5 Reasons Why Audits Fail, And What To Do About It

Failure to properly manage safety audit actions can have disastrous consequences. Safety audits are an essential tool for identifying potential hazards and assessing safety performance in the workplace.
AdobeStock_378797857-scaled
Back to all
Article
August 16, 2023

Failure to properly manage safety audit actions can have disastrous consequences. Safety audits are an essential tool for identifying potential hazards and assessing safety performance in the
workplace.

While audits are often used to help companies comply with regulations and maintain a safe working environment, not all audits are successful in achieving their goals. In fact, safety audits can
fail for a variety of reasons, from poor planning and inadequate resources to lack of employee involvement and ineffective follow-up.

In this blog, safety expert Bridget Leathley talks about the 5 reasons why safety audits fail, highlighting the need for an organization to use an efficient EHS audit inspection
software
to manage their audits.

b7e5055a-a7bb-4d22-b079-053a583aa51c.png

What is an Audit Supposed to Do?


A management system is the sum of an organization’s structures, roles and responsibilities, processes and plans for achieving an objective. Management system standards cover many topics, including
quality, environment, information security, and occupational health and safety.

The role of an audit is to collect and evaluate evidence to check that a management system is working as expected, and to find opportunities for improvement. Accreditation audits are carried
out by external bodies to check that an organization meets a particular standard, such as the international standard for occupational health and safety management systems (OHSMS). However, internal
audits of OHSMS are essential, whether or not an organization is seeking external accreditation.

The objective of an audit is to identify areas of improvement, assess risks, and provide recommendations for enhancing performance,
reducing waste, increasing efficiency, and improving controls.

Overall, the purpose of an audit is to provide an independent and objective assessment of the audited system and to help stakeholders make informed decisions based on the findings and
recommendations of the auditor.

The Devastating Consequences of Failed Audits


There were many, many mistakes that led to the devastating fire at Grenfell Tower in London in 2017, killing 72 people. As well as construction issues during refurbishment, the Grenfell Tower
Inquiry highlighted failures to manage audit actions.

Over many years, audits of the organization responsible for Grenfell Tower discovered that thousands of fire risk assessment actions, along with other safety actions, were not being
dealt with. Actions identified in one period were not always followed up in the next review. The list of actions became longer and longer. It is believed that there were over 5000 fire risk
assessment actions outstanding at the time of the fire.

It was no surprise to find in the many, many documents on the Grenfell Inquiry website, an Excel spreadsheet being used to record and track actions from various audits, and in another case,
an action table buried inside a PDF.

Grenfell was not the first major accident where following up actions from earlier audits might have prevented disaster. In 1983 an audit of an offshore oil installation recommended that
firefighting pumps should be left in automatic mode when there were no divers nearby. In 1988, there was an explosion which prevented staff getting to the controls to operate the firefighting
pumps. The audit action hadn’t been implemented – the pumps were on manual, the fire spread, and 167 people died on Piper Alpha.

Why Audits Fail – and What You Can Do About It


Here are five reasons why audits fail – and what you can do about it:

1.     Lack of resources


Audits might seem like a ‘nice to have’. If resources are stretched, we always want to focus on getting on with the main job. But you could be throwing money away – audits might identify activities
that could be removed because they aren’t adding to safety or errors that are perpetuated because no one has looked for them.

Inadequate resources can be a major reason why audits fail to achieve their objectives. Limited resources such as time, budget, or expertise, can hinder the ability of the auditor to conduct a
thorough and effective audit, leading to incomplete or inaccurate findings and recommendations.

For example, if an audit is conducted with limited time, the auditor may not have sufficient time to review all of the relevant information or to observe the audited system in operation. Similarly,
if the audit is conducted with a limited budget, the auditor may not be able to engage sufficient resources, such as hiring additional auditors or using advanced technology, which can impact the
quality and accuracy of the audit.

Finally, if the auditor lacks the necessary expertise, such as specialized knowledge or technical skills, they may not be able to identify critical issues or provide meaningful recommendations,
which can result in missed opportunities for improvement.

AdobeStock_335042158.jpeg?width=6016&height=4016&name=AdobeStock_335042158.jpeg

Inadequate resources can compromise the quality and effectiveness of an audit, and therefore it is important for organizations to allocate appropriate resources to ensure their audit programs are
successful.

The best way to overcome this problem is by rigorous planning. Focus audits initially on the areas where you have most to gain. This could be higher-hazard tasks, more frequent tasks, or locations
where there is a higher-than-average number of incidents.

If the audits are in the work plan, it will be easier to negotiate the resources needed. Make sure you have the right audit tools – walking around with a ring binder full of paper notes makes an
audit challenging.

Picking a mobile solution that allows you to add photos, document and sound recordings into each audit finding will reduce the time spent to report results.

2.     Lack of competence


Internal audits are sometimes delegated to junior staff, because they are cheaper and it is seen as a useful way for them to learn about an organization. While shadowing an auditor would be
an excellent learning process, someone new to an organization might not be sure what they are looking for or what they are seeing. Is the ladder being used correctly? Is that the right sort of PPE
for that job?

Some safety inspection management software will provide images to support audit questions, so the auditor can compare what they see with what they should be able to see. Make sure people have
appropriate training to understand the purpose of an audit.

When I asked one untrained auditor how their site was so perfect every month, his answer astonished me: ‘I thought the purpose was to tick everything on the list. I didn’t realize we were
supposed to find problems.’

Competence refers to having the knowledge, skills, and experience required to perform the audit effectively. If the auditor does not have the necessary competence, they may not be able to
identify and evaluate the critical safety issues that are present in the audited system.

This can result in incomplete or inaccurate findings, leading to missed opportunities for improvement or false assurances of compliance. For example, if an auditor is not familiar with the
relevant safety standards or regulations, they may overlook significant safety hazards or inaccurately assess compliance with the relevant requirements.

Similarly, if the auditor lacks the necessary technical expertise, such as knowledge of complex machinery or equipment, they may not be able to identify potential safety issues or make
meaningful recommendations for improvement.

Therefore, it is crucial to ensure that the auditor possesses the necessary competence and experience to perform the safety audit effectively. This can be achieved through proper training,
hiring experienced auditors, or engaging external experts when necessary.

3.     Auditing work as imagined, not work as done


During the lockdown, some audit organizations were offering remote audits. Necessarily, these focused on what the available paperwork said was happening. Some audits, even when there is an
opportunity to look further, focus on what has been written down.

Auditing neat paper forms full of ticks gives a reassuring feeling that all is right with the world. But when were the ticks added? And do they represent real checks made? It used to be that the
only clue I had that housekeeping checklists or hazard checks had been completed an hour before I arrived was that they were all in the same pen; in real time, people rarely use the same pen every
time.

Now, electronic checklists make it impossible to retrospectively tick multiple weeks – every check is time-stamped and in many cases tagged to a location and a person. But even this doesn’t go far
enough – when you audit how do you know the check was actually made? One approach is to ask people to show you how they make a check. If there is a systematic failure, it might be because people
don’t know what to do.

In one organization, I found manager after manager at different sites who couldn’t show me how to make all the checks that they had been signing off. What started as an audit became a coaching
session.

safety%20briefing%20for%20workers%20in%20hard%20hats%20stood%20in%20circle.jpg?width=1200&height=700&name=safety%20briefing%20for%20workers%20in%20hard%20hats%20stood%20in%20circle.jpg

4.     Audits for ‘assurance’


The perception of audits is that they should provide assurance that all is well, so auditors feel pressure to produce favorable findings. You need an auditor who will unsettle any cozy view
that everything is fine: you want them to look for opportunities for improvement.

I’ve worked with organizations where managers are ‘scored’ on how well they do in a six-monthly audit. As a result, they don’t raise any issues, they won’t admit where they can’t meet a
safety requirement because of lack of resources, and they will hide problems from a casual auditor who looks only at the paperwork. Senior management will think everything is fine – until something
goes badly wrong.

Be skeptical if audit results are always positive. Auditors are not doing their job if they don’t identify areas for improvement. Audits are more impartial where there is support to
collect other forms of evidence – such as photographs of equipment and workplaces, copies of servicing records, or readings from monitoring devices (such as temperature or pH).

5.     Lack of independence


If the auditor is the person who created the system, it will be difficult for them to find faults. External auditors can be more independent, but they can suffer from not understanding the
organizational context, and they can still be biased by wanting to please the customer.

Independence refers to the ability of the auditor to perform the audit without bias, influence, or conflicts of interest. If the auditor lacks independence, it may result in a compromised
audit, leading to inaccurate or incomplete findings and recommendations.

For example, if the auditor has a personal or financial interest in the outcome of the audit, they may not be able to remain objective or impartial in their assessment of the audited system.
Similarly, if the auditor is influenced by the audited organization or its management, they may overlook critical safety issues or fail to report accurately on the findings of the audit.

Lack of independence can result in a loss of credibility for the audit and can lead to a lack of trust in the audit process. To ensure independence, auditors should adhere to ethical and
professional standards

Many businesses find a successful approach is to use managers from a different department or for multi-site organizations, from a different location. They will understand context and share
the goal of wanting the business to be successful, but can retain objectivity because their job is not at risk.

Summary

An audit that only checks the paperwork is unlikely to find opportunities for improvement. Auditors must be trained and supported with the time and tools to do a good job and encouraged to
look beyond the tick boxes. Where actions are identified to improve the OHSMS these must be followed through – not left in an Excel spreadsheet to be discovered when something goes wrong.

If you want to learn more about how to effectively manage actions through to completion, learn more about the EcoOnline software solution below.

b7e5055a-a7bb-4d22-b079-053a583aa51c.png