Sherm Archives

Moving Plant – Reducing Workplace Safety Incidents

Posted on 26/05/2026 by Marnie Cruickshank

Forklifts, elevated work platforms, loaders, pallet jacks and other moving plant are essential to Australian industry. From warehouses and logistics hubs to construction sites and manufacturing facilities, these machines keep operations moving efficiently. Unfortunately, they also remain one of the leading causes of serious workplace injuries and fatalities across Australia.

Among all types of moving plant, forklifts continue to present a particularly high risk. Collisions, pedestrian impacts, tip-overs, falling loads and poor traffic management contribute to incidents that can permanently change lives and significantly disrupt businesses.

Reducing these incidents requires more than compliance paperwork. It demands a practical, site-wide safety culture supported by training, engineering controls, supervision and continuous improvement.

Why Moving Plant Incidents Continue to Occur

Many organisations already have procedures in place, yet incidents still happen because of gaps between policy and day-to-day operations.

Common contributing factors include:

Pedestrians and forklifts sharing the same space
Poor visibility in warehouses or yards
Inadequate traffic management plans
Operator fatigue or distraction
Lack of refresher training
Time pressure and unsafe shortcuts
Poor maintenance of plant and equipment
Unstable or improperly secured loads
Inexperienced or unlicensed operators
Complacency in familiar environments

In many cases, incidents are not caused by a single failure, but by multiple small risks aligning at the same time.

Forklifts: One of the Highest-Risk Types of Moving Plant

Forklifts are deceptively dangerous. Although they often operate at relatively low speeds, their weight, turning characteristics and limited visibility can create severe hazards.

A standard forklift can weigh several tonnes, often much heavier than the load it is carrying. Even at slow speeds, collisions can result in crushing injuries or fatalities.

Some of the most common forklift-related incidents include:

Pedestrian Collisions

Workers on foot are at greatest risk when forklifts operate in mixed-use areas without proper separation controls.

Tip-Overs

Forklifts can overturn due to:

Excessive speed
Turning while elevated
Uneven ground
Overloading
Incorrect load positioning

Falling Loads

Loads may fall when:

Pallets are damaged
Loads are poorly balanced
Operators brake suddenly
Forks are incorrectly positioned

Dock and Loading Area Incidents

Busy loading zones create high-risk interactions between trucks, forklifts and pedestrians, particularly during peak operational periods.

Building a Safer Workplace Around Moving Plant

Reducing incidents requires layered controls rather than relying on a single safety measure.

Separate Pedestrians and Plant Wherever Possible

Physical separation remains one of the most effective controls.

Practical measures include:

Dedicated pedestrian walkways
Safety barriers and guardrails
Clearly marked exclusion zones
Separate entry and exit points
Designated crossing areas
One-way traffic systems

Where physical separation is not possible, administrative controls and reduced speed limits become critical.

Develop a Practical Traffic Management Plan

A traffic management plan should reflect actual site conditions rather than exist solely as a compliance document.

An effective plan should identify:

Vehicle routes
Pedestrian pathways
Blind spots
High-risk intersections
Loading and unloading zones
Speed limits
Parking areas
Emergency access routes

Plans should also be reviewed whenever layouts, workflows or equipment change.

Invest in High-Quality Operator Training

Licensing alone does not guarantee competence.

Operators should receive:

Site-specific inductions
Familiarisation with each plant type
Practical hazard awareness training
Refresher training
Emergency response instruction

Training should also extend beyond operators. Pedestrians working around moving plant need to understand:

Exclusion zones
Blind spots
Right-of-way procedures
Communication signals
Safe crossing behaviours

Use Technology to Reduce Human Error

Modern safety technologies can significantly reduce risk when implemented correctly.

Examples include:

Proximity detection systems
Blue safety lights
Reverse cameras
Speed limiting devices
Telematics and impact monitoring
Collision avoidance systems
Operator access control systems

While technology is not a substitute for safe systems of work, it can provide an additional layer of protection.

Prioritise Preventive Maintenance

Mechanical failures can quickly become serious safety events.

Maintenance programs should include:

Pre-start inspections
Scheduled servicing
Immediate defect reporting
Removal of unsafe equipment from service
Tyre and brake inspections
Fork integrity checks
Hydraulic system inspections

Operators should feel empowered to report faults without fear of operational delays or criticism.

Improve Visibility Across the Site

Poor visibility contributes to many moving plant incidents.

Workplaces can improve visibility through:

Better lighting
Convex mirrors at intersections
Marked crossing zones
Reduced storage heights near corners
Audible warning systems
High-visibility clothing requirements

Warehouse layouts should also minimise blind corners and congested travel paths.

Address Fatigue and Time Pressure

Rushed environments often create unsafe decisions.

Common examples include:

Speeding to meet deadlines
Carrying unstable loads
Skipping inspections
Operating while fatigued
Ignoring pedestrian controls

Leaders should monitor workloads and production expectations to ensure safety is not compromised by operational pressure.

Leadership Plays a Critical Role

Workplace safety outcomes are heavily influenced by leadership behaviour.

When supervisors and managers:

Follow site rules,
Address unsafe behaviours immediately,
Encourage reporting,
Allocate time for training,
And prioritise safety over speed,

workers are more likely to adopt safe behaviours themselves.

On the other hand, inconsistent enforcement quickly undermines safety systems.

Encouraging Near-Miss Reporting

Many serious incidents are preceded by smaller warning signs.

Encouraging workers to report:

Near misses,
Unsafe conditions,
Traffic conflicts,
Equipment faults,
And procedural gaps

can help organisations identify risks before injuries occur.

Importantly, reporting systems should focus on learning and prevention rather than blame.

Compliance Matters, But Culture Matters More

Australian workplace health and safety laws place clear duties on employers to eliminate or minimise risks associated with moving plant so far as is reasonably practicable.

However, genuine safety improvement goes beyond compliance checklists.

The safest workplaces typically share several characteristics:

Strong leadership commitment
Worker consultation
Continuous improvement
Practical procedures
Ongoing training
Clear accountability
Open communication

Safety becomes most effective when it is embedded into operational decision-making rather than treated as a separate function.

Final Thoughts

Reducing incidents involving moving plant requires a combination of engineering controls, operational discipline, training and leadership commitment.

No single intervention will eliminate risk entirely. But organisations that proactively separate pedestrians and vehicles, improve visibility, strengthen training, maintain equipment and foster a strong reporting culture can significantly reduce the likelihood of serious incidents.

In high-risk environments, even small improvements can prevent life-changing injuries.

For Australian businesses, investing in moving plant safety is not only a legal obligation, it is a critical part of protecting workers, maintaining productivity and building a resilient workplace culture.

Sherm Software can help your organisation identify risks before injuries occur with the ability for workers to report incidents quickly and effectively with the use of Sherm’s Mobile App with notification sent immediately to management.

Get in touch with us and learn how Sherm can help you stay on top of worker licences and training, pre-start inspections to ensure plant is safe for use, and many other features to help your organisation remain a safe place to work.

Electrical Powerlines – Reducing Risks

Posted on 22/05/2026 by Marnie Cruickshank

Electrical powerlines are part of almost every Australian worksite. From construction and civil works to agriculture, logistics, arboriculture and mining, overhead and underground electrical assets create a constant risk that can become catastrophic in seconds. Contact with live powerlines can result in serious injury, fatalities, fires, explosions, plant damage, network outages and significant legal consequences for businesses and workers alike.

One of the most effective ways to reduce these risks is through the strict maintenance of electrical exclusion zones. Understanding what exclusion zones are, how they work, and how to maintain them consistently is essential for every Australian workplace operating near energised electrical infrastructure.

Why Powerline Safety Matters

Electricity does not require direct contact to cause harm. High-voltage electricity can arc across gaps, meaning workers, tools, scaffolding, cranes, elevated work platforms, tip trucks and other plant can become energised simply by getting too close.

Across Australia, incidents involving overhead powerlines remain one of the leading causes of workplace electrocutions and serious electrical injuries. Many of these incidents occur during relatively routine activities such as:

Operating cranes or mobile plant
Delivering materials with tipper trucks
Moving irrigation equipment
Installing roofing or scaffolding
Tree trimming and vegetation management
Excavation and earthworks near underground cables
Transporting oversized loads
Using ladders or long conductive tools

The consequences extend beyond the immediate incident. Businesses may face investigations, prosecutions, project shutdowns, insurance implications and reputational damage under Australian work health and safety legislation.

Understanding Electrical Exclusion Zones

An exclusion zone is the minimum safe distance that workers, plant, equipment or materials must maintain from energised electrical assets unless specific control measures and authorisations are in place.

These distances are designed to prevent:

Direct contact with electrical conductors
Electrical arcing
Unintentional encroachment during movement
Equipment sway or load shift entering danger areas

Exclusion zone requirements vary between Australian states, territories and network operators. Factors influencing required distances include:

Voltage level
Type of electrical infrastructure
Whether the worker is authorised or trained
The type and size of plant being used
Environmental conditions
Whether spotters or physical barriers are in place

Because requirements differ across jurisdictions, organisations should always consult the relevant regulator and electricity network provider before commencing work.

Common Causes of Exclusion Zone Breaches

Despite widespread awareness campaigns, exclusion zone breaches continue to occur due to a combination of operational and human factors.

Inadequate Site Planning

Many incidents begin before work even starts. Failure to identify overhead or underground electrical assets during planning can leave workers exposed once equipment arrives onsite.

Effective planning should include:

Reviewing site drawings and utility maps
Conducting site inspections
Identifying all overhead and underground services
Assessing plant movement paths
Considering maximum reach and load swing
Consulting electricity asset owners

Poor Visibility and Environmental Conditions

Powerlines can be difficult to see against certain backgrounds, particularly at sunrise, sunset or during poor weather conditions. Vegetation, structures and terrain can further obscure visibility.

Wind can also cause:

Powerline movement
Load sway
Reduced control of suspended materials

These variables can quickly reduce safe separation distances.

Complacency Around Familiar Tasks

Many powerline incidents involve experienced workers performing routine activities. Familiarity can create a false sense of confidence, especially on repeat worksites.

Workers may incorrectly assume:

The line is insulated
The line has been isolated
Their equipment will not reach the line
Spotters are monitoring continuously
Minor encroachments are harmless

Maintaining vigilance is critical regardless of experience level.

Maintaining Effective Exclusion Zones

Maintaining exclusion zones requires more than simply marking distances on a site plan. It demands a layered risk management approach involving engineering controls, administrative systems, training and active supervision.

Conduct a Detailed Risk Assessment

Before any work begins near powerlines, organisations should undertake a comprehensive risk assessment that considers:

Voltage and location of electrical assets
Nature of the work
Plant dimensions and operating range
Ground conditions
Traffic flow
Environmental conditions
Emergency response procedures

The assessment should determine whether work can be redesigned to eliminate the risk entirely.

Eliminate or Minimise Exposure Wherever Possible

The safest option is always to avoid working near energised powerlines altogether. This may involve:

Relocating work areas
Changing delivery routes
Using smaller equipment
Altering excavation methods
Scheduling temporary power isolation with the network operator

Where elimination is not reasonably practicable, minimisation controls become essential.

Use Physical Barriers and Visual Controls

Visual reminders help reinforce exclusion zones onsite. Common controls include:

Warning signage
Barrier bunting
Goalposts
Height restriction devices
Painted ground markings
Dedicated no-go zones

These controls should be clearly visible to operators from all working positions.

Implement Competent Spotters

Spotters play a critical role when plant operates near exclusion zones. However, a spotter is only effective when properly trained, positioned and empowered to stop work immediately if risks escalate.

A competent spotter should:

Maintain uninterrupted visual contact
Understand exclusion distances
Use clear communication methods
Avoid undertaking other tasks simultaneously
Have authority to direct operators

Importantly, spotters should never be treated as the sole control measure.

Ensure Plant Operators Are Properly Trained

Operators working near electrical assets must understand:

Electrical hazards and arcing risks
Plant reach limitations
Emergency response procedures
Exclusion zone requirements
Site-specific controls

Training should be reinforced through:

Pre-start meetings
Toolbox talks
Site inductions
Refresher training
Practical competency assessments

Technology Is Improving Powerline Safety

Modern technologies are helping Australian workplaces reduce exclusion zone breaches more effectively than ever before.

Emerging controls include:

Height and slew limiters
Proximity warning systems
GPS-enabled geofencing
Crane anti-collision systems
Real-time telemetry and monitoring
Drone-assisted inspections

While technology can significantly reduce risk, it should complement, not replace safe systems of work and competent supervision.

Emergency Response Preparedness

Even with strong controls in place, organisations must prepare for potential incidents.

If plant contacts powerlines:

The operator should remain inside the cabin where safe to do so.
Other workers must stay away from the equipment.
Emergency services and the electricity provider should be contacted immediately.
The area should be isolated until declared safe.

If evacuation becomes necessary due to fire or immediate danger, workers should jump clear without touching the plant and ground simultaneously, then shuffle or hop away while keeping feet together to minimise step potential risk.

Emergency procedures should be rehearsed regularly so workers can respond quickly under pressure.

Legal Responsibilities Under Australian WHS Laws

Under Australian work health and safety legislation, employers and persons conducting a business or undertaking (PCBUs) have a duty to eliminate or minimise electrical risks so far as is reasonably practicable.

This includes ensuring:

Safe systems of work
Proper risk assessments
Worker training and supervision
Appropriate plant selection
Compliance with exclusion zone requirements
Consultation with relevant electricity authorities

Workers also have responsibilities to:

Follow safety procedures
Use equipment correctly
Report hazards
Avoid unsafe behaviours

Regulators across Australia continue to enforce electrical safety obligations aggressively, particularly following serious incidents or fatalities.

Building a Strong Powerline Safety Culture

Sustainable powerline safety depends on workplace culture as much as procedures. Organisations with strong safety performance typically:

Encourage hazard reporting
Stop unsafe work immediately
Reinforce exclusion zone discipline
Conduct regular audits and inspections
Learn from near misses
Invest in ongoing training

When workers understand both the seriousness of electrical hazards and the practical controls available to manage them, exclusion zones become part of everyday operational thinking rather than an afterthought.

Final Thoughts

Reducing the risk of workers or plant coming within an unsafe distance of electrical powerlines requires proactive planning, strong supervision, effective training and unwavering attention to exclusion zones.

Electrical incidents are often sudden, severe and unforgiving. However, most are preventable when organisations commit to robust risk management practices and ensure exclusion zones are clearly understood and consistently maintained.

For Australian businesses operating near electrical infrastructure, exclusion zones are not simply regulatory requirements, they are critical life-saving controls that protect workers, communities and operations every day.

Sherm Software will help your organisation reduce risks by ensuring training is up to date, inspections are conducted regularly, hazards are reported easily and you stay compliant. Get in touch with us and see how easy all this can be with Sherm.

Supplier Compliance in Australia: What Businesses Need to Know in 2026

Posted on 12/05/2026 by Marnie Cruickshank

Supplier compliance has become one of the most important operational priorities for Australian businesses. Whether you run a construction company, retail brand, manufacturing business, healthcare organisation, or logistics operation, your suppliers can directly impact your legal exposure, reputation, and profitability.

From workplace safety and modern slavery obligations to environmental standards and cybersecurity expectations, Australian companies are under increasing pressure to ensure their supply chains meet regulatory and ethical standards.

This article explores what supplier compliance means in Australia, why it matters, and how businesses can build a stronger compliance framework.

What Is Supplier Compliance?

Supplier compliance refers to the process of ensuring that vendors, contractors, and third-party suppliers meet the legal, regulatory, contractual, and ethical standards required by your business.

This can include compliance with:

Workplace health and safety laws
Fair Work and employment obligations
Environmental regulations
Anti-bribery and anti-corruption rules
Privacy and cybersecurity standards
Product quality and safety requirements
ESG (Environmental, Social, and Governance) commitments
Modern slavery legislation

In Australia, organisations are increasingly expected to take responsibility not only for their own conduct, but also for the practices of companies within their supply chain.

Why Supplier Compliance Matters

Reduces Legal and Financial Risk

Non-compliant suppliers can expose businesses to serious consequences, including:

Regulatory fines
Contract disputes
Supply disruptions
Product recalls
Workplace incidents
Reputational damage

For example, if a subcontractor breaches workplace safety laws on your site, your company may still face investigations or liability under Australian WHS legislation.

Protects Brand Reputation

Consumers, investors, and stakeholders increasingly expect transparency and ethical sourcing practices.

A supplier involved in labour exploitation, environmental damage, or unethical conduct can quickly become a public relations crisis for the businesses connected to them.

In today’s digital environment, supply chain issues often become headline news within hours.

Supports ESG and Sustainability Goals

Many Australian organisations now include supplier compliance as part of their ESG strategy.

Businesses are expected to evaluate:

Carbon emissions
Waste management practices
Human rights policies
Ethical sourcing
Diversity and inclusion standards

Strong supplier governance helps organisations demonstrate accountability and sustainability performance.

Key Supplier Compliance Areas in Australia

Workplace Health and Safety (WHS)

Under Australian WHS laws, businesses have a duty of care that can extend to contractors and suppliers.

Supplier compliance checks may include:

Safety certifications
SWMS documentation
Training records
Insurance verification
Incident reporting systems

Industries such as construction, mining, manufacturing, and logistics often maintain strict supplier onboarding requirements.

Modern Slavery Compliance

The Modern Slavery Act 2018 requires certain large organisations to identify and address modern slavery risks within their operations and supply chains.

This includes risks such as:

Forced labour
Human trafficking
Child labour
Debt bondage

Businesses are increasingly auditing suppliers to ensure ethical labour practices throughout global supply chains.

Environmental Compliance

Environmental regulations are becoming more prominent across Australia.

Supplier reviews may assess:

Waste disposal practices
Energy usage
Emissions reporting
Hazardous materials handling
Sustainability certifications

Many organisations now prioritise suppliers with measurable sustainability initiatives.

Data Privacy and Cybersecurity

As businesses share more digital information with vendors, supplier cybersecurity risk has become a major concern.

Australian businesses should evaluate whether suppliers have:

Secure IT systems
Data protection controls
Incident response procedures
Privacy compliance processes
Cybersecurity certifications

Third-party breaches can expose organisations to major operational and legal risks.

Common Supplier Compliance Challenges

Inconsistent Supplier Standards

Many organisations work with hundreds or even thousands of suppliers. Maintaining consistent standards across all vendors can be difficult without centralised systems.

Manual Processes

Spreadsheet-based compliance tracking often leads to:

Expired documentation
Missed audits
Duplicate records
Poor visibility
Increased administrative workload

Automation is becoming essential for scalable compliance management.

Limited Supply Chain Visibility

Businesses may only assess direct suppliers while overlooking risks further down the supply chain.

This creates hidden exposure, especially in international sourcing environments.

Best Practices for Supplier Compliance

Establish Clear Supplier Policies

Create documented standards that outline expectations for:

Safety
Ethics
Sustainability
Quality assurance
Cybersecurity
Legal compliance

These requirements should be included within supplier contracts and onboarding procedures.

Conduct Supplier Risk Assessments

Not all suppliers carry the same level of risk.

Businesses should classify suppliers based on factors such as:

Industry
Geographic location
Access to sensitive data
Operational criticality
Regulatory exposure

High-risk suppliers may require more frequent audits and monitoring.

Implement Ongoing Monitoring

Supplier compliance is not a one-time activity.

Businesses should regularly review:

Insurance expiry dates
Certifications
Audit outcomes
Performance metrics
Incident history

Continuous monitoring helps identify issues before they escalate.

Use Supplier Compliance Technology

Modern compliance platforms can automate:

Document collection
Contractor onboarding
Risk scoring
Audit scheduling
Compliance alerts
Reporting dashboards

Technology improves visibility while reducing administrative burden.

The Future of Supplier Compliance in Australia

Supplier compliance is shifting from a procurement function to a strategic business priority.

Over the next few years, Australian organisations are expected to face increasing expectations around:

ESG reporting
Ethical sourcing
Cyber resilience
Supply chain transparency
Sustainability performance

Businesses that invest early in supplier governance frameworks will be better positioned to reduce risk, improve operational resilience, and strengthen stakeholder trust.

Final Thoughts

Supplier compliance in Australia is no longer optional. Regulatory pressure, stakeholder expectations, and operational risks are driving businesses to take a more proactive approach to supply chain management.

Organisations that establish strong compliance processes can achieve more than risk reduction — they can also improve efficiency, strengthen supplier relationships, and enhance long-term business resilience.

As supply chains become more complex, effective supplier compliance will continue to play a critical role in protecting both business performance and brand reputation.

Supplier compliance is addressed in detail within our Contractor and Supplier Compliance Management Guide.

Sherm Software will help your organisation with all supplier compliance requirements. From automated notifications sent to the supplier prior to expiry of insurance and certification, to audit scheduling, Sherm has it all covered. Get in touch to learn more.

Contractor Inductions: Why Compliance Slips Through the Cracks

Posted on 21/04/2026 by Marnie Cruickshank

Across Australian worksites, from construction and mining to logistics and facilities management, contractor inductions are a routine part of onboarding. They’re meant to ensure every worker understands site rules, hazards, and responsibilities before starting work. On paper, the process looks solid. In practice, however, contractor inductions are one of the most common points where compliance quietly breaks down.

This isn’t usually due to negligence or bad intent. More often, it’s the result of rushed processes, fragmented systems, and assumptions that don’t hold up under scrutiny. Understanding where things go wrong is the first step to tightening compliance and reducing risk.

The “Tick-and-Flick” Mentality

One of the biggest pitfalls is treating inductions as a box-ticking exercise. When deadlines loom and contractors are needed on-site quickly, the focus shifts from comprehension to completion. Workers may click through online modules or skim documents just to gain site access.

The problem? Completion doesn’t equal understanding. If a contractor hasn’t genuinely absorbed key safety procedures, the business is exposed, not just to regulatory penalties, but to real-world incidents.

Inconsistent Induction Standards Across Sites

Many organisations operate across multiple locations, each with slightly different induction requirements. While some variation is necessary due to site-specific risks, inconsistency can create confusion, especially for contractors moving between sites.

Without a standardised baseline, important information can fall through the cracks. Contractors may assume they’ve “already done this before,” while site managers assume prior knowledge that may not exist.

Poor Record-Keeping and Verification

In an audit or incident investigation, documentation is everything. Yet many businesses still rely on scattered systems like emails, spreadsheets and paper forms to track inductions.

This fragmentation leads to common issues:

Missing or incomplete records
Difficulty verifying who completed what training
Expired inductions going unnoticed

When regulators come knocking, these gaps quickly become liabilities.

Language and Literacy Barriers

Australia’s workforce is diverse, and not all contractors will have the same level of English proficiency or literacy. Standard induction materials often fail to account for this.

If critical safety information isn’t clearly understood, the induction has effectively failed, even if it’s been “completed.” Visual aids, translated materials, and interactive formats can make a significant difference here, but they’re not always implemented.

Lack of Engagement and Relevance

Generic inductions that cover broad policies without tailoring to specific roles or risks tend to lose attention quickly. Contractors may struggle to see how the information applies to their actual tasks.

Effective inductions need to answer a simple question: What does this mean for me, today, on this site? Without that connection, retention drops and compliance weakens.

No Ongoing Reinforcement

Induction shouldn’t be a one-off event. Over time, people forget procedures, become complacent, or develop shortcuts. Yet many organisations fail to reinforce key messages after the initial onboarding.

Toolbox talks, refresher training, and periodic assessments are critical to maintaining compliance, not just establishing it.

Overreliance on Contractors to Self-Manage

It’s common for businesses to assume that contractors, especially experienced ones, will manage their own compliance. While contractors do carry responsibilities under Australian work health and safety laws, the host organisation still has a duty of care.

Assumptions like “they’ve done this before” or “they know the risks” can lead to dangerous gaps in oversight.

Closing the Gaps

Improving contractor induction compliance doesn’t necessarily mean adding more content, it means improving how it’s delivered, tracked, and reinforced.

Some practical steps include:

Standardising core induction requirements across sites
Using digital systems for real-time tracking and verification
Designing content for clarity, engagement, and accessibility
Incorporating site-specific, role-relevant information
Scheduling regular refreshers and compliance checks

Ultimately, contractor inductions are more than a procedural step, they’re a frontline defence against incidents and non-compliance. When done well, they set clear expectations, build safety culture, and protect both workers and businesses.

When done poorly, they create a false sense of security.

That’s where the real risk lies.

For a broader explanation of how inductions fit into defensible contractor management, see our Contractor and Supplier Compliance Management Guide.

Sherm Software can help close the gaps using the Contractor and Supplier Register by maintaining records and sending automatic notifications when scheduled refreshers and compliance checks are due.

Use our Checklist to assess whether your contractor compliance approach would stand up to audit, investigation, or client scrutiny.

Contractor Prequalification in Australia, More Than a Paper Chase

Posted on 07/04/2026 by Marnie Cruickshank

Across Australia, contractor prequalification is often treated as a compliance exercise—collect the required documents, tick the boxes, and move on. With strict regulatory frameworks and a strong focus on workplace safety, it’s understandable why documentation plays such a central role.

But here’s the reality, collecting documents alone doesn’t ensure a contractor is safe, capable, or reliable. In fact, over-reliance on paperwork can create blind spots that expose businesses to serious operational and legal risks.

Compliance Doesn’t Equal Capability

In the Australian context, contractors are typically required to provide:

Public liability and workers’ compensation insurance
Relevant licences and tickets (e.g. White Cards, high-risk work licences)
Safe Work Method Statements (SWMS)
Safety management plans and policies

These are all essential. However, they only confirm that a contractor meets minimum requirements at a specific point in time. They don’t guarantee that work will be carried out safely on-site or that systems are actively followed.

A contractor might submit a compliant SWMS, but is it actually used in day-to-day operations? Are workers properly trained, supervised, and accountable?

Documentation alone can’t answer these questions.

The Risks of a “Set and Forget” Approach

Many businesses adopt a “set and forget” model—documents are collected during onboarding and rarely revisited. In a fast-moving environment like construction, mining, or infrastructure, this approach can quickly become outdated.

Common issues include:

Expired insurances or licences going unnoticed
Generic SWMS that don’t reflect actual site conditions
Changes in subcontractors or workforce capability
Deterioration in safety performance over time

Under Australian Work Health and Safety (WHS) laws, businesses (PCBUs) have a duty to ensure, so far as reasonably practicable, the health and safety of workers—including contractors. Simply collecting documents is unlikely to meet this obligation if something goes wrong.

Bridging the Gap Between Paper and Practice

The key challenge is ensuring that what’s documented is actually implemented.

To bridge this gap, organisations need to go beyond collection and focus on validation. This might include:

Reviewing SWMS for task-specific relevance, not just completeness
Verifying licences with issuing authorities where applicable
Confirming insurance coverage directly with providers
Conducting site observations or audits
Speaking with referees about past performance

These steps help ensure that contractors are not just compliant on paper, but competent in practice.

Prequalification Should Be Ongoing

In Australia’s high-risk industries, conditions can change rapidly. That’s why contractor prequalification should be treated as a continuous process, not a one-off task.

A more effective approach includes:

Regular reviews of contractor documentation
Automated alerts for expiring licences and insurances
Monitoring incident reports and near misses
Periodic reassessment based on project risk

This dynamic model aligns more closely with WHS expectations and helps organisations stay ahead of potential issues.

Using Technology the Right Way

Digital prequalification platforms are becoming increasingly common across Australia, particularly in sectors like construction and energy. While these systems can streamline administration, they shouldn’t be used as a shortcut.

The real value of technology lies in:

Providing visibility over contractor compliance status
Enforcing document currency through automated reminders
Highlighting gaps or inconsistencies in submissions
Supporting ongoing monitoring and reporting

Technology should enhance decision-making—not replace critical thinking.

A Shift Towards Risk-Based Thinking

To strengthen contractor prequalification, Australian businesses need to shift their mindset from compliance to risk management.

Instead of asking, “Have we collected everything?”, the better question is, “Is this contractor genuinely capable of doing the job safely and effectively?”

This means considering factors such as:

The complexity and risk level of the work
The contractor’s track record and experience
Their safety culture and leadership
Their ability to adapt to changing site conditions

A risk-based approach ensures that higher-risk work receives greater scrutiny, rather than treating all contractors the same.

Building a More Robust System

A stronger contractor prequalification framework in Australia should include:

Baseline document collection to meet regulatory requirements
Verification processes to confirm accuracy and authenticity
Ongoing monitoring aligned with WHS obligations
Risk-based assessments tailored to specific work activities
Continuous improvement driven by performance data

This approach not only supports compliance but actively reduces the likelihood of incidents and disruptions.

Final Thoughts

In Australia’s regulatory environment, paperwork is essential—but it’s only the starting point.

True contractor prequalification goes beyond documents to assess real-world capability, behaviour, and risk over time. Businesses that move past the “paper chase” mindset are better equipped to protect their workers, meet their WHS duties, and deliver successful projects.

Because when it comes to contractor management, what happens on-site matters far more than what’s sitting in a folder.

This is explored further in our Contractor and Supplier Compliance Management Guide.

Sherm Software manages all of your Contractor and Supplier requirements, from monitoring incidents reported to notifications sent when expiry dates are approaching for documentation supplied. Get in touch and let us help you make periodic reassessment much easier.

Queensland Repeals HSR Access to WHSQ Enforcement Information

Posted on 31/03/2026 by Marnie Cruickshank

The Queensland State Government has made a significant—and controversial—change to the state’s work health and safety (WHS) framework. By repealing provisions that would have allowed Health and Safety Representatives (HSRs) to request and obtain enforcement information from Workplace Health and Safety Queensland (WHSQ), the government has reshaped the balance between transparency, regulatory control, and workplace power dynamics.

This development raises important questions about accountability, worker representation, and the future of safety oversight in Queensland workplaces.

Understanding the Repealed Rights

Under the now-repealed provisions, HSRs—and in some cases union officials—would have been able to request detailed compliance and enforcement information from WHSQ. This included data on:

Improvement notices
Prohibition notices
Non-disturbance notices

These notices are key regulatory tools. Improvement notices require employers to fix safety breaches within a timeframe, while prohibition notices address serious and immediate risks by halting unsafe activities. Non-disturbance notices preserve incident sites for investigation.

Access to this information would have given HSRs greater visibility into an employer’s safety history and regulatory interactions—potentially strengthening their ability to advocate for safer conditions.

Why the Government Repealed the Laws

The repeal forms part of broader amendments to Queensland’s WHS legislation. According to government statements, the decision was driven by concerns about misuse and overreach.

The repealed laws were criticised for:

Allowing unlimited requests for information
Lacking requirements for justification or relevance
Potentially enabling misuse by unions or representatives

The government argued that such provisions could be “weaponised” in industrial disputes, shifting the focus away from safety and toward workplace conflict.

In this context, the repeal is framed as an effort to restore balance and ensure that WHSQ remains focused on its core function: enforcing safety laws and preventing harm.

Implications for Workplace Safety

The removal of HSR access to enforcement data has sparked debate across industry, unions, and legal circles.

Potential Benefits:

Reduces administrative burden on WHSQ
Limits risk of sensitive information being used for non-safety purposes
Reinforces the regulator’s independence

Potential Risks:

Decreases transparency around employer compliance history
Limits HSR capacity to proactively identify systemic safety issues
May weaken worker participation in safety oversight

HSRs still retain important powers, including issuing provisional improvement notices (PINs) within their workgroups and participating in consultation processes.

However, without access to regulator-held information, their ability to form a complete picture of workplace risks may be constrained.

A Broader Policy Direction

This repeal reflects a broader policy direction within Queensland’s WHS reforms—one that appears to prioritise regulatory control and safeguards against perceived misuse over expanded information-sharing.

It also aligns Queensland more closely with the national model WHS framework, which does not provide equivalent broad access rights for HSRs to regulator enforcement data.

At the same time, the move highlights an ongoing tension in workplace safety law: how to balance transparency and worker empowerment with fairness, privacy, and the prevention of misuse.

Conclusion

The repeal of HSR rights to access WHSQ enforcement information marks a pivotal shift in Queensland’s approach to workplace safety governance. While the government frames the change as a necessary safeguard, critics argue it may reduce transparency and weaken frontline safety advocacy.

Ultimately, the long-term impact will depend on how effectively existing mechanisms—consultation processes, inspections, and enforcement actions—continue to protect workers without the added layer of information-sharing that has now been removed.

As Queensland’s WHS landscape evolves, this decision will likely remain a focal point in debates about the role of workers, regulators, and employers in maintaining safe workplaces.

ISO 45001 vs WHS Act: What Businesses Get Wrong

Posted on 20/03/2026 by Marnie Cruickshank

Many Australian businesses assume that if they’re certified to ISO 45001, they’ve “covered” their legal WHS obligations.

Others assume that if they comply with the WHS Act, there’s no need to worry about ISO certification.

Both assumptions are wrong.

Understanding the difference between ISO 45001 and Australia’s WHS legislation — and how they intersect — is critical to avoiding compliance gaps, wasted effort, and audit findings.

The Legal Foundation: The WHS Act

Australia’s work health and safety laws are built around the model Work Health and Safety Act 2011, adopted (with variations) across most states and territories.

The WHS Act:

Is law
Imposes mandatory duties
Creates enforceable obligations
Carries penalties for non-compliance

It establishes the primary duty of care for a PCBU (Person Conducting a Business or Undertaking) and requires risks to be eliminated or minimised so far as is reasonably practicable.

Regulators such as SafeWork NSW and WorkSafe Victoria enforce compliance.

Failure to comply can result in improvement notices, prohibition notices, fines, or prosecution.

The International Standard: ISO 45001

ISO 45001 is an international management system standard published by International Organisation for Standardisation.

It is:

Voluntary (unless contractually required)
A framework for managing OH&S risks
Audited by certification bodies
Focused on systems and continual improvement

It does not replace or override legal obligations.

The Core Difference

WHS Act = What you must do (legal duties)

ISO 45001 = How you can structure your system to manage those duties

One is law.

The other is a management framework.

Confusing the two is where businesses go wrong.

What Businesses Commonly Get Wrong

“We’re ISO Certified, So We’re Legally Compliant”

ISO 45001 requires organisations to identify and comply with applicable legal requirements — but certification does not guarantee legal compliance.

Auditors assess whether you have a system to manage compliance. Regulators assess whether you are actually compliant.

An organisation can pass an ISO audit yet still breach the WHS Act.

Certification bodies do not enforce legislation — regulators do.

Treating ISO as a Paper Exercise

Some businesses implement ISO 45001 purely for:

Tender eligibility
Prequalification
Client expectations

They build extensive documentation but fail to ensure controls are embedded operationally.

ISO 45001 emphasises:

Leadership commitment
Worker consultation
Risk-based thinking
Continual improvement

If documentation exists without real implementation, both ISO auditors and regulators will identify the gap.

Ignoring Officer Due Diligence

The WHS Act imposes personal duties on officers (e.g. directors and senior executives).

ISO 45001 requires leadership involvement — but it does not create personal criminal liability.

Some businesses mistakenly believe board-level review for ISO purposes automatically satisfies WHS due diligence.

Due diligence under the Act requires officers to:

Acquire knowledge of WHS matters
Understand operations and risks
Ensure resources are provided
Verify controls are implemented

That verification element is where many organisations fall short.

Confusing Risk-Based Thinking with “Reasonably Practicable”

ISO 45001 uses risk-based thinking to manage OH&S risks.

The WHS Act uses the legal test of “so far as is reasonably practicable.”

These concepts overlap — but they are not identical.

The legal test considers:

Likelihood of hazard or risk occurring
Degree of harm
What the person knows (or should reasonably know)
Availability and suitability of controls
Cost relative to risk

If risk assessments don’t reflect this reasoning, legal defensibility may be weak — even if ISO processes exist.

Over-Documenting to Satisfy ISO

ISO 45001 does not require excessive paperwork.

Yet many organisations create:

100+ page manuals
Multiple redundant forms
Complex approval pathways

The WHS Act does not require elaborate documentation either — it requires effective risk management and control.

Over-complication often creates implementation gaps.

Failing to Integrate Psychosocial Risk Management

Australian regulators are increasingly focused on psychosocial hazards (e.g. bullying, workload, fatigue).

While ISO 45001 covers psychological health risks in scope, many organisations:

Focus heavily on physical safety
Fail to systematically assess psychosocial risks
Lack documented controls

Regulators are far more likely to issue notices for these failures than ISO auditors are to withdraw certification.

Where ISO 45001 Adds Value

When implemented properly, ISO 45001 strengthens WHS compliance by:

Creating structured governance
Formalising consultation mechanisms
Improving documentation control
Embedding continual improvement
Driving leadership accountability

In mature organisations, ISO becomes a tool to demonstrate WHS compliance — not a substitute for it.

A Practical Comparison

WHS Act	ISO 45001
Mandatory law	Voluntary standard
Enforced by regulators	Audited by certification bodies
Breaches can lead to prosecution	Nonconformities affect certification
Focus on duties and risk control	Focus on systems and improvement
Personal liability for officers	Organisational certification only

The Smart Approach

Australian businesses should:

Treat the WHS Act as the baseline requirement
Use ISO 45001 as a structured framework
Ensure risk management aligns with the “reasonably practicable” test
Embed leadership accountability beyond symbolic review
Focus on implementation, not paperwork

Final Thoughts

ISO 45001 and the WHS Act are not competitors.

They operate at different levels:

The WHS Act defines your legal duty.
ISO 45001 provides a management system to help meet that duty.

Businesses get into trouble when they mistake certification for compliance — or treat compliance as a tick-box exercise.

In Australia, the safest position is this:

Build a WHS system that genuinely manages risk and meets legislative duties.

Then use ISO 45001 to strengthen, structure, and continuously improve it.

Get in touch with us today and see how Sherm Software and Safety for Life can help.

Our Audit Readiness Guide explains how businesses can design systems that withstand multiple audit regimes simultaneously.

Why Spreadsheets and Shared Drives Stop Working for Audit Readiness

Posted on 10/03/2026 by Marnie Cruickshank

For many Australian businesses, spreadsheets and shared drives start as practical solutions for managing compliance evidence, policies, and audit documentation. They are familiar, inexpensive, and flexible.

But as organisations grow and regulatory expectations increase, these tools often become the very thing that slows down — or jeopardises — audit readiness.

From ISO certifications to industry-specific regulations and internal governance reviews, businesses across Australia are finding that spreadsheets and shared folders simply cannot keep up with modern audit requirements.

Let’s explore why.

Version Control Becomes a Nightmare

In a spreadsheet-based compliance system, multiple people often update documents simultaneously.

This creates problems like:

Multiple file versions (e.g. RiskRegister_v5_FINAL_FINAL.xlsx)
Uncertainty about which document is the latest
Edits being overwritten
Important changes going untracked

During an audit, this leads to confusion and delays when auditors ask a simple question:

“Which version of this control was in effect during the review period?”

Without clear version history, proving this can become difficult.

Evidence Is Scattered Across Systems

Audits rely heavily on evidence.

However, when organisations rely on shared drives, audit evidence is often spread across:

Email attachments
Different folders on network drives
Personal desktop files
Team collaboration tools
Individual spreadsheets

This fragmentation creates a huge administrative burden during audits. Teams spend hours — sometimes days — searching for documentation instead of demonstrating compliance.

Worse still, critical evidence can be accidentally missed.

No Clear Ownership or Accountability

Compliance tasks typically involve many people across different teams:

IT
Finance
HR
Operations
Risk and compliance teams

In spreadsheets and shared drives, responsibilities are rarely structured. Tasks might be written in a sheet, but there’s usually no system enforcing:

Ownership of controls
Deadlines for reviews
Automated reminders
Escalation when tasks are overdue

Without clear accountability, controls that look complete on paper may actually be outdated or untested.

Limited Audit Trail

Auditors want to see a clear trail of activity.

They need to know:

Who updated a policy
When a risk assessment was last reviewed
When a control was tested
What changes were made

Spreadsheets rarely provide a reliable audit trail, especially when files are downloaded, copied, or edited offline.

This lack of traceability raises questions about the integrity of compliance records.

Scaling Becomes Impossible

A spreadsheet-based compliance approach may work when a business has:

One certification
A small team
Limited regulatory exposure

But as organisations expand, compliance requirements multiply. Businesses may need to manage:

Multiple standards
Several audits each year
Hundreds of controls
Dozens of evidence requests

At this point, spreadsheets become unmanageable. Teams end up maintaining multiple disconnected trackers that quickly fall out of sync.

Audit Preparation Becomes a Fire Drill

Perhaps the biggest problem with spreadsheet-driven compliance is what happens before an audit.

Instead of being continuously audit-ready, teams scramble to prepare documentation:

Evidence is chased across departments
Controls are quickly re-reviewed
Policies are updated at the last minute
Teams rush to assemble audit folders

This reactive approach increases stress, wastes time, and increases the risk of non-conformities.

Lack of Real-Time Visibility

Executives and compliance leaders need a clear view of risk and compliance status.

However, spreadsheets rarely provide real-time insight into:

Which controls are overdue
Which risks are increasing
Which departments are behind on reviews
What evidence is missing

Without this visibility, compliance management becomes reactive instead of proactive.

What Modern Audit-Ready Organisations Do Differently

Organisations that consistently pass audits with minimal disruption typically move beyond spreadsheets and shared drives.

Instead, they implement structured compliance systems that provide:

Centralised evidence management
Automated control tracking
Built-in audit trails
Clear ownership and accountability
Real-time compliance dashboards

This allows teams to maintain continuous audit readiness, rather than preparing only when an audit is scheduled.

The Bottom Line

Spreadsheets and shared drives are useful tools — but they were never designed to manage complex compliance frameworks or support audit readiness.

As Australian businesses face increasing regulatory expectations, relying on manual systems becomes risky and inefficient.

Moving toward a more structured approach to compliance management helps organisations:

Reduce audit stress
Improve accountability
Save time during reviews
Strengthen governance and risk management

And most importantly, it ensures that when auditors arrive, the business is already prepared.

Get in touch with us today and see how Sherm Software can help with that preparation.

Our Audit Readiness Guide explains what scalable, audit-ready systems look like in practice.

Audit Evidence: What to Keep, What to Drop, What to Digitise

Posted on 02/03/2026 by Marnie Cruickshank

If you’ve ever prepared for a WHS audit, you know the temptation: keep everything.

Folders expand. Shared drives overflow. Email chains get archived “just in case.”

But experienced auditors don’t reward volume — they look for relevance, reliability, and traceability.

Whether you’re preparing for a regulator interaction, client audit, or certification against ISO 45001, here’s how to decide what audit evidence to keep, what to drop, and what to digitise.

First: What Counts as “Audit Evidence”?

Audit evidence is any information that demonstrates your WHS management system:

Meets legal requirements (e.g. Work Health and Safety Act 2011 and state equivalents)
Is implemented in practice
Is effective and reviewed

Evidence must be:

Accurate
Current
Accessible
Traceable

If it doesn’t support those criteria, it’s probably clutter.

What to Keep

These are documents and records that auditors consistently request and rely on.

Core Governance Documents

Keep:

WHS policy signed by senior leadership
Roles and responsibilities
Organisational chart
Legal compliance register
Risk management procedure

These demonstrate structure and accountability.

Risk Management Records

Keep:

Current risk assessments
SWMS (where applicable)
Hazard registers
Control implementation records
Review evidence

Important: Outdated risk assessments that no longer reflect operations should be archived — not active.

Training and Competency Records

Keep:

Induction records
High-risk work licences
Verification of competency (VOC)
Refresher training logs
Supervisor competency evidence

Auditors look for proof that workers are competent at the time of work, not just when they were first hired.

Incident and Corrective Action Records

Keep:

Incident reports
Investigation findings
Root cause analysis
Corrective action tracking
Evidence of close-out

What matters most is showing that actions were implemented and verified.

Consultation Evidence

Keep:

Safety committee minutes
HSR records
Toolbox talk records
Worker consultation feedback

WHS legislation places strong emphasis on consultation — auditors expect to see evidence of it.

What to Drop (or Archive Properly)

Not all documents need to stay in your active audit folder.

Superseded Policies and Procedures

If a document has been replaced:

Archive it with version control
Remove it from operational folders
Ensure only current versions are accessible

Auditors often identify “document control failures” when outdated procedures remain in circulation.

Redundant Forms

Many organisations collect forms no one reviews:

Pre-start checklists never analysed
Hazard reports with no follow-up
Meeting minutes no one reads

If a record doesn’t inform decisions or improvements, question why it exists.

Excessive Email Evidence

Email chains are weak audit evidence unless:

They demonstrate formal approval
They verify a decision
They confirm action completion

Where possible, convert critical decisions into controlled records.

Duplicated Records

If information exists in multiple systems:

Choose one “source of truth”
Eliminate manual duplication
Reduce reconciliation errors

Duplication creates audit risk.

What to Digitise

Digitisation isn’t just about convenience — it improves traceability and audit readiness.

Training Registers

Move from spreadsheets to:

Centralised training management systems
Automated refresher alerts
Licence expiry tracking

This reduces non-compliance risk.

Risk Registers

Digital risk systems allow:

Version control
Review tracking
Control verification
Dashboard reporting

Auditors appreciate systems that clearly show when risks were last reviewed.

Corrective Action Tracking

Manual spreadsheets often fail because:

Actions aren’t assigned clearly
Deadlines aren’t monitored
Close-outs aren’t verified

Digital systems provide accountability and audit trails.

Contractor Management

Digitise:

Prequalification documents
Insurance currency
SWMS approvals
Induction records

This is especially valuable for construction, logistics, and multi-site businesses.

How Long Should You Keep WHS Records?

Retention requirements vary depending on the type of record and state legislation, but common examples include:

Incident records involving serious injury: often 5+ years
Health monitoring records (e.g. asbestos exposure): decades
Training records: duration of employment + additional period

Always align with applicable WHS regulations and industry-specific requirements.

The “Audit-Ready” Test

Ask these five questions about any document:

Does this demonstrate compliance or effectiveness?
Is it current?
Is it controlled (versioned and authorised)?
Can we retrieve it within minutes?
Does it show follow-through, not just intent?

If the answer is “no” to most of these, reconsider its place in your system.

The Biggest Mistake Businesses Make

They build systems for the audit — not for the business.

Auditors (including those assessing against ISO 45001) are trained to detect:

Over-documented systems
Forms created purely for compliance
Records that exist but aren’t used

Strong evidence is:

Simple
Relevant
Consistent
Embedded in daily operations

Final Thoughts

Good audit evidence isn’t about volume — it’s about clarity and control.

Keep what proves your system works. Drop what adds noise. Digitise what improves visibility and accountability.

An audit-ready organisation isn’t the one with the most folders. It’s the one where evidence is accurate, current, and easy to find — every day, not just before the auditor arrives.

Sherm Software will help you to become an audit-ready organisation, book a demo today to see how.

Our Audit Readiness guide explains how businesses can design systems that withstand multiple audit regimes simultaneously.

What WHS Auditors Actually Look For

Posted on 23/02/202623/02/2026 by Marnie Cruickshank

Work Health and Safety (WHS) audits can feel intimidating. Whether you’re preparing for a regulator visit, a client prequalification, or certification against ISO 45001, many businesses aren’t entirely sure what auditors are really assessing.

The good news? WHS auditors aren’t looking for perfection. They’re looking for evidence of a functioning safety management system that is practical, understood, and consistently applied.

Here’s what WHS auditors actually focus on.

Legal Compliance with WHS Legislation

First and foremost, auditors assess compliance with the relevant state or territory WHS legislation, such as:

Work Health and Safety Act 2011
SafeWork NSW requirements
WorkSafe Victoria guidance

They want to see that your organisation understands its primary duty of care, officer due diligence obligations, and worker responsibilities.

Typical evidence requested:

WHS policy signed by senior management
Documented responsibilities
Legislative compliance register
Evidence of periodic legal reviews

Risk Management Processes

WHS law is risk-based. Auditors expect to see a structured process for:

Hazard identification
Risk assessment
Implementation of controls
Review of control effectiveness

They’ll check whether your process aligns with the hierarchy of control (elimination, substitution, engineering, administrative, PPE).

Common areas reviewed:

High-risk construction work
Plant and equipment
Manual handling
Hazardous chemicals
Psychosocial hazards (increasingly important)

They’re not just checking paperwork — they’ll verify that controls exist in practice.

Consultation and Worker Participation

Under WHS laws, consultation is mandatory. Auditors will examine:

Health and Safety Representative (HSR) arrangements
Safety committee meeting minutes
Toolbox talks
Worker feedback mechanisms

They may interview workers directly. If employees can’t explain safety procedures or feel disconnected from the system, that’s a red flag.

Training and Competency

Auditors look for proof that workers are competent to perform their tasks safely.

Evidence may include:

Induction records
High-risk work licences
Verification of Competency (VOC) records
Supervisor training
Contractor onboarding systems

They’ll also check whether refresher training is scheduled and tracked.

Incident Reporting and Investigation

A strong WHS system treats incidents as learning opportunities.

Auditors review:

Incident reports
Investigation findings
Root cause analysis
Corrective actions
Evidence that actions were closed out

They may ask:

“Show me an incident from the last 12 months and what changed because of it.”

Documentation vs. Reality

One of the biggest misconceptions is that WHS audits are purely document checks.

They aren’t.

Auditors conduct:

Site inspections
Worker interviews
Observation of work practices

If your procedures say one thing but work is done differently, that gap will be identified. Consistency between Policy, Procedure and Practice is critical.

Contractor and Supplier Management

If you engage contractors, auditors will examine:

Prequalification processes
SWMS (Safe Work Method Statements)
Contractor induction
Monitoring and supervision
Performance reviews

Principal contractors and businesses conducting high-risk work receive particular scrutiny.

Emergency Preparedness

Auditors assess whether you are prepared for reasonably foreseeable emergencies.

They’ll review:

Emergency plans
Evacuation diagrams
Fire warden training
Drill records
First aid arrangements

And they’ll often ask workers what they would do in an emergency.

Continuous Improvement

A mature WHS system shows evidence of ongoing improvement.

Auditors look for:

Internal audits
Management review meetings
KPI tracking (e.g. TRIFR, LTIFR)
Corrective and preventive action systems

Certification audits (such as ISO 45001) place strong emphasis on leadership commitment and system improvement over time.

Officer Due Diligence

Under WHS law, company officers must exercise due diligence. Auditors may review whether directors and executives:

Receive WHS performance reports
Allocate adequate resources
Understand critical risks
Verify the implementation of controls

Board-level visibility of safety is increasingly expected.

**What Auditors Are Not Looking For**

A perfect safety record
Zero incidents
Overly complex documentation
A 500-page safety manual no one reads

They want to see a system that is:

Practical
Proportionate to your business size and risk
Understood by workers
Actively maintained

Final Thoughts

WHS audits are about evidence, consistency, and effectiveness.

If your safety system:

Identifies real risks
Implements appropriate controls
Involves workers
Learns from incidents
Demonstrates leadership commitment

…you’re already aligned with what auditors actually look for.

The key is not preparing for the audit the week before — it’s building a safety system that works every day.

Sherm Software is that safety system, book a demo today and see for yourself.

For a deeper explanation of how these expectations come together, see our guide to Audit Readiness for WHS, ISO and Principal Contractor Audits.