Level 1 HSE MS AuditInsert date here

Opening Presentation

Insert Title here

Emergency Actions

Agenda

• Introductions• Terms of Reference (ToR)• Audit Methodology• Programme• Summary• Questions

Introductions

Name Position title Ref. Ind

Audit Team:

Objective

2011 Level 1 HSE MS Assurance Plan approved by the Internal Audit committee and the Board Audit committee includes this Audit:• To appraise the completeness of the HSE MS for xxx in PDO

This audit will:• Assess the adequacy & effectiveness of the implementation of

the HSE- MS for xxx in PDO&• Where weaknesses are identified, provide recommendations

and guidance on what is expected and needed to demonstrate adherence to the PDO’s HSE Policy and Standards and international best practices

Key Risk Areas

Key Risk Areas include, but not limited to:Insert risk areas to be audited here

HSE Management System

1. Leadership and Commitment 2. Policy and Objectives 3. Organisation, Responsibilities,

Resources • Competence • Organisation, Responsibilities

and Resources

4. Risk Management • Managing Risk • Risk Assessment Matrix (RAM)

HSE Management System

5. Planning and Procedures • Emergency Response • Management of Change • Permit to Work • Planning and Procedures

6. Implementation Monitoring and Reporting • Incident Investigation and Learning • Performance Monitoring and

Reporting 7. Assurance 8. Management Review

ToR - Scope

• The scope shall cover all operations and activities including those of contractors (and sub-contractors), within the PDO Concession Area;

• The Audit will include, but not limited to Occupational Health, Safety and Environmental Risks in accordance with the HSE Management System;

• Audit evidence is based upon a sampling of the system (i.e., not every part of the business will be audited).

ToR - Standards

The HSE Audit shall be carried out using the Audit methodology described in the ToR assessed against the PDO HSE Management System, with appropriate reference to the requirements of the following:

• Laws and regulations of the Sultanate of Oman

• PDO HSE MS, standards and procedures

• Relevant contractor standards and procedures

Audit methodology

Plan audit

Execute audit

Audit Wrap-Up

- Terms of Reference- Audit Schedule- Interview list- Pre-reading

- Execute testing (interviews, field visits)- Develop Audit Findings and recommendations- Independent Review- Agree audit findings and close-out

- Agree actions and action parties with Auditee

- Issue draft Audit Report- Issue final Audit Report- Obtain feedback on audit

REG

ULA

R C

OM

MU

NIC

ATIO

N

Audit Methodology

DeficienciesProblems

Non-Conformances

Competence

ProceduresPlanning

Leadership

Supervision

Policy & Objectives

Standards

Risk Assessment

Assurance Corrective Action

Evidence

Cause

Findings & Recommendations

Audit Deliverables

• All Audit Observations will be evaluated against the Risk Control expectations of the HSE MS.

• Findings will be developed based on the cause of the deficiency or non-conformity

• While evaluating observations, “Work-In-Progress” will be given due consideration

Work in Progress

• Gaps in risk control areas, already identified by the auditee, will be considered ‘work-in-progress’ (WIP) when the following criteria have been met:– Relevant issues and actions are identified and documented prior to

the start of the audit.– For these issues and actions an implementation plan was already

in place prior to the start of the audit with milestones set and resources allocated together with evidence of implementation having begun.

– During the audit, the follow-up process was found to be satisfactory, taking into account the track record of the business in closing out action items.

– Interim mitigations to control the risk area are in place, and deemed effective by the audit team.

Work in Progress

• Where testing by the audit team proves that the above criteria can be met, reliance can be placed on the existing process.

• No specific findings shall be raised for these issues in the audit report, however, due reference will be made in the executive summary of the audit report as to the degree of reliance that was placed on the process and highlighted in the control acceptability matrix (CAM, table 2).Such issues will also not have major impacts on the opinion.

• Where one of the above criteria has not been met, reliance cannot be placed on the process.

• Another finding will therefore be raised to ensure that relevant actions are taken. The audit opinion will take such audit findings into account.

Audit Deliverables

• The key deliverable of an HSE audit is an Audit Report, written on an exception basis to include:

– Audit Findings& their classification based on the RAM or if necessary on the Rating Level table .

– The overall Control Acceptability Assessment for each risk control area , which will be reflected in the Control Acceptability Matrix (CAM).

– Agreed actions with due dates aimed at remediation of the control weakness identified in the Audit Findings.

Classification of findings - Risk Assessment matrix

CONSEQUENCES INCREASING LIKELIHOOD

A B C D E

SE

VE

RIT

Y

Peo

ple

Ass

ets

Env

iron

men

t

Rep

utat

ion

Never heard of in the industry

Heard of in the industry

Has happened in the Organisation or more than once per year in the Industry

Has happened at the Location or more than once per year in the Organisation

Has happened more than once per year at the Location

0 No injury or heath effect

No damage

No effect

No impact

1 Slight injury or heath effect

Slight damage

Slight effect Slight impact LOW

2 Minor injury or heath effect

Minor damage

Minor effect Minor impact

MEDIUM

3 Major injury or heath effect

Moderate damage

Moderate effect

Moderate impact

HIGH

4 PTD or upto 3 fatalities

Major damage

Major effect Major impact

SERIOUS

5 More then 3 fatalities

Massive damage

Massive effect

Massive impact

ToR - Finding Classification

Finding Rating Definition

Serious (S) The Audit Finding is likely to cause a significant undesirable effect on the achievement of the entity’s objectives and is likely to have a notable impact on the HSSE Objectives of the Company, therefore warranting immediate reporting to senior management, e.g. BU or Business level.

High (H) The Audit Finding is likely to cause a significant undesirable effect on the achievement of the entity’s objectives and has the potential to have a notable impact on the HSSE

objectives of the Business, therefore warranting reporting to the entity’s management.

Medium (M) The Audit Finding is likely to cause an undesirable effect on the achievement of the entity’s objectives.

Low (L) The weakness is likely to have an insignificant undesirable effect on the achievement of one of the entity’s objectives, but its correction would enhance the risk-based control framework.

Non-Compliance (C) A non-compliance to a specific external legal or other regulations applicable to the entity. Note:

Overall Assessment of HSE Risk Controls and Audit Rating

Controls Acceptable

None, or a few Low and/or Medium rated findings are reported which indicate that a “once-off” rather than process or system structural weaknesses is present or that

general enhancement of the controls, process or system framework is not needed.

Controls Need Improvement

Some Medium and / or one or more High rated findings are reported which indicate a weakness in key controls / barriers or in a part of the process or system structural

framework.

Controls Need Major Improvement

Three or more High and/or one or more Serious rated findings are reported indicating failures in key controls / barriers or across a significant part of the process or system structural framework.

Control Assessment Matrix (CAM) – overall assessment

Summarising the findings and assessmentThe primary use of an overall assessment is to convey an understanding of the extent of the control (= risk response) framework weaknesses and, thereby, to indicate which level of management needs to be alerted to the concerns over the overall control framework

Controls Assessment

Red => Risk responses need major improvementYellow => Risk responses need improvementGreen => Risk responses acceptable

Mgmt Rev

AssureImplem, Monitor & Report

Plan & Proced.

Risk Mgmt

Org, Resp, Resources, Stds

Policy &Objs

L’Ship&Commit

RISK AREA

f2-Mf2-Mf2-MAI/ PS Mgmt

Business Travel HSE Mgmt

f4-Mf2-M

f4-M

f2-Mf1-M

f2-M

f1-MContractor HSE Mgmt

Road Transport Safety Mgmt

f4-M

f2-M

f3-Sf4-M

f2-M

f3-S

f1-Mf2-M

f1-MWorksite SafetyManagement

Mgmt Rev

AssureImplem, Monitor & Report

Plan & Proced.

Risk Mgmt

Org, Resp, Resources, Stds

Policy &Objs

L’Ship&Commit

RISK AREA

f2-Mf2-Mf2-MAI/ PS Mgmt

Business Travel HSE Mgmt

f4-Mf2-M

f4-M

f2-Mf1-M

f2-M

f1-MContractor HSE Mgmt

Road Transport Safety Mgmt

f4-M

f2-M

f3-Sf4-M

f2-M

f3-S

f1-Mf2-M

f1-MWorksite SafetyManagement

Audit Conclusion and Follow-up

Follow up Coordinator shall load the report into Fountain Assurance– Auto emails will be sent to the Auditee & Action Parties to confirm loading and

assignment of actions– Progress/Status will be monitored by IAC/BAC

– Draft report with findings, CAM and recommendations available at Closing Presentation. Only formatting and minor editorial changes will take place before the report is published.

– Auditee with follow-up co-ordinator will review the recommendations and propose actions, action parties and target dates.

– Lead auditor will finalise report after the auditee identifies and

agrees actions, action parties and target dates.

Programme

• Introduction & Opening

• MAF Interviews

Day 1

• Travel to Site

• Site Induction &Opening

• Site Visits

• Interviews

Day 2

• Site Visits

• Interviews

Day 3

• Site Visits

• Interviews

Day 4

• Site Visits

• Interviews

Day 5• Site

Feedback

• Return to Muscat

Day 6

Friday

Day 7

• Test Obs with

PDO / Contractors

Day 8• Test

Observations

• Prepare AWP

Day 9• Test

Observations

• Challenge and formalize findings

Day 10• Contro

l Acceptability Matrix.

• Peer Review

Day 11

• No Surprise meeting

Day 12

Sites: MAF, Lekhwair, Yibal, QA, SR, SN, Kauther, Nimr, Marmul

• Closing Presentation

Day 15

• This audit supports PDO’s efforts and actions to fully and effectively implement the HSE Management System in the management of xxx.

• No surprises.

• Draft report available at close-out meeting; Auditee to propose actions, action party and target date before audit report is finalized.

Summary

Questions??

Back-up slides