Planning and conducting environmental health and safety (EHS) audits for a company or client's full range of operations can be a daunting undertaking.
These operations may include both domestic and international manufacturing plants, research and development labs, distribution centers, corporate aviation activities, and office complexes. Further, there may also be third party, or "Toller", manufacturers involved as well.
The planning strategy must incorporate a variety of considerations, including whether to formulate the process on compliance or system based issues. Other factors include emerging legislation, costs and availability of appropriate resources, identification of customers, frequency of audits, and confidentiality.
The definition of an audit varies from one organization to another. To start with, an audit is referred to by a number of different terms. They include appraisal, survey, assessment, evaluation, and inspection. Whatever you call it, when conducted properly, it is a systematic and comprehensive evaluation of a company's compliance programs. Not just the current status, but over a period of time such as the past 2 years, 3 years, etc. It can be accomplished equally as effectively by either internal (company) or external (consultant) auditors. When the new American National Standards Institute (ANSI) Z10 standard became effective last year it contained the following definition of an audit:
"A systematic process for obtaining information and data and evaluating it objectively to determine the extent to which defined criteria are fulfilled.1 "
Audits can be designed to evaluate either compliance or systems-based programs. Simply stated, a compliance based audit is driven by a specific government agency (OSHA or EPA, for example), company policies, facility written requirements and/or local facility Standard Operating Procedures (SOPs), in that order. Typically, the most stringent of these takes precedence.
A system based audit is more non-regulatory but necessary for a successful EHS program. This type of audit should include evaluating senior management's support and active participation (policy statement, staff meeting agenda item, etc.), employee participation (safety committees, "off-the-job" safety efforts, and so on) inspections and audits, training, contractor management, and emergency response programs. Some of these topical areas have regulatory implications, but collectively they are generally considered system based programs. The usual suspects in this type of audit are ISO 14001, OSHAS 18001 and the Occupational Safety and Health Administration (OSHA) Voluntary Protection Program (VPP). With the advent of the ANSI Z10 standard there is now another option available to companies.
Determining whether the audit program should be compliance based or system based is typically a result of a company's philosophy and the maturity of the program. Costs and frequency of an audit are usually driven by a company's concern for being viewed as a good corporate citizen.