Category: Risk Management
But Is It True?
There is a renewed interest in management systems on metrics.
This interest seems to be driven by two organizational concerns – transparency and risk. In particular, it appears to be driven by the risks associated with transparency.
I attended the ISO 9000 Conference earlier this week.
One of the keynote speakers – Bennie Fowler from Ford Motor Company – discussed how Ford has refocused on its core principles in order to achieve a financial turn-around. This includes a re-emphasis on the principle – “Quality is Job #1.” At Ford, quality is now an integral part of executive strategy discussions.
One of the main drivers for this renewed emphasis on quality is transparency.
Due to the “open communication” nature of the intranet, companies can no longer hide their quality problems.
Today, delivering a quality product every time is key to survival. If a company does not, its quality issues are likely to be reported on the intranet for all to see.
Other speakers discussed the on-going shift in focus from product quality to organizational quality. According to surveys, consumers often buy products because of their perception of the company rather than because of any objective evaluation of the quality of a particular product.
This means that organizational risks become marketing risks.
This customer focus on organizational quality is one of the drivers in the increase in corporate sustainability reporting. Customers are interested in whether a company is a good corporate citizen. They want to make sure their brand loyalty is justified.
These sustainability reports often include an occupational safety and health component. This usually consists of “some numbers” associated with injury rates.
But are these numbers true?
If the studies that have been conducted on the accuracy of injury reporting are to be believed, maybe not. (Click here to go to a previous blog post about injury and illness reporting issues.)
Why?
There is no global standardization, no accountability (as in a third-party review of the data or processes used to develop the data) and definitely no transparency for injury and illness metrics. There is no easy way to check the numbers being reported, nor is the information available to do so. Right now, we simply have to take the company’s word for it that these “metrics” are accurate.
Quality is being driven by the risks of transparency; safety is not.
© ENLAR Compliance Services, Inc. (2012)
Objectives & OHSAS 18001
At the end of the year, our attention often focuses on planning – the setting of goals and objectives for the coming year. This can be exciting - plans for launching new projects or products – or it can be depressing - setting aside time to organize old files.
Planning is a key component of an OH&S management system. The planning section of OHSAS 18001 consists of 3 elements –
- Identifying hazards and risks (4.3.1)
- Identifying legal and other requirements (4.3.2)
- Establishing objectives and programs (4.3.3)
Many organizations put a great deal of time and attention into identifying both their hazards and risks and their legal and other requirements. Often, less attention is paid to establishing objectives and programs.
This lack of attention to objectives and programs may be due, in part, to a lack of clarity about how “objectives” actually fit into a management system. This lack of clarity about objectives, and their interrelationship with risk management, has been an issue of much heated discussion. It has lead to a lack of consensus in ISO’s attempt to develop consistent definitions across all of its management system standards (see discussion of ISO’s MSS initiative).
Nature vs. Nuture in Safety
Nature vs. Nurture is an on-going debate in many discussions of individual action. Do we act the way we do because of our genes or our upbringing? Are we who we are as the result of our inherent nature or the behavior of those around us?
This debate impacts occupational health and safety management systems as well. We just don’t call it nature vs. nurture. Instead we discuss safe workplaces (the inherent nature of the workplace) vs. behavior-based safety (the safe or unsafe activities of workers).
Although it is not yet clear how much of who we are is determined by heredity and how much by upbringing, it seems clear that both play a part. As with the “nature vs. nurture” debate, occupational health and safety hazards are created by BOTH unsafe situations AND by unsafe acts. You cannot focus solely on just one or the other in an OHSMS.
OHSAS 18001 makes this clear.
By definition (see OHSAS 18001:2007 3.6), hazards include sources, situations AND acts with the potential for harm. This includes unsafe conditions in the workplace. This ALSO includes unsafe activities on the part of people.
Some organizations seem to forget this distinction when they develop their processes and procedures for hazard identification. They focus almost exclusively on looking at sources of hazards – such as those associated with machinery, facilities, physical stressors and chemical agents. The behavior of people, driven by the psychology of human behavior, is often ignored.
What is being missed? Here are some examples –
OHSMS Principles
Standards are based on principles.
ISO 9001 is based on quality principles. ISO 19011 is based on auditing principles. Last week, I participated in a conference call for ISO 14046 in which we discussed what principles are important to the development of a water footprint. For this discussion we started with the sustainability principles set out in a publication entitled, Guide to Corporate Ecosystem Valuation, which was recently developed by the World Business Council for Sustainable Development.
Just as principles are important for many of the ISO standards, OHSAS 18001 is also based on several principles.
“HELP – I’m out of RAM”
OHSAS 18001 requires that your organization’s procedure for hazard identification and risk assessment take into account “human behavior, capabilities and other human factors”.
Many organizations partially address this requirement by establishing an ergonomics program in order to address physical human factors. Only a few organizations explicitly address mental human factors as a part of their hazard identification and risk assessment.
Yet, mental human factors are very real and can be just as important as physical human factors. In some cases, they are even more important.
The “Human Element” in Risk Assessment
The hazard identification/risk assessment section of OHSAS 18001 (Section 4.3.1) requires that your procedures take into account “human behavior, capabilities and other human factors.”
The need for considering “the human element” was brought home to me by the recent flurry of articles and news reports covering the hazards associated with using cell phones when driving. According to these reports, a study conducted by the National Highway Traffic Safety Administration found that talking on a cell phone while driving is as dangerous as drinking alcohol and driving.
These news reports, and similar ones on the use of tanning beds by teenagers and the lack of hand hygiene in health care, lead me to wonder:
- Why do people use cell phones while they are driving?
- Why do teenagers pay to use tanning beds?
- Why do doctors treat patients without washing their hands?
Why do individuals make such seemingly “irrational” decisions?
Risk Management & the 4th of July
I spent the 4th of July at Disney. It was the first time I have been to Disney in several years. The fireworks display was truly impressive. After the fireworks were over, we made our way back to our hotel using Disney’s transit system. I was once again struck by Disney’s ability to efficiently manage large crowds of people.
Disney Fireworks
Unfortunately, early Sunday morning tragedy struck Disney’s transit system when two monorail trains collided – killing one of the train operators. According to news reports, the Occupational Safety and Health Administration (OSHA) is currently conducting an investigation into this accident.
I was contemplating this accident – and the resulting negative publicity for Disney – as I reviewed the latest draft of ISO 31000 – ISO’s newly developed Risk Management standard.
One of the weaknesses of many risk management programs is failing to fully evaluate the risks associated with events that are rare (low likelihood) but with the potential for severe (highly negative) consequences. In Section 5.5.2, ISO 31000 suggests that such events may warrant risk treatment even when it appears that action may not be justifiable on strictly economic grounds. The typical assumption being that the event will never happen; therefore, the time and money expended to evaluate and address the risk will be wasted.
This monorail accident appears to be this type of an event.
It was clearly rare. According to Disney, this is the first fatal crash in the 38-year history of the monorail’s operation.
Yet, the consequences of this accident are likely to be severe –
- death of an employee
- reduced confidence in – and utilization of – the transit system by guests
- the costs incurred associated with an OSHA fatality investigation – even if no fines are imposed
- negative publicity for a company that is very concerned about maintaining a positive public image
Take ISO 31000’s advice to heart in your own risk management programs – including the risk assessments conducted to meet the requirements of OHSAS 18001. Be sure that your low likelihood risks are evaluated - including those associated with abnormal or unusual activities. As the accident at Disney proved, just because an event hasn’t happened yet, that doesn’t mean it may not happen tomorrow.
© ENLAR® Compliance Services, Inc. (2009)
What is Hierarchy of Controls?
I recently had the following question e-mailed to me – “What is the “Hierarchy of Controls” [referenced in section 4.3.1 of OHSAS 18001:2007] and how do I address it in the hazard control & risk assessment procedure?”
The “hierarchy of controls” is a protocol that you use when deciding what kind of control measures you are going to use to address a particular OH&S hazard. The rationale underlying the “hierarchy of controls” is that an organization should use more reliable control measures rather than measures that are more likely to fail.
Thinking Outside the Bus…No, I Mean Box
One of the requirements of OHSAS 18001 is to identify all of your workplace hazards, including those that may cause “ill health”. This includes illnesses that are made worse by a work activity. This analysis also needs to be extended to individuals beyond the borders of the traditional workplace.
ABC News reported on just such a situation last night. It included a segment on the health implications of driving a school bus and the steps Broward County, Florida has taken to address them.
What did the Broward County School Board do?
Developing an OHSMS Risk Management Strategy
In a previous post, I discussed that there is no single, fill-in-the-blank, process for conducting an OHS hazard identification and risk assessment. Instead, what is needed is an assembly of individual processes that, when taken together, result in a comprehensive OHSMS risk management strategy.
It is equivalent to assembling a meal from an a la carte menu.
So what are your a la carte choices?
They are numerous and varied and include –
- Checklists and questionnaires
- Consequence / likelihood matrices
- Failure modes and effects analysis (FMEA)
- Hazard and operability studies (HAZOP)
- Exposure assessment strategies
- Bayesian analysis
- Ergonomic evaluations
- Computer modeling programs
Just as the key to healthy eating is making wise menu choices, the key to a sound OH&S risk management strategy is choosing the hazard identification and risk assessment tools that are appropriate for your organization.
© ENLAR® Compliance Services, Inc. (2008)
