ISO 45001:2018 Clause 10.2 Incident, nonconformity and corrective action

ISO 45001:2018 37 Minutes

ISO 45001:2018 Requirement

The organization shall establish, implement and maintain a process(es), including reporting, investigating and taking action, to determine and manage incidents and nonconformities. When an incident or a nonconformity occurs, the organization shall:

  1. react in a timely manner to the incident or nonconformity and, as applicable:
    • take action to control and correct it;
    • deal with the consequences;
  2. evaluate, with the participation of workers (see 5.4) and the involvement of other relevant interested parties, the need for corrective action to eliminate the root cause(s) of the incident or nonconformity, in order that it does not recur or occur elsewhere, by:
    • investigating the incident or reviewing the nonconformity;
    • determining the cause(s) of the incident or nonconformity;
    • determining if similar incidents have occurred, if nonconformities exist, or if they could potentially occur;
  3. review existing assessments of OH&S risks and other risks, as appropriate (see 6.1);
  4. determine and implement any action needed, including corrective action, in accordance with the hierarchy of controls and the management of change
  5. assess OH&S risks that relate to new or changed hazards, prior to taking action;
  6. review the effectiveness of any action taken, including corrective action;
  7. make changes to the OH&S management system, if necessary.

Corrective actions shall be appropriate to the effects or potential effects of the incidents or nonconformities encountered. The organization shall retain documented information as evidence of:

  • the nature of the incidents or nonconformities and any subsequent actions taken;
  • the results of any action and corrective action, including their effectiveness.

The organization shall communicate this documented information to relevant workers, and, where they exist, workers’ representatives, and other relevant interested parties.
NOTE The reporting and investigation of incidents without undue delay can enable hazards to be eliminated and associated OH&S risks to be minimized as soon as possible.

As per Annex A (Guidance on the use of ISO 45001:2018 standard) of ISO 45001:2018 standard it further explains

Separate processes may exist for incident investigations and nonconformities reviews, or these may becombined as a single process, depending on the organization’s requirements. Examples of incidents, nonconformities and corrective actions can include, but are not limited to:
a) incidents: same level fall with or without injury; broken leg; asbestosis; hearing loss; damage to
buildings or vehicles where they can lead to OH&S risks;
b) nonconformities: protective equipment not functioning properly; failure to fulfil legal requirements and other requirements; prescribed procedures not being followed;
c) corrective actions (as indicated by the hierarchy of controls; see 8.1.2): eliminating hazards;
substituting with less hazardous materials; redesigning or modifying equipment or tools;
developing procedures; improving the competence of affected workers; changing the frequency of use; using personal protective equipment.
Root cause analysis refers to the practice of exploring all the possible factors associated with an incident or nonconformity by asking what happened, how it happened and why it happened, to provide the input for what can be done to prevent it from happening again.
When determining the root cause of an incident or nonconformity, the organization should use methods appropriate to the nature of the incident or nonconformity being analysed. The focus of root cause analysis is prevention. This analysis can identify multiple contributory failures, including factors related to communication, competence, fatigue, equipment or procedures. Reviewing the effectiveness of corrective actions [see 10.2 f)] refers to the extent to which the implemented corrective actions adequately control the root cause(s).

1) The organization shall establish, implement and maintain a process(es), including reporting, investigating and taking action, to determine and manage incidents and nonconformities.

The international standard for Occupational Health and Safety (OH&S) management systems, requires organizations to establish, implement, and maintain a process for determining and managing incidents and nonconformities. This process is essential for identifying, addressing, and preventing workplace incidents and nonconformities related to OH&S. Here’s an overview of how an organization can meet this requirement:

Incident Reporting Process:

  • Identification: Establish a clear and easily accessible mechanism for employees and relevant stakeholders to report incidents, near-misses, and hazards. Encourage a culture of reporting without fear of reprisals.
  • Documentation: Ensure that all reported incidents are documented in detail, including the date, time, location, individuals involved, witnesses, and a description of the incident.

2. Incident Investigation Process:

  • Investigation Team: Formulate investigation teams or designate responsible individuals with the appropriate training and expertise to conduct thorough incident investigations.
  • Root Cause Analysis: Use systematic approaches like root cause analysis (e.g., “5 Whys”) to determine the underlying causes of incidents, including immediate causes, contributing factors, and root causes.
  • Documentation: Document the entire investigation process, including findings, conclusions, and recommendations for corrective and preventive actions.

3. Nonconformity Reporting Process:

  • Identification: Establish a process for identifying nonconformities related to OH&S management, including instances of non-compliance with internal procedures, standards, or legal requirements.
  • Documentation: Document nonconformities with clear descriptions, evidence, and information about their impact and significance.

4. Corrective Action Process:

  • Corrective Action Plans: Develop corrective action plans based on the findings of incident and nonconformity investigations. These plans should address the identified root causes and prevent the recurrence of similar incidents or nonconformities.
  • Implementation: Assign responsibilities for implementing corrective actions, set clear deadlines, and allocate necessary resources.
  • Documentation: Document all corrective actions taken, including their outcomes and effectiveness in addressing the identified issues.

5. Preventive Action Process:

  • Preventive Action Plans: Implement preventive actions alongside corrective actions to proactively reduce the risk of similar incidents or nonconformities occurring in the future.
  • Monitoring: Continuously monitor the effectiveness of preventive actions to ensure they are achieving their intended outcomes.

6. Communication and Reporting Process:

  • Communication: Establish clear communication channels for sharing incident and nonconformity investigation findings and the status of corrective and preventive actions with relevant stakeholders, including employees, management, and, in some cases, customers and suppliers.
  • Reporting to Authorities: Report serious incidents or nonconformities to relevant regulatory authorities, as required by law or regulations.

7. Monitoring and Review Process:

  • Performance Metrics: Develop key performance indicators (KPIs) and metrics to measure the effectiveness of incident and nonconformity management processes. Regularly monitor and analyze these metrics to assess performance.
  • Management Review: Include incident and nonconformity data in management review meetings to inform strategic decisions, resource allocation, and improvement efforts.

8. Continuous Improvement Process:

  • Data Analysis: Analyze incident and nonconformity data to identify trends, patterns, and systemic issues. Use this information to drive continuous improvement in the OH&S management system.
  • Feedback Loop: Incorporate lessons learned from incidents and nonconformities into safety training, procedures, risk assessments, and safety culture initiatives.

Reporting, investigating, and taking action to determine and manage incidents and nonconformities are critical aspects of an effective Occupational Health and Safety (OH&S) management system. These processes help organizations prevent incidents, minimize risks, and continuously improve safety performance. Here’s how organizations can approach each of these steps:

1. Reporting Incidents and Nonconformities:

  • Establish clear and well-communicated procedures for reporting incidents and nonconformities. Employees and other relevant parties should know how and where to report such issues.
  • Create an incident reporting form or system that captures essential information, including the date, time, location, description of the incident or nonconformity, individuals involved, and witnesses.
  • Encourage a culture of reporting by emphasizing that all incidents, regardless of their severity, should be reported. Ensure that there are no repercussions for employees who report incidents in good faith.

2. Investigating Incidents and Nonconformities:

  • Formulate investigation teams or designate responsible individuals to conduct thorough investigations. These teams should be trained in incident investigation techniques.
  • Secure the incident scene to prevent further harm and preserve evidence. Gather all relevant information, including witness statements, photographs, and physical evidence.
  • Use systematic approaches like the “5 Whys” technique or root cause analysis to determine the underlying causes of incidents and nonconformities. Seek to identify not only immediate causes but also contributing factors and root causes.
  • Document the investigation process, findings, and conclusions. Ensure that records are detailed and provide a clear understanding of what happened and why.

3. Taking Corrective Actions:

  • Develop corrective action plans based on the findings of the investigation. These plans should address the identified root causes and prevent the recurrence of similar incidents or nonconformities.
  • Assign responsibilities for implementing corrective actions, setting clear deadlines, and monitoring progress.
  • Make necessary changes to processes, procedures, equipment, or training based on the corrective action plan.
  • Communicate the corrective actions and their importance to relevant employees and stakeholders.

4. Taking Preventive Actions:

  • In addition to addressing the specific incident or nonconformity, consider implementing preventive actions to proactively reduce the risk of similar incidents in the future.
  • These actions may involve changes to procedures, training programs, risk assessments, or hazard controls.
  • Monitor and measure the effectiveness of preventive actions to ensure they are achieving their intended outcomes.

5. Documenting and Reporting:

  • Maintain comprehensive records of incident and nonconformity reports, investigations, corrective actions, and preventive actions.
  • Report serious incidents, as required by law or regulation, to relevant authorities.
  • Communicate the outcomes of investigations and actions taken to all relevant parties, including employees, management, and, in some cases, customers and suppliers.

6. Continuous Improvement:

  • Use the information gathered from incident and nonconformity investigations to drive continuous improvement. Regularly review trends and patterns to identify systemic issues that require attention.
  • Incorporate lessons learned from incidents and nonconformities into safety training, procedures, and risk assessments.
  • Conduct periodic reviews of incident and nonconformity data during management review meetings to inform strategic decisions and resource allocation.

By following these steps and maintaining a commitment to reporting, investigating, and taking action, organizations can create a safer workplace, reduce risks, and continuously enhance their OH&S management system.

2) When an incident or a nonconformity occurs, the organization shall react in a timely manner to the incident or nonconformity

Reacting in a timely manner to incidents and nonconformities is crucial to ensure the safety of employees and to prevent further harm or recurrence. Here are the key steps an organization should take when an incident or nonconformity occurs:

1. Immediate Response:

  • Safety First: Ensure the immediate safety and well-being of anyone affected by the incident or nonconformity. Provide medical assistance if needed and secure the area to prevent further harm.
  • Isolate and Contain: If the incident involves a hazardous situation, take measures to isolate and contain the hazard to prevent it from spreading.
  • Notify Relevant Parties: Quickly notify appropriate personnel, including emergency responders, management, and any relevant authorities, about the incident or nonconformity.

2. Incident or Nonconformity Reporting:

  • Document the Incident: Ensure that a detailed incident report is completed as soon as possible, capturing essential information such as the date, time, location, individuals involved, witnesses, and a description of the incident or nonconformity.
  • Report to Authorities: If required by law or regulations, report the incident or nonconformity to relevant regulatory authorities within the specified timeframe.

3. Investigation:

  • Formulate an Investigation Team: Assign qualified individuals or teams to investigate the incident or nonconformity. These teams should have the necessary expertise to conduct a thorough investigation.
  • Root Cause Analysis: Utilize root cause analysis techniques (e.g., “5 Whys,” fishbone diagrams) to determine the underlying causes of the incident or nonconformity. Identify immediate causes, contributing factors, and root causes.

4. Corrective Actions:

  • Develop Corrective Action Plans: Based on the findings of the investigation, develop specific corrective action plans to address the root causes of the incident or nonconformity.
  • Implementation: Assign responsibilities for implementing corrective actions, set clear deadlines, and allocate necessary resources.
  • Monitoring: Continuously monitor and assess the effectiveness of corrective actions to ensure they prevent recurrence.

5. Preventive Actions:

  • Preventive Action Plans: Implement preventive actions alongside corrective actions to proactively reduce the risk of similar incidents or nonconformities occurring in the future.
  • Monitoring: Continuously monitor the effectiveness of preventive actions to ensure they achieve their intended outcomes.

6. Communication:

  • Internal Communication: Communicate the outcomes of the investigation, corrective actions, and preventive actions to all relevant parties within the organization. Ensure that employees are aware of any changes to procedures or practices resulting from the incident.
  • External Communication: If necessary, communicate with external stakeholders, including customers, suppliers, or regulatory authorities, regarding the incident or nonconformity and the actions taken to address it.

7. Documentation and Records:

  • Document All Actions: Maintain comprehensive records of incident and nonconformity reports, investigations, corrective actions, preventive actions, and communications.

8. Review and Continuous Improvement:

  • Management Review: Include incident and nonconformity data in management review meetings to inform strategic decisions, resource allocation, and improvement efforts.
  • Continuous Improvement: Analyze incident and nonconformity data to identify trends, patterns, and systemic issues. Use this information to drive continuous improvement in the OH&S management system.

Timely and effective reactions to incidents and nonconformities are essential for preventing injuries, maintaining compliance, and continuously enhancing workplace safety. It also demonstrates the organization’s commitment to the safety and well-being of its employees and stakeholders.

3) When an incident or a nonconformity occurs, the organization shall take action to control and correct it and/or deal with the consequences.

when an incident or nonconformity occurs, the organization must take prompt and appropriate actions to control and correct the situation. This includes addressing the immediate issues and dealing with the consequences effectively. Here’s a breakdown of these actions:

1. Control and Correct the Incident or Nonconformity:

  • Immediate Response: React swiftly to ensure the safety and well-being of individuals involved or affected by the incident or nonconformity. This may involve providing medical assistance, isolating hazards, or containing the situation.
  • Mitigate Further Harm: Take measures to prevent the incident or nonconformity from escalating or causing additional harm. This could include stopping production processes, evacuating affected areas, or securing equipment.
  • Implement Corrective Actions: Develop and implement corrective actions to address the immediate causes of the incident or nonconformity. These actions are aimed at preventing recurrence and restoring normal operations.
  • Involve Relevant Personnel: Ensure that personnel with the appropriate expertise and responsibilities are involved in taking corrective actions. Assign clear roles and responsibilities.

2. Deal with the Consequences:

  • Documentation: Maintain accurate and comprehensive records of the incident or nonconformity, including details of the response actions taken, their outcomes, and their effectiveness.
  • Communication: Communicate internally and externally as needed. Notify affected employees, relevant authorities, and any other stakeholders about the incident or nonconformity and the actions being taken.
  • Report to Authorities: If required by law or regulations, report the incident or nonconformity to relevant regulatory authorities within the specified timeframe.
  • Legal and Regulatory Compliance: Ensure that all actions taken to address the incident or nonconformity comply with applicable laws, regulations, and internal policies.
  • Recovery and Restoration: Develop a plan for the recovery and restoration of operations or processes affected by the incident or nonconformity. This may involve repairing equipment, restoring systems, or resuming normal activities.
  • Corrective and Preventive Actions: In addition to immediate corrective actions, develop plans for preventive actions to reduce the risk of similar incidents or nonconformities occurring in the future.
  • Learning and Improvement: Conduct a thorough investigation to determine the root causes of the incident or nonconformity. Use the findings to drive continuous improvement in the organization’s processes, procedures, and safety measures.
  • Support for Affected Individuals: Provide support and assistance to individuals who may have been physically or emotionally affected by the incident or nonconformity. This could include medical care, counseling, or accommodations as needed.
  • Insurance and Liability: Assess the organization’s insurance coverage and liability in relation to the incident or nonconformity. Engage legal and insurance professionals if necessary.

Taking prompt and comprehensive actions to control, correct, and manage the consequences of incidents and non-conformities is not only a legal and regulatory requirement but also a crucial aspect of ensuring the safety and well-being of employees and the continuity of business operations. It also demonstrates the organization’s commitment to continuous improvement in its Occupational Health and Safety (OH&S) management system.

4) When an incident or a nonconformity occurs, the organization shall evaluate, with the participation of workers and the involvement of other relevant interested parties

When an incident or a nonconformity occurs within an organization, it is essential to conduct a thorough evaluation to understand the underlying causes, assess the impact, and determine appropriate corrective and preventive actions. The involvement of workers and relevant interested parties is critical to ensure a comprehensive and effective evaluation. Here’s how the evaluation process should be conducted:

1. Notification and Initial Assessment:

  • Promptly notify relevant personnel and authorities about the incident or nonconformity.
  • Conduct an initial assessment to understand the immediate impact and potential risks associated with the incident or nonconformity.

2. Form an Evaluation Team:

  • Establish an evaluation team comprising individuals with the necessary expertise and experience, including workers, supervisors, safety professionals, and other relevant personnel.

3. Conduct a Thorough Evaluation:

  • Gather Information: Collect all relevant information related to the incident or nonconformity, including witness statements, photographs, documents, and records.
  • Root Cause Analysis: Use systematic methods like root cause analysis (e.g., “5 Whys,” fishbone diagrams) to identify the underlying causes, including immediate causes, contributing factors, and root causes.
  • Worker Involvement: Involve workers who have firsthand knowledge of the situation, as they can provide valuable insights into the incident or nonconformity and potential solutions.
  • Participation of Interested Parties: Engage other relevant interested parties, such as contractors, suppliers, or regulatory authorities, if their input is necessary to fully understand the situation.

4. Impact Assessment:

  • Evaluate the impact of the incident or nonconformity on employees, the environment, assets, production, and the organization’s reputation.
  • Consider short-term and long-term consequences, including potential legal, financial, and operational implications.

5. Determine Corrective and Preventive Actions:

  • Based on the findings of the evaluation, develop corrective action plans to address the immediate causes and prevent the recurrence of similar incidents or nonconformities.
  • Involve workers and relevant stakeholders in brainstorming and selecting appropriate corrective and preventive actions.

6. Worker Participation:

  • Actively involve workers in the decision-making process regarding corrective and preventive actions. Their input is valuable for identifying practical solutions and ensuring that proposed actions are feasible.
  • Encourage workers to report any safety concerns or suggestions for improvement related to the incident or nonconformity.

7. Document the Evaluation:

  • Maintain detailed records of the evaluation process, including the investigation, findings, conclusions, corrective actions, preventive actions, and the involvement of workers and interested parties.

8. Communication:

  • Communicate the results of the evaluation, the actions being taken, and any safety measures to workers and relevant interested parties. Ensure transparency in sharing information.

9. Follow-Up and Monitoring:

  • Monitor the progress of corrective and preventive actions to verify their effectiveness in addressing the incident or nonconformity.
  • Continuously engage workers and relevant stakeholders in the follow-up process to gather feedback and make adjustments as needed.

By involving workers and relevant interested parties in the evaluation process, organizations can benefit from diverse perspectives, practical insights, and a collective commitment to improving safety and preventing future incidents or nonconformities. This collaborative approach contributes to a safer workplace and a stronger Occupational Health and Safety (OH&S) management system.

5) When an incident or a nonconformity occurs, the organization shall evaluate the need for corrective action to eliminate the root cause(s) of the incident or nonconformity, in order that it does not recur or occur elsewhere by investigating the incident or reviewing the nonconformity; determining the cause(s) of the incident or nonconformity; determining if similar incidents have occurred, if nonconformities exist, or if they could potentially occur;

When an incident or a nonconformity occurs, the organization must conduct a comprehensive evaluation to determine the need for corrective action. The purpose of corrective action is to eliminate the root cause(s) of the incident or nonconformity so that it does not recur or occur elsewhere. Here are the key steps involved in this evaluation process:

1. Investigate the Incident or Review the Nonconformity:

  • Initiate a thorough investigation of the incident or review of the nonconformity. Gather all relevant information, evidence, and data related to the event.
  • Identify the immediate causes, contributing factors, and root causes of the incident or nonconformity. Use systematic investigation methods such as root cause analysis (e.g., “5 Whys,” fishbone diagrams) to determine the underlying issues.

2. Determine the Cause(s) of the Incident or Nonconformity:

  • Examine all aspects of the incident or nonconformity to identify the root causes. Consider factors such as human error, equipment malfunction, process failures, communication breakdowns, and organizational factors.
  • Engage a multidisciplinary team, including workers who may have firsthand knowledge of the situation, to assist in identifying the causes.

3. Assess Similar Incidents or Nonconformities:

  • Investigate whether similar incidents have occurred in the past, if nonconformities exist elsewhere in the organization, or if there is a potential for similar incidents or nonconformities to occur in the future.
  • Analyze trends and patterns to identify systemic issues that may contribute to recurring incidents or nonconformities.

4. Evaluate the Need for Corrective Action:

  • Based on the findings of the investigation and the assessment of similar incidents or nonconformities, determine whether corrective action is needed to prevent recurrence.
  • Consider the severity, potential impact, and likelihood of recurrence when assessing the need for corrective action.

5. Develop Corrective Action Plans:

  • If corrective action is deemed necessary, develop specific corrective action plans that address the root causes identified during the investigation.
  • Include clear objectives, targets, responsible parties, timelines, and resource requirements in the corrective action plans.

6. Worker Involvement:

  • Actively involve workers and relevant stakeholders in the development of corrective action plans. Workers often have valuable insights into practical solutions and potential barriers to implementation.

7. Implementation of Corrective Actions:

  • Implement the corrective actions as specified in the action plans. Ensure that they are carried out effectively and within the established timelines.
  • Assign responsibilities for implementing corrective actions and allocate necessary resources.

8. Monitor and Verify Effectiveness:

  • Continuously monitor and verify the effectiveness of the corrective actions in eliminating the root causes and preventing recurrence.
  • Use key performance indicators (KPIs) and metrics to assess progress and compliance with the corrective actions.

9. Document and Communicate:

  • Maintain detailed records of the corrective action process, including the investigation, action plans, implementation, monitoring, and verification.
  • Communicate the outcomes of the corrective actions to all relevant parties, including employees, management, and stakeholders.

10. Follow-Up and Continuous Improvement:

  • Establish a feedback loop with workers and relevant stakeholders to gather input on the effectiveness of the corrective actions and to make adjustments as needed.
  • Use lessons learned from the incident or nonconformity to drive continuous improvement in the organization’s processes, procedures, and safety measures.

By following these steps, organizations can systematically evaluate the need for corrective action, address root causes, and prevent the recurrence of incidents or nonconformities, ultimately contributing to a safer workplace and a stronger Occupational Health and Safety (OH&S) management system.

6) When an incident or a nonconformity occurs, the organization shall review existing assessments of OH&S risks and other risks, as appropriate

When an incident or nonconformity occurs within an organization, it is essential to review existing assessments of Occupational Health and Safety (OH&S) risks and other relevant risks. This review is important to ensure that the incident or nonconformity is considered in the context of the organization’s risk management processes. Here’s how the review process should be conducted:

1. Identify Relevant Risk Assessments:

  • Begin by identifying the specific risk assessments that are relevant to the incident or nonconformity. These assessments may include general OH&S risk assessments, hazard assessments, or assessments related to specific processes, activities, or projects.

2. Gather Incident or Nonconformity Information:

  • Collect all available information related to the incident or nonconformity, including the findings of any investigations, root cause analyses, and the impact assessment of the incident or nonconformity.

3. Review Existing Risk Assessments:

  • Examine the existing risk assessments in light of the incident or nonconformity. Consider whether the incident or nonconformity was previously identified as a potential risk in any of the assessments.
  • Evaluate whether the controls, safeguards, or preventive measures identified in the risk assessments were effective in preventing the incident or nonconformity. Determine if any shortcomings or gaps exist in the current risk management approach.

4. Update Risk Assessments, as Appropriate:

  • If the incident or nonconformity reveals that new risks or inadequately assessed risks were contributing factors, update the relevant risk assessments accordingly.
  • Ensure that the assessments reflect the most current information about risks and control measures.

5. Consider Integration with OH&S Management System:

  • Evaluate how the incident or nonconformity affects the organization’s OH&S management system, including the effectiveness of its controls and procedures.
  • Determine if adjustments are needed in the organization’s OH&S risk management processes, objectives, or plans.

6. Worker Involvement:

  • Involve workers and relevant stakeholders in the review process, as they may provide valuable insights and observations about risks and control measures in their specific work areas.

7. Communication and Documentation:

  • Communicate the results of the review to all relevant parties, including employees, management, and stakeholders.
  • Maintain records of the review process, including updated risk assessments and any changes or actions taken as a result of the review.

8. Continuous Improvement:

  • Use the insights gained from the review to drive continuous improvement in the organization’s risk management processes and OH&S management system.
  • Ensure that lessons learned from the incident or nonconformity are incorporated into future risk assessments and risk management strategies.

By reviewing existing risk assessments in the context of incidents or nonconformities, organizations can identify areas where improvements are needed to enhance their risk management processes and strengthen their ability to prevent similar incidents in the future. This proactive approach contributes to a safer workplace and the ongoing effectiveness of the OH&S management system.

7)When an incident or a nonconformity occurs, the organization shall determine and implement any action needed, including corrective action, in accordance with the hierarchy of controls and the management of change

When an incident or nonconformity occurs within an organization, it’s essential to determine and implement the necessary actions to address the situation effectively. This process should align with the hierarchy of controls and include considerations for managing change. Here’s how organizations can approach this:

1. Hierarchy of Controls:

The hierarchy of controls is a systematic approach to managing risks and hazards in the workplace. It ranks control measures from the most effective to the least effective. The hierarchy typically includes the following levels, in descending order of effectiveness:

  • Elimination: Completely remove the hazard or risk from the workplace.
  • Substitution: Replace the hazard with something less hazardous.
  • Engineering Controls: Implement physical changes or modifications to reduce exposure to the hazard (e.g., machine guards, ventilation systems).
  • Administrative Controls: Develop and implement policies, procedures, and work practices to minimize exposure to the hazard (e.g., training, signage, scheduling).
  • Personal Protective Equipment (PPE): Provide personal protective equipment to reduce exposure (e.g., helmets, gloves, masks).

2. Determine Actions Needed:

  • Evaluate the incident or nonconformity in the context of the hierarchy of controls. Determine which control measures or combination of measures will be most effective in addressing the root causes and preventing recurrence.
  • Consider the severity of the incident or nonconformity, the potential for harm, and the likelihood of recurrence when deciding on appropriate actions.

3. Corrective Actions:

  • Develop and implement corrective actions that address the immediate causes and underlying root causes of the incident or nonconformity.
  • Prioritize corrective actions based on the hierarchy of controls, with an emphasis on eliminating or substituting hazards whenever possible.

4. Management of Change:

  • If implementing changes as part of corrective actions or preventive measures, ensure that the organization follows a structured management of change process.
  • Assess the impact of proposed changes on the organization, including potential risks, safety implications, and the need for training or communication.
  • Involve relevant stakeholders, including workers, in the decision-making process when implementing changes that may affect their work processes or safety.

5. Implementation and Monitoring:

  • Implement the selected control measures and changes in accordance with established action plans and timelines.
  • Continuously monitor and assess the effectiveness of the implemented measures. Ensure that they are achieving the intended outcomes and that any unintended consequences are addressed.

6. Documentation and Communication:

  • Maintain detailed records of the actions taken, including the rationale for selecting specific control measures and any changes made.
  • Communicate the actions and changes to all relevant parties, including employees, management, and stakeholders.

7. Continuous Improvement:

  • Use the insights gained from the incident or nonconformity and the actions taken to drive continuous improvement in the organization’s risk management and safety practices.
  • Regularly review and update control measures and procedures to adapt to changing circumstances and emerging risks.

By following this approach, organizations can effectively address incidents and nonconformities, reduce risks, prevent recurrence, and promote a culture of safety and continuous improvement in their Occupational Health and Safety (OH&S) management systems.

8) When an incident or a nonconformity occurs, the organization shall assess OH&S risks that relate to new or changed hazards, prior to taking action

When an incident or nonconformity occurs, and the organization is considering taking new actions or implementing changes, it is crucial to assess Occupational Health and Safety (OH&S) risks related to any new or changed hazards before proceeding. This proactive assessment helps prevent potential safety issues and ensures that risks are adequately managed. Here’s how organizations can approach this process:

1. Identify New or Changed Hazards:

  • Begin by identifying any new hazards or changes in existing hazards that may result from the proposed actions or changes following the incident or nonconformity.
  • Consider both physical hazards (e.g., equipment, chemicals) and non-physical hazards (e.g., procedural changes, organizational changes).

2. Assess OH&S Risks:

  • Conduct a thorough risk assessment specifically focused on the new or changed hazards. This assessment should consider the likelihood and severity of potential harm or adverse effects on health.
  • Use established risk assessment methodologies, such as qualitative (e.g., risk matrices) or quantitative (e.g., risk calculations) approaches, to evaluate the identified risks.
  • Involve workers and relevant stakeholders in the risk assessment process to gather diverse perspectives and insights.

3. Evaluate Risk Control Measures:

  • Assess the effectiveness of existing risk control measures in addressing the new or changed hazards. Determine if these controls remain appropriate or if modifications are needed.
  • Consider the hierarchy of controls and prioritize the use of more effective control measures, such as elimination or substitution, before relying on administrative controls or personal protective equipment.

4. Develop Action Plans:

  • Based on the risk assessment findings, develop action plans that outline the specific measures, changes, or enhancements needed to address the identified risks associated with new or changed hazards.
  • Include clear objectives, targets, responsible parties, timelines, and resource requirements in the action plans.

5. Management of Change:

  • Implement a structured management of change process to ensure that any proposed changes, including those related to risk control measures, are thoroughly evaluated and communicated.
  • Assess the impact of changes on processes, equipment, procedures, and personnel.

6. Worker Involvement:

  • Actively involve workers and relevant stakeholders in the risk assessment and decision-making processes. Workers often have valuable insights into practical solutions and potential safety concerns.

7. Implementation and Monitoring:

  • Implement the risk control measures and changes as specified in the action plans. Ensure that they are carried out effectively and within the established timelines.
  • Continuously monitor and assess the effectiveness of the implemented measures in managing the identified OH&S risks.

8. Documentation and Communication:

  • Maintain detailed records of the risk assessment process, action plans, and the rationale for selecting specific risk control measures.
  • Communicate the results of the risk assessment and any changes to all relevant parties, including employees, management, and stakeholders.

9. Continuous Improvement:

  • Use the insights gained from the risk assessment and risk control efforts to drive continuous improvement in the organization’s OH&S management system and safety practices.
  • Regularly review and update risk assessments to account for changing circumstances and emerging risks.

By assessing OH&S risks related to new or changed hazards before taking action, organizations can proactively mitigate potential safety issues, prevent incidents, and ensure the ongoing effectiveness of their OH&S management systems. This approach contributes to a safer workplace and a culture of continuous improvement in safety practices.

9) The organization shall review the effectiveness of any action taken, including corrective action.

Absolutely, reviewing the effectiveness of any actions taken, including corrective actions, is a crucial step in the continuous improvement process within an Occupational Health and Safety (OH&S) management system. It helps organizations ensure that the actions they have implemented are achieving the desired outcomes and effectively addressing the identified issues. Here’s how organizations can review the effectiveness of actions:

  • Define Review Criteria: Clearly define the criteria and indicators that will be used to assess the effectiveness of the actions. These criteria should align with the objectives and targets set during the action planning phase.
  • Data Collection:Collect relevant data and information to evaluate the actions’ effectiveness. This may include incident reports, nonconformity records, performance metrics, feedback from workers, and any other relevant data sources.
  • Performance Metrics:Use key performance indicators (KPIs) and performance metrics to measure and track progress. These metrics should be established during the action planning phase and aligned with the identified issues and objectives.
  • Data Analysis:Analyze the collected data to determine whether the actions have had the intended impact. Look for trends, improvements, and changes in performance.
  • Worker and Stakeholder Feedback:Gather input and feedback from workers and relevant stakeholders who may have firsthand knowledge of the situation. Their perspectives can provide valuable insights into the effectiveness of the actions.
  • Gap Analysis:Compare the current state to the desired state or objectives set during the action planning phase. Identify any gaps or discrepancies and determine whether the actions have closed those gaps.
  • Root Cause Analysis:If the actions were taken in response to incidents or nonconformities, conduct a root cause analysis to verify whether the root causes have been effectively addressed.
  • Compliance Check:Ensure that the actions taken are in compliance with relevant legal and regulatory requirements, as well as internal policies and procedures.
  • Management Review:Present the findings of the effectiveness review to top management during management review meetings. Top management’s involvement is essential for decision-making and resource allocation.
  • Feedback and Improvement:Based on the review findings, gather feedback on the effectiveness of the actions from all relevant parties, including employees, management, and stakeholders. Use the feedback and findings to make adjustments or improvements to the actions if necessary.
  • Documentation:Document the results of the effectiveness review, including any findings, conclusions, and recommendations for improvement. Maintain records of the review process.
  • Continuous Improvement:Use the insights gained from the effectiveness review to drive continuous improvement in the organization’s OH&S management system and practices. This includes updating risk assessments, control measures, and procedures as needed.

By regularly reviewing the effectiveness of actions taken, organizations can ensure that they are continually improving their OH&S performance and reducing risks. It also allows them to adapt and refine their strategies to better meet their safety objectives and enhance the overall safety culture within the organization.

10) When an incident or a nonconformity occurs, the organization shall make changes to the OH&S management system, if necessary

When an incident or a nonconformity occurs within an organization, it should prompt a careful review of the Occupational Health and Safety (OH&S) management system. The objective is to determine whether changes are necessary to prevent similar incidents in the future and improve the overall effectiveness of the OH&S management system. Here are key steps to consider:

  1. Incident or Nonconformity Investigation: Conduct a thorough investigation to determine the root causes of the incident or nonconformity. Understand what went wrong and why.
  2. Impact Assessment:Assess the impact of the incident or nonconformity on employees, the organization, and other relevant stakeholders. This includes considering physical injuries, emotional well-being, property damage, legal implications, and reputation.
  3. Root Cause Analysis:Use established methods like root cause analysis (e.g., “5 Whys,” fishbone diagrams) to identify the underlying causes, including immediate causes, contributing factors, and root causes.
  4. Identify Systemic Issues:Evaluate whether the incident or nonconformity highlights systemic issues within the organization’s OH&S management system, such as inadequacies in policies, procedures, training, or risk assessments.
  5. Determine Corrective Actions:Develop and implement corrective actions that address the immediate causes and root causes of the incident or nonconformity. These actions should focus on preventing recurrence.
  6. Preventive Actions:Implement preventive actions to address broader systemic issues and reduce the likelihood of similar incidents or nonconformities occurring in the future.
  7. Management of Change:If changes are proposed as part of corrective and preventive actions, ensure that a structured management of change process is followed. Evaluate the impact of these changes on safety and OH&S.
  8. Worker Involvement:Actively involve workers and relevant stakeholders in the decision-making process regarding changes to the OH&S management system. Workers often have practical insights into safety measures.
  9. Document Changes:Document all changes made to the OH&S management system, including the rationale, objectives, responsible parties, timelines, and resource requirements.
  10. Communication:Communicate the changes to all relevant parties, including employees, management, and stakeholders. Ensure that everyone understands the reasons for the changes and their roles in implementing them.
  11. Training and Awareness:Provide training and awareness programs for employees to ensure they understand the changes and how to comply with the updated OH&S management system.
  12. Monitoring and Evaluation:Continuously monitor and evaluate the effectiveness of the changes. Use key performance indicators (KPIs) and performance metrics to assess progress and compliance with the updated system.
  13. Review and Adjust:Periodically review the changes to ensure they continue to be effective and relevant. Adjust the OH&S management system as needed based on the outcomes of the reviews.
  14. Continuous Improvement:Use the insights gained from the incident or nonconformity, and the changes made, to drive continuous improvement in the organization’s OH&S management system and safety practices.

Making necessary changes to the OH&S management system in response to incidents or nonconformities is not only a legal and regulatory requirement but also a fundamental principle of continuous improvement in safety. It helps prevent future incidents, protect employees and stakeholders, and enhance the overall safety culture within the organization.

11) Corrective actions shall be appropriate to the effects or potential effects of the incidents or nonconformities encountered.

Corrective actions taken in response to incidents or nonconformities should indeed be appropriate to the effects or potential effects of the issues encountered. The appropriateness of corrective actions ensures that the organization effectively addresses the root causes of the incidents or nonconformities and minimizes the risk of recurrence. Here are some key considerations for determining the appropriateness of corrective actions:

  1. Severity of the Incident or Nonconformity: Assess the severity of the incident or nonconformity. Consider the impact on the health and safety of employees, the environment, property, and other relevant factors. Tailor the corrective actions to the severity of the issue. More severe incidents may require more extensive and immediate corrective actions.
  2. Root Cause Analysis: Conduct a thorough root cause analysis to identify the underlying causes of the incident or nonconformity. Ensure that the corrective actions directly address these root causes.
  3. Preventing Recurrence: Evaluate whether the proposed corrective actions effectively prevent the recurrence of similar incidents or nonconformities. The actions should target the specific weaknesses or deficiencies in the existing processes or systems.
  4. Risk Assessment: Consider the potential risks associated with the incident or nonconformity. Implement corrective actions that reduce the likelihood and consequences of such risks.
  5. Systemic Improvements: Identify if the incident or nonconformity points to broader systemic issues within the organization’s processes, procedures, or culture. Implement corrective actions that address these systemic issues to prevent future problems.
  6. Worker Involvement: Involve workers and relevant stakeholders in the decision-making process regarding corrective actions. Workers often have practical insights into the appropriateness and feasibility of proposed measures.
  7. Cost-Effectiveness: Evaluate the cost-effectiveness of corrective actions. While safety is paramount, organizations should also consider the financial implications and allocate resources wisely.
  8. Regulatory Compliance: Ensure that corrective actions align with regulatory requirements and industry standards. Noncompliance can lead to legal and regulatory issues.
  9. Documentation and Communication: Document the rationale for selecting specific corrective actions, objectives, responsible parties, timelines, and resource requirements. Communicate the actions and their expected outcomes to all relevant parties.
  10. Continuous Improvement: Use the insights gained from corrective actions and their effectiveness to drive continuous improvement in the organization’s processes and safety practices.

The appropriateness of corrective actions is essential to ensure that the organization effectively addresses the issues and prevents their recurrence while considering the specific context and impact of the incidents or nonconformities. By taking appropriate corrective actions, organizations can maintain a safe workplace and continuously enhance their Occupational Health and Safety (OH&S) management systems.

12) The organization shall retain documented information as evidence of the nature of the incidents or nonconformities and any subsequent actions taken and the results of any action and corrective action, including their effectiveness.

Maintaining accurate and comprehensive records of incidents or nonconformities and the subsequent actions taken, including their results and effectiveness, is a fundamental requirement of an effective Occupational Health and Safety (OH&S) management system. These records serve as a critical component of the organization’s documentation and help demonstrate compliance with OH&S standards and regulatory requirements. Here’s what should be included in these records:

  1. Nature of Incidents or Nonconformities: Detailed descriptions of the incidents or nonconformities, including what occurred, where and when it happened, who was involved, and any potential or actual consequences.
  2. Root Cause Analysis:Information related to the root cause analysis conducted to identify the underlying causes of the incidents or nonconformities.
  3. Actions Taken:A clear account of the actions taken in response to the incidents or nonconformities. This should include a step-by-step record of the corrective actions implemented to address the root causes.
  4. Responsible Parties:Identification of individuals or teams responsible for carrying out the actions, along with their roles and responsibilities.
  5. Timelines:Timelines for the completion of actions and any associated milestones.
  6. Resource Allocation:Records of resources allocated to implement the actions, including personnel, equipment, and financial resources.
  7. Evaluation of Effectiveness:Details on how the effectiveness of the corrective actions was assessed. This may include performance metrics, key performance indicators (KPIs), or other criteria used to measure the success of the actions.
  8. Outcomes: Results of the actions taken, including any improvements observed, the degree to which the issues were mitigated or resolved, and any remaining issues.
  9. Review and Verification:Information regarding the review and verification process to ensure that the actions were completed as planned and that they effectively addressed the incidents or nonconformities.
  10. Continuous Improvement:Notes on any lessons learned from the incidents or nonconformities and how these insights were used to drive continuous improvement in the organization’s OH&S management system.
  11. Regulatory Compliance:Documentation that demonstrates compliance with relevant regulatory requirements and standards.
  12. Communication:Records of how the outcomes and effectiveness of corrective actions were communicated to relevant parties, including employees, management, and stakeholders.
  13. Retention and Accessibility:Ensure that these records are retained for the specified retention period required by regulations or organizational policies and that they are readily accessible for audits and management reviews.

By maintaining these records, organizations not only demonstrate their commitment to safety and compliance but also create a valuable resource for tracking the effectiveness of their OH&S management system and driving continuous improvement in workplace safety practices.

Documented Information required

Documents:

  1. OH&S Policy (Documented Information): The organization’s OH&S policy, which includes a commitment to incident reporting, investigation, and corrective actions, should be documented.
  2. Procedure for Incident Reporting and Investigation: A documented procedure that outlines the process for reporting, recording, and investigating incidents and nonconformities. This procedure should detail the steps to be followed and responsibilities.
  3. Procedure for Corrective Action: A documented procedure that defines the process for identifying, implementing, and verifying corrective actions in response to incidents, nonconformities, and identified risks.

Records:

  1. Incident and Nonconformity Reports: Records of incidents and nonconformities, including details such as the nature of the incident or nonconformity, date, time, location, individuals involved, witnesses, and initial assessment of potential consequences.
  2. Root Cause Analysis Records: Documentation related to the root cause analysis conducted for incidents and nonconformities. This may include the analysis process, findings, and conclusions.
  3. Corrective Action Plans: Records of corrective action plans developed in response to incidents, nonconformities, and identified risks. These records should outline the actions to be taken, responsible parties, timelines, and resource requirements.
  4. Effectiveness Evaluation Records: Documentation of the evaluation process used to assess the effectiveness of corrective actions, including performance metrics, KPIs, and criteria for measuring success.
  5. Review and Verification Records: Records of reviews and verifications conducted to ensure that corrective actions were implemented as planned and that they effectively addressed the root causes.
  6. Communication Records: Documentation of how the outcomes and effectiveness of corrective actions were communicated to relevant parties, including employees, management, and stakeholders.
  7. Lessons Learned Records: Records that capture lessons learned from incidents, nonconformities, and corrective actions and how these insights were used to drive continuous improvement in the OH&S management system.
  8. Regulatory Compliance Records: Documentation that demonstrates compliance with relevant regulatory requirements and standards in the handling of incidents, nonconformities, and corrective actions.
  9. Retention Records: Records specifying the retention period for each of the above-mentioned records, ensuring they are retained for the required duration according to regulations or organizational policies.
  10. Accessibility Records: Records indicating how these documents and records are stored, maintained, and made accessible for audits, reviews, and inspections.

13) The organization shall communicate this documented information to relevant workers, and, where they exist, workers’ representatives, and other relevant interested parties.

Effective communication is crucial in ensuring that information related to incidents or nonconformities, as well as any subsequent actions taken, is properly disseminated to relevant parties within and outside the organization. ISO 45001:2018 emphasizes the importance of communication in Clause 5.2, and this includes sharing information about incidents and nonconformities. Here’s how organizations can fulfill this requirement:

1. Workers:

  • Communicate the nature of incidents or nonconformities to all relevant workers who may be affected, directly or indirectly, by the incident or nonconformity.
  • Workers should be informed promptly about the incident or nonconformity, its potential impact on safety and health, and any actions being taken or planned to address it.

2. Workers’ Representatives:

  • If workers’ representatives exist within the organization (e.g., safety committee members, trade union representatives), ensure that they are also informed about incidents and nonconformities. These representatives can play a vital role in representing worker interests and providing input into corrective actions.
  • Involve workers’ representatives in discussions about the incident or nonconformity and any actions taken to address it.

3. Other Relevant Interested Parties:

  • Identify other relevant interested parties who may need to be informed about incidents or nonconformities. This may include contractors, suppliers, regulatory authorities, and external stakeholders.
  • Communicate the relevant information to these parties, as necessary, while considering confidentiality and legal requirements.

4. Communication Methods:

  • Use clear and effective communication methods to convey information about incidents or nonconformities. These methods may include meetings, written notifications, email, verbal communication, or other suitable means.
  • Ensure that the information is presented in a way that is easily understood by the intended recipients, considering language and literacy levels.

5. Timeliness:

  • Communicate the information promptly to ensure that relevant parties are informed in a timely manner. Delays in communication can hinder the organization’s ability to manage and address incidents or nonconformities effectively.

6. Privacy and Confidentiality:

  • Respect privacy and confidentiality requirements when sharing information about incidents or nonconformities, particularly when personal information is involved.

7. Feedback and Input:

  • Encourage workers and other relevant parties to provide feedback and input on the incident or nonconformity and proposed corrective actions. This promotes worker involvement and can lead to more effective solutions.

Effective communication about incidents and nonconformities ensures transparency, engages workers in the safety process, and allows the organization to take appropriate corrective and preventive actions. It also helps build trust among stakeholders and fosters a culture of safety within the organization.

14) The reporting and investigation of incidents without undue delay can enable hazards to be eliminated and associated OH&S risks to be minimized as soon as possible.

Reporting and investigating incidents without undue delay is a critical component of an effective Occupational Health and Safety (OH&S) management system. This proactive approach allows organizations to identify hazards, understand their underlying causes, and take prompt corrective actions to eliminate or mitigate associated OH&S risks as soon as possible. Here are key reasons why reporting and investigating incidents without delay is essential:

  1. Prompt Hazard Identification: Reporting incidents immediately after they occur enables organizations to identify hazards in a timely manner. This early recognition is crucial for preventing future incidents and injuries.
  2. Early Intervention: Investigating incidents promptly allows organizations to intervene quickly to address the root causes and contributing factors. This can help prevent similar incidents from happening and reduce the potential for harm.
  3. Mitigating OH&S Risks: By understanding the causes of incidents, organizations can assess and minimize OH&S risks more effectively. This proactive risk management approach can prevent future incidents and protect the well-being of employees and stakeholders.
  4. Preventing Recurrence: Rapid reporting and investigation allow organizations to implement corrective actions promptly. This prevents the recurrence of incidents and nonconformities, reducing the likelihood of injuries and property damage.
  5. Worker Safety: Timely reporting and investigation demonstrate a commitment to worker safety. Workers are more likely to report incidents and near-misses if they believe their concerns will be addressed promptly.
  6. Regulatory Compliance: Many regulatory authorities require incidents to be reported within specific timeframes. Compliance with these requirements is essential to avoid legal and regulatory consequences.
  7. Continuous Improvement: Prompt reporting and investigation contribute to a culture of continuous improvement in safety practices and OH&S management systems. Organizations can learn from incidents and apply lessons to prevent future occurrences.
  8. Data Collection and Analysis: Timely incident reporting provides a consistent flow of data that can be used for trend analysis, enabling organizations to identify recurring issues and systemic weaknesses in their OH&S processes.
  9. Reputation and Stakeholder Trust: Demonstrating a commitment to addressing incidents promptly and effectively enhances the organization’s reputation and builds trust with employees, customers, suppliers, and other stakeholders.
  10. Legal and Insurance Implications: Timely incident reporting and investigation are often essential for addressing potential legal liabilities and insurance claims. Delayed reporting may complicate legal and insurance matters.

In summary, reporting and investigating incidents without undue delay is a proactive and responsible approach that benefits organizations by minimizing risks, preventing harm, and fostering a culture of safety. It aligns with the principles of ISO 45001 and other OH&S standards and regulations, emphasizing the importance of timely incident management in safeguarding the well-being of workers and the organization as a whole.

Example of Procedure for Incident Reporting and Investigation

Objective: To establish a systematic process for reporting, investigating, and addressing incidents to ensure the health and safety of employees and prevent recurrence.

Scope: This procedure applies to all employees, contractors, visitors, and stakeholders within the organization.

Responsibilities:

  1. Employees: Responsible for reporting incidents and cooperating with investigations.
  2. Managers and Supervisors: Responsible for ensuring incidents are reported, initiating investigations, and implementing corrective actions.
  3. Health and Safety Committee: Responsible for reviewing and providing input on incident reports and investigations.
  4. Health and Safety Officer: Responsible for coordinating investigations, documenting findings, and tracking corrective actions.
  5. Top Management: Responsible for reviewing and approving investigation reports and corrective action plans.

Procedure:

1. Incident Reporting:

1.1. Any employee who witnesses or is involved in an incident, including near-misses, should report it immediately to their immediate supervisor or the designated incident reporting authority.

1.2. Incidents can be reported through the following methods:

  • Verbal reporting
  • Written reports
  • Online incident reporting system (if available)

1.3. Incidents that require immediate attention to prevent further harm or damage should be reported without delay.

2. Initial Response:

2.1. Upon receiving an incident report, the immediate supervisor or designated authority should take appropriate actions to ensure the safety and well-being of individuals involved and secure the incident scene, if necessary.

3. Incident Recording:

3.1. The person receiving the incident report should document the details of the incident, including:

  • Date, time, and location of the incident
  • Nature of the incident
  • Individuals involved and their contact information
  • Witnesses
  • Initial assessment of potential consequences

3.2. This information should be recorded in an incident report form or the organization’s incident management system.

4. Incident Investigation:

4.1. An incident investigation team should be appointed to conduct a thorough investigation. This team may include representatives from relevant departments, safety personnel, and workers’ representatives.

4.2. The investigation should be initiated promptly, and the team should assess the incident’s root causes and contributing factors.

5. Root Cause Analysis:

5.1. The investigation team should use appropriate root cause analysis methods (e.g., “5 Whys,” fishbone diagrams) to identify the underlying causes of the incident.

6. Corrective Actions:

6.1. Based on the investigation findings, corrective actions should be developed to address the root causes and prevent recurrence.

6.2. Corrective actions should include specific tasks, responsible parties, timelines, and resource requirements.

7. Incident Report Review:

7.1. The incident report and investigation findings should be reviewed by the Health and Safety Committee or designated authorities.

7.2. Recommendations and corrective actions should be approved by top management.

8. Communication:

8.1. Findings and actions should be communicated to relevant parties, including employees, contractors, and stakeholders, as appropriate.

9. Documentation:

9.1. All incident reports, investigation findings, and corrective actions should be documented and retained as records.

10. Review and Continuous Improvement:

10.1. Periodic reviews of incident data and investigations should be conducted to identify trends and opportunities for improvement in the organization’s safety practices.

Example for procedure for corrective action

Objective: To establish a structured process for identifying, implementing, and verifying corrective actions to address incidents, nonconformities, and identified risks in order to prevent their recurrence and improve the OH&S management system.

Scope: This procedure applies to all employees, contractors, and stakeholders within the organization.

Responsibilities:

  1. Employees: Responsible for reporting incidents, nonconformities, and potential risks.
  2. Managers and Supervisors: Responsible for initiating corrective actions and ensuring their completion.
  3. Health and Safety Officer: Responsible for coordinating and documenting corrective actions.
  4. Top Management: Responsible for reviewing and approving corrective action plans.

Procedure:

1. Identification of Incidents, Nonconformities, and Risks:

1.1. Incidents, nonconformities, and identified risks can be reported by any employee, contractor, or stakeholder using designated reporting channels, such as incident report forms, verbal reports, or an online reporting system.

1.2. Incidents, nonconformities, and risks should be assessed for their potential impact on safety and health, compliance, and the OH&S management system.

2. Evaluation and Prioritization:

2.1. A designated person or team should evaluate the reported incidents, nonconformities, and risks to determine their significance and potential consequences.

2.2. Incidents, nonconformities, and risks should be prioritized based on their severity and the likelihood of recurrence.

3. Root Cause Analysis:

3.1. For each identified incident or nonconformity, an investigation team should be appointed to conduct a root cause analysis.

3.2. The root cause analysis should use appropriate methods (e.g., “5 Whys,” fishbone diagrams) to identify the underlying causes and contributing factors.

4. Development of Corrective Actions:

4.1. Based on the root cause analysis findings, corrective actions should be developed to address the identified issues and prevent their recurrence.

4.2. Corrective actions should be specific, measurable, achievable, relevant, and time-bound (SMART), and they should include:

  • Detailed action steps
  • Responsible parties
  • Timelines
  • Resource requirements

5. Approval of Corrective Actions:

5.1. Corrective actions should be reviewed and approved by top management or designated authorities before implementation.

6. Implementation:

6.1. Responsible parties should implement the approved corrective actions within the specified timelines.

6.2. Regular monitoring of the implementation progress should be conducted.

7. Verification of Effectiveness:

7.1. After implementation, the effectiveness of the corrective actions should be verified to ensure that the identified issues have been addressed and that there is no recurrence.

7.2. Verification may involve performance metrics, KPIs, or other criteria for measuring success.

8. Documentation:

8.1. All records related to the corrective actions, including investigation findings, action plans, verification results, and communication, should be documented and retained as records.

9. Communication:

9.1. The outcomes of the corrective actions and their effectiveness should be communicated to relevant parties, including employees, contractors, and stakeholders, as appropriate.

10. Review and Continuous Improvement:

10.1. Periodic reviews of corrective action data should be conducted to identify trends and opportunities for improvement in the organization’s safety practices and OH&S management system.

Published by Pretesh Biswas

Pretesh Biswas has wealth of qualifications and experience in providing results-oriented solutions for your system development, training or auditing needs. He has helped dozens of organizations in implementing effective management systems to a number of standards. He provide a unique blend of specialized knowledge, experience, tools and interactive skills to help you develop systems that not only get certified, but also contribute to the bottom line. He has taught literally hundreds of students over the past 5 years. He has experience in training at hundreds of organizations in several industry sectors. His training is unique in that which can be customized as to your management system and activities and deliver them at your facility. This greatly accelerates the learning curve and application of the knowledge acquired. He is now ex-Certification body lead auditor now working as consultancy auditor. He has performed hundreds of audits in several industry sectors. As consultancy auditor, he not just report findings, but provide value-added service in recommending appropriate solutions. Experience Consultancy: He has helped over 100 clients in a wide variety of industries achieve ISO 9001,14001,27001,20000, OHSAS 18001 and TS 16949 certification. Industries include automotive, metal stamping and screw machine, fabrication, machining, assembly, Forging electrostatic and chrome plating, heat-treating, coatings, glass, plastic and rubber products, electrical and electronic equipment, assemblies & components, batteries, computer hardware and software, printing, placement and Security help, warehousing and distribution, repair facilities, consumer credit counseling agencies, banks, call centers, etc. Training: He has delivered public and on-site quality management training to over 1000 students. Courses include ISO/TS -RAB approved Lead Auditor, Internal Auditing, Implementation, Documentation, as well as customized ISO/TS courses, PPAP, FMEA, APQP and Control Plans. Auditing: He has conducted over 100 third party registration and surveillance audits and dozens of gap, internal and pre-assessment audits to ISO/QS/TS Standards, in the manufacturing and service sectors. Other services: He has provided business planning, restructuring, asset management, systems and process streamlining services to a variety of manufacturing and service clients such as printing, plastics, automotive, transportation and custom brokerage, warehousing and distribution, electrical and electronics, trading, equipment leasing, etc. Education & professional certification: Pretesh Biswas has held IRCA certified Lead Auditor for ISO 9001,14001 and 27001. He holds a Bachelor of Engineering degree in Mechanical Engineering and is a MBA in Systems and Marketing. Prior to becoming a business consultant 6 years ago, he has worked in several portfolios such as Marketing, operations, production, Quality and customer care. He is also certified in Six Sigma Black belt .

Published

Leave a Reply