A workplace health and safety audit is used to analyse where an organisation’s safety performance is at and where it needs to be. The gaps are an auditor’s observations that determine what needs to be done to improve safety. An auditor may be a internal employee or an external person. Some organisations conduct an internal audit as a precursor to the external audit while other organisations use the audit to tease out any deficiencies in specific processes or areas of the business.
Why is a Health and Safety Audit Important?
A safety audit is an important tool to identify safety problems and gaps then come up with actionable steps to improve safety in a business. A safety audit can be used to:
- Document that a safety management system complies with legislation
- Test if a safety management system is achieving its objectives
- See if the safety management system is maintaining the performance criteria and the auditing system is effective
- Assess whether organisation has completed any previous modification compliance audits, when necessary
- Constantly improve the organisation
The Safety Audit Process – 5 Steps
Most internal health and safety audits can follow a five step process:
1. Identify Areas to Audit
Make a note of each area of the business that should be the subject of a health and safety internal audit. Some areas have simple processes while others are complex.
It’s important that an internal audit doesn’t try to do everything in one audit. It’s far better to concentrate on one or two areas in detail than to do a broad, shallow review of the whole organisation.
Whatever the area of focus, auditors should use a ‘systematic and disciplined approach to their work’ according to The Institute of Internal Auditors Australia.
2. Decide How Often to Audit
Some areas of the business may need auditing more often than others because some parts of the business have a higher health and safety risk. Back office staff are at less risk of serious injury or death than an on-site worker.
Once you know how often you want to audit each area, put it on a calendar. It’s easy for the months to roll past and for internal audits to not happen, so schedule them out for the year ahead. Send out a copy of the calendar so an upcoming audit is never a surprise to staff.
3. Conduct the Audit
The audit process will look different depending on the organisation and the area being audited. The auditor may measure an item, take a sample and do a test. In another area, they may observe staff and ask them to explain their work process to compare it to what is on the written policy to assess competency and potential training shortfalls.
4. Document the Results
The auditor should make notes to ensure they don’t miss anything when it comes time to write the report. They review any collected documents and notes and comprehensively write up their findings. They should then highlight any gaps in compliance to ensure they appear in the report.
5. Report the Findings
The auditor then completes their report and presents it to management. Reports shouldn’t be too wordy – a tabular format with graphs, diagrams and photos included makes information easier to understand. The report shouldn’t only cover areas that need improving, there should be positive notes about things the organisation is doing well.
Processes that are working well should be noted because lessons could be learned from them and applied to gaps and shortcomings in other areas of the business.
The Institute of Internal Auditors Australia recommends auditors include a consequence/impact/effect for why something occurred. Determining the cause and discussing the best action to take with management can lead to the best outcome.
The Audit Action Plan
The auditor‘s recommendations are provided in an Action Plan. The plan lists what needs to be actioned, any notices issued and informs the workplace health and safety representative/s of the outcome.
There are three categories in an Action Plan:
1. Non-compliance – the organisation is in breach of a requirement and urgent action is required to fix any non-compliant issues. If the contravention can’t be rectified in a day or two, a Notice to Remedy with a due date is provided.
2. Observation – this is an opinion of the Auditor and therefore subjective. The organisation can decide whether to implement any changes based on the advice provided, it isn’t mandatory.
3. Opportunity for Improvement – a suggestion for making a change that could lead to a better outcome but also not mandatory.
The action an organisation takes after an audit is what matters the most. Make it a priority to fix any non-compliance issues.
The auditor’s observations and opportunities for improvement should be carefully considered and, if management agrees, implemented into the organisation when practical.
We should view health and safety internal audits as a valuable opportunity to improve and make the organisation as safe as possible for everyone who works or visits.