Implementing an occupational health and safety management system (OHSMS) standard such as ISO 45001 is the first step toward continuous improvement of safety performance in your organization. Continually evaluating your OHSMS confirms that the controls and processes you put in place are truly reducing risks to your workers. Periodic audits of your system provide valuable insight into the effectiveness of your system at protecting worker health and safety, and where you may be able to improve.
An effective internal audit program is based on the seven principles of auditing identified in ISO 19011:2018: integrity, fair presentation, due professional care, confidentiality, independence, an evidence-based approach and a risk-based approach.
“Audits are a key aspect in determining how well your OHSMS is achieving the desired results,” says Ken Clayman, member of the U.S. Technical Advisory Group to ISO 45001. “Audits help identify gaps, weaknesses and unfulfilled requirements. Identifying these shortcomings then allows you to take corrective actions to drive improvements.”
Clayman adds that without audits an organization can overlook substantial improvement opportunities that could prevent systemic failures.
ISO 45001 identifies six elements of an internal audit program:
- Plan, establish, implement and maintain an audit program including the frequency, methods, responsibilities, consultation, planning requirements and reporting, which shall take into consideration the importance of the processes concerned and the results of previous audits;
- define the audit criteria and scope for each audit;
- select auditors and conduct audits to ensure objectivity and the impartiality of the audit process;
- ensure that the results of the audits are reported to relevant managers; ensure that relevant audit results are reported to workers, and, where they exist, workers’ representatives, and other relevant interested parties;
- take action to address nonconformities and continually improve its OH&S performance;
- retain documented information as evidence of the implementation of the audit program and the audit results.
As you prepare for and conduct your OHSMS audits, keeping these three points in mind can help you achieve the desired results.
Craft an Audit Plan, Identify Its Scope and Assemble a Team
As you begin the audit process, work with the facility being audited and develop an adequate plan and schedule that covers the project scope and identifies relevant criteria, such an organization’s policies, procedures and programs. In addition, identify any working documents, such as checklists, you will need to complete the audit.
Establishing what you want to achieve through the audit will help inform its scope and help you determine whether its scope is narrow or broad. For example, you may want to assess a specific process or examine an entire facility.
You will also need to establish an audit team. This team should encompass individuals with the skills you need to complete the audit and achieve the desired outcome.
When conducting an OHSMS audit, workers are a valuable source of information. Clayman encourages safety professionals to engage workers at all levels of the organization in the audit process. Auditors should interview workers, asking questions about their roles, responsibilities and competence levels.
Establishing this collaboration early in the process can help lead to an expanded role for workers in future audits. As they gain experience, workers can eventually become internal auditors, allowing them to be direct participants in system processes and activities, as well as helping identify opportunities to improve the OHSMS. Other roles may include developing or improving the audit program and associated processes, serving as guides or observers during audits, and participating in corrective activities in response to the audit findings.
Once the plan and team are in place, you can conduct the audit. While an OHSMS audit can tell you many things about workplace safety and health, the overall goal is to assess how well your system is controlling workplace risks.
“Through an audit process or other means of observing and reviewing OHSMS activities and processes, safety professionals can evaluate whether their organization’s system has been adequately designed and implemented,” says Clayman.
Determining effectiveness involves examining the system and its components for the results of the implementation activities. Are those activities managing and controlling the risks identified and taking advantage of the opportunities determined? If not, then your organization should develop an action plan to improve system processes.
Clayman notes that the most effective systems incorporate the plan-do-check-act model and follow a consistent flow that encompass the typical steps of the audit process: initiation, preparation, audit, reporting, completion and follow-up.
ANSI/ASSP/ISO 45001-2018 Occupational Health and Safety Management Systems - Requirements With Guidance for Use
ASSP’s ISO 45001 Courses
ISO 45001 Five-Step Action Plan for Safety Management
Managing Ergonomics: Applying ISO 45001 as a Model
How Your Safety Management System Can Help in a Pandemic