Audit Audit Terminology
A systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.
Internal audits, sometimes called first party audits, are conducted by the organisation itself, or on its behalf, for management review and other internal purposes, e.g. to confirm the effectiveness of the management system or to obtain information for the improvement of the management system. Internal audits can form the basis for an organisation's self declaration of conformity. In many cases, particularly in small organisations, independence can be demonstrated by the freedom from responsibility for the activity being audited or freedom from bias and conflict of interests.
External audits include second and third party audits. Second party audits are conducted by parties having an interest in he organisation, such as customers, or other persons on their behalf. Third party audits are conducted by independent auditing organisations, such as regulators or those providing certification.
When two or more management systems of different disciplines (e.g. quality, environmental, occupational health and safety) are audited together, this is termed a combined audit.
When two or more auditing organisations cooperate to audit a single auditee, this is termed a joint audit.
Audit Criteria Audit Criteria Terminology
Set of policies, procedures or requirements used as reference against which audit evidence is compared.
The audit criteria are legal (including statuatory or regulatory) requirements, the terms "compliant" or "non-compliant" are often used in an audit finding.
Audit Evidence Audit Evidence Terminology
Records, stetements of fact or other information which are relevant to the audit criteria and verifiable.
Audit Evidence can be quallitative or quantitative.
Audit Findings Audit Findings Terminology
Results of the evaluation of the collected audit evidence against audit criteria.
Audit findings indicate conformity or non-conformity.
Audit findings can lead to the identification of opportunities for improvement or recording good practices.
If the audit criteria are selected from legal or other requirements, the audit finding is termed compliance or non-compliance.
Audit Conclusion Audit Conclusion Terminology
Outcome of an audit, after consideration of the audit objectives and all audit findings
Audit Client Audit Client Terminology
Organisation or person requesting an audit.
In the case of an internal audit, the audit client can also be the auditee or the person managing the audit programme. Requests for external audit can come from sources such as regulators, contracting parties or potential clinets.
Auditee Auditee Terminology
Organisation being audited.
Auditor Auditor Terminology
Person who conducts an audit.
Audit Team Audit Team Terminology
One or more auditors conducting an audit, supported if needed by technical experts.
One auditor of the audit team is appointed as the team leader.
The audit team may include auditors-in-training.
Technical Expert Technical Expert Terminology
Person who provides specific knowledge or expertise to the audit team.
Specific knowledge or expertise is that which relates to the organisation, the process or the activity to be audited, or language or culture.
A technical expert does not act as an auditor in the audit team.
Observer Observer Terminology
Person who accompanies the audit them but does not audit.
An observer is not a part of the audit team and does not influence or interfere with the conduct of the audit..
An observer can be from the auditee, r regulator or other interested party who witnesses the audit.
Guide Guide Terminology
Person appointed by the auditee to assist the audit team.
Audit Programme Audit Programme Terminology
Arrangements for a set of one or more audits planned for a specific time frame and directed towards a specific purpose.
Audit Scope Audit Scope Terminology
Extent and boundaries of an audit.
The audit scope generally includes a description of the physical locations, organisational units, activities and processes, as well as the time period covered.
Audit Plan Audit Plan Terminology
Description of the activities and arrangements for an audit.
Risk Risk Terminology
Effect of uncertainty on objectives.
Competence Competence Terminology
Ability to apply knowledge and skills to achieve intended results.
Ability implies the appropriate application of personal behaviour during the audit process.
Conformity Conformity Terminology
Fulfillment of a requirement.
Non-conformity Non-conformity Terminology
Non-fulfillment of a requirement.
Management System Management System Terminology
System to establish policy and objectives and to achieve those objectives.
A management system of an organisation can include different management systems, such as quality management system, a financial management system or an environmental management system.

Pims HSE is a flexible set of software applications that effectively manage aspects of your organisations safety program. Omega's goal is to ensure that our clients provide a safe and healthy working environment for their employees, and to help achieving goals set forth in HSE policies and strategic objectives.

Personnel is expected to achieve year-over-year improvement in safety performance while driving to a zero destination: Zero safety incidents, zero injuries and zero days off work due to injury; in other words a perfect HSE record. This requires a "decision to change" - change behaviour and the way things are done to ensure safety is always at the forefront for every employee.

A zero vision does not mean that another injury will never occur. Rather, it means a commitment to working as many hours as possible without an injury. This requires an attitude that says any injury or accident, even a small one, shouldn't be taken lightly. Any incident is unacceptable.

The introduction of HSEMS has provided a better assurance that technology and standards are applied consistently, that hazards are thoroughly identified, analysed and managed. Continouos improvement require a deeper embedding of the management system, which lead to a culture where people are intrinsically motivared to operate the elements of the HSEMS.

The HSEMS is comprised of eight interrelated elements as described in the figure below. Click on the element of interest to see a more detailed description of the element and to see how Pims HSE supports this part of the HSEMS.

Leadership and Commitment

Top-down commitment and company culture necessary for the success of the overall HSEMS.

Management should provide strong visible commitment, leadership and personal involvement in health, safety and the environment, and make available the resources necessary to achieve HSE objectives.

Effective management leadership is vital to the success of a HSEMS and lays the foundation upon which a solid HSE program is built. Strong, visible leadership and commitment is necessary to develop, operate and maintain the HSEMS, to attain the policy and strategic objectives, and to ensure that full account is taken of the HSE policy requirements. Leadership from all levels of the organisation is key to success, and all employees must demonstrate leadership on a daily basis if the overall program is to be successful.

Relevant Pims HSE Modules

Workflow Management

HSE Workflow Control for Web

Workflow Editor

Action Management

Audit Management

Policy and Strategic Objectives

Say what you are going to do

Develop and communicate policies demonstrating a commitment to HSE that is consistent with, and at least equal to, other business aims. Supporting objectives should be defined, deployed and maintained at all organisational levels.

Corporate intentions, principles of action and aspirations with respect to health, safety and the environment and the aim of improved HSE performance.

A clearly defined HSE policy ensures that the health and safety as well as the protection of the environment are top priorities. Management should define and document its HSE policies and strategic objectives and ensure that they
Are consistent with those of any parent company
Are relevant to activities, products and services, and their effects on HSE
Are consistent with other policies
Have equal importance with other policies and objectives
Are implemented and maintained at all organisational levels
Are publicly available
Commit the company to meet or exceed all relevant regulatory and legislative requirements
Apply responsible standards of its own where laws and regulations do not exist
Commit the company to reduce the risks and hazards to health, safety and the environment of its activities, products and services to levels which are as low as reasonable practicable
Provide for the setting of HSE objectives that commit the company to continuous efforts to improve HSE performance

Strategic HSE objectives should be reviewed periodically. The objectives should be consistent with company policy and reflect the activities, relevant HSE hazards and effects, operational and business requirements, and the views of employees, contractors, customers and companies engaged in similar activities.

Organisation, Resources and Documentation

Organisation of people, resources and documentation for sound HSE performance.

Define, document and communicate roles, responsibilities and accountabilities to enable every individual to fulfill their role in improving HSE performance.

Successful handling og HSE matters is a line responsibility, requiring the active participation of all levels of management and supervision. This should be reflected in the organisational structure and allocation of resources.

Roles, responsibilities, authorities, accountabilities and interrelations necessary to implement the HSEMS should be defined, documented and communicated, stressing employees individual and collective responsibility for HSE performance. It must be ensured that personnel are competent and have the necessary authority and resources to perform duties effectively.

The organisational structure and allocation of responsibilities should reflect the responsibility of line managers at all levels for developing, implementing and maintaining the HSEMS in their particular areas.

Procedures for ensuring that personnel performing specific assigned HSE activities and tasks are competent must be maintained. Systems for competence assurance should apply to both initial recruitment and to selection for new activities. The continuing competence of personnel to perform their duties should be regularly reviewed and assessed, including appropriate consideration of personal development and training required to achieve competence for changing activities and technologies.

Systematic analysis of requirements for tasks
Assessment of individuals' performance against defined criteria
Documented evidence of individual competence
Programmes for periodic re-assessment

Evaluation and Risk Management

Identification of HSE hazards and evaluation of HSE risks, for all activities, products and services, and development of measures to reduce these risks.

Risk is present in all human endeavours. Continuous evaluation of HSE risks to the workforce, customers and the environment, continuous evaluation of processes and activities for specific hazards - assess potentials, record and control the subsequent risk to a tolerable level.


HSE considerations should be an integral part to all aspects of business planning or changes in the desgin, development, purchasing and delivery of products and services

Planning of work activities, including risk reduction measures selected through the avaluation and risk management process. This includes planning for existing operations, managing changes and developing emergency response measures.

Implementation and Monitoring

Do what you said you would do

Activities and Tasks

Activities and tasks should be conducted according to procedures and work instructions developed at the planning stage (or earlier), in accordance with HSE policy.

At senior management level, the development of strategic objectives and high-level planning activities should be conducted with due regard for the HSE policy.

At supervisory and management level, written directions regarding activities will normally take the for of plans and procedures.

At the work-site level, written directions regarding tasks will normally be in the form of work instructions, issued in accordance with defined safe systems of work.


Procedures for monitoring relevant aspects of HSE performance and for establishing and maintaining records of the results should be maintained. Procedures are required for both active and reactive monitoring.

Active monitoring provides information in the absence of any incident, ill-health or damage to the receving environment. It includes checking that HSEMS requirements are being complied with, and that objectives and performance criteria are met.

Reactive monitoring provides information on incidents, near-misses, ill-health or environmental damage that have occurred and provides insights into the means of preventing similar incidents in the future.

Non-Compliance and Corrective Action

Situations of non-compliance may be identified by the monitoring programme, through communications from employees, contractors, customers, government agencies or the public, or from investigations of incidents. In the event of non-compliance with specified requirements relating to the HSEMS, its operations or its results, responsibility and authority for initiating investigation and corrective action must be defined.

Incident Reporting and Follow-Up

Procedures for internal recording and reporting of incidents which affected or could have affected HSE performance should be maintained, so that the lessons can be learned and appropriate actions taken. There should be a defined mechanism for reporting of incidents to regulatory bodies, to the extent required by law or to such greater extent as the policy of the company on external communication may require.

Both the immediate circumstances of the incident and the underlying HSEMS weaknesses which caused it should be identified to enable judgements to be made by those responsible for authorising necessary follow-up action. Mechanism and responsibilities for follow-up of incidents should be clearly defined, and broadly similar to the procedures for implementing corrective action in cases of non-compliance with the HSEMS. The defined responsibilities for follow-up of an incident should be appropriate to the severity of its real or potential consequences.

Auditing and Reviewing

Prove you did what you said you would do

Is the HSEMS achieving results and fulfilling policy intent? AUdits and reviews are conducted to verify the implementation and effectiveness of the HSEMS and its conformation to this specifications. There are HSE legislation, regulations and by-laws with which a company must comply. These regulations set the minimum standards on how business will be conducted to ensure the health and safety of employees and the public, and reduce impacts on the environment. It is important that employees are aware of regulations that affect the company and comply with them.


Compliance with regulatory requirements and the companys own HSEMS must be periodically measured and audited as a part of a continuous improvement process. Procedures for audits to be carried out should be maintained as a normal part of business control, in order to determine
Whether or not HSE management system elements and activities conform to planned arrangements, and are implemented effectively
The effective functioning of the HSEMS in fulfilling the HSE policy, objectives and performance criteria
Compliance with relevant legislative requirements
Identification of areas for improvement, leading to progressively better HSE management

For this purpose, an audit programme/plan should be maintained, dealing with the following:
Specific activities and areas to be audited. Audits should cover the operation of the HSEMS and the extent of its integration into line activities. AUdits should specifically address the following elements of the HSEMS model:

  • Organisation, Resources and Documentation
  • Evaluation and Risk Management
  • Planning
  • Implementation and Monitoring

Frequency of auditing specific areas/activities. Audits should be scheduled on the basis of the contribution or potential contribution of the activity connected to the HSE performance, and results of previous audits
Responsibilities for auditing specific areas/activities.


Ensuring the suitability and effectiveness of the HSEMS requires that management conducts a review of the system at appropriate intervals to identify areas for improvement. Outcomes from the review include recommendations relating to elements of the HSEMS, principles, expectations, processes and programs in need of improvement. Recommendations from the review are implemented to ensure a continual improvement process.

Relevant Pims HSE Modules

Audit Programme Management

Audit Management

Checklist Management

Action Management