Independent, systematic audits check that risk-control systems and management arrangements within the Safety Management System (SMS) are effective. An audit is an independent, systematic check of risk-control safeguards and the SMS to ensure business objectives are met. An audit can be an internal audit (first party, conducted by the organization) or an external audit (second or third party, conducted on behalf of the organization).
Auditing is recognized as a critical part of an SMS. A proportionate, targeted audit program should be devised and implemented to provide the board of directors of the organization with adequate assurance about the ‘health’ of the SMS and the sustainability of safety performance.
Taking from the “Five Themes for Excellence in Safety Management Systems (SMS),” we can look at the organization’s approach to auditing through this lens of excellence and measure the maturity of the safety culture. To recap the progression, here are the five (5) levels:
- Ad-Hoc
- Managed
- Standardized
- Predictable
- Excellence
