Around three (3) weeks ago, I held a poll on LinkedIn in relation to ASQA’s audit practices during the COVID‑19 global pandemic. This poll arose after a number of RTO Doctor clients had, for the first time ever, faced audits that were conducted purely via telephone and my discussions with those providers about the impact and consequences that they experienced. Given there were more than a handful of my clients who had been exposed to this experience, I decided to undertake a poll for anyone who was willing to vote in relation to the appropriateness of ASQA conducting audits purely by telephone during COVID‑19. I committed to providing a small research report on the results. This paper is the said report.

The question from the poll was:

“ASQA conducted many audits via telephone during COVID‑19 lockdown. Do you believe that conducting audits in this manner is appropriate?”

The methodology of using the poll available on LinkedIn for what turned out to be such an important question was, in hindsight, not the best way of getting people’s feedback or allowing for any qualitative analysis. As it turns out, with the poll options provided by LinkedIn, you are quite limited in the number of answers, characters, etc. that can be used thus minimising a range of data that might have been quite useful. Perhaps the insights from this research might be taken up and conducted in accordance with appropriate research methodologies and tools. As a postgraduate researcher, I am well aware of the limitations provided by this methodology and admittedly, when I commenced, the poll was not genuinely intended to be of any significant use other than to create discussion in the sector. As it turned out, while the poll was in progress, this is actually a very meaningful topic of research that was of public interest. It should also be remembered that this was really small-scale research and only based on those who voted. It is possible other people chose not to vote for fear that the regulator might identify them through their profile image and details for example.

Perhaps NCVER might be interested in furthering such research - I’d certainly be happy to participate!

Online Reactions

It was interesting to see the discussion that took place concurrently with the poll, with some saying that ‘an audit is an audit’, some suggesting this was not ASQA’s practice, some suggesting this was perfectly fine and others suggesting that if ASQA were actually conducting audits in this manner it would be, according to them, inappropriate. Some people commented that they had undertaken an audit and it had been a mixed-method comprising email requests, telephone, Zoom or Teams and Dropbox and their experience of being audited using a mixed-method was best, albeit, it did have some downfalls.

Poll Results

 Rather than just provide a screenshot of the results of the poll, I would like to take the opportunity to provide them in the context of applying the legislation of the sector, predominantly the National Vocational Education and Training Regulator Act 2011 and the Standards for Registered Training Organisations (RTOs) 2015.

I have considered the various ways I might present the findings of the poll and what this might mean for ASQA’s future audit practices given that the COVID-19 pandemic continues to run rampant internationally and half of the VET sector (some might even say the most significant half) remains in a long-term lockdown or continues to go in and out of lockdown. In the end, I decided that I would present the findings and analysis of the poll results based on a case study of an RTO who did go through their audit entirely by phone over a 2-day period.

Case Study

This RTO was a small, niche RTO that only delivered training to domestic students albeit, they had unintentionally enrolled some international students on a student visa for their First Aid and CPR courses. It was one of the RTOs I was thinking about when I listed the poll. The audit took place in late 2020 although the notification of the audit first came in February 2020. The provider only delivers aged care, first aid and CPR and has been registered since 1999. The RTO is in receipt of government funding and was considered a low-risk RTO for all of its registration until recently. Its last real audit from ASQA was in late 2011 for an amendment to scope. Since then, it has had no audits from ASQA but numerous from the funding body, passing all audits with little or no issues of non-compliance. The RTO had no complaints on its complaints register and, as far as it is aware, has never had a formal complaint about it made to the regulator or funding body. It received its first notice of audit in February 2020.

Best Practice Regulation

What does the literature say about best practice regulation?

In May 2021, the Department of Premier and Cabinet published an update ‘Regulatory Impact Analysis Guide for Ministers’ Meetings and National Standards Setting Bodies’. In its opening pages is a description of why an update had occurred; this included:

This Guide replaces the October 2007 Council of Australian Governments (COAG) document titled Best Practice Regulation: A Guide for Ministerial Councils and Standard-Setting Bodies. It implements the National Cabinet’s agreement to the recommendations of the October 2020 Review of COAG Councils and Ministerial Forums: Report to the National Cabinet by Mr Peter Conran AM (the Conran Review), in relation to the application of Regulatory Impact Analysis (RIA) to regulatory decisions taken by intergovernmental decision-making bodies. Specifically, the Conran Review recommended that:

Regulatory Impact Analysis should continue to be done for all major intergovernmental decisions affecting business, individuals and/or community organisations, with the Office of Best Practice Regulation to administer these settings and streamline and refine the relevant framework and guidance material accordingly.[1]

In prescribing the RIA requirements for decision-making bodies, this Guide outlines:

·      Principles for best practice regulation;

·      Guidance for undertaking RIA; and

·      Steps for policy officers to take in preparing a regulation impact statement (RIS).

State and territory governments have also produced guidance material on best practice regulation to assist decision-makers to undertake RIA and make sound regulatory decisions. However, to avoid doubt, in the case of the Council on Federal Financial Relations, National Cabinet Reform Committees, Ministers’ Meetings, and National Standard Setting Bodies, this Guide should act as the primary source of direction on RIA.[2]

To ensure consistency, this research will also adopt the meaning of ‘regulation’ taken from the above report which states:

For the purpose of this Guide, ‘regulation’ refers to any rule endorsed by government where there is an expectation of compliance. This includes the broad range of instruments which impose mandatory requirements or otherwise impact upon the behaviour required of businesses, the community or individuals.[3]


Whenever government agencies make what it calls ‘substantive policy decisions, those decisions must always be accompanied by a Regulatory Impact Statement (RIS). It applies where businesses or individuals might need to adapt or pursue their business or interests in other ways as a result of the policy proposal or amended policy proposal. It also applies to principal and delegated legislation, administrative directions, and Standards for example.

Conducting a Regulatory Impact Analysis (RIA) provides a backdrop or framework for how regulatory practice should take place in consideration of all the pros and cons of implementing the form of regulation proposed (both positive and negative). In enforcing consideration of the impacts to those who will ultimately be regulated as a result of the government policy, legislation or delegated legislation, it is essential in highlighting all implications on business, individuals and the economy.

Where organisations or government departments in Australia feel that a RIS is not required, they must first obtain permission for an exemption from the Office of Best Practice Regulation (OBPR). The exemption letter will include the reason why an exemption was granted and a RIS not prepared and, even in the event of an exemption, the RIS must address what the OBPR calls ‘question’ 5 of the OBPR Guide. While the concept of ASQA undertaking a RIS prior to announcing changes to its audit regime during the COVID-19 global pandemic apparently does not fit in the RIS category (although it could be argued that it does because of the significant impact it has had on businesses and individuals), what can be seen throughout other areas of this mini research report is that such significant changes to its regulatory practice might well have benefited from one.

Regulatory Failure

In his book ‘Governing through Regulation: Public Policy, Regulation and the Law’, Eric Windholz discusses the concept of regulatory failure, suggesting that more often than not, regulatory failure occurs because of ‘poor planning, poor execution and bad politics’.[4] Certainly around the time of the management of the outbreak of COVID‑19, and even still today while governments allegedly did their best, there has been much regulatory failure, much poor planning, much poor execution and certainly plenty of poor politics and the consequences of that are far-reaching. An example of this was discussed in RTO Doctor’s #30days30tips on Tuesday 3 August 2021 in relation to ASQA’s ‘Hibernation’ proposal for RTOs. That example alone is a perfect example of where regulatory legitimacy was destroyed and in some ways, has not recovered.

Regulatory legitimacy basically means that regulation and the activities undertaken by regulators is absolutely essential where a regulator is seeking to obtain change, particularly behaviour change, of the regulated. Acceptance, respect and credibility all form part of a regulator’s legitimacy and, like so many things in human behaviour and control, can be subjective and perception, based on whoever is asking the question about regulatory legitimacy, it is important when considering whether a regulator has effectively discharged itself of its obligations or even physical. On that basis then, one understands that compliance, as mandated by all stakeholders, must be driven by compassion while also embracing technology and what it can provide in terms of regulatory techniques.

AS/nzs iso 19011:2019 Australian/New Zealnad Standard -
Guidelines for audit management systems

The ISO Auditing Standard offers the following advice in relation to best practice auditing in remote situations. The audit methods chosen for an audit depend on the defined audit objectives, scope and criteria, as well as duration and location.

Section 6.4 relates to the conduct of audits and states that audit activities are usually conducted in a sequence similar to the one below:

Audit 2.png

Interestingly, I note that the Standard makes reference to the following:

The feasibility of remote audit activities can depend on several factors (eg. the level of risk to achieving the audit objectives, the level of confidence between auditor and auditee’s personnel and regulatory requirements).


Under A.1 Applying Audit Methods, there is a table that features the types of methods that should be used where there is human interaction (clearly, this would be the case in an ASQA audit but also clearly when the audit is conducted by telephone). This table is presented next because it describes that where there is human interaction, in remote audits, there are certain methods that should be used that were not in this case study and, as far as I am aware, numerous similar cases.

Audit 3.png

In assigning roles and responsibilities of people involved in the audit, the audit team leader must ensure that the quality of the audit is upheld regardless of how many people are taking part for a whole range of reasons including, for example, access, health, safety, environmental, security and confidentiality. It seems to be of significant concern that a telephone audit will likely not be able to comply with these issues in remote audits unless they are accompanied by other measures. The standard also suggests that ‘the audit methods chosen for an audit depend on the defined audit objectives, scope and criteria, as well as duration and location.’[5] 

Given the fact that these are regulatory audits whose outcomes are so critical, it would seem that the Standard should be adhered to. Let’s not forget that regulatory audits of this nature have the capacity to, for example, cancel the registration of a small (or large business) and the consequences of that decision are substantial for everyone involved in the RTO. The most significant purpose of an ASQA audit is to determine if the RTO meets the requirements of the Standards for RTOs and complies with its registration conditions. It is unclear how this can be confirmed via a telephone call and placing certain evidence in Dropbox or the like.

The AS/NZS ISO auditing standard also discusses audit risks and opportunities. Any audit must be able to produce credible findings and that the audit itself was integrous and without risk. How these risks are identified and managed also forms a critical part of the findings and opportunities identified through the audit process. Effectively, if there is any risk that the audit has not been conducted in a manner that is based on credible audit methods, the audit process and validity of the findings are compromised.

The life cycle and timing of an audit is also a key risk to the credibility of the findings and the procedural fairness of any decisions that are made based on those findings. Audits are always said to be a representation of a ‘moment in time’. However, when an audit is conducted remotely in this manner, it would appear that the audit could potentially not have a firm commencement or end date. In fact, I personally have caught out ASQA auditors on this very issue where they claim the audit took place on ‘x’ date but the evidence that they have relied upon in the findings is actually related to completely different dates. Once upon a time, you would have an opening meeting and an exit meeting in an audit that is procedurally fair. Even though ASQA no longer conducts their audits in this manner (eg. they consider evidence outside the audit dates and the auditor will often conduct interviews with stakeholders of the RTO well after the audit has ‘closed’), they still ask that providers sign opening and exit meeting checklists. To be blunt, even though you may have signed the exit meeting document provided by ASQA, the audit continues well after the document has been signed by both parties and only ends when the auditor decides, usually without the knowledge of the RTO being audited.

The AS/NZS ISO auditing standard also discusses virtual or remote audits (although the Standard does differentiate between the two) and certain considerations that need to occur to ensure the audit is conducted in a manner consistent with the auditing standard. Considerations such as using agreed devices and software, capacity to access and use that software or device, consideration of privacy and confidentiality at all times, especially when taking screenshots of evidence or storing it in a cloud-based software system such as Dropbox, Google Drive or One Drive. It discusses considering interrupting, rescheduling or continuing audits where incidents occur that are not helpful or fair in the audit process, the management of evidence collected after the audit including who will have access to it and for what purpose. While it is acknowledged that the regulator has the capacity to issue a section 26 notice anyway for the same evidence, the operation of section 26 is not usually how audit evidence is obtained and retained (except in the case of a few permanent staff auditors from ASQA who have abused the issuing of a section 26 notice). If a remote audit must be conducted, the planning and preparation of the audit must consider the risks, technical checks and ensure that there are contingency plans available if required.

There are of course a large number of other considerations in relation to the AS/NZS ISO auditing standard which are outside the scope of this short research paper. Given ASQA has a large number of auditors who do not meet the Schedule 1 requirements of the Standards for VET Regulators, it is not inconceivable that they are unaware of what best practice auditing involves and the damage and consequences that conducting such audits can cause.

National Vocational Education and Training Regulator Act 2011 & the Standards for VET Regulators 2015

The National Vocational Education and Training Regulator Act 2011 (“NVR Act”) also has requirements in relation to how the national VET regulator performs its duties. This includes ensuring that the national VET regulator is procedurally fair in the role it is required to undertake, including in the decision-making process. The Standards for VET Regulators 2015 made under subsection 189(1) of the National Vocational Education and Training Regulator Act 2011. Standard 1 is specifically the focus of this report with the context of Standard 1 included below:

Audit 4.png


Note the spelling out of how the quality of RTO regulation is crucial to ensure the credibility of the VET system, this is what was referred to earlier in terms of the credibility of the findings based on the audit methods used and the consequences of a poor audit methodology. Here, the context is also explicit - the quality of regulation is achieved by ensuring audit practices are fair, risk-based, transparent and meet legislative requirements. To demonstrate compliance with Standard 1, the national VET regulator (ASQA) must meet certain criteria, not unlike RTOs. There are a few but this paper really wishes to highlight the following:

1.9      The VET Regulator ensures that its auditors:

a)    adopt contemporary best practice auditing approaches; and

b)    exercise their judgement in a manner which maximises consistent interpretation of the Standards for RTOs, audit practice and findings across audits; and

c)    from 1 January 2016, meet the national competency requirements for auditors specified in Schedule 1.

1.10   The VET Regulator makes decisions in a manner consistent with the principles of natural justice and procedural fairness.

1.11   In conducting industry reviews and projects, the VET Regulator engages with other regulators as appropriate, including industry regulators, and with industry.

I have highlighted these clauses of the Standards because even though ASQA is accountable to nobody and they are a law unto themselves, clauses 1.9 through to 1.11 make it clear that they adopt best practice auditing approaches, meet the national competency standards from 1 January 2016 (we are not 5½ years later), audit decisions must be consistent with natural justice principles and procedural fairness (therefore, the audits themselves must be consistent with these principles) and where required, they should engage with other regulators where appropriate. It is really unclear how these requirements can be met if an audit is conducted solely by telephone. Interestingly, this is also captured under Standard 6 of the same Standards:

Audit 5.png

There is also a standard related to lodging complaints about ASQA and while a complaint was made by the RTO in the case study, it did not follow the requirements for lodging a formal complaint and it was more a case of advising of their concerns of procedural fairness. Like the majority of RTOs, they were reluctant to lodge a formal complaint about ASQA because they feared retaliation, something that other RTOs have certainly experienced.

Clause 1,8 of the Standards for RTO's 2015

So all of this got me thinking about the decisions being made based on the evidence collected where an audit is conducted entirely by phone which is exactly what the poll was about. For the purposes of keeping everything in one document, the tables from clause 1.8 of the Standards for RTOs are copied below. I will provide a statement against each after the screenshot:

Audit 6.png


If we consider the statements in the box against this requirement, it is unclear how the RTO’s needs might have been considered (if at all) during the audit (assessment) process. It is more likely that due to the COVID‑19 pandemic requiring lockdowns, that the various auditors involved simply considered their own ability to conduct an audit (assessment) in a manner that suited them. I am acutely aware that no other option or alternative method was provided and the CEO was simply told the audit would be conducted by phone.

It would appear that no reasonable adjustment as such was applied throughout the audit process. The CEO made it very clear and very consistently throughout the 2‑day audit that she was feeling very anxious, didn’t understand a lot of the additional requests that the auditor was making (additional requests means evidence over and above what had been requested via email), did not have the benefit of her staff assisting her in the audit because of the lockdown process and so couldn’t locate a lot of the things that the auditor was requesting; someone else in the organisation managed the storage of data. As a result, the auditor requested that very specific evidence be uploaded to Dropbox no longer than the end of the day.

Of course the issue about staff not being available to assist remained even at COB that day because they were in lockdown and the request also assumed that the CEO was proficient in being able to use Dropbox. As an older lady who is technologically challenged, this proved to be an obstacle that was never overcome throughout the entire audit process. Through my own experience working with this client, the CEO is not familiar with Dropbox, how it works, etc. Therefore her ability to complete this in the time required was completely unreasonable and did not align with best practice auditing approaches as described earlier. While the RTO had the ability to challenge the result of the audit outcome, it didn’t really assist the provider because subsequent auditors did not take on board the circumstances of how the audit took place and the issues previously outlined. In fact, the appeal auditors insisted that the client remained not compliant with those criteria, remediation was still necessary without ever questioning the credibility and validity of the evidence and how it was collected.


It was, I believe, very clear to identify what some of the CEO’s needs were during this audit process. Being anxious, it would have assisted the CEO’s ability to calm down and feel less anxious if she could ‘see’ the auditor and her body language through a webcam. The auditor might have got a better understanding through visually identifying the CEO’s anxiety. The auditor might have been able to assist the CEO using a share screen to use the data storage software better. The auditor might have been able to better explain the types of evidence she was looking for and why by visually describing it to the CEO. As most educators are aware, everyone has different learning styles. For me personally, I am very much a visual learner and so for me to be able to understand and explain something, I need to be able to see the requirements and how I am responding to them.

The audit evidence that was collected by telephone and Dropbox as described in this case study means that there was a strong chance that had the CEO properly understood the request and the reason for the request, she would have provided additional and very different evidence. She didn’t understand what the auditor was asking despite advising the auditor of such several times throughout the audit process. As such, the CEO simply provided what she thought the auditor was looking for and hoping it was right, expecting the auditor to say ‘yes, this is exactly the evidence I was seeking’ or ‘no, unfortunately, this is not what I am after.' The type of evidence you might have to demonstrate compliance for this criteria might be ‘a, b, c, d’ or similar.

The audit certainly did not draw from a range of audit (assessment) methods. The audit only took place by telephone and the data was collected and stored in Dropbox. Some of the evidence that was required to be uploaded were things like student logbooks and placement activity portfolios for example. Booklets that were, in some cases, almost one hundred pages long with photos attached, etc. For someone who is unfamiliar with cloud-based technology because there is usually another person whose job role it is to manage these tasks, this would be an overwhelming request.


It is questionable whether the judgement being made about the suitability of evidence to demonstrate compliance with a specific clause or Standard can be demonstrated in this manner (telephone requests for evidence only). It would seem that at the very least, any criteria which involves the demonstration of practices might be challenging to evidence over the phone. As the AS/NZS auditing standard suggested, for remote audits where there is human interaction, it would be expected that observations are performed using webcam or smartphone technology at the very least. Using the same devices might also help demonstrate the premises and resources and confirm that the premises and resources being demonstrated are actually in the registered building (this is a very common allegation of non-compliance that ASQA auditors make, even more so when the audit decisions are under appeal and a new auditor takes over), they can’t see evidence of these things so, in the revised audit report, there is often a new allegation of non-compliance because it wasn’t properly assessed or recorded the first time.

It’s not possible to rely on the findings of an audit being conducted in this manner because there is insufficient evidence to demonstrate the practical integration of performance within the RTOs operations. There is also a lack of validity and the integrity of the decision-making process when an auditor is telling the CEO over the phone what evidence they want to see. This is because the auditor is making an assumption, firstly that the evidence they have requested is the evidence that this RTO would produce and secondly, that this evidence is the best way of the RTO demonstrating compliance with specific criteria. It would be extremely inappropriate for an auditor to make a judgement about how certain evidence is to be applied to demonstrate compliance. It may be that the RTO has different evidence that is more suitable, an auditor should not assume that they know what the RTO’s processes and evidence looks like.


If the auditor is identifying and selecting the evidence that they wish to review, and that evidence is not the best evidence available to demonstrate an RTO’s compliance, then it will by default, also not be reliable in terms of being able to be consistently interested and, as eluded to in the section previously on validity, this is even more so when the audit decisions are under appeal and a new auditor takes over; they can’t see evidence of the criteria audited so, in the revised audit report, there is often a new allegation of non-compliance because it wasn’t properly assessed or recorded the first time. In summarising this risk then, not only would the evidence be unreliable but it would not be valid. The auditor’s decision would be unfair because it did not consider the CEO’s needs and the fact that different evidence that the provider might have presented had they understood what would be more appropriate and it certainly wouldn’t have been fair.

Audit 7.png


It is not possible, based on the information previously under validity, fairness, reliability and flexibility that the auditor can be assured that the evidence is valid against any specific criteria. It is my experience that ASQA’s auditors have a long history of putting the cart before the horse and saying, ‘we want to see this evidence and that evidence and we will tell you if you are compliant’, particularly when it comes to compliance monitoring and complaint audits. As discussed earlier, an auditor should never assume that they know the best evidence an RTO can produce; in fact, it’s not their role to assume anything about the evidence. It is their role however to review any evidence presented by the RTO as evidence of compliance.


As per previous responses to the Principles of Assessment and Rules of Evidence, an auditor should never make a determination of sufficiency if they have not allowed the provider to determine what evidence they want to present as their evidence of compliance. As long as an auditor makes assumptions about the quality, quantity and relevance of the evidence requested by the auditor as opposed to being provided by the RTO to demonstrate compliance, the higher the risk of the findings not being sufficiently credible to ensure that the audit findings can stand up to scrutiny.


It would be very, very difficult for an RTO or its CEO or staff to determine the authenticity of the person standing behind the telephone and that they are who they say they are and they are not accompanied by anyone else. There is no possible way that the CEO in the case study could have known who she was talking to (she’d never heard of the auditor before let alone met her), that she alone was undertaking the audit (after all, if you can’t see who is on the other end of the phone line, you would never know if there were half a dozen people listening in and participating in an audit without it ever being disclosed). Just because the auditor might be on the phone and send you an email with the opening meeting checklist attached asking you to return it, does not for an instant confirm that they are who they say they are.

There is no possible way that the auditor can be confirmed as being an official ASQA auditor and that they are in attendance under the relevant section of the NVR Act, that they have ID as required under the Act, who might the observers be (if any), who are the technical experts present (if relevant), are there any other people present? If so, who and why? There is no evidence to confirm that the person on the other end of the phone is the same person who will review the evidence or write the report. There’s also no evidence of when the ‘moment in time’ commences and ends (this particular issue applies to all other requirements in the Principles of Assessment and Rules of Evidence also). There are many issues related to authenticity and the management of an audit process but this gives a small snapshot into some of the bigger issues.


The issue of currency of the evidence in this particular case was interesting; this was made so interesting because of the time the original evidence was collected (pre-audit information collected, student names, enrolment data etc., and the TAS and units of competency, including completed student assessment records) and when it was being ‘assessed’ against the criteria at that ‘moment in time’. Let me explain…

Currency requires that the evidence being used for consideration of compliance is from the past or very recent past. If we also consider ASQA’s completed student assessment records retention requirements as they apply to this RTO, this means that they only have to retain the last six (6) months of student assessment records. The original audit (as per the case study) was notified in February 2020, the TAS for the aged care qualification and first aid delivery as a stand-alone unit, all training and assessment materials for four (4) units of competency that were specified by ASQA, including one which was workplace based and another being first aid (separate to the four (4) in the qualification) and the student enrolment data was requested at this time also. There was a subsequent email requesting completed student files in their entirety (enrolment and assessment) for ten (10) students that the auditor selected from the student data spreadsheet that ASQA supplies. This evidence was also provided and an audit date was scheduled for the beginning of April 2020.

A couple of days prior to the scheduled audit date, ASQA advised that there was a change of auditor and it needed to be rescheduled. It was rescheduled for a couple of weeks later. At that time, the RTO had some staff who had been asked to self-isolate due to COVID‑19 and the RTO was unable to participate in the audit on the said rescheduled date. Several months went by and the CEO asked ASQA if they were going to reschedule the audit. A date was rescheduled for September 2020 and now only included the aged care qualification and the four (4) units of competency as first aid was no longer being considered. It was advised that the audit would be conducted by phone and using the evidence that had already been submitted.

So what was the problem with the currency of the evidence you ask? The original evidence was submitted to ASQA late February 2020, the audit was relying on that evidence for the purpose of the rescheduled audit seven (7) months later (outside the assessment retention requirements). Most of the evidence had been archived because that evidence was now outside the General Direction for assessment retention. Further, while some students were still enrolled, they completed the units that had been selected, in some cases, up to twelve (12) months prior because they were part-time. Therefore, none of the evidence was current. What’s more, the delivery arrangements that took place nine (9) months prior were no longer consistent with the delivery and assessment practices that were now in place due to COVID‑19. The auditor was still relying on the TAS that was submitted in February. There were students amongst the sampled cohort whose enrolments had been suspended because of the COVID‑19 lockdowns and the fact that aged care facilities could not accept students on placement during the pandemic. Therefore their enrolment was not consistent with how the enrolment policy, course progress policy, etc. would normally operate.

As you can see from this short example, there are many reasons why the currency of the evidence upon which the audit decision was based lacked credibility but was actually upheld by ASQA. Considering each of these requirements for the Principles of Assessment and Rules of Evidence, again it is unclear how an audit conducted by telephone can produce audit findings that have credibility and will be able to withstand scrutiny.


As has been highlighted by this report, to undertake a regulatory audit where the consequences of failing the audit are so severe, not only is it inappropriate to undertake an audit purely by telephone, but it is also inconsistent with best practice audit approaches and therefore in breach of the NVR Act and the Standards for VET Regulators 2015. Unsurprisingly, it is also entirely consistent with the results of the poll on LinkedIn in which the clear winning vote was ‘No’, audits should not be undertaken by phone only. The results of the poll are provided below:

AUdit 8.png


No was closely conducted by video. Another option that I tried to attach to the poll but was unable to due to the lack of options available on the LinkedIn site was ‘a mixed approach (eg. phone, video, etc.)'. I do believe that had this option been available, it would have significantly altered these results.

What is also painfully clear is that had the audit from the case study had the Principles of Assessment and Rules of Evidence from the Standards for RTOs 2015 applied, it would not have been deemed suitable. Further, and perhaps more concerningly, it would appear that the audit was not really conducted at a ‘moment in time’ but rather over a period at least twelve (12) months in which there were significant changes due to a global pandemic.

The number of votes in the LinkedIn poll were also small as indicated at the beginning of this report. The ability to make any solid decisions from the report are somewhat limited due to the challenges inherent in the voting process as earlier described.

It is my opinion that it would be incredibly beneficial to the sector and ASQA if NCVER were to conduct research in this area or provide funding for such a research project to be undertaken. Given that the outcomes can only lead to continuous improvement and better regulation and that ASQA is not really accountable to anyone, Saxon Rice, as the CEO and Chief Commissioner of the national VET regulator, might find significant benefits in undertaking research along these lines at least annually. For now, as long as lockdowns continue, it is hoped that this research report will lead to better audit practices by the national VET regulator across the board.

[1]  Conran Review, Recommendation 24. See also Conran Review pages 31-33.

[2]  Commonwealth of Australia, Department of the Prime Minister and Cabinet, Regulatory Impact Analysis Guide for Ministers’ Meetings and National Standard Setting Bodies, May 2021 <>.

[3]  Ibid, page 5.

[4] Eric Windholz, ‘Governing through regulation: Public Policy, Regulation and the Law’ 2019, page 107.

[5]  AS/NZS ISO 19011:2019 Australian/New Zealand Standard - Guidelines for auditing management systems, page 23, para 6.4.5


This is 'general advice' however, readers are encouraged to see their RTO Lawyer as soon as possible. If you would like to be referred to an RTO legal specialist, please contact me for a discreet referral.

#ASQA #proceduralfairness #AAT #regulation #howmanymore #CRICOS #vetreform #law #enoughisenough


RTO Doctor

The first choice for RTO sanction management and compliance assistance.
RTO Doctor assists VET & international education providers around the country to ensure their compliance with their regulatory requirements; a critical issue for RTOs around the nation currently experiencing a very hostile and punitive regulatory environment. Raelene Bartlett, Founding Director of RTO Doctor published the book CRICOS CPR: Top 5 Tips to Rescue Your RTO as a way of supporting providers in navigating this minefield.

She has also published the number 1 international bestseller in 3 categories "Legal Decision-Making Under The National Vocational Education And Training Regulator Act 2011 (Cth): An Investigation Into Access To Merits Review" and more recently, the book that sold out on Amazon - The Human Toll: Is Regulation Under the Australian Skills Quality Authority Destructive? 






What our clients are saying about us

  • Raelene Bartlett is a legend in the education space.  Her knowledge of the applicable law, The Standards and her experience in acting for many hundreds of providers is without parallel.  Her dedication to her clients and her stubborn adherence to her vision of a broader, fairer and more open education space for providers sets her apart from other players in the space. 

    There is no ‘near enough is good enough’.   Perfection is the only option.  Her loyal following from her clients and has earned the fearful respect of the regulator."

    RTO Lawyer
  • “As an experienced lawyer working extensively with RTOs in their dealings with ASQA and in applications to the AAT, I have worked with Raelene helping many RTOs over many years. With Raelene, you know she’s in your corner, but at the same time she brings much-needed objectivity and a clear-sighted approach in advising RTOs. Her comprehensive knowledge of the VET sector, including the legislation and Standards which regulate it and the policy and approach adopted by ASQA in overseeing it, are invaluable to RTOs but also to me in formulating and implementing the right legal strategy for each client.  Raelene is an excellent ally in ensuring success.”

    RTO Lawyer
  • “We approached Raelene when we got the cancellation notice from ASQA as we wanted someone who could combine the legal mind with compliance knowledge and help us with not only rectification but develop an overarching strategy to fight what was very obviously a wrong and out of proportion decision by ASQA. She also stuck with us as a client till the very end ,ensuring a positive outcome unlike some in the industry who tend to bail out when things get to the hairy end.  Raelene remains one of very few people I have known with a zero error approach and capacity to do so.  
     We remain grateful to her for what she brought on the table for us and gave us not only hope but led the strategy and execution, freeing us to focus on ensuring that the wolves did not circle the RTO when under stress."

    RTO Owner
    Australia Wide
  • Raelene changed the paradigm of how we deal with regulators. She forces them to play by the rules rather than letting them throw their weight around unchallenged. As a result, even after multiple attempts to sanction or cancel us they have never been successful. Also, Raelene has worked with our RTO to become as compliant and bullet-proof as possible.
    Now regulatory interaction is an occasional annoyance, not an existential threat.”

    RTO Owner
  • “I’ve worked with Raelene over several years and seen first-hand her invaluable assistance in reforming RTOs to prepare for proceedings in the Administrative Appeals Tribunal, and helping me to prepare for hearings. Her knowledge, diligence and attention to detail are first-rate, and I would happily recommend her to any RTO.”

    Travis Mitchell
  • With our RTO facing a cancellation decision by ASQA at Tribunal and having already engaged and worked with 4 different compliance consultants, it was with great fortune we were referred to Raelene Bartlett Founding Director of RTO Doctor to assist us with our fight with ASQA.  

    Raelene has been instrumental in winning our case after 2 years with ASQA and we have no hesitation in recommending her and RTO Doctor .

    RTO Owner
    NSW, Qld
  • I have worked with a number of consultants over the years but RTO Doctor has been by far the best. In my view the knowledge that she brings to the audit process is first class. 

    Rathini Sonnadara
    Training Operations Manager St. John Ambulance
  • I just wanted to take this opportunity to thank you so much for all of your loving support & guidance over the last week. Closing an RTO is one of the most stressful experiences I have been through in my ten years as a successful small business owner. 

    Michelle Merrifield
    Essence of Living

Request a callback

Send us a callback request and Raelene will endeavour to contact you as soon as possible.

If your emergency is urgent, we will do our best to contact you within a few hours. If your emergency is non-urgent, we will contact you within 48 hours.

Already verified you are human.