January 17th, 2023 by Dakota Software Staff
Many people use the terms audit and inspection interchangeably, but they each play their own unique role in the context of Environment, Health, and Safety (EHS) compliance and management.
So what is the difference between an audit and inspection, and what must EHS managers know about each to ensure compliance and prevent incidents or violations that impact their organization?
In this article, we examine key differences between audits and inspections, how to prepare for them, and how you can make these activities more effective with EHS software.
Audits and inspections are similar in that they both involve verifying compliance with EHS standards and protocols. However, there are some important differences in terms of scope, purpose and frequency.
Audits are a comprehensive evaluation of a facility’s processes, procedures, and policies, typically verifying compliance against regulatory requirements and standards such as ISO 14001. Audits involve significant preparation and documentation, as well as input from a larger team of people who are experts on the processes under review. Part of an EHS audit includes a thorough report with a list of findings for management review. Corrective actions are then assigned to address any gaps identified in the audit.
Inspections, on the other hand, are typically more routine and limited in scope, involving visual checks of equipment and specific hazards that need to be controlled. While formal corrective action may be required, in some cases problems can be documented and then corrected on the spot. Additionally, audit findings typically drive Root Cause Analysis (RCA) while inspections generally do not.
Another major difference between audits and inspections is their frequency, with audits conducted less frequently. For example, you might have team leads perform a daily safety walkthrough or weekly safety inspection, whereas your internal audit as required under ISO 14001 might only take place annually.
Facilities sometimes also break down comprehensive audits into monthly or quarterly audits that look at specific parts of the EHS management system. At the end of the year, those monthly or quarterly audits add up to a full audit of the EHS program. An EHS audit often includes a review of routine inspection procedures and whether or not they are being followed in practice.
Audits and inspections both represent critical yet distinct steps in the Plan-Do-Check-Act (PDCA) process. On a high level, the PDCA approach involves four stages:
Plan: The planning step requires documentation of processes and procedures. This includes creating documents such as safety policies, employee training requirements, job safety analysis (JSA), emergency response plans and more.
Do: This is where you execute your safety management processes, including inspections, that were documented in the planning step.
Check: Audits verify if your team is actually following the processes, policies, and procedures stated in your documentation and complying with any relevant regulatory or standard requirements.
Act: This step involves corrective action to address any gaps, such as implementing new safety controls for an uncontrolled hazard identified in an audit or inspection.
Conducting regular safety inspections at your plant is crucial to proactively preventing workplace injuries. These inspections also help keep your team ready for any U.S. Occupational Safety and Health Administration (OSHA) inspections, including unannounced visits. Routine environmental inspections can help ensure compliance with applicable EPA regulations and other local requirements.
Many templates exist to help manufacturers develop self-inspection checklists for their facilities. While it can be tempting to use a generic checklist for site inspections, these templates should be used only as a starting point for creating checklists that are applicable to each site’s unique operations.
As you create your site-specific checklists, you should also be sure to look at items such as:
Recent safety incidents, including near-misses
Recent corrective actions
Any safety observations logged in the EHS management system
OSHA and ISO requirements applicable to your site
Previous inspection findings
From an analytics standpoint, inspection data can provide insights to help site leaders reduce EHS risk at their individual facilities. This data can help to identify trends related to physical conditions and can be used to prioritize investment in changes in safety processes and controls.
An internal audit program is required under ISO standards such as ISO 9001 and ISO 14001. ISO certification itself also requires an audit, as well as periodic surveillance audits which may be a combination of remote and onsite auditing by a third party. Conducting an internal audit is also best practice for preparing for a certification or surveillance audit.
Preparing for an audit, whether internal or external, can seem like a daunting challenge. However, a simple four-step process can help ensure a comprehensive review during an internal audit and minimize findings during an external audit. This process includes:
1. Creating a list of applicable regulatory and standard requirements
2. Linking requirements to audit protocols
3. Identifying gaps where specific requirements lack controls
4. Addressing identified gaps with corrective action
While we’re distinguishing between inspections and audits, it’s also important to clarify the definition of “protocol.” Per the U.S. Environmental Protection Agency (EPA), “Audit protocols assist the regulated community in developing programs at individual facilities to evaluate their compliance with environmental requirements under federal law.” According to their Protocol for Conducting Environmental Compliance Audits, “The term “Protocol” has evolved over the years as a term of art among the professional practices of auditing and refers to the actual working document used by auditors to evaluate a facility’s conditions against a given set of criteria. Therefore these documents describe “what” to audit a facility for rather than “how” to conduct an audit.”
When preparing for an external audit, it’s also worth taking time to prepare your team. What is the reporting process when a workplace safety incident occurs? What should the operator do in the event of a chemical spill? What is the most important step in the process for ensuring safety? Auditors will want to talk to plant floor employees, making training and regular conversations around safety essential to preparation.
Audit analytics are considerably different from inspection analytics as audit data tends to provide higher level insights. While audit findings typically produce less data to analyze, when used consistently, the data can be used to identify sites with the highest operational risk. This data can also help corporate leaders better understand what regulatory areas are most problematic to the organization as a whole.
Whether getting ready for an internal or external audit or inspection, your EHS management system can help make sure you’re checking the right things and closing the loop. Utilizing software to more efficiently manage your Management System can provide additional visibility and insight. Designed to support the PDCA methodology, Dakota Software’s ProActivity Suite has all the tools EHS leaders need to manage audits and inspections more effectively.
Dakota Profiler helps ensure compliance and maintain a state of audit and inspection readiness by providing:
An up-to-date regulatory database that reflects current OSHA and ISO requirements
Regulatory updates to notify your team when requirements change, including action-forcing changes
Applicability guidance and plain-language explanations so you understand what your site needs to do to stay in compliance
Site-specific compliance profiles based on decision-tree logic to clarify which requirements apply to different facilities
Companies can use Dakota Auditor to generate audit protocols and inspection checklists based on applicable requirements, simplifying the process of preparing for and conducting these important checks. Dakota Tracer helps manage corrective actions resulting from audits and inspections, including assigning and tracking action items to close the loop on noncompliances. Finally, Dakota Insights can help unlock the analytical power of your audit and inspection data and share actionable intelligence with business leaders across your organization.
Audits and inspections are similar yet distinct activities that both play an important role in the PDCA process. Whereas audits are a deep, methodical examination of a facility’s compliance with procedures and processes, inspections take a narrower look at physical conditions and potential hazards. The right EHS management system and tools can help companies do both more effectively, providing confidence in your compliance status and safety performance as a whole.
Profiler
Tracer
Auditor
Scout
Insights
Inspections
Metrics
