About kalehner

President of ECSI

Auditing ISO 45001:2018 – 5.4 Consultation and participation of workers

Note. I want to be clear upfront that my intention is not to discredit the contribution organized labor made to the development of ISO 45001:2018.  The point I make here is that they had a significant impact on the requirements in certain sections of ISO 45001:2018.  This fact may help inform users about the intent of the requirements for purposes of implementation and conformity assessment. 

Clause 5.4 of ISO 45001:2018 discusses requirements for consultation and participation of workers and is the result of an interest groups desire to ensure their constituents were give certain rights to have influence over the organizations OHSMS.   Organized labor got a symbolic win here for their constituents but does this additional language add value to the standard or simply create unnecessary complexity and confusion for users of the standard?

As an auditor my approach would be to check if the workers themselves believe that their opinions about the OHSMS have been considered in its development and implementation.  The best way to do this is to ask them directly. Here is a line of questioning I would use to get objective evidence of conformity to the participation and consultation requirements in 5,4 of ISO 45001:2018.

My first question would be something like “Have you heard about the OHSMS here?”.  The answer to this question helps me get a sense of the organizations general awareness of the existence of an OHSMS.  You might have to rephrase the question to get them to understand what you are asking.

The next questions would be something like… Can you tell me about what you do as your job here and what you do to keep yourself safe from injury or ill health?  A good answer would be something like… My job is to load railcars.  I need to stand on top of the railcar and inspect it after it is loaded.  I need to wear this fall protection harness when I am on the railcar in case I accidently fell off.  The harness would break my fall and prevent or reduce my chances of injury.

The next question would go directly to participation and consultation and would be something like this.  Did you participate in any of the planning part of the OHSMS giving leadership your opinion of your comfort level with safely performing you job.  Another good answer would be something like…Yes, our entire crew participated in a hazard identification and risk assessment meeting where we went over all the job tasks and risks.  We were asked if we felt safe doing these tasks given the safety procedures and equipment that was in place.  One of the areas we raised as potentially unsafe was the absence of fall protection.  Based on that, our leadership has provided us with these ladders, harnesses and showed us how to use them.  I feel much safer now with this enhanced risk control.

Based on the results of this interview I would have good objective evidence that the intent of 5.4 had been achieved.  If most other worker interviewed had a similar tale to tell I would feel comfortable in concluding that the organizations had meet the requirements of clause 5.4 of the standard.

Of course, this line if questioning could have gone in many other directions and the answers given may not have supported a finding of conformity to varying degrees.  Auditors are certified and calibrated to make decisions during audits while considering all the evidence presented much like a judge does in a legal case.  Auditors who focus on too much detail like expecting the auditee to produce evidence of each of the 21 individual requirements of 5.4 are missing the point and need to step back and look at the bigger picture.

ISO 45001:2018 7.4.1 (d) Views of External Interested Parties

Here is a question that was recently posed on the ISO 45001 LinkedIn Group page and our response.

Question donna cerca uomo Acireale

ISO 45001…Looking at requirement 7.4.1 (d) “The organisation shall ensure that the views of external interested parties are considered in establishing its communication process(es).”  Anyone have any thoughts on how they will address this requirement, bearing in mind that OHSAS 18001 required, where appropriate external interested parties…are consulted?

coppia cerca donna Taranto Our Response coppia cerca uomo Parma – 

I assume when you ask “how will they address this requirement” you are referring to certification bodies (CB’s) performing 3rd party independent audits of the OHSMS.  I suspect that the answer to this question will be largely determined by how the CB calibrates their auditors for what the CB considers adequate objective evidence of conformity.  My hope is that the CB’s will take a liberal view of what is acceptable here and let the auditee decide who is an external party and what views need to be considered.

I think that this section of ISO 45001:2018 is unnecessarily confusing and will likely be a source of debate between organizations and their CB auditors.  The High-Level Structure text for his section was limited to the following:

7.4  Communication

The organization shall determine the internal and external communications relevant to the XXX management system, including:

— on what it will communicate;

— when to communicate;

— with whom to communicate;

— how to communicate

As a member of the US-Technical Advisory Group I observed that organized labor strongly supported adding additional language in this section and suspect that the intent is that organized labors “views” are considered when establishing the communication process.

So if organized labor is part of an organizations structure asking them to express their views on communication and documenting those views would be a good place to start.  These views can then be discussed with the leadership during management review and “considered” when establishing the communication process.  Producing these records during and audit should help show CB auditors that “the views of external interested parties are considered in establishing its communication process(es)”.

If organized labor is not a consideration, then it gets a bit tougher.  I would start with of list of who the organizations think might conceivably be consider an external interested party.  These might include:

  • Regulatory agencies
  • Business associations
  • Neighbors
  • The community
  • Local politicians
  • Worker family member and relatives

I do not believe the standard compels an organization to proactively seek out the views of all external interested parties.  This would be overly burdensome and of little value to the effectiveness of the OHSMS.  However, after compiling its list the next question should be, have any of these external parties expressed views on how we communicate externally about our OHSMS?  If the answer is no, then it would be appropriate to state to the auditor that no external parties have express views on our external communication process.

If views have been express by any of those on the list this should also be documented and discussed in management review (also documented) regarding the result of the consideration of these external views.  Lastly, if the CB auditor digs in heals here and expects extensive evidence in this section you will always have the option to appeal a finding the CB’s Executive Committee of the CB for relief.

ISO 14002 Results from Seoul, Korea September 2, 2016

IMG_0406The ISO 14002 Ad Hoc Group completed its work on Wednesday, August 31 and I presented the output of the group work at the Committee Plenary with all participating countries on Friday September 2.  The purpose of the presentation was to help all participants understand what ISO 14002 is about.  The title of the standard is:

uomo cerca donna Montesilvano ISO/TC 207/SC1 Ad Hoc Group: ISO 14002:200x  – Guidelines for application of ISO 14001:2015 framework to environmental aspects and environmental conditions by topic areas.

The presentation was well received and the committee will now internationally ballot the ISO 14002 New Work Item Proposal (NWIP) in October of this year.  If the ballot is successful the development of these new guidelines will likely begin in early 2017 and will be discussed at the next ISO 14001 international meeting June 2017 in Halifax, NS.

ISO 45001 – Other Risks and Other Opportunities

risk_management_supply_chain_1320_892_60ISO/DIS 45001 is the new ISO Standard for Occupational Health and Safety Management Systems.  The public comment period for the draft international standard is open until April 2, 2016.  One of the important issues debated at the recent meeting of the US TAG in Dallas. TX,  Feb 22-25, 2016 was a requirement unique to ISO 45001 that  organizations are required  to assess “ uomo cerca donna Sesto San Giovanni other risks” to the OHSMS.  Neither ISO 9001:2015,14001:2015 or OHSAS 18001 have such a requirement.  Here is what is required:

6.1.2.2 Assessment of OH&S risks and other risks to the OH& S management system

The organization shall establish, implement and maintain a process(es) to:

b) identify and assess the risks related to the establishment, implementation, operation and maintenance of the OH&S management system that can occur from the issues identified in 4.1 and the needs and expectations identified in 4.2.

To better understand what is expected one needs to go to the Annex of the standard where there is a list of examples in A.6.1.2.2 of what needs to be considered as follows:

“The organization should also give consideration to those risks which are not directly related to the health and safety of people and address factors affecting the OH&S management system, its performance and intended outcomes. These risks should be assessed using an appropriate method”.

Potential sources of risk to the OH&S management system can include:

  • inappropriate context analysis; outdated analysis;
  • inadequate consideration of OH&S management system requirements, change management and other health and safety issues in strategic planning and other business processes;
  • the absence of resources for the OH&S management system, whether financial, human or other;
  • an ineffective audit program;
  • poor succession planning for key OH&S management system roles;
  • poor top management engagement in the OH&S management system activities;
  • failure to address the needs and expectations of relevant interested parties;
  •  poor OH&S performance leading to reputational risks.

The standard also requires organizations to identify “ Other Opportunities” in clause 6.1.2.3(b) when it says:

“The organization shall establish, implement and maintain processes to identify:

b) opportunities for improving the OH&S management system”.

Again the annex provides a bit more guidance regarding “other opportunities” in A 6.1.2.3.  Here is what it says:

Opportunities to improve the OH&S management system can include:

  • improving the visibility of top management’s support for the OH&S management system;
  • enhancing incident investigation processes;
  • improving the processes for worker participation;
  • benchmarking, including consideration of both the organization’s own past performance and that of other organizations;
  • collaborating in forums which focus on topics dealing with health and safety.

Some of the US TAG experts argue that without a requirement to address these other OH&S Risks and Other OH&S Opportunities the management system will be ineffective and will not lead to OH&S performance improvement.  Others on the US TAG maintain that by implementing and operating an ISO 45001 OHSMS the organizations will address these potential risks and requiring an additional step to look at these other risks is redundant and confusing to potential users.

What do you think?  Leave a comment here and… if you like… take the survey and express your opinion.

ISO 45001 – Hierarchy of Controls (HOC) – Should it be a Requirement?

Section 8.1.2 of ISO/DIS 45001 requires that organizations “shall establish a process and determine controls for achieving reduction in OH&S risks using the following hierarchy:

  1. occupational_health_safetyeliminate the hazard
  2. substitute with less hazardous materials, processes, operations or equipment
  3. Use engineering controls
  4. use administrative controls
  5. provide and ensure use of adequate personnel protective equipment

The US Technical Advisory Group at its recent meeting in Dallas, TX Feb 22-26, 2016 had lengthy and at time heated discussion about requiring the use of the HOC.  The basic question is should the phrase “using the following hierarchy” be revised to soften it by saying “considering the following hierarchy”.

Many of the seasoned OH&S professionals in the group believe that the language should remain as “use” . They believe the HOC is well accepted in the industry and it is also required by law.  Others on the US TAG with experience in drafting and auditing ISO standards like ISO 14001 think the use of the HOC should be optional.  They maintain that it will be difficult during audits to prove that the HOC was used and that additional control is not possible or practical.

The standard also requires that the OH&S Policy “includes a commitment to control OH&S risks using the hierarchy of controls.

Give us your opinion and please take the survey.

Results of ISO 45001 US TAG Meets in Dallas, TX  – February 22-26, 2016

We recently participated on the leadership team for the United States Technical Advisory Group (US TAG) for the Development of the  new ISO 45001 standard for Occupational Health and Safety management systems.  Group Photo at ISN

The purpose of the week long meeting held at the ISN headquarters in Dallas, TX was to disposition over 800 comments on ISO/DIS 45001.  The US TAG successfully dispositioned all of the major issues and many of the individual comments.  Our role at this meeting was as co-chair of a subcommittee with Vic Toy for Clause 6 – Planning.  Our section had 157 comments to review and decide how they would be addressed.

The meeting was attended by about 70 participants representing business, organized labor and government.  Major issues addressed during the meeting included questions and comments like:

  • Should organizations be required to use the hierarchy of controls when reducing risk?
  • Does redundancy add clarity or confusion (frequent references to workers and worker representatives)?
  • Should organizations be required to assess risk to the management system (other risks) or is this already addressed by the clauses of the standard?
  • When must workers be asked for an opinion (consultation) and when must workers have authority to influence decisions made by management about risk control and other management system issues (participation)?

We have posted some articles about the following on our website blog if you are interested in learning more about these important issues.

  • ISO 45001 – Hierarchy of Controls
  • ISO 45001 – Other Risks and Other Opportunities

The public comment period in the USA is now open until April 1, 2016 so if you are in the USA and your organization would like to submit comments for consideration send me an email to tagosh@envcompsys.com and I can help you get the comments to the right place. Also please feel free to call or email with any questions about ISO/DIS 45001.

ISO 45001 Update – June 2015

Goole Bikes

The famous Google Bikes!

We recently participated as voting members in a meeting of the United States Technical Advisory Group (TAG) for the new ISO 45001 (Occupational Health and Safety) standard.  The meeting was held at Google Headquarters in San Francisco.  Extensive discussion took place within the TAG regarding the United States TAG position on the proposed ISO 45001 Draft Standard (CD#2).  The consensus was strong that the United States TAG believes the standard is still not ready to move to the next stage of the standards development process (DIS).  To this end, a motion was made, seconded, and unanimously approved during the course of the meeting and at a follow-up conference call.

The motion and its result were communicated in a letter to the American National Standards Institute (ANSI) on June 3. The motion was as follows:

The United States votes “No with Comments” on the draft standard with the position that the proposed standard is not yet ready to move to the DIS stage of the standards development process.

The impact of this negative vote is uncertain because the US has only a single vote on the International ISO 45001 committee (PC283) and there could be enough votes by other nations to move the standard to DIS rather than to another Committee Draft.  The US is voting that the standard go through another cycle as a Committee Draft (CD3) to allow more time to iron out some sensitive and controversial issues.

METADATA-START

When at work Googlers are never more than 100 feet from good, healthy food

Initially many of the TAG and PC members familiar with government mandated safety requirements (OSHA) were of the belief that this standard was much like a new law or labor regulation.  The good news is that the understanding of the standards development process by memberships of the US TAG and members of the International Committee is maturing which in turn has resulted in more flexibility for users of ISO 45001.  Over the last 2 years many of the membership has come to understand that allowing flexibility in how organizations choose to implement their OHSMS is key to its acceptance by potential users.

During the meeting in San Francisco we were able to talk candidly with the US TAG leadership and the belief is that a final draft of the ISO 45001 standard may not be ready until early 2017.  This will require that the PC is granted a 9 month extension to the three year project timeline that was originally approved by ISO.

ISO 45001 Status Update – What’s Next after DIS Vote Failure

The Committee Draft (CD) of ISO 45001:201x issued July 17, 2014 did not receive enough international support during voting which ended October 18th, 2014.  This means that the Standard will be reissued as another CD2 and will not be moved to the next level of development as a Draft International Standard (DIS) at this time.   The results of the vote were published in PC283 Ballot Report of 10-2014 which showed a 63% approval level, which is 12% shy of the requisite 75% approval for the standard to be moved to the next level.   Of 47 votes cast, 11 were Yes votes to agree to circulation of the draft as a DIS.  18 votes were cast as “Yes with comments” and 17 members cast a no vote.  There was one abstention.

ISO 45001 US TAG Meeting at AIG Headquarters in Ney York, August, 2014

US TAG PC 283 Meeting at AIG Headquarters in New York, August, 2014

The initial proposed date for publication of the final international standard outlined in ISO/PC 283/N68 issued October 24, 2013 was September 2016.  This proposed release date was based on the assumption that the CD and DIS documents would be approved by 75% of the PC members on the first vote.  The consequence of the failure of the CD to be moved to the DIS level is unclear at present but this turn of events is likely to delay the release of the final version of ISO 45001somewhat beyond September 2016.  The International PC will be meeting the third week of January 2015 in Trinidad to work on preparation of the next draft of the Standard (CD2) which is expected to be released in February 2015.

Why Did The ISO 45001 DIS Vote Fail?

The reason for failure of the vote to move to the DIS level is simple to explain. The CD  did not get the required 75% approval needed.  Why there was not enough support is more complicated but in general not enough PC members believed the standard was mature enough to move to the next level of development.  Enough members felt the standard needed more work at the CD level to prevent it from becoming a DIS.

ISO 45001 PC 283 US TAG Meeting August 2014 NYC

US TAG PC 283 Meeting In NYC August 2014

As part of the voting process almost 2500 comments were submitted on the CD which is a good indication that many believe this new standard needs additional effort invested in it before it can be issued as a DIS.  The US submitted 152  comments and the  International Labor Organization (ILO) submitted 174.  Along with its 119 comments Japan submitted a position paper (ISO/PC 283/N134) against ISO/CD 45001 that summed up in three comments, some of the most important issues that need resolution before this important standard can be moved to the next level of development .  The following is a brief summary of these comments.

ILO Participation –  “It is important to fully use the knowledge and experience of the ILO which has dealt with international labor issues”.

ISO and the ILO are having difficulty in reaching agreement on some important terms and concepts and if this tension cannot be resolved to the mutual satisfaction of both parties two conflicting standards may emerge.  This situation will inevitably lead to confusion by users of these standards and diminish the value  of ISO 45001and certification to this standard.

Use of the Term “Risk” Vs OH&S Risk

At present ISO 45001 uses the terms Risk and OH&S risk in several locations in the CD.  The use of these terms is thought to be potential confusing to users and the recommendation is to only use the Term OH&S Risk in the context of ISO 45001.

Annex A Not Thoroughly Reviewed

Unlike The Technical Committee for ISO 14001 which is authorized to issue multiple standards and guidance documents for environmental management such as ISO 14004 and ISO 14064, PC 282 charter was limited to development of one document only, ISO 45001.  At this time there are no plans to issue other guidance documents to supplement ISO 45001.  As a result the only guidance or interpretive information that is likely to come from ISO on OH&S management system will be in an Annex to the standard (Annex A).

Therefore it is vitally important that the information in the Annex A be reviewed and approved by PC members before it is issued.  The current state of Annex A is considered by some of the PC members as not having been reviewed thoroughly and the amount of text is too much and in need on condensation and streamlining.

Conclusion

The failure of PC 283 to move ISO 45001 to th DIS stage will likely result in some delay if the issuance of the final international standard by several months into early 2017.  However, this delay will help insure that all interested parties have an opportunity to contribute to its development.  In the end this will result in a better standard with wide international acceptance.

TC 207 – Survey request on Verification of Environmental Sustainability Reports

652px-Logo-ISO[1]In 2011 the ISO/TC 207/SC 2 – Environmental auditing sub-committee established an ad hoc group to gather information on current developments on auditing/verification of publicly available environmental and sustainability reports. Status reports were given at the 2012 and 2013 meetings. In 2013 the ad hoc group decided to conduct a survey to gather further information on the market needs for a standard on the topic of verification of environmental sustainability reports for discussion at its upcoming meeting in Panama on May 27, 2014.

TC 207 is seeking your assistance in obtaining broad participation in this survey. The survey can be accessed via the following link:https://www.surveymonkey.com/s/RCBL6D5. The survey will be open until May 2, 2014. We understand that this is a short timeframe for capturing this information but the deadline was established by ISO to make sure responses were available in time for consideration at the Panama meeting.

To obtain a statistically diverse and representative sample we are requesting that you consider passing this survey to other experts and stakeholders that you are familiar with personally.  We are hoping to get responses from a variety of organizations, based upon their environmental risk, number of employees, size and type (small, medium, and large as well light, medium, and heavy manufacturing), as well as those in the public and/or private sector.

Day 4 – ISO 14001 EMS Lead Auditor Washington, DC, 4/10/14

Day four of ISO 14001 Lead Auditor is going well.  A great group of folks in the class makes my job here in DC enjoyable.  From time to time I wonder if ISO 14001 is destined for jettison to the ash heap of sustainability irrelevance.  I sometimes question if others will continue to believe as I do that an ISO 14001 environmental management systems is a good way to manage the plant part of sustainability’s triple bottom line.14001_0414_dc

But teaching this class often restores my confidence that ISO 14001 will continue to be relevant for the foreseeable future.  Students continue to appreciate learning the fundamentals of environmental aspects, impacts, significance, auditing including the relationship between audit criteria, evidence, findings and conclusions.   I also believe that the current revision process is tracking well toward delivering an improved model for environmental management systems and I am looking forward to teach this course for the revised standard next year.