Hello everyone,
It is obvious that auditing after a process is more efficient and effective. But since the OHSAS 18001 is more related to activities, workplaces and behaviours is it not more reasonable to divide the site to different sectors (or workplaces) and to audit each one separately?
Any advice please?
Thanks

Manufacturing process auditing is called out as a requirement in standards like TS 16949 so as to study the functional interactions of various inputs and their effect on the output.

There is no reason why this can't be done with OHSAS 18001; I have done it, for example with subjects like bringing new chemicals in for a manufacturing process. It was a messy and confusing audit, though quite revealing :mg: and rewarding as it uncovered issues whose importance for solution were indisputable. Since it offers a small "sample," such an audit might best serve as a supplement to auditing the process of a single subject, like regulatory training.

For the scheduling of the OHSAS internal audits i am still getting confused if we can only list and program the processes incorporated in the system, or have a splitting of the site into different sectors/locations and audit each one separately?

For the scheduling of the OHSAS internal audits i am still getting confused if we can only list and program the processes incorporated in the system, or have a splitting of the site into different sectors/locations and audit each one separately?We can divide the processes into two types: Management and functional.

Management processes should be looked at separately. I am referring to subjects like communications, structure & responsibility and management review.

But suppose you wanted to see if these processes are functioning, or are just slogans or filed away on paper. You could pick a process like bringing in new chemicals and test the safety management system on requirements like:



How hazards/risks associated with the chemical are identified
What infrastructural, operatoinal controls and personnel controls are determined to mitigate hazards/risks
How changes to infrastructure, operational controls and/or personnel are managed
How legal requirements are determined
How resourcing, roles and accountability are defined, established and communicated
How competencies will be built and verified so as to mitigate hazards/risks
How all this gets documented, and how said documentatiuon is managed
What the emergency response will be if the hazard gets out of its defined boundaries; and if there is such an activity, how it's evaluated for effectiveness
How and when nonconformances are found, and how they are dealt with
How results are understood, how they get communicated back to management, and the users' contribution to the process
What management does with the results


This is quite an exersize. It's a practical run-through of the system's function, but it can be messy, time consuming and complex. For that reason, people often just look at the management system processes and not functional/operational processes.

Hello everyone,
It is obvious that auditing after a process is more efficient and effective. But since the OHSAS 18001 is more related to activities, workplaces and behaviours is it not more reasonable to divide the site to different sectors (or workplaces) and to audit each one separately?
Any advice please?
Thanks

Auditing OHSAS 18001 is very similar to ISO 14001. Most of the safety programs span across several (if not all) processes. The way I recommend auditing them is to include the safety (or environmental) components of the process when you audit the process for quality. Also, on your OHSAS 18001 audit plan, you would audit the programs in their entirity, to ensure the program is effective.

For the scheduling of the OHSAS internal audits i am still getting confused if we can only list and program the processes incorporated in the system, or have a splitting of the site into different sectors/locations and audit each one separately?

I believe it's more of a 'scope' and 'criteria' issue than a scheduling issue. If you do as others have suggested, select a process and 'add in' the relevant safety criteria and environmental considerations to the scope, you shouldn't have a problem. Of course, the normal rules of 'status and importance' apply too!

I was actively involved in OHSAS 18001 implementation in one of our IT campuses and here is how we went about it:

1. We divided the entire facility in to logical areas - For eg, the DG Sets , Power panels, Chiller Yards, RO plant, Cafeteria, Workspaces, Transportation etc

2. We listed down all the routine and non routine activities carried out in each of these areas (of our staff and vendor/suppliers) - This is very improtant now, because the 18001:2007 now mandates that behavior is considered in conducting hazard and risk analysis.
This is indeed a very lengthy and resuorce consuming process, but is also the very heart of the OHSAS.

3. Carried out a risk assessment (activity wise) and risk rating. We used the Sev,OCcurance ,Detection model and had defined in our HSE manual that we will address risks with a certain RPN number with programs and will set up objectives and targets.

In my view it is a great approach to divide the site in to smaller, yet logical peices and then look at routine, non routine activities and related Risks.Also review legal and other requirements area wise.

Other requirements like Management commitment etc can be addressed at the firm level.

We have developed the systems around the areas and have de\ifined and documented programs, operational controls, legal requirements, objectives, targets area wise. we review all areas in Management reviews.

Hence, We al so conduct internal audits area wise and check for confirmity to OHSAS requirements in each of the areas.

Regards,
GV

Hi Krishna,
Your reply is more than helpfull for me. Thanks a lot

Hi !

Bilijaf if you consider it is "obvious" that auditing after a process is more efficient and effective, I ask you :

1- ... which "processes" ?
I think that it is a true question to be posed (perhaps one of the fundamental questions about management systems integration…). I am not sure that defined processes according to “satisfaction of the customer” orientation (ISO 9001) are always well adapted to a vision “safeguarding of our world” (ISO 14001) or “occupational health and safety” (ILO-OSH).
Seriously consider the integration of all the fields of companies responsibilities (ISO 26000…?) should lead us “to balance” a little more our usual vision of processes (generally hypertrophying the customerorientation ). Example: the “humanresources ” process is perhaps considered as a “support” process (implied less essential) regarding production process but in vision “responsibility sociétale” this process does not have to be qualified as “support” in my opinion.

2- ... more efficient and effectif "rather which other way" ?
Audit by process is natural in QMS because ISO 9001 preaches the approach by process… but the international management systems standards of other domains (beyond quoted) don't require to use these famous process…

I regularly carry out OHSMS audits without use the “processes” defined in audited entity (but by applying audit methodology and techniques / requirements of OHSMS standard choosed by the entity). These audits are powerful to improve occupational health & safety management. Nobody showed me (nor asked) that they would be "more efficient and effectif" made by process.

I come back to your question: "But since OHSMS is more related to activities, workplaces and behaviours is it not more reasonable to divide the site to different sectors (or workplaces) and to audit each one separately?" I don't think so.

Building sectors, workshop or workplaces (geographical areas) are not really representative or typical of principal QMS elements or of famous already evoked processes. In my experience these work areas are not the good “cutting” to represente or audit of a OHSMS too.

It is exceptional to observe a strict correspondence between elements of Q, E or OHS management system and such geographical areas. In general a process or an simple work activity of work covers several places.

But certain audits, not general from the system point of view but focused on a practical and material aspects, can be carried out according to an approach “buildings” or “workplaces”.

Example: routine checking (lawful or not) of work or safety equipments, routine or specific inspection of cleanliness and arrangement of the places of work…
Counterexample: to audit H&S formation H&S of the personnel I prefer to probe a sample (ex: X % of the personnel + Y last engaged people).

As regards H&S the entrance point it the workers, the reality of its work activity, not the geographical reality of buildings. An illustration: for knowing deafness risks of of personnel it is better to place portable tape recorders on some representative people, rather to review some measurement representative points in the buildings (but to study a noise reduction projet of a machine, OK, I need to measure the machine and the room...). It is basically my point of view “ergonomicist”.

Bye.

Henria,
thanks for your detailed reply.
I got your point of view, but in order To have a clear interpretation let us consider an operational process for fabrication of a certain product. The production line is composed of different processing units in different stations/workplaces. I agree that quality's considerations are different from those of HSE . For planning of HS audit is it not useful to consider each station separately one by one and to audit after OHSAS requirements? or to take the complete process from A to Z and have random sampling for checking conformity to each of the requirements?
Hope i have clarified the issue i am asking aobut.
Thanks:o

Hi Bilijaf !

I'll try to clarify my point of view. I summarize the situation : You questions about auditing your company's OHSMS based on BS OHSAS 18001, in particular on the manner of cutting out your approach: to use an approach “proceesses” (concept quality / ISO 9001) or to use an approach rather “site sectors or workplace” (more significant for H&S) ?

§ 4.5.5 of this british standard does not suggest structuring your audit according to "processes" or "workplaces", but being interested to "arrangements to OH&S management including the requirements of this OHSMS standard" and in particular "based on the results of risks assessments of the organiszation's activities".

For me, no need to “dividing” the company and auditing each piece about all requirements of the standard. Your OHSMS is “transversal”, it is not build by workplaces nor by process. But certain aspects of the standard requirements or H&S company arrangements to satisfy them will be particularly audited in such or such workplace… without auditing all your workplaces.

Auditing an OHSMS is inevitably to do a certain sampling of the interviewed people, analyzed procedures, visited workplaces or equipments, checked recordings, etc… to have a vision of the entity as well on the “hardware” as on the “software” of its OHSMS.

All this is particularly true for a specific audit of the whole system during few days. If we spread out it over a long period we can “divide” the job according to the different “sections" of the OHSMS standard or according to the “procedures of company OHSMS (what is rather equivalent because these sections determine these procedures).

Bye.

I agree with you. But dont you think that such technique requires high competency and qualification of the auditors, which is not quite easy in case of internal auditors?.
Thnx

Hi Bilijaf,

You are right about competency and qualification of the auditors. However § 4.5.5 of the british standard* you chose requires internal audits and request to define audit arrangements (of which competences [thus formation if need] and qualities of auditors). With experience growing bigger these practices increase the competence and the autonomy of the company.

I do not know the size of your company and the number of its sites, but a good practice is to exchange auditors between sites of the same company or with other companies.

Good night.

* others national OHSMS standards or the international one require quite the same.