Safety at Christmas

There are greater hazards than mince pies and sherry

It is easy during the festive period to allow our attitudes to Health & Safety to relax, however it is at times like these that we must make a special effort to be more vigilant than ever. Here is a link to a story that I came across on the BBC website that warns us of the health dangers of the “Santa Claus Diet”.

The article, whilst thought provoking from a health perspective, unfortunately overlooks several serious and perhaps more significant process safety weaknesses in Santa Claus’ working arrangements. Whilst there are health risks associated with binge eating and drinking, the fact that Santa has been doing this for several hundred years suggests that any adverse health effects would not necessarily be chronic. It is also unclear whether all mince pies are consumed in one sitting. It is possible, and perhaps more likely, that he collects them and takes them back to the North Pole in a Tupperware container for his elves.

Detailed analysis of his safety arrangements, on the other hand, are less easy to defend.

Working at Height, Confined Space Working and PPE

Santa Claus gains access to properties by a controlled landing on the roof. Whilst his work wear could be considered “hi viz”, the good news ends there. There is no evidence of the use of a hard hat or other appropriate PPE, safety harnasses or scaffolding – an absolute minimum for this type of activity. Furthermore access to the building is often via a “chimney pot” with no apparent application of structured confined space working arrangements, or a site specific fire risk assessment.

The failure to consider the Hierarchy of Controls in risk management demonstrates a flagrant disregard for an effective Safe System of Work. It would seem obvious that both Working at Height and Confined Space Working could be cheaply eliminated by simply parking up safely at ground level and gaining access by a door. Whilst this may not be as quick as landing on the roof and jumping down the chimney, and it may mean that the distribution of presents may need to be spread out over more than one evening or partially sub-contracted, safety must never be compromised in order to speed the job up or save money!

Manual Handling and Young Persons

A couple of years ago, whilst on a Search for Santa break in Lapland, I was able to meet Santa Claus. I took the opportunity to question him on his workplace safety arrangements. I found his attitude to be unhelpful. I noticed a queue of young persons waiting to see him (in fact he repeatedly referred me to the long queue as I attempted to put my questions to him). I accepted his assertion that his status on site was that of a subcontractor, however I was not convinced that he had undergone an appropriate contractor induction, had received manual handling training or that alternative lifting arrangements were in place in the event that a child was too big boned to safely lift using standard manual handling techniques. I could not see any mechanical lifting apparatus anywhere in his vicinity, or any signage indicating a weight limit. His claim that his working methods were safe seemed to be based solely on the fact that he “had been doing it that way for years”.  This demonstrated a very poor understanding of how grandfather rights are applied in law.

In summary I think we need to be very careful when dealing with international gift distribution contractors at this time of year. It is an unregulated industry dominated by a very small number of privately run providers for whom workplace safety appears a very low priority.

Have a safe and legally compliant Christmas

Shaun Sayers

Posted in Uncategorized | Tagged | Leave a comment

Why Understanding Your Internal & External Issues Is Important

Background to the new ISO 9001:2015 Requirement

Rather than repeat myself by going over the requirement at a general level, here’s a link to an earlier post where I have tried to explain the general principles involved.

ISO 9001:2015 – Internal and External Issues

External Issues – A more detailed examination

Why is it important?

I’m drafting a gap analysis at the moment for what you could best describe as a “traditionally structured” QMS. Like many systems of this type, there is no formal structure for identifying internal and external issues, the associated risks and the necessary contingencies and back up plans. In this situation you often get the impression that the management team simply “know” what these things are and “naturally take them into account”. So why the need for anything more formal?

Well, here’s what can happen when you get things wrong …

Monarch Airlines Collapse – where did it go wrong?

It’s perhaps worthwhile taking time to consider the sequence of events and understanding what went wrong for Monarch because this sorry tale outlines quite well why it might be worthwhile trying to adopt a more formal proactive approach to risk management. Does it guarantee everything will be fine? Of course it doesn’t. But what it might do is provide focus as to the size and scale of risks that the company is running (ie, understanding the worst case scenario) and perhaps helping the company understand if there is a Plan B that can be put in place to mitigate the effects, should the worst come to the worst.

In short, the article suggests that Monarch had too many of its eggs in one or two baskets (holiday flights to Turkey and North African destinations) and when demand for flights to this region reduced considerably, it left the company with no place to go.

I know it’s always much easier to analyse failures from the perspective of hindsight, but this state of affairs catches the sentiment quite well.

Posted in ISO 9001:2015, Risk & Assurance | Tagged , , | 2 Comments

ISO 9001:2015 Non-Applicability

Non-applicable clauses and how to treat them

I’m starting to get asked this a lot just now, so maybe it’s time for an article to explain it, and to point people at. Those people going through ISO 9001 transition now, and whose QMS identifies some clause(s) that ISO 9001:2008 calls “exclusions”, will need to revisit the matter.

In many ways the same rules apply, but there are a couple of differences.

Firstly, whereas in ISO 9001:2008, “exclusions” were limited to Section 7 (Product Realisation), ISO 9001:2015, on the face of it, applies no such constraints so, in theory at least, non-applicability (the new name for exclusions) may be identified within ANY of the new auditable requirements of Sections 4-10. In practice, however, you will find that your realistic non-applicable clauses (that is, clauses that certain types of organisations may justifiably explain are not applicable to its operations) will be limited to parts of ISO 9001:2015 sections 7 and (mostly) 8 (which is, to all intents and purposes, the equivalent of the old Section 7).

It is unlikely that any requirements of Sections 4, 5, 6, 9 or 10 could be justifiably cited as not applicable. I’d be amazed if any were accepted under any circumstances.

So what could be cited as not applicable?

There aren’t that many potentially non-applicable clauses. In Section 7 (Support), in practice you are looking at clause 7.1.5 – this relates to monitoring and measurement resources and measurement traceability. This clause deals with the EQUIPMENT that may be used in monitoring and measurement (not monitoring and measurement activity) and includes the old calibration and equipment care requirements. Not all organisations use equipment in their monitoring and measurement activities, and it will be a fairly common non-applicable clause, especially with service providers. Measurement traceability (note NOT Product Identification & Tracebility – this is different and taken care of within Section 8) is not always a requirement, and in fact the wording of the clause in ISO 9001:2015 actually states “where measurement traceability is a requirement …”. Measurement tracebility will normally, if it applies, be required either by legislation or by the customer contract.

In Section 8 (Operation) there are a few potentially non-applicable requirements, because it contains all the old favourites from ISO 9001:2008. Most notably;

  • 8.3 Design and development
  • 8.5.2 Identification & Tracebility (of product)
  • 8.5.4 Preservation
  • 8.5.5 Post delivery activities

In practice pretty much close to 100% of any other non-applicable claims will be drawn from the above and Clause 7.1.5. Note that in days gone by “Customer Property” used to be a reasonably common exclusion under ISO 9001:2008/ISO 9001:2000, however as this clause (ISO 9001:2015 clause 8.5.3) covers intellectual property and data, it is rarely justifiable these days. Most companies hold some customer data that requires protection –  financial/payment/bank data at the very least.

How to record non-applicable clauses

If you deem that a clause or clauses is/are not applicable to your QMS (for example it simply does not contain a design element, or you have no physical output that can be spoiled or damaged and so requires preservation controls), these must be identified and JUSTIFIED in the statement of SCOPE (see clause 4.3) of your QMS. In justifying the non-applicable clause, you are simply explaining (and making it clear) why this does not apply to any of the contents, controls or customer requirements of your QMS.

Hope this helps.

Posted in ISO 9000, ISO 9001:2015 | Tagged , , , , , | 2 Comments

ISO 45001 Update (August 2017)

Last Updated 2nd August 2017 (see footnotes)

Background

I’ll start this post by outlining the background and history of the transition of OHSAS 18001 to ISO 45001, for those of you that may not have been following the saga, or for those of you that have been fed incorrect information.

Initially the plan was to issue the new ISO 45001 standard along with ISO 9001 and ISO 14001 in September 2015. Unfortunately agreement on the content of ISO 45001 proved problematic and that didn’t happen. Initially this led to added levels of consultation and amendment, culminating in the issue of a Draft International Standard (DIS) of ISO 45001 in 2016. At that time it was hoped that the level of comment would be at a level that ISO 45001 would be able to be issued directly – skipping the Final Draft International Standard (FDIS) stage. That proved to be an outrageously optimistic plan, and in fact the level of disagreement on content was such that it was decided to start again from scratch, rather than to try to reconcile the outstanding issues by revising the 2016 DIS. In short it was sent back to the drawing board, and the revised timetable for issuing ISO 45001 targeted Spring 2018 as the date of issue. So a second DIS (DIS 2) was issued in April 2017. Again it was hoped that the level of comment would be so low as to allow the issue of the ISO 45001 without it passing through the FDIS stage. Again this was not possible.

Current Status

At the time of writing, the 2017 FDIS is anticipated to be released for comment in Quarter 4 2017, probably November. For those of you unfamiliar with the various stages of consultation for ISO standards, the FDIS is generally expected to be, give or take a few tweaks here and there, pretty close to the standard that finally gets issued. So we (think we) are nearly there. We are now realistically looking at Quarter 2, 2018 as the most likely date of issue of ISO 45001. But we can now do that with a reasonable degree of optimism.

What this means for OHSAS 18001

What this means for OHSAS 18001 is that it will continue to be the most prevalent certifiable management system standard in the world until at least the end of 2019. Even if ISO 45001 is issued in the Spring of 2018, it will take the certification bodies some months to achieve their Accreditation. Also (and I am using ISO 9001 and ISO 14001 as sighters for that timeline) it is normal for relatively few organisations to target a transition audit at the earliest opportunity. For a number of reasons it is often best to let the dust settle. OHSAS 18001 will remain a live document until at least Spring 2021. We can expect transition audits to pick up pace towards the end of 2019, with the deadline being sometime in mid 2021 – three years from the date it gets issued (a date we don’t know yet).

 

What this means for OHSAS 18001 Lead Auditor Training

We have seen a reduced flow of traffic this past 2 years through our OHSMS (OHSAS 18001) Lead Auditor Courses. This is partially understandable. For those people that are in no particular hurry to complete their course, there has been a tendency to defer their training and complete the course under the new standard and avoid the need for a short ISO 45001 transition course. It is important, however, to remember that whenever standards change, it DOES NOT render your training to an older version of the standard redundant. The course, remember, is officially entitled OHSMS Auditor/Lead Auditor, and we all complete our training to whichever standard is current at the time. In my case that was OHSAS 18001:1999 for instance. It is also important to remember that up until at least the end of 2019, it is OHSAS 18001 that will be the most certified standard worldwide and, up until that time, the majority of OHSMS audits will be to that standard. Clearly completing the OHSMS Course to ISO 45001 and skipping the OHSAS 18001 phase comes with some medium term restrictions for that reason.

Those of us that completed their training to older versions of the standard will need to complete an appropriate transition course to ISO 45001 (not a full lead auditor course). It is anticipated that the IRCA approved transition courses and the new OHSMS Auditor/Lead Auditor course will be available around Easter time in 2018. As is usual when standards change you may see a plethora of alleged “ISO 45001 training” being offered earlier. In fact I have been seeing this for over a year. There is nothing ILLEGAL with offering training against a DIS or FDIS, but bear in mind that this training WILL NOT be accredited and it WILL NOT even be training against the official standard, as it hasn’t even been drafted yet. In my opinion it just exploits a combination of ignorance and impatience. Caveat emptor applies.

Shaun Sayers

Posted in Occupational Health & Safety, OHSAS 18001 | Tagged , | 3 Comments

ISO 9001:2015 Organisational Context

Don’t overthink it!

There has been a lot of chatter this past year about this new section 4 requirement of ISO 9001. Not all of it, in my opinion, either informed or particularly helpful. In essence, the whole concept of ISO 9001 Organisational Context is something we can summarise in very simple terms.

The End of Copy and Paste …. Maybe

In very simple terms, the requirement for Organisational Context requires the system to be demonstrably the system that belongs to the organisation. Something developed by them, for them, taking into account its own organisational environment and challenges and NOT a copy/paste job. Putting it bluntly, it should see an end to copy/paste/generic manuals. That’s the idea anyway.

The concern I have is that it might not. Already I have seen banner adverts on LinkedIn that advertise for sale “ISO 9001:2015 compliant Management System Documentation”. By definition there can be no such thing. Anything that is off the shelf simply cannot meet the Context requirements of Section 4. We need our Certification Body auditors to see this as a red line. Let’s hope …

And The Auditors?

In my experience its quite rare for an organisation and its people not to have a reasonable understanding of its own context. They may not have designed the system around it particularly well, and many issues that affect the organisation might be managed in a less than systematic way, but generally everyone knows what sort of things are likely to bite them on the behind. That could be things like fluctuations in demand, seasonal fluctuations, price of supplies and commodities, trading conditions, weather events, transport and infrastructure disruptions etc – they will know what they are. It is quite common on the other hand, for an external auditor to fail to understand the context of the auditee. There is a reasonable excuse for this – how could they? The auditor visits one or two times a year, they can’t possibly understand the context of the auditee organisation as well as the people that work there day in day out. Part of the requirement of Section 4 involves the auditee explaining its system to the auditor. Explaining why they do what they do, and, in some ways, making the auditor’s job easier and reducing the chances of conflict through ignorance.

Internal and External Issues

In an earlier article I explained how important this new requirement is. It is, in my opinion, also likely to be the most significant transition issue for most organisations as it is commonly not managed in a documented or a systematic way.

Scope

There is a requirement for a greater level of detail to be documented in the statement of scope. The reason for this, again, goes back to context. A vague, general or woolly scope is not helpful to customer organisations. It doesn’t clearly express the extent and limits of your the system. Again, also, the scope is used to match auditee and auditor. Making sure you get allocated with an auditor that is in a good position, based on industry experience, to discharge a competent audit. It’s important too.

Anyway, thanks for reading. Feel free to comment.

Shaun Sayers

Posted in ISO 9001:2015 | Tagged , , | 2 Comments