top of page

Internal Audits That Reveal How Your System Actually Works

We conduct ISM, ISPS, and MLC internal audits as operational assessments. We focus on how work is really done onboard, how decisions are made, and whether your systems actually control risk.

Internal Audits are Done, But are They Telling You the Truth?

Most internal audits are completed as planned, but they don’t always answer the question that matters: does the system actually work in practice?

 

If not, you might recognize the following patterns:

  • Internal audits confirm compliance, but not operational reality

  • Findings are recorded, but the same issues keep returning

  • Procedures are reviewed, but not tested in practice

  • Documentation is checked, while real risks remain in operations

  • Familiar systems are audited, but critical blind spots are missed

  • Reports are completed, but management is left without real clarity

You may pass audits.

But still not be confident in your system.

Internal Audits That Reveal How Your System Actually Performs in Practice

We conduct internal audits as operational assessments, designed to test how your system works in reality. Instead of only reviewing documentation, we evaluate how procedures are applied, how decisions are made onboard, and whether controls actually function as intended within your Safety Management System.

Our audits are designed to:

  • Test how procedures are applied in real operations

  • Identify gaps between documentation and practice

  • Reveal systemic weaknesses, not just isolated findings

  • Provide clear, actionable insight for improvement

Gain understanding on how your system behaves under real conditions.

Auditing Expertise Combined With Operational Understanding

Ilmarine is founded by a Chief Engineer with over a decade of operational experience at sea and formal Lead Auditor training in ISM, ISPS and MLC systems.

 

We know:

  • How work is actually performed onboard

  • Where systems typically fail in practice

  • How internal audits should support improvement, not just verification

 

We don’t audit to “find something.”

We audit to understand how your system works, and where it breaks.

How We Can Help You With Your Internal Audit Procedure

Image by John

1.
Plan & Scope the Audit

We define the scope (ISM, ISPS, MLC or combined) and align audit execution with your operations.

two Engineering worker on oil tanker shi

2.
Execute Operational Audit

We conduct structured onboard and shore-based audit:

  • Interviews across all levels

  • Observation of real operations

  • Verification of records and documentation

  • Testing alignment between system and practice

Image by wjpzlvr

3.
Report & Support Improvement

We provide you with clear findings, structured reports, and practical recommendations for improvement.

What Our Audits Actually Cover

Our audits follow a structured operational framework across all core system areas.

 

For ISM, this includes full system coverage, from governance and risk management to operational control, maintenance, emergency preparedness, and continuous improvement.

 

For ISPS, we assess how ship security is managed in practice, including access control, ship–port interface, threat awareness, drills, and response capability.

 

For MLC, the focus shifts to real working and living conditions, verifying how seafarer welfare systems function beyond documentation.

 

Across all audits, the objective is consistent:

Understand the gap between “what is written” and “what actually happens.”

How the Audit Is Conducted

Our audits are not limited to document review.

 

Our audits are structured as full operational assessments, including:

  • Pre-review of documentation and previous findings

  • Interviews with Master, officers, and crew

  • Physical walkthroughs (bridge, engine room, accommodation, deck)

  • Observation of work execution and control practices

  • Verification of records against real conditions

In combined audits, we integrate all three systems into one structured execution, so that interviews and observations are conducted once, but assessed across ISM, ISPS, and MLC perspectives.

What You Receive

After the audit, you receive:

  • Structured audit report (ISM / ISPS / MLC or separate reports)

  • Clear findings categorized (NC, Observation, Improvement)

  • Practical explanation of each finding, not just references

  • Identification of systemic issues, not only isolated gaps

  • Recommendations aligned with real operations

 

Where needed, we can also support you with:

What Is an ISM, ISPS and MLC Internal Audit?

Internal audits under ISM, ISPS and MLC are required to verify that your management systems are effectively implemented and maintained.

 

In practice, this means:

  • Verifying compliance with regulatory requirements

  • Assessing how procedures are applied onboard

  • Identifying gaps between documentation and operations

  • Ensuring corrective actions are implemented and effective

However, many internal audits focus primarily on documentation and checklist verification, without fully assessing how the system performs in real operations.

 

This is where a structured, operationally focused audit approach provides significantly more value.

When to Use a Third-Party Internal Auditor

Companies typically bring in external auditors when:

  • Internal audits are completed, but confidence is still missing

  • The same findings keep repeating without real resolution

  • There is limited time to properly plan and execute audits

  • External inspections or audits are approaching

  • An independent, objective view is needed

 

A third-party audit provides both structure and objectivity—helping you see what internal processes may overlook.

Audit Options

Individual Audits

  • ISM Internal Audit

  • ISPS Internal Audit

  • MLC Internal Audit

Combined Audits

A fully integrated ISM / ISPS / MLC audit conducted as one structured process:

  • Reduced duplication of interviews and activities

  • Better visibility of system interactions

  • More efficient use of onboard time

What Makes Us Different

Most internal audits answer:

“Are we compliant?”

 

Our audits answer:

“Does the system actually work?”

 

We focus on:

  • Control integrity (not just documentation)

  • Real behavior onboard

  • Decision-making under operational conditions

  • Alignment between procedures, risk assessments, and execution

Frequently Asked Questions

What is the difference between internal and external audits?

Internal audits are conducted by or on behalf of the company to verify system effectiveness, while external audits are performed by flag states or third parties for certification.

Can ISM, ISPS and MLC audits be combined?

Yes. A combined audit allows all systems to be assessed in one structured process, reducing duplication while maintaining full coverage.

 

How long does an internal audit take?

Depending on vessel size and scope, audits are typically conducted over one to several days.

This executive-level diagnostic tool is designed for DPAs, technical managers, and operational leaders who want to evaluate the structural integrity of their high-risk work controls. The review focuses on ownership, verification, integration, and operational clarity instead of superficial compliance.

Download the Executive Review

Understand How Your System Performs in Reality

If you want internal audits that go beyond compliance and provide real operational insight, we can help.

Proportionate to your operational complexity and system maturity.

bottom of page