Anyone here ever been audited ?

My entire project was audited by another large well-known management consultancy. The directors of the IB I was working for gave me 14 days to prepare. Came completely out of the blue.

Anyway, I wrote a 30 page report on the system and all the checkpoints it had been subjected to in painstaking detail. Final page was a bit rough, as I was running out of time, just made it a simple bullet-list of items that would be covered in the future.

Auditors came in for two days on-site and were a bit overwhelmed by the whole system, TBH. Gave them my report and they went away.

A month later, IB's directors call me in to seen a excellent report written by the Auditors, painstakingly detailed. You can guess the rest: It was my report verbatim, with the management consultancies cover page attached to it. The buggers hadn't lifted a damn finger. I even pointed out the very rough nature of the last page, as I'd run out of time - the auditors had been too lazy to even clean that up. Utter piss-take of the highest order.

The auditors charged the IB about £30k for their time. Nice work if I could get it.

Questions to ask the auditors
1. What internal controls are in place within your own organisation to prevent an employee passing commercially sensitive information over to our competitors?
4. Are you aware of any forms of compensation or benefits received by your organization's auditors, directors, or key employees that were not specifically approved by your board of directors that may indicate collusion with one of our competitors?
5. Are you aware of any inappropriate or undisclosed relationships between any of your company’s officers, directors, key employees?
6. Are you aware of any relationships between any of your companies officers, directors, key employees involved with this audit that appear to be less than ethical.
7. Are you aware of any relationships between any of your companies officers, directors, key employees involved with this audit and any employees of our competitors that appear to be less than ethical?
8. Are there any individuals involved in the auditing process who wield excessive control or whose work is not subject to adequate review by another individual?
9. How would you characterize the morale standards and professionalism of the auditing personnel and senior management of your organization?
10. Overall, how would you rate your organization in terms of how well we are protected against fraud?
11. What is the most important step we could take to further protect our organization against fraud?
12. What controls are in place to prevent you from overbilling our organisation?

Don't forget to inform them that their responses are being recorded for security reasons