Way Safe Biz Logo

By

Esther Williams

·

Officer Due Diligence: The 7 Questions Every Director Should Answer

If you are a director, owner, trustee, or partner in a New Zealand business, this applies to you. Even if you are not “the safety person.” Under the Health and Safety at Work Act 2015 (HSWA), officers have a legal duty called due diligence. And here’s the important part: You cannot delegate it. You can…

If you are a director, owner, trustee, or partner in a New Zealand business, this applies to you.

Even if you are not “the safety person.”

Under the Health and Safety at Work Act 2015 (HSWA), officers have a legal duty called due diligence.

And here’s the important part:

You cannot delegate it.

You can delegate tasks.
You cannot delegate responsibility.

In this article, we break down officer due diligence in plain English and the 7 questions every director should be able to answer with confidence.

(Quick note: This is general information, not legal advice.)

What Is Officer Due Diligence?

Under HSWA, an officer includes:

  • Company directors
  • Partners
  • Trustees
  • Senior decision-makers

Due diligence means you must take reasonable steps to make sure your business (the PCBU) is meeting its health and safety duties.

It is proactive.
It is ongoing.
It is not “set and forget.”

The 7 Questions Every Director Should Answer

If WorkSafe asked you these questions tomorrow, could you answer clearly?

1️ What are our top health and safety risks?

You should know your biggest risks.

Not in detail — but at a high level.

For example:

  • Working at height
  • Vehicle movements
  • Machinery use
  • Chemicals
  • Public interface

If you cannot name your top risks, that is your first gap.

2️ How are those risks being controlled?

It is not enough to say, “We have a hazard register.”

You should understand:

  • What controls are in place
  • Whether they are practical
  • Whether they are working

High-risk work should have clear systems.

3️ How do we know the system is actually being used?

This is where many directors fall short.

Due diligence requires you to check that systems are:

  • Being followed
  • Reviewed
  • Improved

This might include:

  • Safety reports
  • Incident summaries
  • Audit results
  • Site visit feedback

If you never ask for updates, you are not exercising due diligence.

4️ Are workers properly trained and supervised?

You do not need to run training yourself.

But you should know:

  • How training is tracked
  • Whether high-risk roles have competency evidence
  • Whether supervision is appropriate

Experience alone is not proof.

5️ Are incidents reported and investigated properly?

Ask yourself:

  • Do we have near-miss reporting?
  • Are actions closed out?
  • Do we learn from incidents?

If incidents disappear quietly, your system is weak.

6️ Do we have enough resources for safety?

This is critical.

Due diligence includes making sure the PCBU has:

  • Time
  • Money
  • People
  • Equipment

If safety is always “after the job is done,” leadership needs to adjust.

7️ How do we review and improve performance?

Good governance means regular review.

This might look like:

  • Quarterly safety reviews
  • Board-level reporting
  • Risk trend tracking
  • System updates

Safety performance should be discussed before something goes wrong — not only after.

What Directors Get Wrong Most

We see this often:

  • “That’s the safety manager’s job.”
  • “We have a manual, so we’re covered.”
  • “We haven’t had an incident, so we must be fine.”

Due diligence is not about paperwork.

It is about active oversight.

You do not need to micromanage.
But you must stay informed.

A Simple Due Diligence Reality Check

If you can confidently say yes to these, you are in a stronger position:

  • I know our top risks.
  • I receive regular safety updates.
  • I ask questions about controls.
  • I understand how incidents are managed.
  • I ensure resources are available.
  • I review performance regularly.

If not, the solution is structure — not panic.

Why This Matters

Officer due diligence is personal.

If a serious incident happens and governance cannot show active oversight, directors can face legal exposure.

But done properly, due diligence:

  • Protects workers
  • Protects your business
  • Protects your reputation
  • Protects you

If you want help building a simple governance-level safety structure, we are currently developing a Way Safe Biz DIY Compliance Bundle designed for New Zealand business owners and directors.

You can register your expression of interest here.

Clear oversight. Clear structure. Clear leadership.

🌍 A Note for Businesses Outside New Zealand

While this article references the Health and Safety at Work Act 2015 (HSWA) in New Zealand, the principle of managing risk so far as is “reasonably practicable” exists in many countries.

Australia, the UK, Canada, and several other jurisdictions use very similar risk-based frameworks.

The legal wording may change.
The expectations may vary slightly.
But the core idea remains the same:

Identify the risk.
Assess the level of harm.
Apply proportionate controls.
Document your reasoning.

If you operate outside New Zealand, you can still apply this structured approach — simply align it with your local legislation.

— Esther, Way Safe Biz

Tags:

Leave a comment