How good are your audits, really?

As an Inspector with the British Health & Safety Executive (HSE), I visited many major hazard facilities both on- and offshore. It was sometimes necessary to issue enforcement notices that required the company to make certain improvements. These were not issued lightly, as I was acutely aware of the impact that such notices might have on the company.

What often surprised me was that each company had an internal audit program that aimed to identify and correct any deficiencies for the topics that we were inspecting. And yet, the company’s own audits often failed to identify key issues prior to our visit. Senior leaders were embarrassed that a relatively brief independent check could identify serious safety issues, requiring enforcement notices.  

The Cullen Inquiry into the Piper Alpha disaster noted that the Permit to Work system was routinely being operated in a casual and unsafe manner. The company could offer no explanation as to why none of the audits that they had undertaken revealed what had emerged at the Inquiry. How did the many internal audits (looking at hundreds of permits) not identify the deficiencies that quickly became apparent?

It seems that leadership assumed all was well because no-one was raising any concerns. And the lack of issues reported in audits may have simply reinforced this assumption.

Unfortunately, my experience is that audits may be giving leaders a false sense of security.

A key issue identified in my inspections was that audits tended to check that the system was working as intended. Let’s take the example of Permit to Work, central to Piper Alpha. An audit of this system might check that people are trained in the process, the paperwork (or the electronic equivalent) is being completed as required, that the right signatures are present, and that the paperwork is stored where it should be.

In other words, the audit is checking that the Permit to Work system is working as it should. In popular safety language, checking that the "Work as Done" is the same as the "Work as Planned".

However, as an Inspector I asked a slightly different question: is the Permit to Work system adopted by the company the right system to start with?  In order to make this judgment I might draw upon my inspections of other companies, as well as published industry good practice.

The company’s own audits were often compliance audits (i.e., has the company policy or standard been implemented correctly), rather than determining whether the system was fit for purpose.

By all means, use audits to check compliance against your company standards, to ensure that you’re doing what you say you’re doing (and act on the findings). But given that people, technology, systems and standards change over time - you should also ask whether your system is the right system in the first place.

There’s little point in verifying that you are complying with something that is less than ideal to start with.

Martin Anderson is a Principal Consultant at HF Integration, working at the intersection of human factors and process safety.