Health & Safety in ISO 9001:2000 Audits - OH&S Regulations

[Sidney Vianna]

Iso 9001+iso 14001+ohsas 18001=isoha 41003

I agree with Kevin. If you make safety part of your written documentation that is part of your registration scope than it is auditable.

Bill Pflanz

Bill, I strongly disagree. Many organizations shy away from integrating their management systems because exactly of this mind set. Afraid that, if it is written down, it is fair game to be audited, irrespective if they choose to be certified to a single Std.


Imagine that a progressive thinking organization realizes that they can streamline their command media and do a better job of training their operators on a given manufacturing process, covering AT THE SAME TIME and in the same document, quality, environmental and health and safety requirements. Just because they are going for an external ISO 9001 audit, the E,S&H part of the document and the process are NOT fair game for an auditor performing a QUALITY management system audit.

Remember, audits have scope of coverage. So, if I am performing a QMS audit, E,S&H issues are out of my scope.

Don’t get me wrong by thinking that I would be negligent and blinded to important issues. If I do see something that seems an unsafe situation or an environmental concern, by policy I am required to COMMUNICATE that to the organization that I am auditing, but I should NOT write it up as a non-conformity. Remember, ISO 9001 6.3 and 6.4, respectively Infrastructure and Work environment, are related to achieve conformity to product requirements.

As an example, if I am doing an ISO 9001 and a procedure states that the operator must collect the contaminated solder bath solution in a RED container, for disposal, I should not even get involved with that part of the process, which is clearly handling of waste/by-product, which is by definition, outside of the scope of my audit. Had I been performing an ISO 14001 audit, and in the same situation, that part of the process would actually be my focus.

 

[nigelh]

Hi Tomjess,

We were audited just recently and picked up under Section 6.4 - Work Environment for not complying to the Hasie Act. (Recommendations only)
Over the last ten years of being audited, our auditors have regularly checked things - fire extingishers, ratings for chain blocks, etc.
If the auditor finds something that is out of date, damaged - they can make an observation.


Regards

nigelh

 

[Bill Pflanz]

Bill, I strongly disagree. Many organizations shy away from integrating their management systems because exactly of this mind set. Afraid that, if it is written down, it is fair game to be audited, irrespective if they choose to be certified to a single Std.

Hi Sidney,

First, let me complement you on your contributions here at the Cove. You have obviously "been there, done that". On this posting, you may have read more into my comments than was intended. When I worked on ISO, we used the same management system, document control, corrective action etc. for our environmental and safety processes. What we did not do was make those areas part of our ISO registration scope which we kept more customer focused.

[Imagine that a progressive thinking organization realizes that they can streamline their command media and do a better job of training their operators on a given manufacturing process, covering AT THE SAME TIME and in the same document, quality, environmental and health and safety requirements. Just because they are going for an external ISO 9001 audit, the E,S&H part of the document and the process are NOT fair game for an auditor performing a QUALITY management system audit.

Considering the registrations were obtained in the early 90's, I believe we were progressive since the extension of ISO to E,S&H really came later. If we would have had senior management support, the E,S&H department was more than willing to make it a full part of the scope.

Both of us agree that "audits have scope of coverage". The scenario that was described indicated it was a QMS audit and that safety was outside the scope of the registration. If site management wants to include safety in the audit scope, they are free to do that but you would probably want an external auditor who knows OSHA regulations if they plan to diverge from just auditing written policies and standards.

On the whole, we seem to agree more than disagree so anything you can add to clarify our thoughts would be useful.

Bill Pflanz

 

[SteelMaiden]

You know, I have some mixed feelings over integrating all the management systems, auditing (or more appropriately, finding nonconformances) safety in the QMS audits, etc. But then, on the other hand, safety stuff is a part of the statutory and regulatory requirements, right? Can you really have a "quality" Management System if your people are getting hurt every day?

We have accepted a finding for crane inspection forms that our registrar could not find, even though they should be done every shift, and we showed material moving in the area on the day(s) there were no inspections filled out. No, none of those requirements were listed in any of our QMS documentation. I figure, and so did management, that if we don't take every opportunity to improve our safety program we are setting ourselves up for a catastrophic safety incident. What is the old saying? Better SAFE than sorry. If you come to my plant and see something that looks unsafe, let me know. And thanks, the life you save may be mine, or yours, or anybody else's.

 

[Sidney Vianna]

Both of us agree that "audits have scope of coverage". The scenario that was described indicated it was a QMS audit and that safety was outside the scope of the registration. If site management wants to include safety in the audit scope, they are free to do that but you would probably want an external auditor who knows OSHA regulations if they plan to diverge from just auditing written policies and standards.

On the whole, we seem to agree more than disagree so anything you can add to clarify our thoughts would be useful.Bill Pflanz

Looks like I misunderstood your original comment, Bill. And thank you for your comment.

What is the old saying? Better SAFE than sorry. If you come to my plant and see something that looks unsafe, let me know. And thanks, the life you save may be mine, or yours, or anybody else's.

As I said, if I am conducting a QMS audit and observe an unsafe situation, I will communicate that with you. But it is different from the scenario that you described, where apparently, your external auditor was actively looking for records that are much more related to your Safety MS than your QMS. In my opinion, your auditor was deviating from the audit program and scope, assuming s/he was there to verify compliance of your system to ISO 9001. As long as you welcome it, no harm.

I just think that sometimes, (I am not saying that this is the case here) auditors just take the easy path of looking for missing/incomplete records, obsolete documentation, etc... that is easy "prey" in any audit, but are records and documents the heart of a management system?

 

[little__cee]

I see a difference

If we as company comply to our Health & Safety bodies (statutory and regulatory requirments). Can they be an issue to us when audited for ISO 9001:2000?

It seems as if the auditors need to have something to find during the audit.

Thanks in advance

I see a difference in failing to do something that your company says it will do, such as "we will fill out crane inspection forms every shift" versus failing to do something that OSHA says your company must do...

Is that just me? I agree with SteelMaiden but feel that there are genuine suggestions and auditors just nit-picking because they have nothing to write down. I could give numerous examples of OFI's that I feel were only written because the auditor felt he had to write something down.

 

[Kevin H]

Wow, looks like I helped start a word storm. I'd like to add that this is the first time I've ever written a nonconformance regarding safety in a QMS internal or external audit, and I've been active in different company's QMS systems since 1992. Also, I wasn't searching for a nonconformance - including the one for safety, I currently have 13 and am still writing. Also some of my OFI's for this internal audit could easily be written as nonconformances.

Also, I've raised the safety issue over the last 4 years in AM meetings and haven't seen a whole lot done. I've never worked in a plant before where on dayshift hourly employees regularly go without prescribed safety equipment. (and this is with their direct supervision present!) I'm used to seeing it in different plants on off-shifts when some employees think management isn't around and they don't have to comply because they don't like/want to. After 4 years I've reached a point where I felt that the issue needed to be raised to a higher more attention getting level, and as I'm not in a direct supervisory position this seems to be the way to go. Also, if there is an accident and I've done nothing, or nothing I pointed out was addressed than in my mind I'm slightly guilty for not having been able to bring enough attention to bear to address the problem.

If I had been doing this as an external audit, I would not have written it as a nonconformance, but would probably have documented it in the report.

In the long run though, isn't everything largely interconnected? If we have a major accident through not following safety requirements, our cost to do business will go up either through increased insurance costs, or possibly oversight by OSHA. This will affect our bottomline, which could affect future investment in research or a new line, which in the long run could affect the product. A direct link, by no means but still one having a potential affect.

 

[Bill Pflanz]

In the long run though, isn't everything largely interconnected? If we have a major accident through not following safety requirements, our cost to do business will go up either through increased insurance costs, or possibly oversight by OSHA. This will affect our bottomline, which could affect future investment in research or a new line, which in the long run could affect the product. A direct link, by no means but still one having a potential affect.

Kevin,

You have the right idea and I commend you for your insight. Be prepared for lots of arguments of why you are interfering in areas outside of quality. There have been a number of threads on systems thinking both here and in the ASQ Discussion Board. It supports your thoughts about everything being interconnected. When you get time, take a look at them.

You also forgot one other reason to do the right thing: someone may get injured or killed which is a bigger cost than the dollars to the company.

No apologies needed on causing a storm, it provided a lively and valuable discussion.

Bill Pflanz

 

[Claes Gefvenberg]

In the long run though, isn't everything largely interconnected? If we have a major accident through not following safety requirements, our cost to do business will go up either through increased insurance costs, or possibly oversight by OSHA. This will affect our bottomline, which could affect future investment in research or a new line, which in the long run could affect the product.

Yes, I agree. I posted something to that effect in the thread ISO-9001 and SAFETY (Same thread as Sidney refers to in post two). I have issued several internal NC's leaning on 6.4, and nobody ever questioned that (I also cooperate with our Safety Engineer on a daily basis). ISO9004:2000, Clause 6.4 is pretty good btw.

/Claes

 

[nomisd]

So how did this auditor come about this information? If indeed that is the case then what will that mean to all those not already comforming to ISO 14001 and OAHS 18001?

Our certifing body is a well known standards body based in Britain so I guess said body has started discussing this (whether they have told any other national standards body I couldn't tell you).

My personal feeling is that it probably isn't such a bad thing. If you don't conform to any part of it then I assume that you can just claim exemptions from those clauses, just like you currently can from 9001 at the moment. Certainly in my current and my previous jobs, H&S are part and parcel of the way that installation work is done on site - risk assessments need to be carried out and approved by the customer before any work on site can commence. If someone is drilling holes in walls to run cable, is it a quality or H&S issue?

Certainly in the UK, H&S is becoming a more and more important part of carrying out business (don't know about the rest of the world). Anything that makes it easier for people like me to make top management take it seriously, I'm all for.

Reading this and reading what I posted before sort of sounds like I'm contradicting myself. I'm not the point I was orginally making was that yes annoying, seemingly nitpicking non-coms (or similar) for H&S issues seem almost an abuse of the ISO 9000 audit system If we are going to be serious about it, tackle the big issues first (like people operating without PPE when they require it) , then be pedantic and deal with issues like the height of boxes when stacked.

Cheers

Simon