QMS in a SMS

Is it possible to conduct safety auditing without a Quality Management System in place? The answer in the eyes of THI Safety Management Systems is yes! However, it’s very handy to have the processes and forms that come with a well established QMS. Check sheets to ensure you have carried out your preparation well (devised your scope, audit bank questions, arranged the date/logistics/admin, informed the auditee of your plans etc), audit prompt lists, report forms to name just a few. The same soft skills including tact, diplomacy and reference where possible to standards are also required so why wouldn’t you send your staff on a Quality auditor training course? THI SMS are happy to quote ‘Capable People’ (www.capablepeople.co.uk) as an excellent provider of his training but would like to explore the difference between QMS and SMS and ask the question, how do you conduct SMS auditing?

Quality is about customer satisfaction, minimising waste and/or repeat work and essentially getting things right first time every time. Bottom line, it’s about profit and staying in business. It’s not clear when Quality auditing started to examine safety but clearly, without safety there will be accidents, injuries/deaths etc and therefore lost time, costly insurance/litigation action and inevitably loss of profit. With the introduction of SMS, the business-like approach to safety, many key areas essential to ensuring safety comes first such as hazard identification, risk management, human factors training and safety reporting (to name just a few) are now ‘auditable’ to ensure effectiveness. So how do we now create an audit schedule that provides the assurance that we are getting safety right? We will certainly know when we haven’t got it right, but who wants a reactive system post accident?

The answer according to THI is to combine the framework of the QMS already in place (hopefully) with the ‘building blocks of safety’ which include such things as human factors training, threat and error management, emergency response planning, change management, recognised standards, staff competence (SQEP) with all of the usual elements of an effective SMS (hazard ident, risk management, safety policy/targets, assurance and promotion/training). Identify your priority areas of the business, the key stakeholders to audit and then get to work on your audit bank. Where available use standards (ISI 31000 for example) and then create a 12 month audit schedule according to what you believe your highest areas of risk are. THI would recommend starting with hazard identification, as its not likely that the risks already on your risk register (already sentenced and being managed) are going to bite you. Watch out for further blogs on haz-id!