Auditors are permitted and encouraged to conduct documentation collection and review remotely. Auditors must follow the relevant PREA Standards (including 115.401(f), 115.401(g), 115.401(i), and 115.401(l)), and should carefully review the Auditor Compliance Tool and the Checklist of Documentation to confirm that they have reviewed all relevant documentation for each audit. Even remotely, auditors are always required to select documents for review, themselves, and must not rely on the facility or agency to make these selections.6
The Online Audit System provides a secure, electronic platform for auditors to collect and review sensitive audit documentation, including audit documentation that contains Personally Identifying Information (PII) or Personal Health Information (PHI), provided by audited facilities and agencies. The Online Audit System keeps all important documents in one place without risking loss, theft, or intercepted communications.
6 PREA Auditor Handbook, p.59.