ISO 45001 – Hierarchy of Controls (HOC) – Should it be a Requirement?

Section 8.1.2 of ISO/DIS 45001 requires that organizations “shall establish a process and determine controls for achieving reduction in OH&S risks using the following hierarchy:

  1. occupational_health_safetyeliminate the hazard
  2. substitute with less hazardous materials, processes, operations or equipment
  3. Use engineering controls
  4. use administrative controls
  5. provide and ensure use of adequate personnel protective equipment

The US Technical Advisory Group at its recent meeting in Dallas, TX Feb 22-26, 2016 had lengthy and at time heated discussion about requiring the use of the HOC.  The basic question is should the phrase “using the following hierarchy” be revised to soften it by saying “considering the following hierarchy”.

Many of the seasoned OH&S professionals in the group believe that the language should remain as “use” . They believe the HOC is well accepted in the industry and it is also required by law.  Others on the US TAG with experience in drafting and auditing ISO standards like ISO 14001 think the use of the HOC should be optional.  They maintain that it will be difficult during audits to prove that the HOC was used and that additional control is not possible or practical.

The standard also requires that the OH&S Policy “includes a commitment to control OH&S risks using the hierarchy of controls.

Give us your opinion and please take the survey.

Results of ISO 45001 US TAG Meets in Dallas, TX  – February 22-26, 2016

We recently participated on the leadership team for the United States Technical Advisory Group (US TAG) for the Development of the  new ISO 45001 standard for Occupational Health and Safety management systems.  Group Photo at ISN

The purpose of the week long meeting held at the ISN headquarters in Dallas, TX was to disposition over 800 comments on ISO/DIS 45001.  The US TAG successfully dispositioned all of the major issues and many of the individual comments.  Our role at this meeting was as co-chair of a subcommittee with Vic Toy for Clause 6 – Planning.  Our section had 157 comments to review and decide how they would be addressed.

The meeting was attended by about 70 participants representing business, organized labor and government.  Major issues addressed during the meeting included questions and comments like:

  • Should organizations be required to use the hierarchy of controls when reducing risk?
  • Does redundancy add clarity or confusion (frequent references to workers and worker representatives)?
  • Should organizations be required to assess risk to the management system (other risks) or is this already addressed by the clauses of the standard?
  • When must workers be asked for an opinion (consultation) and when must workers have authority to influence decisions made by management about risk control and other management system issues (participation)?

We have posted some articles about the following on our website blog if you are interested in learning more about these important issues.

  • ISO 45001 – Hierarchy of Controls
  • ISO 45001 – Other Risks and Other Opportunities

The public comment period in the USA is now open until April 1, 2016 so if you are in the USA and your organization would like to submit comments for consideration send me an email to tagosh@envcompsys.com and I can help you get the comments to the right place. Also please feel free to call or email with any questions about ISO/DIS 45001.

ISO 45001 Status Update – What’s Next after DIS Vote Failure

The Committee Draft (CD) of ISO 45001:201x issued July 17, 2014 did not receive enough international support during voting which ended October 18th, 2014.  This means that the Standard will be reissued as another CD2 and will not be moved to the next level of development as a Draft International Standard (DIS) at this time.   The results of the vote were published in PC283 Ballot Report of 10-2014 which showed a 63% approval level, which is 12% shy of the requisite 75% approval for the standard to be moved to the next level.   Of 47 votes cast, 11 were Yes votes to agree to circulation of the draft as a DIS.  18 votes were cast as “Yes with comments” and 17 members cast a no vote.  There was one abstention.

ISO 45001 US TAG Meeting at AIG Headquarters in Ney York, August, 2014

US TAG PC 283 Meeting at AIG Headquarters in New York, August, 2014

The initial proposed date for publication of the final international standard outlined in ISO/PC 283/N68 issued October 24, 2013 was September 2016.  This proposed release date was based on the assumption that the CD and DIS documents would be approved by 75% of the PC members on the first vote.  The consequence of the failure of the CD to be moved to the DIS level is unclear at present but this turn of events is likely to delay the release of the final version of ISO 45001somewhat beyond September 2016.  The International PC will be meeting the third week of January 2015 in Trinidad to work on preparation of the next draft of the Standard (CD2) which is expected to be released in February 2015.

Why Did The ISO 45001 DIS Vote Fail?

The reason for failure of the vote to move to the DIS level is simple to explain. The CD  did not get the required 75% approval needed.  Why there was not enough support is more complicated but in general not enough PC members believed the standard was mature enough to move to the next level of development.  Enough members felt the standard needed more work at the CD level to prevent it from becoming a DIS.

ISO 45001 PC 283 US TAG Meeting August 2014 NYC

US TAG PC 283 Meeting In NYC August 2014

As part of the voting process almost 2500 comments were submitted on the CD which is a good indication that many believe this new standard needs additional effort invested in it before it can be issued as a DIS.  The US submitted 152  comments and the  International Labor Organization (ILO) submitted 174.  Along with its 119 comments Japan submitted a position paper (ISO/PC 283/N134) against ISO/CD 45001 that summed up in three comments, some of the most important issues that need resolution before this important standard can be moved to the next level of development .  The following is a brief summary of these comments.

ILO Participation –  “It is important to fully use the knowledge and experience of the ILO which has dealt with international labor issues”.

ISO and the ILO are having difficulty in reaching agreement on some important terms and concepts and if this tension cannot be resolved to the mutual satisfaction of both parties two conflicting standards may emerge.  This situation will inevitably lead to confusion by users of these standards and diminish the value  of ISO 45001and certification to this standard.

Use of the Term “Risk” Vs OH&S Risk

At present ISO 45001 uses the terms Risk and OH&S risk in several locations in the CD.  The use of these terms is thought to be potential confusing to users and the recommendation is to only use the Term OH&S Risk in the context of ISO 45001.

Annex A Not Thoroughly Reviewed

Unlike The Technical Committee for ISO 14001 which is authorized to issue multiple standards and guidance documents for environmental management such as ISO 14004 and ISO 14064, PC 282 charter was limited to development of one document only, ISO 45001.  At this time there are no plans to issue other guidance documents to supplement ISO 45001.  As a result the only guidance or interpretive information that is likely to come from ISO on OH&S management system will be in an Annex to the standard (Annex A).

Therefore it is vitally important that the information in the Annex A be reviewed and approved by PC members before it is issued.  The current state of Annex A is considered by some of the PC members as not having been reviewed thoroughly and the amount of text is too much and in need on condensation and streamlining.

Conclusion

The failure of PC 283 to move ISO 45001 to th DIS stage will likely result in some delay if the issuance of the final international standard by several months into early 2017.  However, this delay will help insure that all interested parties have an opportunity to contribute to its development.  In the end this will result in a better standard with wide international acceptance.

ISO 45001 Annex 6 – Response to Comments

My draft was meant to be for the Annex only.  It was not intended to be included, or as a supplement to, the normative part of the standard.  I offered the draft of the Annex more to stimulate discussion than expecting it to be incorporated in its entirety.  As I have said from the beginning.  I believe that the HLS should remain largely intact without significant discipline specific additions.  Most discipline specific language for clarification of intent should be introduced in the Annex.

I like the idea of working the development process of this and other standards like ISO 14001 from back to front.  In other words, let’s work on the Annex (informative part of the standard) first, agree on what we want it to achieve and what the Annex should contain, and then decide what needs to be changed in the normative part of standard to meet the discipline specific outcome we want.

I also understand the desire to use much of Z10 to form the basis for ISO 45001.  However, I believe that we can improve upon the ideas presented in Z10 as we develop 45001, especially appendix F and the example risk matrix it contains.

Regarding the question of how opportunities should be addressed in the standard, I believe it matters little where opportunities are addresses.  It may be appropriate to address them in both 8 and 10 and maybe a little bit in 6.  I do however believe that we need to have a better idea about what we mean by opportunities before we add discipline specific language to the HLS in any or all of those clauses.

I believe there are at least two types of opportunities that can be identified, those being opportunities to reduce risk, and those opportunities that can result in other value enhancement.  Sometimes exploiting one type of opportunity comes at the expense of the other. ice3 Ice diving is a good example.  Personally I think you need to be out of your mind to do it, but some folks find great pleasure in scuba diving below the ice and take every opportunity they can to enjoy it.  One of the hazards of ice diving is getting lost under the ice and not being able to return to  the hole before your air supply is exhausted.  The bigger the hole, the easier it is to find when you want out of the water.  But cutting a big hole through 3 foot thick ice is hard and there comes a point where the discomfort in cutting the hole out weights the fun the divers expect to have on their adventure.  So the divers manage the likelihood of becoming trapped beneath the ice in other ways, like roping up and having folks at the surface holding the other end of the rope.  Managing the risks and enjoyment of an ice dive becomes an optimization problem.

The ISO 45001 standard Annex (either 6, 8 or 10) should include information to help users understand the relationship between risks and opportunities and that there are different types of opportunities they can exploit.  Once we have the right language in the annex, we can then think about what changes might be need in the standard itself to make the HLS work for the OH&S discipline.  Again this is the back to front approach to standard development I prefer.

First ISO 45001 US Technical Advisory Group Meeting In DC

ECSI is currently attending day one of the 2-day ISO 45001 US Technical Advisory Group (TAG) meeting in Washington DC January 15-16, 2014.  We will be reviewing comments on the first working draft of the standard and then breaking into several working groups to revise specific sections of the standard.  One of the key issues  to be discussed will be how much additional discipline specific text should be added to the required High Level Structure (HSL) language.  As a voting member of the US TAG I intend to advocate for a less-is-more approach.  In other words, I believe that most of the discipline specific text (occupational health and safety in this case) should reside in the annex of the standard.

The HLS is designed to facilitate seamless integration of discipline specific management systems into an organizations overall business management system.  In the past ISO standards had significantly different structures which made integration of the standards difficult.  An example is ISO 14001 Environmental Management Systems (EMS) which has only 4 sections and ISO 9001 Quality Management Systems (QMS) which has 8 sections.   The difference in the way the standards were organized lead to considerable confusion among many standard users who wondered why the structure of an EMS needed to be so different than a QMS.

In response to those concerns ISO created the HSL to standardize the way it writes standards which is a really good idea for a standards writing body.  ISO requires that all new and revised standards follow the HLS with little deviation.  My experience with the ongoing revision of ISO 14001 has been that trying to incorporate significant additional discipline specific language into the standard is not always value added and can sometimes diminish the clarity and usability of the standard.  Because of the significant additional language in the ISO 14001 standard it seems overweight or bloated at 19 pages versus 9 pages for ISO 14001:2004.  As we hash over this important issue I hope that both the US TAG and the international project committee PC 283 recognize this potential pitfall and endeavor to limit the amount of additional discipline specific language in the new ISO 45001.

 

Should ISO 45001 Require Multi-Step Hierarchy of Control?

The first face-to-face meeting of the United States Technical Advisory Group (US TAG) will be taking place in Washington DC late next week, January 15-16, 2014.  The purpose of this meeting is to review the recently released first working draft (WD1) of the ISO 45001 Occupational Health and Safety Standard and attempt to find consensus among the members of the US TAG regarding the US position on important technical issues.  One of the important issues to be discussed is what  the ISO 45001 standard should include as requirements and what information should be presented in the Annex A as guidance.

The WD of ISO 45001 currently requires a hierarchy of control in clause 8.1.2 of the standard.  Most occupational health and safety (OH&S) professionals are familiar with this hierarchy of control, which prefers elimination of the hazard as the best choice for controlling an OH&S risk. The hierarchy of control requirement is a good example of what one might consider to be an “overreach” of the standard, in that it prescribes a specific risk control process that may be more appropriate as guidance in the Annex of the standard.  As currently drafted, the WD1 states the following:

When determining prevention and control measures, or considering changes to existing controls, consideration shall be given to reducing the risks according to the following hierarchy:

a) eliminate the hazard;

b) substitution with less hazardous materials, processes, operations or equipment;

c) use engineering controls;

d) signage/warnings;

e) administrative controls;

f) personal protective equipment.

These six steps are almost identical to those listed in the American National Standards Institute, ANSI Z10, clause 5.1.2.  The Occupational Health and Safety Assessment Series standard, OHSAS 18001, clause 4.3.1, has similar requirements, but only lists 5 steps; and  the USA OSHA’s required hierarchy of control lists only 4 steps.

With a quick search of the internet, many other examples of hierarchy of control sequences and steps can be found.  Some national regulatory agencies around the world have other required processes for determining appropriate controls.  Given this apparent lack of national and international consensus for the optimal number and sequence of control steps, is it appropriate for the new ISO 45001 OH&S standard to prescribe either a requirement to use a hierarchy of control process or to specify the number and sequence of the steps in the required process?

Based on our experience on the US TAG working on revision to ISO 14001, we believe that, when making additions to the ISO Annex SL High Level Structure (HLS) required text (see related post), adding less in the requirements sections helps to maintain the integrity of the HLS.  ECSI believes that the elegant simplicity of the HLS is diminished when significant amounts of discipline-specific text (OH&S in the case of ISO 45001) are added to the standard itself.  We believe that most of the additional discipline-specific text in the WD1, especially in clauses 6, 7 and 8, should be moved to the Annex A and treated as guidance.  By doing so, the ISO 45001 Project Committee (PC) will be able to avoid protracted discussions and negotiations over the content of the requirement section of the standard, which in turn will help the PC meet the tight deadlines (3 years) for publication of the standard.

Scope Change for ISO 45001 Set for Vote by ISO TBM

When the idea to create an ISO standard for Occupational Health and Safety Management Systems (OHSMS) was recently resurrected the scope of the project was limited to preparing requirements only.  Guidance on use of the new standard was excluded from the scoped of the project.

At its inaugural meeting in October 2013 ISO/PC 283 reviewed its scope and the PC agreed that it was essential to provide guidelines on the use of the OH&S requirements that it is mandated to develop.  The form of the guidelines is expected to be an annex to the requirements standard similar to what was done with ISO 14001.

This scope change needs to be 652px-Logo-ISO[1]approved by something called the ISO TBM (Technical Management Board).  A ballot is being circulated with the TBM to modify the title of ISO/PC 238 by eliminating the word “requirements”.  The voting period will close on December 28, 2013.  The TBM will also be voting on whether to change the scope of PC 283 to the following:

Development of a standard on occupational health and safety management systems “Requirements with guidance for use”.

Although this may seem like a subtle change the impact on the OH&S standard development will be large and will improve the value of the standard for users.  My guess is that the greatest area of impact in the guidance portion of the standard will be in the front end work to set up a conforming OHSMS.  Specifically the part of the standard the addressed hazard identification and risk assessment.

I am interested in this groups opinion of what other areas of the new standard will benefit from guidance such as, employee participation or value/supply chain management , and how explicit should that guidance be?  Please don’t be afraid to post a comment here  or at the linked In at the  ISO 45001 group with you opinion or comment.

OHSAS 18001 and ISO 45001 – ISO Health and Safety Management Systems

In late October 2013 ISO (International Organization for Standardization) decided to move forward with the development of an ISO standard that will replace OHSAS 18001 Occupational health and safety management systems – Requirements (British Standard Institute) within the next three years.  The ISO Occupational Health and Safety Management System Standard (OHSMS) is expected to be issued under the number ISO 45001.   The exact title is still up in the air but will be similar to something like Occupational health and safety management systems – Requirements with guidance for use.   The first Working Draft of the new OHSMS standard is expected to be circulated to the US Technical Advisory Group (U.S. TAG) members within the next few weeks. 

Important issues that will be discussed early in the standard development process are:

Defining the term “persons under the control of the organization”. 

There will be discussion about how much flexibility organizations will have when defining the scope of its OHSMS under the ISO 45001 requirements.  This issue will have a significant impact on organizations who have chosen to shift OH&S risks to onsite contractors’ through contracts that require the contractors to assume some or all responsibly for their employees health and safety and for compliance with all regulatory requirements.   The questions will likely boil down to will the standard allow a complicated scope statement that excludes substantial portions of the facility’s physical location thereby excluding many contractors from the scope of the OHSMS,  or will the standard discourage this type of scoping in favor of a more inclusive approach to the scope of the OHSMS. 

Questions about acceptable levels of risk shifting or sharing will need to be discussed  and answered.

Hazard Identification, Risk Assessment and Risk Control

This will be an important topic of discussion and deliberation with the U.S. TAG to reach consensus on what the standard will require of organizations to develop, implement and maintain a process for performing hazard identification and risk assessment.   There are many approaches to risk assessment and it will be interesting to see how detailed the requirements will be regarding this important area of an OHSMS.  Appendix F of ANSI Z10 will be a starting point for the U.S. TAG for developing the guidance on this important OHSMS topic.

The new structure required by ISO (Annex SL) places emphasis on the concept of risk management.   OHSAS 18001 emphasized this aspect of an OHSMS but you can expect more in the way of guidance in ISO 45001 describing appropriate methods for assessing OH&S risks.   The guidance will be in the annex of the ISO 45001 standard with examples of how to perform an OH&S risk assessment and there will likely be a figure that looks something like the figure below where risk is estimated based on multiplying the likelihood value by the consequence value to arrive at the risk score.

 risk score 112113

 

 

 

 

Time Frame for ISO 45001 Development

Here is the current schedule for required 3 year development of the standard that was provide to TAG members on November 15, 2013.

  • Dec 2013 –Working Draft 1 (WD1) circulated Working Group 1 (WG1)
  • Jan 2014 – Submit Comments on WD1
  • Jan 2014 – US TAG Face to Face Meeting (to develop US positions/concerns on WD1) – ECSI will attend this meeting.
  • March 2014 – PC Meeting – Development of Committee Draft 1 (CD1)
  • November 2014 – PC Meeting – Development of Draft International Standard (DIS)
  • November 2015 –PC Meeting – Development of Final Draft International Standard (FDIS)
  • October 2016 – Publish ISO 45001

ECSI is a voting member of the U.S. Technical Advisory Group to ISO 45001 and will be directly involved in developing the US position on the content of this important standard.  We will be publishing updates on the progress of ISO 45001 and are happy to discuss any ideas, issues or concerns you have with the development of this new standard or any other OH&S issues you would like to discuss.  Don’t be shy.  You can either post a comment / question here or contact us directly at 920-648-4134 or email us kalehner@envcompsys.com.