Auditing OHS management systems
Guest Post by the late George Robotham
There is some confusion in practice between the terms inspection and audit, I distinguish between the two by saying you inspect things and you audit systems. Organisations that are successful at Occupational Health and Safety have regular comprehensive internal and external audits.
AS/NZS 4801 audits
Audits to A.S. 4801 are probably the most common in Australia and there are a small number of training providers that conduct accredited training. There is a National body that accredits 4801auditors.
When it comes to auditing to 4801 my experience suggests there are 3 classes of organisation-
1 Small to medium organisations-Many have never heard of 4801, see no value in being audited against it and want a really targeted, practical and pragmatic approach
2 Medium to large organisations-Some see compliance with 4801 as a challenge to aspire to
3 Large organisations- Many see 4801 as an inferior standard and aim to do much better
My auditing experience
I have experience with audits of the following Safety Management Systems-
1 BHP-Coal Internal Standards of OHS Excellence
3N.S.C.A. 5 Star
4N.O.S.A. 5 Star
5 Safety Map
6 Safe Plan
8 4801 / 4804
Some of the above have a more operational focus than 4801 audits. The more I think about it the more I think your typical A.S. 4801 audit does not drill down enough into how safety is practically managed. I hold what I believe is a well funded perception that 4801 is a poor safety management system standard and that auditing to the standard is not sufficiently operational in scope. I would hope any safety management system I had responsibility for would go much further than 4801.To my mind, 4801, in its attempt to be strategic leads to it not making a real operational difference.
1. Damage to people at work has a number of adverse outcomes:-
§ Financial loss to employer, worker and community
§ Pain and suffering
§ Dislocation of lives
§ Permanence of death
2. Damage to people from work falls naturally into one of three Classes.
– Class I damage permanently alters the person’s life and subdivides into
– non fatal
– Class II damage temporarily alters the person’s life
– Class III damage temporarily inconveniences the person’s life (Geoff McDonald & Associates)
Geoff has investigated many thousand Class 1 damage occurrences in his career and maintains the most effective way to make meaningful progress in safety is by focusing on the class 1 phenomena. I have been involved in 3 projects with Geoff where we have either analysed critical incidents or personal damage occurrence experience and I found the results very impressive, the analysis of the critical incidents and personal damage occurrences really targeted control actions in an appropriate manner.
One of the biggest myths in the safety business is that preventing Class II and Class III personal damage will automatically prevent Class I personal damage.
My vision for audits
My belief is that the principal reason for having a safety management system is to minimise Class 1 personal damage occurrences and a good safety management system will define how this is done. My vision is that audits will assess how well the items that the organisations believe are necessary to minimise Class 1 personal damage are being implemented.
Internal standards of OHS excellence
The of the best pieces of OHS work I have seen carried out was when one organization developed, implemented and evaluated 18 internal standards of OHS excellence. Standards included- Visitor safety, contractor safety, compliance with statute law, use of personal protective equipment, management commitment, hazard identification/risk assessment, safe working procedures, loss prevention &control, employee involvement, emergency procedures, accident investigation, education/communication, inspections, health & fitness, injury management.
The standards were introduced and it put a massive increase in the focus on safety. What excellence in implementation of the standards would look like was defined and people were trained in this. A detailed set of audit questions, based on the fore-going was developed as was a detailed set of auditing guidelines and roles of auditors defined. Sites to be audited were briefed on the auditing guidelines and auditors were trained on the audit questions and auditing guidelines. A series of annual Executive Safety Audits was introduced at the various sites with an audit team led by a senior manager to give the process significant management horsepower. The largest audit team I was involved in had 10 auditors and audited the site for 3 days. A quality assurance approach where NCR (Non-compliance reports) were issued was used and formal processes were introduced to follow-up on audit recommendations.
The technical basis, training and preparation for the audits was sound but the key to success was the fact the audits were driven by senior management not the safety department.
General comments on audits
A criticism of safety audits is that they are usually not based on an examination of serious personal damage occurrences (accidents) experience.
Whatever paperwork you produce, be succinct. Auditing documentation tends to get unwieldy and difficult to use in practice. Only the very dedicated or very bored are going to wade through pages and pages of auditing documentation.
Need to audit against a standard, maybe A.S./ N.Z.S 4801,Tri-Safe, internal standards of OHS excellence. Safe Plan, N.O.S.A. 5 Star, Zero Harm principles or a commercial Safety Management System or a combination of the foregoing.
A set of audit questions needs to be developed.eg. if you were interested in auditing management commitment to safety questions could include-Give examples of how management demonstrates its commitment to safety, Explain how managers build employees safety awareness, Give examples of how management participates in safety meetings, inspections, reviews and accident investigations, Explain how managers hold staff accountable for achievement of safety targets and performance, Explain how performance appraisals include a meaningful consideration of safety attitudes and performance, Explain how management strives for safety best-practice.
A method of rating findings must be used eg.
5 Excellence recognised externally and internally.
4 The commitment of all personnel is demonstrated by behaviour, the approach is seen as a way of life.
3 Progress audited and review systems implemented, improvements planned and commenced, all supervisors commitment demonstrated by behaviour.
2 Actions well established, deficiencies identified, managers commitment demonstrated by behaviour.
1 Defined actions commenced, communications with all employees commenced, roles and responsibilities defined.
0 Some actions commenced, policy objectives defined
Sites being audited must be advised about how the audit is to be conducted beforehand so they can manage their commitment to the process
Need an opening meeting with stakeholders, including senior management. The auditing process must be explained and expectations of the audit team outlined.
Need a closing meeting with stakeholders, including senior management to discuss findings and allow rebuttal. Some organisations like to have all supervisors and health & safety representatives at this meeting plus a cross section of employees.
Need a succinct written report with a concise management summary. There should be no surprises in the written report as major findings have been discussed at the closing meeting. The written report should provide suggestions for addressing non-conformances.
A physical inspection of the workplace will help identify safety system deficiencies.
Need to examine the safety “paper trail”. Safety committee meetings and follow-up actions, safety meeting minutes and follow-up actions, personal damage occurrence (“ accident”) investigation reports and follow-up actions, safety inspections and follow-up actions, safety audits and follow-up actions, safety induction records, general safety training records and so on.
Need to question managers, supervisors and workers about their perception of the Safety Management System. Tri-Safe has a good set of questions that can be tailored to an organisation. It may be deemed appropriate to develop a questionnaire to be put to a cross-section of managers, supervisors and workers at meetings.
If you give a low rating from the audit be prepared for criticism and “push-back” from the site that was audited. No one likes to be told they are doing a poor job. It is essential that the guidelines to implement whatever standard you are auditing against are well publicised and agreed to beforehand as well as the auditing process agreed to.
You need to have solid evidence to back up your assertions. If an organisation has a history of superficial safety audits they could be less than impressed by a change to a more searching audit format and subsequent lower ratings.
Be prepared for people to lie to you. Be prepared for people to genuinely think an issue was addressed when it was not. Ask for solid evidence to back up people’s assertions.
The audits should be driven by senior management, not the safety department.
Assessing an organisations attempts to minimise the occurrence of Class 1 personal damage should be the focus of audits.
Safety management system audits have their place but they need to be supplemented by in depth examination of the key features of the safety management system. Surveys, questionnaires, guided discussion and critical incident recall are amongst the valuable techniques.