ISO 45001:2018, the Occupational Health and Safety Management System standard was published in early March 2018. This is the twenty-fourth in a series of blogs, in which we describe what the implementing company must do in order to meet the requirement of the standard. We will now look at clause 10: Improvement.
ISO 45001:2018 – Clause 10: Improvement
This clause provides guidance on making improvements to the OH&S management system.
This clause encompasses the following:
- Incident, nonconformity and corrective action;
- Continual improvement.
Clause 10.1: General
The organisation must actively seek out and, where possible, realise opportunities for improvement that will facilitate the achievement of the intended outcomes of the OH&S management system.
The organisation should consider the results from analysis and evaluation of its OH&S performance, evaluation of compliance, internal audits and management review when taking actions to improve its performance.
Improvement can arise from corrective action, continual improvement, breakthrough change, innovation and re-organisation.
Clause 10.2 Incident, nonconformity and corrective action
The organisation should have a process in place for reporting and investigating incidents and other nonconformities, and for taking action to correct them and deal with their consequences. Separate processes may exist for incident investigations and nonconformities reviews, or these may be combined as a single process. It is imperative that root cause analysis be carried out on the incident or nonconformity in order to take appropriate action to prevent a recurrence.
Examples of incidents and nonconformities include but are not limited to:
- Incidents: near misses, injuries and ill-health and damage to property or equipment that could lead to OH&S risks; such as a broken leg, asbestosis, hearing loss;
- Nonconformities: protective equipment not functioning properly; failure to fulfil legal requirements; prescribed processes or procedures not being followed; contractor behaving in an unsafe manner on-site.
When an incident or nonconformity occurs, the organisation must react in a timely manner, act to control and correct it and deal with the consequences.
It must evaluate the need for corrective action to eliminate the root cause of the incident or nonconformity in order to ensure that it does not recur or occur elsewhere in the organisation by:
- Investigating the incident or reviewing the nonconformity;
- Finding out what caused the incident or nonconformity;
- Finding out if similar incidents have occurred, if nonconformities exist, or if they could potentially occur.
The evaluation of the need for corrective action should be carried out with the active participation of workers and the involvement of other relevant interested parties.
The aim of an incident investigation is to determine what happened, why it happened, and what can be done to prevent it from happening again. This means not only considering the immediate causes, but also the underlying or root causes and taking corrective action to address these causes.
Almost all incidents have multiple causes. These can be related to a range of factors, including human behaviour and competency, the nature of the tasks and processes, equipment or management of the organisation. The investigation should identify all areas that need improvement including improvements to the OH&S management system and propose appropriate corrective actions.
The level of investigation should be proportionate to the potential health and safety consequences of the incident. The incident should be recorded and reported internally and, where appropriate, reported externally to regulatory bodies such as the HSA/HSE (reference the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013 (RIDDOR)/the Safety, Health and Welfare at Work (General Application) (Amendment) (No. 3) Regulations 2016, Part 14 (Reporting of Accidents and Dangerous Occurrences). Where practicable, the investigation should be led by a person independent of the activities being assessed and should include a worker or workers’ representative.
In addition, the organisation should
- Review existing OH&S risk assessments for continued suitability (e.g. did the risk assessment anticipate the occurrence of the incident or nonconformity);
- Decide on and implement any action needed, including corrective action, in accordance with the hierarchy of controls (reference clause 8.1.2) and the management of change (reference clause 8.1.3);
- Assess OH&S risks that relate to new or changed hazards, prior to taking action;
- Review the effectiveness of any action taken, including corrective action (e.g. the extent to which the implemented corrective actions adequately control the root cause);
- Make changes to the OH&S management system, if necessary such as updating a process map or procedure.
Examples of corrective actions (as indicated by the hierarchy of controls) include, but are not limited to:
- Eliminating hazards;
- Substituting with less hazardous materials;
- Redesigning or modifying equipment or tools;
- Developing and implementing procedures or improving processes;
- Improving the competence of affected workers;
- Changing the frequency of use of equipment, etc.;
- Using personal protective equipment.
Corrective actions should be appropriate to the effects or potential effects of the incidents or nonconformities encountered.
Root cause analysis refers to the practice of exploring all of the possible factors associated with an incident or nonconformity by ascertaining what happened, how it happened and why it happened, to provide an input for what can be done to prevent it happening again.
When determining the root cause of an incident or nonconformity, the organisation should use methods appropriate to the nature of the incident or nonconformity being analysed. The focus of root cause analysis is prevention. Root cause analysis can identify multiple contributory failures, including factors related to communication, competence, fatigue, equipment or documentation.
While root cause analysis is being performed, the organisation may also have to undertake immediate but temporary actions to prevent the occurrence of the same nonconformity or incident. This would form part of the corrective action.
The organisation should retain documented information as evidence of:
- The nature of the incidents that occurred or nonconformities encountered, and any subsequent actions taken;
- The results of any actions and corrective actions taken, including their effectiveness.
The organisation should communicate this documented information to relevant workers, and where they exist, workers’ representatives, and other relevant parties.
It is worth noting that the investigation and reporting of incidents without undue delay can enable hazards to be eliminated and associated OH&S risks to be minimised as soon as possible.
Clause 10.3 Continual Improvement
The concept of continual improvement is embodied in all management systems based on annex SL such as ISO 9001, ISO 14001, ISO 27001, ISO 22301 and of course ISO 45001.
Actions which an organisation might take with a view to achieving continual improvement in the suitability, adequacy and effectiveness of its OH&S management system include:
- Enhancing OH&S performance;
- Promoting a culture that provides support to the OHSMS;
- Promoting the participation of workers in the identification and implementation of actions for continual improvement of the OHSMS;
- Communicating the relevant results of continual improvement to workers, and where they exist, workers’ representatives;
- Maintaining and retaining documented information as evidence of continual improvement
Examples of continual improvement opportunities include, but are not limited to:
- New technology;
- Good practices that arise internally in the organisation and externally to the organisation;
- Suggestions and recommendations from interested parties;
- New knowledge and understanding of occupational health and safety-related issues;
- New or improved materials;
- Changes in worker capabilities or competence;
- Achieving improved performance with fewer resources.