HSG 65 1997, constitutes a simple, general safety management system (SMS) guideline that can be easily applied by any business in order to fulfill legal requirement. It is a straightforward structure that incorporates all the elements of an effective SMS. The disadvantage of it is that it only provides the structure without any substance as to how to develop the relevant areas to achieve full effectiveness. Its simplicity does not lend itself to more complex, departmentalized companies.
The Turnbull Report like HSG 65 is a set of guidance for the management of a business. Turnbull however, is a far more detailed structured code of conduct that focuses on risk management for complexed, public listed companies. The guidance is laid out in a step by step fashion, taking into account that assigned directors may not have the technical expertise of the operation of the company.
This form of structural guidance is seen in other safety management models like OHSAS 18001, ISO 14001 or ISO 9001. ISO 14001 main focuses is in environmental safety management and controls, while the ISO 9001 focus mainly on quality control. The Turnbull model with its focus on risk management covers both of these elements from a more incorporated manner.
The Turnbull model focuses on a greater pro-active risk monitoring system, with internal assessment and audits.
Better risk management allows for greater control of key business issues
New business areas development
Identify weakness in the overall system of control (management, safety, product, finance)
Less undesirable business disruptions from unforeseen disasters
Increase market share
Positive assurance (moral)
Provide early notice of potential problems
Company growth and development
Focus on strategy setting
Better risk controls leads to lower capital cost from accident and downtime
Better focus on proper operations
Better work culture
Workers feel part of a company, instead of just working for a company
More acceptance to changes/development
Less management time and resource spent on industrial instability
Better use of management time in effective running of company
More likely to achieve company objectives and goals
Problem targeting (high risk elements)
Ability to set realistic action plans
Constant monitoring of goals an achievements
It can be time-consuming
Takes managers away from their day-to-day work.
Can be threatening to staff if handled insensitively
Can be misused by unscrupulous managers
Staff see it as spying or infringement of rights
Do not identify all the weak links
Specifically design to target specific areas (hide faults)
Can not be used as a day to day management control system
One of the most important elements of the Turnbull model is the disclosure requirement. In order to develop and maintain a health work culture, the staff must see the internal audits as a necessary tool for the development of the company and not as the company spying on them. To help fulfill these objectives, staff must be privy to the timing of the audits as well as, constructively to the results of the audits, in order to identify shortcomings, and areas for improvement.
Rameshwar, J. (2011, Feburary 9). OSH 220 lecture notes. El Dorado.
Ridley, J., & Channing, J. (2008). Safety at Work Seventh Edition. Oxford: Elsevier.
This checklist is designed to help managers tackle the process of an internal audit within their organisation or department. Internal audit is an essential part of business life, but not all organisations are large enough to have a designated internal audit function. This checklist is aimed primarily at those who are either undertaking an internal audit themselves or are responsible for selecting and managing a member of staff who has this responsibility. It applies equally to organisations in the public and private sectors.
In the wake of a number of recent spectacular cases of fraud, the 1998 Combined Code (on corporate governance) and the 1999 Turnbull report (on internal controls) both give internal auditing a much higher profile. Turnbull in particular, lays down the key internal controls that companies listed on the Stock Exchange, or those that are planning to become listed, must adopt. The recommendations serve as a model for other companies.
This checklist has relevance to the MSC National Occupational Standards for Management: Key Roles A, B and F–Manage Activities, Manage Resources and Manage Quality.
There is a clear distinction between internal and external audit. Internal auditing is defined by the Institute of Internal Auditors as an independent appraisal function established within an organisation to examine and evaluate its activities, the objective being to assist staff in the effective discharge of their responsibilities. To this end internal auditing furnishes staff with analyses, appraisals and recommendations concerning those activities. Internal auditing is usually carried out by staff from within the organization.
1. Select internal audit objectives relevant to the assignment
Internal audits primarily look at key controls:
* financial–how is money handled within the organisation? Who authorises payment, and what are the checks and balances to stop unauthorised spending and fraud?
* administrative controls–are these conducive to meeting strategic objectives?
* systems–which ones are there in a department and across the organisation–and how do they fit together?
as well as:
* value for money–is this being achieved through the systems in place, or do the systems fail to measure this?
The first step is to make sure your broad audit objectives reflect whichever of these are your priorities.
2. Prepare a detailed brief
An internal audit looks at a variety of aspects of the way an organisation works. It does not only focus on financial issues. Write an audit brief or strategy to set detailed priorities in accordance with the main issues, and give some indication of the proportion of time you expect to be accorded to highlighted aspects.
3. Choose your auditor
It is usual to appoint another individual from within the organisation as internal auditor. Dependent on the issues to be examined, a formal qualification, for example, in accountancy, may be appropriate.
The growing use of external certification systems for issues such as quality control (ISO9000), environmental control (ISO14000) and staff development (IIP) may require other members of staff to have responsibility for the continuous review of those systems.
4. Brief your auditor
You need to make sure that you have all the background information you need before you brief your auditor. This would include your organisation’s:
* strategic or business plans
* standing orders
* articles and memoranda of association
* internal procedure manuals
* lists of key personnel
* structure chart.
Arrange a meeting to ensure you have provided the auditor with sufficient information; in particular, even if he or she is an employee of the organisation do not make assumptions about his or her level of knowledge.
At the meeting the aim is to agree the objectives of the audit. Find out how the auditor will meet these objectives, agree a timetable and a plan of action and find out if further information is needed.
5. Identify the key controls to meet audit objectives
The next stage is to start to look at detail. The auditor needs to look at the organisation’s existing procedures for controlling the key areas to be examined.
6. Evaluate the controls
Next, evaluate how effective the controls are. Could they be improved? Are there any omissions? Questions worth thinking about are:
* if someone wanted to commit a fraud, where and how would they do it?
* if I had bought this item personally, would I be happy with the price paid and the level of service offered?
7. Test the system
Now, test the controls in action. Choose a number of activities or transactions at random and trace back all the steps that took place. Ask:
* are there any procedures or rules in place?
* did people follow the procedures?
This will show how far the existing rules and procedures are complied with.
8. Select areas needing in-depth investigation
From random tests the auditor may find areas of concern which need further investigation. The audit should now investigate these areas in depth–for example every transaction will be examined over a number of months to see if the random sample was an exception or a real problem.
9. Consider whether value for money is being achieved
Whatever the overall audit objectives, it is always an internal auditor’s job to test whether value for money is being achieved. The kind of things to look for are:
* has the market been tested by getting quotes and tenders for goods and services?
* are the systems working in the most efficient way?
10. Prepare a draft report
Make a report of all findings with a set of recommendations. This should be in draft format and should be discussed with everyone who took part in the audit–to ensure that the auditor hasn’t misinterpreted any information.
11. Produce the final report
The final report should include an action plan to tackle the areas requiring strengthening. It should have a timetable and an agreed time to meet again to monitor what has happened. Use the knowledge of the auditor as a guide towards best practice. Make sure the recommendations in the report are of a practical nature.
12. Take action
Act on the findings to put things right and monitor how effective the actions taken are. This may well involve changing written instructions, manuals or procedures, alerting staff to the changes and ensuring adequate training is given to staff in those areas.
Keep everyone throughout the organisation fully informed of the programme, and what changes have been, or are being, made to tighten up procedures. Make sure that the wording of any announcements do not point the finger of blame at any individuals, but emphasise that the procedures themselves are being strengthened.
Cite This Work
To export a reference to this article please select a referencing style below: