EHS Audits – Have We Lost Our Way?Jul 11th, 2010 | By Lawrence B. Cahill | Category: Auditing
The year 2010 has reminded us once again that management of environmental, health and safety (EHS) responsibilities can have a substantial impact on people, the environment, and a company’s bottom line. On April 5th of this year Massey Energy experienced an explosion in its West Virginia coal mine that killed 29 miners. That tragedy has been compounded by a drop in the company’s stock price of more than 40 percent over the subsequent two months. (See chart) Similarly, on April 20th BP experienced an explosion and oil spill at its Deepwater Horizon oil platform in the Gulf of Mexico that killed 11 workers. Since that event, BP’s stock price has dropped about 50 percent. (See chart) Also, the financial impacts (e.g., no quarterly BP stockholder dividend, the setting up of a USD 20 billion victims’ fund) go well beyond the drop in stock price and loss in market capitalization.
What impact might these catastrophic events have on EHS compliance and audit programs? A substantial impact, one would hope. Audit programs for decades have focused on achieving compliance with detailed administrative requirements. Particularly in the United States, this is not surprising. Currently, there are more than 25,000 pages of EHS regulations at the federal level (Titles 29 and 40 of the Code of Federal Regulations [CFR]) to say nothing of state and local requirements; the number of CFR pages has grown by 3,000 in the past 5 years alone. So the requirements are not only substantial but changing and becoming more stringent all the time. It is no wonder that audit programs focus on these regulatory requirements, with penalties as high as USD 25,000 per day or more per violation per occurrence.
Although assessing compliance with detailed regulatory requirements such as inspections, permits, plans, manifests, MSDSs, reports, written procedures and the like is important for achieving and maintaining compliance, recent events suggest that ignoring real EHS risks can truly affect a company’s bottom line. One would think that these potential impacts and outcomes should impact how audits are conducted now and in the future. In practice this would beg the question, should one be more concerned about
- A wastewater discharge that has had periodic, minor exceedances of pH or the fact that the underground sewers are 50 years old and have never been surveyed with a camera to determine their integrity.
- The exact height of the containment wall of an above ground storage tank that is two inches too short or the fact that the tank has not been tested for integrity in the last 40 years.
- The lack of an expiration date for a single confined space entry permit or the fact that attendants at an entry are not always focused on the entry itself.
- Failure to set the guarding on a seldom-used grinder in the maintenance shop to the precise gap defined by the regulations or the fact that operators on the production line are routinely clearing debris from working equipment without first shutting down the equipment.
In each of the cases posed above, most traditional compliance audits would focus on the former issue, not the latter, even though the latter in each case poses a higher risk. This is mostly because clear and precise requirements are associated with the first, but not so much with the second, scenario.
A New Approach to Auditing?
It might be time to take a hard look at the objectives and philosophies of our audit programs. Achieving compliance with regulations is quite important, especially in the United States, but identifying, assessing, and managing EHS risks should also be at the core of any audit program. Maybe one way to do this is not to rely so much on detailed compliance audit protocols containing thousands of questions but to identify potential high risk activities in each compliance area (e.g., air, water, confined space, lockout/tagout, etc.) that should be reviewed in detail on each and every audit, and to provide guidance on how that review should be conducted. For example, for a given audit one would identify up front any high risk activities (e.g., ammonia refrigeration, hazardous materials storage tanks and transfer systems, work areas where respirators are required, flammable storage buildings, high production areas requiring significant operator oversight, etc.) in need of special attention and then develop a specific audit plan on how to review that activity. This does not mean that the more mundane activities and operations are ignored. It simply means that there is a defined approach on how to audit individual high risk operations within the context of the larger audit.
After reviewing hundreds of audit reports over the years, I am personally dismayed that we might have lost our way. When I review a finding that tells me that “one weekly inspection of a hazardous waste accumulation point was missed in the past six months” or that “two of two hundred fire extinguishers did not have updated monthly inspections,” I truly wonder whether our audits are helping to protect people and the environment. This is not to say that a more risk-based audit approach would have prevented the Massey Energy or BP tragedies, but maybe it’s worth a try.
About the Author
Lawrence B. Cahill, CPEA, is a Technical Director at Environmental Resources Management in Exton, Pennsylvania, U.S.A.
Mr. Cahill has over 30 years of professional EH&S experience with industry and consulting. He is the principal author of the widely used text, Environmental, Health and Safety Audits, published by Government Institutes, Inc. and now in its 8th Edition. He contributed four chapters in the 1995 book Auditing for Environmental Quality Leadership, published by John Wiley & Sons, Inc. Mr. Cahill has published over 50 articles and has been quoted in numerous publications including the New York Times and the Wall Street Journal.
Images: Provided by Lawrence Cahill.