How to Create a WHS Compliance Review for Insurance
A systematic procedure for reviewing organisational compliance against Australian Work Health and Safety legislation, regulations, and Codes of Practice.
Purpose
To assess the organisation's level of compliance with WHS obligations, identify gaps, and develop action plans to achieve and maintain full compliance.
Scope
Covers all WHS obligations including risk management, consultation, training, incident management, emergency preparedness, and documentation requirements across all workplace locations.
Prerequisites
- Current copies of the WHS Act, Regulations, and applicable Codes of Practice
- Access to existing WHS management system documentation
- Previous compliance review reports and audit findings
- List of all workplace locations and operational activities
Aligns with ASIC regulatory requirements, General Insurance Code of Practice, and AFSL obligations. Includes audit trail provisions.
Step-by-Step Procedure
Define the Scope and Criteria
Establish the scope of the compliance review including locations, legislative obligations, and specific areas of focus.
- 1.1Identify the WHS legislation, regulations, and Codes of Practice applicable to the organisation
- 1.2Determine which locations and operations will be included
- 1.3Define the review criteria and compliance benchmarks
- 1.4Set the review timeline and assign the review team
Gather Documentation and Evidence
Collect all relevant WHS documentation, records, and evidence needed to assess compliance against each legislative requirement.
- 2.1Collect WHS policies, procedures, and safe work method statements
- 2.2Gather training records, induction registers, and competency logs
- 2.3Obtain risk assessments, inspection reports, and incident records
- 2.4Retrieve consultation records — WHS committee minutes, HSR documentation
- 2.5Compile emergency management plans and drill records
Assess Compliance Against Each Requirement
Systematically evaluate the organisation's compliance with each applicable legislative requirement. Document findings and evidence.
- 3.1Review each requirement against available documentation and practices
- 3.2Interview key personnel to verify procedures are being followed
- 3.3Observe workplace practices to confirm compliance in action
- 3.4Rate each item as compliant, partially compliant, or non-compliant
- 3.5Document evidence supporting each assessment
- Look beyond documentation — actual workplace practices may differ from written procedures
Identify Gaps and Non-Conformances
Analyse assessment results to identify compliance gaps, prioritise them by risk, and categorise the type of non-conformance.
- 4.1List all non-compliant and partially compliant items
- 4.2Classify gaps as documentation, implementation, or systemic issues
- 4.3Risk-rate each gap based on potential consequence and likelihood of regulatory action
Develop the Compliance Action Plan
Create a prioritised action plan to address all identified compliance gaps. Assign owners, resources, and realistic timeframes.
- 5.1Define specific corrective actions for each gap
- 5.2Assign an action owner with appropriate authority
- 5.3Set realistic due dates, prioritising high-risk non-conformances
- 5.4Estimate resource requirements — budget, personnel, external expertise
- Present the action plan to senior management to secure resources and commitment
Report Findings to Management
Compile a formal compliance review report summarising findings, risk ratings, and the action plan. Present to senior management and the WHS committee.
- 6.1Prepare an executive summary highlighting critical gaps
- 6.2Include detailed findings with evidence and recommendations
- 6.3Attach the compliance action plan with timelines
- 6.4Present the report at the management review or WHS committee meeting
Implement and Monitor Corrective Actions
Execute the compliance action plan, monitor progress, and conduct verification checks to confirm gaps have been closed.
- 7.1Track action completion against the plan
- 7.2Provide support and resources to action owners
- 7.3Conduct spot checks to verify implementation
- 7.4Update the compliance register as items are addressed
Schedule the Next Review Cycle
Establish the date for the next compliance review and update the review schedule. Incorporate lessons learned into future review processes.
- 8.1Set the date for the next scheduled review
- 8.2Update the review template to reflect any legislative changes
- 8.3Archive the current review report and supporting documentation
Quality Checkpoints
Common Mistakes to Avoid
Expected Outcomes
Percentage of legislative requirements assessed as fully compliant, with a target of continuous improvement toward 100%
Percentage of identified compliance gaps closed within the target timeframe
Reduction in improvement notices, prohibition notices, or infringement notices from the WHS regulator
Frequently Asked Questions
What is the difference between a compliance review and a WHS audit?
A compliance review focuses specifically on whether the organisation meets legislative and regulatory requirements. A WHS audit is broader and assesses the entire WHS management system, including policy, planning, implementation, performance measurement, and review processes.
How often should a WHS compliance review be conducted?
A comprehensive compliance review should be conducted at least annually. However, reviews should also be triggered by significant legislative changes, major incidents, organisational restructures, or new operations.
Who should conduct the compliance review?
The review should be led by the WHS manager or a competent person with knowledge of WHS legislation. For objectivity, consider using an external WHS consultant or auditor for periodic reviews.
Want this customised for YOUR business?
We'll tailor every step to your exact operations, tools, and team structure.