A workplace safety audit is a structured review of how effectively a site manages health and safety risks. Unlike a quick inspection, an audit examines the safety management system itself, including policies, procedures, training records, incident data and physical conditions.
This guide covers the full audit process from scoping through to report writing, whether you are conducting an internal audit, a contractor audit or preparing for an external certification audit under ISO 45001.
Before you start
Gather your safety audit checklist, previous audit reports, incident and near-miss records, and your training register. You will also need a camera or smartphone for evidence capture, appropriate PPE for the areas you plan to walk, and access to your organisation's audit management system.
Before stepping onto the floor, confirm which standards or procedures you are auditing against. An audit without a defined scope becomes a general walkabout that misses systemic issues. Decide whether this is a full system audit, a compliance audit against a specific regulation, or a focused audit on a particular area such as chemical storage.
Step-by-step safety audit
1. Define the audit scope and objectives
Specify which areas, departments or processes you are auditing and which standards apply. An internal audit might cover the entire safety system against your own procedures. A certification audit references ISO 45001 clauses directly. Write down the scope, objectives and audit criteria before you begin.
2. Review previous findings and open actions
Pull up the last audit report and check whether corrective actions were completed, verified and closed out. Open actions from previous audits indicate the safety system is not functioning as intended. Note recurring themes that may point to deeper systemic issues.
3. Walk the workplace and observe
Conduct a systematic walkaround, observing conditions, housekeeping, signage, guarding, access routes and worker behaviours. Look at what workers are actually doing, not what the procedure says they should be doing. Note whether emergency exits are clear, fire equipment is accessible and PPE is being worn correctly.
4. Interview workers
Ask frontline staff about hazard reporting, training, emergency procedures and whether they feel comfortable raising concerns. Workers are your best source of truth. Keep questions open-ended and non-confrontational, as you are auditing the system, not the individual.
5. Record findings and evidence
Photograph hazards, damaged equipment and missing signage. For each finding, reference the specific standard or regulation breached. Vague notes like "housekeeping poor" are not useful. Instead, write "combustible waste stored within 3 metres of ignition source, contrary to AS 1940 clause 5.3".
6. Rate and prioritise findings
Classify each finding as critical (immediate risk to life), major (significant non-conformance), minor (low-risk non-conformance) or observation (improvement opportunity). Use a risk matrix for consistency. Link findings back to your risk assessment process for anything rated critical or major.
7. Write the audit report and assign actions
Include an executive summary, a findings table with severity ratings, corrective actions with owners and due dates, and positive observations. Distribute within 48 hours while findings are fresh. Track corrective actions through to closure, as an audit without follow-up is wasted.
Audit vs inspection
These terms are often used interchangeably, but they serve different purposes. Understanding the difference ensures you use the right tool.
| Aspect | Safety audit | Safety inspection |
|---|---|---|
| Purpose | Evaluate the safety management system | Identify physical hazards |
| Depth | Policies, training, records, conditions | Visual conditions and compliance |
| Frequency | Quarterly to annually | Daily to weekly |
| Duration | 2 to 8 hours | 15 to 60 minutes |
| Output | Audit report with corrective actions | Inspection record with defect list |
| Who | Trained auditor (internal or external) | Supervisor or safety officer |
For a quick daily check, use a safety inspection checklist. To evaluate whether your safety system is working as intended, conduct an audit.
Audit checklist items by area
A thorough audit covers documentation and physical conditions. Use the table below as a starting point. For ready-made checklists, see the 5S workplace audit checklist and the ISO 45001 internal audit checklist.
| Audit area | Key items to check |
|---|---|
| Documentation | Policies, procedures and SWMS current? Risk assessments reviewed within 12 months? |
| Training | Records up to date? Competencies verified? Inductions complete for all workers? |
| Emergency preparedness | Evacuation plan current? Drills conducted? First aid kits stocked and within expiry? |
| Hazard management | Hazard register maintained? Controls in place? Near-miss reporting working? |
| Plant and equipment | Pre-start checks completed daily? Maintenance records current? Guarding in place? |
| PPE | Correct PPE available for each task? In good condition? Workers trained in use? |
| Housekeeping | Work areas clean? Access and egress clear? Waste segregated correctly? |
| Incident management | Incidents reported promptly? Investigations completed? Corrective actions closed? |
Regulatory requirements
In Australia, the Work Health and Safety Act 2011 s19 places a primary duty on PCBUs to ensure the health and safety of workers. WHS Regulation r34 requires a documented risk management process. While the Act does not mandate audits by name, auditing is the accepted mechanism for verifying your risk management system. Organisations certified to ISO 45001:2018 must conduct internal audits at planned intervals under clause 9.2.
In the US, OSHA does not mandate safety audits by name, but the general duty clause (s5(a)(1)) requires employers to provide a workplace free from recognised hazards. OSHA's Voluntary Protection Programs encourage systematic self-assessment, and Instruction CPL 02-00-164 provides audit guidance.
In the UK, the HSE recommends safety audits as part of the Plan-Do-Check-Act model outlined in HSG65. The CDM Regulations 2015 require principal designers and contractors to audit compliance with site safety arrangements throughout construction.
Going digital with MapTrack
Clipboard-based audits create problems: illegible handwriting, lost forms, findings that never reach a tracking system and no visibility of trends. MapTrack replaces clipboards and spreadsheets with mobile audit forms that include built-in scoring, photo capture and mandatory fields so nothing gets skipped.
Build custom checklists using the form builder, or start from a pre-built template. Findings are logged with photos and linked to corrective actions with assigned owners and due-date alerts.
Use audit trend reporting to spot recurring non-conformances across sites or audit types. Track every corrective action to verified closure in your compliance system, giving you a complete audit trail ready for regulators and certification bodies.
