Quick Answer

A compliant asset register that holds up in an audit is a governed, current, complete record of every asset you own or control, built to a standard a WHS regulator, aged-care reviewer, financial auditor or Fair Work inspector can scrutinise. It needs 12 compliance-grade fields, must pass three audit tests (existence, completeness, and accuracy and currency), and must be maintained in real time rather than reconciled once a year. Spreadsheets cannot enforce these standards; purpose-built asset register software can. Records must be retained for at least seven years.

If your organisation uses asset register software, you are already ahead of many Australian businesses still running asset records in spreadsheets.

But having a register and having a register that holds up in an audit are two very different things, and the gap between them is where most compliance failures live.

Global research from Kroll shows that, on average, between 10% and 30% of assets no longer exist, and that up to 65% of asset records are incomplete or inaccurate.

These are not numbers from poorly managed organisations; they are the norm across sectors, including healthcare, local government and aged care, exactly the industries where Australian regulators and auditors are most active.

This article explains what a compliant asset register requires, what auditors look for, the most common errors that cause registers to fail scrutiny, and how purpose-built software changes the outcome.

10-30%
Of assets on the average register no longer exist (Kroll global research)
65%
Of asset records are incomplete or inaccurate (Kroll)
7 years
Minimum record-retention period required under Australian law

Source: Kroll Fixed Asset Register research; Fair Work Ombudsman, record-keeping obligations (Fair Work Act 2009).

The Difference Between A List And A Compliant Asset Register

Most asset registers start as a list: someone creates a spreadsheet, adds the assets they know about, and updates it occasionally.

For a very small organisation with a handful of assets and one person who knows where everything is, this works, for a while. A compliant asset register is something different.

It is a governed, current and complete record of every asset an organisation owns or controls, with enough information attached to each entry to satisfy not just operational needs but the scrutiny of a WHS regulator, an aged-care auditor, a council infrastructure reviewer or an external financial auditor.

The distinction matters in Australia because multiple regulatory frameworks review your asset records simultaneously, and they ask different questions.

A WHS regulator asks: Is this plant registered, maintained and inspected by a competent person?

An aged-care quality reviewer asks: Is this facility asset safe, fit for purpose and demonstrably maintained?

A financial auditor asks: Does this record correspond to a real, existing asset, and is the valuation accurate?

A Fair Work inspector asks: Are your records complete, current and retained for the required period? A list cannot reliably answer any of these. A compliant asset register, built to the right standard, can answer all of them.

The governing standard: ISO 55000:2024, the international standard for asset management updated in July 2024, emphasises demonstrable outcomes over process compliance. Australian organisations are among the global leaders in ISO 55000 adoption, and auditors increasingly expect records that reflect the standard’s emphasis on accountability, traceability and retrievability.

The 12 Fields Every Compliant Asset Register Software Must Include

Many organisations have registers with four or five fields, enough to know what they own, but not enough to satisfy an audit. A compliant asset register requires significantly more depth.

Field What it captures and why it matters
1. Unique asset ID A consistent identifier that links every record, inspection, maintenance log and document to a single asset entry without ambiguity.
2. Asset description Clear, standardised description including type, make, model and serial number, following a naming convention applied consistently across all entries.
3. Asset category Classification that supports reporting by asset type, enables depreciation grouping and connects to relevant compliance requirements.
4. Physical location / site Current location, including building, floor, room or field site, updated whenever an asset is moved, not annually at audit time.
5. Acquisition date and cost Date of purchase or entry into service, and the original cost, supporting depreciation and capital-expenditure reporting.
6. Supplier / manufacturer Contact details for warranty claims, technical specifications and maintenance guidance, important for plant with specific inspection requirements.
7. Warranty and service info Warranty expiry date, service-contract details and contacts, preventing expensive out-of-warranty repairs on assets still under cover.
8. Expected lifespan Manufacturer-estimated useful life and internal assessment, supporting replacement planning and avoiding running assets past their safe operating life.
9. Assigned responsible person A named individual accountable for each asset’s maintenance, inspection and compliance obligations, not a team, not a department.
10. Maintenance history Complete, dated record of all maintenance activities, who performed them, what was done and the outcome, the primary record for WHS purposes.
11. Inspection status Date of last formal inspection, name of competent person, findings, corrective actions and next scheduled inspection date.
12. Disposal date and method Formal decommissioning record including date, method, authorising person, and confirmation of deregistration for registerable plant.

Source: ISO 55000:2024; WHS Regulation 237 (records of plant); CPCON Group Fixed Asset Register Guide 2026.

Fields 9 through 12, responsible person, maintenance history, inspection status and disposal record, are where most Australian registers fall short.

They are also the fields that WHS regulators and compliance auditors examine most closely.

Ghost Assets, Zombie Assets, And What They Cost You

Two terms appear consistently in asset-audit findings: ghost assets and zombie assets. Both result from registers that are not maintained as living documents.

Ghost Assets

A ghost asset is an item that appears in your register but no longer exists.

It has been disposed of, lost, stolen, broken for parts, or simply disappeared, but nobody formally removed it from the register.

Global estimates suggest 10 to 30% of assets on the average fixed-asset register fall into this category, and the consequences are financial, not just administrative: insurance premiums calculated on inflated asset values, so you pay to insure things you no longer own; phantom tax liabilities where property taxes are based on reported asset values; and overstated financial statements that distort return-on-asset ratios.

Research from Ernst & Young indicates companies with poorly maintained registers overpay property taxes by 2 to 8% annually; a $50 million fixed-asset base could mean $30,000 to $120,000 per year in avoidable overpayments.

Zombie Assets

A zombie asset is the inverse: an asset that is physically present and actively used but does not appear in the register.

It has no maintenance history, inspection records, assigned owner or compliance documentation.

In a WHS context, a zombie asset is a serious liability, operating with no documented safety controls and no evidence of maintenance.

For most Australian businesses, both problems exist simultaneously: the register is overcounted in some areas and undercounted in others.

The only way to find out is a physical verification exercise, and the only way to prevent it recurring is a properly governed register maintained in real time.

Source: Kroll Fixed Asset Advisory; Ernst & Young research cited in CPCON Group Fixed Asset Register Guide 2026.

The Three Audit Tests Your Register Must Pass

Whether the scrutiny comes from a WHS regulator, an aged-care quality reviewer, a financial auditor or an internal compliance review, every asset register is ultimately tested against the same three criteria.

Understanding them in advance is what separates organisations that sail through audits from those that scramble.

Audit test The question Pass Fail
Existence Does every record in the register correspond to a real, physical asset that can be verified on the ground? Auditor selects a sample of register entries and physically verifies each asset exists, is in the stated location and matches the description. Register contains ghost assets, entries with no corresponding physical item. The auditor flags completeness and questions the governance of the entire register.
Completeness Does every physical asset within scope have a corresponding, complete entry in the register? A physical walkthrough finds no assets in use that are absent from the register. Every asset has a named owner, maintenance history and current inspection status. Zombie assets found on site with no register entry; assets with missing inspection dates, no responsible person or no maintenance history. All are findings.
Accuracy and currency Is the information in each entry correct, current and consistent with supporting documentation? Maintenance records match the log; inspection dates correspond to signed-off reports; location data reflects current position; disposal records exist for decommissioned assets. Records that exist but have not been updated; inconsistencies with supporting documents; maintenance gaps; assets still on register post-disposal. All are findings.
The two-direction audit principle: A robust asset audit tests both directions simultaneously: confirming that every register record has a real asset (existence), and that every real asset has a register record (completeness). Testing only one direction, as many organisations do informally, misses half the problem.

Five Common Mistakes That Cause Registers To Fail Audits

1. No standardised naming convention

When departments or sites describe the same asset type differently (‘forklift’, ‘Linde FL25’, ‘Materials Handling Unit B’), the register cannot be reliably queried, reported or reconciled.

Establish a naming convention before you build the register, apply it consistently, and enforce it on every new entry.

2. Acquisitions registered, disposals not

New assets get added promptly because procurement is visible. Disposals get forgotten because decommissioning is usually informal.

The result is a register that grows continuously and never shrinks, accumulating ghost assets with every cycle. Decommissioning must be a formal, documented event.

3. Register treated as a finance document only

A finance depreciation schedule is not a compliant asset register.

It captures what was paid and when, but not maintenance history, inspection status, responsible persons or WHS registration.

Using one as a substitute leaves the operational and compliance dimensions of every asset undocumented.

4. Stored in a spreadsheet that only one person maintains

A register that lives on one person’s local drive is a single point of failure.

When that person is unavailable during an audit, the register is unavailable; when they leave, institutional knowledge leaves with them.

Centralisation and shared access are governance requirements, not preferences.

5. Updated annually instead of in real time

A register reconciled once a year is only fully accurate the day after.

Within weeks it drifts from reality as assets are moved, maintained, modified or disposed of without the changes being recorded.

The standard auditors expect is not annual accuracy; it is continuous currency.

Why Asset Register Software Changes The Outcome

The core problem with spreadsheet-based registers is not that spreadsheets are bad tools; it is that they are the wrong tool for a compliance function.

They cannot enforce a naming convention, schedule an inspection and remind a responsible person when it is due, generate an audit-ready report in minutes, automatically link a maintenance record to the relevant asset entry, or retrieve a complete asset history when a regulator asks for it at short notice.

Purpose-built asset register software, or a GRC platform with integrated asset management, resolves each of these limitations:

  • Enforces data standards so every entry is consistent.
  • Connects maintenance records, inspection outcomes and operator qualifications directly to each asset entry.
  • Schedules inspections and maintenance automatically with named accountability and reminder workflows.
  • Generates compliance reports across the full portfolio in minutes, not assembled from fragments over days.
  • Maintains a complete, timestamped audit trail for every action on every record.
  • Retains asset histories for the required seven-year minimum without manual archiving.

Fixed assets account for 25 to 40% of total balance-sheet value for most organisations, exceeding 60% in healthcare, utilities and manufacturing. That concentration of value warrants a governance tool commensurate with its significance. A spreadsheet is not it.

Source: CPCON Group Fixed Asset Register Guide 2026.

How Sentrient Supports a Compliant Asset Register in Australia

Sentrient is an Australian GRC software built for ANZ businesses with 50 to 500+ staff, used across healthcare, aged care, local government, NGOs and aviation, industries where the asset register is not just an operational tool but a compliance artefact reviewed by regulators, auditors and insurers on a recurring basis.

Within the platform, asset register functionality sits in the same governed environment as inspections, audits, risk management, compliance training and records management.

So when an auditor asks for the full compliance picture for a specific asset (registration status, maintenance history, inspection outcomes, operator certifications) all of it is in one place, connected and retrievable immediately.

Key capabilities include:

  • Centralised asset register: Current, complete and accessible to the right people across the organisation.
  • Inspection and audit management: Configurable templates, scheduled reviews, competent-person sign-offs and timestamped outcomes.
  • Records management: Full asset histories maintained with the retention and retrievability required by Australian regulators.
  • Risk management integration: Asset-related risks captured alongside broader organisational risk frameworks.
  • Compliance reporting: Generate a full asset compliance report in minutes, not days.

Unlike larger enterprise platforms, Sentrient answers the phone for support queries.

When a compliance issue is urgent, a regulator visit, an audit deadline, an incident investigation, direct support from a Melbourne-based team is available immediately.

Implementation for compliance-focused deployments typically takes seven days.

Note: This content provides general information about asset register practices and Sentrient’s platform capabilities. For guidance on specific regulatory obligations applicable to your organisation, seek independent legal or compliance advice.

A Compliant Asset Register Is Only As Good As The Audit It Survives

Between 10 and 30% of assets on the average register no longer exist, and up to 65% of records are incomplete or inaccurate.

Australian employers face record-keeping infringement notices, insurance complications and WHS enforcement actions when their registers fail to withstand scrutiny.

Building a register that holds up in an audit is not about adding more fields to a spreadsheet.

It is about building the right structure, maintaining it in real time, connecting it to your inspection and maintenance records, and housing it in a system that generates compliance evidence on demand rather than in a rush over several days before an audit.

The organisations that pass audits cleanly are the ones that treated their asset register as a governance function, not an annual exercise.

That distinction does not require a large project; it requires the right system, the right habits, and a team willing to make it stick.

Frequently Asked Questions

1. What is an asset register, and why does it matter for Australian compliance?

A compliant asset register is a structured, governed record of every asset your organisation owns or controls, capturing ownership, location, maintenance, inspection and disposal data for each one. It matters because the same register is relied on by very different reviewers: a WHS regulator checking that plant has been inspected by a competent person, a financial auditor verifying that assets exist and are valued correctly, an insurer assessing cover, and a Fair Work, aged-care or NDIS reviewer checking records. A basic list of what you own is not enough; the register has to stand up to that scrutiny.

2. What are ghost assets, and how do they affect an Australian business?

Ghost assets are items still recorded in your register that no longer physically exist, because they were lost, stolen, scrapped or disposed of without the register being updated. They quietly cause real damage: you keep paying insurance premiums, and sometimes depreciation, on assets you no longer hold, your financial statements overstate what the business owns, and auditors raise findings when they cannot physically locate recorded assets. Global research from Kroll indicates that, on average, 10 to 30% of assets in a typical register no longer exist, and up to 65% of records are incomplete or inaccurate.

3. What is a zombie asset, and why does it matter?

A zombie asset is the opposite of a ghost asset: an item you still own, use or are liable for, but which is missing from the register or recorded incorrectly. Zombie assets are risky because they fall outside your inspection and maintenance schedules, so a piece of plant can keep operating with no record that it has ever been checked. That is both a work health and safety exposure and an audit finding waiting to happen, and it is often only discovered after an incident.

4. How long must Australian businesses retain asset records?

As a baseline, keep asset and related financial records for at least seven years, in line with Australian employment and financial record-keeping requirements. Work health and safety obligations can run longer: records for registerable or high-risk plant generally need to be kept for the operational life of the plant plus the applicable retention period, and some inspection and maintenance records carry their own timeframes. Because the exact period depends on the asset type and your industry, confirm the requirements for your specific plant and sector, or seek advice, rather than applying a single blanket rule.

5. What is the difference between a fixed asset register and a compliant asset register?

A fixed asset register is a finance tool: it tracks acquisition cost, depreciation and book value so the numbers in your accounts are correct. A compliant asset register does all of that and adds the compliance layer auditors and regulators look for: standardised asset descriptions, a named responsible person, full maintenance history, inspection status with competent-person sign-offs, and a formal disposal and deregistration record. In short, a fixed asset register answers ‘what is it worth?’, while a compliant register also answers ‘can we prove it exists, that it is safe, and that we have looked after it?’

6. What are the three audit tests a compliant asset register must pass?

Auditors typically test three things. Existence: can each recorded asset be physically located and verified, so there are no ghost assets. Completeness: is every asset you own or control actually on the register, so nothing is missing or unrecorded. Accuracy and currency: is the data for each asset correct and up to date, including location, responsible person, and maintenance and inspection status. A register passes when it can answer all three on the spot, rather than after a scramble to rebuild it.

7. Which asset register fields do WHS regulators and auditors scrutinise most?

Fields 9 to 12 usually attract the most attention: the named responsible person, the full maintenance history, the inspection status (including the competent person, findings and next inspection date), and the disposal record with confirmation of deregistration for registerable plant. These are the fields that show an asset has been actively governed rather than simply listed, and they are where most Australian registers fall short.

8. Why do spreadsheets fail as asset register software for Australian businesses?

Spreadsheets are fine for a simple list, but they cannot enforce the disciplines a compliant register needs. They will not schedule or remind you of inspections, enforce a consistent naming convention, capture competent-person sign-offs, or generate an audit-ready report on demand. They also tend to live with one person, which creates a single point of failure when that person is away or leaves, and they cannot connect asset data to the related inspection, maintenance, risk and records systems. That is why registers kept in spreadsheets are the most common ones to fail an audit.

9. Does asset register software make an organisation compliant on its own?

No. Software supports good practice; it does not, by itself, make you compliant or guarantee a particular regulatory or legal outcome. What purpose-built software does is make compliance achievable and repeatable: it enforces standards, schedules inspections, keeps a complete history and produces audit-ready reports, so the work is far easier to sustain. Your processes and people still matter, and for your specific obligations you should seek independent legal or compliance advice.

10. How does Sentrient help maintain a compliant asset register?

Sentrient keeps the asset register in the same governed environment as inspections, audits, risk management, compliance training and records management, so an asset’s full compliance picture (registration status, maintenance history, inspection outcomes and responsible person) is connected and retrievable immediately. It supports a centralised, current register, scheduled inspections with competent-person sign-offs and timestamped outcomes, and audit-ready records retained to the required timeframes. If you would like to see it applied to your own assets, you can request a free demo.

Your Asset Register Should Take Minutes to Audit, Not Days to Rebuild

Sentrient is a Melbourne-based GRC platform purpose-built for Australian businesses with 50 to 500+ staff. Centralise your asset register, inspection records, maintenance history and compliance documentation in one auditable system. Be operational in as little as seven days.

Book a free demo

Read More About Asset Management: