What Are Health and Safety Audits? A Complete Guide for UK and International Businesses

Health and safety audits are systematic examinations of how effectively your organisation manages workplace safety. They go beyond simple inspections to evaluate your entire safety management system, identifying gaps, measuring performance, and driving continuous improvement. This comprehensive guide explains what Health and Safety Audits are, why they matter, and how they protect your people and your business.

Introduction: Understanding Health and Safety Audits

Every employer has a legal duty to protect the health and safety of their workers. But how do you know if your arrangements are actually working? How can you identify gaps before they cause harm? How do you demonstrate to regulators, clients, and stakeholders that you take safety seriously?

The answer is health and safety auditing.

A health and safety audit is a structured, systematic review of your organisation's safety management arrangements. Unlike a quick walkthrough or informal check, an audit examines your policies, procedures, documentation, training, and workplace conditions against defined criteria to assess how well your safety systems are working.

For businesses operating in the UK and internationally, understanding what audits involve and how they add value is essential for effective safety management.

Defining Health and Safety Audits

What Is a Health and Safety Audit?

A health and safety audit is a systematic, independent examination of an organisation's health and safety management system to determine whether activities and results comply with planned arrangements, whether these arrangements are implemented effectively, and whether they are suitable to achieve objectives.

The Health and Safety Executive (HSE) defines auditing as the structured process of collecting independent information on the efficiency, effectiveness and reliability of the total health and safety management system and drawing up plans for corrective action.

Key characteristics of health and safety audits include:

Systematic: Audits follow a defined methodology rather than ad-hoc checking. They use consistent criteria and processes to ensure thorough, comparable assessments.

Independent: Effective audits require objectivity. Auditors should be independent of the activities being audited, whether they are internal auditors from a different department or external Health and Safety Consultants.

Evidence-based: Audit findings are supported by objective evidence gathered through document review, observation, and interviews, not opinions or assumptions.

Documented: Audit processes and findings are recorded, creating a record of what was examined, what was found, and what actions are recommended.

Audits vs Inspections: Understanding the Difference

People sometimes confuse audits with inspections, but they serve different purposes.

Inspections examine physical conditions at a specific point in time. They identify hazards present in the workplace, check that equipment is safe, and verify that immediate risks are controlled. Inspections answer the question: "Is the workplace safe right now?"

Audits examine management systems and processes. They evaluate whether your arrangements for managing safety are adequate, whether they are being followed, and whether they are achieving their intended outcomes. Audits answer the question: "Are our safety management arrangements effective?"

Both are valuable, but they are not interchangeable. Regular inspections catch immediate hazards. Periodic audits ensure your overall approach to safety is sound.

Aspect	Inspection	Audit
Focus	Physical conditions	Management systems
Scope	Specific area or hazard	Entire safety system
Depth	Surface-level check	In-depth evaluation
Frequency	Regular (daily/weekly)	Periodic (annual)
Output	Action list	Comprehensive report
Question answered	"Is it safe now?"	"Are our systems effective?"

Why Health and Safety Audits Matter

Legal Compliance

UK health and safety law requires employers to review their safety arrangements. The Management of Health and Safety at Work Regulations 1999 specifically require employers to review their risk assessments and safety arrangements when there is reason to suspect they are no longer valid or when there has been significant change.

While there is no explicit legal requirement for formal audits, they represent best practice for demonstrating compliance. When HSE investigators examine your safety management following an incident, evidence of systematic auditing demonstrates due diligence.

Identifying Gaps Before They Cause Harm

The most valuable function of audits is identifying weaknesses before they result in injury, illness, or worse. Every serious incident is preceded by warning signs, whether inadequate procedures, insufficient training, or gaps in supervision. Audits systematically search for these warning signs.

Consider what audits can reveal:

• Risk assessments that have not been reviewed for years
• Training records showing staff working without required competence
• Procedures that exist on paper but are not followed in practice
• Equipment inspection regimes that have lapsed
• Near misses that were never investigated or learned from

Each of these represents a failure waiting to happen. Audits find them first.

Measuring Performance

You cannot improve what you do not measure. Health and Safety Audits provide objective measurement of your safety performance, enabling you to track progress over time, compare performance across sites or departments, identify where improvement efforts should focus, and demonstrate improvement to stakeholders.

Supporting Continuous Improvement

Effective safety management is not static. Workplaces change, regulations evolve, new hazards emerge, and lessons must be learned. Audits drive continuous improvement by:

• Identifying areas requiring attention
• Providing baseline measurements against which to track progress
• Validating that previous improvements have been sustained
• Highlighting emerging issues before they become problems

Demonstrating Due Diligence

If an incident occurs, one of the first questions asked is: "What did the organisation do to prevent this?" Systematic auditing provides evidence of proactive safety management.

Audit records demonstrate that you regularly review your arrangements, identify and address gaps, and take safety seriously at management level. This evidence can be crucial in defending against prosecution or civil claims.

Meeting Client and Supply Chain Requirements

Many organisations now require their suppliers and contractors to demonstrate safety credentials. Tender documents frequently ask about safety management systems and audit arrangements.

Regular Health and Safety Audits provide evidence for pre-qualification questionnaires, demonstrate commitment to safety standards, and support contract wins. Organisations without audit programmes may find themselves excluded from valuable opportunities.

Types of Health and Safety Audits

Audits come in various forms, each serving different purposes.

Internal vs External Audits

Internal audits are conducted by your own staff, typically from a different department or site than the one being audited. They offer advantages including lower cost than external audits, familiarity with your organisation and operations, ease of scheduling and flexibility, and building internal audit capability.

However, internal audits have limitations. Internal auditors may lack full objectivity and miss issues that fresh eyes would catch. They may not have specialist expertise in all areas.

External audits are conducted by independent Health and Safety Consultants or certification bodies. External audits provide genuine independence and objectivity, specialist expertise and experience across multiple organisations, credibility with regulators and clients, and fresh perspective unclouded by familiarity.

Most organisations benefit from combining internal audits for regular monitoring with periodic external audits for objective assessment.

Compliance Audits

Compliance audits assess whether your arrangements meet legal requirements. They examine compliance with UK health and safety legislation including the Health and Safety at Work Act 1974, Management of Health and Safety at Work Regulations 1999, sector-specific regulations (COSHH, PUWER, LOLER, etc.), fire safety requirements, and building regulations.

Compliance audits answer the question: "Are we meeting our legal obligations?"

Management System Audits

Management system audits examine your entire safety management system, typically against a framework such as HSE's HSG65 (Plan, Do, Check, Act), ISO 45001, or your own internal standards.

These audits evaluate health and safety policy and organisation, planning and risk assessment processes, implementation and operation, performance monitoring and measurement, and management review and improvement.

Management system audits answer the question: "Is our overall approach to safety management effective?"

Certification Audits

Organisations seeking certification to standards like ISO 45001 undergo formal certification audits by accredited certification bodies. These audits verify conformance to the standard's requirements and, if successful, result in certification.

Certification audits follow prescribed processes and must be conducted by auditors qualified and accredited for the specific standard.

Sector-Specific Audits

Some industries have specific audit requirements or standards:

• Construction: CDM compliance audits
• Food and beverage: Food safety and HACCP audits
• Healthcare: CQC compliance, infection control audits
• Manufacturing: Process safety, machinery safety audits
• Logistics: Driver and vehicle safety audits

International Audits

For organisations operating across borders, International Health and Safety Consultants conduct audits against multiple regulatory frameworks. International audits must address:

• UK requirements (HSWA, associated regulations)
• EU Framework Directive and national implementations
• Country-specific requirements such as RI&E in the Netherlands, PAPRIPACT in France, DGUV in Germany, or RSPP in Italy
• US OSHA standards where applicable
• International standards like ISO 45001

Global Health and Safety Consultants provide consistency across jurisdictions while ensuring local compliance.

The Health and Safety Audit Process

Understanding the audit process helps you prepare effectively and gain maximum value.

Stage 1: Planning

Effective audits begin with thorough planning:

Define scope: What will the audit cover? The entire management system? Specific sites? Particular hazards or regulations?

Establish criteria: Against what standards will the audit assess? Legal requirements? Internal standards? ISO 45001?

Gather background information: Auditors review available documentation, previous audit reports, incident records, and organisational information before the audit begins.

Develop audit plan: The plan specifies what will be examined, when, and how. It identifies documents to review, areas to inspect, and people to interview.

Communicate: Those being audited should know what to expect, when the audit will occur, and what will be required of them.

Stage 2: Document Review

Before (or at the beginning of) the on-site audit, auditors review key documentation:

• Health and safety policy
• Risk assessments
• Safe systems of work and procedures
• Training records and competence evidence
• Inspection and maintenance records
• Incident and near miss records
• Previous audit reports and action plans
• Management review minutes

Document review identifies what should be happening according to your systems and highlights areas requiring further examination during the on-site audit.

Stage 3: On-Site Assessment

The on-site audit gathers evidence through multiple methods:

Observation: Auditors observe work activities, workplace conditions, and behaviours. They look for alignment between documented procedures and actual practice.

Inspection: Physical examination of premises, equipment, and safety provisions verifies that arrangements described in documents actually exist.

Interviews: Conversations with managers, supervisors, and workers reveal understanding of responsibilities, awareness of procedures, and perceptions of safety culture.

Record sampling: Auditors sample records to verify that documented systems are being followed, for example checking that equipment inspections are actually conducted at stated frequencies.

Stage 4: Analysis and Evaluation

Auditors analyse gathered evidence against the audit criteria:

• Where do arrangements meet requirements?
• Where are there gaps or non-conformances?
• What is the significance of identified issues?
• What are the root causes of problems?

Findings are classified by severity, typically as major non-conformances (significant failures requiring immediate attention), minor non-conformances (departures from requirements not affecting overall system effectiveness), and observations or opportunities for improvement.

Stage 5: Reporting

The audit report documents findings and recommendations:

Executive summary: Key findings and overall conclusions for leadership

Methodology: How the audit was conducted, what was examined

Detailed findings: Specific observations, evidence gathered, and assessment against criteria

Non-conformances: Clear description of gaps, with supporting evidence

Recommendations: Prioritised actions to address findings

Conclusion: Overall assessment of management system effectiveness

A good audit report is a valuable management tool, not just a compliance document.

Stage 6: Follow-Up

Audits only add value if findings are acted upon:

Action planning: Each finding requires an assigned owner, defined actions, and target completion date.

Implementation: Actions are completed as planned.

Verification: Subsequent audits or checks verify that actions have been effective.

Close-out: Findings are formally closed when corrective actions are verified as complete and effective.

What Health and Safety Audits Examine

Comprehensive audits examine all elements of your safety management system.

Policy and Organisation

• Is there a written health and safety policy?
• Does the policy reflect current arrangements?
• Are responsibilities clearly defined?
• Is senior management commitment visible?
• Are resources adequate?

Planning and Risk Assessment

• Are significant hazards identified?
• Are risk assessments suitable and sufficient?
• Are risk assessments regularly reviewed?
• Are control measures specified and implemented?
• Is there a process for identifying legal requirements?

Implementation and Operation

• Are safe systems of work defined and followed?
• Is competence defined and assured?
• Is training provided and effective?
• Are contractors and visitors managed safely?
• Is safety communication effective?
• Are emergency arrangements adequate?

Performance Monitoring

• Are proactive monitoring activities conducted (inspections, observations)?
• Are incidents and near misses investigated?
• Is corrective action taken and tracked?
• Are performance indicators measured and reviewed?

Management Review

• Does senior management review safety performance?
• Are improvement objectives set?
• Are resources allocated to improvement?
• Is the management system regularly reviewed?

Who Should Conduct Health and Safety Audits?

The choice of auditor affects audit quality and value.

Internal Auditors

Internal auditors should be competent in auditing principles and techniques, independent of the area being audited, have sufficient knowledge of health and safety, and have authority to access required information.

Training internal auditors builds organisational capability and enables more frequent, cost-effective monitoring.

External Auditors

External Health and Safety Consultants bring independence, expertise, and fresh perspective. Look for:

Qualifications: CMIOSH (Chartered Member of IOSH) is the UK gold standard. For international work, verify relevant qualifications in each jurisdiction.

Experience: Auditors should have relevant sector experience and demonstrated audit competence.

Methodology: Reputable consultancies use systematic, documented audit methodologies.

References: Check references from comparable organisations.

Certification Body Auditors

For ISO 45001 or other certification, audits must be conducted by accredited certification bodies using auditors qualified for the specific standard.

How Often Should You Audit?

Audit frequency depends on your circumstances.

Recommended Frequency

Annual comprehensive audits are standard practice for most organisations. Annual audits ensure arrangements remain current, provide regular objective assessment, and demonstrate ongoing commitment to safety management.

More frequent auditing may be appropriate for higher-risk industries, organisations with recent compliance issues, rapidly changing operations, and multi-site organisations (rotating through sites).

Continuous internal monitoring between formal audits maintains vigilance. This might include regular workplace inspections, safety observation programmes, documentation spot-checks, and management safety walks.

Triggers for Additional Audits

Beyond scheduled audits, consider additional audits after significant incidents or near misses, when operations change significantly, following regulatory changes, before major contracts requiring safety credentials, or when concerns about compliance emerge.

Health and Safety Audits in International Contexts

For businesses operating across borders, auditing presents additional considerations.

Regulatory Variation

Different countries have different requirements. Effective international auditing requires understanding local regulatory frameworks, identifying common requirements and differences, auditing against both local requirements and corporate standards, and ensuring local compliance while maintaining global consistency.

Practical Challenges

International auditing involves logistical complexity (travel, scheduling, coordination), language barriers, cultural differences affecting safety attitudes, and varying availability of local expertise.

Approaches to International Auditing

Centralised auditing: Corporate audit team conducts all audits globally. This provides consistency but may miss local nuances and incurs significant travel costs.

Local auditing: Local auditors conduct audits in each country. This captures local knowledge but may lack consistency.

Coordinated approach: International Health and Safety Consultants with global networks provide consistent methodology with local expertise. This balances consistency with local knowledge.

Global Health and Safety Consultants like Arinite support organisations across 50+ countries, providing coordinated programmes that ensure both local compliance and global consistency.

Preparing for a Health and Safety Audit

Effective preparation maximises the value you gain from audits.

Before the Audit

Gather documentation: Ensure policies, risk assessments, training records, and other key documents are accessible and current.

Review previous audits: Check status of actions from previous audits. Auditors will ask about these.

Brief staff: Ensure people know the audit is happening, understand its purpose, and know what may be asked of them.

Conduct self-assessment: Review your arrangements against the audit criteria yourself. This identifies issues you can address before the audit.

During the Audit

Be open and honest: Audits work best when auditees are candid about challenges and difficulties.

Provide access: Ensure auditors can access premises, documents, and people as needed.

Stay engaged: Accompany auditors, answer questions fully, and seek clarification if needed.

Take notes: Record observations and feedback that may be valuable later.

After the Audit

Review findings promptly: Understand what was found and why.

Develop action plans: Assign owners and timelines for addressing findings.

Implement actions: Complete corrective actions as planned.

Verify effectiveness: Ensure actions actually resolve the identified issues.

Learn and improve: Use audit insights to strengthen your overall approach to safety management.

Common Audit Findings

Understanding typical findings helps you address common weaknesses proactively.

Documentation Issues

• Policies and procedures that are out of date
• Risk assessments that have not been reviewed
• Training records that are incomplete or missing
• Inspection records with gaps

Implementation Gaps

• Procedures that exist but are not followed
• Training that has been delivered but not embedded
• Controls that are specified but not implemented
• Monitoring that is planned but not conducted

Management System Weaknesses

• Unclear responsibilities
• Inadequate resources
• Lack of management review
• Poor communication

Specific Compliance Gaps

• Missing or inadequate risk assessments for significant hazards
• Overdue equipment inspections
• Expired certifications
• Incomplete incident investigations

The Value of Professional Health and Safety Audits

Health and Safety Audits from qualified Health and Safety Consultants deliver significant value.

Expertise

Professional auditors bring deep knowledge of health and safety requirements, experience across multiple organisations and sectors, understanding of what good practice looks like, and ability to identify issues that internal reviews miss.

Objectivity

External auditors provide genuine independence, honest assessment without internal politics, fresh perspective unclouded by familiarity, and credibility with regulators and clients.

Practical Focus

Good auditors focus on practical improvement, not just compliance checking. They help you understand not just what needs to change, but how to change it effectively.

Technology Integration

Modern Health and Safety Consultants and Software solutions support efficient audit programmes with standardised methodologies, centralised findings management, action tracking, and trend analysis.

Arinite's Approach to Health and Safety Audits

Arinite provides Health and Safety Audits that deliver genuine value for organisations of all sizes and sectors.

CMIOSH-qualified auditors: Our Chartered consultants bring the highest level of professional qualification and expertise.

Systematic methodology: We use consistent, thorough audit approaches that examine your entire management system.

Practical recommendations: Our findings are actionable and prioritised, helping you focus improvement efforts where they matter most.

International capability: Global Health and Safety Consultants supporting operations across 50+ countries with consistent approaches and local expertise.

Ongoing partnership: We help you implement improvements, not just identify gaps. Our 95%+ client retention demonstrates consistent delivery of value.

Frequently Asked Questions

What is the main purpose of a health and safety audit?

The main purpose of a Health and Safety Audit is to systematically evaluate whether your safety management arrangements are effective. Audits identify gaps, measure performance, and drive continuous improvement in workplace safety.

How is an audit different from a risk assessment?

Risk assessments identify hazards and evaluate risks from specific activities or situations. Audits examine your overall management system, including whether risk assessments are conducted properly, reviewed regularly, and acted upon. Audits assess the system; risk assessments are part of the system.

Are health and safety audits legally required?

While there is no explicit UK legal requirement for formal audits, the Management of Health and Safety at Work Regulations require employers to review their arrangements. Auditing is best practice for demonstrating this review and overall compliance.

How long does a health and safety audit take?

Duration depends on organisation size and complexity. Small businesses may require one to two days. Medium organisations typically need two to five days. Large or multi-site organisations may require weeks of audit time across multiple visits.

Who should conduct a health and safety audit?

Audits can be conducted internally or externally. Internal auditors should be competent and independent of the area being audited. External Health and Safety Consultants provide greater objectivity and specialist expertise. Most organisations benefit from combining internal monitoring with periodic external audits.

What qualifications should an auditor have?

For UK audits, CMIOSH (Chartered Member of IOSH) is the gold standard. For international audits, auditors should have relevant qualifications in each jurisdiction. For ISO 45001 certification, auditors must be accredited for that standard.

How often should we have a health and safety audit?

Annual comprehensive audits are standard practice for most organisations. Higher-risk industries, those with compliance issues, or rapidly changing operations may benefit from more frequent auditing. Internal monitoring should occur continuously between formal audits.

What happens if an audit finds problems?

Findings are documented in the audit report with recommended actions. Each finding should be assigned an owner, have defined corrective actions, and a target completion date. Subsequent audits verify that actions have been effective.

Can we fail a health and safety audit?

Unlike examinations, audits do not result in pass or fail grades. However, audits identify non-conformances that require action. Certification audits may result in certification being withheld or withdrawn if significant non-conformances are not addressed.

How do we prepare for a health and safety audit?

Preparation includes gathering documentation, reviewing previous audit actions, briefing staff, and conducting self-assessment. Being open, providing access, and engaging constructively during the audit maximises value. Taking prompt action on findings after the audit is essential.

Taking the Next Step

Health and safety audits are essential tools for effective safety management. They provide objective assessment, identify gaps before they cause harm, demonstrate due diligence, and drive continuous improvement.

Whether you need your first audit, want to improve your current audit programme, or require support for international operations, professional guidance helps you get maximum value from your investment.

Assess your current position: Take our Health and Safety Quiz for a quick compliance assessment.

Discuss your requirements: Book a free Gap Analysis Call with our consultants to discuss your specific audit needs.

Get expert support: Contact Arinite to learn how our Health and Safety Audits can strengthen your safety management.

---

Arinite is a leading provider of Health and Safety Audits for UK and international businesses. Our CMIOSH-qualified consultants support over 1,500 global businesses across 50+ countries, delivering comprehensive assessments that identify gaps, measure performance, and drive genuine improvement in workplace safety.