Audit_4801 Safety Management Systems_Report Example

Total Imagination ServicesAUDIT_ 4801 OCCUPATIONAL HEALTH & SAFETY MANAGEMENT SYSTEMAUDIT TABLE OF RESULTS

AUDIT SPECIFICATIONS

Audit Number: 00001

Worksite/Operation Total Imagination ServicesLocation/Address 1 Imaginary Way

Number of Workers on this worksite 50Number of workers to be surveyed 10

Personnel Responsible for site operations: John SnowResponsible Senior Manager for Organisation: Eddard Stark

Date of Audit: 30/02/2014Auditor: Ian Munro

This audit is prepared with consideration of those systems present in writing and sampled in the workplace. The audit provides no warranty of compliance but is only a review of those items available and present in the work environment sampled, at the time of the audit and that were made obvious to the auditor. The provision of opinion based on this audit tool is not given as legal advice or for the purposes of validating legal compliance and all suggestions made regarding the audit; its content; its outcome and the expression of any opinion should be independently verified by the party requesting the audit or any party that may review or act on anything contained herein.

Audit Table of Contents

Page 1 of 16


AUDIT SPECIFICATIONS 1Recorded Findings...................................................................................................................................................... 3

4.01 GENERAL REQUIREMENTS 34.01.01 Specifications for General Requirements........................................................................................ 3

4.02 OHS POLICY 34.02.01 Specifications for OHS Policy Requirements...................................................................................3

4.03 PLANNING 34.03.01 Planning identification of hazards, hazard/risk assessment and control of hazards/risks...............34.03.02 Legal and other requirements.......................................................................................................... 34.03.03 Objectives and targets..................................................................................................................... 44.03.04 OHS management plans.................................................................................................................. 4

4.04 IMPLEMENTATION 44.04.01 Structure and responsibility.............................................................................................................. 4

4.04.01.01 Resources 44.04.01.02 Responsibility and accountability 4

4.04.02 Training and competency................................................................................................................. 44.04.03 Consultation, communication and reporting.....................................................................................5

4.04.03.01 Consultation 54.04.03.02 Communication 54.04.03.03 Reporting 5

4.04.04 Documentation................................................................................................................................. 54.04.05 Document and data control.............................................................................................................. 54.04.06 Hazard identification, hazard/risk assessment and control of hazards/risks....................................5

4.04.06.01 General Hazard/Risk Requirements 54.04.06.02 Hazard identification 54.04.06.03 Hazard/risk assessment 64.04.06.04 Control of hazards/risks 64.04.06.05 Evaluation 6

4.04.07 Emergency preparedness and response.........................................................................................6

4.05 MEASUREMENT AND EVALUATION 74.05.01 Monitoring and Measurement.......................................................................................................... 7

4.05.01.01 General Monitoring and Measurement 74.05.01.02 Health surveillance 7

4.05.02 Incident investigation, corrective and preventive action...................................................................74.05.03 Records and records management..................................................................................................74.05.04 Safety Management System audit................................................................................................... 8

4.06 MANAGEMENT REVIEW 84.06.01 Specifications for Management Review Requirements...................................................................8

AUDIT TABLE OF RESULTS 10Summary of Results.................................................................................................................................................. 10Audit Results Spider Charts....................................................................................................................................... 11Table of Improvements.............................................................................................................................................. 12Audit Actions Table for Non-Conformances............................................................................................................... 14

Page 2 of 16


Recorded Findings

No. SECTION QUESTIONS Audit Response

4.01 General requirements No4.01.01 Specifications for General Requirements No4.01.01.01 Has the organisation established an SMS? Yes4.01.01.02 Is that SMS maintained in accordance with AS/NZS ISO 4801? No

Comments: In the audit there were discrepancies noted between the organisations SMS and the standard. These are detailed in the following.

No

4.02 OHS Policy No4.02.01 Specifications for OHS Policy Requirements No4.02.01.01 Is there an OHS policy authorized by the organisations top management (e.g. signed by top management)? Yes4.02.01.02 Does it clearly state the overall OHS objectives? Yes4.02.01.03 Does it demonstrate a commitment to improving OHS performance? Yes4.02.01.04 Does the policy comply with all of the below: No4.02.01.05 - Appropriate to the nature and scale of the organisation’s risks Yes4.02.01.06 - Refer to measurable objectives and targets Yes4.02.01.07 - Refer to a commitment to comply with relevant OHS legislation and other requirements Yes4.02.01.08 - Documented Yes4.02.01.09 - Implemented Yes4.02.01.10 - Maintained Yes4.02.01.11 - Communicated to all employees No4.02.01.12 - Available to interested parties No4.02.01.13 - Reviewed periodically to ensure it remains relevant and appropriate to the organisation. Yes4.02.01.14 Has the policy been approved by any other parties: O Yes O

No4.02.01.15 - OHS representatives; OHS committees; regulatory authorities; community groups; Others (list above) O Yes O

NoComments: The policy has not been communicated to all employees is not distributed or available to visitors or contractors. No

4.03 Planning No4.03.01 Planning identification of hazards, hazard/risk assessment and control of hazards/risks No4.03.01.01 Does the organisation have established implemented and maintained procedures for all the following: Yes4.03.01.02 - Hazard identification Yes4.03.01.03 - Risk assessment Yes4.03.01.04 - Control of risks Yes4.03.01.05 Are these for activities over which the organisation has control or influence? Yes4.03.01.06 Do they include activities of contractors and suppliers over which the organisation has control or influence? No4.03.01.07 Does the procedure include where necessary the following: No4.03.01.08 - Legislative requirements Yes4.03.01.09 - Codes of practice and standards where necessary No4.03.01.10 - Other aspects of the safety management system (SMS) Yes4.03.01.11 - The conditions/frequency for hazard identification/risk assessment Yes4.03.01.12 Are assessments undertaken by persons who are: Yes4.03.01.13 - Trained in risk assessment Yes4.03.01.14 - Trained or experienced in the work being done Yes4.03.01.15 Does the hazard identification/risk assessment take into account all the following: Yes4.03.01.16 - Chemical hazards Yes4.03.01.17 - Physical hazards Yes4.03.01.18 - Biological hazards Yes4.03.01.19 - Ergonomics Yes4.03.01.20 - Psychological hazards Yes

Comments: Contractors are not considered and there is no list of codes of practice that are relevant to the work being undertaken

No

4.03.02 Legal and other requirements No4.03.02.01 Relevant to the OHS issues of the organisation, does the organisation have a list of: No4.03.02.02 - Legislation Yes4.03.02.03 - Codes of practice No4.03.02.04 - Standards (AS/NZ or ISO) No4.03.02.05 - Other guidelines or reference materials Yes4.03.02.06 Relevant to the OHS issues of the organisation, does the organisation have access to all of the below: No4.03.02.07 - Legislation Yes4.03.02.08 - Codes of practice No4.03.02.09 - Standards (AS/NZ or ISO) No4.03.02.10 - Other guidelines or reference materials Yes

Comments: There is no list of codes or standards and no evidence that all relevant codes and standards have been considered. A compliance register that shows how the SMS meets the relevant legislation, including codes and standards, may assist in showing compliance.

No

4.03.03 Objectives and targets

Page 3 of 16



4.03.03.01 Does the organisation have established implemented and maintained documented OHS objectives and targets? Yes4.03.03.02 Do they contribute to improving OHS performance? Yes4.03.03.03 Are these consistent with the OHS Policy? Yes4.03.03.04 Are they measurable? Yes4.03.03.05 Aer they monitored and reviewed for currency/relevance? Yes4.03.03.06 Are their results reported to management? Yes

Comments:4.03.04 OHS management plans No4.03.04.01 Is there an OHS Management plan that: No4.03.04.02 - Identifies OHS responsibilities for specific people within the organisations hierarchy No4.03.04.03 - Determine time frames for when objectives and targets are to be achieved Yes4.03.04.04 Is the procedure for management plans to be regularly reviewed? Yes4.03.04.05 Do the reviews occur: Yes4.03.04.06 - At planned intervals Yes4.03.04.07 - When change is necessary (due to changes in work, legislation or other requirements) Yes4.03.04.08 - When new activities are undertaken Yes4.03.04.09 Do the plans include: Yes4.03.04.10 - Planning Yes4.03.04.11 - Design Yes4.03.04.12 - Production Yes4.03.04.13 - Maintenance Yes

Comments: There are no accountabilities included in the safety management plan. A list or responsible roles and their accountabilities and inclusion of these accountabilities in the relevant position descriptions may provide appropriate evidence for compliance.

No

4.04 Implementation No4.04.01 Structure and responsibility No4.04.01.01 Resources4.04.01.01.01 Has management identified and provided the resources required to implement, maintain, and improve the SMS? Yes4.04.01.11.01 Do the resources include: Yes4.04.01.21.01 - Human resources Yes4.04.01.31.01 - Specialized skills Yes4.04.01.41.01 - Technology Yes4.04.01.51.01 - Financial resources Yes4.04.01.61.01 - Resources for operational personnel Yes

Comments:4.04.01.02 Responsibility and accountability No4.04.01.02.01 Has the organisation defined accountabilities for all personnel with OHS responsibilities? No4.04.01.02.02 Has the organisation defined accountabilities for contractors over which the organisation has control or

influence?No

4.04.01.02.03 Has management appointed specific management representatives who have responsibilities for OHS? Yes4.04.01.02.04 Do these representatives have the responsibility to ensure that OHS requirements are: No4.04.01.02.05 - Established No4.04.01.02.06 - Implemented No4.04.01.02.07 - Maintained No4.04.01.02.08 Do these representatives have the responsibility to report on OHS performance for management review? Yes

Comments: There are OHS personnel with accountabilities, these have not been defined for other roles/positions (i.e. managers, supervisors, etc) or for contractors. Inclusion of accountabilities in position descriptions and in a contractor management system may provide a means for compliance.

No

4.04.02 Training and competency No4.04.02.00.01 Is there a training matrix that details training required to perform work competently? Yes4.04.02.00.02 Is OHS training included in that matrix? Yes4.04.02.00.03 Are personnel assessed as competent based on their: Yes4.04.02.00.04 - Education Yes4.04.02.00.05 - Training Yes4.04.02.00.06 - Experience Yes4.04.02.00.07 Is the training requirements considered for contractors over which the organisation has control or influence? No4.04.02.00.08 Is training carried out by a person who has appropriate knowledge, skills, and experience in OHS and training? Yes4.04.02.00.09 Is there an induction that includes OHS responsibilities and applies to: Yes4.04.02.00.10 - Existing personnel Yes4.04.02.00.11 - New Personnel Yes4.04.02.00.12 - Contractors No4.04.02.00.13 - Visitors No

Comments: There is no contractor control/review procedures and competency of contractors is not considered. I contractor management policy/procedure where safety critical training is considered may provide a means for compliance.

No

4.04.03 Consultation, communication and reporting No4.04.03.01 Consultation4.04.03.01.01 Are the documented procedures for OHS consultation? Yes

Page 4 of 16



4.04.03.01.02 Is consultation recorded and OHS issues tracked? Yes4.04.03.01.03 Have these been agreed to by the workers? Yes4.04.03.01.04 Are workers given adequate opportunity and encouragement to participate in OHS matters? Yes4.04.03.01.05 Have workers: Yes4.04.03.01.06 - Been involved in the development, implementation and review of policies and procedures for hazard and risk

assessmentYes

4.04.03.01.07 - Been consulted on changes that affect OHS in the workplace Yes4.04.03.01.08 - Have selected representation in accordance with legislative requirements Yes4.04.03.01.09 - Been informed as to the consultation process and safety representatives (if safety representatives are

applicable)O Yes O

No4.04.03.01.10 Where there are committees and safety representatives, have they been trained in accordance with legislation? O Yes O

NoComments:

4.04.03.02 Communication4.04.03.02.01 Is there a means to receive OHS information from workers and to provide feedback to them? Yes

Comments:4.04.03.03 Reporting4.04.03.03.01 Are there procedures for the reporting of: Yes4.04.03.03.02 - OHS performance reporting (including results of OHS audits and reviews) Yes4.04.03.03.03 - Reporting of incidents and system failures Yes4.04.03.03.04 - Reporting on hazard identifications Yes4.04.03.03.05 - Reporting on hazard/risk assessment Yes4.04.03.03.06 - Reporting on preventive and corrective action Yes4.04.03.03.07 - Statutory reporting requirements Yes4.04.03.03.08 Are incidents reported in accordance with AS 1885.1 or as required by legislation? No

Comments:4.04.04 Documentation4.04.04.01 Is there a means (paper or electronic) to: Yes4.04.04.02 - Describe the core elements of the management system and their interaction Yes4.04.04.03 - Provide direction to related documentation. Yes

Comments:4.04.05 Document and data control No4.04.05.01 Are there procedures to ensure that all relevant documentation is: No4.04.05.02 - Readily accessible No4.04.05.03 - Periodically reviewed Yes4.04.05.04 - Approved for adequacy by competent and responsible personnel Yes4.04.05.05 - Current, with all obsolete materials removed from points of issue No4.04.05.06 - Archived where necessary for reference or legal purposes Yes4.04.05.07 - Legible and dated for version and revision control Yes4.04.05.08 - Only created or changed under appropriate approval Yes

Comments: There is no means of making OHS information readily available to contractors and visitors. There is also some old forms identified as in use. A systems where forms and policies/procedures are kept that is readily accessible to personnel (e.g. intranet) may assist in compliance.

No

4.04.06 Hazard identification, hazard/risk assessment and control of hazards/risks No4.04.06.01 General Hazard/Risk Requirements4.04.06.01.01 Are there established, implemented and maintained documented procedures for: Yes4.04.06.01.02 - Hazard identification Yes4.04.06.01.03 - Hazard/risk assessment Yes4.04.06.01.04 - Control of hazards/risks Yes4.04.06.01.05 - Evaluation of effectiveness of these steps Yes

Comments:4.04.06.02 Hazard identification No4.04.06.02.01 Do hazard identification procedures take into account: Yes4.04.06.02.02 - The situation or events or combination of circumstances that has the potential to give rise to injury or illness Yes4.04.06.02.03 - The nature of potential injury or illness relevant to the activity, product or service Yes4.04.06.02.04 - Past injuries, incidents and illnesses Yes4.04.06.02.05 Does the hazard identification process include consideration of the: No4.04.06.02.06 - Way work is organized, managed, carried out and any changes that occur in this Yes4.04.06.02.07 - Design of workplaces, work processes, materials, plant and equipment Yes4.04.06.02.08 - Fabrication, installation and commissioning and handling and disposal (of materials, workplaces, plant and

equipment)Yes

4.04.06.02.09 - Purchasing of goods and services Yes4.04.06.02.10 - Contracting and subcontracting of plant, equipment, services and labour including contract specification and

responsibilities to and by contractorsNo

4.04.06.02.11 - Inspection, maintenance, testing repair and replacement (of plant and equipment) YesComments: Contractors are not considered in hazard identification. A contractor management policy/procedure enabling

contractors to report hazards may provide a means for compliance.No

Page 5 of 16



4.04.06.03 Hazard/risk assessment No4.04.06.03.01 Are controls applied based on the level of risk that they will mitigate i.e. most effective control applied first? Yes4.04.06.03.02 Do hazard/risk assessments consider that arise in: Yes4.04.06.03.03 - Normal operating conditions Yes4.04.06.03.04 - Abnormal operating conditions (e.g. shut-down, start-up, inclement weather, misuse) Yes4.04.06.03.05 - Incidents and emergency situations Yes4.04.06.03.06 - Past, current and planned activities Yes4.04.06.03.07 Is there a documented hazard identification/reporting system and are records kept? No4.04.06.03.08 Is there a documented risk assessment system and are records kept? Yes4.04.06.03.09 Do risk assessments contribute to organisational targets and goals? Yes4.04.06.03.10 Do OHS management plans include risk assessment and hazard reporting? Yes4.04.06.03.11 Are workers consulted on the results of risk assessments and d hazard reporting? Yes4.04.06.03.12 Are workers undertaking risk assessment trained in risk assessment techniques? Yes

Comments: Not all hazards are reported or documented. Although hazard reporting is mentioned in policy there isn't a documented process for reporting and documenting the hazard or the action taken to resolve it.

No

4.04.06.04 Control of hazards/risks No4.04.06.04.01 Is a hierarchy of controls used? Yes4.04.06.04.02 Is the hierarchy in the following order; Eliminate; Substitute; Isolate; Engineering; Administrative; PPE? Yes4.04.06.04.03 Are controls identified at the design stage of the product? Yes4.04.06.04.04 Is the requirement to comply with OHS legislation and relevant Standards considered? Yes4.04.06.04.05 Where there are work instructions have they been developed in consultation with persons competent in the

work?Yes

4.04.06.04.06 Is there a Permit to Work system for high risk tasks (Work at height, confined space, etc)? Yes4.04.06.04.07 Is PPE considered? Yes4.04.06.04.08 Is training considered? Yes4.04.06.04.09 Is their appropriate worker supervision relative to the workers capabilities? Yes4.04.06.04.10 Is there a maintenance schedule for plant/equipment that includes inspections, maintenance, repairs and

alterations?Yes

4.04.06.04.11 Are there appropriate controls for plant/ equipment that is in the process of being maintained? Yes4.04.06.04.12 Are there procedures for unsafe plant/equipment to be identified and withdrawn from service? Yes4.04.06.04.13 Is there a process for plant/equipment isolation? No4.04.06.04.14 Where training is required are there procedures to ensure only trained personnel undertake a task? Yes

Comments: There is no isolation process for plant under maintenance or that is out of service. A policy/procedure with the necessary tagging system may provide a means for compliance.

No

4.04.06.05 Evaluation No4.04.06.05.01 Is there a process in place that control measures are reviewed: Yes4.04.06.05.02 - On a regular basis Yes4.04.06.05.03 - When there has been a failure Yes4.04.06.05.04 - Given a change in the work process Yes4.04.06.05.05 - Given a change in OHS policy Yes4.04.06.05.06 Is there a process to monitor and review the safety performance of contractors? No

Comments: The safety performance of Contractors is not considered in hazard identification. A contractor management policy/procedure enabling contractors to report hazards may provide a means for compliance.

No

4.04.07 Emergency preparedness and response No4.04.07.01 Have potential emergency situations been identified? No4.04.07.02 Are there emergency procedures documented for preventing and mitigating associated illness and injury? Yes4.04.07.03 Is there a method of review of emergency preparedness and response procedures? Yes4.04.07.04 Does it include review after the occurrence of incidents or emergency situations? Yes4.04.07.05 Are the emergency procedures tested periodically i.e. drills and preparedness testing? No4.04.07.06 Are there responsibilities allocated to specific personnel for control of emergency situations? No4.04.07.07 Have these responsibilities been communicated to these personnel? No4.04.07.08 Has relevant training been identified and have these personnel undertaken such training? No4.04.07.09 Have emergency instructions and emergency contacts been clearly communicated throughout the organisation? No4.04.07.10 Is emergency equipment, exit signs and alarm systems inspected, tested and maintained at regular intervals? No4.04.07.11 Has the location and accessibility of emergency equipment been assessed by competent persons? No

Comments: There is an emergency policy but no detailed and documented procedures for what to do in emergencies. With multiple sites, each site should have a relevant emergency management plan.

No

4.05 Measurement and evaluation No4.05.01 Monitoring and Measurement No4.05.01.01 General Monitoring and Measurement4.05.01.01.01 Has the organisation established and implemented documented procedures to monitor and measure the

operations and activities that can cause illness and injury?Yes

4.05.01.01.02 Is appropriate equipment for monitoring and measuring health and safety risks: Yes4.05.01.01.03 - Identified Yes4.05.01.01.04 - Calibrated Yes4.05.01.01.05 - Maintained Yes4.05.01.01.06 - Stored as necessary Yes4.05.01.01.07 Does the organisation have and maintain procedures to monitor: Yes

Page 6 of 16



4.05.01.01.08 - OHS Performance Yes4.05.01.01.09 - Effectiveness of controls Yes4.05.01.01.10 - Conformance with the organisation’s objectives and targets Yes4.05.01.01.11 - Compliance with relevant OHS legislation Yes4.05.01.01.12 Does monitoring consider inspections of: Yes4.05.01.01.13 - Potentially hazardous processes to ensure that controls have been effective Yes4.05.01.01.14 - Plant e.g. pressure vessels to ensure conformity with regulatory requirements Yes4.05.01.01.15 - Work areas to ensure that specific site safety rules are followed Yes4.05.01.01.16 - Work sites to ensure that controls are effective and to demonstrate the commitment of management to SMS Yes4.05.01.01.17 - Environmental e.g. flammable gases, fire hazards Yes4.05.01.01.18 - Personal e.g. noise dosimetry, health monitoring Yes

Comments:4.05.01.02 Health surveillance No4.05.01.02.01 Has the organisation identified those situations where employee health surveillance is required? No4.05.01.02.02 Are appropriate health reviews conducted? No4.05.01.02.03 Do employees have access to their own individual results? No4.05.01.02.04 Where specified by legislation, is the health of employees exposed to specific hazards monitored and recorded? No

Comments: There is no identified process for assessing if health surveillance is necessary. A risk assessment that considers the organisations operations and work processes that requires mandatory testing e.g. exposure to noise, isocyanates; asbestos, etc may provided a basis for assessing if health surveillance is required and defining what circumstances and controls are required to either precipitate surveillance or mitigate its requirement.

No

4.05.02 Incident investigation, corrective and preventive action4.05.02.01 Has the organisation established procedures for: Yes4.05.02.02 - Investigating, responding to, and taking action to minimize any harm caused from incidents Yes4.05.02.03 - Investigating and responding to system failures Yes4.05.02.04 - Initiating and completing appropriate corrective and preventive action Yes4.05.02.05 - Identifying the root causes of incidents Yes4.05.02.06 - Implementing or modifying controls necessary to avoid repetition of the incident Yes4.05.02.07 - Recording any changes in written procedures resulting from the corrective action Yes4.05.02.08 Does the organisation record any changes in the SMS resulting from incident investigations? Yes4.05.02.09 Are there escalations in the level of investigation based on risk? Yes4.05.02.10 Do investigations include frontline managers and supervisors? Yes4.05.02.11 Are there personnel trained in incident investigation? Yes4.05.02.12 Are responsibilities assigned for implementing corrective actions to identified personnel? Yes4.05.02.13 Are corrective actions discussed with personnel affected prior to implementation? Yes4.05.02.14 Are corrective actions evaluated to determine their effectiveness? Yes

Comments:4.05.03 Records and records management No4.05.03.01 Is there a system for the management of OHS records? No4.05.03.02 Does it include audits and reviews? Yes4.05.03.03 Are OHS records: Yes4.05.03.04 - Legible Yes4.05.03.05 - Identifiable Yes4.05.03.06 - Traceable to the activity Yes4.05.03.07 Are OHS records readily retrievable and protected against damage, deterioration or loss? Yes4.05.03.08 Are retention times established and recorded? No4.05.03.09 Do the OHS records include: No4.05.03.10 - External (e.g. legal) and internal (i.e. OHS performance) requirements Yes4.05.03.11 - OHS training records Yes4.05.03.12 - Permits to work and other employee qualification information Yes4.05.03.13 - Process information Yes4.05.03.14 - Product information (including composition) Yes4.05.03.15 - Equipment information Yes4.05.03.16 - Inspection, maintenance and calibration records Yes4.05.03.17 - Monitoring data Yes4.05.03.18 - Pertinent contractor and supplier information No4.05.03.19 - Details of incidents, complaints and follow-up action Yes4.05.03.20 - Information of emergency preparedness and response No4.05.03.21 - Hazard identification and hazard/risk assessments Yes4.05.03.22 - Audit results Yes4.05.03.23 - Management reviews Yes

Comments: Records management appears ad hoc, with no policy/procedure that identifies what records must be kept; for how long; and how.

No

4.05.04 Safety Management System audit No4.05.04.01 Are there procedures for periodic SMS audits? Yes4.05.04.02 Are these carried out by a competent person? Yes4.05.04.03 Are the audits used to determine whether the SMS: Yes

Page 7 of 16



4.05.04.04 - Conforms to the requirements of this Standard Yes4.05.04.05 - Has been properly implemented and maintained Yes4.05.04.06 - Is effective in meeting the organisations policies, objectives and targets for continual OHS improvement Yes4.05.04.07 - Meets legislative requirements Yes4.05.04.08 Are audit results: No4.05.04.09 - Reviewed by management Yes4.05.04.10 - Made available to employees No4.05.04.11 Does the audit program consider the importance of the activity concerned, and the results of previous audits? Yes4.05.04.12 Does the audit procedures include the: Yes4.05.04.13 - Scope - Activities and areas to be considered in audits Yes4.05.04.14 - Frequency Yes4.05.04.15 - Methodology for how audits will be conducted Yes4.05.04.16 - Competencies for auditors Yes4.05.04.17 - Responsibilities and requirements for conducting audits and reporting results Yes4.05.04.18 - Communication of audit findings Yes4.05.04.19 Are audits conducted competently, impartially and objectively? Yes4.05.04.20 Are internal audits conducted? Yes4.05.04.21 Are external audits conducted? No4.05.04.22 Is the audit process audited? No4.05.04.23 Are auditors independent of the process being audited? Yes

Comments: Audit results are not available to all employees and there are no external audits conducted of the workplace, work processes or the audit process itself.

No

4.06 Management review4.06.01 Specifications for Management Review Requirements4.06.01.01 Is the SMS reviewed for continuing, suitability, adequacy and effectiveness, by top management? Yes4.06.01.02 Does this occur at identified intervals (least every two years)? Yes4.06.01.03 Is the review documented? Yes4.06.01.04 Where appropriate, does management suggest changes to SMS policy, objectives, responsibilities or other

areas?Yes

4.06.01.05 Is the review of the SMS carried out by the level of management that defined them? Yes4.06.01.06 Does the review include: Yes4.06.01.07 - Result from audits Yes4.06.01.08 - The extent to which objectives and targets have been met Yes4.06.01.09 - The continuing suitability of the SMS in relation changing conditions and information Yes4.06.01.10 - Concerns of relevant interested parties Yes4.06.01.11 Does the review also take into consideration: Yes4.06.01.12 - Health and safety performance reports Yes4.06.01.13 - Incident reports Yes4.06.01.14 - Hazard identification Yes4.06.01.15 - Statutory OHS performance Yes4.06.01.16 - Corrective action reports Yes4.06.01.17 - Changes to regulatory requirements Yes4.06.01.18 - Changes to OHS standards Yes4.06.01.19 - Community expectations Yes4.06.01.20 Is the work authorised by a manager who controls the workplace? Yes

Comments:

Page 8 of 16


AUDIT TABLE OF RESULTSSummary of ResultsThe following is a summary of compliance against the audit criteria with the Results column as a percentage of compliance.

Section Title Results4.01 General Requirements 50.00%

4.0101 Specifications for General Requirements 50.00%4.02 OHS Policy 83.33%

4.0201 Specifications for OHS Policy Requirements 83.33%4.03 Planning 81.88%

4.0301 Planning identification of hazards, hazard/risk assessment and control of hazards/risks

87.50%

4.0302 Legal and other requirements 50.00%4.0303 Objectives and targets 100.00%4.0304 OHS management plans 90.00%

4.04 Implementation 80.78%4.0401 Structure and responsibility 44.44%4.040101 Resources 100.00%4.040102 Responsibility and accountability 33.33%4.0402 Training and competency 72.73%4.0403 Consultation, communication and reporting 95.24%4.040301 Consultation 100.00%4.040302 Communication 100.00%4.040303 Reporting 85.71%4.0404 Documentation 100.00%4.0405 Document and data control 71.43%4.0406 Hazard identification, hazard/risk assessment and control of hazards/risks 90.53%4.040601 General Hazard/Risk Requirements 100.00%4.040602 Hazard identification 88.89%4.040603 Hazard/risk assessment 90.91%4.040604 Control of hazards/risks 92.86%4.040605 Evaluation 80.00%4.0407 Emergency preparedness and response 27.27%

4.05 Measurement and Evaluation 76.87%4.0501 Monitoring and Measurement 100.00%4.050101 General Monitoring and Measurement 100.00%4.050102 Health surveillance 0.00%4.0502 Incident investigation, corrective and preventive action 100.00%4.0503 Records and records management 76.20%4.0504 Safety Management System audit 85.00%

4.06 Management Review 100.00%4.0601 Specifications for Management Review Requirements 100.00%

Page 9 of 16


Audit Results Spider Charts

The following spider graphs show the levels of compliance for each sections and subsection. The purpose of the spider graph is to provide a visual reference for compliance. Each axis line represents a 10% increment in compliance whereas the progression of colour from red to green provides a colorimetric display i.e. as a higher percentage in compliance is achieved the data line moves from the red regions to the green.

Page 10 of 16


Table of ImprovementsThe following table relates to those audit criteria that were not successfully met. This table forms the basis for the following Actions Table

Section Title Compliant4.01 General Requirements

4.0101 Specifications for General Requirements No4.010102 Is that SMS maintained in accordance with AS/NZS ISO 4801? No

4.02 OHS Policy4.0201 Specifications for OHS Policy Requirements No4.020104 Does the policy comply with all of the below: No4.020111 - Communicated to all employees No4.020112 - Available to interested parties No

4.03 Planning4.0301 Planning identification of hazards, hazard/risk assessment and

control of hazards/risksNo

4.030106 Do they include activities of contractors and suppliers over which the organisation has control or influence?

No

4.030107 Does the procedure include where necessary the following: No4.030109 - Codes of practice and standards where necessary No4.0302 Legal and other requirements No4.030201 Relevant to the OHS issues of the organisation, does the organisation

have a list of:No

4.030203 - Codes of practice No4.030204 - Standards (AS/NZ or ISO) No4.030206 Relevant to the OHS issues of the organisation, does the organisation

have access to all of the below:No

4.030208 - Codes of practice No4.030209 - Standards (AS/NZ or ISO) No4.0304 OHS management plans No4.030401 Is there an OHS Management plan that: No4.030402 - Identifies OHS responsibilities for specific people within the

organisations hierarchyNo

4.04 Implementation4.0401 Structure and responsibility No4.040102 Responsibility and accountability No4.04010201 Has the organisation defined accountabilities for all personnel with

OHS responsibilities?No

4.04010202 Has the organisation defined accountabilities for contractors over which the organisation has control or influence?

No

4.04010204 Do these representatives have the responsibility to ensure that OHS requirements are:

No

4.04010205 - Established No4.04010206 - Implemented No4.04010207 - Maintained No4.0402 Training and competency No4.04020007 Is the training requirements considered for contractors over which

the organisation has control or influence?No

4.04020012 - Contractors No4.04020013 - Visitors No4.0403 Consultation, communication and reporting No4.04030308 Are incidents reported in accordance with AS 1885.1 or as required

by legislation?No

4.0405 Document and data control No

Page 11 of 16


Section Title Compliant4.040501 Are there procedures to ensure that all relevant documentation is: No4.040502 - Readily accessible No4.040505 - Current, with all obsolete materials removed from points of issue No4.0406 Hazard identification, hazard/risk assessment and control of

hazards/risksNo

4.040602 Hazard identification No4.04060205 Does the hazard identification process include consideration of the: No4.0406021 - Contracting and subcontracting of plant, equipment, services and

labour including contract specification and responsibilities to and by contractors

No

4.040603 Hazard/risk assessment No4.04060307 Is there a documented hazard identification/reporting system and

are records kept?No

4.040604 Control of hazards/risks No4.04060413 Is there a process for plant/equipment isolation? No4.040605 Evaluation No4.04060506 Is there a process to monitor and review the safety performance of

contractors?No

4.0407 Emergency preparedness and response No4.040701 Have potential emergency situations been identified? No4.040705 Are the emergency procedures tested periodically i.e. drills and

preparedness testing?No

4.040706 Are there responsibilities allocated to specific personnel for control of emergency situations?

No

4.040707 Have these responsibilities been communicated to these personnel? No4.040708 Has relevant training been identified and have these personnel

undertaken such training?No

4.040709 Have emergency instructions and emergency contacts been clearly communicated throughout the organisation?

No

4.04071 Is emergency equipment, exit signs and alarm systems inspected, tested and maintained at regular intervals?

No

4.040711 Has the location and accessibility of emergency equipment been assessed by competent persons?

No

4.05 Measurement and Evaluation4.0501 Monitoring and Measurement No4.050102 Health surveillance No4.05010201 Has the organisation identified those situations where employee

health surveillance is required?No

4.05010202 Are appropriate health reviews conducted? No4.05010203 Do employees have access to their own individual results? No4.05010204 Where specified by legislation, is the health of employees exposed to

specific hazards monitored and recorded?No

4.0503 Records and records management No4.050301 Is there a system for the management of OHS records? No4.050308 Are retention times established and recorded? No4.050309 Do the OHS records include: No4.050318 - Pertinent contractor and supplier information No4.05032 - Information of emergency preparedness and response No4.0504 Safety Management System audit No4.050408 Are audit results: No4.05041 - Made available to employees No4.050421 Are external audits conducted? No

Page 12 of 16


Section Title Compliant4.050422 Is the audit process audited? No

Page 13 of 16

Total Imagination ServicesAUDIT_ 4801 OCCUPATIONAL HEALTH & SAFETY MANAGEMENT SYSTEMAUDIT TABLE OF RESULTS Audit Actions Table for Non-Conformances

Section and Sub-Section (Primary and Secondary) AuditResponse Status Action Required Progress

ReportAction

ControllerAction Team

OriginDate

DueDate

ReviewDate

DateComplete

4.01 General requirements No4.01.01 Specifications for General Requirements No4.01.01.02 Is that SMS maintained in accordance with AS/NZS ISO 4801? NoComments: In the audit there were discrepancies noted between the organisations SMS and the standard. These are detailed in the following.

No

4.02 OHS Policy No4.02.01 Specifications for OHS Policy Requirements No4.02.01.04 Does the policy comply with all of the below: No4.02.01.11 - Communicated to all employees No4.02.01.12 - Available to interested parties NoComments: The policy has not been communicated to all employees is not distributed or available to visitors or contractors.

No

4.03 Planning No4.03.01 Planning identification of hazards, hazard/risk assessment and control of hazards/risks

No

4.03.01.06 Do they include activities of contractors and suppliers over which the organisation has control or influence?

No

4.03.01.07 Does the procedure include where necessary the following: No4.03.01.09 - Codes of practice and standards where necessary NoComments: Contractors are not considered and there is no list of codes of practice that are relevant to the work being undertaken

No

4.03.02 Legal and other requirements No4.03.02.01 Relevant to the OHS issues of the organisation, does the organisation have a list of:

No

4.03.02.03 - Codes of practice No4.03.02.04 - Standards (AS/NZ or ISO) No4.03.02.06 Relevant to the OHS issues of the organisation, does the organisation have access to all of the below:

No

4.03.02.08 - Codes of practice No4.03.02.09 - Standards (AS/NZ or ISO) NoComments: There is no list of codes or standards and no evidence that all relevant codes and standards have been considered. A compliance register that shows how the SMS meets the relevant legislation, including codes and standards, may assist in showing compliance.

No

4.03.04 OHS management plans No4.03.04.01 Is there an OHS Management plan that: No4.03.04.02 - Identifies OHS responsibilities for specific people within the organisations hierarchy

No

Comments: There are no accountabilities included in the safety management plan. A list or responsible roles and their accountabilities and inclusion of these accountabilities in the relevant position descriptions may provide appropriate evidence for compliance.

No

4.04 Implementation No4.04.01 Structure and responsibility No4.04.01.02 Responsibility and accountability No4.04.01.02.01 Has the organisation defined accountabilities for all personnel with OHS responsibilities?

No

4.04.01.02.02 Has the organisation defined accountabilities for contractors over which the organisation has control or influence?

No

4.04.01.02.04 Do these representatives have the responsibility to ensure that OHS requirements are:

No

4.04.01.02.05 - Established No4.04.01.02.06 - Implemented No4.04.01.02.07 - Maintained No

Page 14 of 16



ReportAction


OriginDate

DueDate

ReviewDate

DateComplete

Comments: There are OHS personnel with accountabilities, these have not been defined for other roles/positions (i.e. managers, supervisors, etc) or for contractors. Inclusion of accountabilities in position descriptions and in a contractor management system may provide a means for compliance.

No

4.04.02 Training and competency No4.04.02.00.07 Is the training requirements considered for contractors over which the organisation has control or influence?

No

4.04.02.00.12 - Contractors No4.04.02.00.13 - Visitors NoComments: There is no contractor control/review procedures and competency of contractors is not considered. I contractor management policy/procedure where safety critical training is considered may provide a means for compliance.

No

4.04.03 Consultation, communication and reporting No4.04.03.03.08 Are incidents reported in accordance with AS 1885.1 or as required by legislation?

No

4.04.05 Document and data control No4.04.05.01 Are there procedures to ensure that all relevant documentation is:

No

4.04.05.02 - Readily accessible No4.04.05.05 - Current, with all obsolete materials removed from points of issue

No

Comments: There is no means of making OHS information readily available to contractors and visitors. There is also some old forms identified as in use. A systems where forms and policies/procedures are kept that is readily accessible to personnel (e.g. intranet) may assist in compliance.

No

4.04.06 Hazard identification, hazard/risk assessment and control of hazards/risks

No

4.04.06.02 Hazard identification No4.04.06.02.05 Does the hazard identification process include consideration of the:

No

4.04.06.02.10 - Contracting and subcontracting of plant, equipment, services and labour including contract specification and responsibilities to and by contractors

No

Comments: Contractors are not considered in hazard identification. A contractor management policy/procedure enabling contractors to report hazards may provide a means for compliance.

No

4.04.06.03 Hazard/risk assessment No4.04.06.03.07 Is there a documented hazard identification/reporting system and are records kept?

No

Comments: Not all hazards are reported or documented. Although hazard reporting is mentioned in policy there isn't a documented process for reporting and documenting the hazard or the action taken to resolve it.

No

4.04.06.04 Control of hazards/risks No4.04.06.04.13 Is there a process for plant/equipment isolation? NoComments: There is no isolation process for plant under maintenance or that is out of service. A policy/procedure with the necessary tagging system may provide a means for compliance.

No

4.04.06.05 Evaluation No4.04.06.05.06 Is there a process to monitor and review the safety performance of contractors?

No

Comments: The safety performance of Contractors is not considered in hazard identification. A contractor management policy/procedure enabling contractors to report hazards may provide a means for compliance.

No

4.04.07 Emergency preparedness and response No4.04.07.01 Have potential emergency situations been identified? No

Page 15 of 16



ReportAction


OriginDate

DueDate

ReviewDate

DateComplete

4.04.07.05 Are the emergency procedures tested periodically i.e. drills and preparedness testing?

No

4.04.07.06 Are there responsibilities allocated to specific personnel for control of emergency situations?

No

4.04.07.07 Have these responsibilities been communicated to these personnel?

No

4.04.07.08 Has relevant training been identified and have these personnel undertaken such training?

No

4.04.07.09 Have emergency instructions and emergency contacts been clearly communicated throughout the organisation?

No

4.04.07.10 Is emergency equipment, exit signs and alarm systems inspected, tested and maintained at regular intervals?

No

4.04.07.11 Has the location and accessibility of emergency equipment been assessed by competent persons?

No

Comments: There is an emergency policy but no detailed and documented procedures for what to do in emergencies. With multiple sites, each site should have a relevant emergency management plan.

No

4.05 Measurement and evaluation No4.05.01 Monitoring and Measurement No4.05.01.02 Health surveillance No4.05.01.02.01 Has the organisation identified those situations where employee health surveillance is required?

No

4.05.01.02.02 Are appropriate health reviews conducted? No4.05.01.02.03 Do employees have access to their own individual results? No4.05.01.02.04 Where specified by legislation, is the health of employees exposed to specific hazards monitored and recorded?

No

Comments: There is no identified process for assessing if health surveillance is necessary. A risk assessment that considers the organisations operations and work processes that requires mandatory testing e.g. exposure to noise, isocyanates; asbestos, etc may provide a basis for assessing if health surveillance is required and defining what circumstances and controls are required to either precipitate surveillance or mitigate its requirement.

No

4.05.03 Records and records management No4.05.03.01 Is there a system for the management of OHS records? No4.05.03.08 Are retention times established and recorded? No4.05.03.09 Do the OHS records include: No4.05.03.18 - Pertinent contractor and supplier information No4.05.03.20 - Information of emergency preparedness and response NoComments: Records management appears ad hoc, with no policy/procedure that identifies what records must be kept; for how long; and how.

No

4.05.04 Safety Management System audit No4.05.04.08 Are audit results: No4.05.04.10 - Made available to employees No4.05.04.21 Are external audits conducted? No

Page 16 of 16

Documents

Audit_4801 Safety Management Systems_Report Example