forms to look for errors. Often these are technical errors that may be easily corrected. We also look at completed performance evaluations and disciplinary documentation to make suggestions for improvements to documentation.

We have a helpful article that addresses fines, mistakes, and E-Verify information related to I-9 forms. Additionally, learn why updated personnel files are critical to your business.

Required postings, notices and record retention

The next area focuses on required postings, notices, and records retention procedures. We call it the notice and retention review. There are several employment laws that require employers to post notices to their employees, and this can be done through a combination of policies and posters. Examples of required posters include equal employment opportunity, minimum wage and overtime requirements, and workers’ compensation processes. We review the posters you have displayed and your process for review and updating these.

FLSA classifications

Finally, we close this area of the audit with a thorough review of FLSA classifications. Federal and state laws require most employees to pay overtime rates to non-exempt employees who work more than 40 hours in a seven-day workweek.

We review job descriptions for positions designated as exempt from overtime to assess if positions are correctly classified. Employers that incorrectly classify employees’ positions as exempt from overtime are subject to back-pay of overtime and penalties should an employee file a complaint or the DOL audit the employer. The DOL provides guidance for determining whether a position qualifies as exempt from overtime based on the type of organization, industry, role, and responsibilities. Certain “white-collar” exemptions can be challenging to assess, and the interpretation may change over time, so it is a good practice to review periodically based on current enforcement guidance.

The review includes an assessment of whether the positions meet both the salary-basis requirements and duties test for exempt status. As usual, there are exceptions to the rule. We have four questions that can help you better understand overtime pay requirements.

Payroll & benefits compliance

With the payroll and benefits compliance review, you should focus on taxation of earnings and benefits, payroll and ledger reporting requirements, benefits notice and recordkeeping, and worker’s compensation and insurance.

We all know Uncle Sam wants a cut of wages. But did you know he also wants a cut of those perks? Or at least some of the time? It can get confusing what is exempt, what is not, limitations on those benefit, etc. The IRS expects you to manage and pay your employees’ payroll taxes, and it is your responsibility to get it done. Here are 8 tips for avoiding payroll tax issues. Also, make sure you are not making one of these mistakes. Finally, do not assume you know the ins and outs of a constantly changing legal landscape. Here are 6 important payroll IRS compliance tips. It is hard to pay taxes if you are not reporting payroll or your general ledger accurately.

Employers also must address several notice and recordkeeping requirements. In reviewing these areas, we look at the notices that you provide your employees, based on the benefits that you provide and the size of the organization. We review your FMLA process and forms used to ensure that you are providing notice in the required timeframes. We review when you provide disclosures and summary plan descriptions, forms and notices related to ACA and ERISA. What is your process for COBRA forms distribution? If you are a smaller employer and not subject to COBRA, does your state law require action for continuation of benefits?

Here is a list of the top questions and answers related to electronic disclosure rules for retirement plans.

Finally, every organization needs to address workers’ compensation and unemployment insurance. Workers’ compensation insurance helps protect organizations and their employees from financial loss when an employee is injured on the job or get sick from a work-related cause. Most states require employers to carry workers’ compensation insurance. Per the Hartford, “employees are not responsible for paying for workers’ compensation benefits.”

Coverage depends on the insurance policy purchased, but it typically covers:

  • Medical expenses
  • Lost wages
  • Ongoing care costs
  • Funeral expenses

Some situations may not be covered by workers’ compensation (depends on state laws). A few typical examples include:

  • Employee starts a fight and sustains injuries.
  • Employee is intoxicated on the job and sustains injuries.
  • Employee intentionally injures his/herself.

Unemployment insurance is a joint federal-state system that helps many people who have lost their jobs by temporarily replacing part of their wages while they actively look for work. Employers pay taxes on behalf of their employees to provide the employees with income support if they lose their jobs. Depending on the current laws, rates vary between states and the final rate an employer pays depends on a few factors (state unemployment credit, etc.)

HR strategy

HR compliance is the bare minimum the HR department can do for an organization. While compliance encompasses a lot of work, the HR department can also sit at the leadership table and provide strategic value. An HR audit can help the organization identify strategic HR opportunities.

The first place to start is reviewing or identifying key HR metrics that drive organizational success. These metrics could include employee turnover, cost of employee acquisition, cost of employee retention, employee engagement scores, and many others. Once the HR department knows what HR levers contribute to the success of the organization, HR can begin implementing actions and tactics to boost those metrics. Those metrics tend to fall into one of these categories:

  • Recruitment, hiring, and onboarding
  • Position descriptions, performance management, and compensation strategies
  • Succession planning and workforce planning
  • Employee engagement
  • Employee communications, complaints and risk management
  • Diversity, equity and inclusion
Recruitment, hiring and onboarding

The recruitment to onboarded employee process is critical. With a thorough review of practices in this process, the organization can ensure it is recruiting the employees with a good cultural fit, hiring the best from the applicant pool, and making it as easy as possible for the new employee to hit the ground running.

We see organizations use different methods for recruiting, so we can provide perspectives on what works well and suggest ways to improve efficiencies and your hiring and onboarding processes. We interview your hiring managers to see where the process works well and where it falls short to help you identify potential areas for improvement. In addition, we can suggest sourcing strategies to get applicants to your organization. We also review your onboarding process to suggest ways to make that more effective and welcoming for your new employees.

Just getting started with a strategic perspective on recruitment? Start using your organization’s purpose as a recruitment tool.

Position descriptions, performance management and compensation strategies

What happens once that employee joins your team? Does the job description adequately reflect what they’ll be doing? Are the employee's strengths tailored for that position? How can managers get the best performance out of the employee? Will the organization provide a fair compensation?

These are just a few questions HR and the organization must analyze for every position. We review position descriptions to assess whether they describe the job well and include compliance related aspects (physical requirements, work environment, other requirements) to ensure you have a good description to be able to assess disability accommodations when needed.

We review performance management systems and related training to assess whether employees get the feedback and coaching needed to do their jobs well, which can tie to compensation. Are you compensating employees for their performance, and do they know what they can do to earn more? We review your compensation strategies to make recommendations for creating a performance-based culture that is fair and equitable.

While compensation must be competitive, you can stand out from the competition by knowing your organization’s why.

Succession and workforce planning

Fortunately, or maybe unfortunately, the world is not static. It is always changing and so is your workforce. HR audits address this by reviewing and analyzing succession and workforce planning activity.

While similar, each type of planning focuses on different needs of the organization. Succession planning is a systematic approach to professional development to ensure potential leaders are groomed and ready to take over senior leadership positions in the future. It typically focuses on a micro-level helping specific individuals or teams and effectively transitioning them into senior leadership roles.

Workforce planning takes a broader view and typically focuses on staff-level positions and is usually budget-driven. It also considers business trends, competitors, and other external factors to determine what the labor market will look like and how it will affect the organization’s ability to recruit and retain employees. Can’t wait to get started with succession planning? Start identifying future leaders of your organization with this worksheet.

Employee engagement and retention

Employee engagement can provide insight into employee retention. More engaged employees tend to stay with the organization. An HR audit will assess current internal people practices to help the organization understand where it is lacking when it comes to employee engagement. Did you know engagement is more than a parking space or monthly award? Learn more about what really matters in engaging employees. Did you know engagement, on-the-job training, and community outreach can boost skilled labor recruitment?

Employee communications, complaints and risk management

In addition to compliance, HR can add value through HR risk management activity. We tend to think of employee communications, handling of complaints, and other HR-related risks beyond compliance. An HR audit should review and analyze employee communication programs and how managers and HR address employee complaints. Ever wonder what you should do when an employee is terminated or quits? Here are six tips for when you must fire an employee. These are seven steps to take before an employee leaves the organization (even if amicably).

Diversity, inclusion, and equity

Diversity of the American population continues to increase. Organizations will need to ensure their practices are open to this diversity. Whether its recruitment, management, or other activities, the ability to tap into a diverse set of experiences and ideas could prove to be a strategic differentiator in the future.

An HR audit analyzes and reviews practices and policies related to hiring, training and development, promotions, compensation, succession planning, and general communications to ensure the organization is not hampering its ability to tap into the potential of diversity and inclusion. Additionally, an HR audit also conducts a compensation review to ensure pay equity is prevalent across similar positions and with employees of similar experience and training. Here are six key components of a compensation review.

Collecting and analyzing the data Back to top

We have touched on the wide-ranging areas an HR audit reviews. You will need to collect data related to each of those areas and review the data for compliance issues, errors, or other suboptimal activity. While your first inclination may be collecting all the data for analysis, we encourage a more nuanced approach.

Data collection

First, define the scope of the audit. Again, we suggest a three-phase approach over three years (HR compliance in year one, payroll and benefits in year two, and HR strategy in year three). This approach allows for more timely and relevant data collection, analysis, reporting information and proposing changes.

Once the scope is defined, begin identifying the buckets of data you will need (hiring, management, regulatory, etc.) to analyze. Once those buckets are defined, then pinpoint specific datasets and their storage locations and extract that data. We suggest using a data checklist for each area to ensure you collect all of the relevant data.

Data analysis

Once the data is collected, analyze the data as described above using relevant regulations, laws, and other authoritative or relevant sources. Conduct the analysis on a “bucket” basis so that your analysis is thorough and complete before moving on to the next area. We find this structured approach yields more insights and clarity than reviewing whatever is next in the stack of data. It may also be beneficial to pull in outside expertise (HR attorneys, etc.) to provide another perspective to the analysis, especially if the HR auditor’s expertise is limited to specific sub-specialties of the HR realm or lacks significant HR experience.

We suggest finishing the analysis stage for each bucket by creating a list of any red flags that need immediate attention due to legal reasons, and a two-by-two matrix to organize other improvements.

Easy to implement Difficult to implement
High value to organization
Low value to organization

Presenting findings, recommending changes and
implementing continuous improvements Back to top

Once you have analyzed the data, it is time to put that analysis into action!

The audience

Before making a presentation, it is imperative you have the right audience. We suggest the following audience for your findings and analysis:

  • Required
    • Board of directors (if applicable)
    • Senior leadership (CEO/President, etc.)
    • Legal counsel (if applicable)
  • Optional
    • Key managers and other stakeholders
Presenting findings and recommending changes

With the audience in place, determine the best method for distributing findings, suggested changes and ways to implement continuous improvements. We suggest a written report that covers each bucket of data, any red flags, and the matrix, along with a request for an in-person meeting to discuss the findings and suggestions. This gives the audience an opportunity to read the report and prepare any thoughts or questions before the in-person meeting.

Implementing continuous improvements

It would be a waste of resources to merely report back your findings and suggested changes. Action needs to be taken.

Any red flag associated with potential legal action should take priority over all other recommended changes. But how do you know when and where to allocate your time to implement the other recommended changes?

We suggest the following process based on the improvement matrices from your analysis:

  1. Aggregate all the activities in each square of the matrices (i.e. high value, easy to implement) into a list. You will end up with four lists, one for each square of the matrix.
  2. Once those four lists are compiled, sort each list by value with the highest value activity listed first and the lowest value activity listed last. Once sorted, number each task with highest value activity being one, next highest two, and so on.
  3. Once the values are sorted, assign the number of hours it will take to complete each activity in each list. An example of an entry item could look like [3. Update all FLSA posters – 2.5 hours].
  4. For each task multiply the value by the hours needed. The lower the number the higher the priority of the task. Using our previous example, updating all FLSA posters would have a value of 7.5.

In closing Back to top

HR audits are an intense review into the organization’s HR compliance, strategy, and activities. While they require a significant investment of time, energy, and potentially money, the value they provide can yield a serious return on that investment. If you have questions about the HR audit process, how to conduct one, or what to look for in an HR auditor, our team is happy to answer any question you may have and can be contacted using the information below.

Learn more

For more information about HR audits, contact Carrie Cox using the information below.

Carrie Cox

Senior Consultant
HR & Org. Development Services

Carrie has experience in a variety of human resource functions, including labor laws, compensation structures, employee classification, benefits administration, performance management and human resource best practices. She has served clients in a number of industries, including manufacturing, construction, banking and not-for-profits. Carrie is a member of the national and local chapters of the Society of Human Resource Professionals (SHRM) and serves on the Wichita chapter board of directors.

She is a certified practitioner for the Myers-Briggs Type Indicator® and the Hay Group’s Emotional and Social Competency Inventory. Her additional certifications include Professional in Human Resources (PHR) from the Human Resource Certification Institute and SHRM-CP designated by the SHRM.

Are your HR practices in compliance?
AGH's Human Resources audit can help you find out.