6 CFR 115.203 – Audit contents and findings
(a) Each audit shall include a certification by the auditor that no conflict of interest exists with respect to his or her ability to conduct an audit of the facility under review.
(b) Audit reports shall state whether facility policies and procedures comply with relevant standards.
(c) For each of these standards, the auditor shall determine whether the audited facility reaches one of the following findings: Exceeds Standard (substantially exceeds requirement of standard); Meets Standard (substantial compliance; complies in all material ways with the standard for the relevant review period); Does Not Meet Standard (requires corrective action). The audit summary shall indicate, among other things, the number of provisions the facility has achieved at each grade level.
(d) Audit reports shall describe the methodology, sampling sizes, and basis for the auditor’s conclusions with regard to each standard provision for each audited facility, and shall include recommendations for any required corrective action.
(e) Auditors shall redact any personally identifiable detainee or staff information from their reports, but shall provide such information to the agency upon request.
(f) The agency shall ensure that the auditor’s final report is published on the agency’s Web site if it has one, or is otherwise made readily available to the public. The agency shall redact any sensitive but unclassified information (including law enforcement sensitive information) prior to providing such reports publicly.