Effective auditing is a critical component of maintaining high safety standards. Auditing is a nuanced blend of science and art, requiring technical knowledge and the ability to quickly analyze information and make judgments on conformance or non-conformance. A key aspect of this process is determining 'auditable' requirements.
Understanding 'Auditable' Requirements
In every organization, myriad obligations must be met to satisfy various stakeholders like the government, regulators, customers, and local communities. These obligations, embedded in company documentation like policies and procedures, form the ‘requirements’ that need to be audited. However, not all requirements are auditable – only those with a deliverable outcome can be effectively audited.
Challenges for Auditors
Auditors face the challenge of limited time and resources to verify all organizational requirements. Therefore, it is essential for auditors, especially those less experienced, to identify the most critical requirements during the preparatory phase of an audit. This involves reviewing and analyzing the organization’s documents and understanding the business processes and risks involved. For technical requirements, seeking clarification from qualified personnel is vital.
Adhering to ISO Standards
When dealing with HSE Management Systems that may not align with ISO standards like ISO 9001 or ISO 45001, auditors must interpret the organization’s internal documents. In ISO auditing, 'shall' indicates a requirement, 'should' a recommendation, 'may' permission, and 'can' possibility. Understanding these distinctions is crucial when auditing non-ISO standardized organizations.
Auditing Policies, Objectives, and Procedures
Policies, often high-level documents, can be challenging to audit directly. Auditors should verify if employees understand and implement these policies. Objectives bridge policy statements and actionable steps, usually measurable and forming the scope of the audit. Procedures, plans, and work instructions contain the majority of auditable requirements and outline the actions necessary for operational tasks.
The Role of Organizational Records
Records provide context but are not the sole indicator of compliance. Auditors should review relevant records to understand commitments and verify if they are being maintained accurately. However, one must be cautious, as records may not always reflect current conditions or may sometimes be inaccurate.
Traceability and Auditing Opinions
It’s crucial that audit findings are explicitly linked to auditable requirements, with clear evidence provided for any non-conformities. While opinions gathered during staff interviews are valuable, they should not be the sole basis for non-conformities. Auditors must differentiate opinions from facts and remain aware of their biases.
As auditors in the oil and gas industry, we must be acutely aware of our limitations and focus on auditable requirements to ensure accurate and fair assessments. Through thorough preparation, understanding of the business, and careful analysis, we can effectively navigate the complexities of auditing in this high-stakes industry.