The Safety Audit Process

The Safety Audit Process

The safety audit is the mechanism by which adventure activity operators demonstrate compliance with the Adventure Activity Regulations. Understanding what auditors look for helps you prepare effectively.

Who Conducts Audits

Audits are conducted by audit providers accredited by JAS-ANZ (Joint Accreditation System of Australia and New Zealand). Accreditation is also recognised by DOC for concession requirements. Local councils and other agencies may also require audit approval as part of their regulatory oversight.

Regulatory Agencies

The audit framework incorporates requirements from multiple authorities:

• WorkSafe NZ — primary regulator for adventure activities under the Health and Safety at Work Act
• Civil Aviation Authority — aerial adventure activities (skydiving, helicopter operations)
• Maritime NZ — water-based commercial activities
• Department of Conservation — activities on DOC land (concession conditions)

The Four Audit Phases

Phase 1: Pre-engagement preparation

• You provide your Safety Management System documentation to the auditor
• Auditor reviews your risk assessments, SOPs, staff records, equipment logs, and incident records
• Auditor identifies areas to focus on during the on-site visit

Phase 2: SMS review

• Detailed assessment of your written safety documentation
• Does your SMS meet the requirements of the Safety Audit Standard?
• Are your procedures appropriate for your activities and environment?
• Is natural hazard risk management explicitly addressed?

Phase 3: On-site evaluation

• Auditor observes activities in operation
• Interviews with staff to assess understanding of procedures
• Equipment inspection
• Assessment of how your written procedures match actual practice

Phase 4: Ongoing monitoring

• Post-audit: corrective actions for any non-conformances
• Tracking completion of actions before registration is granted or renewed
• Your SMS must be continuously maintained between audits

Audit Standards

The framework references ISO/IEC 17021, covering provider review, auditor qualifications, conflict management, and information sharing.

Preparing for Your Audit

• Ensure all SMS documentation is current and accessible
• Check that all staff records (qualifications, first aid, training) are up to date
• Review your incident records — auditors will look for evidence of learning from incidents
• Ensure your risk assessments explicitly address natural hazards (required from April 2024)
• Practise talking through your procedures with staff before the on-site visit

Note: The audit is not a test you pass once — it is the beginning of a continuous improvement cycle. The most successful operators treat their SMS as a living document, not a one-time compliance exercise.