The Health and Safety performance of an Organisation depends on Management control, Health and Safety must be efficiently managed if performance is to be satisfactory. Improvements to Health and Safety performance can be stimulated by various means including:

a) Moving from a reactive to a proactive approach to Health and Safety issues [i.e. not waiting for an incident, injury or loss to     occur before acting. b) Identifying exactly what needs to be controlled and setting standards and performance measurement criteria.
c) Adopting the same disciplines of Management control and responsibility as are applied to financial or production     management.

In short, successful Health and Safety Management requires commitment to a policy and programme of continuous improvement by those in charge, together with a regular audit of that programme.

Auditing is a means by which information about the measures taken by the Management to put into action arrangement appropriate for the effective planning, organisation, control, monitoring and review of Safety measures, can be gathered.

It is the culmination of the series of activities which make up an organisation’s Health and Safety Policy statement from the occupier, which is developed into systems and procedures by middle managers for implementation by those carrying out the work of the organisation. The definition of auditing is:

“The structured process of collecting independent information on the efficiency, effectiveness and reliability of the total Safety Management System and drawing up plans for corrective action”.

Auditing examines each stage in the Health and Safety Management system by measuring compliance with the controls, the organisation has developed, with the ultimate aim of assessing their effectiveness and their validity for the future.


Implementing the principles of Health and Safety Management will ensure that areas requiring control are identified and control measures are applied. However, the inevitable changes which all organisations experience will affect the control system. As a result the health and safety management system must be examined at regular intervals to ensure that control measures are being correctly implemented and that they continue to be the most appropriate system. A structured audit can appraise performance in the key management responsibility areas [i.e. planning, organisation, allocating responsibility and controlling the organisation’s activities.


Health and Safety has to be managed in the present climate of increasing industrial democracy. Workers expect to have a greater say in the organisation of their daily lives.

Industrial democracy in Health and Safety is possible through increased employee participation in planning and implementing health and safety measures, but this is not an area for voluntary participation or uncertain responsibilities. Every Health and Safety responsibility must be ‘owned’ by somebody, requiring a strictly controlled management approach that ensures standards are being set and met.

Overall Health and Safety performance is greatly affected by the performance of individual employees, which in turn depends on how well motivated they are. Behavioural psychologists have shown that most people are motivated to action by two factors:

a) Finding the task interesting and wanting to do it
b) Expecting the task to be checked by others

Those charged with specific Health and Safety management responsibilities must always be aware that ‘you get what you inspect and not necessarily what you expect’. It is vital therefore, to ‘check up’ on compliance with Health and Safety control measures regularly through the use of audits and other measuring techniques.

The behaviour of employees is best changed by instilling positive attitudes towards safety and this cannot be achieved without genuine management commitment backed by a strict enforcement policy. Safety auditing is a visible technique that demonstrates commitment to Safety.


Audits are best carried out by a person independent of the area being audited in order to provide a fresh, objective look at the organisation’s Health and Safety Management systems. They can be used to chart progress in specific areas of health and safety management and can help to develop consistency in the application of health and safety management performance standards throughout the organisation.

Audits provide feedback to senior managers on the implementation of the organisation’s health and safety policies. Many companies have excellent policies that, when critically examined, are not translated into reality on the shop floor. Audits help to identify where there are failings in implementing the safety programme, for example where personal protective equipment has been introduced but is not being worn, as well as assessing the effectiveness and appropriateness of each element of that safety programme.


Performance standards define which activities are to be carried out, by whom, when, to what level and the method of measurement. Rulesare issued by persons in authority which merely state what should or should not be done.

Standards can be set for any area of business from the post room to the boardroom. The key features are that they are prescriptive and measurable. A standard can be as simple as ‘all internal correspondence will be delivered by ___________ [name person] within four hours of its collection’. This, however, will have little impact if there is no complementary standard regarding the frequency of collection. Examples of a rule and a performance standard relating to the safety of on-site contractors are as follows:

Rule : All contractors will be given safety induction training.

Standard : All contractors will receive Safety induction training from the contractor’s supervisor on the first day of attendance. The contractors Induction Programme document will be used for this purpose. At the end of training a written test will be given to ensure that there is full understanding. A register will be kept by the contractor’s supervisor of all who attend. Refresher training will be carried out annually’.

A rule therefore states only what should happen, whilst a standard includes the mechanism for it to happen and assigns responsibilities. The auditor will have a relatively simple task to measure performance against a standard because:

a) It is more specific
b) He or she knows who should have carried out the task
c) He or she knows exactly what the task required
d) Records should be available to confirm that the task was carried out and that it was effective.


There are several areas where performance standards are appropriate. These include the following:

1. Leadership - demonstration of Management commitment.
2. Training - Management and workforce Health and Safety training in addition to core skill requirement.
3. Workforce inspection - a structured approach to hazard identification and remedy.
4. Incident reporting, Investigation and analysis - a comprehensive system with the facility to track remedial action.
5. Communication systems - training in, and the use of, personnel communication skills.
6. Recruitment arrangements - Health and Safety aspects of personnel placement.
7. Procurement arrangements - assurance of fitness for Health and Safety purposes of purchased goods, services,     equipment and substances.
8. Occupational Health - the maintenance of a healthy workforce.
9. Plant / Process modification and permit to work systems - the control of key high risk activities.
10. Response to emergencies - preparing for the handling of major incidents. Some of the above topics may not appear to have     direct relevance to Safety and Health in general or to auditing in particular. For example,

how does procurement relate to Safety and Health? Procurement of goods and services has a direct impact on Safety and Health. If the correct purchasing standards are not in place this may lead to the purchase of inappropriate goods and services. An example would be the purchase of new machinery, which is found to have a noise level exceeding the legal exposure limit only after it has been installed. The operator is then at risk from noise-induced hearing loss until the employer spends additional money to reduce exposure. A purchasing executive may not appreciate the implications of a defective standard, so the Health and Safety manager should be involved in agreeing purchasing standards, to ensure that Health and Safety issues are considered.

Similarly, well thought out recruitment procedures will prevent individuals with unsuitable medical conditions being placed into potentially hazardous posts, for example those with pre-existing lumbar problems should not be involved in work requiring frequent lifting operations and those with defective colour vision are unsuitable for certain electrical trades.

Management performance standards or control systems should be developed in the areas listed above. These can be prepared in-house or obtained as an ‘off-the-shelf’ package from commercial organisations.


The role of the auditor is to check that the standards are being met and that the desired outcome is achieved. Failure to achieve the desired outcome indicates either non compliance with the standard or a defective standard.

If the auditor discovers that compliance with a standard is failing to produce the necessary benefits, the standard and its objectives should be reviewed.

Applying the programme principles outlined earlier should result in deeper analysis of areas of non- compliance to be described with reference to the performance standard. resulting in one of the following categories :

o the absence if inadequacy of a performance standard for that activity
o communication failure or a lack of understanding
o the failure to enforce the standard.


Auditing is less of an onerous task if Health and Safety awareness is an integral part of both management’s and employees’ day-to-day activities and not an ‘add on’, which receives attention only on selected occasions or at specific times. To be of value, audits should :

o Have objectives and result in a quantifiable outcome and report
o Be carried out by a person with knowledge of and training in Health and Safety auditing
o Be independent [ i.e. carried out by a person independent of the area or activity being audited and with no vested interest in    the outcome].
o Be completed within a pre-set period
o Generate a remedial action plan.

The audit procedure should check that for all aspects of the subject or programmes being audited [of training, incident investigation, emergency response] the following requirements are met :

  • A system is in place
  • It is written down
  • It is communicated
  • It is understood
  • It is practised
  • It is reviewed and updated.

Implementation of the audit procedure should be transparent [ i.e. capable of being verified in the workplace.


Audits can take the form of very detailed reviews of a complex Safety and Health programme. They may look in depth at a particular work area or perhaps at compliance with a single Safety and Health issue of statutory requirement. The two main types of audit are Comprehensive Audits and Specific Audits.

Audits should be tailored to the needs of the Organisation, e.g. a small organisation with few employees and carrying out low risk operations does not necessarily require a comprehensive audit regime.

Where there are employee safety representatives they should be encouraged to participate in the audit exercise. Involvement of an organisation’s managers, supervisors and workforce in specific audits, and on monitoring surveys and assessment activities with trained auditors, helps to develop their expertise.


Comprehensive audits cover the whole site or whole health and safety programme and may involve participation by large numbers of employees. Information on the awareness, knowledge and degree of compliance with Health and Safety practices and procedures is collected by interviewing the management and workforce.

Trained auditors independent of the area under audit are required for Comprehensive audits, which should occur at a frequency that allows sufficient time for corrective action and the development of new initiatives.


A specific audit can take the following forms:

1. It may involve auditing a selected activity across the whole site, for example an audit of a facility which handles highly flammable or hazardous substances would examine control arrangements for handling, storage, labelling and disposal, in addition to operator training, personal protective clothing, material data sheets and emergency response.

2. A full programme audit across only one area of the site would look at the overall safety management programme for all of the risks associated with a particular section or department, considering such areas as local rules, training of personnel, workplace inspection regimes, incident reporting and recruitment needs, medical screening, local protective emergency plan, compliance with personal protective equipment standards and Safety promotion.

3. An audit compliance with one particular statutory requirement across the whole organisation is a focused activity, which would examine compliance with the requirements of, for example, the Factories Act, the Environmental Protection Act etc.

Specific audits may be carried out by personnel assigned to the Safety advisor, who do not necessarily require specialist health and safety knowledge. For example, an audit of the effectiveness of personal protective equipment standards simply requires a person with knowledge of the rules and systems relating to this subject. However, to audit the effectiveness of local exhaust ventilation used to control exposure to a toxic fume will require a competent person with detailed technical knowledge of certain engineering principles.

Specific audits may be planned in advance or at random [i.e. those affected may or may not be warned in advance] depending upon local circumstances and the audit objective. If the purpose of the audit is to ascertain the percentage of the workers using hearing protection in a noisy area, advance notice of the visit could result in artificially high compliance. However, if the purpose to discover whether people are using the correct type of personal protective equipment, it would be beneficial for those workers to have advance warning to ensure that their personal protective equipment is available for assessment by the auditor.


Audits should be carried out at a frequency that prevents decay of the Health and Safety management arrangements. Much will depend on the level of risk associated with the Organisation’s activities. Small Organisations with low risk activities may need to audit once a year. For larger Organisations with higher risk activities audits may be required every three to six months.

The initial audit may be the most difficult particularly if control of risks is ineffective. If controls are then enforced following the initial audit, subsequent audits will become simpler, for example once the relevant standards have been set and enforced, a monthly spot audit of the personal protective equipment compliance is easy to carry out and very effective.


Performance standards address the WHY, WHAT, HOW, WHO and WHEN of Health and Safety management. Auditing addresses the effectiveness of application of those standards. Effective audit systems assess the following aspects of Health and Safety management :

  • Health and Safety Policy
  • Organisational structure with respect to Health and Safety management
  • Planning and Policy implementation
  • Measuring systems
  • Reviewing systems and remedial action tracking

As with any investigation process, it is essential that the recommendations which are the outcome of the audits are fully addressed and acted upon. All actions should be formally addressed by the senior manager and either accepted or rejected in writing. In the latter case the reasons should be stated.

Failure to track remedial action can result in wasted efforts and resources. Delays can occur during this phase because some of the actions require further study, an implementation oppor-tunity in the future or perhaps the allocation of additional funds, which are not immediately available. Such delays can lead in some instances to the action or activity being overlooked.

Tracking systems should be devised to allow specific action arising from audits or investigations to be allocated to individuals with a set time-scale; this follow up action can then be regularly and automatically monitored.


There are three options in selecting an audit system. The system can be developed entirely ‘Inhouse’, or an ‘off the shelf’ system from a specialist company can be used or a commercially available package can be adapted to suit the local needs.

In deciding which to select, the following questions should be considered:

1. If the organisation has no experience of developing Safety Management Systems, is it capable of developing an effective audit system itself?

2. Is there a competent person[s] within the organisation with the essential knowledge and skills required? Expertise is particularly important in the following areas:

  • Principles of Loss Control
  • Causes and Effects of Loss
  • Motivational Skills
  • Methods to improve Performance.

3. If there is no Competent Person, what would be the consequences in terms of wasted time, effort and money arising from failure to identify and control a critical activity?

Where expertise is available the development of an In house system may be the best option as the resulting system will be tailored totally to local needs.

However, although off-the-shelf systems may appear to be expensive initially, the time and effort required to develop the In house option must be offset against this. When provided by valuable companies of-the-shelf systems generally have some credibility in the health and safety area. This is an important consideration if auditing is used as supporting evidence to prove statutory compliance.

Off the shelf packages can be subdivided into those which solely provide an auditing facility and others which are a combined Health and Safety Management System and Auditing Package.

Some organisations provide Health and Safety Management programmes in addition to auditing programmes, for example the ‘International Safety Rating Systems [ISRS] from Det Norske Veritas [DNV] is used both for developing a Health and Safety Management System, and for auditing the effectiveness of the system. This system measures management performance in 20 ‘Elements’ of a Loss Control Programme [e.g. Management Training, Inspections and Accident Investigation].


Whatever system is selected, the approach used must be focused and objective. An effective audit system consists of a detailed questionnaire on every aspect of the Health and Safety Management System, checking that for each aspect a system is in place and is written down, communicated, understood, practised and reviewed and updated.

Many audit systems feature questionnaires which avoid open questions but instead elicit YES / NO answers. For example, the section of the audit system dealing with fire procedures might start with the following questions :

1. Is there a fire certificate covering the area?
2. Have fire marshals been appointed?
3. Have fire marshals been trained?

It is essential that the collection of information during the audit involves very little subjectivity, the use of straight forward YES / NO questions should ensure objectivity. Failure to apply this rigid auditing protocol will lead to vague, subjective responses to the auditor’s questions which can then lead to open interpretation and ambiguity and hence results that may be of very little value.


Auditing involves measuring the performance of personnel as well as compliance with systems of control. The following three groups should be audited:

1. Senior management should be audited on awareness and leadership in the local Health and Safety programme principles.

2. Middle management should be audited on the details of the local procedures and systems relating to Health and Safety management.

3. The workforce understands of Health and Safety and behaviour should be audited, findings serve as useful indicators on the level of compliance with procedures and practices and as evidence of management leadership and commitment to Health and Safety.


Most audit procedures have a scoring system. The ISRS system, for example, provides a numerical rating for each of the 20 Elements examined, and 10 level awards can be earned according to the scores achieved. Others, such as CHASE have a master score chart with which the organisation can arrive at an overall rating. This involves calculating a percentage score for each section by dividing the organisation’s score by the maximum score possible. This will identify the areas of weakness in Health and Safety Management control, guidance is given for each area to enable improvement in performance where scores are low. This auditing system is also available on computer disk, thereby simplifying circulation of the results.

Caution should be used when trying to draw conclusions by comparing audit ratings, particularly if different auditing systems and/or auditors have been used. Even when the same auditing system has been used, numerical comparison alone between two organisations can be misleading. For example, If company ‘A’ has a score of 65% and company ‘B’ has a score of only 50%, it may appear at first glance that company ‘A’ has the better safety performance. However, if in the previous year company ‘A’ had scored 85% and company ‘B’ only 15%, the reverse is likely to be the case.

Therefore, the only comparison with any true value is that obtained from the present audit, when viewed against the score from the previous one. In this way the audit can highlight trends and can indicate whether real improvements are being made.


In any organisation there is a hierarchy of responsibility. Where auditing is carried out the audit process should take account of this hierarchy. For example, a middle manager may have the task of providing safe systems of work and procedures. To establish that these are working at the point of risk, and to be certain that the manager has discharged his or her Health and Safety responsibilities, he or she may require a fairly comprehensive written report that measures performance in the critical [i.e. high risk] areas.

Senior managers will not require this degree of detail, but will require at the very least confirmation that the audit process has been carried out by the middle managers, that it is credible and that it has found an acceptable level of compliance.

The Board of Directors will not normally concern itself with the minutes of the audit content, but will generally require only an assurance that the necessary audits have been successfully carried out. A brief executive summary will suffice, with supplementary information available if required.


In order to carry out meaningful, comprehensive Safety Audits those undertaking the work must be competent in the techniques of Auditing, Health and Safety and Loss Control management and the principles of the Causes and Prevention of Loss. Unless a simple proforma question and answer audit system is used, this will generally restrict auditors to:

1. Health and Safety specialists

2. Line managers and supervisors with additional training in Health and Safety auditing techniques

3. External consultants or audit specialists.

There is also a requirement for auditors to possess good interpersonal skills, because it is easy for the auditing process to result in ‘confrontation’ between the auditor and those being audited. An objective, not critical , approach is needed. The identification of the deficiencies is necessary to help improve performance and should not be seen as a means to attribute blame.

Even with these qualifications, human fallibility will make it difficult for an individual auditor to maintain a constant high standard of responsibility within audit regimes, particularly in the case of comprehensive audits or audits of very large organisations, which may last for several days. To overcome this, it may be beneficial to have an audit team, consisting of two or more auditors.

Additionally, to ensure a uniform approach at all times, some degree of ‘auditing the auditor’ should take place. This is only possible where the audit protocol is such that the auditor’s report is itself auditable. To meet this requirement the audit itself must be very focused and objective, leaving little to the discretion of the auditor. Despite this precaution, even the best audit document may contain some elements which are open to interpretation and so strict guidelines on interpretation should be provided. Only then can an independent authority assess the auditor’s performance via the document against the stated guidelines.

Examples of the criteria against which audits and auditors can be evaluated include:

1. Checking the thoroughness of support and verification documentation ([i.e. ‘backup’ documentation supplied to confirm the audit findings).
2. Assessing the value of the auditor’s notes and the relevance of the recommendations to the audit findings
3. Establishing whether the audit was submitted within the time scale specified.


Safety Auditing is part of the process of continuous improvement, beginning with the development of a health and safety policy and identification of the organisational structure, followed by assessment and planning of performance standards, systems and activities, and continuing with measurement of performance. This leads to a performance review, which may indicate that certain areas require improvement.

For the review part of the process to operate efficiently, any audit findings must have credibility and the report document must have standing with those who are subject to its requirements. The recommendations must be meaningful, with a realistic time scale and allocation of action.

The report must be formally accepted and the recommendations endorsed by the senior Manager to provide the necessary impetus to the implementation process. Once the audit report recommendations have been accepted by the senior manager, arrangements should be made through the Health and Safety manager to develop an implementation action plan. At this time a review should be carried out of the existing revisions made.

Basically a Mechanial Engineer, Shri Kanchan has obtained Diploma in Industrial Safety, ISTD, Occupational Health and Safety. He is a accredited Safety Auditor from Royal Society (UK). Having working experience of 42 years Shri Kanchan is associated with many professional activities. He is board member, member, co-chairman on many professional bodies. He has presented papers in National and Internatonal Conferences and carried out Safety Audit in various industries. He is a visiting faculty too.