Embed Size (px)
Citation preview
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 1 / 21
D 18
OHSAS 18001 readiness
Goal 1 Scope and steps 2 Standards and definitions
2.1 Standards 2.2 Definitions
3 Process approach 3.1 Process
3.1.1 Management process 3.1.2 Realization process 3.1.3 Support process
3.2 Process mapping 3.3 Process approach
4 Requirements 4.1 General requirements 4.2 OH&S policy 4.3 Planning
4.3.1 Hazard identification 4.3.2 Legal and other requirements 4.3.3 Objectives and programmes
4.4 Implementation 4.4.1 Resources 4.4.2 Competence 4.4.3 Communication 4.4.4 Documentation 4.4.5 Control of documents 4.4.6 Operational control 4.4.7 Emergency situations 4.5 Checking 4.5.1 Monitoring and measurement 4.5.2 Evaluation of compliance 4.5.3 Incident investigation 4.5.4 Control of records 4.5.5 Internal audit 4.6 Management review Annexes
Goal of the module: Readiness for implementation, certification, maintenance and improvement of your occupational health and safety management system in order to:
increase satisfaction of interested parties control occupational health and safety risks meet legal and regulatory requirements
OHSAS 18001 readiness PQB D 18 S
2 / 21 www.pqweb.eu
1 Scope and steps
The first laws on health and safety at work emerged in France in the late nineteenth century.
According to the International Labour Organization (tripartite UN agency to promote decent work throughout the world) there are approximately 270 million occupational accidents each year and 160 million cases of occupational diseases in the world. The concept of decent work implies safe work which leads to the economic well-being of people.
One proven way to protect workers is to establish an occupational health and safety (OH&S) management system.
For France, the integration of occupational risk assessment (related to health and safety of workers) in the management of each company since 2001 is an obligation of the Labour Code (R4121-1).
The structure of the OHSAS 18001 standard is very close to international standards ISO 9001 and ISO 14 001. The similarities are numerous and this is one reason for using OHSAS 18001 in integrated QSE (Quality, Safety and Environment) management systems.
The OHSAS 18001 standard is voluntary and generic as it can be applied to the management system any organization, without limitations about size, activity or type.
For this it is sufficient that the occupational health and safety management system (OHSMS) be:
determined implemented maintained improved and compliant with
o developed OH&S policy o requirements of the OHSAS 18001 standard
A well-prepared approach is half successful
The approach to implementing an OH&S management system goes through several steps. An example of preparation is shown in Figure 1-1.
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 3 / 21
Figure 1-1. OHSMS preparation
Step one contains the determination of the needs and expectations (requirements) of interested parties (internal and external). The involvement of top management at its highest level is truly indispensable. The advice of a consultant is often solicited. A status of the management system (or what exists of it) would be welcome at this stage. An external certification body is chosen.
One of the key questions which comes up quickly (step 2) is the need for this decision. If this is really unnecessary or if the estimated costs of the certification approach exceed the available resources, it is better to give up the idea right now.
The benefits of implementing an OH&S management system are often:
improved image of the organization reinforced staff safety reduced or eliminated incidents increased confidence of interested parties reduced production costs reduced insurance costs better preparation for emergencies the prevention of hazards becoming routine staff is aware, consulted, motivated and proud high level of risk control good practices valorised commitment profitable for all legal OH&S obligations up to date
The benefits of the certification of an OH&S management system are often:
new customers
increased market share
increase in sales
better financial performance
OHSAS 18001 readiness PQB D 18 S
4 / 21 www.pqweb.eu
More than one and a half million businesses worldwide can not be wrong!
The internalization of the spirit of the principles and requirements of a standard significantly improves the overall performance of your business, especially when it is not considered as a constraint.
The third step shall determine whether this approach receives the approval of the staff. A communication campaign is launched in-house on the objectives of an occupational health and safety management system (OH&SMS). The staff is aware and understands that without their participation the project cannot succeed.
Have confidence, success will come with the involvement and effort of all!
The vision (what we want to be), the mission (why we exist) and the business plan of the organization are set. The next step (4) begins with a preliminary analysis of legal and regulatory requirements and continues with the establishment of an outline of the OH&S policy and OH&S objectives. If you do not have a copy of the OHSAS 18001 standard, now is the time to get it (cf. sub-clause 2.1 of the present course).
Planning is the last step (5) of the project preparation for obtaining OHSAS 18001 certification. A reasonable period is between 6 to 12 months (each organization is unique and specific). A management representative is appointed project leader. Top management commitment is formalized in a document communicated to all staff.
The establishment and implementation of an OHSAS 18001 OH&S management system are shown in figure 1-2.
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 5 / 21
Figure 1-2. OHSMS implementation
Step 1 aims to identify and determine the OH&S objectives and programmes. The outline of the OH&S manual is written down (the manual is not mandatory).
In step 2 the resources to achieve the OH&S objectives are set. Planning tasks, responsibilities and time frames are established. Internal staff and subcontractors are aware of potential hazards. Training of internal auditors is taken into account.
Step 3 allows you to establish early versions of procedures, documents and records related to the OH&S management system with the participation of the maximum number of available persons.
Operational control happens in step 4. The activities associated with identified hazards are planned and implemented. Internal and external communications are established and formalized. A legal watch is developed.
Emergency situations with potential impacts on occupational health and safety are listed in step 5. The responses (action and reaction) to emergencies are put in place and documented.
To conduct the pre-audit of the OHSMS (step 6) documents such as the OH&S manual, procedures and others are checked and approved by the competent authorities. A management review evaluates whether applicable requirements are met. The OH&S policy and objectives are finalized. An OH&S manager from another company or a consultant can provide valuable feedback, suggestions and recommendations.
When the system is accurately implemented and followed, the certification of the OHSMS by an external body is a breeze, a formality (step 7).
An appropriate method for evaluating the performance of your OH&S management system is the RADAR logic model of excellence EFQM (European Foundation for Quality Management) with its 9 criteria and overall score of 1000 points.
OHSAS 18001 readiness PQB D 18 S
6 / 21 www.pqweb.eu
2 Standards and definitions
2.1 Standards
The standard BS OHSAS 18001: 2007 Occupational health and safety management systems - requirements is neither an ISO nor a French standard. Many certification bodies (AFAQ, BSI and others) use the standard to certify companies and some were part of the development group (BSI, LRQA ...).
The specification OHSAS 18002: 2008 Occupational health and safety management systems - guidelines for the implementation of OHSAS 18001: 2007 is the guide for the implementation of the standard.
Practical recommendations are in the guidelines ILO - OSH 2001 "Guidelines on occupational safety and health management systems", freely available from International Labour Organisation – ILO (pdf, 286 kB, 40 pages).
As seen in Annex A of OHSAS 18001: Correspondence between OHSAS 18001:2007, OHSAS 18001:2004 and ISO 9001:2000 there are many similarities in form and content. This shows that a company that developed one of the standards can easily implement a second one.
Another demonstration of the close relationship between these management systems is the common standard ISO 19 011 (2011): Guidelines for auditing management systems.
All these standards and many more can be ordered in electronic or paper format on the ISO site. More than 28 000 standards (in English and other languages) are available on the Public.Resource.Org site.
The process approach is one of the basic principles of OHSAS 18001. The PDCA cycle (Plan, Do, Check, Act) applies to any process with an OH&S impact as shown in the Deming cycle:
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 7 / 21
Figure 2-1. Deming cycle for continual improvement
Plan: prepare the OH&S policy, identify hazards, assess risks, determine objectives and programmes (OHSAS 18001, sub-clauses 4.2 and 4.3)
Do: develop, implement processes, procedures, training, prevention, response to emergencies (OHSAS 18001, sub-clause 4.4)
Check: compare, inspect, verify, assess, measure the level of objectives, conduct audits (OHSAS 18001, sub-clause 4.5)
Act: improve, adjust, adapt, decide, react with actions or find new improvements (new PDCA) (OHSAS 18001, sub-clause 4.6)
For more information on the Deming cycle and his 14 points of management theory you can consult the classic book "Out of the crisis" W. Edwards Deming, MIT press, 2000.
2.2 Definitions
The beginning of wisdom is calling things by their proper names. Chinese proverb
Some terms and definitions used in relation with the OHSMS:
Acceptable risk: risk reduced to a tolerable level Accident: undesired event causing death or health and environmental damages Conformity: fulfilment of a specified requirement Continual improvement: process to enhance performance Customer: anyone who receives a product Hazard: situation that could lead to a potential incident Incident: undesired event that could lead to health damages Interested party: person or group that can affect or be affected by an organization Management system: set of processes allowing objectives to be achieved
Nonconformity: non-fulfilment of a specified requirement Occupational health and safety (OH&S): everything that can influence the wellbeing of the personnel in a company Occupational health and safety management system: set of processes allowing occupational health and safety objectives to be achieved OHSAS: Occupational Health and Safety Assessment Series Organization: structure that satisfies a need Process: activities which transform inputs into outputs Product (or service): outcome of a process or activity Risk: probability of occurrence of a potential hazard Safety: aptitude to avoid an undesired event Supplier: entity that provides a product In the terminology of management systems do not confuse:
accident and incident o an accident is an unexpected serious event o an incident is an event which can lead to an accident
anomaly, defect, dysfunction, failure, nonconformity, reject and waste o anomaly is a deviation from what is expected o defect is the non-fulfilment of a requirement related to an intended use o dysfunction is a degraded function which can lead to a failure o failure is when a function has become unfit o nonconformity is the non-fulfilment of a requirement in production
OHSAS 18001 readiness PQB D 18 S
8 / 21 www.pqweb.eu
o reject is a nonconforming product which will be destroyed o waste is when there are added costs but no value
audit, inspection, auditee and auditor o an audit is the process of obtaining audit evidence o an inspection is the verification of the conformity of a process or product o an auditee is the one who is audited o an auditor is the one who conducts the audit
audit programme and plan o an audit programme is the annual planning of the audits o an audit plan is the description of the audit activities
calibration and gauging o calibration is the verification of a value found related to a standard (troy weight) o gauging is the positioning of reference marks
control and optimization o control is the achievement of an objective o optimization is the search for the best possible results
customer, subcontractor and supplier o a customer receives a product o a subcontractor provides a service or a product on which a specific work is
done o a supplier provides a product
effectiveness and efficiency o effectiveness is the level of achievement of planned results o efficiency is the ratio between results and resources
follow-up and review o follow-up is the verification of the obtained results of an action o review is the analysis of the effectiveness in achieving objectives
inform and communicate o to inform is to give someone meaningful data o to communicate is to pass on a message, to listen to the reaction and discuss
organization and enterprise, society, company o organization is the term used by the ISO 9001 standard as the entity between
the supplier and the customer o enterprise, society, company are examples of organizations
process, procedure, product, activity and task o a process is how we satisfy the customer using people to achieve the
objectives o a procedure is the description of how to conform to the rules o a product is the result of a process o an activity is a set of tasks o a task is a sequence of simple operations
Remark 1: the use of OHSAS 18001 and ISO 9000 definitions is recommended. The most important thing is to determine for everyone in the organization a common and unequivocal vocabulary.
Remark 2: the customer can be also the user, the beneficiary, the trigger, the ordering party, the consumer.
Annex 05 specifies the frequency of use of certain keywords contained in the OHSAS 18001 standard.
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 9 / 21
For other definitions, comments, explanations and interpretations which you don’t find in this module and in annex 06 you can consult:
ISO 9000: 2005 - Quality management systems. Fundamentals and vocabulary, (ISO, 2005)
Introduction and support package: Guidance on the Terminology used in ISO 9001 and ISO 9004 (Document ISO/TC 176/SC 2/N 526R2, 2008)
Books for further reading on OH&S systems:
Willie Hammer, Occupational Safety Management and Engineering, Prentice hall, 1975
Thomas Anton, Occupational Safety and Health Management, McGraw Hill, 1989
David Goetsch, Occupational Safety and Health, Prentice Hall, 1996
Joe Kauzek, OHSAS 18001: Designing and Implementing an Effective Health and Safety Management System, Government Institutes, 2007
David Smith et al, Managing Safety the Systems Way: Implementing BS OHSAS 18001:2007, BSI Standards, 2008
Naeem Sadiq, OHSAS 18001 Step by Step: A Practical Guide, IT Governance Publishing, 2012
When I think of all the books still left for me to read, I am certain of further happiness.
Jules Renard
OHSAS 18001 readiness PQB D 18 S
10 / 21 www.pqweb.eu
3 Process approach
3.1 Process
The word process comes from the Latin root procedere = go, development, progress (Pro = forward, cedere = go). Each process transforms inputs in outputs creating added value and potential nuisances. A process has three basic elements: inputs, activities, outputs. A process can be very complex (launch a rocket) and relatively simple (audit a product). A process is:
repeatable foreseeable measurable definable dependent on its context responsible for its suppliers
A process is determined among others by its:
title and type purpose (why?) beneficiary (for whom?) scope and activities initiators documents and records inputs outputs (intentional and not intentional) constraints people material resources objectives and indicators person in charge (owner) and actors (participants) means of inspection (monitoring, measurement) mapping interaction with other processes risks and potential deviations opportunities for continual improvement
A process review is conducted periodically by the process owner.
The components of a process are shown in figure 3-1:
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 11 / 21
Figure 3-1. Components of a process
Figure 3-2 shows an example that helps to answer some questions:
which materials, which documents, which tools? (inputs) which title, which activities, requirements, constraints? (process) which products, which documents? (outputs) how, which inspections? (methods) what is the level of performance? (indicators) who, with which competences? (people) with what, which machines, which equipment? (material resources)
Figure 3-2. Some elements of a process
Often the output of a process is the input of the next process.
You can find some examples of process sheets in the document pack D 02.
OHSAS 18001 readiness PQB D 18 S
12 / 21 www.pqweb.eu
Any organization (company) can be considered as a macro process, with its purpose, its inputs (customer needs and expectations) and its outputs (products/services to meet customer requirements).
Our preference is to identify a process using a verb (buy, produce, sell) instead of a noun (purchases, production, sales) to differentiate the process from the company's department or procedure and recall the purpose of the process.
The processes are (as we shall see in the following paragraphs) of management, realization and support type. Do not attach too much importance to process categorizing (sometimes it's very relative) but ensure that all the company's activities fall at least into one process.
3.1.1 Management processes
Management processes are also known as piloting, decision, key or major processes. They are part of the overall organization, elaboration of the policy, deployment of the objectives and all required checks. They are the glue of all the realization and support processes.
The following processes can be part of this family:
develop strategy develop policy deploy objectives plan the OHSMS acquire and manage resources establish process ownership identify hazards manage risks conduct management review conduct an audit communicate improve measure satisfaction of interested parties
3.1.2 Realization processes
The realization (operational) processes are related to the product, increase the added value and contribute directly to customer satisfaction. They are mainly:
design and develop purchase produce apply control means inspect (verify) receive, store and deliver control nonconformities investigate incidents implement preventive and corrective actions prevent emergencies
3.1.3 Support processes
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 13 / 21
The support processes provide the resources necessary for the proper functioning of all other processes. They are not directly related to a contribution of the product's added value, but are still essential.
The support processes are often:
control documentation analyse risks study hazards provide training acquire and maintain infrastructure keep the legal watch up to date manage inspection means keep accountability manage staff
3.2 Process mapping
The process mapping is par excellence a multidisciplinary work. This is not a formal requirement of the OHSAS 18001 standard but is always welcome.
The 3 types of processes and some interactions are shown in figure 3-3:
OHSAS 18001 readiness PQB D 18 S
14 / 21 www.pqweb.eu
Figure 3-3. Process house
Examples of interested parties: investors, customers, employees, suppliers, society.
Do not underestimate the costs associated with hazards and risks.
The mapping among other things lets you:
obtain a global vision of the organization identify the beneficiaries (customers), flows and interactions define rules (simple) for communication between processes
To obtain a clearer picture you can simplify by using a total of about fifteen core processes. A core process can have several sub-processes, for example a process "develop the OHSMS" can contain:
develop strategy develop policy manage risks plan the OHSMS
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 15 / 21
deploy objectives acquire resources establish process ownership improve
Two other process examples (design, figure 3-4 and produce figure 3-5):
Figure 3-4. Design process
Figure 3-5. Produce process
3.3 Process approach
OHSAS 18001 readiness PQB D 18 S
16 / 21 www.pqweb.eu
Simple solutions for now, perfection for later
The process approach contributes enormously to the efficient management of the organization.
Process approach: management by the processes to better satisfy customers, improve the effectiveness of all processes and increase global efficiency
The process approach included during development, implementation and continual improvement of an OH&S management system allows one to achieve objectives that are related to satisfaction of interested parties as is shown in figure 3-6.
Figure 3-6. Model of an OHSMS based on process approach and continual improvement
Process approach:
emphasizes the importance of: o understanding and complying with interested parties’ requirements o prevention so as to react to unwanted elements such as:
incidents accidents
o measuring process performance, effectiveness and efficiency o permanently improving objectives based on pertinent measurements o process added value
relies on: o methodical identification o interactions o the sequence and o process management which consist of:
determining objectives and programmes
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 17 / 21
directing related activities analysing obtained results permanently undertaking improvements
allows one to: o better view inputs and outputs and their relationship o clarify roles and responsibilities o judiciously assign necessary resources o break down barriers between departments o decrease costs, delays, wastes
and ensures in the long run: o control o monitoring and o continual improvement of processes
Process approach is not:
crisis management ("You will not solve the problems by addressing the effects") blaming people ("Poor quality is the result of poor management." Masaaki Imai) priority to investments ("Use your brain, not your money." Taiichi Ohno)
OHSAS 18001 readiness PQB D 18 S
18 / 21 www.pqweb.eu
4 OH&S requirements
4.1 General requirements (Requirements 1 to 7)
In the simplified diagram in figure 4-1 you can see the purpose of an OHSAS 18001 OH&S management system:
Figure 4-1. Purpose of an OHSAS 18001 OHSMS
The requirements of the OHSAS 18001 standard, in clause 4, are shown in figure 4-2:
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 19 / 21
Figure 4-2. OHSAS 18001 requirements
The company top management puts in place an OH&S management system (which meets the requirements of OHSAS 18001) in order to improve its OH&S performance. For this:
hazards are identified risks are assessed legal and other requirements are identified processes, procedures and existing documents are analysed history of emergency situations, incidents and nonconformities is evaluated necessary resources are determined a training programme is created objectives are set programmes implementing the policy and achieving objectives are developed
The scope of the OHSMS is established, is appropriate to the workplace (cf. OHSAS 18001,
sub-clause 3.23) and is documented.
The OHSMS is documented and appropriate to the culture of the company and is continually improved.
The health, safety and work conditions committee contributes to:
OHSAS 18001 readiness PQB D 18 S
20 / 21 www.pqweb.eu
health and safety protection of employees prevention of occupational risks continual improvement of working conditions strict compliance with legal and regulatory requirements on hygiene, health and safety
at work involvement of staff in all prevention actions
Good practices
top management regularly monitors the OH&S objectives and programmes
commitments of top management regarding the prevention and continual improvement
are widely distributed
the OHSMS is integrated with the quality management system without redundancies
Bad practices
the scope of the OHSMS is not clearly set the OHSMS is not up to date (new processes not identified) process owner not formalized
4.2 OH&S policy (Requirements 8 to 20)
OH&S policy: statement by top management allowing the establishment of OH&S objectives
After a risk assessment and an initial audit top management at its highest level develops the occupational health and safety policy (cf. figure 4-3).
Figure 4-3. Develop policy process
Policy is appropriate to the nature and extent of the risks in the company. It is consistent with the vision of the company - improving the health, safety and working conditions of staff. The OH&S policy:
provides the framework for setting OH&S objectives and associated programmes
PQB D 18 S OHSAS 18001 readiness
www.pqbweb.eu 21 / 21
includes a commitment to: o meet legal and other requirements o risk prevention o provision of resources o training and awareness and o continual performance improvement
is a privileged place of social dialogue in the company takes into account the analysis and feedback from past incidents
Policy is:
realistic harmonized with other company processes understandable
documented implemented reviewed periodically (cf. § 4.6) communicated to all levels and publicly available
Good practices
OH&S policy matches the available resources and associated objectives methods of internal and external communication are presented in the OH&S manual needs and expectations of interested parties are established through on-site meetings,
surveys, round tables and meetings the declaration of commitment of the director is shown at a few key locations
Bad practices
the OH&S policy is not updated the OH&S policy is undated the OH&S policy is not signed by the director the objective of reducing incidents, displayed in the business plan, is not included in
the OH&S policy tracks on risk prevention are missing in the OH&S policy the OH&S policy is not posted outside the office of the director top management commitment does not contain objectives some objectives are not measurable no objectives of continual improvement in the OH&S policy communication of OH&S policy to interested parties is not determined in any
document
