Header

What is the purpose of conducting risk assessments prior to an audit engagement?

Alislam313tech February 13, 2023
Risk Assessment

Risk assessment also refers to a formalized procedure for finding hazards, evaluating the risk, and managing and removing the risk.

The risk assessment's main goal is to Prevent

Moral, legal, & financial costs. To prevent direct and indirect costs of the accident prevent death and personal. to prevent others types of incidents. Breaches of statutes law. The cost of loss.

What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

Risk Profiling :

The risk profiling process :

  1. identify the risk that threatens the organization.
  2. identify health and safety impacts and business impacts associated with each threat.
  3. identify how well each threat is controlled.
  4. identify the likelihood of each threat happening.
  5. Prioritize the threats.

What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

internal and external information sources

Internal

  • Accidents/incident records.
  • ill health data/absence reports.
  • Medical records.
  • Job safety analysis.
  • Risk Assessment.
  • Maintenance records.
  • injuries records.
  • safety inspections.
  • Audit and investigation reports.
  • Safety committee minutes.
  • Training records analysis.
  • Check the PTW System.
  • Method statement.
  • policy of company share.
  • Emergency response plan
  • Emergency equipment range.
  • process or technology.
  • Equipment or tool.
  • Fire cases records.
What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

External
  • National legislation.
  • Approved codes of practices
  • Standard BSI, ISO.
  • Manufacturer’s information.
  • Trade associations.
  • Safety publications.
  • Internal bodies.
  • Trade union charities etc.

What are the steps to performing a Risk Assessment?

This is generally performed in 5 steps.

  1. identify hazard
  2. identify people who might be harmed
  3. Evaluate and the risk decide on precautions.
  4. Record the significant data and implement them
  5. Review and update as necessary

Identify Hazards

Safety:

Capable of causing physical injury:

  • Work at height
  • Falling objects.
  • Moving vehicles.
  • Machinery.
  • Electricity.
  • Chemicals.
  • Low oxygen concentrations.
  • Deep water.
  • Fire /Explosion.
  • Animals.
  • Violence.
What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

Health: Capable of causing occupational disease or ill health:

  • Physical.
  • Chemical.
  • Biological.
  • Ergonomic.
  • Psychological.

What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

identify the people who might be harmed.
  • Workers/Operators:
  • Maintenance staff
  • Cleaners
  • Contractors.
  • Visitors.
  • Members of the public- even trespassers.
What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

Evaluation the risk and decide on precautions

In the level of risk acceptable or does it needs to be reduced?

Risk = likelihood x severity

Likelihood

  • extremely unlikely
  • unlikely
  • possible
  • likely
  • very probably

Severity

  • very minor injury
  • first-aid injury
  • lost time injury
  • hospital treatment
  • disabling injury
What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?
General Hierarchy of control
  • Elimination.
  • Substitution.
  • Engineering controls:
  • Isolation, total enclosure.
  • separation, segregation.
  • partial enclosure.
  • safety devices.
  • Administrative controls:
  • Safe system of work
  • Reduced exposures.
  • Reduced time of exposures, and dose.
  • information, instruction, training, and supervision.
  • PPE
What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

Records and significant findings and implementing

Typical content:

  • Activity /area assessed and hazards.
  • Groups at risk.
  • Risk and adequacy of existing control measures.
  • Further precautions are needed.
  • Date and name of a competent person.
  • Review date
What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

Review and update as necessary

A significant change in:

Process - workplace

Substances environment.

Equipment - personnel.

if is no longer valid:

Accident - Change to Legal.

-Near miss ill health standards.

Periodically.

What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?

Health and Safety Auditing :

Auditing is the systematic, objective, critical evaluation of the organization’s health and safety management system.

What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?



During the Audit

Auditors use three methods to gather information:

  • Paperwork -documents, and records.
  • Interviews - managers, and workers.
  • Observations -workplace equipment, activities, and behavior.
What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?


During the Audit

Typical records/documents examined during an audit:

  • Health and safety policy
  • Risk assessments and safe system of work.
  • Training records.
  • Minutes of safety committee meetings.
  • Maintenance records and details of failures.
  • Records of health and safety monitoring activities ( tours, inspections, surveys)
  • Accident investigation reports and data, including near-miss information.
  • Emergency arrangements.
  • inspection reports from insurance companies.
  • Output from the regular visits (e.g. visit reports enforcement actions )
  • Records of workers’ complaint.
What is the purpose of conducting risk assessments prior to an audit engagement? What types of information can be gathered from reviewing documents such as policies and procedures, manuals, etc.?



Tags

Post a Comment

0 Comments

if you have any doubts, please let me know