Resources, roles, responsibility, accountability and authority(4.4.1)
The Specification requires that roles, accountabilities, responsibilities and authorities to achieve these are defined, documented and communicated in order to facilitate effective occupational health and safety management.
Top management must ensure adequate resources are available and used for implementing and maintaining the system. Resources include human resources and specialised skills, organisational infrastructure, technology and financial resources.
A member of top management must also have been given ultimate responsibility for OH&S, implementation and maintenance of the system, and reporting on performance. This may be the same individual who signs the OH&S Policy. Their identity must be available to all relevant persons.
During the assessment process, it is vital that all those with management responsibility be able to demonstrate their commitment to continual improvement of OH&S performance.
Roles, accountabilities, responsibilities, and authorities are rarely adequately defined or documented. It is possible to document the key roles and responsibilities in top tier documentation, while responsibilities and authorities to manage the risks can be shown in operational procedures and work instructions. Accountabilities must also be defined and individuals can be accountable both internally to the organization but also externally to the legislature and controlling organisation, for example.
Competence, training and awareness (4.4.2)
The organisation shall ensure that all person(s) under its control performing tasks that can impact on OH&S is (are) competent on the basis of appropriate education, training or experience, and shall retain those records of awarded competency.
The requirement to define competence is a key component of OHSAS 18001. There may be specific legal requirements or others that come from company needs and experience.
Tasks that may involve OH&S in the workplace should have relevant competencies defined in terms of appropriate:
Arrangements need to be in place to identify and remedy any shortfalls between the current level of competency (identified as being possessed by an individual) and the required and defined competency.
Procedures need to be in place to make employees aware of the OH&S consequences of their activities and the training procedures need to take account of differing levels of:
To ensure that only competent employees are undertaking tasks.
There should also be assessment of individuals to ensure that they have not only achieved, but are also maintaining, the knowledge and competency required. Any training provided must itself be evaluated as to its effectiveness, and records kept to demonstrate this.
We look for the following during the assessment:
- Process to define competency requirements
- Documented competency requirements for individual roles
- Access to knowledge of how to ensure competent contractors
- Analysis of training needs for employees
- Training programmes/ plans for individual employees
- Range of training courses/products available for use within the organisation
- Training records and evaluation records (of the effectiveness of training)
All personnel whose activities can involve occupational health and safety hazards must receive appropriate training and the link to the risk assessment process is often missing. Similarly, if the competencies are not clearly defined as part of the necessary control measures, then it is difficult to identify any gaps or training needs.
The requirement to have procedures in place to ensure employees are aware is often interpreted as a one-off awareness session. This is normally insufficient and procedures should ensure that awareness is maintained as the system matures and changes with changes in the organisation and / or activities. Hence the system should also be controlling and capturing refresher training records.
Communication, participation and consultation (4.4.3 (126.96.36.199 & 188.8.131.52))
There is a requirement to have procedure(s) to define employee involvement in:
- hazard identification
- risk assessments
- determination of controls
- incident investigation
- development and review of policies and objectives
- consultation arrangements
Employees should be informed about participation arrangements and who their representative is.
Consultation may also be required with contractors where their OH&S may be affected.
Procedures need to be demonstrable to ensure that pertinent OH&S information is communicated to and from employees and other interested parties such as contractors and visitors.
Procedures should also address communications from, and consultation with, external parties (eg HSE, neighbours), and these should be documented and responded to.
Although participation, consultation and communication are often demonstrable, the documented procedures as to how this has been, and will be, consistently achieved, and who is involved, are commonly omitted from the system.
Operational control and emergency preparedness (4.4.6 & 4.4.7)
The organisation must identify operations and activities associated with defined hazards. This element of the system reinforces clause 4.3.1 in relation to hazard identification and the risk evaluation process.
However the use of the words:
... ‘those operations and activities that are associated with identified hazard(s) ...’
…broadens the process into activities which may not themselves have direct hazards, eg, purchasing.
- Control of these activities, which must include maintenance, must be achieved under ‘stipulated operating criteria’.
- This specification is only required to be documented where the absence of a documented procedure could jeopardise policy commitments or achievement of objectives
- Alternative conditions can be specified through, eg, training, communication or staff competence.
It is important that operational control over contractors is maintained, as they often undertake high risk activities that the organisation does not possess the necessary competencies to perform. In turn these may adversely impact on other’s occupational health and safety, including employees.
Emergency situations can arise in any organisation. Even in the lowest risk environment, fires can start or people can fall, warranting action to be taken to respond to the incident. A procedure should therefore be in place to identify the potential for incidents and emergencies. This can sensibly be undertaken during the hazard identification and risk assessment process. For example, look to the significant uncontrolled hazards as a starting point to identify appropriate emergency procedures. Consequently, emergency response should be planned for a wide range of activities from the simplest through to the most complicated. An emergency is purely an unplanned event that results in OH&S implications.
Appropriate emergency equipment should be provided and your response capability should be regularly tested.
It is important that Contractors are advised of their responsibilities throughout the period of their contract and particularly how to respond to emergency situations. They should therefore be involved in the testing of plans, as should external emergency services where they cannot class their response as routine. Also tenants, visitors and other interested parties who may be affected should also be involved in the testing.
Implementation of effective operational control is assessed in depth. Weaknesses can be caused by a host of reasons, quite often attributable to failings within other clauses of the standard. If all other clauses are implemented effectively, then weaknesses in operational controls will be reduced.
Weaknesses with respect to emergency preparedness often result from the variety of emergencies not being identified. Also, once this variety is recognised it is often not reflected in planned, and periodic testing. Testing emergency procedures may be through a number of mechanisms, for example, audit, desk top scenario, or live re-enactments. Invaluable information is often lost from actual incidents, when the responses to the emergency plans, are not reviewed.
Often activities of neighbours are erroneously disregarded while the effects of your emergencies on neighbours is addressed.