Our property compliance experts, Richard Broad and Andy James, unpack how organisations can build integrated, auditable systems that adapt to change while maintaining control and traceability.
In health and safety, the term “futureproof” is often used, but not always clearly defined. For duty holders, estates teams, facilities managers, and compliance professionals, it can mean different things depending on the organisation, the asset base, and the regulatory environment. But the core idea is consistent: a futureproof health and safety management system is one that can adapt to change without losing control, traceability, or confidence in the information behind it.
A series of key milestones have shaped expectations over time, including the Health and Safety at Work etc. Act 1974, the Regulatory Reform (Fire Safety) Order, the Corporate Manslaughter Act, the Grenfell Tower tragedy and Hackitt Report, the Building Safety Act, and BS 8674. Together, these developments show a clear trend toward greater accountability, stronger competence expectations, and more robust evidence of control. The UK Government’s health and safety framework continues to reinforce the need for organisations to manage risk and demonstrate compliance effectively.
Futureproofing is more than just compliance checks
A futureproof system is not just a place to store documents. It should support practical resilience by helping an organisation adapt to regulatory and operational change, work across multiple systems and disciplines, maintain data integrity and traceability throughout the lifecycle, and demonstrate the competence of responsible personnel.
Futureproofing should enable organisations to answer the basic questions quickly: who, what, when, and why? Who signed off? What changed? When did it change? Why was the decision made? These are not just administrative questions. They are essential to understanding risk, reducing investigation time, and improving prioritisation.
For multi-site, multi-discipline duty holders, this matters even more. Keeping up-to-date records can be challenging, especially when policies, risk assessments, monitoring records, non-conformities and general record keeping are managed in fragmented ways. This can lead to inefficiencies, audit failures, data gaps and untracked defects or hazards. This is where our all-in-one risk management and compliance platform, Mosaic, can support a more structured approach to property compliance by helping teams bring records and evidence together seamlessly and consistently.
Integration is central to resilience
It’s very clear that silos create problems. Multiple teams running parallel compliance checks can lead to duplication, repeated paperwork, and wasted time. They can also create fuzzy ownership, where people assume someone else is responsible. When that happens, gaps appear.
Fragmented evidence also makes audit trails harder to follow. If records are stored in different places or formats, it becomes difficult for auditors to gather a reliable sequence of events. The result is delay, slower resolution of safety issues, and increased risk to people and assets.
An integrated approach does the opposite. It streamlines processes, reduces duplicated tasks and admin, clarifies accountability, and improves auditability. Consistent, linked records make it easier to demonstrate controls and show regulators or authorities that the organisation has a unified approach to risk management.
The role of the Golden Thread
The Golden Thread is central to this thinking. It is a continuous, auditable data trail linking design, construction and operations. It supports transparency, risk management and decision-making.
So an important question rises: if maintaining the Golden Thread of information for residential properties is challenging, what if this expectation eventually extends to commercial properties, too? While that is presented as a possibility rather than a certainty, it’s a useful prompt for organisations to consider whether their current systems are robust enough to cope with wider expectations.
A futureproof system should be able to support consistent, accurate and auditable records across a portfolio or organisation. That’s why technical design is important. Multiple data sources should be able to integrate via Application Programming Interfaces (APIs), records should be centralised and accurate, and the system should provide real-time risk mapping, audit trails and dashboards. Cybersecurity is also vital—sensitive information must be protected while remaining accessible to the people responsible for managing risk.
Competence is part of futureproofing
The people side is equally important. Futureproofing requires documented evidence of skills, knowledge, attitude, training, and experience, not just a tick-box that someone completed a course. Evidence needs to be auditable and linked to the activities people are responsible for.
This is particularly relevant for treating contractors the same as staff: capture evidence of competence, re-evaluate periodically, and trigger revalidation by time, incidents, or scope changes. Observed work or short reassessments can also be used before permitting work to proceed.
This approach can be supported through a digital competency framework, an evidence log per person, scheduled revalidation alerts, and dashboards. Linked to asset history and the Golden Thread, these records can show who was competent, when, and for which duties. They can also demonstrate whether sufficient staffing was in place for critical duties on a given date.
Practical steps organisations can take now
There are several practical recommendations that organisations can act on immediately:
- Shift from purely periodic compliance checks to continuous monitoring
- Anticipate regulatory changes and align procurement and recordkeeping accordingly
- Invest in both robust digital systems and documented workforce competence
- Ensure systems are user friendly and able to accept integrations or developments
Procurement is especially important. When buying systems or services, organisations should require open APIs, exportable auditable records and flexible data models, so they can adapt if requirements change. Regulatory reviews should also be built into procurement cycles to avoid retrofitting compliance under time pressure.
Futureproofing is not about predicting every future regulation. It’s about creating a health and safety management system that’s integrated, auditable, adaptable, and supported by evidence of competence.
For organisations managing complex, multi-disciplinary responsibilities, that is increasingly the standard worth aiming for. Learn more about how Tetra Tech’s health, safety, and compliance experts can help.
Get in touch with our team today to arrange a demo of our property compliance tool, Mosaic.
About the authors
Richard Broad
Richard Broad is a technical director for fire, health, and safety in the UK.
Richard leads and manages the technical fire, health, and safety team operating across the UK. He has more than 10 years’ experience in risk management from working in various roles such as internal advisor; external lead consultant for complex, commercial clients; and as specialist fire, health, and safety consultant in the built sector. He also has experience in dynamic risk assessments, gap analysis, public protection operations, accident investigation, and provision of face-fit training.
Richard has implemented bespoke support methods for the consultants he leads, establishing benchmarks, and implementing development strategies devised from experience gained through his career. He also has conducted high-level health and safety strategic audits for UK-wide clients and private defence and homeland security organisations.
Andy James
Andy James is a technical director for fire, health, and safety in the UK.
Andy is a highly motivated, experienced, and enthusiastic manager of our fire, health, and safety team. He has more than 20 years of risk management experience working in various roles acting as an internal and external health and safety and fire advisor, with firsthand experience of conducting risk assessments, accident investigations, and carrying out training in the field of fire, health, and safety and asbestos.
Andy has conducted several high-level health and safety strategic audits for a number of UK-wide clients and several high-level Unit/Garrison SHEF audits for the British Army.
