Standard for integrated Management system for Quality , Environment and Health & Safety

EHS documentation 40 Minutes
https://preteshbiswas.com/wp-content/uploads/2024/06/Integrated-Management-System-Standard_-Quality-Environment-Health-Safety.wav

1 Scope

This Standard specifies requirements for an Integrated Management system of quality, environmental, and occupational health and safety (OH&S), applicable to any organization regardless of its type or size. It ensures the organization’s ability to consistently provide products and services that meet customer and regulatory requirements, aiming to enhance customer satisfaction through effective system application, improvement processes, and conformity assurance. The outlined in standard helps organizations enhance environmental performance, manage environmental responsibilities systematically, and achieve sustainability goals, including compliance with environmental policies and objectives. It enables organizations to provide safe and healthy workplaces, prevent work-related injuries and illnesses, and proactively improve OH&S performance, addressing hazards and risks. These standards support continual improvement, legal compliance, and the achievement of respective management system objectives, without specifying performance criteria or being prescriptive about system design. Organizations can use the standard in whole or in part to systematically improve their management practices, but claims of conformity are valid only if all requirements are incorporated and fulfilled without exclusion.

2 Normative references

The following documents, in whole or in part, are normatively referenced in this document and are indispensable for its application. For dated references, only the edition cited applies. The latest edition of the referenced document (including any amendments) applies for undated references.

  • ISO 9000:2015, Quality management systems — Fundamentals and vocabulary
  • ISO 9001:2015, Quality Management Systems — Requirements
  • ISO 14001:2015 Environmental management systems — Requirements with guidance for use
  • ISO 45001:2018 Occupational health and safety management systems — Requirements with guidance for use

3 Terms and definitions

For this document, the terms and definitions given in ISO 9000:2015, ISO 14001:2015 and ISO 45001:2018 apply.

4 Context of the organization

4.1 Understanding the organization and its context

The organization shall determine external and internal issues relevant to its purpose and strategic direction that affect its ability to achieve the intended results of its quality management system, as well as the intended outcomes of its environmental and OH&S management systems. This includes monitoring and reviewing information about these issues, particularly those environmental conditions that impact or are impacted by the organization. The organization shall determine whether climate change is a relevant issue.

NOTE 1 Issues can include positive and negative factors or conditions for consideration.
NOTE 2 Understanding the external context can be facilitated by considering issues arising from legal, technological, competitive, market, cultural, social and economic environments, whether international, national, regional or local.
NOTE 3 Understanding the internal context can be facilitated by considering issues related to values, culture, knowledge and performance of the organization.

4.2 Understanding the needs and expectations of workers and other interested parties

Due to their effect or potential effect on the organization’s ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, the organization shall determine the interested parties relevant to the integrated management system related to quality, environmental and OH&S. The organization shall identify the relevant needs and expectations of these interested parties, including which needs and expectations become compliance obligations or legal requirements. The organization shall monitor and review information about these interested parties and their relevant requirements.

Note: Relevant interested parties can have requirements related to climate change.

4.3 Determining the scope of the Integrated management system for quality, Environmental and OH&S.

The organization shall determine the boundaries and applicability of its integrated management systems for quality, environmental, and OH&S to establish its scope. When determining the scope, the organization shall consider external and internal issues referred to in 4.1, the requirements of relevant interested parties referred to in 4.2, and its products and services. For the quality management system, the scope must state the types of products and services covered and justify any non-applicable requirements of the Standard, ensuring these do not affect the organization’s ability to ensure conformity and enhance customer satisfaction. For the environmental management system, the scope must include organizational units, functions, physical boundaries, activities, products, services, and the organization’s control and influence, with all within-scope elements included in the system. For the OH&S management system, the scope must consider planned or performed work-related activities and include activities, products, and services that impact OH&S performance. The scope shall be documented and available to interested parties.

4.4 Integrated Management System related to Quality, Environmental and OH&S and its processes.

4.4.1 The organization shall establish, implement, maintain, and continually improve its Integrated Management system of quality, environmental, and OH&S, including the necessary processes and their interactions, in accordance with the requirements of the standard. The organization shall consider the knowledge gained in 4.1 and 4.2 when establishing and maintaining the Integrated management system. The organization shall determine the processes needed for the Integrated management system and their application throughout the organization, and shall:

  • a) determine the inputs required and the outputs expected from these processes;
  • b) determine the sequence and interaction of these processes;
  • c) determine and apply the criteria and methods (including monitoring, measurements and related performance indicators) needed to ensure the effective operation and control of these processes;
  • d) determine the resources needed for these processes and ensure their availability;
  • e) assign the responsibilities and authorities for these processes;
  • f) address the risks and opportunities as determined in accordance with the requirements of 6.1;
  • g) evaluate these processes and implement any changes needed to ensure that these processes achieve their intended results;
  • h) improve the processes and the integrated management system.

4.4.2 To the extent necessary, the organization shall:

  • a) maintain documented information to support the operation of its processes;
  • b) Retain documented information to ensure the processes are carried out as planned.

5 Leadership and worker participation

5.1 Leadership and Commitment

5.1.1 General

Top management shall demonstrate leadership and commitment with respect to the quality, environmental, and OH&S management systems

  • a) by taking accountability for their effectiveness including accountability for the prevention of work-related injury and ill health, as well as the provision of safe and healthy workplaces and activities.
  • b) ensuring the establishment of quality, environmental, and OH&S policies and objectives that are compatible with the organization’s strategic direction and context,
  • c) ensuring the integration of the quality, environmental, and OH&S management system requirements into the organization’s business processes.
  • d) promoting the use of the process approach and risk-based thinking,
  • e) ensuring that the resources needed to establish, implement, maintain and improve the quality, environmental, and OH&S management system are available
  • f) Communicate the importance of effective quality, environmental, and OH&S management, as well as conformity to system requirements.
  • g) ensure that quality, environmental, and OH&S management system achieves its intended outcomes
  • h) engaging, directing and supporting personnel to contribute to the effectiveness of quality, environmental, and OH&S system
  • i) ensuring and promoting continual improvement.
  • j) supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility.
  • k) developing, leading and promoting a culture in the organization that supports the intended outcomes of the Integrated management system;
  • l) protecting workers from reprisals when reporting incidents, hazards, risks and opportunities;
  • m) ensuring the organization establishes and implements a process(es) for consultation and
    participation of workers;
  • n) supporting the establishment and functioning of health and safety committees,.

NOTE Reference to “business” in this Standard can be interpreted broadly to mean those activities that are core to the purposes of the organization’s existence, whether the organization is public, private, for profit or not for profit.

5.1.2 Customer focus

Top management shall demonstrate leadership and commitment concerning customer focus by ensuring that:
a) customer and applicable statutory and regulatory requirements are determined, understood and consistently met;
b) the risks and opportunities that can affect the conformity of products and services and the ability to enhance customer satisfaction are determined and addressed;
c) the focus on enhancing customer satisfaction is maintained.

5.2 Policy

5.2.1 Establishing the quality Environmental and OH&S policy

Top management shall establish, implement and maintain a quality, Environmental and OH&S policy that:

  • a) appropriate to its purpose and context, supporting its strategic direction, including the nature, scale, and environmental impacts of its activities, products, and services, and must include a commitment to providing safe and healthy working conditions for preventing work-related injury and ill health, considering the specific nature of its OH&S risks and opportunities.
  • b) provides a framework for setting quality, environmental and OH&S objectives.
  • c) includes a commitment to protecting the environment, including prevention of pollution and other specific commitment(s) relevant to the organization’s context.
  • NOTE Other specific commitment(s) to protect the environment can include sustainable resource use, climate change mitigation and adaptation, and protection of biodiversity and ecosystems.
  • d) includes a commitment to satisfy applicable requirements.
  • e) includes a commitment to fulfil its compliance obligations including legal and other requirements.
  • f) includes a commitment to eliminate hazards and reduce OH&S risks.
  • g) includes a commitment to continual improvement of the quality, environmental and OH&S management system to enhance its quality, environmental and OH&S performance.
  • i) includes a commitment to consultation and participation of workers, and, where they exist, workers’ representatives.

5.2.2 Communicating the Policy

The policy shall:

  • a) be available and be maintained as documented information.
  • b) be communicated, understood and applied within the organization.
  • c) be available to relevant interested parties, as appropriate.
  • d) be relevant and appropriate.

5.3 Organizational roles, responsibilities and authorities

Top management shall ensure that the responsibilities and authorities for relevant roles within the Quality, Environmental OH&S management system are assigned, communicated at all levels, and maintained as documented information within the organization. Workers at each level of the organization shall assume responsibility for those aspects of the management system over which they have control.
NOTE While responsibility and authority can be assigned, ultimately top management is still accountable for the functioning of the management system.

Top management shall assign the responsibility and authority for:

  • a) ensuring that the quality, environmental and OH&S management system conforms to the requirements of this Standard.
  • b) reporting on the performance of the Integrated management system, including Quality, environmental and OH&S performance, and on opportunities for improvement to top management.
  • c) ensuring that the processes are delivering their intended outputs;
  • d) ensuring the promotion of customer focus throughout the organization;
  • e) ensuring that the integrity of the integrated management system is maintained when changes to the integrated management system are planned and implemented.

5.4 Consultation and participation of workers

The organization shall establish, implement and maintain processes for consultation and participation of workers at all applicable levels and functions, and, where they exist, workers’ representatives, in the development, planning, implementation, performance evaluation and actions for improvement of the Integrated management system.
The organization shall:

  • a) provide mechanisms, time, training and resources necessary for consultation and participation;
  • NOTE 1 Worker representation can be a mechanism for consultation and participation.
  • b) provide timely access to clear, understandable and relevant information about the Integrated management system;
  • c) determine and remove obstacles or barriers to participation and minimize those that cannot be removed;
  • NOTE 2 Obstacles and barriers can include failure to respond to worker inputs or suggestions, language or literacy barriers, reprisals or threats of reprisals and policies or practices that discourage or penalize worker participation.
  • d) emphasize the consultation of non-managerial workers on the following:
    • 1) determining the needs and expectations of interested parties;
    • 2) establishing the policy;
    • 3) assigning organizational roles, responsibilities and authorities, as applicable;
    • 4) determining how to fulfil legal requirements and other requirements;
    • 5) establishing objectives and planning to achieve them;
    • 6) determining applicable controls for outsourcing, procurement and contractors;
    • 7) determining what needs to be monitored, measured and evaluated;
    • 8) planning, establishing, implementing and maintaining an audit programme(s);
    • 9) ensuring continual improvement ;
  • e) emphasize the participation of non-managerial workers in the following:
    • 1) determining the mechanisms for their consultation and participation;
    • 2) identifying hazards and assessing risks and opportunities;
    • 3) determining actions to eliminate hazards and reduce OH&S risks;
    • 4) determining competence requirements, training needs, training and evaluating
    • training ;
    • 5) determining what needs to be communicated and how this will be done;
    • 6) determining control measures and their effective implementation and use ;
    • 7) investigating incidents and nonconformities and determining corrective actions.
  • NOTE 3 Emphasizing the consultation and participation of non-managerial workers is intended to apply to persons carrying out the work activities but is not intended to exclude, for example, managers impacted by work activities or other factors in the organization.
  • NOTE 4 It is recognized that providing training at no cost to workers and training during working hours, where possible, can remove significant barriers to worker participation.

6 Planning

6.1 Actions to address risks and opportunities

6.1.1 General

The organization shall establish, implement and maintain the processes needed to meet the requirements in 6.1.1 to 6.1.4. When planning for the Quality, Environmental and OH&S management system, the organization shall consider the issues referred to in 4.1 (context), the requirements referred to in 4.2 (interested parties) and 4.3 (the scope of its Integrated management system) and determine the risks and opportunities that need to be addressed to:

  • a) give assurance that the Integrated management system can achieve its intended outcomes;
  • b) enhance desirable effects;
  • c) prevent, or reduce, undesired effects;
  • d) achieve continual improvement.

When determining the risks and opportunities for the Integrated management system and its intended outcomes that need to be addressed, the organization shall take into account:

  • issues and requirements, identified in 4.1 and 4.2
  • environmental aspects
  • hazards
  • OH&S risks and other risks
  • OH&S opportunities and other opportunities ;
  • compliance obligations including legal requirements and other requirements.

Within the scope of the integrated management system, the organization shall determine potential emergency situations, including those that can have an environmental impact and safety hazards.

The organization shall maintain documented information on its:

  • risks and opportunities that need to be addressed;
  • processes needed in 6.1.1 to 6.1.4, to the extent necessary to have confidence they are carried out as planned.

6.1.2 Environmental aspects, Hazard identification and assessment of risks and opportunities

6.1.2.1 Hazard identification

The organization shall establish, implement and maintain a process(es) for hazard identification that is ongoing and proactive. The process(es) shall take into account, but not be limited to:

  • a) how work is organized, social factors (including workload, work hours, victimization, harassment and bullying), leadership and the culture in the organization;
  • b) routine and non-routine activities and situations, including hazards arising from:
    • 1) infrastructure, equipment, materials, substances and the physical conditions of the workplace;
    • 2) product and service design, research, development, testing, production, assembly, construction, service delivery, maintenance and disposal;
    • 3) human factors;
    • 4) how the work is performed;
  • c) past relevant incidents, internal or external to the organization, including emergencies, and their causes;
  • d) potential emergency situations;
  • e) people, including consideration of:
    • 1) those with access to the workplace and their activities, including workers, contractors, visitors and other persons;
    • 2) those in the vicinity of the workplace who can be affected by the activities of the organization;
    • 3) workers at a location not under the direct control of the organization;
  • f) other issues, including consideration of:
    • 1) the design of work areas, processes, installations, machinery/equipment, operating procedures and work organization, including their adaptation to the needs and capabilities of the workers involved;
    • 2) situations occurring in the vicinity of the workplace caused by work-related activities under the control of the organization;
    • 3) situations not controlled by the organization and occurring in the vicinity of the workplace that can cause injury and ill health to persons in the workplace;
  • g) actual or proposed changes in organization, operations, processes, activities and the Integrated management system ;
  • h) changes in knowledge of, and information about, hazards.

6.1.2.2 Assessment of OH&S risks and other risks to the OH&S management system

The organization shall establish, implement and maintain a process(es) to:

  • a) assess OH&S risks from the identified hazards, while taking into account the effectiveness of existing controls;
  • b) determine and assess the other risks related to the establishment, implementation, operation and maintenance of the Integrated management system.

The organization’s methodology(ies) and criteria for the assessment of OH&S risks shall be defined with respect to their scope, nature and timing to ensure they are proactive rather than reactive and are used systematically. Documented information shall be maintained and retained on the methodology(ies) and criteria.

6.1.2.3 Assessment of OH&S opportunities and other opportunities for the OH&S management system

The organization shall establish, implement and maintain a process(es) to assess:

  • a) OH&S opportunities to enhance OH&S performance, while taking into account planned changes to the organization, its policies, its processes or its activities and:
    • 1) opportunities to adapt work, work organization and work environment to workers;
    • 2) opportunities to eliminate hazards and reduce OH&S risks;
  • b) other opportunities for improving the Integrated management system.

NOTE OH&S risks and OH&S opportunities can result in other risks and other opportunities for the organization.

6.1.2.4 Environmental aspects
Within the defined scope of the Integrated management system, the organization shall determine the environmental aspects of its activities, products and services that it can control and those that it can influence, and their associated environmental impacts, considering a life cycle perspective. When determining environmental aspects, the organization shall take into account:

  • a) change, including planned or new developments, and new or modified activities, products and services;
  • b) abnormal conditions and reasonably foreseeable emergency situations.

The organization shall determine those aspects that have or can have a significant environmental
impact, i.e. significant environmental aspects, by using established criteria. The organization shall communicate its significant environmental aspects among the various levels and functions of the organization, as appropriate.
The organization shall maintain documented information of its:

  • environmental aspects and associated environmental impacts;
  • criteria used to determine its significant environmental aspects;
  • significant environmental aspects.

NOTE Significant environmental aspects can result in risks and opportunities associated with either adverse environmental impacts (threats) or beneficial environmental impacts (opportunities).

6.1.3 Determination of Compliance obligations, including the legal and other requirements.

The organization shall establish, implement and maintain a processes to:

  • a) determine and have access to the compliance obligations related to its environmental aspects and up-to-date legal requirements and other requirements that are applicable to its hazards, OH&S risks and integrated management system
  • b) determine how these compliance obligations including legal requirements and other requirements apply to the organization and what needs to be communicated.
  • c) take these compliance obligations including legal requirements and other requirements into account when establishing, implementing, maintaining and continually improving its Integrated management system.

The organization shall maintain and retain documented information on its legal requirements and other requirements and shall ensure that it is updated to reflect any changes.

NOTE Compliance obligations including Legal requirements and other requirements can result in risks and opportunities for the organization.

6.1.4 Planning action

The organization shall plan:

  • a) actions to:
    • 1) address these risks and opportunities ;
    • 2) address significant environmental aspects and/or safety hazards.
    • 3) address legal requirements and other requirements.
    • 4) prepare for and respond to emergency situations
  • b) how to:
    • 1) integrate and implement the actions into its Quality, environment and OH&S management system processes or other business processes;
    • 2) evaluate the effectiveness of these actions.

The organization shall take into account the hierarchy of controls and outputs from the Integrated management system when planning to take action. When planning these actions, the organization shall consider its best practices, technological options and its financial, operational and business requirements.

NOTE 1 Options to address risks can include avoiding risk, taking risk in order to pursue an opportunity, eliminating the risk source, changing the likelihood or consequences, sharing the risk, or retaining risk by informed decision.
NOTE 2 Opportunities can lead to the adoption of new practices, launching new products, opening new markets, addressing new customers, building partnerships, using new technology and other desirable and viable possibilities to address the organization’s or its customers’ needs.

6.2 Quality, Environmental and OH&S objectives and planning to achieve them

6.2.1

The organization shall establish Quality, Environment and OH&S objectives at relevant functions and levels in order to maintain and continually improve the Integrated management system and Quality, Environment and OH&S performance.

The Quality, Environment and OH&S objectives shall:

  • a) be consistent with the Quality, Environment and OH&S policy;
  • b) be measurable (if practicable) or capable of performance evaluation;
  • c) be relevant to conformity of products and services and to the enhancement of customer satisfaction
  • d) take into account:
    • 1) applicable requirements;
    • 2) considering its risks and opportunities;
    • 3) significant environmental aspects and safety hazards
    • 4)associated compliance obligations including legal requirements and other requirement
    • 5) the results of consultation with workers and, where they exist, workers’ representatives;
  • e) be monitored;
  • f) be communicated;
  • g) be updated as appropriate.

6.2.2

When planning how to achieve its Quality, Environmental and OH&S objectives, the organization shall determine:

  • a) what will be done;
  • b) what resources will be required;
  • c) who will be responsible;
  • d) when it will be completed;
  • e) how the results will be evaluated, including indicators for monitoring progress toward achievement of its measurable Quality, Environmental and OH&S objectives
  • f) how the actions to achieve Quality, Environmental and OH&S objectives will be integrated into the organization’s business processes.

The organization shall maintain and retain documented information on the Quality, Environmental and OH&S objectives and plans to achieve them.

6.3 Planning of changes

When the organization determines the need for changes to the integrated management system, the changes shall be carried out in a planned manner

The organization shall consider:

  • a) the purpose of the changes and their potential consequences;
  • b) the integrity of the integrated management system;
  • c) the availability of resources;
  • d) the allocation or reallocation of responsibilities and authorities.

7 Support

7.1 Resources

7.1.1 General

The organization shall determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement of the Quality, Environmental and OH&S management system. The organization shall consider:

  • a) the capabilities of, and constraints on, existing internal resources;
  • b) what needs to be obtained from external providers.

7.1.2 People

The organization shall determine and provide the persons necessary for the effective implementation of its integrated management system and for the operation and control of its processes.

7.1.3 Infrastructure

The organization shall determine, provide and maintain the infrastructure necessary for the operation of its processes and to achieve conformity of products and services.

NOTE Infrastructure can include:
a) buildings and associated utilities;
b) equipment, including hardware and software;
c) transportation resources;
d) information and communication technology.

7.1.4 Environment for the operation of processes

The organization shall determine, provide and maintain the environment necessary for the operation of its processes and to achieve conformity of products and services.

NOTE A suitable environment can be a combination of human and physical factors, such as:
a) social (e.g. non-discriminatory, calm, non-confrontational);
b) psychological (e.g. stress-reducing, burnout prevention, emotionally protective);
c) physical (e.g. temperature, heat, humidity, light, airflow, hygiene, noise).
These factors can differ substantially depending on the products and services provided.

7.1.5 Monitoring and measuring resources

7.1.5.1 General

The organization shall determine and provide the resources needed to ensure valid and reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements.
The organization shall ensure that the resources provided:

  • a) are suitable for the specific type of monitoring and measurement activities being undertaken;
  • b) are maintained to ensure their continuing fitness for their purpose.

The organization shall retain appropriate documented information as evidence of fitness for purpose of the monitoring and measurement resources.

7.1.5.2 Measurement traceability

When measurement traceability is a requirement, or is considered by the organization to be an essential part of providing confidence in the validity of measurement results, measuring equipment shall be:

  • a) calibrated or verified, or both, at specified intervals, or prior to use, against measurement standards traceable to international or national measurement standards; when no such standards exist, the basis used for calibration or verification shall be retained as documented information;
  • b) identified in order to determine their status;
  • c) safeguarded from adjustments, damage or deterioration that would invalidate the calibration status and subsequent measurement results.

The organization shall determine if the validity of previous measurement results has been adversely affected when measuring equipment is found to be unfit for its intended purpose, and shall take appropriate action as necessary.

7.1.6 Organizational knowledge

The organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services. This knowledge shall be maintained and be made available to the extent necessary. When addressing changing needs and trends, the organization shall consider its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates.
NOTE 1 Organizational knowledge is knowledge specific to the organization; it is generally gained by experience. It is information that is used and shared to achieve the organization’s objectives.
NOTE 2 Organizational knowledge can be based on:

  • a) internal sources (e.g. intellectual property; knowledge gained from experience; lessons learned from failures and successful projects; capturing and sharing undocumented knowledge and experience; the results of improvements in processes, products and services);
  • b) external sources ( e.g. standards; academia; conferences; gathering knowledge from customers or external providers).

7.2 Competence

The organization shall:

  • a) determine the necessary competence of person(s) doing work including workers under its control that affects or can affect the quality, environmental and OH&S performance, its ability to fulfil its compliance obligations and effectiveness of the quality management system;
  • b) ensure that these persons also workers are competent (including the ability to identify hazards) on the basis of appropriate education, training, or experience
  • c) determine training needs associated with its environmental aspects and its environmental management system;
  • d) where applicable, take actions to acquire and maintain the necessary competence, and evaluate the effectiveness of the actions taken;
  • e) retain appropriate documented information as evidence of competence.
  • NOTE Applicable actions can include, for example, the provision of training to, the mentoring of, or the reassignment of currently employed persons, or the hiring or contracting of competent persons.

7.3 Awareness

The organization shall ensure that persons doing work under the organization’s control are aware of:

  • a) the quality, environmental, OH&S policy and relevant quality, environmental, OH&S objectives.
  • b) their contribution to the effectiveness of the quality, environmental, OH&S management system, including the benefits of improved quality, environmental and OH&S performance.
  • c) the implications and potential consequences of not conforming to the quality, environmental, OH&S management system requirements including the benefits of enhanced quality, environmental, OH&S performance and not fulfilling the organization’s compliance obligations.
  • d) the significant environmental aspects and related actual or potential environmental impacts associated with their work.
  • e) incidents and the outcomes of investigations that are relevant to them.
  • f) hazards, OH&S risks and actions determined that are relevant to them.
  • g) the ability to remove themselves from work situations that they consider present an imminent and serious danger to their life or health, as well as the arrangements for protecting them from undue consequences for doing so.

7.4 Communication

7.4.1 General

The organization shall establish, implement and maintain the process(es) needed for the internal and external communications relevant to the quality, environmental, OH&S management system, including determining:

  • a) on what it will communicate;
  • b) when to communicate;
  • c) with whom to communicate:
    • 1) internally among the various levels and functions of the organization;
    • 2) among contractors and visitors to the workplace;
    • 3) among other interested parties;
  • d) how to communicate.
  • e) who communicates.

The organization shall take into account diversity aspects (e.g. gender, language, culture, literacy,
disability) when considering its communication needs. The organization shall ensure that the views of external interested parties are considered in establishing its communication processes.

When establishing its communication process(es), the organization shall:

  • take into account its Compliance obligation including legal requirements and other requirements;
  • ensure that quality, environmental and OH&S information to be communicated is consistent with information generated within Integrated management system, and is reliable.

The organization shall respond to relevant communications on its Integrated management system. The organization shall retain documented information as evidence of its communications, as appropriate.

7.4.2 Internal communication

The organization shall:

  • a) internally communicate information relevant to the Integrated management system among the various levels and functions of the organization, including changes to the Integrated management system, as appropriate;
  • b) ensure its communication process(es) enables persons doing work includes workers to contribute to continual improvement.

7.4.3 External communication

The organization shall externally communicate information relevant to the Integrated management system, as established by the organization’s communication process(es) and taking into account its Compliance obligations including legal requirements and other requirements.

7.5 Documented information

7.5.1 General

The organization’s Integrated management system shall include:
a) documented information required by this standard;
b) documented information determined by the organization as being necessary for the effectiveness of the Integrated management system.

NOTE The extent of documented information for an Integrated management system can differ from one organization to another due to:

  • the size of organization and its type of activities, processes, products and services;
  • the need to demonstrate fulfilment of its compliance obligations including legal requirements and other requirements;
  • the complexity of processes and their interactions;
  • the competence of persons doing work including workers under the organization’s control.

7.5.2 Creating and updating

When creating and updating documented information, the organization shall ensure appropriate:

  • a) identification and description (e.g. a title, date, author or reference number);
  • b) format (e.g. language, software version, graphics) and media (e.g. paper, electronic);
  • c) review and approval for suitability and adequacy.

7.5.3 Control of documented information

Documented information required by the Integrated management system and by this document shall be controlled to ensure:

  • a) it is available and suitable for use, where and when it is needed;
  • b) it is adequately protected (e.g. from loss of confidentiality, improper use or loss of integrity).

For the control of documented information, the organization shall address the following activities, as applicable:

  • a) distribution, access, retrieval and use;
  • b) storage and preservation, including preservation of legibility;
  • c) control of changes (e.g. version control);
  • d) retention and disposition.

Documented information of external origin determined by the organization to be necessary for the planning and operation of the quality management system shall be identified as appropriate, and be controlled.
Documented information retained as evidence of conformity shall be protected from unintended
alterations.

NOTE 1 Access can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information.
NOTE 2 Access to relevant documented information includes access by workers, and, where they exist, workers’ representatives.

8 Operation

8.1 Operational planning and control

8.1.1 General

The organization shall plan, implement, control and maintain the processes needed to meet the requirements of the Integrated management system, and to implement the actions determined in Clause 6, by:

  • a) determining the requirements for the products and services;
  • b) establishing criteria for:
    • 1) the processes;
    • 2) the acceptance of products and services;
  • c) determining the resources needed to achieve conformity to the product and service requirements;
  • d) implementing control of the processes in accordance with the criteria;
  • NOTE Environmental Controls can include engineering controls and procedures. Controls can be implemented following a hierarchy (e.g. elimination, substitution, administrative) and can be used individually or in combination.
  • e) determining, maintaining and retaining documented information to the extent necessary:
    • 1) to have confidence that the processes have been carried out as planned;
    • 2) to demonstrate the conformity of products and services to their requirements.
  • f) adapting work to workers.

At multi-employer workplaces, the organization shall coordinate the relevant parts of the Integrated management system with the other organizations. The output of this planning shall be suitable for the organization’s operations.

The organization shall control planned changes and review the consequences of unintended changes, taking action to mitigate any adverse effects, as necessary.
The organization shall ensure that outsourced processes are controlled or influenced. The type and extent of control or influence to be applied to the process(es) shall be defined within the Integrated management system.

Consistent with a life cycle perspective, the organization shall:

  • a) establish controls, as appropriate, to ensure that its environmental requirements are addressed in the design and development process for the product or service, considering each life cycle stage;
  • b) determine its environmental requirements for the procurement of products and services, as appropriate;
  • c) communicate its relevant environmental requirements to external providers, including contractors;
  • d) consider the need to provide information about potential significant environmental impacts associated with the transportation or delivery, use, end-of-life treatment and final disposal of its products and services.

8.1.2 Eliminating hazards and reducing OH&S risks

The organization shall establish, implement and maintain a process(es) for the elimination of hazards and reduction of OH&S risks using the following hierarchy of controls:

  • a) eliminate the hazard;
  • b) substitute with less hazardous processes, operations, materials or equipment;
  • c) use engineering controls and reorganization of work;
  • d) use administrative controls, including training;
  • e) use adequate personal protective equipment.

NOTE In many countries, legal requirements and other requirements include the requirement that personal protective equipment (PPE) is provided at no cost to workers.

8.1.3 Management of change

The organization shall establish a process(es) for the implementation and control of planned temporary and permanent changes that impact environmental and OH&S performance, including:

  • a) new products, services and processes, or changes to existing products, services and processes, including:
    • workplace locations and surroundings;
    • work organization;
    • working conditions;
    • equipment;
    • workforce;
  • b) changes to Compliance obligations including legal requirements and other requirements;
  • c) changes in knowledge or information about environmental aspects, OH&S hazards and OH&S risks;
  • d) developments in knowledge and technology.

The organization shall review the consequences of unintended changes, taking action to mitigate any adverse effects, as necessary.
NOTE Changes can result in risks and opportunities.

8.1.4 Procurement

8.1.4.1 General

The organization shall establish, implement, and maintain processes to control the procurement of products and services and ensure their conformity to its integrated management system.

8.1.4.2 Contractors

The organization shall coordinate its procurement processes with its contractors, in order to identify environmental aspects and safety hazards and to assess and control the HSE risks arising from:

  • a) the contractors’ activities and operations that impact the organization;
  • b) the organization’s activities and operations that impact the contractors’ workers;
  • c) the contractors’ activities and operations that impact other interested parties in the workplace.

The organization shall ensure that the requirements of its Integrated management system are met by contractors and their workers. The organization’s procurement process(es) shall define and apply HSE criteria for the selection of contractors.
NOTE It can be helpful to include the occupational HSE criteria for the selection of contractors in the contractual documents.

8.1.4.3 Outsourcing

The organization shall ensure that outsourced functions and processes are controlled. The organization shall ensure that its outsourcing arrangements are consistent with legal requirements and other requirements and that the intended outcomes of the integrated management system are achieved. The type and degree of control to be applied to these functions and processes shall be defined within the Integrated management system.
NOTE Coordination with external providers can assist an organization in addressing any impact that outsourcing has on its HSE performance.

8.2 Requirements for products & services and Emergency preparedness & response

8.2.1 Customer communication

Communication with customers shall include:

  • a) providing information relating to products and services;
  • b) handling enquiries, contracts or orders, including changes;
  • c) obtaining customer feedback relating to products and services, including customer complaints;
  • d) handling or controlling customer property;
  • e) establishing specific requirements for contingency actions, when relevant.

8.2.2 Determining the requirements for products and services

When determining the requirements for the products and services to be offered to customers, the organization shall ensure that:

  • a) the requirements for the products and services are defined, including:
    • 1) any applicable statutory and regulatory requirements;
    • 2) those considered necessary by the organization;
  • b) the organization can meet the claims for the products and services it offers.

8.2.3 Review of the requirements for products and services

8.2.3.1 The organization shall ensure that it has the ability to meet the requirements for products and services to be offered to customers. The organization shall conduct a review before committing to supply products and services to a customer, to include:

  • a) requirements specified by the customer, including the requirements for delivery and postdelivery activities;
  • b) requirements not stated by the customer, but necessary for the specified or intended use, when known;
  • c) requirements specified by the organization;
  • d) statutory and regulatory requirements applicable to the products and services;
  • e) contract or order requirements differing from those previously expressed.

The organization shall ensure that contract or order requirements differing from those previously
defined are resolved.
The customer’s requirements shall be confirmed by the organization before acceptance, when the customer does not provide a documented statement of their requirements.
NOTE In some situations, such as internet sales, a formal review is impractical for each order. Instead, the review can cover relevant product information, such as catalogues.

8.2.3.2 The organization shall retain documented information, as applicable:

  • a) on the results of the review;
  • b) on any new requirements for the products and services.

8.2.4 Changes to requirements for products and services

The organization shall ensure that relevant documented information is amended, and that relevant persons are made aware of the changed requirements, when the requirements for products and services are changed.

8.2.5 Emergency preparedness & response

The organization shall establish, implement and maintain the processes needed to prepare for and respond to potential emergency situations identified in 6.1.1. and 6.2.1

The organization shall:

  • a) establishing a planned response to emergency situations, including the provision of first aid;
  • b) prepare to respond by planning actions to prevent or mitigate adverse environmental impacts from emergency situations;
  • c) respond to actual emergency situations;
  • d) take action to prevent or mitigate the consequences of emergency situations, appropriate to the magnitude of the emergency and the potential environmental impact and OH&S risks
  • e) provide relevant information and training related to emergency preparedness and response, as appropriate, to relevant interested parties, including persons working under its control.
  • f) evaluating performance and, as necessary, revising the planned response, including after testing and, in particular, after the occurrence of emergency situations;
  • g) communicating and providing relevant information to all workers on their duties and responsibilities;
  • h) communicating relevant information to contractors, visitors, emergency response services, government authorities and, as appropriate, the local community;
  • i) taking into account the needs and capabilities of all relevant interested parties and ensuring their involvement, as appropriate, in the development of the planned response.

The organization shall maintain and retain documented information on the processes and on the plans for responding to potential emergency situations.

8.3 Design and development of products and services

8.3.1 General

The organization shall establish, implement and maintain a design and development process that is appropriate to ensure the subsequent provision of products and services.

8.3.2 Design and development planning

In determining the stages and controls for design and development, the organization shall consider:

  • a) the nature, duration and complexity of the design and development activities;
  • b) the required process stages, including applicable design and development reviews;
  • c) the required design and development verification and validation activities;
  • d) the responsibilities and authorities involved in the design and development process;
  • e) the internal and external resource needs for the design and development of products and services;
  • f) the need to control interfaces between persons involved in the design and development process;
  • g) the need for involvement of customers and users in the design and development process;
  • h) the requirements for subsequent provision of products and services;
  • i) the level of control expected for the design and development process by customers and other relevant interested parties;
  • j) the documented information needed to demonstrate that design and development requirements have been met.

8.3.3 Design and development inputs

The organization shall determine the requirements essential for the specific types of products and services to be designed and developed. The organization shall consider:

  • a) functional and performance requirements;
  • b) information derived from previous similar design and development activities;
  • c) statutory and regulatory requirements;
  • d) standards or codes of practice that the organization has committed to implement;
  • e) potential consequences of failure due to the nature of the products and services.

Inputs shall be adequate for design and development purposes, complete and unambiguous. Conflicting design and development inputs shall be resolved. The organization shall retain documented information on design and development inputs.

8.3.4 Design and development controls

The organization shall apply controls to the design and development process to ensure that:

  • a) the results to be achieved are defined;
  • b) reviews are conducted to evaluate the ability of the results of design and development to meet requirements;
  • c) verification activities are conducted to ensure that the design and development outputs meet the input requirements;
  • d) validation activities are conducted to ensure that the resulting products and services meet the requirements for the specified application or intended use;
  • e) any necessary actions are taken on problems determined during the reviews, or verification and validation activities;
  • f) documented information of these activities is retained.
  • NOTE Design and development reviews, verification and validation have distinct purposes. They can be conducted separately or in any combination, as is suitable for the products and services of the organization.

8.3.5 Design and Development Outputs

The organization shall ensure that design and development outputs:

  • a) meet the input requirements;
  • b) are adequate for the subsequent processes for the provision of products and services;
  • c) include or reference monitoring and measuring requirements, as appropriate, and acceptance criteria;
  • d) specify the characteristics of the products and services that are essential for their intended purpose and their safe and proper provision.

The organization shall retain documented information on design and development outputs.

8.3.6 Design and development changes

The organization shall identify, review and control changes made during, or subsequent to, the design and development of products and services, to the extent necessary to ensure that there is no adverse impact on conformity to requirements.
The organization shall retain documented information on:

  • a) design and development changes;
  • b) the results of reviews;
  • c) the authorization of the changes;
  • d) the actions taken to prevent adverse impacts.

8.4 Control of externally provided processes, products and services

8.4.1 General

The organization shall ensure that externally provided processes, products and services conform to requirements. The organization shall determine the controls to be applied to externally provided processes, products and services when:

  • a) products and services from external providers are intended for incorporation into the organization’s own products and services;
  • b) products and services are provided directly to the customer(s) by external providers on behalf of the organization;
  • c) a process, or part of a process, is provided by an external provider as a result of a decision by the organization.

The organization shall determine and apply criteria for the evaluation, selection, monitoring of performance, and re-evaluation of external providers, based on their ability to provide processes or products and services in accordance with requirements. The organization shall retain documented information of these activities and any necessary actions arising from the evaluations.

8.4.2 Type and extent of control

The organization shall ensure that externally provided processes, products and services do not adversely affect the organization’s ability to consistently deliver conforming products and services to its customers.
The organization shall:

  • a) ensure that externally provided processes remain within the control of its quality management system;
  • b) define both the controls that it intends to apply to an external provider and those it intends to apply to the resulting output;
  • c) take into consideration:
    • 1) the potential impact of the externally provided processes, products and services on the organization’s ability to consistently meet customer and applicable statutory and regulatory requirements;
    • 2) the effectiveness of the controls applied by the external provider;
  • d) determine the verification, or other activities, necessary to ensure that the externally provided processes, products and services meet requirements.

8.4.3 Information for external providers

The organization shall ensure the adequacy of requirements prior to their communication to the
external provider.
The organization shall communicate to external providers its requirements for:

  • a) the processes, products and services to be provided;
  • b) the approval of:
    • 1) products and services;
    • 2) methods, processes and equipment;
    • 3) the release of products and services;
  • c) competence, including any required qualification of persons;
  • d) the external providers’ interactions with the organization;
  • e) control and monitoring of the external providers’ performance to be applied by the organization;
  • f) verification or validation activities that the organization, or its customer, intends to perform at the external providers’ premises.

8.5 Production and service provision

8.5.1 Control of production and service provision

The organization shall implement production and service provision under controlled conditions.
Controlled conditions shall include, as applicable:

  • a) the availability of documented information that defines:
    • 1) the characteristics of the products to be produced, the services to be provided, or the activities to be performed;
    • 2) the results to be achieved;
  • b) the availability and use of suitable monitoring and measuring resources;
  • c) the implementation of monitoring and measurement activities at appropriate stages to verify that criteria for control of processes or outputs, and acceptance criteria for products and services, have been met;
  • d) the use of suitable infrastructure and environment for the operation of processes;
  • e) the appointment of competent persons, including any required qualification;
  • f) the validation, and periodic revalidation, of the ability to achieve planned results of the processes for production and service provision, where the resulting output cannot be verified by subsequent monitoring or measurement;
  • g) the implementation of actions to prevent human error;
  • h) the implementation of release, delivery and post-delivery activities.

8.5.2 Identification and traceability

The organization shall use suitable means to identify outputs when it is necessary to ensure the conformity of products and services.
The organization shall identify the status of outputs with respect to monitoring and measurement requirements throughout production and service provision.
The organization shall control the unique identification of the outputs when traceability is a requirement and shall retain the documented information necessary to enable traceability.

8.5.3 Property belonging to customers or external providers

The organization shall exercise care with property belonging to customers or external providers while it is under the organization’s control or being used by the organization. The organization shall identify, verify, protect and safeguard customers’ or external providers’ property provided for use or incorporation into the products and services.
When the property of a customer or external provider is lost, damaged or otherwise found to be unsuitable for use, the organization shall report this to the customer or external provider and retain documented information on what has occurred.
NOTE A customer’s or external provider’s property can include materials, components, tools and equipment, premises, intellectual property and personal data.

8.5.4 Preservation

The organization shall preserve the outputs during production and service provision, to the extent necessary to ensure conformity to requirements.
NOTE Preservation can include identification, handling, contamination control, packaging, storage, transmission or transportation, and protection.

8.5.5 Post-delivery activities

The organization shall meet requirements for post-delivery activities associated with the products and services.
In determining the extent of post-delivery activities that are required, the organization shall consider:

  • a) statutory and regulatory requirements;
  • b) the potential undesired consequences associated with its products and services;
  • c) the nature, use and intended lifetime of its products and services;
  • d) customer requirements;
  • e) customer feedback.

NOTE Post-delivery activities can include actions under warranty provisions, contractual obligations such as maintenance services, and supplementary services such as recycling or final disposal.

8.5.6 Control of changes

The organization shall review and control changes for production or service provision, to the extent necessary to ensure continuing conformity with requirements.
The organization shall retain documented information describing the results of the review of changes, the person(s) authorizing the change, and any necessary actions arising from the review.

8.6 Release of products and services

The organization shall implement planned arrangements, at appropriate stages, to verify that the
product and service requirements have been met.
The release of products and services to the customer shall not proceed until the planned arrangements have been satisfactorily completed, unless otherwise approved by a relevant authority and, as applicable, by the customer. The organization shall retain documented information on the release of products and services. The documented information shall include:

  • a) evidence of conformity with the acceptance criteria;
  • b) traceability to the person(s) authorizing the release.

8.7 Control of Nonconforming Outputs

8.7.1 The organization shall ensure that outputs that do not conform to their requirements are identified and controlled to prevent their unintended use or delivery.
The organization shall take appropriate action based on the nature of the nonconformity and its effect on the conformity of products and services. This shall also apply to nonconforming products and services detected after delivery of products, during or after the provision of services.
The organization shall deal with nonconforming outputs in one or more of the following ways:

  • a) correction;
  • b) segregation, containment, return or suspension of provision of products and services;
  • c) informing the customer;
  • d) obtaining authorization for acceptance under concession.

Conformity to the requirements shall be verified when nonconforming outputs are corrected.

8.7.2 The organization shall retain documented information that:

  • a) describes the nonconformity;
  • b) describes the actions taken;
  • c) describes any concessions obtained;
  • d) identifies the authority deciding the action in respect of the nonconformity.

9 Performance evaluation

9.1 Monitoring, measurement, analysis and evaluation

9.1.1 General

The organization shall establish, implement and maintain a process(es) for monitoring, measurement, analysis and performance evaluation. The organization shall monitor, measure, analyse and evaluate its quality, environmental and OH&S performance.

The organization shall determine:

  • a) what needs to be monitored and measured including
    • 1) the extent to which its compliance obligations including the legal requirements and other requirements are fulfilled.
    • 2) its activities and operations related to identified aspects, hazards, risks and opportunities.
    • 3) progress towards achievement of the organization’s OH&S objectives.
    • 4) effectiveness of operational and other controls.
  • b) the methods for monitoring, measurement, analysis and performance evaluation, as applicable, to ensure valid results.
  • c) the criteria against which the organization will evaluate its quality, environmental and OH&S performance, and appropriate indicators;
  • d) when the monitoring and measuring shall be performed;
  • e) when the results from monitoring and measurement shall be analyzed, evaluated and
    communicated.

The organization shall evaluate the quality, environmental and OH&S performance and determine the effectiveness of the Integrated management system.

The organization shall ensure that monitoring and measuring equipment is calibrated or verified as applicable, and is used and maintained as appropriate.
NOTE There can be legal requirements or other requirements (e.g. national or international standards) concerning the calibration or verification of monitoring and measuring equipment.
The organization shall retain appropriate documented information:

  • — as evidence of the results of monitoring, measurement, analysis and performance evaluation;
  • — on the maintenance, calibration or verification of measuring equipment.

9.1.2 Customer satisfaction

The organization shall monitor customers’ perceptions of the degree to which their needs and expectations have been fulfilled. The organization shall determine the methods for obtaining, monitoring and reviewing this information.
NOTE Examples of monitoring customer perceptions can include customer surveys, customer feedback on delivered products and services, meetings with customers, market-share analysis, compliments, warranty claims and dealer reports.

9.1.3 Analysis and Evaluation

The organization shall analyze and evaluate appropriate data and information arising from monitoring and measurement.
The results of analysis shall be used to evaluate:

  • a) conformity of products and services;
  • b) the degree of customer satisfaction;
  • c) the performance and effectiveness of the integrated management system;
  • d) if planning has been implemented effectively;
  • e) the effectiveness of actions taken to address risks and opportunities;
  • f) the performance of external providers;
  • g) the need for improvements to the Integrated management system.

NOTE Methods to analyze data can include statistical techniques.

9.1.4 Evaluation of Compliance

The organization shall establish, implement and maintain the processes needed to evaluate the fulfilment of its compliance obligations including legal requirements and other requirements.

The organization shall:

  • a) determine the frequency and method(s) for the evaluation of compliance;
  • b) evaluate compliance and take action if needed ;
  • c) maintain knowledge and understanding of its compliance status with legal requirements and other requirements;
  • d) retain documented information of the compliance evaluation result(s).

9.2 Internal audit

9.2.1 General

The organization shall conduct internal audits at planned intervals to provide information on whether the Integrated management system:

  • a) conforms to:
    • 1) the organization’s requirements for its Integrated management system, including the Quality, environmental and OH&S policy and Quality, environmental and OH&S objectives;
    • 2) the requirements of this document;
  • b) is effectively implemented and maintained.

9.2.2 Internal audit program

The organization shall:

  • a) plan, establish, implement and maintain an audit program including the frequency, methods, responsibilities, consultation, planning requirements and reporting, which shall take into consideration the quality, environmental and OH&S importance of the processes concerned, changes affecting the organization and the results of previous audits;
  • b) define the audit criteria and scope for each audit;
  • c) select auditors and conduct audits to ensure objectivity and the impartiality of the audit process;
  • d) ensure that the results of the audits are reported to relevant managers; ensure that relevant audit results are reported to workers, and, where they exist, workers’ representatives, and other relevant interested parties;
  • e) take action to address nonconformities by taking take appropriate correction and corrective actions without undue delay and continually improve its quality, environmental and OH&S performance;
  • f) retain documented information as evidence of the implementation of the audit program and the audit results.

NOTE For more information on auditing and the competence of auditors, see ISO 19011.

9.3 Management review

9.3.1 General

Top management shall review the organization’s Integrated management system, at planned intervals, to ensure its continuing suitability, adequacy, effectiveness and alignment with the strategic direction of the organization.

9.3.2 Management review inputs

The management review shall be planned and carried out taking into consideration:

  • a) the status of actions from previous management reviews;
  • b) changes in
    • 1) external and internal issues that are relevant to the Integrated management system,
    • 2) the needs and expectations of interested parties,
    • 3) its significant environmental aspects and safety hazards;
    • 4) compliance obligations include the legal requirements and other requirements
    • 5) risks and opportunities
  • c) the extent to which the Quality, Environmental and OH&S policy and the Quality, Environmental and OH&S objectives have been met;
  • d) information on the performance and effectiveness of the Integrated management system, including trends in:
    • 1) customer satisfaction and feedback from relevant interested parties;
    • 2) process performance and conformity of products and services;
    • 3) incidents, nonconformities, corrective actions and continual improvement;
    • 4) results of evaluation of compliance with legal requirements and other requirements;
    • 5) monitoring and measurement results;
    • 6) audit results;
    • 7) the performance of external providers
    • 8) consultation and participation of workers;
  • e) adequacy of resources for maintaining an effective Integrated management system;
  • f) the effectiveness of actions taken to address risks and opportunities;
  • g) opportunities for improvement.
  • h) relevant communication(s) from interested parties, including complaints;

9.3.3 Management Review Outputs

The outputs of the management review shall include decisions and actions related to:

  • a) the continuing suitability, adequacy and effectiveness of the Integrated management system in achieving its intended outcomes;
  • b) opportunities for improvement;
  • c) any need for changes to the Integrated management system;
  • d) resource needs.
  • e) actions, if needed, when quality, environmental and OH&S objectives have not been achieved;
  • f) any implications for the strategic direction of the organization.

The organization shall retain documented information as evidence of the results of management reviews.

10 Improvement

10.1 General

The organization shall determine and select opportunities for improvement and implement any necessary actions to meet the intended outcomes of its Integrated management system including the customer requirements and enhance customer satisfaction.
These shall include:

  • a) improving products and services to meet requirements as well as to address future needs and expectations;
  • b) correcting, preventing or reducing undesired effects;
  • c) improving the performance and effectiveness of the Integrated management system.
  • NOTE Examples of improvement can include correction, corrective action, continual improvement, breakthrough change, innovation and re-organization.

10.2 Incident, nonconformity and corrective action

10.2.1 Nonconformity and corrective action

When a nonconformity occurs, including any arising from complaints, the organization shall:

  • a) react to the nonconformity and, as applicable:
    • 1) take action to control and correct it;
    • 2) deal with the consequences;
  • b) evaluate the need for action to eliminate the cause(s) of the nonconformity, in order that it does not recur or occur elsewhere, by:
    • 1) reviewing and analyzing the nonconformity;
    • 2) determining the causes of the nonconformity;
    • 3) determining if similar nonconformities exist, or could potentially occur;
  • c) implement any action needed;
  • d) review the effectiveness of any corrective action taken;
  • e) update risks and opportunities determined during planning, if necessary;
  • f) make changes to the Integrated management system, if necessary.

Corrective actions shall be appropriate to the effects of the nonconformities encountered. The organization shall retain documented information as evidence of:

  • a) the nature of the nonconformities and any subsequent actions taken;
  • b) the results of any corrective action.

10.2.2 Incident

The organization shall establish, implement and maintain a process(es), including reporting, investigating and taking action, to determine and manage incidents.
When an incident occurs, the organization shall:

  • a) react in a timely manner to the incident or nonconformity and, as applicable:
    • 1) take action to control and correct it;
    • 2) deal with the consequences;
  • b) evaluate, with the participation of workers and the involvement of other relevant interested parties, the need for corrective action to eliminate the root cause(s) of the incident , in order that it does not recur or occur elsewhere, by:
    • 1) investigating the incident;
    • 2) determining the cause(s) of the incident;
    • 3) determining if similar incidents have occurred, or if they could potentially occur;
  • c) review existing assessments of OH&S risks and other risks, as appropriate;
  • d) determine and implement any action needed, including corrective action, in accordance with the hierarchy of controls and the management of change;
  • e) assess OH&S risks that relate to new or changed hazards, prior to taking action;
  • f) review the effectiveness of any action taken, including corrective action;
  • g) make changes to the Integrated management system, if necessary.

Corrective actions shall be appropriate to the effects or potential effects of the incidents encountered. The organization shall retain documented information as evidence of:

  • — the nature of the incidents and any subsequent actions taken;
  • — the results of any action and corrective action, including their effectiveness.

The organization shall communicate this documented information to relevant workers, and, where they exist, workers’ representatives, and other relevant interested parties.
NOTE The reporting and investigation of incidents without undue delay can enable hazards to be eliminated and associated OH&S risks to be minimized as soon as possible.

10.3 Continual improvement

The organization shall continually improve the suitability, adequacy and effectiveness of the Integrated management system. The organization shall consider the results of analysis and evaluation, and the outputs from management review, to determine if there are needs or opportunities that shall be addressed as part of continual improvement.

The organization must:

  • a) enhance quality, environmental and OH&S performance;
  • b) promote a culture that supports an Integrated management system;
  • c) promote the participation of workers in implementing actions for the continual improvement of the Integrated management system;
  • d) communicate the relevant results of continual improvement to workers, and, where they exist, workers’ representatives;
  • e) maintaining and retaining documented information as evidence of continual improvement.

Published by Pretesh Biswas

Pretesh Biswas has wealth of qualifications and experience in providing results-oriented solutions for your system development, training or auditing needs. He has helped dozens of organizations in implementing effective management systems to a number of standards. He provide a unique blend of specialized knowledge, experience, tools and interactive skills to help you develop systems that not only get certified, but also contribute to the bottom line. He has taught literally hundreds of students over the past 5 years. He has experience in training at hundreds of organizations in several industry sectors. His training is unique in that which can be customized as to your management system and activities and deliver them at your facility. This greatly accelerates the learning curve and application of the knowledge acquired. He is now ex-Certification body lead auditor now working as consultancy auditor. He has performed hundreds of audits in several industry sectors. As consultancy auditor, he not just report findings, but provide value-added service in recommending appropriate solutions. Experience Consultancy: He has helped over 100 clients in a wide variety of industries achieve ISO 9001,14001,27001,20000, OHSAS 18001 and TS 16949 certification. Industries include automotive, metal stamping and screw machine, fabrication, machining, assembly, Forging electrostatic and chrome plating, heat-treating, coatings, glass, plastic and rubber products, electrical and electronic equipment, assemblies & components, batteries, computer hardware and software, printing, placement and Security help, warehousing and distribution, repair facilities, consumer credit counseling agencies, banks, call centers, etc. Training: He has delivered public and on-site quality management training to over 1000 students. Courses include ISO/TS -RAB approved Lead Auditor, Internal Auditing, Implementation, Documentation, as well as customized ISO/TS courses, PPAP, FMEA, APQP and Control Plans. Auditing: He has conducted over 100 third party registration and surveillance audits and dozens of gap, internal and pre-assessment audits to ISO/QS/TS Standards, in the manufacturing and service sectors. Other services: He has provided business planning, restructuring, asset management, systems and process streamlining services to a variety of manufacturing and service clients such as printing, plastics, automotive, transportation and custom brokerage, warehousing and distribution, electrical and electronics, trading, equipment leasing, etc. Education & professional certification: Pretesh Biswas has held IRCA certified Lead Auditor for ISO 9001,14001 and 27001. He holds a Bachelor of Engineering degree in Mechanical Engineering and is a MBA in Systems and Marketing. Prior to becoming a business consultant 6 years ago, he has worked in several portfolios such as Marketing, operations, production, Quality and customer care. He is also certified in Six Sigma Black belt .

Published

Leave a ReplyCancel reply