Procedures

Health, Safety and Wellness Audit Procedure

Printer-friendly version
Body

1.0    Purpose and Scope

The Health, Safety and Wellness (HSW) Division within The University of Queensland (UQ) has an internal audit program to evaluate the effectiveness of health and safety systems and processes across UQ. The purpose of this procedure is to provide assurance and confidence on the management and control of this program to UQ’s senior executive. 

The objectives of the procedure are to achieve the goals in the HSW Policy, provide ongoing feedback to UQ’s senior executive regarding the effectiveness of the health and safety systems, and retain the UQ Workers’ Compensation Self Insurance Licence.

This procedure also sets out the processes for developing and conducting internal HSW audits to ensure that:

  • UQ meets its Workers’ Compensation Self Insurance Licence requirements.

  • Appropriate samples of UQ’s activities are evaluated against the requirements established by the UQ Occupational Health and Safety Management System (OHSMS).

  • Systems of work that represent best practice are identified.

  • Challenges arising as a result of the implementation of the OHSMS are identified and improvements recommended.

  • Enterprise Risk Services is made aware of any potential changes to the health and safety risk ranking information for the Enterprise Risk Register.

This procedure applies to all HSW internal audits conducted by the HSW Division and the UQ Safety Network across all UQ campuses, Faculties, Institutes and the Central Support Services (CSS) areas and controlled entities.  This encompasses Level 1 and 2 audits – see section 3.3 of this procedure.

2.0    Process and Key Controls

To support effective review of health and safety management at UQ:

  • In usual circumstances, the HSW Division will ensure at minimum the following types of health and safety audits will be conducted each calendar year –

    • OHSMS audit of an organisation area/s

    • Risk Factor audit based on the UQ Top Health and Safety Risks Report

    • Watch List audit based on the UQ Health and Safety Watch List.

At least one of these audits will be conducted within a UQ Controlled Entity.

  • Audit status and outcomes will be reported to the UQ Senior Executive Team via the HSW Division monthly reporting process or at other relevant meetings.

  • Action status and resolution status will be reported to the UQ Senior Executive Team via the HSW Division monthly reporting process.

  • Local Level 1 audits will be conducted as per the Organisational Unit’s annual HSW Management Plan.

3.0    Key Requirements

3.1    HSW Audit Program Development

An audit program is proposed by HSW Division to the Vice Chancellor’s Risk and Audit Committee (VCRCC) in the fourth quarter of each calendar year for approval for the following calendar year.

Criteria for developing the audit program include the following:

  • UQ’s Corporate Safety risk register and the Top Health and Safety risks.

  • UQ Faculty/Institute/CSS Organisational Units’ risk profile.

  • UQ Safe Incident and Risk data.

  • Work Injury Management (WIM) Claims Report.

  • Incidents and prosecutions both internal and external to the education/research/university business.

  • Areas of concern raised by the University Senior Executive Team (USET).

  • Areas of concern raised by HSW Managers, Work Health and Safety Coordinators (WHSCs) and Health and Safety Representatives (HSRs).

  • Areas of concern raised by UQ staff or students.

  • Significant changes to legislation.

  • UQ’s HSW Policy and Procedures documents in the UQ Policy and Procedures Library.

  • The National Self-Insurer OHSMS Audit Tool (NAT) v3.

The UQ health and safety network and HSW Managers will have opportunities to provide input and feedback into preparation of the audit program prior to submission to the VCRCC in November each year.

Adjustments to the HSW audit program may be approved by the VCRCC.

3.2    Auditor Competency

Two formal HSW Auditor positions are recognised within the UQ HSW Audit framework:

 

Lead

Support

HSW Audit Lead

Level 3 and 2

All

HSW Auditors  

Level 1

All

The Director, HSW must ensure that the HSW Audit Lead is deemed competent via:

  • completion of the criteria in the Auditor Competency Checklist and the Lead Auditor Competency Checklist for Lead Auditors; or

  • completion of a recognised HSW Lead Auditor course.

The HSW Audit Lead is to verify competency for HSW Auditors by completion of appropriate training or as per the criteria in the HSW Internal Audit - Auditor Competency Checklist, including sufficient understanding of the OHSMS, relevant legislation and standards applicable to the area being audited.

3.3    Types of Workplace Health and Safety (WHS) audits

The HSW audit structure at UQ will consist of the following types of audits:

  • Level 1 Local activity, task, risk assessment or hazard-based audits conducted by local HSW personnel.

  • Level 2 HSW audits of OHSMS and risk factors lead by the HSW Division audit team.

  • Level 3 HSW audits of WHS management systems and risk factors conducted by external auditors (e.g. UQ Safe-Insurance WHS Management Systems audit).

3.4    Audit Rankings

An evaluation of conformance to the requirements of each audit are assessed.  The categories are defined in the Appendix – section 6.2.

In alignment with the UQ Internal Audit function, the overall audit outcome will be given an overall ranking based on the criteria below.

Internal Control Rating

1 Enhancement Opportunity

The internal control is of a high standard with some opportunities for improvement in efficiency or better practice.

2 Satisfactory

The internal control is considered to be generally adequate, appropriate and effective to ensure that the audited business process will achieve its objectives, with some improvement required.  Includes issues which are non-systemic, procedural in nature or administrative shortcomings.

3 Requires Improvement

Internal control weaknesses were identified which, if not appropriately addressed, could in the future result in the audited business process not achieving its objectives.

4 Weak

The internal control is considered to be inadequate and ineffective to ensure that the audited business process will achieve its objectives.

3.5    Corrective Actions

All non-conformances will result in corrective action planning to resolve the issue/hazard.  If management’s response to any significant finding does not address the identified risks, the HSW audit team will consult with management of the operations being reviewed and attempt to reach a mutually agreeable resolution. If no agreement is reached, the Audit Report will reflect the final position.

Relevant UQ management is responsible for confirming the implementation of agreed actions. The HSW Audit team will validate the assertions before closure of the issue/s.  High priority corrective actions require evidence to be submitted prior to the action being closed in the HSW Division corrective action register.

Corrective actions from Level 2 and 3 audits will be tracked by the HSW Division audit team. 

Corrective actions from Level 1 audits will be tracked locally by the relevant Organisational Unit.

Opportunities for Improvement will be agreed and tracked locally by the relevant Organisational Unit.

3.6    Reporting

3.6.1    Level 1 Reporting

Level 1 audit findings will be reported on at the local HSW Committee meeting and reported against the goal set in the Organisational Unit’s HSW Management Plan at the end of each calendar year as part of the HSW Goals Reporting.  Level 1 audit corrective actions will be tracked by the local areas through their HSW Committee meetings.

3.6.2    Level 2 and 3 Audit Reporting

Level 2 and 3 Audit documentation, reporting and evidence will be retained within the HSW Division documentation structure.  

Audit status, outcomes and corrective action updates will be discussed and minuted within the local HSW Committee meetings and status updates will be included in the HSW Division’s monthly reports.

3.6.2.1    Level 2 Audits

Level 2 audit completions will be reported through HSW monthly report using the following template.

Audits

Risk

Conclusion and Significant Audit Findings

 

 

Overall Control Rating        IA Control Rating

 

Primary findings

 

Management Actions for High Priority Items

 

3.6.2.2    Level 3 Audits

Level 3 audits will be reported in accordance with the reporting structure agreed during the scope development for the audit.

3.6.3    Corrective Action reporting

The HSW Division monthly report will detail:

  • high priority open corrective actions; and

  • summary of all open corrective actions per Organisational Unit.

3.6.3.1    Opportunities for Improvement

Completion of Opportunities for Improvement (OFI) recommendations will be tracked by the relevant Organisational Unit.

3.7    Tools

  • Auditor Competency Checklists are available from the HSW Division internal audit team:

    • Auditor Competency Checklist, and

    • Lead Auditor Competency Checklist for Lead Auditors.

  • Level 1 Audits - iAuditor or Level 1 Audit HSW Template as detailed in the HSW Internal Audit – Level 1 Audit Local Standard Operating Procedure (LSOP) available from the HSW Division internal audit team.

  • Level 2 Audits – templates as detailed in the HSW Internal Audit - Level 2 Audit Local Standard Operating Procedure (LSOP) available from the HSW Division internal audit team.

  • Corrective Action Register – maintained by the HSW Division internal audit team for both Level 2 and 3 internal and external audits.

4.0    Roles, Responsibilities and Accountabilities

4.1    Vice Chancellor’s Risk and Compliance Committee (VCRCC)

VCRCC is the approving body of the annual HSW internal audit plan and receives regular updates on the completion of outstanding corrective actions.

4.2    Executive Deans, Institute or CSS Directors

These positions support the HSW audit processes within their relevant areas of responsibility and provide feedback into the draft report to finalise management actions, assign resources and set completion dates.

4.3    Director, HSW

The Director, HSW is responsible for:

  • UQ’s HSW internal audit program;

  • approving a competent person as the HSW Audit Lead; and

  • facilitating the appropriate resources so that audits can be conducted and finalised within the agreed timeframes.

4.4    HSW Audit Lead

The HSW Audit Lead is responsible for:

  • developing the draft audit schedule for the following calendar year for approval by the Director, HSW and VCRCC;

  • overseeing the HSW audit program and leading the HSW audits as per the approved schedule;

  • issuing periodic reports to the VCRCC and Senate Risk and Audit Committee (SRAC), as required, and summarising results of audit activities and status of corrective audit actions; and

  • recommending professional development for the HSW Division Team, HSW Managers/Leads and the UQ safety network to ensure competency in completing the auditing process.

4.5    Health, Safety and Wellness (HSW) Manager/ Work Health and Safety Coordinator (WHSC)

The HSW Managers and relevant WHSCs develop Level 1 audit programs to be included in their local areas’ annual HSW Management Plan. This is reported in the annual HSW Goals Report. HSW Managers and WHSCs support the HSW Audit Lead to facilitate Level 2 audits within their area of responsibility.

5.0    Monitoring, Review and Assurance

The quality of UQ’s health and safety internal audit program and process is reviewed every four years through the external OHSMS audit conducted by an accredited, external auditor in accordance with the UQ Self Insurance Licence requirements.

The UQ Internal Audit program may include an assessment of the HSW Division’s auditing process and program in their audit schedule.

Audit corrective actions will be monitored through the local and Organisational Unit HSW committee meetings and included in the Organisational Unit’s HSW reports to senior leadership.

6.0    Appendix

6.1    Definitions

Audit -

  • Level 1 - are to ensure the control activities identified for specific hazards within local areas are effective. These audits are performed by members from the organisation unit HSW team in partnership with other members of the UQ safety network.

  • Level 2 - are to ensure the activities of UQ comply with the requirements stated in the University’s HSW management system, policies and procedures, and legislation.  Level 2 audits are usually overseen by the UQ HSW Division and led by a HSW Audit Lead.

  • Level 3 - provide assurance to UQ senior managers that the Level 2 assurance processes for the management of HSW risks are effective.  Level 3 audits can include:

    • Audits conducted by or arranged through UQ Internal Audit, and 

    • The National Self-Insurer OHSMS Audit for maintenance of the UQ’s workers’ compensation self-insurance licence. 

These Level 3 audits are conducted by external, accredited auditors.

Compliance - forced adherence to a law, regulation, rule, process or practice. 

Conformance - voluntary adherence to a standard, rule, specification, requirement, design, process or practice. The term “conformance” will be used in UQ’s health, safety and wellness audit program to apply to both compliance and conformance criteria.

Corrective Action Plan (CAP) - a corrective action plan is a set of corrective actions to resolve partial conformances or non-conformances identified in audits. 

Enterprise Risk Services - promotes a risk aware culture at UQ where everyone considers risks in their daily decision making to achieve their objectives.  Enterprise Risk Services provides best practice risk leadership and consistency in approach via the Enterprise Risk Management Framework which includes the Senate’s risk appetite statement, training, practical advice, tools and risk workshop facilitation.

HSW Audit Lead - a person who leads the audit team and is deemed competent to do so by the Director, HSW (3.2).

iAuditor - an online tool that the UQ HSW Division and the UQ HSW network more generally uses for Level 1 audits, inspection/audit checklists, reporting and data analysis. 

National Self-Insurance Audit Tool (NAT) v4 - this tool defines the criteria that relevant Regulators will use within their jurisdictions to assess OHSMS of self-insurers.

Occupational Health and Safety Management System (OHSMS) - a set of interrelated plans, processes and procedures to systematically manage health and safety in an organisation that aims to achieve the objectives of the organisation’s occupational health and safety (or HSW) policy.  

Risk Matrix - a matrix that is used during the risk assessment process to define the level of risk by considering the category of probability or likelihood against the category of consequence severity. 

Safety risk register - a table/spreadsheet of risks that allows you to assess and track each identified risk and any vital information about it.

Stakeholder Communication Plan - formally defines who should be given specific information, when that information should be delivered and what communication channels will be used to deliver the information.

UQSafe - the online system used by UQ for incident reporting, risk assessments, field work safety plans, facility certifications and biological approvals.

Work Injury Management (WIM) - UQ is self-insured for workers’ compensation meaning it manages workers' compensation claims and rehabilitation for UQ workers.  The WIM team make liability decisions, process and manage workers compensation claims on behalf of UQ in accordance with the legislation.

6.2    HSW Audit ratings 

An evaluation of conformance to the requirements are broken up into the following classifications:

Best practice (BP)

The assessment criteria of the OHSMS is being met and there is evidence to support this rating. The area has also implemented additional systems or processes that complement the OHSMS and enables a better proactive management of HSW.

Opportunity for improvement (OFI)

The assessment criteria are being met and there is evidence to support this rating. However, improvement/s to the HSW management practices have also been identified.

Conformance (C)

The term “conformance” will be applied to assessment criteria being met and where there is evidence to support this rating.

Partial conformance (PC)

The assessment criteria are not being adequately met, the HSW objectives are only partially effective and there is evidence to support this rating.

When identified:

  • the report will make recommendation/s; and

  • the partial conformance must be rectified in accordance with the Corrective Action Plan.

Non-conformance (NC)

The assessment criteria is not being adequately met and HSW objectives are not effective and there is evidence to support this rating.

When identified:

  • the report will make recommendation/s; and

  • the non-conformance must be rectified in accordance with the Corrective Action Plan.

Not verifiable (NV)

Conformance or non-conformance is unable to be verified, however, this criterion is relevant to the audit.

Not applicable (NA)

The question relating to the assessment criteria of the audit is not relevant to the area.

Custodians
Director, Health, Safety and Wellness Mr Jim Carmichael
Custodians
Director, Health, Safety and Wellness Mr Jim Carmichael