Month: March 2019

ISO 45001:2018 Clause 5: Leadership and worker participation

CLAUSE 5 – Leadership and worker participation

Top management and their workers are required to have involvement in the input and operation of the OHSMS management system and must ensure that the requirements are integrated into the organization’s OHSMS processes and that the policy and objectives are compatible with the strategic direction of the organization. The top management must take overall responsibility and accountability for the prevention of work-related injury and ill-health as well as the provision of safe and healthy workplaces and activities. This clause places requirements on top management to assign relevant responsibilities and support other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility. Critical to the success of the OH&S management system is leadership and commitment from ‘Top Management’. The expectation of leaders within an organization is to become champions of the system and provide the necessary resources to protect workers from harm. This clause is the cornerstone for the success of the OH&S MS. In OHSAS 18001, top management was responsible for OH&S and was required to ‘appoint’ a member of top management with specific responsibility for OH&S. Top management in ISO 45001 is responsible and accountable for the prevention of work-related injury and ill-health as well as the provision of safe and healthy workplaces (not simply providing support for a management system). This requires top management to be personally involved in order to develop, lead and promote a culture that supports OH&S. It should also be noted that leadership and culture are identified as a potential hazard later in the standard. It is also top management that has to ensure that a process for consultation and participation with workers is established. This may include establishing a health and safety committee. It is also the top management’s responsibility to establish, implement and maintain the health and safety policy.
The required contents for the policy include elements such as a commitment to consultation and participation of workers. Importantly consultation with workers on the health and safety policy is included later in this clause. Consultation and participation of workers are significantly enhanced from OSHAS 18001 which was limited to participation in hazard identification and consultation on changes. In ISO 45001 consultations involve seeking views before making a decision with clear two-way communication, whilst participation is involved in decision-making. This must include non-managerial workers. The organization is now required to provide the mechanisms, time, training, and resources for consultation and participation of workers. This includes removing any obstacles or barriers such as language, literacy, or fear of reprisals.

Context 5.1: Leadership and commitment

Top management should demonstrate leadership and commitment with respect to the OH&S management system. Top management must be taking overall responsibility and accountability for the prevention of work-related injury and ill-health as well as the provision of safe and healthy workplaces and activities. Top management must be ensuring that the OH&S policy and related OH&S objectives are established and are compatible with the strategic direction of the organization. The top management must be ensuring the integration of the OH&S management system requirements into the organization’s business processes. The top management must be ensuring that the resources needed to establish, implement, maintain and improve the OH&S management system are available. The top management must be communicating the importance of effective OH&S management and of conforming to the OH&S management system requirements. The top management must be ensuring that the OH&S management system achieves its intended outcome. The top management must be directing and supporting persons to contribute to the effectiveness of the OH&S management system. The top management should be ensuring and promoting continual improvement. The top management should be supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility. The top management should be developing, leading, and promoting a culture in the organization that supports the intended outcomes of the OH&S management system. The top management should be protecting workers from reprisals when reporting incidents, hazards, risks, and opportunities. The top management should be ensuring the organization establishes and implements processes for consultation and participation of workers. The top management supporting the establishment and functioning of health and safety committees.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

Leadership and commitment, including awareness, responsiveness, active support, and feedback, from the organization’s top management, are critical for the success of the OH&S management system and achievement of its intended outcomes; therefore, top management has specific responsibilities for which they need to be personally involved or which they need to direct. A culture that supports an organization’s OH&S management system is largely determined by top management and is the product of individual and group values, attitudes, managerial practices, perceptions, competencies, and patterns of activities that determine the commitment to, and the style and proficiency of, its OH&S management system. It is characterized by, but not limited to, active participation of workers, cooperation and communications founded on mutual trust, shared perceptions of the importance of the OH&S management system by active involvement in the detection of OH&S opportunities, and confidence in the effectiveness of preventive and protective measures. An important way top management demonstrates leadership is by encouraging workers to report incidents, hazards, risks, and opportunities and by protecting workers against reprisals, such as the threat of dismissal or disciplinary action, when they do so.

The requirements within this clause are generally self-explanatory. You will need to provide information on how top management ensures the OHSMS is compatible with the strategic direction as well as taking responsibility for promoting a safety culture to ensure that the management system achieves its intended outcome. In clause 5.1, 45001 uses the term ‘top management’ to refer a group or an individual at the highest level, controlling and directing the organization.  This sets out a list of things that top management must do, to demonstrate commitment and leadership with respect to their health and safety management system. Three of these directly refer to the rights of workers:

  • To support establishing and the ongoing operation of health and safety committees, this clause specifically refers to the need to put emphasis on the participation of non-management workers in setting up these committees.
  • Ensuring that clause 5.4 is implemented.
  • Ensuring the protection of workers from any reprisals when they report hazards and risks.

The following are examples of how leadership can be demonstrated within the OH&S management system:

  • Take overall responsibility and accountability for the prevention of work-related injury / ill health, as well as the provision of a safe and healthy work environment
  • Facilitating positive culture and continual improvement
  • Ensure the OH&S system is integrated within the business processes
  • Promote communication internally and externally and at all levels (cascading from the top)
  • Protect workers from reprisal when reporting incidents,
    hazards, risk, and opportunities
  •  Provision and support for safety committees

For an external audit, the expectation is for senior leadership to be at the heart of the OH&S management system with a clear demonstration of understanding the system.

Clause 5.2: OH&S policy

Top management must establish, implement and maintain an OH&S policy. The policy must include a commitment to provide safe and healthy working conditions for the prevention of work-related injury and ill health and is appropriate to the purpose, size, and context of the organization and to the specific nature of its OH&S risks and OH&S opportunities. The policy should provide a framework for setting the OH&S objectives. The policy should include a commitment to fulfill legal requirements and other requirements. It should include a commitment to eliminate hazards and reduce OH&S risks. The policy should include a commitment to continual improvement of the OH&S management system. It should include a commitment to consultation and participation of workers, and, where they exist, workers’ representatives. The OH&S policy should be available as documented information. It should be communicated within the organization. It must be available to interested parties, as appropriate. It must be relevant and appropriate.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

The OH&S policy is a set of principles stated as commitments in which top management outlines the long-term direction of the organization to support and continually improve its OH&S performance. The OH&S policy provides an overall sense of direction, as well as a framework for the organization to set its objectives and take actions to achieve the intended outcomes of the OH&S management system. These commitments are then reflected in the processes an organization establishes to ensure a robust, credible, and reliable OH&S management system (including addressing the specific requirements in this document). The term “minimize” is used in relation to OH&S risks to set out the organization’s aspirations for its OH&S management system. The term “reduce” is used to describe the process to achieve this. In developing its OH&S policy, an organization should consider its consistency and coordination with other policies.

Top management needs to establish, implement and maintain an OHSMS policy that includes a commitment to provide safe and healthy working conditions for the prevention of work-related injury and ill health and is appropriate to the purpose, size, and context of the organization and to the specific nature of its OHSMS risks and opportunities. The policy must be communicated, set out the framework for establishing measurable occupational health and safety objectives and targets, including a commitment to consultation and participation of workers or representatives and a commitment to eliminate hazards and fulfill legal requirements.

An OH&S Policy is a ‘Statement of Intent or ‘Mission Statement’ which sets out the framework to manage the Occupational Health and Safety Management System. The OH&S policy is approved by senior leadership and will drive the controls that are in place and the actions that are carried out to improve it. The standard specifically requires that the OH&S policy should include commitments to:

  • Provide a framework for setting objectives
  • Provide safe and healthy working conditions for the prevention of work-related injury and/or ill-health
  • Eliminate hazards and reduce OH&S risks
  • Continual improvement of the OH&S system
  • Consultation and participation of workers and where they exist worker representatives,
  • Fulfilment of legal and other requirements

Once the OH&S policy has been approved it must be communicated to stakeholders including workers. The policy must be available to interested parties, which will include customers and external providers on request. In addition, periodically the OH&S policy must be reviewed by senior leadership to ensure it remains applicable to the context of your organization.

Sample Occupational Health and Safety Policy

This policy will apply to __(Name of Business)_____ at all locations.

__(Name of Business)______________ is committed to providing a healthy and safe work environment for its workers and preventing occupational illness and injury. To express that commitment, we issue the following policy on occupational health and safety.
As the employer, (Name of Business) is responsible for the health and safety of its workers. __(Name of Business)______________ will make every effort to provide a healthy and safe work environment. We are dedicated to the objective of eliminating the possibility of injury and illness.
As _(CEO/Owner/etc.)______________ I give you my personal promise to take all reasonable precautions to prevent harm to workers.
Supervisors will be trained and held responsible for ensuring that the workers, under their supervision, follow this policy. They are accountable for ensuring that workers use safe work practices and receive training to protect their health and safety.
Supervisors also have general responsibility for ensuring the safety of equipment and facility.
__(Name of Business)__________________ through all levels of management, will cooperate with the Joint Occupational Safety and Health (JOSH) Committee or the Health & Safety Representative and workers to create a healthy and safe work environment. Cooperation should also be extended to others such as contractors, owners, officers, and so on.
The workers of (Name of Business) will be required to support this organization’s health and safety initiative and to cooperate with the JOSH Committee or Health & Safety Representative and with others exercising authority under the applicable laws. It is the duty of each worker to report to the supervisor or manager, as soon as possible, any hazardous conditions, injury, accident, or illness related to the workplace. Also, workers must protect their health and safety by complying with applicable Acts and Regulations and following policies, procedures, rules and, instructions as prescribed by
__(Name of Business)______________.
_(Name of Business)______________ will, where possible, eliminate hazards and, thus, the need for personal protective equipment. If that is not possible, and where there is a requirement, workers will be required to use safety equipment, clothing, devices, and materials for personal protection.
__(Name of Business)________ recognizes the worker’s duty to identify hazards, and supports and encourages workers to play an active role in identifying hazards and to offer suggestions or ideas to improve the health and safety program.
Signed:
Title:
This policy has been developed in cooperation with the  Committee, Health & Safety Representative, or workers.

—————————End of example—————————————

Clause 5.3: Organizational roles, responsibilities, and authorities

Top management must ensure that the responsibilities and authorities for relevant roles within the OH&S management system are assigned and communicated at all levels within the organization and maintained as documented information. Workers at each level of the organization must assume responsibility for those aspects of the OH&S management system over which they have control. While responsibility and authority can be assigned, ultimately top management is still accountable for the functioning of the OH&S management system. Top management must assign the responsibility and authority for ensuring that the OH&S management system conforms to the requirements of this document. There must be reporting on the performance of the OH&S management system to top management.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

Those involved in the organization’s OH&S management system should have a clear understanding of their role, responsibilities, and authorities for achieving the intended outcomes of the OH&S management system. While top management has overall responsibility and authority for the OH&S management system, every person in the workplace needs to take into account not only their own health and safety but also the health and safety of others. Top management being accountable means being answerable for decisions and activities to the organization’s governing bodies, legal authorities, and, more broadly, its interested parties. It means having ultimate responsibility and relates to the person who is held to account if something is not done, is not done properly, does not work, or fails to achieve its objective. Workers should be enabled to report hazardous situations so that action can be taken. They should be able to report concerns to responsible authorities as required without the threat of dismissal, disciplinary action, or other such reprisals. The specific roles and responsibilities identified in 5.3 may be assigned to an individual, shared by several individuals, or assigned to a member of top management.

Top management needs to ensure that the responsibilities and authorities for relevant roles are assigned, communicated, and understood throughout the organization. The scope and boundaries of the OH&S Management System must now be thoroughly examined and defined considering the aforementioned interested parties and their needs, plus resulting compliance obligations. Also requiring consideration are the OH&S Management System functions and physical boundaries, and all products, services, and activities, including the organization’s ability to exert control on external factors, with the results of the whole definition included in the OH&S Management System and kept critically as “documented information.”It requires the organization to define clear roles, responsibilities, and authorities throughout the organization.
It is recognized that overall responsibility for the OH&S management system falls to ‘Top Management’ however individuals must take account of their own health and safety and that of others. Consider documenting roles, responsibilities, and authorities within high-level and localized organizational charts. Individual policies and work instructions may also include responsibility and authority however competence must be considered. Top management is ultimately responsible for the OH&S management system, even if the day-to-day decisions related to occupational health and safety are delegated to others. What is delegated and to whom should be clearly and unambiguously communicated so that everybody understands who is responsible for what. Top management should assign responsibility and authority for:

  • Ensuring that the OH&S management system conforms to the requirements of ISO 45001;
  • Reporting on the performance of the OH&S management system to top management.

Since resources can be limited, opportunities should be sought out to integrate OH&S responsibilities within existing functions of the organization, such as manufacturing, facilities management, purchasing, and human resources. If other management systems are already in place, such as quality, environment, energy or food safety, synergies may exist where there are similar roles and responsibilities. This will enhance ownership of OH&S management across the organization and potentially create efficiencies. ISO 45001 requires that the responsibilities and authority of all persons who perform duties that are part of the OH&S management system be documented. These can be described and included in:

  • OH&S management system procedures;
  • Operational procedures and process maps;
  • Project and/or task descriptions;
  • Job descriptions;
  • Induction training packages.

Such documentation can, among others, be required for the following personnel:

  • Management at all levels in the organization, including top management;
  • Safety committees/safety teams;
  • Process operators and the general workforce;
  • Those managing contractors;
  • Those responsible for OH&S training;
  • Those responsible for equipment operation and maintenance;
  • Those responsible for facilities management;
  • Employees with OH&S qualifications, or other OH&S specialists, within the organization;

Care should be taken with the clarification of responsibilities at the interfaces between different functions (e.g. between departments, between different levels of management, between workers, between the organization and contractors and between the organization and its neighbors).

Some examples of Roles, responsibility, authority, and accountability 

1.) Managing Director:

  • Overall responsibility for the performance of the Organization
  • Overall responsibility & accountability for the OHS System, directly or through a nominated executive
  • Chair and Management Review Meeting
  • Define the OHS Policy
  • Review and approve the OHS System manual and its amendments
  • Ensures adequate resources are available for effective implementation
  • Appoint Management Representative
  • Approval of Purchase Orders for capital items
  • Overall accountable for continual improvement of the OHS Management system

2.) Cross-Functional Team:

  • Preparation of objectives and targets in consultation with Top Management
  • Conducting departmental reviews
  • Coordinate in providing resources for departmental elements of OHS.
  • Providing direction to the department on the design, implementation, and maintenance of OHS
  • Resolving corrective action issues
  • The MR is accountable for the effective implementation of OHS MS
  • Identify training needs for personnel directly reporting.

3) Legal Team:

  • Identify applicable legislation and other requirements.
  • Evaluate Legal compliance
  • Communicate the legal non-compliances
  • Hold review meetings on a legal requirement.
  • Update with latest legislations / amendments.
  • DGM-HR is accountable for compliance with OHS legal & other requirements.

4) Audit Team:

  • Conduct internal audits as per the audit schedule
  • Generate audit reports
  • Verify the audit closure
  • MR is accountable for conducting audit & NC closure

5) Emergency Response Team:

  • Review emergency response & preparedness manual
  • Train the people for emergency response
  • Conduct the role during the mock drill
  • To see the entry of unauthorized persons is restricted to areas.
  • To check whether Fire Extinguishers are provided at appropriate places and are tested periodically.
  • To check persons working are using proper PPE’s
  • To train the personnel over the safety & to identify key areas where safety is necessary
  • To identify safe assembly area
  • Impart safety awareness to all employees through in-house training as per the needs identified.
  • To check whether safety instructions have been prepared and displayed at relevant places through Operation control Instruction for use of Safety Personal Protective Equipment.
  • To see all the effectiveness of the emergency preparedness
  • An emergency response team has been constituted with Personnel from all departments to review / initiate actions for identified potential Emergency situations identify through the significant Study.
  • To co-ordinate with respective Functions head for identifying different types of emergency situations and prepares an “onsite emergency plan” which briefly describes the action to be taken by the employees during identified emergency situation internally.
  • To prepare an evacuation plan & to describe the plan for evacuation from the emergency area and to identify the gathering point.
  • To prepare mitigation actions after the emergency.
  • To organize Mock drills or Mock exercise, to test the Onsite emergency plan for the different identified emergency situations.
  • To make sure the Mock Drill records are maintained by the Safety Officer. To decide the possible changes needed in the emergency plans.
  • The safety officer is accountable for compliance with Emergency preparedness and response

6) First Aid Team

  • The team should regularly monitor medicine availability in the box.
  • The First Aid personnel shall take care of the injured persons and in case of an emergency condition.
  • The First Aid persons should take care that the injured persons are shifted to the hospital in time.
  • Admin Officer is accountable for maintaining adequate first-aid medicines, providing first aid to injured personnel.

7) Safety Committee:

  • Safety Committee shall meet as often as necessary but at least once in three months. The minutes of the meeting shall be recorded
  • Safety Committee shall have the right to be adequately and suitably informed
  • Functions and duties of the safety committee shall include-
  • Dealing with all matters concerning health, safety, and environment, and to arrive at practical solutions to problems encountered.
  • Creating safety awareness among all the workers.
  • Undertaking educational, training and promotional activities.
  • Discussing reports on safety, environmental and occupational health surveys, safety audits, risk assessments, emergency and disaster management plans and implementation of the recommendations made in the reports.
  • Carrying out health and safety surveys and identifying the cause of accidents.
  • Looking into any complaint made on the likelihood of imminent danger to the safety and health of the workers and suggesting corrective measures and
  • Reviewing the implementation of the recommendations made by it.
  • Incident investigation results & review of the effectiveness of the action taken.
  • Safety Officer is accountable for conducting safety committee meeting.

The activity-wise responsibilities are as shown below

S. NoActivity

Responsibility

1Appointing a Management RepresentativeManaging Director
2Selection of CFT MembersMR
3Review and approval of PolicyPrepared by MR, Reviewed &  approved MD
4Conducting Initial Review & Significant Impact / Risk AssessmentCFT
5Setting up objectives and targets MR & CFT
6Establishing Management ProgramMR & CFT
7Approval of Management ProgramManaging Director
8Identification of Legal and Other RequirementsLegal Team
9Providing resources for ImplementationManaging Director
10Identifying training needsCFT
11Organising Training HR Department
12Internal CommunicationAs per defined Procedure
13External Communication
14Document Control MR
15Operational Control Measurement & MonitoringCFT
16Emergency preparedness and responseSafety Officer & ERT Members
17Review of Procedures after emergencyERT
18Calibration of InstrumentsQA Deputy Manager
19Handling and Investigating NC’s MR & CFT
20Initiating Corrective and Preventive actionMR & Resp Dept HOD’s
21Maintaining RecordsCFT
22Conducting AuditTrained Internal Auditors
23Conducting Management ReviewManaging Director

—————————End of example—————————————

Clause 5.4: Consultation and participation of workers

The organization must establish, implement and maintain processes for consultation and participation of workers at all applicable levels and functions, and, where they exist, workers’ representatives, in the development, planning, implementation, performance evaluation, and actions for improvement of the OH&S management system. The organization must provide mechanisms, time, training, and resources necessary for consultation and participation. Worker representation can be a mechanism for consultation and participation. The organization must provide timely access to clear, understandable, and relevant information about the OH&S management system. It must determine and remove obstacles or barriers to participation and minimize those that cannot be removed. Obstacles and barriers can include failure to respond to worker inputs or suggestions, language or literacy barriers, reprisals or threats of reprisals, and policies or practices that discourage or penalize worker participation. The organization must emphasize the consultation of non-managerial workers while determining the needs and expectations of interested parties and establishing the OH&S policy. The organization must emphasize the consultation of non-managerial workers while assigning organizational roles, responsibilities, and authorities as applicable. The organization must emphasize the consultation of non-managerial workers while determining how to fulfill legal requirements and other requirements. The organization must emphasize the consultation of non-managerial workers while establishing OH&S objectives and planning to achieve them. The organization must emphasize the consultation of non-managerial workers while determining applicable controls for outsourcing, procurement, and contractors. The organization must emphasize the consultation of non-managerial workers while determining what needs to be monitored, measured, and evaluated. The organization must emphasize the consultation of non-managerial workers while planning, establishing, implementing, and maintaining an audit program. The organization must emphasize the consultation of non-managerial workers while ensuring continual improvement. The organization must emphasize the participation of non-managerial workers while determining the mechanisms for their consultation and participation. The organization must emphasize the participation of non-managerial workers while identifying hazards and assessing risks and opportunities. The organization must emphasize the participation of non-managerial workers while determining actions to eliminate hazards and reduce OH&S risks. The organization must emphasize the participation of non-managerial workers while determining competence requirements, training needs, training, and evaluating training. The organization must emphasize the participation of non-managerial workers while determining what needs to be communicated and how this will be done. The organization must emphasize the participation of non-managerial workers while determining control measures and their effective implementation and use. The organization must emphasize the participation of non-managerial workers while investigating incidents and nonconformities and determining corrective actions. Emphasizing the consultation and participation of non-managerial workers is intended to apply to persons carrying out the work activities but is not intended to exclude, for example, managers who are impacted by work activities or other factors in the organization. It is recognized that the provision of training at no cost to workers and the provision of training during working hours, where possible, can remove significant barriers to worker participation.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

The consultation and participation of workers, and, where they exist, workers’ representatives, can be key factors of success for an OH&S management system and should be encouraged through the processes established by the organization. Consultation implies a two-way communication involving dialogue and exchanges. Consultation involves the timely provision of the information necessary for workers, and, where they exist, workers’ representatives, to give informed feedback to be considered by the organization before making a decision. Participation enables workers to contribute to decision-making processes on OH&S performance measures and proposed changes. Feedback on the OH&S management system is dependent upon worker participation. The organization should ensure workers at all levels are encouraged to report hazardous situations so that preventive measures can be put in place and corrective action is taken. The receipt of suggestions will be more effective if workers do not fear the threat of dismissal, disciplinary action, or other such reprisals when making them.

The organization must establish, implement and maintain processes for consultation and participation of workers at all applicable levels and functions, and, where they exist, workers representatives, to continually improve the OHSMS. These clauses require engagement with work health and safety committees and existing workers’ representatives. The essence of any health and safety management system is for an organization to proactively and systematically engage with its workers, at all levels, to collaboratively prevent: incidents, injury, and disease. There is considerable evidence that the effective participation of workers and the representation of their interests in OHS are crucial elements in improving health and safety performance at the workplace. This representation occurs through the use of health and safety representatives (HSRs). Clause 5.4 requires an organization to set up a health and safety management system process or processes to ensure the consultation and participation of all workers, including the representatives of workers. 45001 also states that organizations are to support the establishment of health and safety committees. So that workers have an ongoing role in improving the organization’s health and safety management system and its outcomes, by:
• Developing
• Planning
• Implementing and
• Evaluating the organization’s health and safety management system and its outcomes.
So as then to proactively and systematically improve the organization’s health and safety management system and its outcomes in reducing injury, illnesses, disease, and fatalities. 45001 also requires that the organization provides the necessary resources, training, and time through its mechanisms for consultation and participation. When an organization decides to develop, plan, implement, performance evaluate, or improve its health and safety management system. Clause 5.4 also calls for the organization to give emphasis to the participation of workers who are not managers in the following:

  • Setting up processes for their consultation and participation
  • Hazard identification, risk assessment and opportunities for improving health and safety outcomes
  • Working on how to eliminate hazards and if not possible, then reducing remaining health and safety risks
  • Deciding health and safety risk controls and how to implement these effectively
  • Establishing: training needs, competence levels and the evaluation of training
  • Deciding the health and safety communication measures and the manner in which they are done
  • The investigation of health and safety incidents, including near misses and other types of exposures to hazards and their risks, including nonconformities with the health and safety management system, and decisions over actions to correct these.

Clause 5.4 specifically refers to giving emphasis to consulting workers who are not managers in the following;

  • Drawing up the work health and safety policy.
  • Working out who has what health and safety roles,
  • The determination of the organization’s fulfillment of their legal and other requirements.
  • Designing the health and safety objectives for the organization including plans for their achievement.
  • Working out risk management processes in the use of outsourcing, contractors, and procurement.
  • Decisions over implementing, monitoring, measuring and evaluating elements of the organization’s health and safety management system.
  • Decisions over applying the audit process, including the audit plan and its establishment, implementation and maintenance.

ISO 45001:2018 Clause 4: Context of the Organization

CLAUSE 4 – CONTEXT OF THE ORGANISATION

This clause underpins the 2018 Standards and establishes the context of the Occupational Health and Safety Management System (OHSMS). This clause is found in all ISO management system standards, and it requires the organization to determine all internal and external issues that may be relevant to the achievement of the objectives of the OH&SManagement System itself. This includes all elements which are, and maybe capable of, affecting these objectives and outcomes in the future. It gives you the opportunity to identify all internal and external issues that are relevant and may affect, the strategic direction of the organization and the OHSMS. You will also need to identify the needs and expectations of workers and other interested parties that are relevant to your management system. These groups can include workers, shareholders, subcontractors, regulatory groups, etc. Finally, you’ll need to establish, implement, maintain and continually improve the management system.

This clause ‘sets the scene’ for the organization and the scope and boundaries for the occupational health and safety management system. Importantly ISO 45001 should be aligned to the strategic direction of the organization, embedding OH&S management into the core business functions, rather than as a stand-alone discipline. Within this clause the organization has to determine the internal and external factors that may affect its ability to achieve the intended outcomes of its OH&S MS. Externally this may be issues such as socio-economic and political instability; internally, it may be issues such as restructuring, acquisitions or new products. The organization is also required to determine the needs and expectations of ‘interested parties with regard to the OH&S MS. This means that the system cannot operate in isolation – those who have an interest in the outcomes of the OH&S MS – workers, shareholders, legal authorities, contractors, etc have to be considered.
Most organizations will have worked through these two aspects as part of their overall risk and opportunity management (and/or if they have other ISO standards) but it is important for ISO 45001 that these issues are expressly considered against the intended outcomes of the OH&S MS. How could political insecurity or an organizational restructure put worker’s health and safety at risk? Or provide an opportunity to improve the workplace? The final scope for the OH&S MS must be documented. this helps to evidence the integrity of the MS. It would be unacceptable to exclude a particular part of the business or site due to poor health and safety performance. Remember the aim for the OH&S MS – to prevent injury and ill-health and provide a safe and healthy workplace. Excluding a particular part of the business would undermine the overall credibility of the organization.

Context 4.1: Understanding the Organization and Its Context

The organization should determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcomes of its OH&S management system.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

An understanding of the context of an organization is used to establish, implement, maintain and continually improve its OH&S management system. Internal and external issues can be positive or negative and include conditions, characteristics, or changing circumstances that can affect the OH&S management system, for example:
a) external issues, such as:
1) the cultural, social, political, legal, financial, technological, economic, and natural surroundings and market competition, whether international, national, regional, or local;
2) introduction of new competitors, contractors, subcontractors, suppliers, partners and providers, new technologies, new laws, and the emergence of new occupations;
3) new knowledge on products and their effect on health and safety;
4) key drivers and trends relevant to the industry or sector having an impact on the organization;
5) relationships with, as well as perceptions and values of, its external interested parties;
6) changes in relation to any of the above;
b) internal issues, such as:
1) governance, organizational structure, roles, and accountabilities;
2) policies, objectives, and the strategies that are in place to achieve them;
3) the capabilities, understood in terms of resources, knowledge, and competence (e.g. capital, time, human resources, processes, systems, and technologies);
4) information systems, information flows and decision-making processes (both formal and informal);
5) introduction of new products, materials, services, tools, software, premises, and equipment;
6) relationships with, as well as perceptions and values of, workers;
7) the culture in the organization;
8) standards, guidelines, and models adopted by the organization;
9) the form and extent of contractual relationships, including, for example, outsourced activities;
10) working time arrangements;
11) working conditions;
12) changes in relation to any of the above.

It requires an organization to assess both internal and external influences in formulating and implementing a health and safety management system. In addition to the traditional customer, economic and competitive factors, it notes that these influences can include how laws, technical developments, and even political/ cultural/social changes might impact the mission of the organization, whether their origin is local, regional, national or international. It specifically wants the ISO 45001 directed health and safety effort to address the requirements of Clause 4.2. 4.3, and 4.4.

The organization must understand the internal and external issues that can impact in a positive or negative manner its health and safety performance including, inter alia, organizational culture and structure, and the external environment including cultural, social, political, legal, financial, technological, economic, market competition and natural factors of significance to its performance. The company will be required to identify all relevant internal and external issues including conditions, characteristics, or changing circumstances that can affect its occupational health and safety management system and then address those that require further attention. External issues include the following:

  1. The cultural, social, political, legal, financial, technological and economic conditions in which the company operates, whether at the international, national, regional or local level.
  2. The legislative framework in which the organization operates including statutory, regulatory and other forms of legal requirements, Competition and market conditions.
  3. Relationship with contractors, suppliers, partners and other external interested parties.
  4. Key drivers and trends of relevance to the industry or sector in which the organization operates.

Internal issues include:

  1. The size and complexity of the organization and the nature of the activities carried out therein;
  2. The strategic direction of the organization, its policies, and objectives.
  3. Organizational governance and structure, roles and accountabilities.
  4. The capability and capacity of the organization in terms of resources, knowledge, and competence (e.g. capital, employee competencies, processes, systems, and technologies).
  5. Information systems: information flows and decision-making processes (both formal and informal) and the time frame within which they are accomplished.
  6. The process for introducing new products, materials, services, tools, software, premises, and equipment.
  7. Organizational style and the health and safety culture of the organization.
  8. The form and extent of contractual relationships, including, for example, outsourced activities.
  9. Working time arrangements.
  10. Working conditions;

An understanding of the organization and its context can be achieved at a strategic level by using techniques such as Strengths, Weaknesses, Opportunities, and Threats (SWOT) analysis, and Political, Economic, Social, Technological, Legal, and Environmental (PESTLE) analysis. Alternatively, depending on the size and complexity of its operations, the organization can use a simpler approach, such as brainstorming and asking, “what if” questions. A formal process or documented information is not required in order to satisfy the requirements of this sub-clause – the onus is on each organization to adopt the approach best suited to its circumstances. However, the process adopted by the organization to develop an understanding of its context should guide its efforts to plan, implement, maintain and continually improve its occupational health and safety management system. It is recommended that the organization documents and periodically updates the process and its results as needed. The results can be used to assist the organization in:

  1. Setting the scope of its OH&S management system.
  2. Determining the risks and opportunities that need to be addressed. /li>
  3. Developing or enhancing its OH&S policy.
  4. Establishing its OH&S objectives.
  5. Fulfilling its compliance obligations.

Clause 4.2: Understanding the Needs and Expectations of Workers and other Interested Parties

The organization must determine the other interested parties, in addition to workers, that are relevant to the OH&S management system. The organization must also determine the relevant needs and expectations (i.e. requirements) of workers and other interested parties. The organization must also identify the needs and expectations which could become legal requirements and other requirements.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

Interested parties in addition to workers can include:
a) legal and regulatory authorities (local, regional, state/provincial, national or international);
b) parent organizations;
c) suppliers, contractors, and subcontractors;
d) workers’ representatives;
e) workers’ organizations (trade unions) and employers’ organizations;
f) owners, shareholders, clients, visitors, local community and neighbors of the organization and the general public;
g) customers, medical and other community services, media, academia, business associations, and non-governmental organizations (NGOs);
h) occupational health and safety organizations, occupational safety, and health-care professionals.
Some needs and expectations are mandatory; for example because they have been incorporated into laws and regulations. The organization may also decide to voluntarily agree to, or adopt, other needs and expectations (e.g. subscribing to a voluntary initiative). Once the organization adopts them they are addressed when planning and establishing the OH&S management system.

This requirement addresses the desires and demands of all those who may have an interest in the organization and could impact its mission and who, in turn, should then influence its OHSMS It asks those seeking ISO 45001 certification to have an ongoing system for determining these influences.

Clause 4.1 requires the organization to understand the internal and external issues that can impact in a positive or negative manner its health and safety performance including, inter alia, organizational culture and structure, and the external environment including cultural, social, political, legal, financial, technological, economic, market competition and natural factors of significance to its performance. Consideration of the above will aid the identification of interested parties and their needs and expectations. ISO 45001 defines an interested party or stakeholder as “a person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity”. ISO 45001 requires the organization to determine:

  • The other interested parties, in addition to workers, that are relevant to the OH&S management system.
  • The relevant needs and expectations or requirements of workers and other interested parties.
  • Which or these needs and expectations are or could become legal and/or other requirements

Interested parties in addition to workers can include:

  • Legal and regulatory authorities such as the Health and Safety Authority HSA/Health and Safety Executive HSE;
  • Kuwait Agency for Safety and Health at Work.
  • Owners, shareholders, the parent company.
  • Suppliers, contractors and subcontractors.
  • Workers’ representatives such as safety representatives/safety councils/health and safety committee.
  • Trade unions and employers’ organizations.
  • Clients.
  • Visitors.
  • Local community and neighbours of the organization.
  • The general public.
  • Medical and emergency services.
  • The media.
  • Non-governmental organizations (NGOs)

Occupational health and safety organizations such as IOSH Occupational safety and health-care professionals. Some needs and expectations are mandatory because they have been incorporated into laws and regulations. For example, the Safety, Health, and Welfare at Work (Chemical Agents) Regulations 2001 and the Control of Substances Hazardous to Health Regulations 2002 (COSHH) require the organization, if applicable, to ensure that the exposure of employees and other persons to hazardous substances is either prevented or adequately controlled. The organization must assess the risks posed by hazardous substances to decide what precautions are needed to prevent or adequately control exposure. It must also ensure that the control measures are used and maintained. If necessary, the exposure of employees to hazardous substances should be monitored and appropriate medical surveillance should be carried out. Plans and procedures should be prepared to deal with accidents and incidents that involve hazardous substances. Employees should be properly informed, trained, and supervised.

The organization may also decide to voluntarily agree to, or adopt, other needs and expectations such as subscribing to a voluntary initiative. Once the organization adopts these needs and expectations they are addressed when planning and establishing the OH&S management system. Employees indubitably constitute the organization’s most significant interested party, whose needs and expectations must be identified and addressed. The organization should seek out their views on health and safety concerns regarding work activities, products or services. It should follow up on inquiries, requests, complaints or suggestions made by employees to learn more about their expectations. The health and safety committee is an excellent forum for the gathering and evaluation of workers’ concerns. The organizations should take the time to understand the relevant interested parties’ needs and expectations and determine the ones that are relevant to the OH&S management system and should be addressed.

Clause 4.3: Determining the Scope of the OH&S Management System

The organization must determine the boundaries and applicability of the OH&S management system to establish its scope. When determining this scope the organization must consider the external and internal issues and take into account the legal and other requirements identified from the needs and expectations of workers and other interested parties. The organization must take into account the planned or performed work-related activities. The OH&S management system must also include the activities, products, and services within the organization’s control or influence that can impact the organization’s OH&S performance. The scope must be documented.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

An organization has the freedom and flexibility to define the boundaries and applicability of the OH&S management system. The boundaries and applicability may include the whole organization, or (a) specific part(s) of the organization, as long as the top management of that part of the organization has its own functions, responsibilities, and authorities for establishing an OH&S management system.
The credibility of the organization’s OH&S management system will depend upon the choice of the boundaries. The scope should not be used to exclude activities, products, and services that have or can impact the organization’s OH&S performance, or to evade its legal requirements and other requirements. The scope is a factual and representative statement of the organization’s operations included within its OH&S management system boundaries that should not mislead interested parties.

Because of the above more wide-ranging franchise, the standard requires the scope of the OH&S to potentially be widened to include how the needs of those relevant groups noted above can be addressed within the OH&S as it delivers its products and services.
Define the Scope of your OH&S. The scope of the OH&S Management System must be defined; what parts of the workplaces associated with the plant/factory and the office/administration are included in the system.
Once the scope is defined, an organization must include in the OH&S management system the activities, products, and services that it controls or influences and that can impact its OH&S performance. Clause 4.1 requires the organization to understand the internal and external issues that can impact in a positive or negative manner its health and safety performance including, inter alia, organizational culture and structure, and the external environment including cultural, social, political, legal, financial, technological, economic, market competition and natural factors of significance to its performance. Clause 4.2 requires the organization to identify relevant interested parties and their needs and expectations.

Once the organization has determined and assessed its internal and external issues and identified the needs and expectations of relevant interested parties, including its workforce, it should then define the boundaries and applicability of the OH&S management system. The scope of the OH&SMS can include the whole organization, or specific and identified functions or sections of the organization. Therefore, if the organization makes a statement that it conforms to ISO 45001, then it must make the scope of the management system available so that interested parties clearly understand what parts of the organization are covered. The scope of the management system should include everything under the organization’s control or influence that could impact its OH&S performance. The credibility of the organization’s OH&S management system will largely depend on the extent of the defined boundaries. Under no circumstances should the scope be used to exclude activities, products or services that have or could have the potential to impact the organization’s OH&S performance, or to evade its legal and other requirements. An inappropriately narrow or exclusive scope could undermine the credibility of the organization’s OH&S management system with its interested parties and reduce its ability to achieve the intended outcomes of the occupational health and safety management system. The scope is a factual statement of the organization’s operations or business processes to be included within its OH&S management system boundaries. Once the scope is defined, the concept of ‘organization’ is limited to what the scope covers, e.g. if the scope of the OH&S management system is limited to a particular function or section of the organization, the remainder of the organization is then considered to be an external provider or other interested parties. The organization should maintain the scope of the OH&S management system as documented information and make it available to interested parties. There are several methods for so doing, e.g. using a written description, inclusion on a site map, an organizational diagram, a webpage, or posting a public statement of its conformity. When documenting its scope, the organization should consider using an approach that identifies the activities or processes involved, the products or services that ensue, and the location(s), where they occur.

An example of how a scope could be derived

Company Overview

LLL is an electronic controller, power supply manufacturer, and installer within passenger and goods lifts within buildings. This extends to industrial settings, including petrochemical and mines. The business is based in  Kuwait. Kuwait is well placed geographically to act as the gateway to the Persian Gulf, the European continents, and Africa. Situated in the northern edge of Eastern Arabia at the tip of the Persian Gulf, it shares borders with Iraq and Saudi Arabia. There are good aviation links to America and Europe.

Our company growth strategy is linked heavily with the construction, petrochemicals, and mining markets within differing jurisdictions. Our fiscal growth play requires the business to grow with a projected Turnover from 7m KWD to 7.5 KWD within two years and an increase in profit from 8% to 11%. Other strategies may result in a move to base the organization within more preferential tax regimes to assist in the growth and profit objectives. The growth plan will require engagement as tier-one suppliers, into established and specialist lift manufacturers, in addition to developing a reputation as installers of lift power supplies and controllers into hazardous environments. It is therefore crucial that not only must our products be suitable for those environments, but also our installation teams must perform well within high safety performance cultures and be capable of immediate compliance with the safety requirements of our customers. Offices for installation and commissioning teams will be established in the main conurbations. Technical sales support for specifiers and lift manufacturers will be country-based.

The company enables its customers to meet their compliance requirements of  ISO 45001, local and government legislation, and regulations. The OH & S  Management System (OH & S MS) serves to formalize the policies, processes, and operating standards that will apply to the company’s employees, partners, and contractors. Successful growth would permit the penetration into wide markets with an objective to standardize controllers. Afiersales service is therefore critical to our reputation and growth. Combining this with our expertise in the local, regional and national markets gives us increasing leverage in sales through our undoubted ability to produce bespoke solutions at short notice and compliant with hazardous environments.

The global perspective of the business demands that we not only comply but exceed the requirements of national laws. LLL is to earn a reputation as an ethical employer. Whilst an excellent work ethic is to be expected from our employees, overwork will not be tolerated. The management of work-related upper disorders (WRULD) and matters such as absenteeism, through stress management, are vital to our success. Our Human Resources Department with be active and instrumental in achieving this goal. Our reputation for safety leadership is such that we must be seen to occupy the center stage amidst our competitors and be perceived as such by our valued customers.

External and Internal Issues

The company determines the external and internal issues that are relevant to its purpose and strategic direction and that affect its ability to achieve the intended results of the OH&S MS. Consideration is given to the:

  • Positive and negative factors or conditions.
  • External context and issues, such as legal, regulatory, technological, competitive, cultural, social, political and economic environments.
  • Internal context and issues, such as values, culture, organization structure, knowledge and performance of the business.
  • Determination and requirements of the needs and expectations of interested parties relevant to the OH&S MS.
  • Authority and the ability to exercise control and influence.
  • Activities, products, and services are relevant to the business.
  • Documented information is retained as evidence to support that the context of the organization has been taken into account in the OH&S MS.

External issues

1.Purpose of the Company

The vision of the company is to become the predominant partner for lifi controllers and power supplies in high hazard industries and to develop equipment and techniques that are considered the safest in the world. This is to be enhanced with reliable staff to install and where necessary maintain their installations. External issues relevant to health and safety are identified below. Risks and opportunities associated with these are contained in the organization’s risk assessments.

2. Site Context

The company operates manufacturing, a research center, and an installation team. (Issue: Legal Compliance)
The legal environment in Kuwait contains, amongst other things, statutory requirements contained in the Occupational Health and Safety Act. Health and safety statutory regulations are enforced within Kuwait and civil liability may attach to incidents within the workplace. The structure of safety is not dissimilar to that within the UK and therefore given the very extensive provisions for health and safety within the UK, it is considered that UK legislation and practice will be adopted unless this fails to satisfy Kuwait requirements, in which case the more demanding requirements will be met. The Department of Occupational Safety and Health regularly inspects operators, responds to complaints. (Fines and legal costs)

3. Market Pressures

In recent years, the company has had an increase in requests from customers for its safety record and control methodology. This has especially been the case where there has been a need to install on-site and to supply to the petrochemical and raw material processing industries. Also of note, are high profile architectural skyscrapers with attendant security controls.

Reliability of components is regarded as being equally important to customers as health and safety, during construction and maintenance. LLL has not been able to respond adequately to requests for information and has failed prequalification on a number of instances. (Stakeholder complaints, evaluation of compliance with customer requirements).

Guidance documents on health and safety responsibilities have been published by relevant local industry trade associations and the Department of Occupation Safety and Health (DOSH) and the company is beginning to make use of those. (Concern: Stakeholder complaints legal compliance)

In response to international market pressures and to ensure that the company’s stakeholder needs were being met, the management of the company authorized the implementation of a health and safety management system that meets the requirements of ISO 45001:2018. The company decided not to acquire third-party certification of the system. (Loss of stakeholder confidence)

4. History

The company was formed 40 years ago and has always operated at the  Ahmedi. Early production focused on servicing local and regional customers. More latterly, with increasing demand for high-quality products and site-based installation and service, demand has grown into more complex installations. Company expansion followed and the company now holds a number of key accounts with property owners, construction companies, and one petrochemical organization, though inquiries are increasing from the petrochemical and mining sectors. (Legal compliance, not meeting stakeholder interests)

Internal Issues

The company already had an integrated management system that incorporates quality and environmental management. The company started developing its formal health and safety management system last year. The Head of SHEQ was initially charged with the responsibility of implementing the system by the Board. Later, responsibility for the management system was given to a new post (Health and Safety Manager). The Head of SHEQ has overall responsibility for maintaining any documents as part of the integrated environment, health and safety, and quality system. Consequently, the head of HSEQ wrote most of the health and safety documents including risk assessments, processes, and procedures. Time pressures effectively excluded any practical contribution from other managers. (Lack of consultation & participation, culture & loss of staff and associated competence)

LLL employs 255 personnel of which: 20 are in R&D and testing; 140 personnel work over three shifts within the manufacturing center; 50 Installation team; 20 Delivery and distribution and 25 Sales. Kuwait has a legal structure of Acts, Regulations, and Guidance for the management of health and safety. The requirements of LLL and their partners are to comply with local legalization and additional good practice. There is also a requirement to implement and monitor corporate objectives. These corporate objectives are provided on the 1 January each year to the Managing Director of its Holding company.

The manufacturing process

LLL designs, develops, assembles, transports, installs, commissions, and maintains lift controllers and associated items for passenger and goods lifis. It also arranges transportation of the finished product to the Asian market. Approximately 20% of the site is taken up by the Prospect Heights Factory, of which the ground floor is entirely occupied by the assembly and materials storage areas including finished product. There is very little space to spare, and stores on site are kept to a minimum, relying on ‘just in time (lean)’ delivery of materials. First floor offices contain production administration, Sales & Purchasing, Executive functions, and staff canteen facilities. A separate R&D testing laboratory for developing controllers and switchgear is also present.

Occasionally work is carried out over the weekends, mainly for maintenance or to accommodate extra work for urgent, complex, or large orders. Key components are bought into the company; frames are cut to size, electronic printed circuit boards (PCB’s) are designed; PCB boards are made by an outsourced supplier, and then populated; inserted into cabinets; moved to the test areas; tested; packaged and sent to site for either installation by subcontractor or installation by LLL installation team. In addition, research and development of electronic controllers take place within established test areas; as does bespoke design and population of printed circuit boards. The organization hopes to corner the market with its unique design for controllers and therefore the R&D function is critical to their business success. The key steps in the manufacturing process are:

  1. Designers or technical sales gather key performance data for the desired product. This is passed to the production players who determine the through-put into the production department and associated delivery dates.
  2. The printed circuit boards are requested from specialist supplies; the boards are checked for defect and provided to production to populate with electronic components. This process can take some time to achieve.
  3. The populated boards are passed through the wave solder machine. There are a number of issues in connection with this machine. There is fume from the solder and on occasion, the machines have to be cleaned. There are fire risks and burn risks all of which is managed successfully through good practice and PPE.
  4. Completed circuit boards are sent to QA for checking and QC.
  5. The full-size plan for the design for the frame and panel is printed out with a plotter and used as a full-size template. The production team lay this out on benches and begin to cut components to size and construct the frame, We have many problems with backs and long period spend doing this seem to create H&S issues.
  6. Steel channel is cut to size with cutting wheels.
  7. A hole is drilled to receive the electrical components.
  8. The electrical components are secured onto the frame ready for wiring. The wiring process is very fiddly and some employees only wish to do this for short periods.
  9.  All electrical components are degreased before final location into the frame. This is often completed by hand using turpentine. Again some employees complain of dermatitis although we believe that the cause lies outside of the work environment.
  10. The assembled frame is mechanically or manually handled into the cabinet. This involves some manual handling.
  11. The cabinet is wheeled on a trolley into the test area where it is tested and electrically H&S checked.
  12. It then moves to the packaging and dispatch area for palletizing and loading onto lorries as required.
  13. All components are kept inside the manufacturing area as adverse atmospheric conditions may detrimentally affect individual components.

Cassettes for populating the printed circuit boards with the smaller components. The larger components are inserted manually.

Wave solder machine for lead-free soldering. The apron is worn when cleaning the machine. There have been problems with the ventilation but this has not affected production.

Assembly area for producing controller boxes. This requires the use of abrasive wheels. There can be sparks that occur from the cutting and noise is only a problem in short bursts.

Tool bench and jig table for assembly of panels.

 Assembly of the electronic relays and switches. Stooping over the benches for hours is required.

Cables reels on a freestanding jig with other tools and equipment to construct electronic panels.

Open panel ready to receive the electrical components

Assembled frame put into the cabinet. View of the internal electronic controls (relays and switches).
Transporting panels within the factory on trolleys.
Panels for testing within the test centre located with R&D
Forklift trucks located at goods in for loading and unloading components and panels.
Interested PartyNeeds, Expectations, and Issues
Owners/Shareholders
  • Have a growing business that provides the profit.
  • Be well governed and well managed.
  • Want staff to enjoy their work, be challenged, perform their job competently and meet the company and customer requirements.
Customers
  • Value for money.
  • A simple solution that manages compliance easier.
  • Implementation of the product in-line with customer expectations.
  • Receive responsive support.
  • Delivery of free content to educate around compliance.
Suppliers/Contractors
  • Ongoing and secure work.
  • To be paid on time.
  • The clear understanding of requirements.
  • Constructive feedback.
  • Want to provide services/products to a reliable, reputable and financially viable business
Partners
  • Make them more financially secure through additional revenue from Mango sales.
  • Enable them to change their business model from hour-based to value-based income.
  • Want a solution that they can sell, promote and support that will assist their client’s to manage compliance.
  • Provide great support and knowledge to help them support their customers.
Employees within business
  • Job security.
  • The salary for work performed.
  • Flexible work hours.
  • A clear understanding of their role and responsibilities.
  • Able to raise issues of concern and provide constructive feedback.
  • Good, friendly work environment.
  • To feel valued and appreciated.
  • Opportunities for personal development.
Regulators
  • To meet the required laws and regulations.
  • To submit all tax obligations accurately and on time.
  • To maintain high standards of corporate governance.
Community
  •  Good corporate citizen.
  • Diversity of employees

Vision, Mission, and Values

Vision: “Gets everyone involved and participating in QHSE”
Mission: Makes compliance enjoyable.
Values: Our customers’ are successful in compliance

StrengthsWeaknesses
  • Provider of a great quality product.
  • Provider of great support for the product.
  • Responsive development to market requirements.
  • Responsive to identified software issues.
  • The depth of knowledge of the buyer’s persona.
  • Regular delivery of free content.
  • Low client turnover relative to the industry.
  • Quick deployment of product post-sales.
  • Deep knowledge of customer’s pain
  • Adaptable, responsive and able to make decisions.
  • Flexible to meet a wide range of customer service issues.
  • Open to suggestions for improving the product
  • Owners have recognized the need to have external expertise to grow the business.
  • Looking at ways of improving the business.
  • Identification of good partners to meet our standards/ requirements.
  • Managing and review partner performance
  • Too operational and not strategic enough for partners
  • Reliance on key employees within the business.
  • Time-poor in a few key areas.
  • Don’t have strong relationships with industry players.
  • Measurable marketing outcomes based on known starting points
OpportunitiesThreats
  • Changes to standards in our core markets:  ISO 45001, H&S Act, Food Safety.
  • New technologies
  • Partnering with other solutions: Software and Hardware
  • New focussed markets.
  • Certification to ISO 45001 will open up other market opportunities through the marketing of the process.
  • More marketing via additional platforms
  • To educate the industry in compliance.
  • Competition
  • Technology

Key Business Strategies

StrategiesDescription
Develop business processes to accommodate the expected growth.
  • Develop and implement business processes that are suitable for business.
  • Achieve certification to ISO 45001.
  • Transfer of knowledge to partners and employees for all key processes.
  • Use technology to manage as many processes as appropriate
Improve the efficiency and effectiveness of the core processes
  • Identify the core processes (i.e. development and release, sales, marketing, implementation, support)
  • Identify new ways (e.g. lean techniques) of doing the core processes.
  • Update and embed the core processes to ensure knowledge is retained
Personnel to be capable of delivering the growth for the business
  • Key leadership personnel to be capable of leading and managing their staff.
  • Competency gaps to be identified by leadership personnel
  • Personnel to be assessed as competent for their role
  • Personnel to receive training for the role
  • Personnel to receive appropriate experience to do the role
Grow market share in all markets
  • Identify and train new partners
  • Continuously review partner performance
  • Identify changes to legislation, standards, and regulation
  • Identify key market verticals in each jurisdiction
  • Increase the number of qualified lead by creating more content and delivery across multiple channels
  • Improve the sales conversion rate from qualified leads to sale

Scope

Our health and safety management system address all employees and customers affected by the manufacture and installation of our lift controllers and power supplies to our customers. The OH & S MS describes how the company requirements are to be addressed throughout its operations and addresses the requirements of ISO  45001:2018.

—————————End of example—————————————

Clause 4.4: OH&S Management System

The organization must establish, implement, maintain and continually improve an OH&S management system, including the processes needed and their interactions, in accordance with the requirements of this document.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

The organization retains the authority, accountability, and autonomy to decide how it will fulfill the requirements of this document, including the level of detail and extent to which it:
a) establishes one or more processes to have confidence that it (they) is (are) controlled, carried out as planned and achieve the intended outcomes of the OH&S management system;
b) integrates requirements of the OH&S management system into its various business processes (e.g. design and development, procurement, human resources, and sales and marketing).
If this document is implemented for a specific part(s) of an organization, the policies and processes developed by other parts of the organization can be used to meet the requirements of this document, provided that they are applicable to the specific part(s) that will be subject to them and that they conform to the requirements of this document. Examples include corporate OH&S policies, education, training and competency programmes, and procurement controls.

An organization must establish, implement, maintain and continually improve an OH&S management system, including the processes needed and their interactions, in accordance with the requirements of ISO 45001. Learn more about what a process approach is.
For the OH&S Management System, the organization can decide how it will fulfill the requirements of ISO 45001, including the level of detail and extent to which it will:
Integrate requirements of the OH&S management system into its various business operations, such as design & development, procurement, human resources, sales, and marketing, etc.
Incorporate the issues associated with its context (4.1), its interested party requirements (4.2), and the scope (4.3) of its OH&S management system. Make use of policies and processes developed by other parts of the organization such as corporate OH&S policies, document management system, competency programs, procurement controls, etc. Document the process properly, including updates, and making it available to all involved. Clause 4.4 requires the organization to establish, implement, maintain and continually improve its OH&S management system, including the processes needed and their interactions. The OH&S management system should reflect the context of the organization, be proportionate to its size and complexity, and be properly resourced. An OH&S management system should be viewed as an organizing framework that should be continually monitored and periodically reviewed to provide effective direction for an organization’s responses to changing internal and external issues. The OH&S management system should be aligned and integrated with other business processes to ensure that OH&S performance is not compromised in order that other business objectives can be achieved, e.g. sacrificing health and safety at the expense of achieving productivity objectives. It is imperative that OH&S requirements are aligned and integrated with the organization’s management practices and business processes.  For example, if an organization conducts an annual strategic review of its market position, customer needs and expectations, and business performance, then it is more effective to incorporate an understanding of the internal and external issues that can impact on its health and safety performance, interested party needs and expectations, and OH&S performance into that process.  By doing so, occupational health and safety issues can be evaluated in light of the organization’s strategy, and OH&S initiatives can be aligned with other business imperatives. The organization should consider the application of a PDCA approach towards its OH&S management system as follows:

  • Plan – decide what the organization wants to achieve (considering internal and external issues, the needs of interested parties, and risks and opportunities), and put in place the necessary processes and resources.
  • Do – put the plans into action.
  • Check – monitor and measure processes and performance against requirements and what you want to achieve.
  • Act – take actions to deal with nonconformities and to improve OH&S performance.


OH & S-Process