Pattys Article OSHMS

OCCUPATIONAL HEALTH AND
SAFETY MANAGEMENT SYSTEMS

CHARLES REDINGER, PH.D., MPA, CIH, KYLE DOTSON, MS, CIH, CSP,
BCEE, AND ALAN LEIBOWITZ, MS, CIH, CSP
1 INTRODUCTION
As organizations become globally integrated and concepts of enterprise risk expand,

industrial hygienists have the opportunity to influence the strategic management
of their organizations as never before. New approaches to industrial hygiene (IH)
and environmental health and safety (EHS) management have evolved with an
emphasis on integration with business functions and performance measurement
(1). Increasingly, IH and EHS professionals are challenged to understand and keep
pace not only with national regulations but with international and nongovernmental
organization (NGO) standards as well. Many such professionals are finding that
management system approaches based on consensus standards provide a means to
organize, understand, and integrate an increasing complex mix of technical, manage-
ment, and organizational culture issues.
Occupational health and safety management systems (OHSMS) are a powerful
risk management tool. They provide IH and EHS professionals with a robust and
structured management approach. Such systems provide a framework for the suc-
cessful integration of IH and other EHS activities within the organization. And most
importantly, such systems provide industrial hygienists with a solid foundation for the
implementation of beyond compliance strategies to reduce OHS injuries, illness,
and fatalities.
Pattys Industrial Hygiene, Sixth Edition, Edited by Vernon E. Rose and Barbara Cohrssen
Copyright 2011 John Wiley & Sons, Inc.
2109
2110 OCCUPATIONAL HEALTH AND SAFETY MANAGEMENT SYSTEMS
While the focus of this chapter is on OHS management systems, industrial

hygienists should be aware of the broader context for management systems in
many organizations today. Over the past several decades, the concept of risk and
risk management has greatly expanded. With this expansion has been an increase in
the number of standards and regulations that address risk, including OHS risk. In the
2000s, the OHS management system standards (MSSs) trend has evolved toward a
plan-do-check-act (PDCA) model that is expressed in the ISO standard 14001 on
environmental management. The 14001 approach has taken center stage in the design
of management system standards in general. This approach has impacted the devel-
opment of numerous standards, including those developed on risk management, supply
chain security, IT security, corporate social responsibility, and energy management.
1.1 Historical Overview

Seeds for the systems approaches addressed in this chapter can be traced back to some
of the earliest advances in OHS practice and management. Since the early work of
pioneers in the Quality Management field, and ISOs entry into the management
system arena with ISO 9001, there have been numerous iterations and developments
that have led to the prominent OHSMS approaches available as of 2010.
OHS management systems have significant roots in the quality management
systems developed in United Sates in the early twentieth century by Shewhart who
first conceived of the concept of a modern control chart. More comprehensive
management systems became available when his work was expanded and refined
by Joseph Juran, W. Edwards Deming, and Armand Feigenbum who developed many
of the tools of statistical process control (SPC). However, the wide acceptance of these
systems did not occur until they were brought to Japan in the 1940s where an explosion
of integration and improvement by Kaoru Ishikawa, Genichi Taguchi, and Shigeo
Shingo led to much of what we would recognize as elements of an effective
management system today. These pioneers created such tools as such as the
PDCA cycle or Deming Wheel, Pareto analysis, fishbone diagrams, stratification,
histograms, scatter-charts, process control charts, tolerance design (Taguchi meth-
odology), and the six sigma DMAIC methodology (2).
All of these systems tools and processes focus on reducing variation and defects and
encourages the robustness of organizational management processes, including the
identification of an acceptable level of variation. Among the earliest adoption of such
tools and techniques to OHS resulted from Frank Birds analysis of 1.75 million
accidents in the steel industry in 1976, which led to his development of the
International Safety Rating System (ISRS) (3).
Management systems standards became more generally accepted in organizations
with the development and global deployment of the ISO 9000 family of standards for
quality management systems beginning in 1987 (4). Around this same time, the
Occupational Safety and Health Administration (OSHA) in the United States pub-
lished its Voluntary Safety and Health Program Management Guidelines that served as
a model for many organizations as well as the OSHA Voluntary Protection Program
(VPP) approaches to follow (5, 6).
INTRODUCTION 2111
In 1996, ISO published its 14001 environmental management system (7). This was
one standard within a family of environmental standards that were published largely
in response to issues raised at the Rio Summit on the Environment held in 1992.
The 14000-series built on the global success of ISO 9001 and implemented by
organizations in a wide variety in industries albeit at a slower pace.
The application of the ISO process to environmental management suggested that an
ISO-based OHS standard might quickly follow, however this has not been the case.
Efforts to pursue an ISO OHSMS standard have thus far been narrowly defeated
within ISO. Numerous national and private standards have attempted to fill the void.
Several countries including the United States, Australia, and Canada have published
national standards (810). The most widely used of the current standards is OHSAS
18001:2007 (11). While this standard is not the result of a formal consensus
development process, it was developed by accreditation bodies and has at its core
several consensus documents including BS 8800 (12) and ISO 14001. In the absence of
an ISO standard, OHSAS 18001 has served to provide interested organizations with a
robust management system framework for which certification can be obtained from a
participating registrar.
In the same timeframe as the ISO 14001:1996 environmental management
standard was published, several important OSH management systems were also
published (e.g., BS 8800 and Australias SafetyMap). By the late 1990s, numerous
nation states, along with professional organizations (e.g., the Japan Industrial Safety
and Health Association, the American Industrial Hygiene Association (AIHA), and
the Chemical Manufactures Association) had started to develop OHS management
system standards and guidelines.
In the mid 1990s in the United States, OSHA began to consider rulemaking for a
comprehensive occupational health and safety program standard (13). Activities on
this effort continued through the early 2000s. Over time, the priority of these efforts
diminished and was officially off OSHAs agenda by 2003.
Researchers at the University of Michigan (UM) developed an ISO 9001-based
OHSMS that was published by the AIHA in 1995 (14). The UM/AIHA OHSMS
received significant attention from various stakeholders and standards-making orga-
nizations and a companion universal OHSMS assessment instrument was developed
and published in 1999 (15). As part of the development of the assessment instrument,
it was necessary to develop a generic OHSMS model. This model has since been
used widely throughout the world by private companies and by standards-making
bodies to assist their system development efforts (8, 15, 16).
In 1996, ISO considered the development of an OSH management system
standard for the first time, and elected at that time to not proceed. It was during
those deliberations that standards-making experts put forth the idea and recommen-
dation that the International Labor Office (ILO) would be a more suitable
international organization to develop standards and guidelines in the particular
area of occupational health and safety management systems. With this mandate, in
1997, the ILO began to conduct background research on OHS management systems as
a precursor to forming the tripartite group of experts that developed ILO-OSH
2001 (16). The International Occupational Hygiene Association (IOHA) assisted
the ILO with this research endeavor. The IOHA report to the ILO provided a
comprehensive overview of many different management system approaches and
suggested seed language and topics for the development of the ILO OHSMS
document.
While the ILO and IOHA were performing these background efforts, two devel-
opments occurred. First, ISO elected for a second time to not develop an ISO OSHMS.
Second, the British Standards Institute (BSI) published OHSAS 18001:1999 that
generally followed the structure of ISO 14001 (7, 11). This document was published
specifically for use as an auditable standard. In its introduction, OHSAS 18001:1999
stated that the document was developed in response to urgent customer demand for a
recognizable occupational health and safety management system standard against
which their management systems can be assessed and certified.
In 2000, in the United States, the AIHA solicited the American National Standards
Institute (ANSI) to form a committee to develop an ANSI standard for occupational
health and safety management systems. The Z10 committee held its first meeting in
2002 and issued a final standard in 2005 (8).
By 2009, four formal OHS management system standards had emerged as the
primary formats utilized by numerous organizations and are now central to most
OHSMS discussions.
1. OHSAS 18001:2007 and ISO 14001-based approaches (17).

2. International Labor Office OHSMS (18).
3. ANSI/AIHA Z10:2005 (8).
4. The U.S. Occupational Safety and Health Administrations Voluntary
Protection Program (6).
A detailed examination of each of these standards is provided in Section 3.
1.2 An Introduction to ISO and Standards Making

Management system standards are developed and published by a wide range of
organizations. Most of these are NGO, such as the International Organization for
Standardization (ISO), the BSI, and developers of Responsible Care in the petro-
chemical industry. Some governmental and quasi-governmental agenciessuch as
the Health and Safety Executive (HSE) in Britain, OSHA in the United States, and
internationally, the ILOhave also promulgated OHSMS standards and guidelines.
In the 1990s and into the 2000s, there has been an increasing proliferation of
standards. In many cases, organizations look to these standards as opposed to
command-and-control regulations for best practices. In the international arena,
ISO is the dominant NGO developing standards.
ISO was formed in 1926 as the International Federation of the National
Standardizing Associations (ISA), which was renamed ISO following a brief operat-
ing gap during WWII. ISO no longer is an acronym. It comes from the Greek word
isos meaning an effort to eliminate translation issues.
INTRODUCTION 2113
ISO is a voluntary organization whose members are recognized standard

authorities, each representing one country. ISO standards are produced by volun-
teers drawn from who represent the national standards institutes of over 150 member
national standards institutes (19). For example, ANSI is the United States repre-
sentative to ISO. These volunteers participate on technical committees, subcom-
mittees, and working groups each headed by a Secretariat from one of the member
organizations. Each of these groups work to produce or update technical guidance in
a specific area. Generally a specific consensus standard is the ultimate work product,
such as ISO 14001.
ISO and other NGO standards are developed with an eye toward the value of
conformity assessment to ensure a common application of specific objectives identi-
fied in applicable standards. A key issue in the decision to follow a particular
management system relates to the level of conformity an organization will pursue.
For some organizations simply following the general outline of the system will provide
sufficient structure to their process. While others find value with an internal audit to
ensure appropriate application of the standard within the organization. However, those
requiring broad external acceptance of a system standard must commit to third party
certification by a recognized registrar or certification body.
An important distinction is that between standards and guidelines. The term
standard, typically refers to documents that are shall based, that is, the word shall
is used as opposed to should. Use of shall, means that the issue at hand is required,
versus the use of should that means that the issue at hand is a recommendation or
good idea.
Standards rarely have the force of law unless specifically adopted by the responsible
agency or legislative body. Thus, most standards are voluntary until referenced by
regulation or judicial process. However, the line between voluntary and required begins
to blur as more organizations adopt these standards and begin requiring conformity
by their suppliers. For example few governments require ISO 9001 certification but
it is almost impossible to be a global supplier without it. Third party certification to
the standard has become a price of entry for many manufacturers.
1.3 Basic Systems Concepts and Definition

At their most basic level, systems are typically described as having four elements:
input; process; output; and, feedback. The relationship between these four elements is
depicted in Figure 44.1.
Input Process Output
Feedback
FIGURE 44.1 System model with feedback loop.
Input Process Output
FIGURE 44.2 Program model, no feedback loop.
A question that often comes up when talking about an OHS management system is
what is the difference between a system and program? One way to describe this
difference is in terms of an information feedback loop, that is, feedback in a system is
essential and an integral component of the system. Conversely, this is not the case with
programmatic approaches where feedback is not necessarily part of a structural
design. This is depicted in Figure 44.2.
A system can be further characterized as being either open or closed. In the case
of open systems, there are identifiable pathways whereby the system interacts
exchanging information with and gaining energyfrom its external environment.
This phenomenon is readily observed in biological systems. Conversely, closed
systems do not have such pathways, and thus limit their ability to adapt or respond
to changing external conditions.
ISOs guidelines on the development of management system standards defines a
management system as a system to establish policy and objectives and to achieve
those objectives. (20)
This ISO guideline states that
management systems are used by organizations to develop their policies and to put these
into effect via objectives and targets, using:
. an organizational structure with roles, responsibilities, authorities, etc., of

people defined;
. systematic processes and associated resources to achieve the objectives and
targets;
. measurement and evaluation methodology to assess performance against the
objectives and targets, with feedback of results used to plan improvements to the
system; and,
. a review process to ensure problems are corrected and opportunities for
improvement recognized and implemented when justified. (20)
Specific to OHS management system, ANSI/AIHA Z10 defines these systems as
a set of interrelated elements that establish and/or support occupational health and
safety policy and objectives, and mechanisms to achieve those objectives in order to
continually improve occupational health and safety. (8)
In like fashion, OHSAS 18001:2007 defines an OH&S management system as
part of an organizations management system used to develop and implement its OH&S
policy and manage its OH&S risks. (17)
INTRODUCTION 2115
1.4 Programs Versus Systems

What is the difference between a program and system? is in fact a common
OHSMS question. The distinction is made here between traditional programmatic
approaches and newer systems approaches to OHS management. In the shift
suggested by the development and implementation of an OHSMS, a program is
viewed as singular, vertical, and based on traditional command-and-control reg-
ulations. The focus is on compliance with the program standard/regulation, not the
broader impact on OHS performance in the organization. In this conceptualization,
programs do not have strong, if any, feedback or evaluation mechanisms whereby
the program is adjusted or modified, as depicted in Figure 44.2.
Conversely, a systems approachwhile not losing sight of programmatic require-
ments and opportunities for improvementbroadens in perspective to address the
manner in which the program affects other programs, and the extent to which the
program may or may not improve worker health and safety. Furthermore, a systems
approach is driven by OHS improvement, more so than by programmatic regulatory
compliance. A key distinction of a systems approach is that there are clear feedback
and evaluation mechanisms whereby the system responds to both internal and external
events.
1.5 A Generic OHSMS Model

In an effort to advance understanding of OHSMS auditing issues, researchers at the
University of Michigan developed a generic management system model in the mid-
1990s. This model served as the backbone for a management system assessment
instrument (2124). This generic management system was based on four prominent
systems in use at that time.
. U.S. Occupational Safety and Health AdministrationVoluntary Protection

Program (6);
. British Standards InstituteBS 8800 (12);
. International Organization for StandardizationISO 14001:1996 (7); and,
. American Industrial Hygiene AssociationOHSMS (14).
This model is arranged into 5 organizing categories and 27 sections (16 major and
11 subsections). Considerable attention was given to the superstructure; that is, the five
organizing categories and the manner in which the 16 primary sections are distributed
among the five categories. The representation of this management system in
Figure 44.5 could be presented in a number of ways. However, in an effort to create
a more robust model, it was important to arrange the sections in such a way as to
facilitate both implementation and evaluation activities. The five organizing catego-
ries are as follows:
1. Initiation (Inputs).
2. Formulation (Process).
3. Implementation/Operations (Process).
4. Evaluation (Feedback).
5. Improvement/Integration (Open System Elements).
These categories are partially based on widely used systems model in the policy
science arena and the simplified systems model, as depicted in Figure 44.1.
The sequence of steps shown in Figures 44.344.5, starts with a very basic construct
showing the relationship between OHS management, the organization, and the external
environment in Figure 44.3. Figure 44.4 develops the construct further showing how a
systemsmodel(Fig.44.1)andOHSmanagementarrangement(Fig.44.3)canfittogether.
Finally, Figure 44.5 adds the generic OHSMS sections to the construct (Table 44.1) (22).
Numerous government agencies and private organizations have used it as an
analytical tool guidance document to develop their internal OHSMS (15). The
government of Singapore has used the generic OHSMS as in their efforts to impact
safety and health in the petrochemical industry; construction; and, in small and
medium enterprises.
1.6 The Management System Framework Pyramid

When describing OHS management systems, it is common to talk in terms of specific
management system elements or clauses, such as the OHS policy, the baseline/initial
review, and the management review. Later in this chapter much attention is given to
describing these terms. Another way to think or talk about management systems is in
terms of four levels that are often presented as a pyramid, or the management system
document structure, as depicted in Figure 44.6.
The pyramid model is a powerful tool to help OHS professionals and their
organizations develop and implement an OHS management systems. Awareness
and understanding of the four levels allows for organizing existing OHS policies
and procedures with in the levels.
The external environment
The organization
Occupational Health and Safety

in the Organization
FIGURE 44.3 OHS in an organization.

OHS MANAGEMENT SYSTEM ELEMENTS 2117
Open system elements The organization
OHS in the organization

OHS feedback
OHS OHS outputs

OHS inputs process
FIGURE 44.4 A systems approach to OHS management.
Level I is the highest level that contain OHS policies, and in some cases a policy
manual. These documents are general and contain information on the system scope. In
large organizations, these are often referred to as corporate level documents that all
business units must follow.
Level II documents are typically procedures that address specific activities, such as
lock-outtag-out, eye-wash, and respiratory protection requirements. When begin-
ning to implement an OHSMS, organizations find that most of their documents are
level II procedures. It is typically the case that level II documents are also referred to
corporate level documents, however, these can vary between business units.
Level III documents are specific guidelines, work instructions, and standard
operating procedures are typically unique to a plant or business unit. These documents
define how an activity will occur.
Level IV documents are records used to either manage the system or are outputs
from it. These can be, for example, forms/templates, training presentations, or
monitoring records that are generated to provide artifacts of conformance with the
standard.
2 OHS MANAGEMENT SYSTEM ELEMENTS
The confluence of management system ideas in the 1990s and 2000s has resulted in a
core of common elements and themes found in all major OHSMS approaches. Five
major sections are found in most management systems. With slight variation of words
between them, these sections can be described as
1. Management Commitment, Leadership and Employee Participation

2. Planning
3. Implementation and Operational Elements
2118
Stakeholders
Regulating
Agencies/units
Open system elements The organization

Continual improvement
(14)
Integration (15)
Management review (16)
Evaluation (OHS feedback) OHS in the organization

Communication system (12)
Evaluation system (13)
OHS process
Formulation
OHS policy (3)
Goals and objectives (4)
Performance variables (5)
System planning/devel. (6) OHS outputs
Manual and procedures (7) OHS goals and objectives
Initiation (OHS inputs) Illness and injury rates
Mgmt. commitment and resources (1)
Employee participation (2) Workforce health
Implementation/operations Changes in efficiency
Training system (8) Overall organization performance
Hazard control system (9)
Prevent./correct.actions
(10)
Procurement/contractors
(11)
FIGURE 44.5 A generic OHSMS model for OHS management.

TABLE 44.1 Generic OHSMS Table of Contents (22)

Initiation (OHSI/Inputs)
1.0 Management Commitment and Resources
1.1 Regulatory Compliance and System Conformance
1.2 Accountability, Responsibility, and Authority
2.0 Employee Participation
Formulation (OHS Process)
3.0 Occupational Health and Safety Policy
4.0 Goals and Objectives
5.0 Performance Variables
6.0 System Planning and Development
6.1 Baseline Evaluation and Hazard/Risk Assessment
7.0 OHSMS Manual and Procedures
Implementation/Operations (OHS Process)
8.0 Training System
8.1 Technical Expertise and Personnel Qualifications
9.0 Hazard Control System
9.1 Process Design
9.2 Emergency Preparedness and Response System
9.3 Hazardous Agent Management System
10.0 Preventive and Corrective Action System
11.0 Procurement and Contracting
Evaluation (Feedback)
12.0 Communication System
12.1 Document and Record Management System
13.0 Evaluation System
13.1 Auditing and Self-Inspection
13.2 Incident Investigation and Root Cause Analysis
13.3 Medical Program and Surveillance
Improvement/Integration (Open System Elements)
14.0 Continual Improvement
15.0 Integration
16.0 Management Review
4. Evaluation and Checking

5. Management Review
Within each of these sections more detailed issues such as accountability, opera-
tional controls, and auditing are addressed. These general concepts are addressed in
this section, while details about individual management system approaches is
provided in Section 3.
2.1 Management Commitment, Leadership, and Employee Participation

Management commitment, leadership, and employee participation are central to a
management system approach. Different formal management systems approach these
Level I
Policy
Level II
Procedures
Level III
Work Instructions
Level IV
Records & Artifacts
FIGURE 44.6 Management system pyramid.
topics slightly differently, however all address them in some fashion. ANSI/AIHA Z10
addresses this most directly with its first section titled Management Leadership.
In Section 3.1.1, Z10 requires top management to establish implement and maintain an
OSHMS is appropriate to the scale and nature of its organization and OHS risks (8). In
the ILO OHSMS, the first section that provides an overview on OSH management
systems in the organization states that strong leadership and a commitment OSH
activities should be demonstrated by an employer (18). OHSAS 18001 (17) does not
address management commitment or leadership as directly as Z10 or the ILO OHSMS.
In 18001, the requirements for an OHS policy does contain requirements to demon-
strate a commitment to the prevention of injury and ill health and the continual
improvement of OHS management and OHS performance in and organization.
Management commitment may be demonstrated in many ways. Allocation of
sufficient resources for the proper functioning of an OHS program or management
system has been identified as a key variable to measure management commitment.
Other variables are the establishment of organizational structures whereby managers
and employees are supported in their OHS duties and the designation of a management
representative who is responsible for overseeing the proper functioning of the
OHSMS.
2.1.1 Resources, Responsibility, and Authority All management systems contain

language that address resource allocation, responsibility, and authority. Each ad-
dresses this slightly differently, however they generally address the requirements to
provide appropriate financial human an organizational resource the plan, implement,
operate evaluate in review the OHSMS. This also includes defining the organizational
structure that will fulfill on the OHS policy and goals. In the case of ANSI/AIHA Z10,
a unique feature is the guidance to integrate the OHSMS with an organizations

business systems and processes (8).
2.1.2 Employee Participation Employee participation may be demonstrated in

numerous ways. The key issue is that employees have input into OHS considerations,
and that the input is meaningful, valued, and can affect policies and practices. Other
important actions include employee participation in OHSMS development, imple-
mentation, and evaluation activities. Many OHS professionals have identified em-
ployee participation in occupational health and safety management as the variable
essential to successful OHS management and illness/injury reduction. Employee
participation and management commitment are two actions that should be done first
when developing an OHSMS.
2.1.3 OHS Policy An important element often associated with managing com-
mitment and leadership is the OHS policy, which represents the foundation from
which OHS goals and objectives, performance measures, and other system compo-
nents are developed. The OHS policy should be short, concise, easily understood, and
known by all employees in the organization. It can be expressed with seeds from the
organizations mission or vision statements. It is a document that expresses the
organizations OHS values.
The OHS policy should demonstrate senior managements commitment to
OHS, employee participation, allocation of necessary resources, and continual
improvement. The policy should be evaluated periodically as part of the manage-
ment review process. In the case of the OHSAS 18001, the policy language
contains eight specific requirements that include a commitment to the prevention
of injury and ill health, continual improvement, and a commitment to comply with
legal requirements (17).
2.2 Planning
The planning-related elements and requirements in management systems address the
identification and prioritization of OHS risks and the establishment of goals and
objectives that offer opportunities for improvement and risk reduction consistent with
the OHS policy. Readers who are familiar with ISO 14001 (25) are familiar with the
term aspects and significant aspects. These two terms essentially address risk. In OHS
management systems there is not a distinction may between risk and significant risk,
rather this is addressed in terms of prioritizing risks in general.
Planning activities including initial or baseline reviews, risk identification and
verification, establishing objectives and targets, identifying legal and other require-
ments, establishing programs to meet objectives, and in the case of ANSI Z10 the
establishment of an implementation plan. This feature of Z10 is unique. Another
unique feature of Z10 is found in its assessment and prior authorization element that
contains requirements to identify underlying causes and other contributing factors
related to system deficiencies that lead to hazards and risks (8). These requirements
provide the framework for forward-looking root cause analysis.
2.2.1 Initial and Baseline Review Initial and baseline reviews are conducted
when a management system is implemented for the first time. In this initial effort a gap
analysis is performed against the chosen management systems requirements to
determine which elements may be missing. Subsequently ongoing reviews are
conducted at defined intervals to ensure that information generated from OHSMS
activities, such as audits and corrective actions, are used to assess continuing relevance
in the OHSMS planning process.
Many organizations have general operational management systems and related
tools such as lean and six sigma that can be used in this process. It is important to
include OHS element in whatever ongoing analyses conducted by the organization.
Identifying these opportunities should be a part of this initial review.
2.2.2 Risks and Their Prioritization As part of the technical review and man-
agement of any and all OSH hazards within the framework of an OHS management
system, the degree of risks associated with individual activities should be considered
and prioritized. Such a review typically requires some form of prioritized impact
analysis and risk assessment. Many organizations have developed their own risk
assessment matrix that defines the scale of the acceptable risks of the organizations
specific operational environment and assists in the numerical ranking of the organiza-
tions risks. Prioritization helps establish schedules and the allocation of resources. The
assessment of risk as it pertains to occupational and industrial hygiene is summarized
in a White Paper on Risk Assessment and Risk Management published by the
American Industrial Hygiene Association (26).
Such risk assessments should take into consideration the probability of the
exposure event that generally includes consideration of the likelihood and/or fre-
quency of the event. Considered together with the severity or degree of harm that might
be presented by such an exposure event, the risks associated with individual events can
be compared with other possible, likely or frequent events within a likely range of
severity outcomes. Prioritization assures that the most severe events are controlled best
and/or first. After controls are implemented for a range of risks, the remaining residual
risks can be reassessed and additional controls implemented in the spirit of continuous
improvement to further reduce the organizations total OHS risk profile. Such risk
prioritization assures that the organization achieves an acceptable level of risk
reduction.
2.2.3 Legal and Other Requirements OHS management systems require orga-
nizations to identify legal and other requirements that apply to OHS. Examples
include governmental regulations and standards developed by MGOs.
2.2.4 Objectives, Targets, and Program(s) Management system planning activi-

ties include the establishment of OHS objectives and targets. Subsequent plans should
detail specific actions to be taken, those responsible, and the scheduled times for
implementation. While not every identified gap requires such detailed planning they
should be based on significant issues identified by the previously described OHS

hazards and risk assessments, technology options, financial issues, legal/regulatory
requirements, operational and business plans, and the views of interested parties, with
the goal of continual improvement.
A process to collect the data necessary to measure performance against these targets
is required along with establishing a review frequency. Elements with the most
significant potential impact to individuals or the organization generally are the most
frequently reviewed.
2.2.5 Implementation Plans and Allocation of Resources For organizations that

are implementing a management system for OHS for the first time, and especially for
large organizations that may be transitioning from a traditional safety program to a
management system process, the use of a formal implementation planning step such as
outlined in ANSI/AIHA Z10, may be helpful. Implementation plans for all manage-
ment system elements should be developed including defining resources, responsi-
bilities, timeframes, intermediate steps, and appropriate measures of progress for
each. Of these the initial planning and budgeting of resource generally have the most
impact.
The initial expenditure of financial and human resources that must be made before
benefits can be realized are generally the limiting factors in deploying any manage-
ment system element. It is important to establish priorities first without looking at
resources to ensure that risks are evaluated without bias. Only after priorities are
identified should corrective actions be scheduled based upon the availability of
resources. Such a process reduces the potential for any delay of critical improvements
that might be needed to address and prevent potentially imminent and/or high severity
consequences.
2.3 Implementation and Operational Elements

Management system requirements contained in implementation and operational
elements, contain a bundle of activities industrial hygienist will find familiar.
These elements provide the means to fulfill the OHS policy goals and achieve the
objectives from the planning process. The application of these elements systematically
generates experience and knowledge that are fed back to the planning process on an
ongoing basis in order to support continual improvement.
2.3.1 Hierarchy of Controls A central component of operational elements is the

familiar hierarchy of controls. The control of OHS risks within the context of any
progressive OHS management system should be implemented in a manner that best
addresses each risk in consideration of its priority (as discussed in Section 2.2 above).
If possible, the elimination or substitution of the hazardous material or scenario can
sometimes proceed and eliminate the need for such controls. However, in most
instances where controls are necessary, the familiar and well established hierarchy of
controls of occupational and industrial hygiene are, in the order of effectiveness from
high to low, (1) engineering controls, (2) work practice controls, (3) administrative
controls, and (4) personal protective equipment.
2.3.2 Management of Change An increasingly important function within con-

temporary OHS management systems is the management of change (MOC). The
MOC requirements represents a significant advancement in OHS management
science in recent decades. MOC addresses activities that require examining OHS
risks associated with new projects, processes or substances or when existing
operations or processes are modified. Occupational and industrial hygienists should
consider management of change to be an important element of a comprehensive
OSH management system. The extent and complexity of a management of change
process should be consistent with the potential risk of catastrophic failure of the new
or modified process (8, 18).
2.3.3 Education, Training, and Competence Another familiar element associ-

ated with implementation and operational elements is education, training, and
competence. These requirements in OHS management systems provide for consis-
tency across the range of training activities performed in organizations. Training
activities are developed in accordance with the OHS risks and legal and other
requirements identified in the planning process. Formal management systems gener-
ally require that training activities are evaluated for effectiveness. They also address
trainer competence. The end result of these activities is to ensure that workers are
competent to perform their activities in a safe manner.
2.3.4 Emergency Preparedness, Planning, and Response All OHS management

systems contain requirements related to emergency preparedness, planning, and
response. The language between standards is similar. The purpose of these require-
ments is to address risks beyond those identified in the planning process, both natural
and man made that may impact an organization. OHS management system standards
include requirements that emergency response system is tested periodically to ensure
the adequacy. Deficiencies found during tests are evaluated to determine the root cause
of the deviation from expected performance. The corrective actions taken to ensure
future performance can include modification of procedures, training, and/or the OHS
policy.
2.3.5 Communication While intuitive to industrial hygienists, issues related to

communication are addressed within the context of implementation and operational
controls. Guidance and requirements are provided that address the type and timing of
communications to both employees and interested external parties. A unique feature of
ANSI/AIHA Z10 is the requirement to identify and remove barriers to communi-
cation-related activities (8).
2.3.6 Documents and Records Requirements for document and record control are
found in OHS management systems. This includes the use of a controlled system for
required documents. All management system standards contain language on
document and record legibility, accessibility, retention periods, and the management
of obsolete documents.
2.4 Evaluation and Checking

Industrial hygienists are familiar with and trained in sampling, data collection, and
auditing. OHS management system approaches generally address these issues within
sections called evaluation, checking, and/or corrective action. The requirements of
these sections present guidance and requirements for the evaluation and auditing of
implementation and operational element activities. This includes requirements that
came to be applied to either, for instance, pump calibration, ventilation measurements,
and the more qualitative activity of evaluating the OHS policy. There is an acknowl-
edgment that performance measurement and monitoring involves both qualitative and
quantitative measures (18).
2.4.1 Incident Investigation Incident investigation and internal auditing require-

ments are contained in OHS management system standards. Incident investigation
language is familiar to industrial hygienist where the concept of performing root cause
analysis is reinforced. There are recommendations and requirements for conducting
investigations and corrective actions in a timely manner. Some industrial hygienists
may be more familiar with the term accident investigation. This concept has evolved in
general OHS management science as well as OHS management systems to look
further upstream at incidences that may be precursors to actual accidents. This is a
broader context with the understanding that by addressing incidences that more
accidents will be prevented.
2.4.2 Internal Audit All management system standards address the internal audit
of management system elements. Specific requirements vary between different
management systems, however they generally all require that periodic audits be
conducted to evaluate the functioning of the management system. While regulatory
compliance auditing is not excluded from these activities, the focus is on the actual
management system elements beginning with the policy statement, and moving on to
risk assessment, goals and objectives, operational elements, and the auditing function
itself. Later in this chapter specific activities associated with management system
audits is addressed.
2.4.3 Feedback to the Planning Process A unique feature of ANSI Z10 is a

section called feedback to the planning process Section (6.5). In this section of
Z10 is the requirement that a process is in place to ensure that the results of monitoring
and measurement, audits, incident investigation, and corrective and preventive action
are included in the ongoing planning process and management review (8). This
language reinforces a central feature of management systems through the use of
feedback channels and loops. The feedback to the planning process element provides
a nice template for industrial hygienist to use in identifying other areas of industrial
hygiene management where there is value in taking findings in using them to evaluate
policies, procedures, training, and operational controls, etc.
2.4.4 Corrective Action The implementation of corrective action is discussed

within the context of other headings in this chapter. However, a few notes
specifically about corrective action seem appropriate. First, corrective action should
be the final outcome of all measures that anticipate, recognize and evaluate
unacceptable risks. Corrective actions are taken to control unacceptable risks.
Second, corrective actions should be implemented in consideration of the most
effective hierarchy of controls. Corrective actions that are implemented with the
hierarchy in mind are most likely to initially be, and remain, effective. And third,
corrective actions are by their very nature indications of either continual improve-
ment or failures in past control systems and therefore should be implemented with
the knowledge that such controls will need to be checked or audited in the future to
assure that they are indeed achieving the intended control. Indeed, the next section
on Management Review is the annual opportunity provided by sophisticated
management systems to periodically check the efficacy of the comprehensive
OHS management system process.

A key distinguishing feature of a formal OSHMS from daily management is the
inclusion of a detailed and documented management review process. Such reviews
generally assess the continuing OSHMS suitability, adequacy, and effectiveness,
identifying opportunities for improvement and needed changes. Records (e.g.,
meeting minutes) must be maintained for each management review meeting.
These records should document the
. attendee list
. review of EHS policy
. evaluation of compliance with legal and other requirements
. external communications (external interested parties including complaints)
. results of participation and consultation
. performance against goals
. status of incident investigations, corrective and preventative actions
. status of audits
. changing circumstances and future developments
. follow-up actions from previous management review meetings
. decisions and new action items
These records should be maintained and action plan completion tracked to

completion. These management reviews need to be conducted with a frequency
appropriate to the needs of the organization but generally should occur at least
STANDARD OHS MANAGEMENT SYSTEMS 2127
annually. They should include representatives for key affected functional areas and
senior leadership of the organization.
Beyond the management review requirements in all OHSMSs, this activity
provides a powerful vehicle to engage senior management in occupational health
and safety. It also is an important feature of the overall integration of OHS activities in
an organization. Management review provides the opportunity for OHS staff and
senior management time to reflect on the larger goals and expectations of occupational
health and safety activities in the organization.
3 STANDARD OHS MANAGEMENT SYSTEMS
There are over 30 occupational health and safety management systems published
globally. A 1998 study conducted by the ILO identified 31 OHS management systems
in use or development at that time (16). Since then, a few OHS management system
standards have become more prominent than others. With the growing popularity and
use of ISO 14001, the environmental management system standard, the OHSMS that
most directly mirrors it, has become the dominant management system in use
throughout the world. While ISO has not developed an OHSMS as of 2010,
OHSAS 18001:2007 (17) is considered the de facto international OHSMS even
though it is not an ISO standard.
The evolving trend in organizations is the development of an integrated envi-
ronmental health and safety management system (EHSMS) as opposed to a stand-
alone OHSMS. A common approach is the integration ISO 14001, and OHSAS
18001. In the United States and in multinational companies, this integration often
includes ANSI/AIHA Z10 and OSHAs VPP. These four standards, in addition to the
ILO OHSMS are addressed in this section.
Nomenclature. When discussing OHS management systems, it is important to be
clear on the version of the management system under discussion. For instance we can
speak generally about OHSAS 18001, however there have been two versions
published, the most recent in 2007. The correct way of depicting this is OHSAS
18001:2007. In like fashion, there have been several versions of ISO 14001 published
with the most recent being in 2004, thus the correct depiction is ISO 14001:2004.
3.1 OHSAS 18001 and ISO 14001-based Approaches

The BSI first published OHSAS 18001 in 1999 and revised it in 2007 (11, 17). Prior to
its publication, registration organizations in Britain were using BS 8800:1996, but
noted a weakness because it was a should-based standard and thus not truly
auditable. The framework of the environmental management system ISO
14001:1996 was used in the development of OHSAS 18001:1999, with the language
of 18001:1999 being mostly identical to 14001:1996.
As with ISO 14001, OHSAS 18001 has a front end that presents its scope and
definitions. Section 4 that contains six main content forms the OH&S management
system requirements (Table 44.2) (17).
TABLE 44.2 OHSAS 18001:2007 Table of Contents (17)

1 Scope
2 Reference Publications
3 Terms and Definitions
4 OH&S Management System Requirements
4.1 General Requirements
4.2 OH&S Policy
4.3 Planning
4.3.1 Hazard Identification, Risk Assessment, and Determining Controls
4.3.2 Legal and Other Requirements
4.3.3 Objective, Targets, and Programme(s)
4.4 Implementation and Operation
4.4.1 Resources, Roles, Responsibility, Accountability, and Authority
4.4.2 Competence, Training, and Awareness
4.4.3 Communication, Participation, and Consultation
4.4.3.1 Communication
4.4.3.2 Participation and Consultation
4.4.4 Documentation
4.4.5 Control of Documents
4.4.6 Operational Control
4.4.7 Emergency, Preparedness, and Response
4.5 Checking
4.5.1 Performance Measurement and Monitoring
4.5.2 Evaluation of Compliance
4.5.3 Incident Investigation, Nonconformity, Corrective Action, and Preventive Action
4.5.3.1 Incident Investigation
4.5.3.2 Nonconformity, Corrective Action, and Preventive Action
4.5.4 Control of Records
4.5.5 Internal Audit
4.1. General requirements

4.2. OH&S policy
4.3. Planning
4.4. Implementation and operation
4.5. Checking
4.6. Management review
Section 4.2 addresses OH&S Policy. In the case of ISO 14001, Section 4.2
addresses environmental policy. The OHSAS 18001:2007 policy language states
that (29)
Top management shall define and authorize the organizations OH&S policy and ensure
that within the defined scope of its OH&S management system it
1. is appropriate to the nature and scale of the organizations OH&S risks;

2. includes a commitment to prevention of injury and ill health and continual
improvement in OH&S management and OH&S performance;
3. include a commitment to at least comply with applicable legal requirements to
which the organization subscribes that relate to its OH&S hazards;
4. provides the framework for setting and reviewing OH&S objectives;
5. is documented, implemented and maintained;
6. is communicated to all persons working under the control of the organization
with the intent that they are made aware of their individual OH&S obligations;
7. is available to interested parties; and
8. is reviewed periodically to ensure that it remains relevant and appropriate to the
organization.
OHSAS 18001 is not an ISO standard, rather it is an OHSMS standard published by

BSI. With the use of the numerical designation 18001, confusion often exists with
people thinking OHSAS 18001 is an ISO standard. This standard has become the
dominant OHSMS approach in use in many parts of the world. It is common for
organizations to receive OHSAS 18001 conformance certificates along with their ISO
14001 certifications from the same registrar.
While the 18001 standard is dominant in the OHS marketplace, up to the point of its
revision in 2007, it received criticism because its development history was viewed as
insular to registration agencies and its weakness in the area of employee participation.
The 2007 revision included wider stakeholder participation, but remained dominate to
registration bodies.
Prior to the publication of OHSAS 18001:1999, organizations were already
beginning to integrate OHS activities into the ISO 14001:1996 framework. This
was done, and continues to be done in two ways. The first, and easiest is to declare OHS
to be an environmental aspect, and thus subject it to the requirements of 14001 as a part
of considerations of the environment. To understand how this actually works, it is
important to study the environmental aspect portions of the ISO 14001 standard.
. Environmental aspect is: [An] element of an organizations activities or

products or services that can interact with the environment.
. Significant environmental aspect . . . has or can have a significant environ-
mental impact.
. Environmental impact is: any change to the environment, whether adverse or
beneficial, wholly or partly resulting from an organizations environmental
aspects. (25)
It is up to the organization to define environment and to do an aspect analysis.

Thus, it is a simple matter for an organization, at its discretion, to include occupational
health and safety as an environmental aspect. Thus, in this approach, the specifications
of ISO 14001 are followed, and are applied to occupational health and safety.
The second way, as done with OHSAS 18001, is to overlay an OHS specific
requirement on the EMS using an OHS system such as BS 8800. Thus, the OHS
specific words are used in the ISO 14001 format. The wording and specifications of BS
8800 are used in place of those of ISO 14001, while retaining the compatible format.
This appears to be a reasonable strategy, although the wording and thus the require-
ments of BS 8800 are much more extensive than those of ISO 14001 despite the same
format being used. However, it should be noted once again that BS 8800 uses the word
should throughout, rather than the stronger shall.
3.2 The ILO Occupational Safety and Health Management System

The International Labor Organization (ILO) began its OHS management system
development activities shortly after ISO elected not to pursue development activities
in this area in late 1996. The ILOs SafeWork division lead the agencys effort with the
initial step of contracting a research study with the International Occupational
Hygiene Association on OHS and environmental management systems in use or
development in the late 1990s (16). With the study findings in hand, the ILO formed a
21 person-working group of experts to develop the standard that followed its tripartite
structure with 7 experts each from government, labor, and industry. The working group
efforts culminated with a two week meeting in 2001 in Geneva where the standard
primarily written (27).
As with OHSAS 18001 and ISO 14001, the ILO OHS management system standard
has front-end sections that address scope and context issues, with the meat of the
standard contained in Section 3, organized within five sections.
. Policy
. Organizing
. Planning and Implementation
. Evaluation
. Action for Improvement
A complete outline of Section 3 is found in Table 44.3. A unique feature of the

ILOs OHSMS front end is Section 2 that contains a model that governments or
nation-state standards developers can follow in the development of OHSMS
standards unique to individual countries or industries. This section is titled A
national framework for occupational safety and health management systems.
A schematic of this structure is show in Figure 44.7.
Strictly speaking, the ILO OHSMS is not an auditable standard, but rather it is a
guideline with recommends. It contains a mixture of should and shall-based
clauses that makes auditing it difficult. Its use in third-party certification schemes is not
precluded, but its introduction states that its application does not require
certification.
As with OHSAS 18001 and ISO 14001, the policy statement in the ILO OHSMS is a
central component that sets the context for the standard. Within the ILO OHSMS
TABLE 44.3 ILO OHSMS:2001 Table of Contents

Policy
3.1 OSH Policy
3.2 Worker Participation
Organizing
3.3 Responsibility and Accountability
3.4 Competence and Training
3.5 OSH Management System Documentation
3.6 Communication
Planning and Implementation
3.7 Initial Review
3.8 System Planning, Development, and Implementation
3.9 OSH Objectives
3.10 Hazard Prevention
3.10.1 Prevention and Control Measures
3.10.2 Management of Change
3.10.3 Emergency Prevention, Preparedness, and Response
3.10.4 Procurement
3.10.1 Contracting
Evaluation
3.11 Performance Monitoring and Measurement
3.12 Investigation of Worker-Related Injuries, Ill Health, Disease and Incidents and Their
Impact on Safety and Health Performance
3.13 Audit
Action for Improvement
3.15 Preventive and Corrective Action
3.16 Continual Improvement
ILO guidelines
on
OSH-MS
National
OSH-MS
guidelines
in
on OSH-MS
organizations
Tailored
guidelines
on OSH-MS
FIGURE 44.7 The ILO framework schematic.

policy element there are recommendations for both the policy statement and worker
participation (18).
3.1.1. The employer, in consultation with workers and their representatives, should set
out in writing an OSH policy, which should be
(a) specific to the organization and appropriate to its size and the nature of its
activities;
(b) concise, clearly written, dated, and made effective by the signature or
endorsement of the employer or the most senior accountable person in
the organization;
(c) communicated and readily accessible to all persons at their place of work;
(d) reviewed for continuing suitability;
(e) made available to relevant external interested parties, as appropriate.
3.1.2. The OSH policy should include, as a minimum, the following key principles and
objectives to which the organization is committed:
(a) Protecting the safety and health of all members of the organization by
preventing work-related injuries, ill health, diseases and incidents;
(b) Complying with relevant OSH national laws and regulations, voluntary
programs, collective agreements on OSH and other requirements to which
the organization subscribes;
(c) Ensuring that workers and their representatives are consulted and encour-
aged to actively participate in all elements of the OSH management system;
(d) continual improvement in performance of the OSH management system.
3.1.3. The OSH management system should be compatible with or integrated in other
management systems in the organization.
Several key themes contained in the policy statement are carried throughout the
ILO OHSMS include the (1) involvement and consultation of workers and their
representatives and (2) compatibility and ability to integrate the OHSMS with
management systems in the organization (18).
Two key principles in formal management approaches are (1) Management
Leadership and Commitment and (2) Employee/Worker Participation (8, 18). An
analysis of the various formal management system approaches reflects varying
emphasis of these two areas. The ILO OHSMS reflected an evolution from
OHSAS 18001:1996 in strengthening and emphasizing these area. Section 3.2 on
worker participation states (18)
3.2.1. Worker participation is an essential element of the OSH management system in

the organization.
3.2.2. The employer should ensure that workers and their safety and health represen-
tatives are consulted, informed and trained on all aspects of OSH, including
emergency arrangements, associated with their work.
3.2.3. The employer should make arrangements for workers and their safety and health
representatives to have the time and resources to actively participate in the
processes of organizing, planning and implementation, evaluation, and action for
improvement of the OSH management system.
3.2.4. The employer should ensure, as appropriate, the establishment and effi-
cient functioning of a safety and health committee and the recognition of workers
safety and health representatives, in accordance with national laws and practice.
Throughout the ILO OHSMS document, examples are found where strong worker
participation is encouraged or required.
Section 3 of the ILO OHSMS starts with a robust statement regarding the
importance of strong management leadership and commitment to occupational safety
and health, where it states (18)
3.0 Occupational safety and health is the responsibility and duty of the employer,
including compliance with the OSH requirements pursuant to national laws and
regulations. The employer should show strong leadership and commitment to OSH
activities in the organization, and make appropriate arrangements for the estab-
lishment of an OSH management system. The OSH management system should
contain the main elements of policy, organizing, planning and implementation,
evaluation and action for improvement.
The ILO OHSMS Section 3.10.1 titled Prevention and control measures presents
and reinforces the importance of the traditional hierarchy of controls used by industrial
hygienists.
Robust recommendations on the management of change, contracting, and pro-
curement issues are found in the ILO OHSMS. The ILOs recommendations on the
Management of Change are (18) as follows:
3.10.2.1. The impact on OSH of internal changes (such as those in staffing or due to
new processes, working procedures, organizational structures or acquisitions)
and of external changes (e.g., as a result of amendments of national laws and
regulations, organizational mergers and developments in OSH knowledge and
technology) should be evaluated and appropriate preventative steps taken
prior to the introduction of changes.
3.10.2.2. A workplace hazard identification and risk assessment should be carried out
before any modification or introduction of new work methods, materials,
processes, or machinery. Such assessment should be done in consultation with
and involving workers and their representatives and the safety and health
committee, where appropriate.
3.10.2.3. Implementation of a decision to change should ensure that all affected
members of the organization are properly informed and trained.
An important contribution the ILO OHSMS made to the evolution of formal

management systems was with contracting. Several advances include the recommen-
dation that OHS criteria be included in contractor section, arrangements for reporting,
and regular monitoring of contractor activities on site. The ILOs language states (18)
3.10.5.1. Arrangements should be established and maintained for ensuring that the
organizations safety and health requirements, or at least the equivalent, are
applied to contractors and their workers.
3.10.5.2. Arrangements for contractors working onsite should

(a) include OSH criteria in procedures for evaluating and selecting
contractors;
(b) establish effective ongoing communication and coordination between
appropriate levels of the organization and the contractor prior to com-
mencing work. This should include provisions for communicating
hazards and the measures to prevent and control them;
(c) include arrangements for reporting of work-related injuries, ill health,
diseases and incidents among the contractors workers while performing
work for the organization;
(d) provide relevant workplace safety and health hazard awareness and
training to contractors or contractor workers prior to commencing
work and as work progresses, as necessary;
(e) monitor regularly OSH performance of contractor activities on site;
(f) ensure that site OSH procedures and arrangements are followed by the
contractor(s).
3.3 ANSI/AIHA Z10

ANSI/AIHA Z10 is an OHSMS voluntary consensus standard developed by a diverse
group of experts from labor, government, professional organizations and industry in
the United States (8). It was developed to fill a gap in standards applicable to the
particular regulatory and labor relation framework in the United States, and to serve as
potential U.S. input to any future ISO international standard. To these ends, particular
emphasis is given to the areas of management of change, employee participation, and
leadership accountability.
ANSI/AIHA Z10 was developed using and expanding on contemporary national
and international standards, guidelines and practices in place in the early 2000s. It
generally follows a traditional ISO format and is compatible with quality and
environmental management system standards as well as with principles adopted
by the ILO to encourage integration with other business management systems. The
standard includes appendices with model program and policies intended for easy use
by organizations without large OHS resources.
The standard is written using a two-column format with the left containing
mandatory requirements of the standard and the right containing recommended
program elements. This format is designed to help answer many of the questions
that arise in specification standards by providing examples and guidance alongside of
required elements.
As with OHSAS 18001 and the ILO OHSMS, ANSI/AIHA Z10 contains front-end
sections that define its scope and application as well provides context. The core of the
standard is contained in Sections 3 through 7:
3.0 Management Leadership and Employee Participation

4.0 Planning
6.0 Evaluation and Corrective Action

A detailed list of the standards content is found in Table 44.4 and depicted in
Figure 44.8. The Z10 standards development did not have an eye toward use in a
certification scheme, nor was its intent to be included in one. However, it is a shall-
based standard that does provide the ability for use in rigorous auditing.
As with the ILO OHSMS, the ANSI/AIHA Z10 standard reinforces of the
importance of strong management leadership and employee participation.
Section 3 highlights this, stating (8)
TABLE 44.4 ANSI/AIHA Z10: 2005 Table of Contents

1.0 Scope, Purpose, and Application
2.0 Definitions
3.0 Management Leadership and Employee Participation
3.1 Management Leadership
3.1.1 Occupational Health and Safety Management System
3.1.2 OHS Policy
3.1.3 Responsibility and Authority
3.2 Employee Participation
4.0 Planning
4.1 Initial and Ongoing Reviews
4.1.1 Initial Review
4.1.2 Ongoing Review
4.2 Assessment and Prioritization
4.3 Objectives
4.4 Implementation Plans and Allocation of Resources
5.1 OHSMS Operational Elements
5.1.1 Hierarchy of Controls
5.1.2 Design Review and Management of Change
5.1.3 Procurement
5.1.4 Contractors
5.1.5 Emergency Preparedness
5.2 Education, Training, and Awareness
5.3 Communication
5.4 Document and Record Control Process
6.0 Evaluation and Corrective Action
6.1 Monitoring and Measurement
6.2 Incident Investigation
6.3 Audits
6.4 Corrective and Preventive Actions
6.5 Feedback to the Planning Process
7.1 Management Review Process
7.2 Management Review Outcomes and Follow-Up
Continual
Improve improvement Reduce
employee H&S hazards
productivity risks
satisfaction 3.0 Policy management incidents
image leadership and employee comp costs
participation lost time
Plan
Act
7.0 Management
4.0 Planning
review
Check
5.0 Implementation Do
and operation
6.0 Checking and
corrective action
FIGURE 44.8 ANSI/AIHA Z10 diagram.
3.1. Management Leadership

3.1.1. Occupational Health and Safety Management System
Top management shall direct the organization to establish, implement and
maintain an OHSMS in conformance with the requirements of this standard that
is appropriate to the nature and scale of the organization and its occupational
health and safety risks.
3.1.2. OHS Policy
The organizations top management shall establish a documented occupational
health and safety policy as the foundation for the OHSMS. This policy shall
include a commitment to
A. protection and continual improvement of employee health and safety;
B. effective employee participation;
C. conformance with the organizations health and safety requirements; and
D. Compliance with applicable laws and regulations.
The policy shall be made available and communicated to employees, dated, and
signed or otherwise officially authorized and endorsed by top management.
3.1.3. Responsibility and Authority
Top management shall provide leadership and assume overall responsibility for
A. implementing, maintaining, and monitoring performance of the OHSMS;
B. providing appropriate financial, human and, organizational resources to
plan, implement, operate, check, correct and, review the OHSMS; and
C. defining roles, assigning responsibilities, establishing accountability, and
delegating authority to implement an effective OHSMS for continual
improvement, and
D. integrating the OHSMS into the organizations other business systems and
processes.
Employees shall assume responsibility for aspects of health and safety over which
they have control, including adherence to the organizations health and safety rules
and requirements.
3.2. Employee Participation The organization shall establish and
implement processes to ensure effective participation in the OHSMS by
its employees at all levels of the organization, including those working
closest to the hazard by
A. providing employees and employee representatives, with the mechanisms, time
and resources necessary to participate in, at a minimum, the processes of
. planning (4.0);
. implementation (5.0);
. evaluation, corrective and preventive action (6.0).
B. providing employees, and employee representatives, with timely access to

information relevant to the OHSMS; and
C. identifying and removing obstacles or barriers to participation.
Significant with this standard is the language used regarding employee participation.
Both the Policy (3.1.2.B.) and Employee Participation (3.2) require effective
participation in the organizations OHS management system (8). The employee
participation requirements continue with the requirement for identifying and remov-
ing obstacles or barriers to participation. In these instances, similar language is not
found in OHSAS 18001:2007 or the ILO OHSMS (8,17, 18).
A requirement to perform hazard/risk assessment is a cornerstone of OHS
management system approaches. The ANSI/AIHA Z10 standard states in Section
4.2, titled Assessment and Prioritization, that (8)
The organization shall establish and implement a process to assess and prioritize the
OHSMS issues identified in 4.1.
The process shall
A. assess the impact on health and safety of OHSMS issues and assess the level of
risk for identified hazards;
B. establish priorities based on factors such as the level of risk, potential for system
improvements, standards, regulations, feasibility, and potential business con-
sequences; and
C. identify underlying causes and other contributing factors related to system
deficiencies that lead to hazards and risks.
There are two unique features in how Z10 addresses this issue. The first is the use of
the term OHSMS issues, which are defined as hazards, risks, management system
deficiencies and opportunities for improvement. This approach thus concisely
addresses the importance of looking for system deficiencies and opportunities for
improvement when performing assessments. Second, is the requirement in 4.2.C. to

identify underlying causes and other contributing factors related to system deficien-
cies that lead to hazards and risks (8). This is a powerful requirement that in essence
means that the initial steps of a root cause or fault tree-like analysis needs to be done
when assessing OHS hazards and risks. This requirement is not found in other OHS
management system approaches.
The role of documentation is a significant issue in OHS management system
approaches with critics of the ISO-based management systems asserting they require
too much documentation. During its development process, the Z10 committee was
cognizant of, and discussed this issue. The outcome was to not require as extensive
documentation as found in OHSAS 18001 or ISO 14001, but rather require it for five
key elements. These are
. Policy3.1.2
. Objectives4.3
. Implementation Plan4.4.A
. Audits6.3
. Management Reviews7
A unique feature of Z10 is the requirement that implementation plans must be

documented. Section 4.4, titled Implementation Plans and Allocation of Resources,
states (8)
The organization shall

A. establish and implement a documented implementation plan for achieving the
objectives. The plan(s) shall define resources, responsibilities, timeframes,
intermediate steps, and appropriate measurements of progress; and
B. assign resources to achieve the established objectives of the implementation
plans.
Another unique feature, similar to the requirement to identify underlying causes

. . . for hazards and risks during assessments, is the requirement in 4.4.A that
intermediate steps be defined in the documented implementation plan.
With the changing nature of workforces and organizational structures, the role of
managing OHS issues associated with contractors in organizations has taken on
greater importance. The Z10 standard provides direction on this issue, stating in
Section 5.1.4 that (8)
The organization shall establish and implement processes to identify, evaluate, and
control potential health and safety risks:
A. To the organizations employees from contractors planned and unplanned

activities, operations and materials on the organizations premises.
B. To the contractors employees from the organizations activities and operations.
This process shall include appropriate contractor health and safety performance criteria.
On multi employer work sites, the organization shall implement a process for coordi-
nating the relevant portions of its OHSMS with that of other applicable organizations.
The Z10 standard is unique in its requirement for the coordination of OHSMSs on
multiemployer work sites, and in its requirement, stated in Section 5.2.A. that the
organization shall establish processes to define and assess the OHSMS competence
needed for employees and contractors. (8)
Continuing to reinforce the importance of employee participation and input to OHS
management, Z10 Section 5.3 on communication states that
The organization shall establish and implement processes to
A. communicate information about the OHSMS and the implementation plan

progress with affected levels of the organization;
B. achieve prompt employee reporting of work-related injuries, illnesses, incidents,
and hazards and risks;
C. encourage employees to make recommendations regarding possible hazard
control and reporting procedures; and
D. identify and remove barriers to all of the above.
Significant in this language is the requirement to identify and remove barriers to all
of the above. Language like this is not found in other OHS management system
approaches and reinforces for OHS professionals and organizations a central compo-
nent of successful OHS management.
Possibly the most unique and important section in ANSI/AIHA Z10 is Section 6.5,
titled Feedback to the Planning Process, which states that (8)
The organization shall establish and maintain processes to ensure that the results of
monitoring and measurement, audits, incident investigation and corrective and preven-
tive actions are included in the ongoing planning process (Section 4.1.2), and the
management review (Section 7).
On the surface this requirement may not seem significant, but at its core, it points to
the fundamental difference between a systems-approach versus a traditional program-
matic-approach to OHS management, namely the role of information feedback loops.
With feedback loops there is an opportunity to learn and continually improve an
organizations OHS functions.
In general, OHS management systems do not include requirements on how often a
given activity should take place. Terms such as regular and periodic are used,
and it left to the standard-user to define the actual timing of activities. In ANSI/AIHA
Z10, the frequency is an exception. The Z10 Management Review section states
that (8):
The organization shall establish and implement a process for top management to review
the OHSMS at least annually, and to recommend improvements to ensure its continued
suitability, adequacy, and effectiveness.
Unique here is the requirement that Management Review of an organizations

OHSMS be conducted at least annually. A requirement of a specific activity such as
this is not found in other OHS management system approaches.
Aside from its value in presenting a robust OHS management system, the Z10
standard provides robust guidance in recommendations throughout the standard in its
right-hand column as well as in its annexes. The 11 annexes provide examples and
implementation guidance for key sections of the standard.
Annex A Policy Statements (Section 3.1.2)

Annex B Roles and Responsibilities (Section 3.1.3)
Annex C Employee Participation (Section 3.2)
Annex D Initial/Ongoing Review (Section 4.1)
Annex E Assessment and Prioritization (Section 4.2)
Annex F Objectives/Implementation Plans (Sections 4.3 and 4.4)
Annex G Hierarchy of Control (Section 5.1.1)
Annex H Incident Investigation Guidelines (Section 6.2)
Annex I Audit (Section 6.3)
Annex J Management Review Process (Sections 7.1 and 7.2)
Annex K Bibliography and References
3.4 The OSHA Voluntary Protection Program

The Voluntary Protection Program is a government-based management system
approach managed by the OSHA in the United States. Numerous state-operated
OSHA programs have developed state-operated VPPs. This program contains several
components, including the actual VPP approach language and a certification scheme
operated by OSHA. The term VPP approach language is used instead of standard
since in OSHA nomenclature, the VPP is not a standard, but in the context of
discussing other management system approaches such as 18001, the ILO approach
and Z10, one can think of VPP as an OHSMS standard.
The VPP approach began in California in the late 1980s as the result of regulatory
actions at the San Onofre power generating facility. It has evolved to represent the most
comprehensive OHS management system approach within OSHA and encompasses
elements of other systems approaches in OSHA, such as the 1989 OSHA VPP
Guidelines (5), Consultations SHARP/form 33 (28), the now defunct
Performance Evaluation Profile (PEP) (29), and the draft OHS program standard (13).
For certification, the OSHA VPP site inspection team verifies OHS program
adequacy in the following six areas (6):
1. Management Commitment and Planning

2. Work site Analysis
3. Hazard Prevention and Control

4. Safety and Health Training
5. Employee Involvement in Program Evaluation
6. Annual Evaluation of Safety and Health Program
The site review team balances all available site information, including employee
interviews, to determine if systematic management procedures that address hazard
assessment, prevention and control are being effectively implemented. The site
inspection teams findings are reviewed by OSHA management personnel who,
typically were not involved with the on-site review. This Administrative Review is
last step in the process. Those companies that satisfy the above requirements become
VPP Participants (30).
The firms management receives a letter from the Assistant Secretary of Labor
congratulating them on being awarded VPP status. Furthermore, these companies are
rewarded by receiving immunity from programmed OSHA inspections. OSHA may
still inspect VPP sites in response to employee complaints, fatalities, significant
chemical releases or catastrophes. Most sites are reevaluated every three years to
ensure they are continuing good management practices and following the VPP
requirement.
There is a hierarchy of VPP achievement recognition, with the designations Star,
Merit, and Demonstration. Sites awarded Star status generally have safety and health
programs that are recognized as comprehensive and effective. The Merit designation is
provided to those work sites with the potential to be Star but may have some minor
health and safety program elements to be corrected. For example, OSHA may elect to
give Merit status to a company with an overall good health and safety program but
whose illness and injury rates have yet to drop below national averages. The third
award is the Demonstration designation. Demonstration status may be awarded to
companies that are not construction or general industry oriented, such as maritime or
agriculture businesses. Merit and Demonstration sites receive annual onsite
inspections (6).
The VPP criteria contain a number of best practices that can lead to superior safety
and health performance. Certain elements are strong such as employee involvement.
Other elements that would make it a complete management system are weaker such as
management review and continual improvement aspects. OSHAVPP gets employees
involved in safety and health management unlike traditional OSHA approaches.
3.5 Early Management System Approaches

A review of the following OHS management system approaches is included for
historical purposes. They represented approaches developed in the 1990s or earlier. In
some areas they are still significant, but have in general been de-emphasized with the
development of OHSAS 18001, the ILO OHSMS, and ANSI/AIHA Z10. Reviewed
here are BS 8800 (12), the AIHA OHSMS (14), the ISRS (3), and the National
Occupational Safety Associations (NOSA) Five Star system (31).
3.5.1 British Standard BS 8800 The British have been leaders in the development
of management system standards and approached. British standards 5750 and 7750,
respectively influential to the development of ISO 9001 and 14001. In 1991, the British
HSE published a document titled Successful health and safety management
(HSG 65) to provide OHS management guidance to organizations (32). In 1996,
the BSI published the OHS management system, BS 8800. It was revised in 2004 to
update it with revisions made to ISO 14001:2004 and harmonize it with OHSAS
18001:1999.
At the time BS 8800 was being developed, ISO was in the process of developing ISO
14001. Thus, the BS 8800 contents are arranged in two different ways. One is based on
ISO 14001 Draft International Standard (DIS) and the other is based on the HSG 65.
Both arrangements contain the same language, with the only difference being in the
organization. The ISO/DIS 14001 approach is aimed at organizations already with, or
that is seeking ISO 14001 registration.
One difficulty with BS 8800 is that, because of initial opposition to making it an
auditable, all potentially auditable phrases contain the word should. Should is, in
management system standards, usually reserved for guidance documents. Phrases
containing the word should are usually not auditable. Shall, which is normally
used for auditable phrases, is not to be found in BS 8800.
The annexes of BS 8800 are useful for the development and operation of OHS
management systems. The annexes are (12)
. Annex A. Shows the links between BS 8800:1996 and ISO 9001:1994. This is
provided to assist organizations who are operating or plan to operate the ISO
9001 international quality management systems standard and who want to
integrate OH&S into their existing/planned management system. (This thinking
closely parallels that of the AIHA OHSMS, below.)
. Annex B. Organizing an OHS management system
. Annex C. Planning and implementing an OHS management system
. Annex D. Risk assessment
. Annex E. Measuring performance of OHS management systems
. Annex F. Auditing methods for OHS management systems
The Risk Assessment annex is one of the most useful. In this annex, risks are
qualitatively categorized as going from Trivial to Intolerable, and actionable strategies
are linked to each category. This approach avoids the highly controversial quantitative
risk analysis models in favor of a system that appears to be readily useable as part of an
OHS management system.
3.5.2 AIHA OHS Management System The AIHA published an OHS manage-
ment system in 1995 that was based on ISO 9001:1994 (15). The core of this document
was developed by researchers at the University of Michigan (23, 3941). With the
development of ANSI/AIHA Z10, the decision was made to not update the AIHA
CONFORMITY ASSESSMENT 2143
OHSMS when ISO 9001 was revised in 2000. Thus, while important in the context of
the historical development of OHS management systems standards, the AIHA
OHSMS is arcane and generally not used in organizations.
3.5.3 ISRS and NOSA The ISRS and the similar NOSA five star safety and health
management system were pioneers and early leaders in the development and imple-
mentation of safety management systems (3). The first system broadly applied to
safety management was the ISRS as developed by Frank E. Bird, Jr. in 1976. It was
marketed jointly by his International Loss Control Institute and the Industrial Accident
Prevention Association (3, 33). The roots of the ISRS was a study conducted earlier by
Frank E. Bird, Jr. and George I. Germain of accidents in the steel industry while
employed by the Insurance Company of North America (INA). The system was best
known for its loss causation model, and served as an early audit-based system
documentation process that focused on compliance assurance with specified stan-
dards. This system is now in Version 7 as the proprietary product of Det Norske Veritas
(DNV) who purchased ILCI in 1991.
The NOSA organization in South Africa published the NOSA Five Star Safety and
Health Management System based on 150,000 safety surveys of mines and other
industries (34). The original NOSA system was quite similar to Frank Birds ISRS. In
1984, NOSA revised its system to include a continual improvement element for
environmental affairs and now includes a section on ISO 14001:1996 (16). NOSA
continues to serve as an important third-party auditor organization primarily to assure
core safety requirements among South African mining companies.
4 CONFORMITY ASSESSMENT
Conformity assessment refers to the activities associated with determining formally

and informally whether an implemented management system conforms to a formal
OHS management system standard, such as ANSI/AIHA Z10 or OHSAS 18001, or a
protocol unique and internal to an organization. Conformity assessment deals with the
activities associated with determining how well a given system approach has been
implemented in an organization, this primarily includes auditing and the certification
activities.
A formal definition for conformity assessment is (35)
The determination of whether a product or process conforms to particular standards or

specifications. Activities associated with conformity assessment include testing, certifi-
cation, and quality assurance.
It is important to understand and consider conformity assessment issues and how

they relate to management systems because they are central to strategy considerations
regarding the rational for implementing and measuring the performance of a man-
agement system.
A common misconception about management systems is the belief or understand-

ing that pursuing or implementing a management system necessarily means that
registration or certification must also be pursued. This is not the case. While many
organizations do pursue certification, many do not. Making the distinction between a
management system and conformity assessment activities can reduce unnecessary
confusion.
The National Research Council has developed a conformity assessment model that
has three levels:
. Primary LevelAssessment
. Secondary LevelAccreditation
. Tertiary LevelRecognition
The primary level represents measurement and auditing activities. Workplace air
sampling or safety surveys are examples of assessment activities, as are management
system audits. The secondary level, addresses the formal qualifications of the entities
performing primary level activities and the bodies that provide confirmation of the
qualifications. An example is with Certified Safety Professionals (CSP) or Certified
Industrial Hygienists (CIH) who perform workplace assessments. The CSP and CIH
designations are given respectively by the Board of Certified Safety Professionals
(BCSP) and the American Board of Industrial Hygiene (ABIH). The certification
function performed by the BCSP and ABIH represent secondary level activities.
With management system certification, registrars perform audits, a primary
level activity, and accreditation agencies, accredit the registrars to perform the
registration audits. Finally, an example of tertiary level recognition is found in
OSHA regulations that require certain activities be performed by CSPs or
CIHs (36). With management systems, recognition is given by regulatory agencies
who might give organizations with a certified OHSMS some sort of regulatory relief,
as with the OSHA VPP.
5 MANAGEMENT SYSTEM AUDITING
Auditing is a central activity performed by industrial hygienists as part of the

anticipationrecognitionevaluationcontrol continuum. Traditional industrial hy-
giene audits are often performed to determine regulatory compliance or in response to
litigation.
Management system auditing has evolved since the issuance of ISO 9001, ISO
14001, and the range of OHS management systems in this chapter. These audits are
more qualitative than traditional compliance audits. It is important that industrial
hygienists performing management system audits have training in this type of auditing
since it requires an expanded skill-set from compliance auditing. For example, there is
greater emphasis on conducting interviews and interpretation of documents that
require the auditor to make assessments and judgments that go beyond simply
following a checklist.
MANAGEMENT SYSTEM AUDITING 2145
Auditing standards unique to ISO 9001:1987 and 14001:1994 were initially

published along with them. In 2002, ISO published ISO 19001:2002 that presents
a combined auditing standard for quality and environmental management sys-
tems (37). Industrial hygienists can use ISO 19001 for guidance on OHSMS auditing
in the areas of (1) managing an audit program, (2) audit activities, and (3) compe-
tence and evaluation of auditors.
A key concept in management system auditing is the collection of objective
evidence by competent personnel. There are typically three types of evidence used
to make audit assessments: visual observations, information from interviews with
workers and managers, and documentation. For a given issue, the extent that there is
confluence between these three types of evidence, leads to strength in the findings.
Defining auditor competency is not straightforward, with a range of views on how to
define competency. At a minimum, auditors should have technical expertise in the
areas that they are auditing and should have training in auditing itself. The skill set
needed to perform OHS management system audits goes beyond the core quantitative
training of industrial hygiene to include more qualitative survey research and
communication skills.
5.1 Audit Types

There are two dimensions upon which audit types can be characterized. The first
dimension deals with who performs the audit. There are typically three types of audits
on this dimension: first-, second-, and third-party audits. The second dimension deals
with what is being audited. There are also typically three types of audits on this
dimension: compliance to regulations; conformance to a management system; or
conformance to non-governmental standards or guidelines to which the organization
subscribes. There are also hybrid models where audit teams contain both external and
internal auditors, and where compliance and management system audits are conducted
at the same time.
5.1.1 First PartyInternal Audits First-party audits refer to audits that are
conducted internally within an organization by members of the organization.
Many companies have robust internal audit programs that assess both regulatory
compliance and conformance with nongovernmental standards or management
systems.
Internal audits should be conducted by personnel who are technically competent,
have audit training, and are capable of making unbiased and independent assessments.
Internal auditors should not have direct responsibility for activities at the site being
audited. This is essential in order to maintain audit integrity and independence. An
internal audit will generally assemble several individuals who are experienced within
their respective disciplines and who may even know the facility and its operations. The
audit team should be sufficiently large and broad to adequately address all the
anticipated issues. When working with teams drawn from internal sources only,
this can sometimes be difficult to achieve. Every audit also requires deft team
leadership and communication, skills that may be difficult for an internal person
to obtain or keep current if they do not audit on a regular basis. Lead auditors should
have training in leading audits. Governmental bodies and for-profit organizations are a
source for compliance and management system auditing training.
There are distinct advantages to the organization for using an internal audit team.
The out-of-pocket costs associated with an internal program can be lower than an
external program, though the time commitment internal auditors must make to the
program does have a significant impact for the organization. Participating on audits
provides an excellent way to upgrade regulatory knowledge, and technical and
leadership skills. Robust audit programs allow for the development and sharing of
best practices within the organization. Once auditors have completed their work,
they return to their respective sites and, hopefully, implement best practices or
program improvements they have recently seen on an audit. On the other hand,
unless the organization empowers the internal auditing function with the authority
to clearly identify all issues, and sets the expectation that senior management will
respond to these issues, some internal programs may lack the impact of an externally
run program.
5.1.2 Second- and Third-Party External Audits These audits are conducted by
personnel who are not members of the organization that is being audited. In the case of
second-party audits, within a supply chain, a customer performs an audit of a
supplier. Second-party audits are common in the quality management circles
(e.g., ISO 9001), but are not as common in the OHS area. Third-party audits refer
to audits performed by people independent of the organization being audited. These
are typically performed by consultants, and in the management system arena, by what
are called, third-party-registrars. Third-party audits are common in the management
system arena.
There are several advantages to using external auditors. First, it should provide
access to highly qualified individuals best suited to evaluate the site and its unique
operations. Second, there should be fewer time and resource issues that plague internal
audit programs because auditors are not being pulled off an already full work schedule.
Finally, a report from an unbiased outside firm has the advantage of being perceived as
presenting the true picture as it lacks local biases.
Organized labor concerns about external auditors, if any, need to be addressed. A
concern that can surface is the potential bias that external auditors may not report bad
findings for fear of losing future work with the organization. This concern can be
addressed by using credible third-party auditors who hold themselves to a high level of
ethical conduct.
5.1.3 Hybrid Approaches Audit programs in some organizations use hybrid audit
teams that include both internal-company representatives and external consultants.
This approach yields benefits with deep organizational understanding from the
internal team members and auditing and external expertise from the consultant.
An increasing trend has also been to combine compliance and management system
audit functions, thus auditing both at the same time. Caution should be taken to ensure
that neither is diluted when combined.
5.2 Audit Scope and Goals

Whether an audit is conducted by internal personnel or an external second- or third-
party, there must be clarity on the audit scope and goals. The audit process should not
start until clear objectives have been established along with a commitment to take
action on all identified gaps. In the case of achieving certification to OHSAS 18001 or
ANSI/AIHA Z10, the goal is clear, certification. However, the scope needs to be clear
in the instance where there may be multiple locations or whether the corporate system
is included when certification is sought at a specific plant. When both an OHS and
environmental management system are present, there needs to be clarity on whether
both systems are included or whether the location considers these integrated
systems. It is common for sites to have an integrated management system that includes
both OHS and environmental management elements. When defining the audit scope, it
is important to understand if a stand-alone OHSMS or an integrated EHSMS is being
audited.
Management system standards are periodically updated, so it is important that
auditors understand which version of a particular management system standard is
being used by a location.
An evolving issue in OHSMS auditing is the definition of the workplace. With an
increase in telecommuting, use of home offices, and increased us of contact support,
organizations and auditors need to have clarity on how the workplace is defined. There
is increased inclusion of home office OHS issues in an organizations OHS manage-
ment system policy and procedures.
5.3 Preaudit Preparation

Thorough preparation before the audit will lead to more effective audit results.
Preaudit preparations include gaining an understanding of
. activities, processes, and risks;

. previous audit findings and OHS performance history;
. physical layout and location of buildings and areas of interest;
. the organizational structure and OHS accountabilities;
. recent construction, modifications or organizational changes;
. the use of contractors;
. pertinent regulatory agency activity for the site;
. security and clearance needs for site access;
. the need to have company representatives escort team members;
. unique hazards and subsequent PPE requirements; and,
. OHS policies and procedures relevant to the audit scope.
When the audit process is initiated, the lead auditor should have a meeting or phone
call with the site representative who is the lead coordinator for the site. In addition to
overall audit logistics, such as audit dates, the lead auditor can begin to understand the
above site-specific issues. This information will also help the lead auditor understand
the expertise he or she will need on the audit team. At this time, the lead auditor should
make sure that there is a mutual understanding about the audit scope. Any discre-
pancies in understanding of the scope need to be resolved before proceeding any
further.
The part of preaudit activities involved with reviewing site policies and procedures
before the official site visit is called the desk review. This is where documents
relevant to the audit scope are reviewed by the lead auditor and team members to
determine initial compliance or conformance with regulations or standards against
which the site is being audited. In management systems audits, when nonconfor-
mances are found during the desk review, it is common for the lead auditor to suggest
that the site bring these areas into conformance before making the official site visit.
Avaluable component of preaudit preparation is the use of a preaudit questionnaire
to be completed by the site in advance of the site visit. The purpose of the questionnaire
is to provide the lead auditor with necessary background information that will help her
or him plan the audit in the most effective manner. Preaudit questionnaires help lower
costs by decreasing the time that the audit team must spend on-site gathering
background information. It is effective to identify an on-site coordinator who will
act as the key liaison between the facility and the audit team and can facilitate
scheduling and logistics for the team.
The preaudit questionnaire also serves an important internal function. The act of
collecting data, gathering policies and procedures, and completing preaudit forms is
an educational process for both the on-site coordinator and the individuals gathering
the documents. Even before the audit team arrives on site, the coordinator will usually
have a good estimate of the facilitys overall compliance or conformance with the areas
or issues within the audit scope, from examining the general pattern of responses to
items on the questionnaire, there is value in seeing this at the early stages of the audit.
The preaudit questionnaire also provides the opportunity for senior management to see
what may be ultimately included in the final report. Finally, for issues with significant
risks, this provides an opportunity to take immediate action.
A memo from senior management to the key site personnel prior to the audit
emphasizing their need to cooperate and participate can help make the on-site
activities proceed smoothly.
During preaudit activities, the lead auditor should ask the site contact to ensure that
sufficient on-site working space and resources are provided for the audit team. This
includes a conference room or office of sufficient size, telephone, internet access,
photocopying support, and document access. For remote locations, consideration of
bringing in food for lunch should be considered to increase efficiencies.
The method(s) of information and data collection during the audit should be
determined before the site visit. This typically includes the preparation of forms and
even audit notebooks that contain the forms. The forms should be designed to capture
information from interviews, document reviews, visual observations. With manage-
ment system audits, a typical form is called a nonconformance or corrective action
form. These are used to capture the various types of objective evidence upon which an
audit finding is based.
5.4 On-Site Activities

5.4.1 Opening Meeting A management system audit normally commences with
an opening meeting during which the audit team presents details of the on-site and
postaudit activities, including the intended scope, time frame, progress report/meeting
frequency, format of draft and final report, and method of delivery. This is also an
excellent opportunity for the team to raise any issues from the preaudit questionnaire
that need further clarification. Methods of communication and preferred communi-
cation channels are typically reviewed at the opening meeting.
Typically, the site management takes this opportunity to provide an overview of the
sites operation and describe any aspects of the programs and systems that may not
have been included in the preaudit questionnaire or preaudit discussions. The opening
meeting is frequently followed by a preliminary tour of the facility, often led by
operations and site health and safety personnel. The tour enables the auditor(s) to ask
any additional questions in light of the preaudit questionnaire and the opening
conference, as well as identify areas to which they want to return later in greater
depth. At the conclusion of the tour, the audit team usually meets alone, briefly, to draw
up a specific plan for how the scope of the audit will be covered in the time specified. If
there is a need for company representatives to escort audit team members, ensure at this
early stage that there are enough representatives if the audit team is large.
It is important at this time to work with site personnel to identify key individuals the
team is interested in interviewing in depth to ensure these personnel will be available.
5.4.2 During the Audit The remainder of the on-site activities of the audit
involves interviewing site personnel, reviewing documentation and records, and
revisiting site areas to verify what the audit team is learning. Many audit teams chose
to conduct daily briefings to update site personnel of their observations and provide a
forum to resolve any misinterpretations immediately. These daily gatherings help to
make the official close-out meeting run smoothly.
During the audit, auditors should immediately bring to the attention of the site
coordinator any observed life-threatening or high risk issues.
An important component of an audit is conducting interviews with site
personnel. Auditors should have training in how to conduct effective interviews.
Interviews should be structured so that the interviewee can be open and honest without
concern about potential retribution. The audit team should be involved with the
selection of who will be interviewed to make sure that there is no potential bias.
Beyond key managers and persons with OHS accountabilities, selection of inter-
viewees should be done randomly. Interviews are typically conducted alone between
the auditor and interviewee, management representative participation should be
discouraged.
At the conclusion of each day, the audit team should meet to discuss findings and the
observations of each team member. Collaboration of objective evidence happens at
this point. Each day, the lead auditor should assemble the audit finding from that day.
This will help avoid a rush of work on the last day on site, and allows for discussion
with site personnel about findings as they come up. As issues come up that maybe out
of a team members area of expertise, the issue should be reexamined the next day by a
qualified team member.
5.4.3 Closing Meeting At the conclusion of the audit, a closing meeting is

typically scheduled to discuss the audit findings and to answer any unresolved
questions or issues. This meeting should be chaired by the lead auditor. Ideally, the
most senior manager of the site should be present at this meeting to ensure the findings
are presented to the individual most able to affect change. During the closing meeting,
a date should be determined for the delivery of the draft and final reports. The closing
meeting should be structured to provide upper management with a concise summary of
critical issues that require immediate action. When the major items are presented in an
abbreviated and prioritized format, senior management can make important resource
allocation decisions well in advance of receiving a written report.
A key goal for the audit team should be that there are no surprises at the closing
meeting and hence in the written final report. Audit observations that lead to audit
findings should be reviewed daily with site personnel when they arise.
5.5 Audit Report

While all audit team members have input into the audit report, the final report should be
written by the lead auditor. The report should include the audit objective and scope, and
list the site areas included. It may be appropriate to include the initial audit plan and
lists of people who attended opening and closing meetings.
The format of the audit report will vary depending on the culture of the organization
being audited and the type of management reports already prevalent in the organiza-
tion. One approach may be to structure the report to list only the deficiencies. These
items may be grouped by severity to facilitate prioritizing corrective actions. This
report style has the advantage of being concise and to the point; however, it does not
acknowledge the good work being done. Morale can be affected if the only newswor-
thy material is negative in nature.
A different report style can list both the elements that were found to be in
compliance and the deficient areas. This format can alert management to all of the
problems, while at the same time providing information on the positive aspects that are
being handled well by the employees. Therefore, areas in need of attention are denoted
at the same time that recognition is given for items that do reduce risks. This type of
report can provide senior management with a good overall perspective of facility
status.
Still another report type may state only a recommended course of action based on
the observations made during the facility visit. Recommendations can be generic or
specific and serve to point a facility in a certain direction (e.g., replace verbal
procedures and agreements with written documentation) or assign responsibility
(e.g., for material safety data sheet collection and storage) to one person.
Finally, an opinion report can provide the relative degree to which compliance is
met by subject area, and include phrases indicating that the facility is wholly,
substantially, or minimally in conformance.
It is often helpful to include a one-page executive summary at the beginning of the

report to apprise upper management of the overall status of the facility and any
significant recommendations. It is common for the audit report to be delivered in draft
form to ensure that the information is accurate and that the format and style are
consistent with past agreements. Once the draft has been revised by the audit team, a
final report is issued. Whatever format is chosen for the final report, it should be clearly
stated prior to the initiation of the audit.
5.6 Postaudit Actions

Following the audit, a plan of action to address any deficient areas must be established.
It is increasingly common for the audit findings to be entered into a tracking system
that will facilitate resolution. The action plan for audit findings resolution should
include identification of the person accountable for resolution and the expected
completion date. For complex issues, a detailed action plan may be needed with
numerous components, that include consideration of necessary resources, both
financial and personnel. When a robust tracking system is used, it can keep the
original spirit of the audit alive by permitting periodic status reports to be forwarded to
management. Statistics detailing percent of serious deficiencies corrected and re-
maining items sorted by priority and deadline provide a tangible measuring stick for
facility administrators.
When management systems are audited, the postaudit period provides an opportu-
nity to evaluate potential deficiencies in the overall system. There is value in
performing a root cause analysis of each audit finding to see if the finding occurred
from a deficiency in some part of the system. A nice process for handling audit findings
is included in ANSI/AIHA Z10, Section 6.5, where audit findings, along with findings
from incident investigations, and corrective and preventative actions are fed back into
the planning process (8). By examining these issues through the planning process lens,
risk assessment considerations can be made that may impact OHS objectives, targets,
and operational controls.
5.7 Use of Findings in Management System Ongoing Improvement

Ultimately the results of any type of audit should provide feedback to the planning
process. As part of the Check portion of the Deming/Shewhart Plan-Do-Check-Act
cycle auditing provides the information to both take action on identified exposures and
make permanent require system improvements (2). Findings from monitoring and
measurement, audits, incident investigations, and corrective and preventive actions
provide the needed to modify existing approaches to prevent recurrence.
This same data should be summarized as part of the management review process to
both inform leadership and to provide them the opportunity to comment on
planned response activities. Leadership support is often directly proportional to their
involvement in the selection and deployment of corrective actions and system
improvements.
6 IMPLEMENTATION
A detailed discussion on OHSMS implementation could be the focus of its own chapter
or book. Several key concepts and issues are addressed here to assist industrial
hygienists begin the implementation process.
Numerous implementation steps can be identified. Initial steps include the consid-
eration of organizational goals and the means by which the goals will be fulfilled. Six
implementation steps are identified here.
1. Characterization of the organizations existing systems and structures.

2. Conditioning the Culture for OHSMS Implementation
3. System selection and gap analysis.
4. System development.
5. System rollout.
6. System evaluation and continual improvement.
These six steps follow the general structure of the generic OHSMS presented in
Table 44.1 and Figure 44.5 (21). Management commitment, resource considerations
and employee participation are necessary steps to consider prior to embarking on the
development, and implementation of an OHSMS. Without management commitment,
resources, and employee participation, the probability is low that the OHSMS can be
successfully implemented and maintained.
6.1 Characterization of the Organizations Existing Systems and Structures

After management commitment, resources, and employee participation have been
secured, the organizations existing business systems must be characterized. When
considering implementation of an OHSMS, many organizations are surprised to find
many aspects of the system may already exist in their organization; that is, all
organizations have some degree of formal management system elements in place
already even though they may not be well distinguished.
Identification of the organizations management systems may include an existing
ISO 9001 system, ISO 14001 system, or organization unique systems. An increasing
trend in risk management is the use of ISO management approaches and systems,
including ISO 31000 on risk management, ISO 27001 on IT Security, and ISO 28000
on Supply Chain Security (3840).
Early in the implementation process, it is valuable to characterize the existing OHS
policies and procedures and to begin thinking about how they will be integrated with
the new OHSMS. When an integrated approach is used, in like fashion, an under-
standing of the environmental policies and procedures is valuable. As part of this
consideration, characterization of the current auditing and performance measurement
approaches should be done to help facilitate the inclusion OHSMS performance
measurement and auditing.
IMPLEMENTATION 2153
6.2 Conditioning the Culture for OHSMS Implementation

An often-overlooked piece to be implementing a new initiative is the extent to which
organizational culture needs to be addressed prior to the development and formal role
out of the initiative. OHSMS implementation is no exception. Aspects to conditioning
the culture are
. establishing clarity about why the OHSMS is being implemented;

. learning about problems or failures with past initiatives;
. determining potential resistance and stakeholder concerns.
It is not uncommon that some degree of organizational enrollment or internal

selling is needed for successful OHSMS implementation. Reasons for this range from
general resistance to new things, to concerns about more work from documentation,
auditing and potential certification needs. In some cases, there are concerns from
organized labor about diminished focus on regulatory compliance. Early in the
implementation process, this range of concerns should be determined and addressed
by the OHS leadership.
The starting place to determine the current conditions and receptivity to a new
OHSMS is within the OHS function itself. The industrial hygienists, safety profes-
sionals, and environmental professionals need to be aligned with the rational and value
of having a OHSMS or integrated ESHMS.
6.3 System Selection and Conducting a Gap Analysis

Prior to selecting an OHSMS approach, the organization needs to consider the
importance of potential third-party certification of the system, and the importance
of the ability to audit the selected approach; that is, some OHSMSs are not considered
auditable because they are either explicitly developed as guidance documents, or they
contain clauses that include should statements as opposed to shall statements.
Strictly speaking, when an OHSMS model is based on should statements, it is
considered a nonauditable standard. This is the case with the British OHSMS BS
8800 and the ILO OHSMS.
This issue of auditability is important since some organizations may implement an
OHSMS in order to gain recognition from stakeholders or markets. Such recognition
may require external verification by a third-party. In the case of OSHAs VPP,
recognition is provided directly by OSHA. In the case of ISO-based OHSMSs,
recognition is provided by an accredited registrar.
A gap analysis provides information on the degree to which specific OHSMS
requirements are currently in place or being met. In some instances, it may be clear that
the element is not at all present and associated activities are not being performed. In
other instances, it may be the case that a elements requirements are being partially
fulfilled. Finally, there maybe complete fulfillment, but actions have not been docu-
mented. Whichever the case, the initial gap analysis is an important step in gaining an
understanding of what actions need to be taken to achieved OHSMS implementation.
Documentation of gap analysis activities can serve to demonstrate continual

improvement activities, if needed, for system certification.
6.4 System Development

There are numerous ways to begin development of an OHSMS. Regardless of the
approach, the characterization of existing business systems and OHS policies and
procedures, as well as the gap analysis described above need to be done to inform the
development steps.
A sound way to begin the development process is to create a grid with the
management system elements, or requirements on one axis, and the management
system document pyramid (Fig. 44.6) on the other with its four levels. The cells
of this grid can then be populated with information about the existing OHS policies
and procedures. A strategy can then be developed to populate all cells in the grid.
Beyond the development of the written management system, important initial
activities include conducting a risk assessment to determine the OHS risks that
subsequently establish the foundation from which performance objectives are created
and operational controls are put in place.
Organizations typically begin developing the management system documents in
either a linear fashion starting with the first section and moving on in a linear fashion, or
they begin with an element where there is a current need, or an element where is
alignment with other initiatives in the organization. For instance, if there is a need to
improve the audit function, the OHSMS checking, evaluation, or corrective action
section may be the first place to start. Or if there are leadership initiatives in the
organization, OHSMS elements associated with leadership and management com-
mitment may be a fruitful place to begin.
6.5 System Rollout

Moving from the development of the written OHSMS to the actual performance of
activities takes place in increments over a period of time. This can range from 68
months to 35 years depending upon an organizations existing OHS program
maturity and organizational culture variables.
With OHS risks and legal and other requirements identified, operational controls
and associated elements are implemented. These include updating or putting in place
. Training programs
. Hazard controls following the hierarchy of control
. Preventive and corrective action processes
. Procurement and contracting systems
. Communication mechanisms
. Checking/evaluation actions (auditing, incident investigation, etc.)
Associated with all of these activities is documentation that verifies actions.

IMPLEMENTATION 2155
6.6 System Evaluation and Continual Improvement

Following the implementation of an OHSMS, regular evaluations of the system are
done by design. The goal of these ongoing evaluations is to ensure the proper
functioning of the system and to identify ways to improve it on an ongoing basis.
Evaluation of the OHSMS is essential for the proper functioning of the system and to
maintain its ongoing relevance to the organization. Evaluations include self-inspec-
tions, internal audits, external audits, and management review.
Many organizations are uneasy with the term continual improvement. There is a
sense that a point may be reached where actions are taken in an inefficient manner
simply as a means to fulfill continual improvement requirements. This is not the case.
The point is that the organization should keep its eye on the ball for ways to improve
its OHS performance and aspects of the management system. OHSMSs do not dictate
how an organization should define its continual improvement activities, but rather, that
there is a structured process whereby such definition is generated that is specific to the
organization. As such, an organization wants to carefully think through how it will
demonstrate its continual improvement, especially if certification will be sought.
6.7 Implementation Project Management

The successful implementation of an OHSMS is frequently a upgrading process of an
existing safety program, and therefore requires proper consideration of existing
program resources and stakeholders. The following suggestions are offered to assure
the success of a planned OHSMS implementation.
6.7.1 Development of a Detailed Action Plan With a good understanding of the

management system recommendations, management system goals, and organization-
al dynamics, develop a detailed action plan that lays out the detailed steps you will
take. Be prepared to alter your plan based on input from other stakeholders in your
organization.
6.7.2 Organizational Support and Resources In large organizations, meetings

will be held early in the implementation process with a wide range of stakeholders
including senior executives, workers and their representatives, middle managers, and
staff functions such as human resources. Prior to conducting any meeting, have clarity
on the OHSMS or integrated system that is being implemented. Solicit and document
support and concerns in all meetings. Understand the basis for concerns that senior
executives, workers, middle managers, supervisors, or line managers may have. The
goal of these meetings is to develop support and alignment with OSHMS implemen-
tation. Take these opportunities to recruit people to participate on the implementation
team.
Meet with the Senior Most Executives. Briefly review the OHSMS elements.
Emphasize the following sections: management leadership and commitment;
OHS policy; employee participation; responsibility and accountability; and
management review. It is critical that executives understand the need for their
initial and ongoing documented commitment to the management system.
Meet with Workers and Their Representatives. The manner in which this is done is
a function of the organizations size. In small organizations, such meetings can
be informal. In larger organizations or at those with union representation, meet
with union representatives and/or other worker representatives first. Review the
systems elements. Discuss how worker participation will be accomplished.
Meet with Middle Managers, Supervisors, and Line Managers. Review the
systems elements. Discuss their anticipated role in the development, imple-
mentation and ongoing improvement of the management system.
Meet with Human Resources. The human resource function in the organization
will be an important participant on the implementation team. Meet with a
representative early to discuss the evolving implementation plan. Specifically
discuss sections on responsibility and accountability, and competence and
training.
Other Stakeholder Meetings. Depending upon organizational structures, consider
meeting with personnel from
. engineering or facility maintenance;
. environmental management department, if integration with an existing
environmental management system is to be done;
. external stakeholders such as medical clinics and/or emergency responders.
6.7.3 Support Team The size of the organization will dictate the size of the
implementation team needed. Safety and health staff team members will need
assistance from human resources. A senior manager sponsor is a positive addition
to the team. A representative from each facility in the organization will need to be
identified. The implementation of a management system requires skills beyond
traditional safety and health expertise. Consider the involvement of people from
diverse functions in the organization.
6.7.4 Managing Information The project will require traditional project man-
agement skills such as documentation to track the implementation success. However,
consider early in the process that information systems may need to be revised in order
to produce ongoing management reports needed by the stakeholders. Such efforts
generally require significant lead times and plans need to be made early so as to deliver
the capabilities to the organization at the proper time so as to avoid false starts in
moving from implementation to ongoing management.
6.7.5 Establishing Goals and Milestones It is important to establish how imple-

mentation will be measured. One suggestion is to conduct a gap analysis early in the
process and use progress reports to measure the completion of individual components
or elements that fill the gap between what has preexisted and the desired final system
components. Circulate the initial goals and milestones to the implementation
FUTURE DIRECTION 2157
committee members and others in the organization. Consider both outcomes (leading
indicators) and output measures (trailing indicators).
6.7.6 Establishing Lines of Communication The communication process may

seem obvious and basic, but consider the form(s) of communication between the
implementation team members and others in the organization. How often will face-to-
face meetings be held? How often will senior management be briefed? Will electronic
mail be used extensively? How will documents be tracked as they are being developed
and modified? Consider early the form of the progress report that will document the
progression of the project from beginning to end.
6.7.7 Maintaining Support and Focus Consideration should be given to the way
that support and focus will be maintained throughout the implementation process. Full
implementation in a large organization may take well over a year. Well-defined
communication mechanisms and intervals will assist in maintaining focus. Consider
informal ways that support can be maintained. An example maybe through occasional
informal discussions with senior managers, or lunch debriefs.
6.7.8 Anticipating Breakdowns and Maintaining Team Morale At the earliest

point in the implementation process, think about things that can go wrong or events that
might occur that would threaten the implementation process, or challenge momentum.
Consider early how breakdowns will be addressed and morale maintained through the
implementation process. Discuss plans to deal with such roadblocks proactively with
supporting stakeholders that will be needed during such times, such as senior
managers.
7 FUTURE DIRECTION
The application of management systems and their concepts to IH, OHS, and
EHS management is now well established and will continue to be a central manage-
ment approach. In the 2010s, industrial hygienists are sure to see an increasing
integration of their activities with operational activities; an expanding context for risk
management and corporate responsibility; increased proliferation of international
standards; and, supply chain OHS and EHS issues increase in importance. Beyond the
value and issues addressed in this chapter, general management system concepts and
approaches will be a valuable tool for industrial hygienists to use in meeting these
future challenges.
7.1 Integrated Environmental Health and Safety Management Systems

While the focus of this chapter is on OHS management systems, the trend in many
industries is toward using integrated OHS and environmental management systems
(EHSMS). A common integrated system includes elements from ISO 14001, OHSAS
18001, and ANSI/AIHA Z10. While there are numerous issues to consider when
developing an EHSMS, a key one is conducting an EHS risk assessment that captures
both the environmental aspects and impacts, as required in ISO 14001, and the OHS
risks as required in OHSMSs. With integrated systems, tasks that were once im-
plemented by single individual contributors may be divided among a number of
different professional, technician and nontechnical service facilitators. The industrial
hygienist must remain vigilant to ensure that OHS risks are identified and associated
controls are implemented.
7.2 An ISO OHSMS and Other Management System Standards

In the late 2000s, the direction in ISO is toward the development of a generic manage-
ment system standard that could be applied to a wide range of activities, including OHS
management (19). Due to this factor, it does not appear likely that ISO will develop an
international OHSMS in the foreseeable future. In addition, there remains skepticism
and concern with labor stakeholders about ISOs ability to develop a standard in the
OHS arena that would have true tripartite representation as found in the ILO.
Aside from the ISO OHSMS and generic management system standard (MSS)
issue, it is anticipated that there will continue to be a proliferation of management
system standards published by ISO. At the end of 2008, there were 17,765 ISO
standards published, with 1230 published that year, with the organization experienc-
ing a surge in activity (19). IH and EHS professionals need to be ready to address
questions regarding the integration of their OHSMS or EHSMS with other MSSs that
may be introduced in their organization. As with developing an integrated EHSMS, the
industrial hygienist must ensure that there is no diminution of IH/OHS when
integrating with non-OHS or EHS management systems.
7.3 IH, OHS, and EHS Integration Within an Organization

In addition to the increased integration between occupational health and safety and
environmental management in organizations, there is increasing attention placed on
the integration of these combined activities within the organization. OHSMS and
EHSMSs can assist with this in a number of ways. These management system
approaches provide IH and EHS professionals with an approach whereby they are
able to clearly show where and how IH and EHS activities link with operations and
processes. This is specifically the case with showing links to ISO 9001 and other
business initiatives such as Lean Six Sigma and 5S (2). However, few stakeholders
outside of the EHS professional community recognize that environmental manage-
ment contains a number of subspecialties and that safety and industrial hygiene are
diverse and distinct professions as well. Industrial hygienists must be aware of the need
for constant education of other stakeholders of the fundamental issues involved in the
successful prevention of occupational disease.
7.4 Expanding Context for Risk Management and Corporate Responsibility

At the time this book was going to press, ISO just published a generic risk management
standard called ISO 31000 (38). While this standard is not a management system
BIBLIOGRAPHY 2159
standard, it does provide recommendations that its content be integrated within an

organizations management system. A broad definition of risk is presented in ISO
31000 that has its roots in traditional financial risk management. As 31000 gains
recognition, industrial hygienists and EHS professionals should pay attention to the
extent that these risk concepts are used in their organizations. While many aspects of
31000 are strong and can provide value to achieving IH/OHS/EHS goals, the overall
risk definition could be problematic if extended to worker safety and health.
7.5 Supply Chain Importance

Supply chain is a term used to describe a system of organizations, people, technology,
activities, information, and resources involved in moving a product or service from a
supplier to a customer (41). These activities transform natural resources, raw materials
and components into a finished product that is delivered. With increased attention on
corporate responsibility, sustainability, and the expanded context of risk, IH and EHS
professionals will need to pay more attention to IH and EHS issues associated with
their organizations supply chains. Management systems can help with these activities
by providing a way to interact and communicate with supply chain partners, both up-
and downstream. Specific to OHS issues, industrial hygienists will be called to task to
understand the OHS risks in their suppliers workplaces. They will also be called on
with greater frequency to engage in upstream exposure scenarios as seen in the
European Union REACH initiative. The risk assessment guidance and requirement in
OHSMSs will help in each instance.
7.6 Systems Thinking

The organizational learning concepts that evolved with the work of Jay Forrester and
Peter Senge at MIT, and Chris Argyris at Harvard University have made a large
impact in management science theory and practice (42, 43). A central piece to this
work at the individual level is the development and strengthening of systems thinking
skills. This skill base includes distinguishing mental models and the interrelated
links between systems, such as in a supply chain or within an organization. Peter
Senge defines systems thinking as a discipline for seeing wholes. It is a framework
for seeing interrelationships rather than things, for seeing patterns for change rather
than static snapshots (42). For IH and EHS professionals, strong system thinking
skills are sure to help with addressing the challenges identified in this final
section (44). OHS and EHS management systems provide a platform from which
these personal skills can be leveraged to most effectively achieve our goals for safe,
healthy environments.
BIBLIOGRAPHY
1. K. Dotson, An International Safety and Health Measurement Strategy: Corporate

programs, System and Results, J. Occ. H and Safety, Australia, New Zealand. 1996,
12(6), 669675
2. A. Leibowitz, Program Management, in The Occupational Environment: Its Evaluation,

Control, and Management, AIHA Press, Fairfax, VA, 2010.
3. F. Bird and G. Germain, Practical Loss Control Leadership, International Loss Control
Institute, Loganville, GA, 1990.
4. International Organization for Standardization, Quality SystemsModel for Quality
Assurance in Design, Development, Production, Installation and Servicing,
International Standard ISO 9001:1994(E), Geneva, 1995.
5. United States Department of Labor, Occupational Health and Safety Administration,
Safety and Health Program Management Guidelines, Fed. Reg., January 26, 1989.
6. U.S. Department of Labor, Occupational Safety and Health Administration, Voluntary
Protection Programs to Supplement Enforcement and to Provide Safe and Healthful
Working Conditions, Fed. Reg. 53(133) 2633926348 (1988).
7. International Organization for Standardization, Environmental Management Systems
Specifications with Guidance for Use, International Standard ISO 14001, Geneva, 1996.
8. American Industrial Hygiene Association, American National Standard for Occupational
Health and Safety Management Systems, ANSI/AIHA Z10, AIHA Press, Fairfax VA, 2005.
9. WorkSafe, Safety Management Achievement Program (SafetyMap), Health and Safety
Organisation, Victoria, Australia, 1994.
10. Canadian Standards Association, CSA Z1000-06 Occupational Health and Safety
Management, CSA Standards, Mississauga, Ontario, 2006.
11. British Standards Institute, Occupational Health & Safety Management Systems
Specification, OHSAS 18001:1999, London, 1999.
12. British Standards Institute, Occupational Health & Safety Management Systems:
BS 8800:1996, London, 1996.
13. United States Department of Labor, Occupational Health and Safety Administration,
Proposed Safety and Health System Standard for General Industry, 1910.700, Docket
S-027, July 2, 1996.
14. American Industrial Hygiene Association, Occupational Health and Safety Management
System: An AIHA Guidance Document, AIHA Press, Fairfax, VA, 1996.
15. European Union, European Agency for Safety and Health at Work, OSH Systems and
Programmes: The Use of Occupational Safety and Health Management Systems in the
Member States of the European Union, Office for Official Publications of the European
Communities, Luxembourg, 2002.
16. International Occupational Hygiene Association, Occupational Health and Safety
Management Systems: Review and Analysis of International, National, and Regional
Systems, and, Proposals for a New International Document, Geneva, 1998.
17. British Standards Institute, Occupational Health & Safety Management Systems
Specification, OHSAS 18001:2007, London, 2007.
18. International Labour Office, Guidelines on Occupational Safety and Health Management
Systems, ILO-OSH 2001, SafeWorkILO In Focus Programme on Safety and Health at
Work and the Environment, Geneva, 2001.
19. International Organization for Standardization, Annual Report 2008, ISO Central
Secretariat, Geneva, 2009.
20. International Organization for Standardization, Guidelines for the Justification and
Development of Management System Standards, Guide 72, Geneva, 2001.
BIBLIOGRAPHY 2161
21. C. Redinger and S. Levine, Occupational Health and Safety Management System
Performance Measurement: A Universal Assessment Instrument, AIHA Press, Fairfax,
VA, 1999.
22. C. Redinger and S. Levine, Development and Evaluation of the Michigan Occupational
Health and Safety Management System Assessment Instrument: A Universal OHSMS
Performance Measurement Tool, Am. Ind. Hyg. J. 59, 572581 (1998).
23. Redinger C, Levine S, Blotzer M, and Majewski, M (2002). Evaluation of an
Occupational Health and Safety Management System Performance Measurement
ToolII: Scoring Methods and Field Study Sites. Am. Ind. Hyg. J., 63: 3440.
24. Redinger C, Levine S, Blotzer M, and Majewski, M (2002). Evaluation of an
Occupational Health and Safety Management System Performance Measurement
ToolIII: Measurement of Initiation Elements. Am. Ind. Hyg. J., 63: 4146.
25. International Organization for Standardization, Environmental Management Systems
Specifications with Guidance for Use, International Standard ISO 14001:2004(E), Geneva,
Switzerland, 2004.
26. American Industrial Hygiene Association, AIHA White Paper on Risk Assessment and
Risk Management, Fairfax, VA, 2002.
27. International Labour Office, Report of the Meeting of Experts on Guidelines on
Occupational Safety and Health Management Systems, Document GB.281/4, Geneva,
2001.
28. U.S. Department of Labor, Occupational Safety and Health Administration, Safety and
Health Achievement Recognition Program (SHARP) by the Office of Cooperative
Programs (OSHA Instruction TED 3.5A, and Form 33), Washington, DC, 1995.
29. U.S. Department of Labor, Occupational Safety and Health Administration, The Program
Evaluation Profile (PEP) by the Directorate of Compliance Programs (OSHA Notice
CPL 2), Washington, DC, 1996.
30. Voluntary Protection Program Participants Association, Benefits of VPP Participation:
Data from VPP Sites, Falls Church, VA, 1996.
31. National Occupational Safety Association, NOSA 5 Star Safety & Health Management
System, Reg. No. 51/00010/08: HB 0.00.50E, Arcadia, Republic of South Africa, 1992.
32. Health Safety Executive, Successful Health and Safety Management, HSG 65, Her
Majestys Stationary Office, Norwich, United Kingdom, 1991.
33. F. Bird and G. Germain, Practical Loss Control Leadership, Institute Publishing/ILCI,
Logan, GA. 1985.
34. R. McKinnon, Cause, Effect, and Control of Accidental Loss With Accident Investigation
Kit, CRC Press, Baca Raton, FL, 2000.
35. National Research Council, Standards, Conformity Assessment, and Trade: Into the 21st
Century, National Academy Press, Washington, DC, 1995.
36. Redinger C and Levine S (1998). Analysis of Third-Party Certification Approaches
Using an Occupational Health and Safety Conformity-Assessment Model, Am. Ind. Hyg.
J., 59: 802.
37. International Organization for Standardization, Guidelines for Quality and/or
Environmental Management System Auditing, ISO 19001:2002, Geneva, 2002.
38. International Organization for Standardization, Risk ManagementPrinciples and
Guidelines, ISO 31000:2009, Geneva, 2009.
39. International Organization for Standardization, Information TechnologySecurity

TechniquesInformation Security Management Systems, ISO 27001:2005, Geneva,
2005.
40. International Organization for Standardization, Specification for Security Management
Systems for the Supply Chain, ISO 28001:2007, Geneva, 2007.
41. A. Nagurney, Supply Chain Network: Dynamics of Prices, Flows, and Profits, Elgar
Publishing, Northampton, MA, 2006.
42. P. Senge, The Fifth Discipline: The Art and Practice of the Learning Organization,
Doubleday Publishing, New York, NY, 1990.
43. C. Argyris, On Organizational Learning, Blackwell Publishers, Inc., Cambridge, MA,
1992.
44. C. Redinger, A New Model for Environmental Health & Safety Integration, White paper,
Redinger EHS, Inc., Harvard, MA, 2007.

Pattys Article OSHMS

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Pattys Article OSHMS

Uploaded by

Copyright:

Available Formats

OCCUPATIONAL HEALTH AND

SAFETY MANAGEMENT SYSTEMS

As organizations become globally integrated and concepts of enterprise risk expand,

While the focus of this chapter is on OHS management systems, industrial

1.1 Historical Overview

1. OHSAS 18001:2007 and ISO 14001-based approaches (17).

A detailed examination of each of these standards is provided in Section 3.

1.2 An Introduction to ISO and Standards Making

ISO is a voluntary organization whose members are recognized standard

1.3 Basic Systems Concepts and Definition

Input Process Output

Input Process Output

FIGURE 44.2 Program model, no feedback loop.

. an organizational structure with roles, responsibilities, authorities, etc., of

Specific to OHS management system, ANSI/AIHA Z10 defines these systems as

In like fashion, OHSAS 18001:2007 defines an OH&S management system as

1.4 Programs Versus Systems

1.5 A Generic OHSMS Model

. U.S. Occupational Safety and Health AdministrationVoluntary Protection

1.6 The Management System Framework Pyramid

The external environment

Occupational Health and Safety

FIGURE 44.3 OHS in an organization.

The external environment

Open system elements The organization

OHS in the organization

OHS OHS outputs

FIGURE 44.4 A systems approach to OHS management.

2 OHS MANAGEMENT SYSTEM ELEMENTS

1. Management Commitment, Leadership and Employee Participation

Open system elements The organization

Evaluation (OHS feedback) OHS in the organization

FIGURE 44.5 A generic OHSMS model for OHS management.

TABLE 44.1 Generic OHSMS Table of Contents (22)

4. Evaluation and Checking

2.1 Management Commitment, Leadership, and Employee Participation

FIGURE 44.6 Management system pyramid.

2.1.1 Resources, Responsibility, and Authority All management systems contain

a unique feature is the guidance to integrate the OHSMS with an organizations

2.1.2 Employee Participation Employee participation may be demonstrated in

2.2.4 Objectives, Targets, and Program(s) Management system planning activi-

should be based on significant issues identified by the previously described OHS

2.2.5 Implementation Plans and Allocation of Resources For organizations that

2.3 Implementation and Operational Elements

2.3.1 Hierarchy of Controls A central component of operational elements is the

2.3.2 Management of Change An increasingly important function within con-

2.3.3 Education, Training, and Competence Another familiar element associ-

2.3.4 Emergency Preparedness, Planning, and Response All OHS management

2.3.5 Communication While intuitive to industrial hygienists, issues related to

2.4 Evaluation and Checking

2.4.1 Incident Investigation Incident investigation and internal auditing require-

2.4.3 Feedback to the Planning Process A unique feature of ANSI Z10 is a

2.4.4 Corrective Action The implementation of corrective action is discussed

2.5 Management Review

These records should be maintained and action plan completion tracked to

3 STANDARD OHS MANAGEMENT SYSTEMS

3.1 OHSAS 18001 and ISO 14001-based Approaches

TABLE 44.2 OHSAS 18001:2007 Table of Contents (17)

4.1. General requirements

1. is appropriate to the nature and scale of the organizations OH&S risks;

OHSAS 18001 is not an ISO standard, rather it is an OHSMS standard published by

. Environmental aspect is: [An] element of an organizations activities or

It is up to the organization to define environment and to do an aspect analysis.

3.2 The ILO Occupational Safety and Health Management System