ISO 45001:2018 Clause 10 Improvement

Uncategorized 13 Minutes

Due to the new structure and risk focus of the standard, there are no preventive action requirements in this clause. The organization should react accordingly to nonconformities and incidents, and take action to control, correct them, cope with their consequences, and eliminate their source so as to prevent recurrences. However, there are some new more detailed corrective action requirements. The first is to react to incidents or nonconformities and take action in a timely manner, to control and correct these and deal with the consequences. Root cause analysis can be used to explore all possible factors associated with an incident or nonconformity by asking what happened and why it happened. The second is to determine whether similar incidents or nonconformities exist, or could potentially occur, leading to appropriate corrective actions across the whole organization if necessary. Although the concept of preventive action has evolved there is still a need to consider potential nonconformities, albeit as a consequence of an actual nonconformity. The requirement for continual improvement has been extended to continually improve the suitability and adequacy of the OH&S management system as well as its effectiveness through continual improvement objectives. Clause 10, the final major section, delineates the concept of continual improvement within the context of specific activities. Any organization wishing to adopt the principles of ISO 45001 must have a plan for addressing nonconformities in a timely manner. Organizations should take direct action to control conditions and deal with consequences. Nonconformities can be identified from investigations, audits, or other events. The corrective actions should be evaluated and the results should be documented. To achieve continual improvement, the organization shall have an OH&S management system that:

  1. Prevents the occurrence of incidents and nonconformities
  2. Promotes a positive OH&S culture
  3. Enhances OH&S performance

10.1 General

The organization must determine opportunities for improvement and must implement necessary actions to achieve the intended outcomes of its OH&S management system.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

The organization should consider the results from analysis and evaluation of OH&S performance, evaluation of compliance, internal audits, and management review when taking action to improve. Examples of improvement include corrective action, continual improvement, breakthrough change, innovation, and re-organization.

From the results discussed in Clause 9 Management Review including the analysis and evaluation of OH&S performance, internal auditing, and feedback from worker engagement, Non-conformity & corrective action, Incident investigation & corrective action, Accident investigation & corrective action, and Compliance obligations including output from the introduction of the new regulation. Several different methods of capturing improvement opportunities may be designed in the system based on the structure, activities, and risk within the business discussed in Clause 4 and 6. The organization must actively seek out and, where possible, realize opportunities for improvement that will facilitate the achievement of the intended outcomes of the OH&S management system. The organization should consider the results from analysis and evaluation of its OH&S performance, evaluation of compliance, internal audits, and management review when taking actions to improve its performance. Improvement can arise from corrective action, continual improvement, breakthrough change, innovation, and re-organization.

Outputs from management reviews, internal audits, and compliance and performance evaluations should all be used to form the basis for improvement actions. Improvement examples could include corrective action, reorganization, innovation, and continual improvement programs. The chosen methods must consider the following:

  • Means of reporting including incidents to the right groups of workers and interested parties
  • The timescale of reporting
  • How the information is going to be recorded as documented information, for example, near-miss report cards, accident reports, defect reports, reports to senior leadership
  • Using workers to participate in investigations to determine root cause analysis
  • A structured system to prevent reoccurrence
  • Hierarchy of control measures to reduce risk as far as is reasonably practicable
  • Assessment of OH&S risks prior to the introduction of a corrective action to prevent the introduction of new hazards
  • Training and competence for workers and interested parties on the means of reporting OH&S hazards, incidents and opportunities for improvement

10.2 Incident, nonconformity and corrective action

The organization shall establish, implement and maintain a process(es), including reporting, investigating, and taking action, to determine and manage incidents and nonconformities. When an incident or a nonconformity occurs, the organization should react in a timely manner to the incident or nonconformity and take action to control and correct it to deal with the consequences.  With the participation of workers and the involvement of other relevant interested parties, the organization must evaluate the need for corrective action to eliminate the root cause of the incident or nonconformity, in order that it does not recur or occur elsewhere. The organization must investigate the incident or review the nonconformity, determine the causes of the incident or nonconformity. The organization must also determine if similar incidents have occurred, nonconformities exist, or if they could potentially occur. As appropriate it must also review the existing assessments of OH&S risks and other risks. It must also determine and implement any action needed, including corrective action, in accordance with the hierarchy of controls and the management of change. It must also assess OH&S risks that relate to new or changed hazards, prior to taking action. It must review the effectiveness of any action taken, including corrective action. It must make changes to the OH&S management system, if necessary. Corrective actions should be appropriate to the effects or potential effects of the incidents or nonconformities encountered. The organization should retain documented information as evidence of the nature of the incidents or nonconformities and any subsequent actions are taken and also of the results of any action and corrective action, including their effectiveness. The organization must communicate this documented information to relevant workers, and, where they exist, workers’ representatives, and other relevant interested parties. The reporting and investigation of incidents without undue delay can enable hazards to be eliminated and associated OH&S risks to be minimized as soon as possible.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

Separate processes may exist for incident investigations and nonconformities reviews, or these may be combined as a single process, depending on the organization’s requirements. Examples of incidents, nonconformities, and corrective actions can include, but are not limited to:

  1. Incidents: same level fall with or without injury; broken leg; asbestosis; hearing loss; damage to buildings or vehicles where they can lead to OH&S risks;
  2. nonconformities: protective equipment not functioning properly; failure to fulfil legal requirements and other requirements; or prescribed procedures not being followed;
  3. corrective actions:  eliminating hazards; substituting with less hazardous materials; redesigning or modifying equipment or tools; developing procedures; improving the competence of affected workers; changing frequency of use; using personal protective equipment.

Root cause analysis refers to the practice of exploring all the possible factors associated with an incident or nonconformity by asking what happened, how it happened, and why it happened, to provide the input for what can be done to prevent it from happening again. When determining the root cause of an incident or nonconformity, the organization should use methods appropriate to the nature of the incident or nonconformity being analyzed. The focus of root cause analysis is prevention. This analysis can identify multiple contributory failures, including factors related to communication, competence, fatigue, equipment, or procedures. Reviewing the effectiveness of corrective actions refers to the extent to which the implemented corrective actions adequately control the root causes.

The organization should have a process in place for reporting and investigating incidents and other nonconformities, and for taking action to correct them and deal with their consequences. Separate processes may exist for incident investigations and nonconformities reviews, or these may be combined as a single process.  It is imperative that root cause analysis is carried out on the incident or nonconformity in order to take appropriate action to prevent a recurrence. Examples of incidents and nonconformities include but are not limited to:

  • Incidents: near misses, injuries and ill-health, and damage to property or equipment that could lead to OH&S risks; such as a broken leg, asbestosis, hearing loss;
  • Nonconformities: protective equipment not functioning properly; failure to fulfill legal requirements; prescribed processes or procedures not being followed; contractor behaving in an unsafe manner on-site.

When an incident or nonconformity occurs, the organization must react in a timely manner, act to control and correct it and deal with the consequences. It must evaluate the need for corrective action to eliminate the root cause of the incident or nonconformity in order to ensure that it does not recur or occur elsewhere in the organization by:

  • Investigating the incident or reviewing the nonconformity;
  • Finding out what caused the incident or nonconformity;
  • Finding out if similar incidents have occurred, if nonconformities exist, or if they could potentially occur.

The evaluation of the need for corrective action should be carried out with the active participation of workers and the involvement of other relevant interested parties. The aim of an incident investigation is to determine what happened, why it happened, and what can be done to prevent it from happening again. This means not only considering the immediate causes, but also the underlying or root causes and taking corrective action to address these causes. Almost all incidents have multiple causes. These can be related to a range of factors, including human behavior and competency, the nature of the tasks and processes, equipment, or management of the organization. The investigation should identify all areas that need improvement including improvements to the OH&S management system and propose appropriate corrective actions.

The level of investigation should be proportionate to the potential health and safety consequences of the incident. The incident should be recorded and reported internally and, where appropriate, reported externally to regulatory bodies such as the HSA/HSE /the Safety, Health, and Welfare at Work. Where practicable, the investigation should be led by a person independent of the activities being assessed and should include a worker or workers’ representative. In addition, the organization should

  • Review existing OH&S risk assessments for continued suitability (e.g. did the risk assessment anticipate the occurrence of the incident or nonconformity);
  • Decide on and implement any action needed, including corrective action, in accordance with the hierarchy of controls  and the management of change;
  • Assess OH&S risks that relate to new or changed hazards, prior to taking action;
  • Review the effectiveness of any action taken, including corrective action (e.g. the extent to which the implemented corrective actions adequately control the root cause); Make changes to the OH&S management system, if necessary such as updating a process map or procedure.

Examples of corrective actions (as indicated by the hierarchy of controls) include, but are not limited to:

  • Eliminating hazards;
  • Substituting with less hazardous materials;
  • Redesigning or modifying equipment or tools;
  • Developing and implementing procedures or improving processes;
  • Improving the competency of affected workers;
  • Changing the frequency of use of equipment, etc.;
  • Using personal protective equipment.

Corrective actions should be appropriate to the effects or potential effects of the incidents or nonconformities encountered.

Root cause analysis refers to the practice of exploring all of the possible factors associated with an incident or nonconformity by ascertaining what happened, how it happened, and why it happened, to provide input for what can be done to prevent it from happening again. When determining the root cause of an incident or nonconformity, the organization should use methods appropriate to the nature of the incident or nonconformity being analyzed. The focus of root cause analysis is prevention. Root cause analysis can identify multiple contributory failures, including factors related to communication, competence, fatigue, equipment, or documentation. While root cause analysis is being performed, the organization may also have to undertake immediate but temporary actions to prevent the occurrence of the same nonconformity or incident. This would form part of the corrective action. The organization should retain documented information as evidence of:

  • The nature of the incidents that occurred or nonconformities encountered, and any subsequent actions taken;
  • The results of any actions and corrective actions taken, including their effectiveness.

The organization should communicate this documented information to relevant workers, and where they exist, workers’ representatives, and other relevant parties. It is worth noting that the investigation and reporting of incidents without undue delay can enable hazards to be eliminated and associated OH&S risks to be minimized as soon as possible.

1

Unlike ISO 9001 Quality and ISO 14001 Environmental management systems, ISO 45001 introduces ‘Incident’ alongside nonconformity and corrective action. Clause 3 ‘Terms of Definition’ within the standard provides the parameters in which ‘incident’ can be interpreted and reported. An ‘incident’ is an occurrence that does not result in an injury and/or ill health. Therefore, the organization must implement a system of reporting that captures events that have not necessarily been foreseen within processes of the management system. Often these are referred to as ‘near misses’, ‘near-hit, or a ‘close call’. When a near miss is reported there may be a process in which during the investigation the findings are recorded within a non-conformance report. Prevention of incidents and elimination of hazards is a key facet of the OH&SManagement System, and this is specifically addressed in the definition of organizational context and assessing risks and opportunities. Taking action to correct and control problems when they occur, and then to investigate and take corrective action for the root causes of these problems when it is necessary, are critical to prevent recurrence of process nonconformity. The basic example process of reporting an incident leading to non-conformance, corrective action and continuous improvement

Process Event Management System
IncidentA delivery vehicle during a reversing manoeuvre narrowly misses a worker.The driver has conducted the visitor induction including the issue of the site map.
Near miss report  CardThe worker fills out a simple report card outlining the occurrence with the assistance of the supervisor.Near Miss Report Card available across the site.
Process training delivered during induction.
Corrective ActionCones and tape are immediately placed to prevent entry to the area of the incident by the supervisor.Temporary Corrective Action.
Investigation

The supervisor has a discussion with the delivery driver relating to the circumstances.

The warehouse and site manager discuss the
incident and review the associated risk assessment.

Workers located in the area provide input.

Details recorded as part of the investigation.

Risk assessment reviewed.

Risk-based
thinking
solution.		Following the risk assessment review including discussions with Top Management, physical barriers are placed on the pedestrian walkway as segregation of vehicles and transport.

 

Additional lighting is installed.

Barriers are incorporated into the maintenance programme.

Risk assessment revised.

 

Delivery driver induction modified to include barrier walkways.

Non-conformance report completed with root cause analysis.

Recorded within the incident report register.

Maintenance programme updated

CommunicationThe delivery driver (worker) is contacted and provided with incident feedback and closure.

 

The worker who reported the near-miss is provided with feedback.

Incident report sent to the transport company.

 

Incident report worker signs the corrective action report as evidence of positive feedback.

ReviewThe incident is discussed at the Safety committee and management meetings.

 

The responsible supervisor reports the effectiveness of the introduced changes.

Safety committee and management meeting minutes.

Committee meeting minutes posted on the notice boards.

Management
Review		Overview of the incident and positive outcome within statistics.Near miss/incident statistics review.

 

Management Review Minutes communicated.

A regular audit of pedestrian routes is added to the internal audit programme as part of an improvement objective.

10.3 Continual improvement

The organization shall continually improve the suitability, adequacy, and effectiveness of the OH&S management system, by enhancing OH&S performance. It must promote a culture that supports an OH&S management system. It must promote the participation of workers in implementing actions for the continual improvement of the OH&S management system. It must communicate the relevant results of continual improvement to workers, and, where they exist, workers’ representatives. It should be maintaining and retaining documented information as evidence of continual improvement.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains:

Examples of continual improvement issues include, but are not limited to:

  1. new technology;
  2. good practices, both internal and external to the organization;
  3. suggestions and recommendations from interested parties;
  4. new knowledge and understanding of occupational health and safety-related issues;
  5. new or improved materials;
  6. changes in worker capabilities or competence;
  7. achieving improved performance with fewer resources (i.e. simplification, streamlining, etc.).

The concept of continual improvement is embodied in all management systems based on annex SL such as ISO 9001, ISO 14001, ISO 27001, ISO 22301, and of course ISO 45001. The opportunities for continual improvement must be reported. It may come from new technology.  non-conformances, failures, and any other IMS issues. This system is successful by identifying, establishing, and maintaining OH&S objectives and processes based on relevant risks. Involving top management and all levels of the organization, these processes should be evaluated upon completion for the purpose of continual improvement. Now, it is important to clarify that continual improvement differs from continuous improvement, especially considering that the two potentially could be used interchangeably. To avoid misunderstandings, this clarification is provided under the Terms and definitions section of Annex A in ISO 45001:2018. According to ISO 45001:2018, continuous indicates duration without interruption, while continual indicates duration that occurs over a period of time with intervals of interruption. The latter certainly seems more suitable for the processes of a system intended to safeguard employees from injury and illness, since these processes are implemented before they are evaluated under the Plan-Do-Check-Act cycle. ISO 45001:2018 recommends that organizations evaluate their completed OH&S processes for continual improvement, not continuous.

Through all of the actions to improve the overall OH&SManagement System, the organization can achieve enhanced OH&S performance and promote a culture that supports worker participation in making the OH&SManagement System better. Improvements can be initiated by any employee when any of the following issues are identified:

  1. To initiate a change to the IMS.
  2. To initiate improvement to the performance and effectiveness of the IMS.
  3. When an innovation or improvement opportunity is identified.
  4. When a non-conformance is identified at any time.
  5. When a discrepancy, non-conformance or improvement is identified during auditing.
  6. When a customer complaint or any significant customer feedback is received (including compliments).

Actions which an organization might take with a view to achieving continual improvement in the suitability, adequacy, and effectiveness of its OH&S management system include:

  • Enhancing OH&S performance;
  • Promoting a culture that provides support to the OHSMS;
  • Promoting the participation of workers in the identification and implementation of actions for continual improvement of the OHSMS;
  • Communicating the relevant results of continual improvement to workers, and where they exist, workers’ representatives;
  • Maintaining and retaining documented information as evidence of continual improvement

Published by Pretesh Biswas

Pretesh Biswas has wealth of qualifications and experience in providing results-oriented solutions for your system development, training or auditing needs. He has helped dozens of organizations in implementing effective management systems to a number of standards. He provide a unique blend of specialized knowledge, experience, tools and interactive skills to help you develop systems that not only get certified, but also contribute to the bottom line. He has taught literally hundreds of students over the past 5 years. He has experience in training at hundreds of organizations in several industry sectors. His training is unique in that which can be customized as to your management system and activities and deliver them at your facility. This greatly accelerates the learning curve and application of the knowledge acquired. He is now ex-Certification body lead auditor now working as consultancy auditor. He has performed hundreds of audits in several industry sectors. As consultancy auditor, he not just report findings, but provide value-added service in recommending appropriate solutions. Experience Consultancy: He has helped over 100 clients in a wide variety of industries achieve ISO 9001,14001,27001,20000, OHSAS 18001 and TS 16949 certification. Industries include automotive, metal stamping and screw machine, fabrication, machining, assembly, Forging electrostatic and chrome plating, heat-treating, coatings, glass, plastic and rubber products, electrical and electronic equipment, assemblies & components, batteries, computer hardware and software, printing, placement and Security help, warehousing and distribution, repair facilities, consumer credit counseling agencies, banks, call centers, etc. Training: He has delivered public and on-site quality management training to over 1000 students. Courses include ISO/TS -RAB approved Lead Auditor, Internal Auditing, Implementation, Documentation, as well as customized ISO/TS courses, PPAP, FMEA, APQP and Control Plans. Auditing: He has conducted over 100 third party registration and surveillance audits and dozens of gap, internal and pre-assessment audits to ISO/QS/TS Standards, in the manufacturing and service sectors. Other services: He has provided business planning, restructuring, asset management, systems and process streamlining services to a variety of manufacturing and service clients such as printing, plastics, automotive, transportation and custom brokerage, warehousing and distribution, electrical and electronics, trading, equipment leasing, etc. Education & professional certification: Pretesh Biswas has held IRCA certified Lead Auditor for ISO 9001,14001 and 27001. He holds a Bachelor of Engineering degree in Mechanical Engineering and is a MBA in Systems and Marketing. Prior to becoming a business consultant 6 years ago, he has worked in several portfolios such as Marketing, operations, production, Quality and customer care. He is also certified in Six Sigma Black belt .

Published

3 thoughts on “ISO 45001:2018 Clause 10 Improvement

Leave a Reply