Internal audits are carried out in order to determine if the Health, Safety, Environmental and Quality (HSEQ) management system is well implemented and/or if the system can be improved. Every single ship will be visited for an internal audit annually.
The master on board receives a copy of the internal audit report. If applicable, General Reports, used for the registration of non-conformities and observations/suggestions for improvement are attached. The HSEQ manager Fleet takes care of distribution of other copies. The master is responsible for the follow-up of the outstanding General Reports. If necessary, the HSEQ manager Fleet will assist.
As soon as ship related General Reports are solved, the master on board sends copies of the report back to the HSEQ manager Fleet, including possible evidence of the solution. The HSEQ manager Fleet keeps a register of all General Reports and controls the follow-up.
External audits can be carried out in order to establish whether:
- the safety management system (HSEQ system) is implemented properly.
- the applicable certificates can be issued or endorsed.
The HSEQ department always contacts the master on board well in advance about the date of an external audit.
The master receives the original external audit report. He takes care of sending a copy to the HSEQ manager Fleet. The master is responsible for the follow-up of possible non-conformities and/or observations. If necessary the HSEQ manager Fleet will assist. As soon as non-conformities are solved, the master completes the part “corrective action carried out” on the non-conformity notes, attaches possible evidence and sends them back the HSEQ manager Fleet. If applicable, he will brings the solutions to the attention of the LRQA who will close out the non-conformities. As soon as a non-conformity is closed, the HSEQ manager Fleet sends the original back to the vessel.
In order to check if working methods come up to the requirements of our HSEQ management system, a checklists is made. The audit checklist is based on the requirements in the ISPS code.
The following is covered by means of this checklist:
• Policy, organisation and management
• Management system including review
• Document control, certificates
• Procedures and instructions
• Internal/external audits, corrective actions
• Emergency preparedness/drills and training
• Ship’s security
Only in case of hard evidence (must be documented), non-conformities are issued by means of a General Report. In case of doubt or non-structural errors (an “observation”), a General Report will be issued as well, stating a suggestion for improvement. The number of General Reports is stated on the cover sheet. Not all findings lead to separate General Reports: if applicable, more findings are summarised in one.
During the opening meeting with the Master and SSO on board, it was explained that that the internal ISPS audit will be held against the requirements of the ISPS code, flag requirements and company's requirements.
1.1 Access control, is ID checked, visitors log checked & restricted areas controlled?
1.2 Appearance of gangway watch ( neat working clothes / appropriate ppe / professional attitude)?
1.3 Are access control procedures clearly implemented and is the personnel in charge of access control familiar with his duties?
2.1 Have all ncn's & OBS from the last external audit been reported in Walfis?
2.2 Has corrective & preventive actions for the last ncn's & OBS been entered in Walfis?
3.1 Have all ncn's & OBS from the last internal audit been reported in Walfis?
3.2 Has corrective & preventive actions for the ncn's & OBS been entered in Walfis?
4.1 Is the copy Declaration of company security officer available on board?
4.2 Is the SSO trained & certified & familiar with his duties?
4.3 Continuous Synopsis Records complete ( also note 1). The file of previously issued CSRs complete?
5.1 Is an approved SSP available & updated acc. last amendments?
5.2 Is the SSP & related records protected from unauthorized access or disclosure?
6.1 Is the security level set correctly as required by flag & port authorities & all personnel aware of the current level?
6.2 Is all security equipment maintained as required by the SSP?
6.3 Are training & drills carried out as per ISPS code & SSP?
6.4 Is the AIS working properly?
6.5 Is the SSAS operational and records for tests & maintenance available?
6.6 Can CSO be identified by SSO / crew & are contact details available?
6.7 Is the SSP been reviewed by the SSO and reported in Wafis?
6.8 Is the security system found implemented on board, acc. the SSP?
What was the topic of the last security drill?
The internal ISPS audit followed a sampling process & it is possible that non conformities may exist even in areas that have been covered by the audit.
All non conformities & observations reported must be entered in the Walfis HSEQ General reporting module by the master.
Furthermore, the master in cooperation with responsible officer of the department has to take timely corrective action on all non conformities & observations and add this in the Walfis.