- The Public Health and Wellbeing Act 2008 requires that the risk management plan (RMP) be independently audited by an approved auditor every year.
- The aim of an audit is to confirm that the RMP addresses the critical risks prescribed in the Public Health and Wellbeing Regulations 2019.
- If the auditor believes that RMP fails to address the requirements of the Regulations, they must notify the department’s Legionella team, who will investigate the report.
- Visit the RMP Audit page for further information, including how often is an audit required, what records you need to maintain for an audit and where to find an approved auditor.
The Public Health and Wellbeing Act 2008 requires that the risk management plan (RMP) be independently audited by an approved auditor. This is the ‘statutory audit’. It should not be confused with a review of an RMP, which may be conducted at any time by a competent person.
Frequently asked questions (FAQs)
The purpose of the audit is to confirm that the RMP addresses the critical risks prescribed in the Public Health and Wellbeing Regulations 2019:
- stagnant water
- nutrient growth
- poor water quality
- deficiencies in the cooling tower system
- location and access.
The auditor will be required to satisfy themselves that the RMP meets the requirements of the Public Health and Wellbeing Act 2008 and the Public Health and Wellbeing Regulations 2019. The auditor must be satisfied that the risk factors have been considered and addressed as required, based on the risk analysis.
The auditor will also need to view the maintenance logbooks and any other documents referred to in the RMP to satisfy themselves that the RMP is being implemented. For example, where the RMP identifies a work program to install a drift eliminator by a particular date, the auditor will need to see proof that it has been installed, such as a statement from the supplier.
An annual audit of the RMP is required.
The Public Health and Wellbeing Act 2008 specifies that only people approved by the department can be engaged to audit cooling tower system RMPs. All approved auditors are listed under Risk management plan auditors.
The audit is essentially a paper audit. It may be undertaken by forwarding copies of all relevant documents to the auditor for an off-site audit. This may be particularly suitable in more remote areas where the travel time and costs of attendance on-site would be significant. However, it is important to note that the original documents must be available for inspection at all times.
If the auditor believes that the requirements of the legislation have not been met, they must notify the department’s Legionella Team, who will investigate the report.
In addition to the RMP, the auditor will need to inspect maintenance records.
The Public Health and Wellbeing Regulations 2019 require the responsible person to keep for the preceding 12 months:
- all maintenance activities undertaken in relation to the system; this includes records of any services, cleans, inspections and repairs to the system
- all microbiological test results of samples taken from the system
- any approval issued by the Secretary of the department to use a different method of maintenance and testing.
Reviewed 31 January 2022