Audits unpicked: definitions of key auditing terminology and processes

Monday, 22 January 2024

Health and safety audits are a team effort. This quick-read refresher can help equip everyone involved with a shared understanding of the definition of audits, their purpose and types, as well as each stage of the auditing process.

Hannah Li, Senior Lead (Innovation) at NEBOSH brings together content from latest addition to the NEBOSH pocket guide series* to unpick auditing and remind us of its role in managing health and safety in an organisation.


Auditing defined

The term ‘audit’ can be defined as an independent, systematic process to gather evidence and evaluate it objectively. Success or failure is judged against whether compliance with a relevant standard (audit criteria) has been achieved. An audit can, in principle, be of any size or duration. What an audit ‘looks like’ can therefore vary enormously in practice.

Audits are used to determine compliance with an agreed standard. This could be an external standard that the organisation has agreed to meet for accreditation or certification purposes, a legal requirement, the standard set by their own written procedures or a combination of these. Essentially, an audit checks that the system is doing in practice what it has said it will do on paper.

Audits are often used to determine whether appropriate health and safety management systems are in place. They also check if suitable risk control systems and workplace precautions are being used and are working effectively.


Differences between audits and inspections

Audits and inspections are both proactive ways to review health and safety performance, and there can sometimes be some confusion around the distinctions between them. Generally, inspections tend to be based on physical workplace observation, whereas audits focus on systems and processes. Audits can also be more complex – an audit might even include an inspection as part of the process. Audits often require more preparation than inspections, and people carrying out audits use a wider range of skills.


Straightforward visual observations of the
workplace and workplace activities at a particular point in time

Review of activities, documents and other evidence  demonstrating how processes are followed
Usually take a short time to complete Usually take much longer to complete than inspections as the process is more complex
Require less skill to complete; they could be carried out by  workers, managers, supervisors or worker representatives Need to be carried out by competent auditors
Output is a short report/completed checklist, identifying specific physical actions that need to take place Output is a report that identifies any issues and requires corrective actions to be defined and actioned
Require few resources; for example, they could be completed by one person Require greater resources than inspections; for example, they may require input from multiple people and typically more time


Types of audit

There are many different types of audit. Four widely known specific types of audit are:

Product or services audit

This type of audit examines specific products and/or services to establish whether they conform to relevant requirements. The requirements could be set by performance standards (for example, car emissions must be below a certain level) or customer requirements.

Process audit

This type of audit will establish whether processes are working within expected limits. The process will be evaluated against a set standard to check its effectiveness. This type of audit will examine the process requirements; that is, whether the process is being done within a set time, level of accuracy, etc. The audit will also review the resources required to make sure that the process is working as expected. Finally, it will examine the effectiveness and adequacy of the process controls.

System audit

This type of audit examines the performance of management systems. There is likely to be common ground among the types of health and safety audit. Auditing a health and safety management system will include the examination of the health and safety policy, various processes and risk assessments, to ensure the system is working effectively.

Compliance audit

Legal requirements and other compliance obligations will often form part of an audit; it is extremely important for an organisation to know that they are meeting their obligations and that they can evidence this. It is also common for a dedicated compliance audit to take place, where the full legal register is considered to ensure all requirements are being met.


Stages of an audit

The formality of the audit process can vary depending on the scope of the audit and the organisation (size, complexity, risk profile, etc). For example, a focused internal audit can be handled informally; however, all stages are important to the overall process.

1. Audit programme
2. Selection of auditors
3. Pre-audit preparation
4. Information gathering
5. Information analysis
6. Reporting and follow-up


Auditing for health and safety in your organisation

Auditing is a crucial part of managing health and safety in an organisation, and is a proactive way to maintain standards. People at all levels of an organisation can be involved in the process, whether as part of an audit team, or with responsibility for implementing improvements. Understanding the purpose, types, and stages of auditing will help make audits an effective tool to support continual improvement.


*The information in this article provides a useful taster of the latest publication in the NEBOSH pocket guides series, Quick Reference Guide to Auditing for Health and Safety. The guide is designed to serve as a valuable resource for individuals engaged with auditing to determine appropriate health and safety management systems are in place and that suitable risk control systems and workplace precautions are being implemented.

The NEBOSH Quick Reference Guide to Auditing for Health and Safety is available in print (£10) and eBook (£8) from the NEBOSH online shop: