Learn / Regulated wedge

When the assessor says show me, where do you actually look?

You hand over the SOP with confidence. Then the assessor picks one shipment off your manifest, a pharma consignment that moved through your station in March, and says show me this was actually done the way the document says, and show me who signed off. That minute is the whole audit. The answer you want is one record: the route taken, the sign-offs, the version in force. The answer most teams have is a search.

Every audit has one uncomfortable minute. It is not when you produce the SOP; producing the SOP is easy, and any operation can do it. It is the minute after, when the assessor stops asking what the rule is and starts asking whether the rule was followed on a specific, real event, with a name and a timestamp attached. That gap, between the policy you can recite and the execution you have to prove, is where findings are written. This is a field guide to closing it before it opens.

The question behind the question

When an assessor says show me, they are not asking to read your procedure again. They are testing whether your written process and your real process are the same thing. So they choose a real event, not a tidy one. Picture a QP-release pharma shipment that left your facility in March. The assessor points at that line and asks a chain of questions that all sound simple and are not: Which procedure applied to this shipment? Which version of it was in force that day? Who performed each step? Who had the authority to release it, and did that named person actually sign, and when? Where is the trail that proves all of it?

Answer those in one place, in order, and the audit moves on. Answer them by opening a document vault in one tab, a monitoring platform in another, a shared mailbox in a third, and saying the words we normally follow the current one, and the assessor has their thread. They will pull it, because you just told them it is loose.

Why the SOP is not the evidence

Having the SOP proves a document exists. It does not prove this shipment travelled the route the document describes, that the version followed was the current one, or that the required people signed at the required points. Those are different claims, and they live in different places for most operations. The procedure sits in the QMS. The execution is scattered: a step ticked in a spreadsheet, an approval buried in an email thread, a temperature record in the monitoring system, and a supervisor's memory filling the gaps. A followed process and a written process that quietly diverged look identical from the outside. Only a trace of a real event tells them apart, and the trace is exactly what the assessor asks for.

The reframe: an auditor is not grading your documents, they are grading your ability to reconstruct a real execution on demand. The uncomfortable minute is uncomfortable only when the record of what happened is scattered across systems and people. When the process records its own execution as it runs, the route, the version, the sign-offs, and the timestamps in one place, show me stops being a threat. It becomes a click.

What who signed off should actually mean

Who signed off and when is the most exposed question in any audit, and the one most often answered from memory. A defensible answer is not a name in a role box on a template. It shows that a specific person, with the authority to approve, actually approved this step on this shipment, at a recorded time, against a known version of the procedure. In a GxP or 21 CFR Part 11 environment that attestation is expected to be attributable, time-stamped, and protected from silent change. If your sign-off evidence is a signature on a paper form in a folder, or worse, an approval implied by the absence of an objection in an email thread, you are one determined trace away from a documentation finding. The full argument for why this is a design problem, not a discipline problem, is in why SOP not followed is a design failure, not a discipline failure.

The pre-audit exercise that actually helps

Do the assessor's job to yourself first. Before anyone external arrives, pick a handful of real recent shipments, deliberately including the awkward ones: an excursion, a dangerous goods pharma consignment, a return. For each, try to produce the single trace:

  • The route taken. Which procedure applied, and did this shipment follow the standard path or an exception branch?
  • The version in force. Can you name the version that was current that day, not the one current now?
  • The owners. Who performed each step, by name, not by role?
  • The sign-offs. Who approved, with authority, at what time, and is that attestation traceable to the person?
  • The trail. Is all of the above in one place, or reconstructed from four?

If any trace stalls, you have found the gap before the assessor did. That is the whole point. A binder rehearsed in advance only proves you can curate the happy path. Rehearsing traces on your own real events is the most honest pre-audit exercise there is, and it points straight at the record that needs fixing. It connects directly to GDP inspection readiness and to the excursion walkthrough in your logger caught the excursion, now what.

Why the gap keeps reopening

It is the tooling, not the team. The QMS proves a document exists but does not route the live execution or show which version was followed. The monitoring system proves the temperature, not the procedure around it. The diagram went stale on export. None of them holds the living, governed process that records its own execution, so the evidence has to be assembled by hand every single time an auditor asks. This is the structural gap in where does your operational process actually live.

Where FLOW fits

FLOW is the layer that turns show me into one record. Your critical processes live as one master process each, resolving to the exact route for the situation and carrying owner, version, sign-off, and audit trail as the process runs. When the assessor picks the March shipment, you follow the same trail they are asking for, in one place, current by construction: the route taken, the version in force that day, and the named, timestamped sign-offs. It keeps your QMS and monitoring exactly where they are and owns the governed process between them, and it is readable by the AI agents you will eventually point at audit preparation. The category argument is in the process system of record. To find your own loose threads today, the process graveyard audit takes ten minutes, and the security posture covers how the trail itself is protected.

Common questions

How do I answer an auditor asking for process evidence?

Hand over the SOP, then be ready for the real question, which is proof the SOP was followed on a specific shipment. The strongest answer is a single record for that shipment that shows the route actually taken, the version of the procedure in force at the time, who owned each step, and who signed the disposition, with timestamps. Reciting policy or producing a clean binder is not evidence of execution. The auditor is testing whether your written process and your real process are the same thing, so the answer they want is the trail of a real event, not a restatement of the rule.

What is an audit trail and what should it show for who signed off?

An audit trail is the sequenced record of what happened on a specific process execution: each step taken, when, by whom, and against which version of the procedure, including the approvals. For sign-off it should show who had the authority to approve, that the named person actually approved, and the timestamp, so the attestation is traceable to an individual rather than to a role or a folder. GxP and 21 CFR Part 11 environments expect these records to be attributable, time-stamped, and protected from silent change, which is why who signed off and when is a question you should be able to answer in one place, not reconstruct from email and memory.

Why is proving a SOP was followed harder than having the SOP?

Having the SOP proves a document exists. Proving it was followed requires evidence that this specific shipment travelled the route the document describes, that the version followed was the current one, and that the required people signed at the required points. Those two things live in different places for most operations: the procedure sits in a document vault, and the execution is scattered across emails, spreadsheets, a monitoring platform, and people's recollection. The gap between them is exactly where an auditor writes a finding, because a followed process and a written process that quietly diverged look identical until someone traces a real event.

What should I do before an audit to close the evidence gap?

Before the audit, pick a handful of real recent shipments yourself and try to trace each one end to end: which procedure applied, which version was in force, who owned each step, who signed the disposition, and where the timestamped trail is. If any trace stalls or forces a search across systems, that is the gap the auditor will find, and you have the chance to close it first. The lasting fix is not a better binder but a process that records its own execution as it runs, so the trace is a click rather than a reconstruction. Rehearsing traces on your own operation is the most honest pre-audit exercise there is.

Make show me a click, not a search.

Bring one audit-critical SOP to a 30-minute pilot session. Leave with the execution trail living in FLOW: the route, the version, and the sign-offs, ready to answer the assessor in one record.

Book a pilot →