Audits are a critical function of an OHSAS 18001 or ISO 45001 occupational health and safety management system (OHSMS). They are a great way to ensure that your organization is following the policies and procedures implemented for the reduction of risk, the protection against ill health and injury, and ensuring that the organization’s OSHMS conforms to subscribed management system specifications.
Internal safety audits should, at a minimum: 1) evaluate conformity with requirements; 2) ensure that any actions taken through the management system have not created any unintended consequences or risks introduced into the management system; and 3) evaluate the effectiveness of existing controls. There’s actually few other reasons to do internal audits, and you can read about them here.
Internal audits, however, usually fall into the category of “low hanging fruit” with respect to overlooked opportunities to improve the OSHMS.
Here’s four ways your organization can supercharge your internal auditing process
1. Improve the Flow of Communication
In an OHSMS, there are certain information flows that an organization is required to document, and at a minimum, they go two ways. Information flows down from management to associates in the form of policies, procedures, programs, etc. Conversely, information from associates flows up to management, and this concerns programs, implementation, records, hazards, risks, etc.
In low capability systems, or the immature OHSMS, there may still be barriers to the information flow. This can be present in the form of (lack of) management commitment, or if an organization has to overcome mistrust as it tries to shed a “compliance mentality.” Regardless of the reason, this is an opportunity for management to increase the volume and accuracy of the information that is coming from the sharp end.
2. Ensure that Improvement Efforts Have not been Wasted
This is actually more of a two-part item. The internal audit should have some focus that the programs that have been implemented to improve the OHSMS have been effective and are achieving their intended outcome. This provides evidence for management reviews that the improvements are effective.
Additionally, these improvements should be viewed with a critical eye to also ensure that there have not been any unintended risks or hazards introduced into the system. Prior to implementation, the new program should have been assessed for risks and hazards, but as humans, it doesn’t always mean that all of those risks and hazards were recognized prior to implementation. Also, interviews with personnel should give the auditor a good idea a good perspective on whether or not the program is functioning as intended.
3. Conformance, then Performance
Piggybacking on the prior aspect, once the auditor ensure that the program is fully implemented and is working, internal audits are a wonderful way of gathering information on potential improvements. Associates at the sharp end may have some difficulty articulating potential improvements to suggestion boxes, and suggestion boxes aren’t always the best way to elicit those suggestions.
In a perfect world, external auditors would be focused on performance vs. conformance of the program, and registration audits would translates into business results. However, the real world is full of constraints: time, competence, and ability. If your organization is going to invest the time to conduct internal audits, don’t overlook opportunities to improve the performance of the process in conjunction with verifying conformity.
4. Tighten the Noose on Corrective Actions
Your organization’s corrective action process should be aimed at not only preventing recurrence of nonconformities, but the preventing their occurrence as well. There is a very real tendency in every industry to close corrective actions as quickly as possible, and this does not always translate into ensuring that root causes are identified.
During internal audits nonconformities should, and often times do, receive extra attention. One of the objectives of an internal audit is to ensure that corrective actions have been applied and are effective. However, this process can be leveraged to identify the effectiveness of the organization’s root cause analysis program. Don’t miss an opportunity here to improve your organization’s RCAs as well.