What is Competency? The Answer Seems Subject To Change.

August 25, 2008

In a previous blog, I discussed the difference between competency and awareness in an occupational health and safety management system (OHSMS).  In that blog, I used the ISO 9000:2000 definition of competence as “demonstrated ability to apply knowledge and skills” since OHSAS 18001:2007 does not include a definition. 

It seems that the appropriate definition of competence is now subject of some debate within ISO and may be subject to being “re-defined.”

Competency is a significant component of at least four standards currently under development within ISO –

  • ISO 10018 – Quality management: Guidelines on people involvement and competencies
  • ISO 14066 – Greenhouse Gases – Competency requirements for greenhouse gas validators and verifiers
  • ISO 17021 Part B – Conformity assessment – Requirements for third-party certification auditing of management systems
  • ISO 19011 (revision) – Guidelines for management system auditing

Interestingly, each of these standards has apparently rejected the dictionary definition, as well as the ISO 9000 definition, and each ISO Technical Committee appears to be in the process of developing its own concept of competence. 

ISO 10018 is apparently focusing on how “human factors” impact the effective functioning of management systems with the definition of competency being passed to a subcommittee.  ISO 14066 is structured to set out detailed lists of the skills and knowledge that must be possessed by GHG verification and validation teams – with the focus on team rather than individual competency.  The initial committee draft of ISO 17021 defined competence as “personal attributes and ability to apply knowledge and skills” with a heavy focus on personal attributes and generic audit skills but essentially no guidance as to the needed discipline-specific knowledge (e.g. quality, environmental, OH&S).  The revision of ISO 19011 has just begun; however, the issue of auditor competency has already been identified as one of the “hot-button issues” associated with revision of this standard.

A review of the various standards and other reference materials appear to set out three different, and distinct, attributes that underlie competency:

  • Attitude and personality traits –who you are
  • Knowledge – what you know
  • Skills – what you can do

Where the ISO standards seem to diverge is in the relative importance to be given to each attribute (personality vs. knowledge vs. skill) as well as in the specifics of what is actually required and how it should be demonstrated.

What do you think?  What is competency?

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in Standards & Certification, Training & Communication Comments 1 Comment »   Trackback This Post

“Data Sprawl” - Not Just an IT Problem

July 21, 2008

An article in the 6/30/2008 issue of CRN Magazine reported on the problem of “sprawl proliferation” associated with the use of virtualization in IT datacenters. Because virtual machines are easy to deploy, they don’t get the same scrutiny as the purchase of physical machines. The result – virtual machines that are not doing any meaningful work and thousands of dollars of assets locked away in computer redundancy.

“Data sprawl” is also a significant concern for OH&S management systems.

In the “good old days,” data was collected, disseminated and stored on paper. It had a physical form. Record control was relatively straight-forward – if you controlled the paper, you controlled the data. Data sprawl had a physical limitation. When paper sprawl reached a certain size, it was pruned back to keep it manageable.

Today, it is different. Data no longer has a physical form – it exists virtually. It is easily and instantly transferred from place to place with the click of a mouse. It exists in multiple forms, in multiple folders, on multiple machines. It is modified and kept in multiple versions – in some case almost indistinguishable from the original. It is printed out multiple times and stored on disks, on flash drives, in folders and 3-ring binders.

The result – DATA SPRAWL – the proliferation of information with no meaningful control.

Just as for IT data centers, there are significant costs associated with this sprawl –

  • Files clogged with multiple copies of documents
  • Time and productivity loss associated with searching for records
  • Redundant files and databases hogging computer space and taking time to maintain
  • Loss of original records in the mass of multiple copies
  • Litigation risk associated with incomplete production of documents or maintenance of records that should have been destroyed

The solution? Implement meaningful record control. Don’t let “data sprawl” engulf you.

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in Uncategorized Comments 0 Comments »   Trackback This Post

Training is a Means - Not an End

June 26, 2008

“Training” is the shorthand term most often used to describe the requirements set out in Section 4.4.2 of OHSAS 18001. In actuality, OHSAS 18001 does not require training. What OHSAS 18001 does require is either competency or awareness. Training is simply a means to an end and it is not the only way to get there.

What is the Difference Between Competence and Awareness?

Competence is the “demonstrated ability to apply knowledge and skills” (see 3.9.12 of ISO 9000-2000). Awareness is defined as “having knowledge.” Awareness is to know something; Competence is the ability to do something. For example, I “have knowledge” (awareness) concerning the installation of ceramic tile but I do not have the demonstrated skill or ability (competence) to do so (as demonstrated by a past home improvement project). I am, however, competent to install wood trim (again, as demonstrated by past performance).

Training to Competence

The primary focus of section 4.4.2 of OHSAS 18001 is competence — ensuring that individuals have the demonstrated skills and abilities needed to perform tasks that can impact occupational safety and health.

Training alone is often insufficient to establish competence. Most training programs do not include the needed demonstration of skills and abilities. Sign-in sheets documenting “seat time” in a training session do not verify competence. On the other hand, a training program is not needed if competence can be established in other ways — for example, by third-party certification or licensing.

So who needs to have demonstrated competence?

  • Individuals with responsibility for establishing, implementing & maintaining the OHSMS
  • OHSMS auditors
  • Individual workers, including contractors, performing dangerous tasks
  • Individuals responsible for workplace conditions that impact OH&S
  • Top management

What competence these individuals need will be the subject of future blog posts.

Developing Awareness

OHSAS 18001 Section 4.4.2 requires that workers have the following types of awareness:

  • The safety and health impacts of assigned tasks
  • What needs to be done to do these tasks safely
  • What will happen if the tasks are not done safely

Again, awareness does not require training. In fact, training may not be the most effective way of establishing awareness. Other methods — signs, e-mail notifications, hand-outs, etc. — are often more effective in communicating the information needed to establish awareness.

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in Training & Communication Comments 1 Comment »   Trackback This Post

"You Will Be Assimilated."

June 24, 2008

One of the interesting, and challenging, issues in developing an OH&S management system is the tension between developing detailed work instructions versus relying on competent individuals to perform critical OH&S tasks.

On one hand, there is the view that all tasks, especially important ones, need to be reduced to written work instructions.  After all, the person performing these tasks might “win the lottery” and never return to work.  On the other hand, there is the view that it is more important to have competent people performing critical tasks.  The example — “If you were going to have brain surgery, would you want a surgeon who is competent or an individual who is simply following a set of written work instructions?”

This conflict of views was recently brought into focus for me.  A senior manager in a company suggested that the work being done by the OH&S staff should be reduced to “work instructions that anyone can follow” for entry into the company’s preventive maintenance program.

This suggestion made me stop and ask myself the following questions –

Can OH&S professionals be replaced by a preventive maintenance (PM) program?

OH&S professionals are not the first, or only, ones that face being replaced by computer programs.  Accountants have faced it with the growth and acceptance of tax preparation software.  Lawyers have faced it with do-it-yourself wills and contracts programs.  Doctors are facing it with improved medical diagnosis software.  Every knowledge worker is facing the prospect that at least some aspect of their “professional practice” will be replaced by a computerized software system.  Therefore, at least in part, OH&S professionals likely can be replaced by a PM program.

Should they be?

This question is much more difficult to answer. It brings me back to the title of this post — “You will be assimilated.”  As Star Trek fans know, this quote is the message sent by the Borg when they targeted a new species for integration into “the collective.”  Once in the collective, individual independence was lost. Conformance replaced creativity.

The fundamental issue in determining whether professionals should be replaced by computer programs is whether there is value in the “independent creativity” that cannot be assimilated into a computerized system.  At least for now, I am much more comfortable relying on competent OH&S professionals than on work instructions entered into a PM program.

What do you think?

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in OHSMS Implementation Comments 0 Comments »   Trackback This Post

OHSAS 18001 & ISO’s Risk Management Standards

June 19, 2008

As discussed in previous posts, OHSAS 18001:2007 has a foundation based on risk management principles.

To meet the OHSAS 18001 requirements, an organization must:

  • Identify its OH&S hazards
  • Assess the risks associated with the OH&S hazards that are identified
  • Determine the controls that are necessary to reduce OH&S risks to an acceptable level

Identification of OH&S hazards and assessment of the associated risks is one of the primary inputs for setting objectives for continual improvement, identifying training needs and establishing operational controls.

The risk management foundation of OHSAS 18001 is not explicitly found in either ISO 9001 or ISO 14001.   ISO 9001 focuses on identifying customer requirements and achieving customer satisfaction; ISO 14001 focuses on identifying environmental aspects and prevention of pollution.  Although risk management is important to quality and environmental management, neither ISO management system standard explicitly addresses this.

Interestingly, ISO is currently in the process of developing several risk management standards.  According to ISO, these standards are intended to provide guidance to assist organizations in managing risk - including safety and environmental risk.  In addition, according to its Scope statement, ISO 31000 is intended to “harmonize risk management processes and definitions in existing and future standards.”

The ISO risk management standards currently under development include the following:

  • Substantial changes to the definition of risk in Guide 73 - Risk management - Vocabulary - Guidelines for use in standards
  • Drafting of a new “strategic-level” risk management standard - ISO 31000 - Risk management - Principles and guidelines on implementation
  • Adoption of an IEC standard outlining risk assessment methods as an ISO standard - ISO 31010 - Risk Management - Risk Assessment Techniques
  • Drafting of a new standard on risk assessment of structures - ISO 13824 - General principles on risk assessment of systems involving structures

This ISO standard-setting activity raises a couple of interesting questions –

  1. Will future revisions of ISO 9001 and ISO 14001 include a risk management focus as well?
  2. Might risk management become the unifying foundation for an integrated management system standard?

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in Risk Management, Standards & Certification Comments 2 Comments »   Trackback This Post

Let’s Not Kill Our Responders

June 16, 2008

June 1 marked the beginning of the 2008 Hurricane Season.  Both individuals and organizations in Florida are being urged to review and update their emergency plans to ensure we are ready in case a serious storm comes our way this year.  There are articles in the paper on ensuring that our pets are save, putting together our “Grap-and-Go Kits” and hurricane-proofing our landscaping.

 

So what does that have to do with an occupational safety and health management system?

 

A great deal, as it turns out.

 

As I mentioned in my last post, I attended the annual AIHce two weeks ago.  The keynote speaker on Wednesday morning was Dr. Robin Herbert.  She is the director of the World Trade Center Medical Monitoring Program Data and Coordination Center with the Mount Sinai Medical Center in New York, New York.

 

Her presentation covered, in sometimes graphic detail, the on-going health impacts to those who responded to the World Trade Center (WTC) attack on 9/11.  This includes both physical and psychological health effects – including respiratory disease, stomach problems and post-traumatic stress disorder (PTSD).  Some of these effects are the result of the fact that individuals worked long hours, ate their meals and slept outdoors at the site – in effect having 24/7 exposure to a toxic environment.

 

Dr. Herbert ended her presentation with a list of recommendations that every organization should consider in their annual review of their emergency plan to prevent future impacts to the health of their emergency workers and first responders:

  • Ensure that each person has, and is trained to use, appropriate personal protective equipment

  • Include the steps (and supplies) necessary to define a “boundary” around areas that are not safe and limit access to those areas

  • Limit the time individuals spend in emergency response and in areas with unsafe exposures

  • Record the name of each individual who participates in the emergency response in case future follow-up is needed

  • Take action to prevent and address psychological as well as physical trauma

Just as we have learned for confined space entry, we need to be aware that emergency response to disaster events can kill or maim responders.  We need to have plans in place to prevent this from happening – before the disaster occurs.  In other works - we need to include emergency response as part of an OH&S management system.

 

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in Emergency Planning, OHSMS Implementation Comments 0 Comments »   Trackback This Post

Three HSE Strategies

June 11, 2008

I attended the annual American Industrial Hygiene Association conference (AIHce) last week in Minneapolis, Minnesota.

There were many excellent sessions covering a wide range of topics important to the practice of industrial hygiene.  In particular, the Tuesday morning general session focused on demonstrating the value of the industrial hygiene profession and included a presentation by Jeffrey P. Pino, President of Sikorsky Aircraft Corporation.

In his presentation, Mr. Pino stated that there are three strategies important to a successful HSE (health, safety and environmental) program:

  • Leadership Commitment
  • Employee Engagement
  • Risk Management

These three strategies are also critical to the implementation of an occupational safety and health management system based on OHSAS 18001:2007. Read the rest of this entry »

Category Posted in OHSAS 18001:2007 Revisions, OHSMS Implementation, Risk Management Comments 0 Comments »   Trackback This Post

What is OHSAS 18002?

June 9, 2008

I had a reader ask me: ”How can I learn more about the development of the OHSAS 18002 standard?”

OHSAS 18002 is entitled Occupational health and safety management systems –Guidelines for the implementation of OHSAS 18001:2007.  It is a companion standard to OHSAS 18001:2007.

This standard is currently in the process of being revised and it is out for public comment as a second committee draft (CD2) until August 1, 2008.  This standard will likely be finalized and published before the end of 2008 by BSI.

Whereas OHSAS 18001 is specifically intended to be used for third-party certification, OHSAS 18002 is not.  It is instead intended to provide generic advice concerning the application of OHSAS 18001.  The standard is formatted to set out the text of OHSAS 18001 by section and then explain the requirements of each section of the standard.  The overall purpose is to aid in the understanding and implementation of OHSAS 18001.

To achieve this purpose, OHSAS 18002 sets out lists of items that an organization should consider in implementing the various sections of OHSAS 18001.  For example, in establishing and implementing operational controls (section 4.4.6 of OHSAS 18001), OHSAS 18002 includes bulleted lists of the various types of control measures that could be used for areas such as the following:

  • performance of hazardous tasks
  • use of hazardous materials
  • purchasing of goods, equipment and services
  • handling of external personnel or visitors in the workplace.

OHSAS 18002 contains a great deal of guidance about the identification of OH&S hazards, assessing the risks associated with these hazards and the determination of appropriate operational controls to control these risks.  This additional guidance is being provided in OHSAS 18002 because section 4.3.1 of OHSAS 18001 was significantly modified and expanded in the 2007 revision of the standard.

There are specific sections in OHSAS 18002 that cover the following:

  • Developing a methodology and procedures for hazard identification and risk assessment
  • Hazard identification
  • Risk assessment
  • Management of change
  • Determining the need for controls
  • Recording and documenting the results of the hazard identification and risk assessment
  • On-going review

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in OHSMS Implementation, Standards & Certification Comments 1 Comment »   Trackback This Post

Traditional Safety Programs vs. OH&S Management Systems

November 27, 2007

Many organizations are moving away from the traditional approach of handling occupational safety and health issues through a number of separate safety programs.  Instead, they are pushing their OH&S professionals to develop and implement an OH&S management system that is integrated with the other management systems in use within the organization.

How is this approach different?

In the traditional safety program, there are often separate programs for hazard communication, personal protective equipment, equipment lockout/tagout, fire safety, etc.  Each of these written programs sets out its own unique requirements — for training, recordkeeping, inspection, etc.   Often, these programs are heavily based on restating the requirements set out in applicable OH&S regulations.  This can result in a duplication of effort and lack of coordination with other organizational processes (e.g. different training programs, different emergency plans, different recordkeeping approaches, lack of document control, etc.).  This approach also promotes the development an occupational health and safety ”silo” separate from other business functions.  In many cases, safety and health is viewed as being solely the responsibility of the OH&S professionals.

In a management system approach, the emphasis is on developing interrelated processes for managing occupational health and safety hazards and risks throughout all levels and functions of the organization.  Everyone is held accountable for all of their individual management system responsibilities — including those related to OH&S.  The emphasis is on developing integrated processes for handling common tasks such as managing training, document and record control and tracking corrective and preventive actions.  Safety and health becomes part of everyone’s job.

This management system approach is new for many OH&S professionals.

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in OHSMS Implementation Comments 0 Comments »   Trackback This Post

A Contrast in Views

October 26, 2007

I was struck by the contrast between two news stories that came out in the last week reporting on occupational injuries and illnesses – one in the United States and one in India.

The first was a press release from the American Society of Safety Engineers (ASSE) in which the President of ASSE applauded the apparent drop in workplace injuries and illnesses recently reported by the US Bureau of Labor Statistics.  According to the preliminary BLS report, the overall rate of both fatal and non-fatal work injuries in the United States dropped in 2006.  Acccording to the BLS press release, there were 153 fatalities from expsoure to harmful substances or environments for all US workplaces in 2006.

The second was a news report from the Indian Express entitled “Ticket to Hell” that reported that 227 sanitary workers employed by the Pune Municipal Corporation died in just the last 30 months.  This news report goes on to ask: ”[I]sn’t it incredible that an occupation as horrifying as cleaning the sewers of the city in the most primitive fashion possible should need a newspaper report to ensure something as basic as protective gear and health insurance for those who risk limb and lung every minute of their working life?”

© ENLAR® Compliance Services, Inc. (2007)

Category Posted in Uncategorized Comments 0 Comments »   Trackback This Post

« Previous Entries