By Afla KC, Level Up HR Solutions
Most small and medium business owners don’t think about an HR audit until something goes wrong. An employee files a complaint. A labour inspector shows up. A former employee sends a legal notice.
Suddenly, you’re scrambling through filing cabinets, searching for offer letters, leave records, and POSH training proof.
Here’s the truth: An HR audit isn’t punishment. It’s protection.
For SMEs and MSMEs in India, an HR audit is the difference between a small compliance gap and a catastrophic penalty.
In this blog, I’m giving you a complete HR audit checklist – broken down by category – so you can assess your business today.
What is an HR audit? (And why should you care?)
An HR audit is a systematic review of your HR policies, documentation, and practices against legal requirements and industry standards.
It answers questions like:
- Are all employee files complete?
- Is your POSH committee properly constituted?
- Do your payroll records match your attendance registers?
- Have employees signed acknowledgements of all policies?
For SMEs, an HR audit typically covers 5 core areas: documentation, compliance, payroll, performance, and safety.
Let’s walk through each one.
The complete HR audit checklist for SMEs
Section 1: Recruitment and hiring documentation
This is where most gaps start. If your hiring process isn’t documented, everything after it is shaky.
Checklist items:
☐ Do you have a clear job description for every role? ☐ Are interview scorecards or notes retained for at least one year? ☐ Do you have signed offer letters for every current employee? ☐ Have you collected and stored proofs of identity and address (Aadhaar, PAN, etc.)? ☐ Are appointment letters issued within the legal timeframe (usually within 30 days of joining)? ☐ Do you maintain a register of all applicants (for compliance with equal opportunity laws)?
Red flag: Missing appointment letters or unsigned offer letters.
Section 2: Employee personal files
Every employee must have a dedicated file – physical or digital – that contains their complete employment lifecycle.
Checklist items:
☐ Personal details form (emergency contact, declaration) ☐ Copy of signed appointment letter and any amendments ☐ Performance appraisal records (at least last two cycles) ☐ Leaves record (leave applications, approvals, balance statements) ☐ Salary revision letters with dates and signatures ☐ Training and certification records (especially mandatory POSH training) ☐ Disciplinary records (warning letters, show-cause notices, inquiry reports) ☐ Exit documents (resignation letter, relieving letter, full and final settlement acknowledgement)
Red flag: Missing exit documents – these are your best defence against post-employment claims.
Section 3: Statutory compliance documentation (India-specific)
This is the non-negotiable part. Indian labour laws require specific registers and filings.
Checklist items:
☐ Shops and Establishment Act registration – Is it displayed? Renewed? ☐ PF (Provident Fund) registration – If employee count >20 (or voluntarily) ☐ ESI (Employee State Insurance) registration – If applicable (wage limit and employee count) ☐ Professional Tax registration (state-specific) – Are you deducting and depositing? ☐ POSH Act compliance – Internal Committee formed? Annual report filed? Training conducted? ☐ Bonus Act – Are you maintaining the required registers if eligible? ☐ Gratuity Act – Do you have a registered trust or insurance policy? ☐ Labour Welfare Fund – Where applicable
Red flag: No POSH Internal Committee in a company with 10+ employees – that’s a direct violation.
Section 4: Payroll and attendance records
Payroll is where compliance meets cash. Errors here attract the fastest penalties.
Checklist items:
☐ Do you have a written attendance and leave policy? ☐ Are attendance registers maintained (physical or digital) for at least 3 years? ☐ Do monthly salary slips include all statutory deductions (PF, ESI, PT, TDS)? ☐ Are PF and ESI contributions deposited on time (monthly due dates)? ☐ Are PF and ESI returns filed within deadlines? ☐ Do you have an overtime register (if applicable) with signed entries? ☐ Are minimum wage rules being followed for all categories of workers? ☐ Do you have a clear policy on leave encashment and carryover?
Red flag: Salary slips don’t match attendance records – a common trigger for inspection penalties.
Section 5: Performance management and disciplinary records
Even good employees sometimes need corrective action. Poor documentation turns fair discipline into wrongful termination.
Checklist items:
☐ Do you have a signed performance review policy? ☐ Are probation periods defined in appointment letters? ☐ Is there a formal process for extending probation? ☐ Do you issue written warning letters before termination (except for gross misconduct)? ☐ Are performance improvement plans (PIPs) documented and acknowledged? ☐ Is there a clear grievance redressal process? ☐ Do you retain all disciplinary correspondence for at least 3 years after separation?
Red flag: Terminating an employee without any prior written warning or PIP.
Section 6: Health, safety, and workplace policies
Safety isn’t just about physical hazards. It includes psychological safety and policy awareness.
Checklist items:
☐ Is there a written POSH policy displayed and shared with all employees? ☐ Have all employees signed an acknowledgement of the employee handbook? ☐ Is there a first-aid box and emergency contact list displayed? ☐ Are fire safety measures in place (extinguishers, exits) as per local rules? ☐ Do you have an anti-ragging policy (if applicable for certain industries)? ☐ Is there a policy on substance abuse or alcohol at work?
Red flag: No display of POSH committee contact details – required under the POSH Act.
Section 7: Digital and data compliance (the new frontier)
With remote work and digital HR systems, data privacy is now part of HR audits.
Checklist items:
☐ Do you have a written IT and data usage policy? ☐ Is employee personal data stored securely with access controls? ☐ Do you have consent forms for storing Aadhaar and PAN copies? ☐ Is there a policy on monitoring emails, devices, or internet usage? ☐ Do you have a data retention and deletion schedule? ☐ Are you compliant with any sector-specific data rules (e.g., healthcare, finance)?
Red flag: Storing sensitive employee documents on an unsecured shared drive accessible to all.
How to conduct an HR audit: A simple 5-step process
You don’t need a big budget. You need a plan.
Step 1: Create a master checklist
Use
the checklist above. Add any industry-specific or state-specific requirements.
Step 2: Assign responsibility
Either your HR person, a trained manager, or an external partner like Level Up HR Solutions.
Step 3: Pull all files and registers
Physical or digital – g
ather everything in one place.
Step 4: Score each item
Green = compliant. Yellow = partial or missing documentation. Red = completely absent or outdated.
Step 5: Build a remediation plan
For red items: fix within 30 days. For yellow items: fix within 60 days. Track progress monthly.
What to do after the audit (the most important part)
An audit without action is j
ust a depressing report.
Priority 1 – Legal red flags: POSH non-compliance, missing statutory registrations, no employee acknowledgements. Fix these immediately. Penalties can include fines and even imprisonment for directors.
Priority 2 – Documentation gaps: Missing offer letters, unsigned policies, incomplete files. These don’t attract immediate fines, but they weaken you in any dispute.
Priority 3 – Process improvements: Inconsistent performance reviews, unclear leave tracking, outdated policies. Fix these to reduce future risk.
Pro tip: Set a recu
rring audit schedule – quarterly for small companies, half-yearly for medium, and always before any statutory inspection.
Why most SMEs fail an HR audit (and how you won’t)
I’ve seen the same three mista
kes again and again:
Mistake 1 – Verbal policies. “We told them during onboarding.” That’s not evidence. Get it in writing and signed.
Mistake 2 – Mixed filing systems. Some files in email, some on a laptop, some in a physical cabinet. No one can find anything. Centralise.
Mistake 3 – Outdated documents. The p
olicy from 2018 says different things than what you do today. Inconsistency is a liability. Keep everything current.
You won’t make these mistakes if you treat HR documentation as a business asset – not a chore.
How Level Up HR Solutions Can Help
At Level Up HR Solutions, comprehensive HR documentation support is provided to ensure your business remains compliant, organized, and audit-ready.