How to Audit Safety KPIs for False Confidence in 30 Days

Safety KPIs can make a leadership team sharper, but they can also make it falsely calm. This how-to guide shows EHS managers how to audit a monthly safety dashboard in 30 days, so the numbers reveal control health instead of hiding serious risk behind clean rates.

The thesis is narrow: a KPI is useful only when it changes a decision. If the metric cannot change funding, supervision, maintenance priority, contractor governance, or stop-work authority, it may be a reporting habit rather than a prevention tool.

What you need before starting

Start with the last 12 months of safety dashboards, incident logs, near-miss records, corrective action data, serious-risk assessments, critical-control verification results, audit findings, and management-review minutes. If possible, add one operational leader and one supervisor to the review, because the dashboard must be tested against the work, not only against the spreadsheet.

Across 25+ years leading EHS at multinationals, Andreza Araujo has observed that many organizations do not suffer from a lack of indicators. They suffer from indicators that look precise while leaving leaders unsure about which exposure is getting worse.

Use this audit as a 30-day hygiene review. The goal is not to redesign every metric at once. The goal is to find which numbers create false confidence, which numbers deserve to stay, and which missing measures would help leaders act before the next serious event.

Step 1: define the decision each KPI is supposed to support

For each KPI, write one sentence explaining the decision it should influence. TRIR may support external reporting and trend awareness, but it should not be allowed to decide whether fatal-risk controls are healthy. Training completion may support compliance, but it does not prove that a worker can verify zero energy before maintenance starts.

This first step exposes weak indicators quickly. If the team cannot name the decision, the KPI may exist because it has always existed. Keep the question practical: what would we do differently if this metric moved up or down next month?

Andreza Araujo's Portuguese title Muito Alem do Zero, glossed for English readers as Far Beyond Zero, is useful here because an accident-free month can still be a dangerous month. The absence of injuries is not proof that controls are strong.

Step 2: separate harm measures from control measures

Split the dashboard into harm measures and control measures. Harm measures include recordables, lost-time cases, DART, severity rate, and similar lagging indicators. Control measures show whether the organization is managing the conditions that could produce harm, such as verified critical controls, high-potential near misses, closure quality, repeat findings, exposure hours, and stop-work response time.

The separation matters because many dashboards mix both groups and then treat them as equal evidence. A low injury rate can coexist with weak line isolation, poor contractor prequalification, repeated bypasses, or a maintenance backlog that leaders have normalized.

Use severity rate and underreporting signals as reality checks. If harm rates are clean while weak signals are increasing, the dashboard may be rewarding silence.

Step 3: test whether every leading indicator predicts risk, not activity

A leading indicator should say something about future exposure. Counts of inspections, meetings, training hours, and safety walks are not automatically leading indicators, because volume may rise while risk reduction stays flat.

Review each activity metric and ask what quality condition turns it into prevention. For inspections, the quality condition may be critical-control verification. For training, it may be demonstrated task competence. For safety walks, it may be a verified field correction or a worker-suggested improvement implemented within the month.

This is where control effectiveness metrics become more useful than activity counts. A dashboard that says 96 percent of inspections were completed may still be blind if nobody checked whether the control could actually prevent the event.

Step 4: compare the dashboard with serious-risk exposure

Choose the top five serious injury and fatality exposures in the operation, then mark which dashboard item shows the health of each exposure. For many sites, the list includes energy isolation, vehicle-pedestrian interaction, work at height, confined spaces, lifting, line opening, machine guarding, or contractor work.

If a top exposure has no indicator, the dashboard is not aligned with risk. If the indicator exists but measures only paperwork, the dashboard is still weak. A permit completion rate does not prove that isolation was verified, and a contractor orientation count does not prove that contractor supervision is adequate.

For high-consequence work, connect the review to SIF precursor metrics and critical control verification. Serious-risk exposure needs direct evidence, not indirect reassurance.

Step 5: look for metrics that punish honest reporting

Some KPI designs teach people to hide information. If managers are rewarded mainly for fewer recordables, fewer near misses, fewer findings, or fewer stopped jobs, the organization may be training the system to look clean instead of become safer.

Audit incentives, scorecards, leadership language, and recognition routines. A rise in high-quality near-miss reporting may be good news if it reveals exposure early. A rise in stopped jobs may be good news if supervisors are using authority before the control fails. The context decides whether the movement is a problem or a signal of maturity.

In more than 250 cultural-transformation projects supported by Andreza Araujo's team, one repeated weakness is the dashboard that treats silence as excellence. When the safest-looking unit is also the unit with the weakest field conversations, leaders should suspect the metric before praising the result.

Step 6: check denominator discipline

Every rate depends on a denominator, and weak denominator discipline can distort performance. Hours worked, headcount, exposure hours, contractor hours, production volume, vehicle miles, and task frequency answer different questions. When the denominator is wrong, the comparison becomes misleading.

Review whether the dashboard mixes employees and contractors, whether contractor hours are reliable, whether overtime or shutdown exposure is visible, and whether high-risk tasks are diluted by total site hours. A plant with one major turnaround may look stable in a general rate while exposure has increased sharply in the work that can kill people.

Use this step to define where absolute counts are better than rates. For rare but severe exposures, one uncontrolled bypass or one failed rescue drill may deserve leadership attention even if the rate looks mathematically small.

Step 7: remove vanity metrics from the executive page

The executive dashboard should not be crowded with numbers that make the organization look busy. Remove or demote metrics that do not support a decision, cannot be trusted, duplicate another measure, or reward activity without evidence of risk reduction.

A useful executive page usually needs fewer measures than teams expect. It should show harm trends, serious-risk exposure, critical-control health, corrective action quality, weak-signal movement, and the leadership decisions required this month. The page should point to action, not perform administrative completeness.

The article on the executive safety dashboard is a good companion for this step. The C-level does not need every EHS number; it needs the numbers that prevent blind decisions.

Step 8: add a control-response field to every weak signal

A weak signal is not useful if it ends as a trend line. For every serious weak signal, add the response field: owner, decision, due date, interim control, verification method, and date reviewed by leadership.

This small change separates measurement from management. A high-potential near miss should trigger a control response. A repeat finding should trigger a design or supervision question. A delayed corrective action should trigger resource review, not only a reminder email.

As Andreza Araujo argues in Safety Culture Diagnosis, culture diagnosis must compare what people say, what leaders do, and what the system records. A KPI audit follows the same logic, because the number only matters when it connects to behavior and management consequence.

Step 9: run a one-month pilot before changing the whole system

Select one business unit, one plant, or one serious-risk cluster for a 30-day pilot. Replace weak activity counts with two or three stronger control measures, then review whether the new dashboard changes conversations in the weekly safety meeting.

The pilot should answer three questions. Did leaders understand the risk faster? Did supervisors know what to verify in the field? Did the metric produce a decision that reduced exposure? If the answer is no, the indicator may be technically interesting but operationally weak.

During the PepsiCo South America tenure, where the accident ratio fell 50 percent in six months, the lesson was that leaders had to act on weak signals before harm became the only proof. A pilot gives the organization a low-friction way to test that discipline.

Step 10: document the new KPI rules

Finish the audit by documenting the rules that keep dashboard quality from drifting back to habit. Define each KPI, source owner, formula, denominator, update frequency, decision use, escalation trigger, and retirement rule.

The retirement rule is important. A metric should not live forever because it once mattered. If it no longer changes a decision, if the data source is unreliable, or if a better measure exists, remove it from the main dashboard and keep it only for archival analysis if needed.

Every month with a misleading dashboard teaches leaders to trust the wrong evidence while serious risk keeps accumulating outside the meeting room.

Safety KPI audit checklist

• Can each KPI name the decision it supports?
• Does the dashboard separate harm outcomes from control health?
• Do activity metrics include a quality test?
• Are the top serious-risk exposures visible in the executive view?
• Could any indicator punish honest reporting?
• Are denominators consistent, current, and linked to real exposure?
• Does every weak signal have an owner, response, and verification method?
• Is there a rule for retiring metrics that no longer change decisions?

Conclusion

A safety KPI audit works when it tests each number against decision quality, serious-risk exposure, control health, reporting incentives, denominator discipline, and leadership response. Clean dashboards are not the goal. Better decisions are the goal.

If your organization wants indicators that reveal risk before injury rates move, start with the dashboard you already use, then test whether each measure changes work. Andreza Araujo and ACS Global Ventures can support that diagnostic path so safety metrics serve real prevention, because safety is about coming home.