Zepth Core · Quality & Safety

HSE Audits

Inspections check conditions. Audits check the machine that is supposed to check conditions.

Last updated

Zepth Core module

HSE Audits

AI agent built into the module
Standardised templates & scoringLife-critical red flagsEvidence-based closureRepeat-finding detection

30%

of the world’s fatal workplace injuries happen in construction — from about 7% of the workforce

ILO estimate

6 in 10

US construction deaths caused by the Fatal Four: falls, struck-by, electrocution, caught-in

OSHA

$1.5M+

the average total cost of a single workplace death — before indirect costs

NSC Injury Facts

1:1–20:1

indirect cost against direct cost, depending on severity

NSC Injury Facts

A range, not a multiplier. The ratio varies with severity, and any single figure misrepresents it.

Overview

An HSE audit tests whether a project’s safety management system actually works — not whether the site looks safe today, but whether the system would catch tomorrow’s hazard.

Inspections check conditions. Audits check the machine that is supposed to be checking conditions. Projects that confuse the two pass every inspection right up until the incident.

Why HSE audits are critical

Construction remains one of the most dangerous industries on earth. The ILO estimates the sector accounts for around 30% of fatal occupational injuries worldwide while employing about 7% of the workforce; in industrialised countries, its estimates put construction at 25–40% of work deaths from 6–10% of workers. In the US, over a thousand construction workers are killed on the job each year, and OSHA’s “Fatal Four” — falls, struck-by, electrocution, caught-in or between — account for roughly six in ten of them.

The money follows the harm. The National Safety Council puts the average cost of a medically consulted work injury at around $48,000, and a workplace death at over $1.5 million — before the indirect costs, which run anywhere from equal to the direct figure up to twenty times it, depending on severity.

And unlike much of what gets asserted about safety programmes, the audit has actual evidence behind it. Evaluations of Canada’s COR audit-certification programme found that audited, certified firms achieved greater reductions in serious injury and fatality rates — and that lower audit scores were associated with higher injury rates. The instrument works. The caveat is what the rest of this page is about: it works when it has teeth.

The role of audits in project performance

  • Audit versus inspection — the distinction that decides everything else. An inspection is frequent, condition-focused and checklist-driven: is the edge protection up today? An audit is periodic, system-focused and evidence-sampled: do inspections happen, do findings close, are the training records real, would the system catch what nobody is currently looking at? A site can pass every inspection and fail an audit. That combination is a warning, not a comfort.

  • Scores have to mean something. Common practice weights sections — documentation, site conditions, behaviour, management engagement — with red-flag overrides, so that any life-critical finding caps the score regardless of the paperwork. Two disciplines separate real scoring from theatre. Normalise for hazard exposure: 95% during finishing works is not 95% during steel erection. And treat a repeat finding across audits as a system failure demanding root-cause review, not as another action item.

  • The closure loop is the audit. Finding, risk-rank, owner and deadline, verification with evidence, close, trend. Time-to-close on corrective actions is itself a leading indicator worth watching. An audit whose findings die in a spreadsheet was a site tour with a clipboard.

  • Subcontractor audits are self-defence. Under multi-employer citation policies the controlling contractor can be cited for a subcontractor’s violation, and GCC prequalification regimes gate future work on HSE performance. Auditing your subcontractors is not courtesy. You can back-charge the cost of correction under the contract; you cannot contractually transfer reputational or criminal exposure.

When audits become checkboxes

Audit fatigue is real. On a large GCC project a single subcontractor can face client audits, main-contractor audits, ISO 45001 surveillance, municipality inspections and internal audits in the same quarter. What that produces is not safety. It is a team that has learned to pass audits — perfect paperwork, and the edge protection still isn’t up.

There is a law for this, and it was not written about construction:

When a measure becomes a target, it ceases to be a good measure.
Marilyn Strathern’s formulation of Goodhart’s Law

What a gamed audit actually costs

The consequence chain runs: superficial audit, unverified controls, persistent violation, incident, investigation and fines, insurance and EMR impact with a multi-year tail, prequalification blacklisting, lost bids. The fine is the smallest number in that chain, and it is the only one anybody talks about.

The countermeasures are known and unglamorous. Consolidate the audit calendar so the same ground is not walked five times a quarter. Mutually recognise credible third-party audits instead of duplicating them. Run unannounced thin-slice audits rather than announced comprehensive ones. Weight field verification above document review. And rotate auditors, because a familiar auditor is an auditor who can be staged for.

How Zepth runs HSE audits

Audit templates, scoring and red-flag logic are standardised across projects, so a score means the same thing in two places. Findings route automatically to owners with deadlines and escalation. Closure requires evidence, not assertion.

Dashboards trend scores, closure velocity and repeat findings by subcontractor and by project. That is the difference between an audit programme and a folder of PDFs.

The value

Why it matters

The audit tests the system, not the housekeeping — so it can catch the hazard nobody is currently looking at.

A score means the same thing on every project, because the template, the weighting and the red-flag logic are the same.

Findings close against evidence, and repeat findings trigger root cause rather than another line item.

Subcontractor safety performance is a number you can act on at prequalification, not a reference you take on trust.

Capabilities

What you can do

01

Standardised templates & scoring

Audit templates, section weightings and red-flag overrides applied across projects, so scores are comparable rather than local.

02

Life-critical red flags

A life-critical finding caps the score regardless of how good the documentation is, and escalates the same day.

03

Evidence-based closure

A finding closes on evidence, not on someone marking it done. An open finding is an open risk and stays visible.

04

Repeat-finding detection

The same finding recurring across audits, projects or subcontractors is surfaced as a system failure, not filed as a new action.

05

Offline field capture

Audits run from mobile in the field, offline-capable — because the places worth auditing rarely have signal.

06

Subcontractor trending

Scores, closure velocity and repeat rates by subcontractor, feeding prequalification and leadership review.

The workflow

How it actually runs

  1. 1

    Plan on risk, not on the calendar

    System audits annually. Thematic audits against phase risk — working at height during structure, hot work during MEP. Subcontractor audits triggered by performance, not by rota.

  2. 2

    Execute by sampling evidence

    Across documents, conditions and behaviours — not documents alone. Findings graded life-critical, major or minor at the point of capture.

  3. 3

    Report and escalate

    Scored, trended against previous audits, red flags escalated the same day. A life-critical finding does not wait for the report to be typed up.

  4. 4

    Close with evidence

    Every finding owned, deadlined and verified with evidence rather than assertion. Repeat findings escalate to root cause instead of being logged again.

  5. 5

    Trend

    Scores, closure times and repeat rates by subcontractor and project — feeding prequalification decisions and leadership review, which is where an audit programme either has consequences or does not.

AI that does the work

How AI changes HSE Audits management.

Repeat-finding detection.

The same finding recurring across audits, projects or subcontractors is surfaced automatically — the system-failure signal that human reviewers miss when it is spread across hundreds of individually-closed findings.

Closure-risk flagging.

Aging open findings ranked by risk class and drafted into the weekly HSE review before the meeting, rather than discovered after the incident.

Audit-to-incident correlation.

Audit scores read alongside violations, observations and incidents. When a subcontractor’s audit score and its violation trend move in opposite directions, someone is staging audits — and that divergence is visible in the data long before it is visible on site.

Plain-language answers.

“Show open life-critical findings older than 14 days, by subcontractor” — answered from live project data, with a human making every judgment that follows.

The engineer’s judgment stays in charge; the AI removes the latency and the blind spots.

Best practices

  • Normalise scores for hazard exposure. 95% during finishing works is not 95% during steel erection, and a scoring system that cannot tell the difference is measuring the wrong thing.
  • Treat a repeat finding as a system failure, not another action item. If the same thing is found twice, the finding was never the problem.
  • Weight field verification above document review, and run audits unannounced. An announced audit measures how well a site prepares for audits.
  • Rotate auditors. A familiar auditor is an auditor who can be staged for — and staging is invisible from the score alone.

Dashboards & reporting

Audit scores, open findings and corrective-action ageing, trended by subcontractor, project and phase — with closure velocity and repeat-finding rates alongside them. Exportable for client and regulatory HSE reporting, and structured to feed prequalification decisions rather than just to be filed.

Live dashboards
Drill-down & filters
Export to Excel / PDF
FAQ

Common questions

What is the difference between an HSE audit and a site safety inspection?

An inspection checks conditions — is this site safe today? An audit checks the system — do inspections happen, do findings close, would the process catch tomorrow’s hazard? You need both, because they answer different questions. A site that passes every inspection and fails an audit is not doing well.

Read the full answer
How often should HSE audits be conducted?

Risk-based. Daily pre-task checks and weekly walks sit in the inspection layer. Internal audits typically run monthly to quarterly according to phase risk, and a full system audit at least annually — ISO 45001 requires internal audits at planned intervals.

How are audit scores calculated?

Typically weighted sections — documentation, conditions, behaviour, management engagement — with red-flag overrides so a life-critical finding caps the score regardless of the paperwork. The two integrity conditions: normalise for hazard exposure, and never let document review outweigh field verification.

Do safety audits actually reduce accidents?

The best evidence says yes, when they have teeth. Evaluations of Canada’s COR programme found certified firms achieved greater reductions in serious injuries and fatalities, and that lower audit scores tracked with higher injury rates. Gamed audits predict nothing — which is a finding about audit integrity, not about audits.

Read the full answer
Who is responsible for a subcontractor’s safety violation?

Potentially both of you. Controlling contractors can be cited for a subcontractor’s violation under multi-employer citation policies. Practically: prequalify on safety history, flow down HSE requirements, audit your subcontractors, and back-charge correction costs per the contract — while understanding that the cost is the part you can transfer and the exposure is not.

Read the full answer
What happens to audit findings?

Each one gets a risk class, an owner, a deadline, and evidence-based closure verification. Repeat findings trigger root-cause review rather than another action item. An untracked finding is not a loose end — it is a documented liability, written down by you, that nobody closed.

Sources

  • ILO — “Construction: a hazardous work” (estimates of construction’s share of fatal occupational injury)
  • US Bureau of Labor Statistics — Census of Fatal Occupational Injuries (construction fatalities)
  • OSHA — Focus Four hazards; multi-employer citation policy
  • National Safety Council — Injury Facts (injury and fatality costs; indirect-to-direct cost range)
  • University of British Columbia — evaluation of the COR audit-certification programme
  • ISO 45001 — occupational health and safety management systems (internal audit at planned intervals)

Zepth is the construction project delivery platform — it runs construction, procurement and asset management on one record, and does the work: reading the drawings, reviewing the submittals, matching the invoices and flagging the risks, with a human sign-off on anything consequential.

See it on your project.

A short, tailored walkthrough on your real workflow — no generic demo.