Dave Bland talks about surviving an audit:
Don’t volunteer information
Only provide the evidence they are asking for, nothing more. You want to avoid giving them things that they do not ask for. By doing so, you might expose something that you don’t want them to see. The last thing you want to do, is give them a reason for documenting a finding. Another thing to remember is the audits have a defined scope.
This is some of the best advice about audits out there, particularly when combined with the other points Dave makes about being honest and doing the right thing. Dave also ties in some information about backup history as a particular auditing example.