Category: OHSMS Implementation
Audit Objectives
In last week’s post, I discussed the two types of sustainability audits required by OHSAS 18001. In this week’s post, I am going to focus on the objectives necessary for an effective OHSMS internal audit program.
Just as there are different types of sustainability audits, there are different types of objectives required for management system audits. Importantly, an organization needs both audit program objectives and specific objectives to guide the conduct of each individual audit. Although the audit program objectives and individual audit objectives are related, they are not necessarily identical.
It is important to remember that an audit and an audit program are not the same thing. An audit is a “systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which audit criteria are fulfilled”. An audit program is “set of one or more audits planned for a specific time frame and directed toward a specific purpose”. (Definitions from ISO 19011:2002)
OHSAS 18001 requires that an audit program be established.
An audit program involves more than just doing audits every once and a while. It requires audit planning and it requires the creation of audit procedures. As set out in the note to the definition in ISO 19011 – an audit program includes “all activities necessary for planning, organizing and conducting the audits”.
Sustainability Audits
OHSAS 18001 requires both audits of sustainability and audits for sustainability.
What does this mean? What is the difference?
These two types of audits relate to two different definitions of sustainability.
The first definition, derived from the Brundtland Commission Report’s definition of sustainable development, is “meeting the needs of the present without compromising the ability of future generations to meet their own needs.” Although originally environmentally focused, this concept has evolved to include other components as well. Notably, for occupational health and safety, sustainability is seen as including the actions and conditions that affect all members of society including workers (the “social” component).
The second definition, the dictionary definition, is to “endure without giving way.” This concept of sustainability is focused on survival and maintenance in the face of changing conditions. This is often referred to as management of change. As stated in section 4.3.1.5 of OHSAS 18002, “The organization should manage and control any changes that can affect or impact its OH&S hazards and risks”.
The internal audit element of OHSAS 18001 (section 4.5.5) requires that audits be conducted in order to make the following three types of determinations:
- the OHSMS conforms to the OHSAS 18001 requirements and the organization’s planned arrangements;
- the OHSMS is properly implemented and maintained; and
- the OHSMS is effective in meeting the organization’s policy and objectives.
Many organizations focus almost exclusively on conducting internal audits to determine conformance – the first type of determination listed in section 4.5.5. These organizations often ignore the other two purposes of an internal audit listed in OHSAS 18001 – the requirements for sustainability audits.
Who Decides?
Decision-making is an important part of a management system. In particular, making decisions that appropriately take into account the interests of stakeholders is emphasized in all management systems, including OHSAS 18001.
For a quality management system, the ultimate stakeholder is the customer. The primary focus of a QMS is customer satisfaction. After all, without satisfied customers, there is no business.
For an environmental management system, society-at-large is the stakeholder with laws and regulations establishing societal standards for what is considered adequate pollution prevention. Legal compliance is a required commitment within the organization’s environmental policy and a key focus of an EMS.
In both a QMS and EMS, there are independent stakeholders outside the organization that serve to counterbalance the internal interests of the organization.
For an OHSMS the situation is different. The primary stakeholders – workers who may suffer injury or ill health – are internal to the organization.
Control of Documented Information
In a previous blog, I discussed the new High Level Structure and identical text requirements that has been proposed for all ISO management system standards. One of the proposed changes is to eliminate the document control and record control elements and replace them with a new provision requiring control of “documented information”. Documented information is somewhat vaguely defined in this new scheme as “the information required to be controlled and maintained by an organization”.
Although this may be seen as progressive by those who developed this new management system structure, it is likely to create confusion on the part of users of the standards who are not information management experts.
There are important reasons for distinguishing between the documents that need to be controlled in a management system and record retention requirements. Even though both document control and record control are control of documented information, their purpose and use is very different.
I2P2 & Employee Engagement
Last week I gave a presentation to an industry group on OSHA’s proposed Injury and Illness Prevention Program (I2P2) rule. In my presentation, I focused on the requirements for worker participation within an OHSMS.
One of the questions OSHA raised in its original I2P2 proposal was –
What mechanisms have been found to be effective for enabling employees to participate in safety and health in the workplace?
Worker participation is one of the areas where there are significant differences between OHSAS 18001 and both ANSI Z10 and OSHA VPP.
OSHA VPP and ANSI Z10 focus on employee participation, as defined by the technicality of labor law. OHSAS 18001 focuses instead on worker participation, as defined by the extent of the organization’s control over the work being performed.
Ownership of an OHSMS
I received the following question about the OHSAS 18001 requirements from a reader –
Would you kindly let me know which department should take ownership/responsibility in a manufacturing unit for OHSAS activities implementation, like Lock out –Tag out and etc.
- Health and Safety Dept.
- Maintenance Dept.
- Admin Dept.
- Others?
This is the answer I provided –
Olympic Death – Lessons for an OHSMS
The death of Georgian luger Nodar Kumaritashvili at the beginning the 2010 Olympic Games was tragic.
Even though most workplaces are clearly not the same as an Olympic sports facility, there are “lessons to be learned” from this tragedy for occupational health and safety professionals.
- Arguing whether the individual hurt was at fault is not productive. As the Georgian President Mikheil Saakashvili stated – “…no sports mistake is supposed to lead to a death.” When individuals die as a result of workplace incidents, the sentiment is the same. Blaming the worker is just as counterproductive as blaming an athlete.
- Consideration of ”human factors” is both critical to preventing injury and more difficult and complex than it initially seems.
What are those complexities?
“HELP – I’m out of RAM”
OHSAS 18001 requires that your organization’s procedure for hazard identification and risk assessment take into account “human behavior, capabilities and other human factors”.
Many organizations partially address this requirement by establishing an ergonomics program in order to address physical human factors. Only a few organizations explicitly address mental human factors as a part of their hazard identification and risk assessment.
Yet, mental human factors are very real and can be just as important as physical human factors. In some cases, they are even more important.
Strategy vs. Implementation – Which is Important?
I have been working for over a year with a project team developing a strategy for improving a management system process that is of great importance to that organization. It was a major effort that culminated in a presentation to the executive management team.
They loved it.
That should be great – right?
Well… The problem with an “approved strategy” is that now someone has to implement it.
Out with the Old – In with the New
The start of the New Year is good time to pause, reflect and clean out.
Many organizations use the start of the year as a time to review their OH&S management system objectives and set new ones. If their OH&S programs are lagging in their implementation, new approaches or new assignments are considered.
This is also a good time to address all that PAPER – either physical paper or electronic paper. This includes all those completed hazard evaluation forms, inspection checklists, excel spreadsheets, meeting notices and minutes, e-mails with various interested parties, incident investigations, corrective action reports,….
When I help develop record control processes and procedures for an organization, one of the concepts I try to incorporate is the inclusion of record schedules with record breaks and scheduled clean-out days.
