📱Test our Android app — free beta!Join Beta GroupYou'll receive the install link by email after joining.

RTI Compliance Audit Checklist for Public Authorities

Direct answer. Every public authority should run an internal RTI compliance audit at least once a year, ideally aligned with the financial-year close. The audit should cover twelve areas: PIO designation, FAA designation, Section 4 disclosure, record management, RTI receipt and disposal SLAs, fees, appeals, third-party procedure, Section 25 returns, training, citizen feedback, and Information Commission directions outstanding. A scoring template is below — eighty per cent or above is the working benchmark; below sixty per cent is a red flag for the head of office and external audit.

CAG audits and Information Commission compliance reviews routinely flag the same patterns: outdated PIO pages, untracked appeal disposals, missing Section 25 returns, no Section 4 update log. An internal audit catches all of these before the external audit does. This checklist is designed for adoption by the public authority's vigilance / records committee.

When to run the audit

  • Annually, in April, after the financial-year close.
  • Before any planned CAG audit.
  • Before any Information Commission inspection.
  • On change of head of office (handover).
  • On any major adverse Commission order against the authority.
  • Section 4 — disclosure and record management.
  • Section 5 — designation of PIOs.
  • Section 6 to 11 — applications, fees, exemptions, third-party.
  • Section 19 — appeals.
  • Section 20 — penalty (Commission's power; audit tracks adverse orders).
  • Section 25 — annual return.

Twelve audit areas with scoring

Each area is scored out of ten. The total is out of 120; convert to percentage.

Area 1 — PIO designation (10)

  • Office order designating PIO is current (4).
  • Subject-wise PIOs designated where appropriate (2).
  • APIOs at all field offices (2).
  • Substitute PIO during PIO leave (2).

Area 2 — FAA designation (10)

  • Office order designating FAA is current (5).
  • FAA is senior in rank to PIO (3).
  • Substitute FAA during leave (2).

Area 3 — Section 4 disclosure (10)

  • All 17 sub-clauses published (5).
  • Last-updated date within last quarter (2).
  • Regional-language version (1).
  • Mobile-friendly (1).
  • Indexable (1).

Area 4 — Record management (10)

  • Master file index in place (3).
  • Retention schedule applied (2).
  • Active files digitised (3).
  • Search-and-retrieval log maintained (1).
  • Annual records audit (1).

Area 5 — RTI receipt and disposal SLA (10)

  • % applications acknowledged within 48 hours (3).
  • % disposed within 25 days (3).
  • % disposed within 30 days (2).
  • % deemed refusals (negative score below 5%) (2).

Area 6 — Fees (5)

  • Receipts register reconciled with cashier (3).
  • No unlawful additional-fee demands (2).

Area 7 — Appeals (10)

  • % first appeals disposed within 30 days (3).
  • % within 45 days (2).
  • Speaking orders for all appeals (3).
  • Orders despatched to both parties (2).

Area 8 — Third-party procedure (10)

  • Section 11 notice issued in 100% of relevant cases (5).
  • Public-interest balance recorded (3).
  • Third-party right of appeal communicated (2).

Area 9 — Section 25 annual return (10)

  • Quarterly returns submitted on time (4).
  • Annual return submitted by 30 April (3).
  • Data reconciles with internal registers (2).
  • Recommendations for reform recorded (1).

Area 10 — Training (10)

  • PIO has attended at least one DoPT-recognised training in the year (4).
  • FAA has attended training (3).
  • APIOs trained (2).
  • Refresher for dealing assistants (1).

Area 11 — Citizen feedback (10)

  • Feedback mechanism on website (3).
  • Average response time to feedback (2).
  • Citizen camps / awareness drives (2).
  • Brochures available in regional language (3).

Area 12 — Outstanding Commission directions (15)

  • No Commission direction outstanding more than 30 days (5).
  • No Section 19(8)(a) direction unimplemented (5).
  • No Section 20 penalty proceedings against PIOs (5).

Step by step

  1. Step 1. Constitute an audit team — nodal RTI officer, internal audit officer, IT, vigilance.
  2. Step 2. Agree the score-sheet using the twelve areas above.
  3. Step 3. Sample 5% of applications and 10% of appeals for evidence.
  4. Step 4. Cross-verify with public-facing data (website, portal, Commission's records).
  5. Step 5. Score each area with documentary evidence.
  6. Step 6. Compile a draft report with scores, findings, recommendations.
  7. Step 7. Discuss with the head of office; finalise.
  8. Step 8. Place the report on the office's RTI page (with redactions for any sensitive personnel content).
  9. Step 9. Track corrective actions to closure.

Evidence the audit team should gather

  • RTI Receipt Register sample.
  • Appeals Register sample.
  • Fee Register sample.
  • PIO/FAA office orders.
  • Section 4 page screenshots with date.
  • Section 25 returns submitted.
  • Outstanding Commission orders.
  • Training certificates of officers.
  • Citizen feedback log.

Scoring benchmarks

Score % Rating Action
90+ Excellent Sustain
80 to 89 Good Minor improvements
70 to 79 Average Targeted improvements
60 to 69 Weak Action plan within 30 days
Below 60 Critical Head of office to convene review

Common public authority mistakes

  • No internal audit at all — first time the public authority sees the gaps is during CAG audit.
  • Audit by the same team that runs RTI — conflict of interest.
  • Audit with no evidence — checking yes/no without documents.
  • Audit findings not closed — same observations year after year.
  • No publication of audit report — citizens don't see it; Commission has nothing to track.

Frequently asked questions

Is the audit mandatory by law?

The Act does not name an “audit” but the Section 25 return, Section 4 sign-off, and CAG performance audit collectively make internal audit a practical necessity.

Who pays for an external audit?

External audit (CAG, peer-review by another department, civil-society audit) is funded by the audit authority's budget. Internal audit is by the public authority's own staff.

How long does an audit take?

Two to three weeks in a small office; six weeks in a large ministry.

Can a third-party agency audit us?

Yes — many ministries engage civil-society partners (e.g. CHRI, RAAG) for independent scoring.

What if we score below 60%?

The head of office must convene a review and produce a 30-day action plan.

Do we publish the audit report?

Yes, with redactions for sensitive personnel matters.

Does the Commission accept our audit as evidence?

Yes. Commissions look favourably on public authorities that maintain internal audit and produce findings.

Sources

  • The Right to Information Act, 2005 — Sections 4, 5, 6 to 11, 19, 20, 25.
  • Department of Personnel and Training, rti.gov.in — guidance.
  • Comptroller and Auditor General, cag.gov.in — performance audits.
  • Central Information Commission, cic.gov.in — illustrative directions.

See also

Reader signal

Was this article useful?

Tap once if it helped you. These counters show other citizens which pages are worth reading.

- views