Auditing your own Managers: Internal review tips

Let's talk about the elephant in the room: auditing your own management team feels weird. These are the people you trust, the ones who keep your facility running when you're buried in strategic planning or putting out fires. But here's the reality: if your managers aren't staying compliant, your entire organization is at risk when CARF, The Joint Commission, or COA shows up for a survey.

This is the sixth post in our Management Coaching Playbook series, and we're going practical today. No fluff, no theory: just actionable strategies to help you audit your managers without destroying morale or creating a toxic "gotcha" culture.

Why Internal Management Audits Actually Matter

You already know that surveyors don't just look at policies and charts. They interview your managers. They observe how your team leads handle crisis situations, documentation backlogs, and staff supervision. If your Program Director can't explain your QAPI process during a Joint Commission tracer, or your Clinical Supervisor doesn't know which consent forms are required under COA standards, that's what ends up in your findings report.

Here's what we see happen when directors skip internal management audits:

❌ Managers create workarounds that violate your policies (even with good intentions) ❌ Documentation gaps go unnoticed until a payor audit or accreditation survey ❌ Staff training becomes inconsistent across departments ❌ Compliance drift happens slowly, then suddenly becomes a crisis

Internal audits aren't about catching people doing something wrong. They're about identifying system gaps before external auditors find them.

Set the Foundation: Make It Safe, Not Scary

The biggest mistake directors make? Treating internal audits like "surprise inspections" that create paranoia. Your managers need to understand that this process exists to support them, not punish them.

Start with transparency:

✅ Schedule audits in advance (quarterly works for most facilities) ✅ Share the audit criteria ahead of time ✅ Frame it as "compliance check-ins" rather than "audits" ✅ Emphasize that findings = opportunities for improvement, not performance write-ups

When you create psychological safety around the audit process, your managers are more likely to flag their own concerns rather than hiding problems until they explode.

The Framework: What to Actually Audit

You can't audit everything at once (and you'll burn out trying). Here's a practical framework that covers the high-risk areas CARF, TJC, and COA consistently focus on during surveys:

1. Documentation Accuracy & Timeliness

Pull 5-10 random clinical charts from each manager's department. Check:

• Are treatment plans signed within required timeframes?

• Do progress notes justify the level of care?

• Are all required assessments present (intake, psychiatric, medical)?

• Is there evidence of supervisor co-signatures where required?

Red flag: If you see copy-paste language across multiple charts, that's a documentation quality issue that needs immediate attention.

2. Staff Supervision & Training Compliance

Review your managers' supervision logs and training records:

• Are they conducting weekly clinical supervision as required by licensure?

• Do they document supervision topics (not just "supervision completed")?

• Can they produce proof that their direct reports completed annual HIPAA, safety, and ethics training?

• Are new employees receiving competency assessments during their first 90 days?

Pro tip: COA specifically looks at whether supervisors are addressing performance improvement in supervision sessions, not just case management.

3. Policy Implementation (Not Just Policy Creation)

This is where the rubber meets the road. Your Policy & Procedure Manual might be beautiful, but are your managers actually using it?

Test this by asking scenario-based questions:

👉 "Walk me through what happens when a client tests positive for substances in our IOP program." 👉 "Show me how you handle a client grievance from start to finish." 👉 "What's our protocol if a staff member calls out sick 30 minutes before their group session?"

If your manager can't reference the actual policy or their answer contradicts what's written, you've found a training gap.

4. Incident Reporting & Root Cause Analysis

Pull your incident reports from the last quarter. Check:

• Are incidents being reported within the required timeframe (usually 24 hours)?

• Is your manager conducting root cause analysis for serious events?

• Are corrective actions documented and followed up on?

The Joint Commission doesn't just want to see that you reported an incident: they want evidence that you learned from it and implemented changes to prevent recurrence. If your managers are filing reports but skipping the RCA process, that's a major finding waiting to happen.

5. Financial & Billing Compliance

Even if you have a separate billing department, your clinical managers need to understand documentation requirements for reimbursement. Sample check:

• Can they explain what constitutes "medical necessity" for Medicare/Medicaid?

• Do they understand why certain services require prior authorization?

• Are they reviewing claims denials and working with billing to correct documentation issues?

Real talk: Most recoupments happen because clinical managers don't realize their documentation is insufficient until months later when the payor audit hits.

Don't Just Rely on What They Tell You: Verify

Here's a principle from the research that's critical: Don't accept assertions at face value. Your managers will (almost always) tell you things are fine. Your job is to independently verify.

This means:

✔ Shadow their work for a day. Sit in on their staff meetings, observe group facilitation, watch how they handle real-time crises. ✔ Interview their direct reports. Ask frontline staff what they understand about policies. Gaps in understanding = gaps in training. ✔ Use data analytics. Pull reports on late documentation, missed supervision sessions, or incomplete assessments. Numbers don't lie. ✔ Request supporting documentation. If a manager says they completed fire drill training, ask to see the sign-in sheet and drill report.

Independence and objectivity are everything. If you only audit based on what managers say is happening, you're going to miss the real issues.

Red Flags That Require Immediate Attention

Some findings are "fix this over the next quarter" issues. Others are "we need to talk today" problems. Here are the red flags that should trigger immediate action:

🚩 Falsified documentation (signatures, dates, clinical notes) 🚩 Unauthorized policy workarounds that violate licensure or accreditation standards 🚩 Unreported critical incidents (client harm, staff misconduct, safety violations) 🚩 Patterns of staff complaints about a specific manager 🚩 Consistent failure to meet documentation deadlines despite coaching

If you uncover any of these, don't wait for the next audit cycle. Address it immediately with a corrective action plan and follow-up timeline.

The Conversation: How to Deliver Findings Without Defensiveness

You've completed the audit and found issues. Now comes the hard part: the conversation.

Here's the framework we recommend:

1. Start with data, not judgment. "I pulled 10 charts from your caseload, and 7 of them are missing the 30-day reassessment."

2. Ask for their perspective. "Help me understand what's happening. Are you aware of the requirement? Is there a system issue we need to address?"

3. Clarify expectations. "Here's what needs to happen moving forward. All reassessments need to be completed within 30 days as required by CARF standards."

4. Create an action plan together. "What support do you need from me to make this happen? Do we need to adjust your caseload? Provide additional training?"

5. Document everything. Put the findings, action plan, and timeline in writing. This protects both of you if the issue escalates or repeats.

The goal is accountability and support. If your manager feels attacked, they'll get defensive. If they feel supported, they'll be motivated to improve.

Build a Culture Where Audits Are Normal, Not Punitive

The best internal audit programs become part of your organizational rhythm: not a dreaded annual event. Here's how:

✅ Schedule regular "compliance huddles" where managers can ask questions and flag concerns without fear ✅ Celebrate improvements when managers close out action items or improve metrics ✅ Share audit findings (anonymized) with the full leadership team so everyone learns from common mistakes ✅ Tie compliance metrics to performance reviews (but focus on improvement trends, not perfection)

When compliance becomes a shared responsibility: not just a "director problem": your entire organization gets stronger.

The Bottom Line

Auditing your own managers isn't about mistrust. It's about building systems that can withstand external scrutiny from CARF, The Joint Commission, COA, state licensure, and payor audits.

Your managers are your first line of defense. When they understand compliance expectations and have the tools to meet them, your entire facility benefits. And when surveyors show up? You'll have confidence that your team can answer questions, demonstrate competency, and prove that your organization practices what your policies preach.

We're here to help you build audit-ready systems that don't create administrative burnout. If you need support developing internal audit tools or coaching your management team through compliance readiness, reach out to KBBG Systems. We've helped hundreds of behavioral health directors strengthen their leadership teams( without the drama.)