Audit, Findings, and Remediation
Root Cause Analysis
The process of finding out why a problem happened so the response fixes the underlying control failure, not just the visible symptom.
Definition
Root cause analysis asks why the issue occurred and why the existing controls did not prevent or detect it earlier. In practice that might mean testing whether the issue came from poor training, weak supervision, bad incentives, faulty process design, or missing ownership.
For example, if overtime keeps recurring, the root cause may not be the timesheet. It may be unrealistic production planning, poor staffing, or supervisor behavior that the current system never challenged.
How this source informs this section
OECD Due Diligence Guidance for Responsible Business Conduct
OECD guidance is relevant because it supports addressing why the impact occurred and what has to change to prevent recurrence.
Why it matters
Without root-cause analysis, corrective action plans (CAPs) often default to cosmetic actions such as retraining or restating the policy. That closes the file without changing the system that created the issue.
It matters most when findings repeat or show up in different forms, because that usually means the visible issue is only the surface layer.
How this source informs this section
SA8000 Overview
SA8000 is useful as a management-system reference because it emphasizes sustained implementation over one-off surface fixes.
Nuance
Root cause work should not delay immediate containment. Teams still need to stop the current harm while they work on the deeper fix.
A detailed root-cause template is not enough if the answer always points back to 'worker error' or 'supplier oversight' without testing the broader system.
How this source informs this section
OECD Due Diligence Guidance for Responsible Business Conduct
The guidance supports combining immediate response with longer-term prevention rather than choosing one or the other.
Sources
OECD Due Diligence Guidance for Responsible Business Conduct
OECD · guidance
OECD's core guidance on how companies identify risk, prioritize, respond, track follow-up, and communicate what changed.
SA8000 Overview
Social Accountability International · standard overview
Used here for the management-system framing behind sustained labor compliance, review, and continuous improvement.
