EHS compliance audits are a necessary burden. It takes time and money to complete them, but they must be done because the costs and consequences of non-compliance are even greater. Since audits cannot be avoided, is there a way to make them less of a burden? The answer is yes, if you use an EHS software with an intelligent audit management module that can automate the prioritization of audits.
Companies can optimize time and resources by prioritizing audits to focus on the most important ones first. But how can you prioritize audits in the most effective way? The answer is to automate audit plans by using key risk factors, through an intelligent audit management software that brings logic into the prioritization process and suggests which audits are important to perform. Let’s take a closer look at the risk factors that would influence priorities.
Historical Data on Compliance and Adverse Events
You’ve probably heard this well-known quote: “Those who cannot remember the past are condemned to repeat it.” A variation of this statement, applicable to compliance is: “If something was non-compliant many times in the past, there’s a greater risk it will be non-compliant again”. Sites, facilities or processes that experienced many instances of non-compliance or adverse events in the past, have a greater risk for non-compliance in the present. Therefore, historical performance on compliance and adverse events is a risk factor to consider when prioritizing EHS compliance audits.
Applicable Regulatory Requirements
Sometimes there may not be any big red flags in historical data on compliance and adverse events. But the sheer quantity of regulatory requirements applicable to a site, facility or process may already increase the risks for non-compliance. This would heighten the priority of EHS regulatory compliance audits applicable to such sites, facilities or processes. Having access to locally applicable, clear and up-to-date regulatory obligations, such as those provided by Enhesa, integrated in an EHS software like Enablon, allows organizations to easily determine the applicability of regulations and regulatory requirements at different levels (business unit, plant, etc.). This helps to identify high-risk areas based on the applicable regulations.
Variable Business Impacts
All sites face a risk for non-compliance, but not all sites are equal. Some have a greater business impacts than others. For example, you may have 20 manufacturing plants, but just three of them account for 80 percent of total revenues. The impacts of an interruption or slowdown of production due to non-compliance at any of these three plants would be much greater than at any of the other 17 plants. Even if historical data does not present any red flags for these three plants, or the number of applicable regulations is not a big factor, the importance of these plants to revenue streams increases the impacts from risks of non-compliance, which could make EHS compliance audits at these plants more important.
The Risk of the Unknown
Historical data on compliance and adverse events is helpful, but what happens if there is no history, at least not yet? Companies can expand in new markets, launch new product lines, open facilities in new countries, or adopt new processes. There could be a greater risk for non-compliance due to a lack of knowledge and experience…or not. Because the level of risk may be unknown at the beginning, it’s better to be safe than sorry and assume that there could be a high potential risk for non-compliance, which would increase the importance of EHS compliance audits regarding these new market expansions, products, facilities or processes.
A few final notes about prioritizing audits. First, the weight of each risk factor will vary for each organization based on unique circumstances, specific needs, and industry. After weights are established, audit plans can be automated moving forward, allowing the deployment of compliance efforts more efficiently, thus reducing costs of compliance. Second, after audits are prioritized, there is an extra opportunity to save time by using mobile audit software that empowers workers to complete audits from anywhere. Finally, the assessment of risks and the prioritization of audit plans will only be effective if legal compliance is managed centrally. This is possible by, for example, having an automatic feed of EHS regulatory compliance intelligence from Enhesa into the Enablon platform’s audit management and regulatory compliance management modules.
About the Author: Jean-Grégoire Manoukian is Content Marketing Manager at Enablon. He manages Enablon Insights and the company’s social media activities, and writes about various EHS, Risk and Sustainability topics. He has more than 18 years of professional experience, including many years as a product manager for chemicals management and product stewardship solutions. He also worked in the telecommunications industry as a product marketing manager. Jean-Grégoire has dual French and Canadian citizenship, and likes to stay informed on the latest trends and developments from both sides of the Atlantic.