Internal auditing of process safety – a false sense of security?

Internal auditing of process safety – a false sense of security?


In the wake of recent major accidents, several investigation reports have publically criticised the effectiveness of internal auditing of process safety. Recent research (Ref. 1) sheds light on whether process safety practitioners and those individuals at the front line of auditing share the view that internal process safety audits provide a false sense of security.

The research was conducted in 2014 as part of an MSc in Risk and Safety Management offered by Risktec, and canvassed facts and opinion, unattributed, using online survey software. It targeted about 70 process safety professionals working for operators of major hazard facilities who are also company members of the European Process Safety Centre (EPSC), which sponsored the research.

One of the later sections of the survey invited responses to statements related to process safety auditing which speak to commonly voiced criticisms or are simply contentious (see Figure 1).


The headline survey finding is that around 86% of respondents believed internal auditing to be effective. A less emphatic but still sizeable majority of respondents believed that audits did offer more than supported self-assessment, under-pinned by the view that audits provide a level of probing which uncovers major hazard risks which the site has hitherto been unaware.

Greater polarisation was seen to the suggestion that there was too high an expectation of process safety auditing, that there were too few success stories related to auditing (e.g. risk reduction actions as a result of auditing) and that immediate, tangible hazards crowded out latent, multi-causal process safety risks.

The survey contained a couple of questions related to hypothetical scenarios following an audit. The first was an audit followed by a major accident. About 30% of respondents agreed that this was an audit failure. The flip side is that about 70% of respondents disagreed that this scenario amounted to audit failure. An audit by its nature is both a sample and snapshot and offers no guarantee of avoiding major accidents.  However, an audit programme should reduce the likelihood of a major accident occurring. That this view is not necessarily shared universally outside the process safety community is in part corroborated by about 60% of respondents who believe that audit expectation is too often higher than the audit can realistically deliver.

One question which looked to the future proposed that virtual or remote auditing would replace an on-site audit. In other words, the auditor would be distant to the plant under audit and modern technology would present the plant and its people and processes to a remotely located audit team.  Almost 95% of respondents disagreed with this notion.


The research highlighted auditor competence and senior management commitment to the audit process as areas for improvement.

Practitioners believe internal auditing by competent auditors is effective and reduces the potential for a major accident, but also feel that too often the expectation of what an audit can realistically deliver is too high. Just because an audit shows good process safety results yesterday, it is no guarantee that a major accident cannot happen tomorrow. This reinforces the need for managers to not be complacent when receiving positive audit reports but to maintain a sense of chronic unease and ask, “Is there anything we’re overlooking and what else do we need to do?”


1. Internal auditing of process safety – a false sense of security? MSc dissertation, Lee Allford, 2014

This article first appeared in RISKworld issue 27

Download this article as a PDF

Subscribe to RISKworld

Please use this form to subscribe to RISKworld. You will also receive exclusive access to the Risktec Essentials series, plus notifications of new events and publications.

Subscribe to publications - Form 14 - Delete if not used
Internal auditing of process safety – a false sense of security?