Safety Management System (SMS): The Safety Policy and Commitment Element

A safety management system is designed with the intent to serve as a framework for an organization, as a minimum, to meet its legal occupational safety and health obligations. A safety management system is only as good as its implementation and sustainable efforts.  A world class safety management system involves every level of the organization, instilling “the value of safety” within the workforce that reduces incidents and improves a reduction of risk. Furthermore, a world class safety management system provides evidence of continuous improvement. A business that embraces a safety management system, will have a story to tell and capturing continuous improvement within the elements of safety management system is a key factor of validating the safety management system.

As you know, within a safety management system, all parts are interrelated and affect each other. All elements within the safety management system are related to all other elements of the system. A flaw in one element will most likely impact all the other elements, and therefore the quality of the system as a whole.

This article will briefly focus on the Safety Policy and Commitment element. This particular element set the foundation of all the other elements for the one and only reason.  That reason is that the other elements must circle back to the safety policy and commitment. Remember, all activities within the safety management system are to reflect the safety policy and commitment set forth by the organization. 

SAFETY POLICY AND COMMITMENT

The organization must prepare an effective occupational safety policy that provides a clear direction for the organization tofollow in order to improve and continuously improve worker safety.  Once written, the policy and commitment will contribute to all other aspects of conducting day to day business within the organization.  The policy should provide a commitment to continuous improvement along with compliance to occupational safety law.  Defining expectations of customers’, stakeholders, employees and contractors should also be documented within the policy.

An example of a Safety Policy is:

• Safety and health in our company shall be a part of every operation.
• Safety is every employee's responsibility at all levels.
• We shall comply with local safety and health jurisdictional regulations.
• We shall maintain a safety and health management system conforming to the best practices within our specific industry.

An example of a Safety Commitment is:

The safety and health of every employee is a high priority. Management accepts responsibility for providing a safe and healthy working environment and employees, at all levels, shall take responsibility for performing work in accordance with established safety and health standards and practices. Safety and health will only be achieved through teamwork.  Everyone must join together in promoting safety and health and taking every reasonable measure to assure safe working conditions within our place of work.

In conclusion, operating on the principle of PLAN – DO – CHECK – ACT, a safety management system enables an organization to carefully examine what they do, define and implement safety improvements and continuously review and manage safety systems and processes.

PLAN - Plan the safety management system.

DO – Implement the safety management system.

CHECK - Evaluate the safety management system.

ACT - Improve the safety management system.

The PDCA activities should always, lead a path back to what is stated in the safety policy and commitment.   It will be a waste of time and energy to engage in activities that do not mirror the policy and commitment since those activities will not be based upon reducing hazards to an acceptable level of risk.

ISO 9001 Consultants And Auditors: How To Select Them

In many organizations ISO 9001 consultants play a significant role in the implementation of ISO 9001 and the subsequent certification audit. Their role is crucial because they can do the hand holding during your journey towards attaining business excellence through successful Implementation of the ISO 9001 quality management system. They enable faster learning and help you establish and implement a system that suits you very well. They help you choose the auditing firm(certification body), which is best suited to your business processes.

In order to attain successful ISO 9001 certification, it is essential to have a certification audit conducted in your premises. An independent auditing firm (registrar or the certification body) chosen by you will send qualified ISO 9001 auditors to visit your establishments for performing the external audit.  The firm will register your company for the audit and issue the certificate as soon as the audit process is completed successfully.

Sometimes there is confusion about the role of the external auditors and consultants. The consultants can’t audit and certify you, because they are meant to assist and coach you, whereas auditors must act as independent examiners. Consultants assist in planning and creating documentation so that a formal system is in place. If a QMS already exists; they will do the gap analysis to enable you to know what is missing, so that new procedures and other information can be added to ensure conformity. They train the internal auditors needed to conduct internal audit and provide awareness training to employees. They advise you on weaknesses in the system and preventive actions required. After the audit, they help you to resolve the NCs and other audit observations.

Selection of the ISO 9001 consultant

Consultant is selected on the basis of his or her past performance as well as the background. Trade bodies such as chambers of commerce, as well as professional bodies sometimes keep a list of approved   QMS consultants. Minimum requirement is that the consultant or his staff must have attended lead assessor training courses and transition courses and qualified themselves as lead assessors for the latest revision of the QMS standard. Websites of the consultants may give some idea about the industries they are able to guide and advice. Prior experience and knowledge of the applicable business processes could be a plus point.

 References from previous clients, as well as the results of previous projects in terms of time and cost incurred are considered. Often a small part of the project such as gap analysis is awarded initially. Milestone based fee is also one of the options. Consultants often provide a written proposal for a fee based on the size of the clients operation.

Selection of  the ISO 9001 Auditors (Registrars or Certification body)

 The ISO 9001 Registrar (certification body) is the independent entity that sends the auditors to conduct your certification audit. One must look for officially accredited registrars. The reputation of registrars should also be ascertained with the help of trade bodies or the professional bodies. The criteria for the selection of registrar can be finalized with help of your consultant.

Critical factors to be considered in the selection process include:

• accreditation and other credentials of certifying body or registrars (Every country has an accreditation body: ANSI-ASQ National accreditation Board in USA)
• scope of the accreditation: determine if the scope of accreditation certificate applies to  your business processes,
• references and global reputation/recognition
• fee for certification audit as well as subsequent surveillance audits
• their terms and conditions
• comfort level, flexibility to suit your time frame
• confidentiality and ethical issues
• how to tackle issues of interpretation of clauses of the applicable standard
• credentials and competence of  the auditors, who will be assigned to audit you.

Thus the selection of  a  competent consultant and  a reputed  certification body at a later stage, paves the way for successful certification of your company for ISO 90001.

  

“Interested parties”: their significance for quality management system

In early years, Quality management system (QMS) stipulated that companies must monitor customer need satisfaction as a mandatory requirement. However, in the 2008 version, ISO 9001 standard emphasized customer focus as well as the supplier relationship simultaneously. The standard focussed on supplier collaboration for knowledge sharing, expertise development and creating value for mutual benefit. Systems approach to integrating and aligning the processes, further provided opportunity for value creation for customers as well as suppliers. The Concept of treating the next process as customer, improved the collaboration, alignment and integration of processes, thus enabling a systems thinking approach.

The new version of Quality management system: integrated approach

2015 version of ISO 9001 combines the customers, suppliers as well as others as interested parties. Companies must identify and understand the needs and expectations of relevant interested parties. List of interested parties should include:

• direct customers,
• regulators and government agencies,
• distributors,  contractors,
• wholesalers and retailers,  stockists,
• shareholders and lenders,
• suppliers, transporters and partners in supply chain,
• end users,
• Employees.

Relevance of needs and expectations of interested parties must be understood and process integration should be built in such a way as to benefit them as well as the company.  

Section 4.2 of ISO 9001:2015 standard speaks about understanding the needs and expectations of interested parties.

Section 4.1 talks about organizations ability to attain intended outcomes and internal/external issues affecting the capacity of the company, as a result of needs of interested parties.

Section 6.1 mentions the issues and risks and opportunities arising out of needs of interested parties to be addressed in QMS, through plans and processes for prevention of undesirable effects on the intended output of goods and services.

Section 4.3: The scope of your QMS should enable you to address the relevant needs of the interested parties.

Other clauses and areas due to which QMS must address the needs of interested parties:

Section 5.2.2 your Quality Policy

Section 9.3 management review

Section 8.3 design inputs for development of new goods and services

In determining as well as fulfilling  the relevant expectations of   interested parties their relationship with the company must be analysed, as discussed below.

End users and Customers

End users are not buying the goods and services directly, but are affected by the way the processes are carried out and controlled. In many cases end users may be more important than the direct customers, because, they may  not be easily identified and their needs and expectations could be difficult to determine. Monitoring changes in their needs and expectations may be a difficult task and QMS should address these issues. Their requirements may affect the firm’s ability to fulfil them. Their needs and expectations should be utilized in new product development and customer service design and improving the processes.

Customers are the people who buy the company’s goods and services directly. They are more vocal in voicing their expectations.  The company must monitor and   understand the changes in their expectations and needs. They are directly impacted by the quality of goods and services offered as well as the pricing.

Regulators and Governmental agencies

Expectations of regulators and govt. agencies are based on the legal requirements and regulatory controls, such as industry specific environmental regulations, safety regulations and occupational health requirements. Expectations may relate to processes as well as goods and services. These requirements must be addressed in the QMS and any changes in regulatory requirements too need to be identified and addressed promptly.

Supply chain partners and stake holders

Partners in the supply chain such as suppliers, contractors, transporters, stockists, wholesalers and retailers have an important role to play in ensuring effectiveness of your QMS. Their expectations must be addressed by integrating them in the critical processes of the QMS. Similarly employees, shareholders and lenders are also affected by the effectiveness of QMS and their concerns and expectations need to be identified and addressed.

Conclusion

The purpose of your business is to satisfy the needs of the customers and other interested parties. ISO 9001 requires that you understand the needs and the expectations of customers and end users, regulators as well as other interested parties, and address those needs through  integrated processes, which maximize the benefit to the interested parties while also attaining the goals of the company.

 When your QMS ensures integration of the processes in order to fulfil the expectations of the interested parties you are closer to the planned compliance and certification to the requirements of ISO 9001:2015.

ISO 9001 certification

Organisation are looking to achieve ISO 9001 Certification for several reasons eg: getting pre qualified for tenders, Customer request, etc,. To develop and Implement systems quickly and have a systems that adds value to your organisation you may need the services of specialist ISO 9001Consultants who can guide you through the requirements of the ISO 9001 Quality management system including the identification of relevenat interested parties to the organisation.

Management Review as required by ISO 9001

Management review is a very important part of an organization’s quality management system based on ISO 9001:2015. It is the most important source for continuous improvements. It can be used to bring together all the elements of your quality program and bring cohesiveness to it. It allows the organization to focus on trends, objective evidences as well as data based decisions. It is used to assess the performance of the quality management system and find out opportunities for its improvement. It is held at-least once a year and is a platform for reviewing the quality policy and setting new quality objectives. It is important that the top management be involved in the management review.

The management review requires that a periodic review of the QMS shall be held so as to ensure it is suitable, adequate and effective. It is also required that the alignment of the Quality Management System with the organization’s strategic direction be checked. You should ask your ISO consultant to guide you one how to hold an effective management review.

Management review inputs

The management review process should ensure that all the necessary information is collected ahead of the time so as to allow management to complete this evaluation. Information review should includeand take into consideration

1. The status of actions decided in the previous management review.

2. Changes in the context or the external and internal issues that are relevant to the quality management system.

3. Information gathered on the performance and effectiveness of the quality management system and including the trends in

a. Customer satisfaction

b. Feedback from interested parties

c. The extent to which quality objectives have been met

d. Process performance

e. Conformity of products and services

f.  Nonconformities and corrective actions arising due to them

g. Monitoring and measurement results of processes, products and services

h. Audit results, both internal and external audits

i.  The performance of external providers or suppliers and outsourced processed

4. The adequacy of resources provided for the quality management system

5. The effectiveness of actions taken to address risks and opportunities

6. Opportunities for improvement

7. Suitability of possible changes in the QMS

8. New/proposed regulations or legislations

9. Advances in technology and science

10.Change in preference of buyers

11. New/modified products and services

For the management review to be effective, the attendees should come to the meeting prepared with data, and must have already drawn conclusions from the data.

Management review outputs

After analyzing the inputs given above, the management shall develop some outputs from it that should be in the form of decisions and actions that are related to

1. Opportunities for improvement which can be related to process improvement, quality management system improvement or product improvement

2. Any need for changes to the quality management system

3. Resource needs such as human, infrastructure, equipment or technology etc.

Records

The organization shall keep records of the management review such as minutes of the management review meeting. Observations as well as conclusions and also recommendations for further action from the management review must be recorded. If any corrective action is to be taken, then management must follow up on so as to ensure that the action has been implemented effectively.

The final objective of the management review should be continual improvement of the quality management system. As the QMS is made more effective and efficient, your organizational performance shall likewise improve.

Role Of Consultant In The ISO 9001 Certification Process

Often, organizations deploy consultants to take them through the ISO 9001 certification process. Apart from ensuring that the organization’s certification journey is successful, the consultant optimally deploys the standard in the organization’s context, for its best benefits. I.e. He ensures that the requirements of the standard and the needs /context of the organization are best aligned.

The role of the ISO 9001 consultant is spread across the entire certification process starting from introductory training up to the final certification. The consultant introduces the organization and its top management to the ISO 9001 standard, its requirements & benefits and the certification process. He plays a key role in obtaining the top management buy-in towards the certification.  The consultant conducts detailed training to the key members of the organization on the requirements of the standard. Members from the quality function and other senior members from line function are typically trained at this stage.

Then, the consultant in discussion with the quality team members and other stakeholders understands the organization, i.e. the business , key stakeholders, products and services, operations, structure of the organization, its size &  location of operations. Such an understanding is vital for him to deliver the best in the forthcoming stages of certification. Then, the consultant acquaints himself with the Quality Management System (QMS) of the organization, if any. It remains the pre-requisite for performing a fool proof gap analysis of the QMS against the requirements of ISO 9001. After discussing the gaps with the Quality team, the consultant facilitates the closure of these gaps, i.e. up gradation of the QMS.

 If the organization does not have any QMS in place, then the consultant develops the QMS from scratch. This includes framing the Quality policy, developing Quality Manual, procedures, guidelines, formats and checklists. At this stage, the consultant works closely with the quality team and line function members of the organization so that the QMS developed is practical and implementable. Such an interaction helps get the buy-in of the line function in deploying the procedures, guidelines and systems. The role of consultants remains in translating the requirements of the standard to the context of the organization. A successful consultant is one who right sizes the definition and deployment of the standard i.e. neither more nor less of processes.

Also, he prepares an ISO 9001/QMS awareness program capsule for training of the employees. He along with quality team members delivers training to the employees across the organization.

The consultant’s role is vital even in the deployment phase, where the organization faces various issues in deploying the new procedures / systems.  Many organizations use the consultant’s service in developing a pool of internal auditors i.e. the consultants deliver internal auditor training to a set of employees, to qualify them as trained internal auditors. Also, the consultants ensure that the organization conduct the internal audits, as per the requirements of the standard. The quality department takes consultant’s help in conducting the management review. Here again, the consultant’s ensure that the management review is conducted in line with the inputs and outputs mentioned in the standard. 

Production and Service Provision as per ISO 9001

This is the main clause of ISO 9001 Quality management system which relates to the actual production process of a product or service.

Control of Production and Service

The standard requires the organization to undertake production and service under controlled conditions including delivery and post-delivery activities. These controlled conditions shall include:

• Documented information should be made available that define the characteristics of products and services.
• Documented information should be made available that define the activities that are to be performed and results that are to be achieved.
• Undertake monitoring and measuring activities for process and product and ensure acceptance criteria have been met.
• Suitable infrastructure and process environment is used.
• Ensure that suitable monitoring and measuring equipment are available and used.
• Competent and qualified personnel.
• Validation and re-validation of processes where the output that is resulting cannot be verified by subsequent measurement and monitoring.
• Implementation of actions to prevent any human error.
• Implementation of release, delivery and post-delivery activities for products and services.

Identification and Traceability

The organization shall use suitable means to identify process outputs, where necessary so as to ensure conformity of products and services.

It shall identify the current status of process outputs regarding monitoring and measurement requirements throughout the production process.

It shall control the unique identification of process outputs where traceability is required. Keep documented information or records required to maintain traceability.

Process outputs means the results of any activities which are ready for delivery to internal or external customer. They can include products, services, components or intermediate parts.

External Provider Property

External provider property can be equipment, tool, material or drawing etc. The organization shall take care of the external provider property while it is in its care so that there is no damage or deterioration.

The organization shall identify, verify, safeguard and protect external provider property given for incorporation or use in the products or services.

When the external provider property is lost, damaged or found unsuitable for use it shall be reported to the external provider and documented information is retained on what has happened.

Preservation

The organization shall ensure the preservation of process outputs during the production and service provision up to that extent required to maintain conformity of products and services.

Preservation includes identification, handling, packaging, storage, transmission or transportation and protection.

Post-Delivery Activities

The organization shall meet the requirements for post-delivery activities required for products and services. The organization shall consider the extent of post-delivery activities required for

• Risks or potential undesired consequences associated with the products or services.
• The nature, the use and the intended lifetime of products and services.
• Customer requirements.
• The customer feedback.
• The legal requirements.

Post-delivery activities can include the following

Actions to be taken under warranty.The contractual obligations e.g. maintenance.The supplementary services e.g. recycling or the final disposal.

Control of Changes

The organization shall review and control changes that are unplanned that are essential for production and service to the level required to ensure conformity with the specified requirements.

The organization shall retain information that describes

• The result of review of changes.
• The person who is authorizing the changes.
• Any necessary action resulting from review.

ISO 9001 certification

Organisation are looking to achieve ISO 9001 Certification for several reasons eg: getting pre qualified for tenders, Customer request, etc,. To develop and Implement systems quickly and have systems that add value to your organisation you may need the services of specialist ISO 9001 Consultants who can guide you through the requirements of the ISO 9001 Quality management system in relation to production and service provision.

Tips To Energize Your Internal Auditing Program

Preparation is the key to an effective, thorough and a value-added internal audits program. Internal auditors cannot be content by preparing for the audit not by giving sufficient time to achieve their objectives. They will be required to have enough time on their hands to prepare for the job ahead. They should be aware about the fact that if the audit is expected to last for a couple of hours, the preparation for the job will take at least 2 1/2 times the amount of time. Therefore, they will be required to allot sufficient time for the preparation without which they are likely to run out of questions before the completion of the audit.

It is quite easy to comment about the time needed for the audit but in reality, is quite difficult, especially for the auditors. The time restrictions placed on them are the major obstacles they face when they decide to allocate enough time and prepare for the job they are required to complete. It is quite possible for them to have other responsibilities than internal auditing competing for the time available with them. In such conditions auditors will do well to follow the example by many trained internal auditors and learn how to spread their workload. This will lead to better preparation and completion of the audit as required by the laws.

Effective planning for internal auditing requires auditors to follow some steps, which are simple and will allow them to perform their duties effectively. Auditors must be prepared to understand how they can allocate the time needed to manage such tasks in the best manner. They cannot be under the impression that they will be able to handle such issues within a short time. They will be required to allocate some time even for the learning of the simple steps that have been mentioned below:

• They will have to learn the process.
• They have to identify with the interfaces within the standard.
• They need to understand proper compliance to the standard and also to identify with process interfaces and potential process failure modes.
• Reviewing old audits, developing audit questions and the audit plan will also be a requirement, which they will not be able to ignore.

They are required to become familiar with the process before they begin to audit the same. They need to know the working of the process, what the objectives are, what are the outputs, inputs, activities, resources and controls. The amount of knowledge they need to collect is vast and can make an ordinary individual feel he or she may not be suitable to the task. However, these are requirements, which will have to be overcome by people who have decided to get into the business of internal auditing.

Understanding a process alone will not be of any help unless the auditor is willing to consider his or her role within the process of auditing. It is absolutely necessary for them to be fully prepared to conduct the audit in an impartial manner by looking for any information provided with an open mind. It is a foregone conclusion that they will not be able to complete their job effectively if they are not fully aware of their responsibilities and the way they are required to conduct themselves.

Auditors will be required not to forget their role as the guardians of the process they are required to audit. They should be making every attempt to energize their internal auditing program by getting all the information they need and performing their roles to the best of their knowledge.