Introduction to Auditing 2012 Safety Groups – Advantage Program Tom Welton March 30, 2012
Overview Objective The Basics Audit Process Management Case Study Principles of Auditing Audit Process Preparation & Initiation Document Review Evidence Findings Management Management Review Action Plan Case Study 2012 Safety Groups Introduction To Auditing
Objective To provide you an introduction to the basic process of conducting an audit of your Health and Safety Management System. 3
What is a HSMS? Health and Safety Management System (HSMS) The Basics What is a HSMS? Health and Safety Management System (HSMS) The documented process that fully incorporates effective risk management principles into a health and safety program.
The Basics What is auditing? The systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled
Other Audits Workwell Audits The Basics Other Audits Workwell Audits Compliance Audits (against legal requirements) Combined Audits (for example, H&S and Environment) Risk Audits/Risk Assessments Workplace Inspections Pre-start-up Inspections Subject Specific – for example: RTW Self-Assessment Confined Space Audit/Assessment Emergency Preparedness & Response Audit Second party audits (for example, customers or suppliers) 6
The Basics Why audit? To provide Owner/Senior Management with objective information on which they can react to improve their health and safety activities
Definitions Conformity The Basics Definitions Conformity Conformity is the fulfillment of the audit criteria which includes requirements of an audit standard, the workplace’s health and safety policies, practices, procedures and related documentation. Nonconformity Nonconformity is the non-fulfillment of, or deviation from, the requirements. It is categorized as Major and Minor. 8
5 Steps to Managing Health & Safety The Basics 5 Steps to Managing Health & Safety The 5 steps apply to the Advantage Program requirements The 5 steps apply to each element of the HSMS Review and must be documented/recorded for each
Principles of Auditing The Basics Principles of Auditing Audit Scope Extent and boundaries of an audit Note: The audit scope generally includes a description of the physical locations, organizational units, activities and processes, as well as the time period covered. Audit Criteria Audit criteria are used as a reference against which audit evidence is measured. In the WSIB Advantage Program the criteria includes; the requirements documented in the HSMS Review Form and the firm’s health and safety program, policies, procedures and related documents. 10
Principles of Auditing (cont’d) The Basics Principles of Auditing (cont’d) Audit Evidence Records, statements of fact or other information, which are relevant to the audit criteria and verifiable. (minimum two different sources of evidence). Audit Findings/Conclusions Results of the evaluation of the collected audit evidence against audit criteria. Note: The audit findings can indicate either conformity or nonconformity with audit criteria. Auditing relies on these principles to make it effective and reliable. 11
Key Concepts What is Auditing The Basics Key Concepts What is Auditing The systematic, independent and documented process for obtaining audit evidence and evaluating it objectively against established audit criteria Why Audit To provide Owner/Senior Management with information on which they can react to improve their health and safety activities 12
Key Concepts Auditing Principles The Basics Key Concepts Auditing Principles Scope – extend and boundaries of an audit Criteria – a set of established requirements the audit evidence is evaluated against. The criteria for Advantage firms is - HSMS Review Form and the firm’s H&S program, policies, procedures and other related documents. Evidence – records, statements of fact or other information, which are relevant to the audit criteria and verifiable (minimum two sources of information) Findings – evidence compared to criteria 13
Audit Process Key Concepts An audit is conducted in a systematic manner and requires preparation Document Review collects information to help determine if the audit criteria are being met by the firm 14
Audit Process Key Concepts There are multiple sources of evidence: documents, records, interviews and observations Auditor(s) need sufficient information before it is considered evidence Recorded evidence is evaluated against established audit criteria to determine objective audit findings Finding of conformity or nonconformity (major or minor) Nonconformities are situations where a requirement clearly has not been fulfilled with evidence based on objective facts 15
Key Concepts The audit report can be recorded on the HSMS Review Form Management Key Concepts The audit report can be recorded on the HSMS Review Form Other styles of audit reports can be used, as long as they include all nonconformities found and relate it to the criteria requirements Report any commendable HSMS findings Management Review can be formal or informal Owner/Senior Management must understand and agree to the audit findings/conclusions. Any diverging opinions are recorded if not resolved. 16
Management Key Concepts All nonconformities are included and initiated in the action plan Conformities can be included in the action plan for continual improvement Resolving nonconformities and verifying they are resolved are done after audit activities 17
The Audit Process The Basics Document Review Evidence Findings INITIATING CONDUCT THE AUDIT AUDIT REPORT MANAGEMENT REVIEW ACTION PLAN Document Review Evidence Findings
Initiate and Prepare Management assigns the qualified auditor(s) Audit Process: Initiate Initiate and Prepare Management assigns the qualified auditor(s) Develop an audit plan which includes: Objectives, Scope, Criteria, Schedule Resources: Time Audit support (team) Health and Safety Equipment (PPE) Floor Plan, Equipment List, Work room Audit working documents (audit notes/sketches/interview notes etc.) Communicate the audit activity to appropriate workplace parties 19
Document Review Documents and Records Audit Process: Conduct the Audit Document Review Documents and Records A document may be a policy, a procedure, a work instruction, a form, or other written information, that generally gives direction. A document is current, active and changeable. A record is dated, historical, and unchangeable. (An obsolete document may become a record). 20
Document Review First step in Conducting the Audit Audit Process: Conduct the Audit Document Review First step in Conducting the Audit Establishes initial conformity to the audit criteria Determines other types of evidence the auditor(s) will sample 21
Forms, checklists, templates, & other “data collection” documents Audit Process: Conduct the Audit Document Review Policy System Procedures Operating Procedures Work Instructions Forms, checklists, templates, & other “data collection” documents RECORDS Level 1 Docs What? (some why?) H&S Policy Statement H&S Policy Manual (optional) Level 2 Docs 5W’s & H of system Typically addresses each WSIB HSMS Requirement “Big Picture” (may be organized by “processes”) Level 3 Docs - more details of 5W’s & H Typically organized by department Level 4 Docs detailed How Task Specific Instructions
Audit Process: Conduct the Audit Audit Evidence Auditor(s) look for evidence that demonstrates requirements have been met. The sources of information gathered are grouped into these categories: Documents verify relevant, clear and complete procedures, work instructions, guidelines, etc., are readily accessible Records: verify appropriate records have been kept to demonstrate that requirements of procedures and the standard have been met Observations: verify activities, workplace conditions, controls are in place Interviews: verify health and safety system/program understanding. 23
Audit Process: Conduct the Audit Audit Evidence If all available sources of information (minimum 2) are consistent then the information may be considered evidence of conformity. Inconsistent information is evidence of nonconformity. Evidence is measured against the audit criteria to determine conformity or nonconformity 24
Audit Evidence Collecting and Verifying Information: Audit Process: Conduct the Audit Audit Evidence Collecting and Verifying Information: Review Documents and Records Note details of documents and records reviewed Observations while at the facility and throughout the audit Note relevant observations that demonstrate conformity and nonconformity Interviews during the facility tour and throughout the audit Conduct interviews appropriate to the situation and the person Interview people from appropriate levels and functions Make notes of evidence of conformity and nonconformity Summarize the results of the interview with the person 25
Audit Evidence Collecting and Verifying Information: Audit Process: Conduct the Audit Audit Evidence Collecting and Verifying Information: How much is enough? Sufficient to demonstrate a consistent pattern of conformance One piece might be enough, for example: maybe only one incident occurred so there will be only one investigation report observed one failure to use confined space procedure; only one work instruction Perhaps 10 to 50 pieces may be appropriate, for example: monthly workplace inspections pre-shift forklift inspections 26
Audit Findings Generating Audit Findings/Conclusions: Audit Process: Findings Audit Findings Generating Audit Findings/Conclusions: Evaluate all audit evidence against audit criteria During the audit, evidence must be presented that the criteria are in place for conformity. If any requirement is not met, a nonconformity is noted. Audit findings/conclusions indicate conformity or nonconformity to criteria Note: Any corrective actions to a nonconformity does not change the audit finding/conclusion. 27
Audit Conclusion Conformity Audit Process: Findings Audit Conclusion Conformity Conformity is the fulfillment of the audit criteria which includes requirements of an audit standard, the workplace’s health and safety policies, practices, procedures and related documentation. Nonconformity Nonconformity is the non-fulfillment of, or deviation from, the requirements. It is categorized as Major and Minor. 28
Audit Conclusions MAJOR nonconformities: MINOR nonconformities: Audit Process: Findings Audit Conclusions MAJOR nonconformities: the issue will continue to occur because of how the HSMS and health and safety program are structured there is unacceptable risk to a worker’s health or safety there are serious legal implications, or there is an accumulation of related minor nonconformities. MINOR nonconformities: the HSMS and the health and safety program structures are valid, but there was minor deviation (e.g. human error) there is no unacceptable risk to the worker there are no significant legal implications, and there is not an accumulation of related minor nonconformities. 29
Management: Audit Report The report must reference the requirement (i.e. A.2), and the evidence that supports the findings/conclusions of conformity and nonconformity Indicate any situations encountered that may decrease the reliability of the audit conclusion Diverging opinions about findings and conclusions should be discussed, resolved if possible, and recorded if not resolved The report must include the date(s) of the audit, report date, auditor(s) name Auditor(s) prepare to present or discuss the audit with the Owner/Senior Management Note – For Advantage the completed HSMS Review Form can be the report submitted for Management Review. 30
Management Review Owner/Senior Management reviews the audit report Ensure the Owner/Senior Management agrees with and understands the audit conclusions A record of the Owner/Senior Management review Establish a timeframe for the employer’s continual improvement plan 31
Action Plan As a result of the audit findings/conclusions: Management: Action Plan Action Plan As a result of the audit findings/conclusions: An action plan is developed for all nonconformities The action plan outlines how nonconformities will be corrected, responsibilities assigned and timelines established. The action plan is developed or reviewed, approved, resourced and initiated by the Owner/Senior Management. The employer’s auditor(s) may conduct follow-ups to ensure the element is progressing to conformity Note – for the Advantage Program the continual improvement plan is the action plan. 32
Action Plan An action plan can also be used for continual improvement Management: Action Plan Action Plan An action plan can also be used for continual improvement When a criteria requirement is met, but may deteriorate into a nonconformity, the audit may indicate an opportunity to improve. Continual Improvement The process of enhancing the HSMS to achieve ongoing improvement in overall health and safety performance. Improved performance on its own IS NOT continual improvement, it is an outcome – you must improve the way you manage. 33
Year-End Submission 34
Case Study