Does your organisation have an appointed "competent person" to help you manage H&S? Competency is defined as having suitable and sufficient qualifications, training, knowledge and experience.
Yes No
Do you have a formalised and regularly reviewed health and safety policy that ensures your workplace is a safe environment to work in, and is it formally communicated to or provided to all staff?
Yes No
Does your health and safety policy include all of the following?
a. A statement of intent outlining your commitment to health and safety
b. Specific organisational roles and responsibilities.
c. Specific arrangements for securing the health, safety, and welfare of all employees and others, e.g. risk assessment, fire safety policy and arrangements, accidents and incidents including violence to staff, legionella, asbestos, COSHH, display screen equipment use and operation.
Yes No
Are all the work-related tasks and activities carried out by your employees, whether at your workplace or elsewhere, subject to a risk assessment completed by a competent person?
Yes No
Are your risk assessments reviewed regularly, and do these reviews result in documented further actions to improve H&S standards?
Yes No
Are there documented Safe Working Procedures in place for high-risk activities, have employees been trained in these procedures and is there a clear audit trail for this training?
Yes No
Do you advise your employees of the significant findings of your risk assessments and is this recorded?
Yes No
Do all your employees receive health and safety training as part of their induction from a 'competent person' and is this training documented/recorded?
Yes No
Have all your directors and senior managers received specific training on their health and safety roles and responsibilities?
Yes No
Do you have a detailed accident reporting and investigation policy?
Yes No
Are all serious accident / incidents thoroughly investigated, and root causes identified and addressed?
Yes No
Do you issue contracts of employment to all employees? From the start date of joining or during the onboarding process?
Yes No
Do your contracts of employment include ALL of these mandatory sections?
a. Names of both parties
b. Employment start date
c. Salary
d. Date and frequency of pay
e. Working hours
f. Holiday entitlement
g. Sickness
h. Pension
i. Notice periods
j. Job title
k. Period of contract
l. Place of work
m. Collective agreements
Yes No
Do all employees have access to an employee handbook with HR policies and procedures?
Yes No
Do you hold job descriptions and person specifications for all roles within your organisation on a central database or similar? e.g a HR management system.
Yes No
Do you implement ongoing recruitment training within your organisation?
Yes No
Do you have a disciplinary process that is in line with the ACAS code?
Yes No
Do you set and formalise targets and SMART objectives annually, that are aligned to your business needs, for all employees?
Yes No
Are you completely confident that you (and other managers involved) can carry out fair and consistent disciplinaries through all the stages, i.e. investigation, hearing, evaluating evidence, and delivering the appropriate outcome?
Yes No
Do you have a grievance procedure in line with the ACAS code?
Yes No
Has your grievance procedure been effectively communicated to all managers and employees through your business communication channels?
Yes No
Do you have a formalised diversity and inclusion (equality) policy in place?
Yes No
Do you regularly gather and monitor data that enables you to ensure compliance to your diversity and inclusion policy?
Yes No
Previous Section
Submit Form
Next Section
Do you have a current and formalised fire risk assessment?
Yes No
Is your fire risk assessment conducted by a competent person who has the relevant training, knowledge, and experience?
Yes No
Do you have fire controls in place which include all of the following?
a. Daily visual checks on alarm panel
b. Weekly call point checks
c. Fire door checks (gaps/intumescent strips)
d. Fire extinguisher checks
e. Signage and emergency lighting checks
f. Exit route checks
g. Fire drills
Yes No
Is the building's electrical fixed installation subject to periodic inspection and testing by a competent contractor (NICEIC, ECA, NAPIT, SELECT etc)?
Yes No
Is every electrical portable appliance issued and used by your organisation subject to periodic inspection and testing by a competent person?
Yes No
Is the mains gas system/gas appliance subject to an annual service / serviced annually by a competent Gas Safe registered contractor?
Yes No
Where you own and insure your buildings, have you had a rebuild valuation carried out in the past 24 months?
Yes No
Were your premises built before 2000?
Yes No
Do you have an up-to-date 'Management Asbestos Survey' or 'Type 2 Survey' asbestos survey?
Yes No
Have all the remedial actions identified on the asbestos survey been completed and have you implemented a management plan for the control of any asbestos containing materials?
Yes No
Do you have a Fixed Asset Register, AND has it been reviewed in the last three years?
Yes No
Have you checked your roofs, gulleys, downpipes and gutterings for debris in the last 6 weeks?
Yes No
Previous Section
Submit Form
Next Section
Do you have the latest antivirus software installed on ALL your servers and computers?
Yes No
Do you regularly backup all of your critical data to an air-gapped backup solution to prevent unauthorised access, and are you confident this is well-maintained?
Yes No
Do you make sure that all of your servers, network devices and computers are kept updated with the latest operating systems and security patches within 14 days of release?
Yes No
Do you have a robust email security solution in place to ensure emails you receive are protected against viruses and phishing?
Yes No
Do you have a suitable solution in place to prevent users from accessing risky or 'not suitable for work environment' websites?
Yes No
Do you regularly review the configuration and administrative settings in your cloud applications (such as an online accounting system) to ensure that they are as secure as possible?
Yes No
Do you make sure all your employees are using multi-factor authentication (such as a one-time code sent to your mobile) to log into your network and systems?
Yes No
Do you carry out regular cyber security awareness training for all your employee, and measure the results?
Yes No
Do you securely keep all logs from your security solutions for a minimum of 90 days and monitor the alerts and logs from your cyber security solutions (e.g antivirus, firewalls, email security) on a continuous basis 24/7, every day of the year?
Yes No
Do you have a formalised cyber incident response plan in place, and have you tested it recently?
Yes No
Previous Section
Submit Form
Next Section
Do you have a formalised business continuity plan (BCP)?
Yes No
Does it address all of the major risks you face? Consider the risks to your critical equipment, buildings, IT, staff, suppliers and other crucial areas to your operations.
Yes No
Has it been reviewed and updated in the past 12 months?
Yes No
Has it been communicated to all relevant staff in the past 12 months?
Yes No
Has it been tested in the past 12 months?
Yes No
Do you feel completely confident that your BCP will adequately support the recovery of your business following a major incident?
Yes No
If you lost your main premises for any reason, could you continue to operate with minimal disruption?
Yes No
If you lost any critical equipment for any reason, could you continue to operate with minimal disruption?
Yes No
If you lost your main IT application for any reason, could you continue to operate with minimal disruption?
Yes No
If you lost a critical supply line or supplier for any reason, could you continue to operate with minimal disruption?
Yes No
Previous Section
Submit Form
Next Section
As part of your organisational activity do you operate vehicles and or require employees (regardless of full/part time, temporary, casual or agency) to use their own vehicle or arrange short term temporary hired vehicles?
Yes No
Do you have a 'competent person' to manage your fleet and driving at work activity? (Competence must be evidenced through formal qualification, relevant training and industry experience.)
Yes No
Do you have a written health and safety policy, which specifically includes 'driving at work'? And does it include written risk assessments for the driver, vehicle and journey which are regularly reviewed and evidenced?
Yes No
Do you know in advance of any business journey, who is driving any vehicle at any time? (business journeys can be infrequent, short in distance and not core to the driver's job role, which includes attendance at training courses, meetings, seminars etc)
Yes No
Can everyone in your business evidence their individual responsibilities when it comes to managing driving on company business? (including evidence of compliance with legislation plus driving related policies and procedures, which are effectively communicated between management and drivers and further recommunicated at any point of review and update)
Yes No
Can you demonstrate with evidence, the legality, competence and capability for all drivers to operate in a way that is safe for them and other road users? (This includes legal entitlement, assessment and training, and physical and mental fitness to drive.)
Yes No
Any vehicle operating under your control regardless of ownership must be maintained and be legally roadworthy at all times of use. You must also have an effective defect reporting system. Are your procedures adequate and checks conducted periodically?
Yes No
Can you consistently demonstrate with supporting evidence that you ensure that journeys are effectively planned and within acceptable and realistic work schedules to reduce driver fatigue and distraction? Including that this is monitored and management reports are acted upon, and procedures changed where necessary.
Yes No
For every collision, do you conduct an interview with the driver and fully investigate the incident? Can this be evidenced with action taken where issues are highlighted?
Can you demonstrate that:
- those undertaking investigation are competent?
- investigation procedures are consistently applied across the business?
- all recommended actions are provided to management?
- disciplinary action is taken where identified as necessary or re-training is arranged and followed through?
Yes No
Do you understand the full cost impact of driver and vehicle management? (Can you identify and influence unseen/unknown costs including true costs of a driving incident to the business?)
Yes No
Do you outsource any of your fleet responsibility?
Yes No
Does the Executive Board or Senior Management review fleet activity regularly?
(Are they made aware through regular information of the safety and cost implications, and the need for areas of improvement?)
Yes No
Previous Section
Submit Form
Next Section
