Internal auditing is an essential tool for managing compliance, and for initiating and driving continual improvement in any organization’s systematic HSEQ performance.
Health and Safety, Environment and Quality Audits includes the latest health and safety, environmental and quality management system standards – ISO 9001, ISO 14001 and ISO 45001. It delivers a powerful and proven approach to risk-based auditing of business-critical risk areas using ISO, or your own management systems. It connects the ‘PDCA’ approach to implementing management systems with auditing by focusing on the organization’s context and the needs and expectations of interested parties. The novel approach leads HSEQ practitioners and senior and line managers alike to concentrate on the most significant risks to their objectives, and provides a step-by-step route through The Audit AdventureTM to provide a high-level, future-focused audit opinion. The whole approach is aligned to the international standard guidance for auditing management systems (ISO 19011).
This unique guide to HSEQ and operations integrity auditing has become the standard work in the field over three editions whilst securing bestseller status in Australasia, Europe, North America and South Africa. It is essential reading for senior managers and auditors alike – it remains the ‘go to’ title for those who aspire to drive a prosperous and thriving business based on world-class HSEQ management and performance.
Table of Contents
List of Figures
List of Tables
List of Case Studies
About the Author
Preface to the Third Edition
Preface to the Second Edition
Preface to the First Edition
1. Context of the Organization
2. Management Systems and Business Control
3. ISO 19011 and Initiating Audit Culture
4. Relationships with Auditees
5. The Audit AdventureTM
6. Prepare Audit Activities
7. Conduct the Audit
8. Teamwork and the Conscious Use of Language
9. Conclude the Audit
10. Write the Audit Report and Follow Up
Appendix 1 A-Factors
Appendix 2 Preparation, Preparation, Preparation
Appendix 3 Pre-audit Letter
Appendix 4 Guide to Online Content
Appendix 5 Example Examination Questions
List of Abbreviations
Glossary of Operations Integrity Language
Comments from Training Course Participants
Stephen Asbury is the author of six books for Routledge on safety and risk management, a director of the AllSafe Group, and an HSE consultant with over 30 years’ experience. Awarded the IOSH President's Distinguished Service Award in 2010, Stephen was the HSE Technical Discipline Manager for PetroSkills LLC (2006–16), and today is an instructor teaching their safety and HSE management training programs around the world.
He is a Chartered Safety and Health Practitioner (CFIOSH), a Chartered Environmentalist (CEnv), and a Professional Member Emeritus of the American Society of Safety Professionals (ASSP). Stephen's risk management experience was gained working in organizations, in consultancy, and in the London insurance market in >60 countries on six continents. He was the longest-serving member of the IOSH Council of Management from 1998–2013. In addition to his books, Stephen is the author of around 40 technical papers and journal articles. He was awarded an MBA with Distinction (Leicester, 1995), and is presently completing his PhD in London. His first qualification was at law.
Featured Author Profiles
‘Health and safety management is an integral part of business risk management, with auditing being an essential component for helping ensure efficacy and continual improvement. Audits should not be dreaded or adversarial, but regarded as opportunities for organizations to learn and for their auditors to share good practices. The international adoption of ISO 45001 is a timely reminder of the value of structure in establishing control of health and safety risks.
Stephen Asbury’s book, now in its third edition, can assist employers and prospective and practicing auditors to better understand their respective roles and also the potential value to the organization of a well-designed and conducted audit undertaken by a competent auditor or audit team.’ — Rob Strange OBE, Chief Executive (2001 – 2013), The Institution of Occupational Safety and Health (IOSH), Leicester, UK
‘Never has it been so important for organisations and broader society to manage the risks, dependencies and interface with the environment. Not only to reduce the impacts they have on the environment but also to create new opportunities for development and growth.
Competent auditing provides assurance to boards and senior management that appropriate controls and governance arrangements are in place to effectively manage environmental impacts and support performance improvement.
I very much welcome this book and I know it will be a great help to auditors, helping this important function to deliver assurance and value to business.’ — Tim Balcon, Chief Executive, Institute of Environmental Management and Assessment (IEMA), Lincoln, UK
‘Check is a cornerstone of the Plan Do Check Act cycle, which is fundamental to an occupational health and safety management system. The audit element of the management system is a very valuable part. This is the only real way you will know if what you have planned is actually being implemented and working as it should.
An audit allows you to identify opportunities to implement improvements to make the system and the organisation run better and improve its performance. Think about how your car runs:
While you are driving, you check your speed and fuel, this is like checking your incident, illness and lost time statistics. You also perform inspections of your car’s essentials, like oil level, water levels, tyre pressure and depth. This is like your own safety inspections. But to ensure that the car is running as efficiently as it should and that key components are not in need of replacement you have a service by a competent mechanic. These days it is likely to mean a computer-based diagnostic analysis of the whole car’s systems. This analysis will identify any adjustments or opportunities to improve performance.
An audit is more than looking at your key performance indicators. It is a holistic review and analysis of your management system and its performance that will allow you to identify areas to improve that performance.’ — Phil Bates, Member of ISO/PC 283 Working Group on ISO 45001
‘As a past General Manager for Royal Dutch Shell, my time spent doing HSE audits provided some of the most rewarding experiences in my career. There is no better way to learn about the business than by asking questions, seeking evidence, and prioritising the findings against the risks. However, carrying out an audit brings with it the responsibility to follow the process.
Stephen Asbury is probably the best instructor that I have come across, and certainly receives the highest level of feedback for the courses that he delivers for the PetroSkills oil and gas training alliance.
Stephen brings enthusiasm, ability to communicate, and an understanding of the subject that comes through in his writing. If you have an opportunity to participate in an audit, seize it, and enjoy.’ — Dr. Adrian Hearle, Regional Director, PetroSkills Europe & Africa, Managing Director, PetroSkills HSE
‘Stephen Asbury and I have been associated for over 20 years. Back then, he was Royal Insurance’s risk engineer assigned to our account, and we conducted many audits together in Europe and here in the US.
Audits have increasingly become an essential part of doing business and have not only been embraced by our management but built into the educational structure of McDonalds and our Hamburger University. Safety and the protection of our customers and employees are the highest priority.
Risk-based audits play a major role in allowing us to provide that protection, and I am pleased to endorse Stephen’s methodology presented within the third edition of this extremely popular book.’ — Jim Marshall, Director, Insurance & Safety (retired)
McDonald's Corporation, Oak Brook, Illinois, USA
‘Auditing is an essential component of effectively implemented management systems - it provides assurance to management, and enables an opportunity to alert and where appropriate to advise management on actions to be taken.
This book, Health & Safety, Environment and Quality Audits: A Risk-based Approach, offers a unique and extremely clear overview of the 'The Audit AdventureTM' which will be invaluable to those who are involved with auditing, whether as an auditor or those who are audited. The 'Audit Adventure©' approach described herein is consistent with ISO 19011, and the new ISO Annex SL-based management system standards.
It provides not only the background to auditing but outlines each stage of an excellent auditing process with real life examples and informative examples, metaphors and case studies.
It is ideal reading for students taking specific auditing courses, such as the IOSH ‘SHE Auditing’ class as well as specialist auditing classes offered by PetroSkills, and other leading training organizations.
Furthermore, it provides, outstanding, additional reading for those undertaking a wide range of health, safety, environmental and quality courses, ranging from the NEBOSH General Certificate to postgraduate qualifications, or for anyone who needs to clearly understand the concepts of the audit process.’ — Jonathan Backhouse, Chartered Safety and Health Practitioner, MRes MA BA(Hons) DipNEBOSH EnvDipNEBOSH CertEd CMIOSH, NEBOSH Examiner
‘Stephen is renowned for his contribution in the field of health, safety and environment assurance and risk-based audit. I was privileged to have worked with him in South Africa, Europe and many parts of Asia to sincerely share his strong qualities of dedication, perseverance and such fun to work with. He takes pain to complete his tasks with aplomb, is a great team player, orchestrator yet an excellent mastermind. His penchant for detail and customer satisfaction is worthy of emulation.
This book HSEQ Audits succinctly traces the logic of the effective risk based audit approach, with a culmination of years of continuous improvement in the art and science of auditing. I recommend Stephen and his approaches to auditing to any organization wanting to improve their risk management or health, safety and environment management systems.’ — Dato Lokman Awang DIMP, MBA(Fin),CMIIA, MICG, BAppSc(hons) (Mining), Managing Director, Proactive Control Sdn Bhd. Kuala Lumpur, Malaysia
‘Maintaining control in a very large and complex organisation of many divisions and many sites such as ours requires thoughtful structure in control systems. Over the years, we have learned to drive improvement into our systems by learning positively from our experiences – actively and reactively. Our commitment to validate our competence and continual improvement is driven by our senior management and satisfies our customers compliance requirements, so we have maintained ISO 9001, ISO 14001 systems for many years.
There is always a possible danger that some sites might try to do the bear minimum (or less), ramping up their control only when an external audit draws close. And so this is where our internal audit programme fits. It is designed to regularly, reliably and thoroughly assess the performance of our management systems and controls to assure and assist our divisions and sites to deliver against their business objectives.
Stephen Asbury provided management systems training to all our senior, division and site managers in 2015-6. It was extremely well received. This book captures the essence of the ‘Asbury live’ risk-based auditor training event, and I am pleased to commend it to you’ — Ian Kempson, HSEQ Manager, ERIKS UK and Ireland
‘The third edition of Stephen Asbury’s influential book on everything relating to effective HSQE auditing is now with us, some ten years since the first. It is four years or so since the second edition and with the long awaited and much debated ISO 45001 being expected to dock soon, there cannot be a better time for the third to be published.
I attended an ISO 45001 webinar some months ago, chaired and presented by Mr Asbury, in which he gave a very well informed, clear and concise overview of the likely benefits, impacts and challenges of the new standard. Quite simply, he knows his stuff inside out and back to front from both theoretical and practical perspectives which, combined with a very engaging writing style, continue to underpin this excellent book. I commend it to all involved in the world of HSEQ auditing.’ — Mike Hann, Health and Safety Manager, Mayflower Theatre, Southampton, UK
‘Auditing for any company is important, and doing it to the right level is equally important; but gaining an independent review of the suitability of organisations' management systems is critical. Many times it is said that too many audits are conducted and that this puts not only a direct cost constraint on companies but also results in the loss of productive operational time, which ultimately costs more money. This is why the ‘right’ audit by the ‘right’ auditor is essential.
During these current difficult times companies need to be alert to the risks that are present. Cuts in budgets erode the resources that are available to companies and in some instances critical risk factors may be exposed. It may be that the company itself is unaware of the holes that have appeared in its own compliance, such as important aspects of its health and safety processes or its corporate social responsibility (CSR) practices. Staff cuts can easily result in a breakdown in compliance if those within the business with the specialist skills, knowledge or responsibility for important processes are removed.
It is important for companies to ensure that the auditing of these higher-risk elements is carried out correctly, thoroughly and on a regular basis by a competent person. As we know, exposure to risks, such as a health and safety processes being neglected, can have very serious consequences in the event of an accident or fatality. It is independent audits that are essential for companies to have this ‘fresh eyes’ approach so that they can all aim for that ultimate quality objective: continual improvement.’ — Kristofer Whitfield, Head of Global Audit, Achilles Information Limited
‘My greatest challenges have come from implementing HSE programmes in the emerging markets of the Far East, Africa, Eastern Europe and Eurasia, where Stephen Asbury first provided the foundation of my assurance programmes. In my experience, an HSE practitioner requires the skills to positively influence the top management of a business from a position of strength, credibility and neutrality. In this his latest book, Stephen provides a comprehensive insight into the effective tools needed by such a practitioner to develop and sustain an effective assurance programme delivering that elusive ‘value add’ to the organisation.’ — Fred Alderson, Present and past positions: HSE Manager, The Scottish Salmon Company, Edinburgh, Group HSE Manager, Britvic Soft Drinks, Vice President Global Operational Risk, Deutsche Post DHL, Head of Loss Control, Coca-Cola Hellenic
‘Stephen Asbury provided a lot of help and guidance to us when we were first looking to establish a Global Health and Safety (H&S) Management System at Pearson. As a starting point, he conducted an audit with us covering 90 countries to provide clarity on what we had in place and this was used to make recommendations to the Board. For us establishing clear H&S Standards, communicating them well, and auditing them to prioritise future improvements is key to success in my opinion.
I've found Stephen's latest book incredibly informative and would recommend it to you. It is filled with case studies, practical tips and A-Factors (as he calls them) that will assist your organisation to establish a robust approach to H&S management and auditing. Enjoy your own ‘Auditing Adventure’ as you drive significant improvement into your own organisation.’ — Kate Loades, Global Vice-President, Insurance, Risk and Health and Safety, Pearson plc
"Asbury's book is well researched and will be relevant to all HSEQ auditors and particularly managers, not least because the new standards require senior management to understand and lead on management systems. It will also be useful to those with an interest in governance, assurance and organisational improvement." - Simon Toseland, ioshmagazine
'This book is an excellent reference for day-to-day use by Health, Safety, Environment and Quality (HSEQ) professionals. It is easy to read and considers the interests of a beginner, as well as experienced management systems professionals. The explanations and case studies included by the author help readers to understand the
complex terms involved. I have had this book for the past six months and have referred to it a number of times
to recommend solutions to issues in our management systems...This book is a must for beginners and
for experienced management systems professionals and auditors. I have already recommended this book to my colleagues.' - Arvind Kumar Sharma is the Quality Assurance and Quality Control Manager
Please visit our companion website for additional support materials.