ISO 9001, ISO 14001 and 18001 Integrated Approach

[wileycomet]

Hi,

I've taken on a position responsible for HSEQ Management across 6 sites, 3 Manufacturing/Distribution centres and 3 retail stores.

The company does not currently have a lot in place and are keen to meet the requirements of the above standards. I think the best plan of attack is to integrate.

I've attached a sort of road map I put together based on my interpretation of the standards and other resources - it's a lengthy document but I'd be keen to know I'm on the right track.

Thanks

 

[John Broomfield]

Hi,

I've taken on a position responsible for HSEQ Management across 6 sites, 3 Manufacturing/Distribution centres and 3 retail stores.

The company does not currently have a lot in place and are keen to meet the requirements of the above standards. I think the best plan of attack is to integrate.

I've attached a sort of road map I put together based on my interpretation of the standards and other resources - it's a lengthy document but I'd be keen to know I'm on the right track.

Thanks

wileycomet,

Congratulations!

Please provide a .pdf version so we do not need MS Word to open it.

I want to see the extent to which your plan develops the management system that is currently used to run your business.

Ignoring this and it's undocumented procedures to impose documented procedures written around the standards is not advised.

But your plan may not say that. It may engage top management in understanding how their organization works as a system and then engage process owners in capturing their processes as they actually work.

Thanks,

John

 

[wileycomet]

Hi John,

Thanks for your comments. I've attached a PDF version.
The company currently has separate OHS/Env/Qual policies, some supporting documentation that looks like templates used to gain 9001 certification and no real processes or procedures for key business aspects:

Purchasing
Incident Investigation
Action Management
Auditing
Contractor Management
Change Management
Risk Assessment
...

I intend to process map from a high level, drill down, and hopefully build a compliant management system whilst incorporating it into current business practices. It all sounds perfect and easy doesn't it.

 

[John Broomfield]

Hi John,

Thanks for your comments. I've attached a PDF version.
The company currently has separate OHS/Env/Qual policies, some supporting documentation that looks like templates used to gain 9001 certification and no real processes or procedures for key business aspects:

Purchasing
Incident Investigation
Action Management
Auditing
Contractor Management
Change Management
Risk Assessment
...

I intend to process map from a high level, drill down, and hopefully build a compliant management system whilst incorporating it into current business practices. It all sounds perfect and easy doesn't it.

wileycomet,

You seem to omit leadership of your management system. The rep cannot do it alone. You want everyone to deliver HSEQ (and Security?) by doing their jobs.

Your paper speaks as if no one already delivers HSEQ. That disrespect for the existing but undocumented system will get you into trouble with the people you need to develop, use and improve their organizational management system.

In developing their process-based management system you need first to work with top management to understand how your organization interacts with customers, suppliers, neighbors and other stakeholders to convert the needs of customers into cash in the bank. By doing this you'll determine the processes that are essential to the success of your organization.

From this you can ask top management to name the process owners. People who know how the process actually works (or doesn't). Then work with each of them to analyze their process and document its interactions and controls to the extent necessary for effective planning, resourcing, operation and monitoring.

Your paper is useful while doing this because it influences the questions you ask as you seek to understand the system and its management system that already if used to run the organization.

Then you can help your colleagues to add any missing processes or controls so they feel that they own their management system.

Imposing a compote from the standards is not recommended.

John

 

[Peter Fraser]

I agree with John.

Your management system already exists(!) - what you are doing is ensuring that it complies with more than 1 standard.

Your (well written) paper says "There should be a process..." a number of times - I suspect that these processes already exist, even if they are not defined or do not totally match the requirements.

Rather than say "The management system will be designed and implemented to function within current business practices", I would prefer to say "We will ensure that our management system and current business practices meet the requirements of ISO 14001, ISO 9001 and OHSAS18001".

What is missing is a description of what the business actually does - to me that should be the starting point for any management system description.

 

[wileycomet]

Thanks for the replies.

I think you're right. I Was a bit unsure about how to approach this project as the level of knowledge of management systems or what HSE obligations they have in the company is limited.

I should have probably given a little more context, the company seems to struggle with defining process or process ownership with roles not very clearly defined. The document was written as a tool to help explain what a management system can do and how it can work with the company. Currently, HSEQ is treated as being separate to business and I'd like to get a procedural base in place to start a culture change.

The company is fairly small, with 60 staff spread across the country and they predominantly sell polymer seals with very minimal cnc manufcaturing. They are owned by a much larger company who stipulate the requirement to have certified management systems but don't have a frame to build from.

Thanks

 

[John Broomfield]

wileycomet,

Ah, imposition from the parent company explains a lot.

It now seems to be up to you to help your leaders to determine their own reasons for developing their management system. Doing it to keep the head office happy is a killer.

Help them to understand their system as it is - warts and all. Look deeply enough and you'll see what your colleagues do to help each other to understand and fulfill stakeholder requirements.

You and your colleagues now have the opportunity to show how their business management system prevents accidents and pollution while delivering improved profitability as a result of services and products being delivered right the first time.

Focus on what your organization already does to prevent nonconformity. Manage changes to the existing system collaboratively and carefully.

All the best,

John

 

[dvyws]

To be honest, the document doesn't seem to me to describe an IMS -it is all about the implementation of HSEQ, and does't really mention 9001 or 14001.

Not that I think your steps are wrong, just that they need expanding to include the requirements of the other standards.

It might also be worth emphasising the participation of staff in the development and imlementation of procedures and processes - you can't make it happen on your own.

David