Ohsas 18001 ala 2020 ohp 1.2

IRCA Course Registration A17438

Auditor/Lead Auditor Training Course

based on OHSAS 18001:2007

Copyright © Kelmac Group TM Limited, All Rights Reserved OHSMS Auditor/Lead Auditor Course OHSAS 18001:2007 Rev 1.2

Occupational Health and Safety (OH&S)

Conditions and factors that affect, or could affect, the health and safety of employees or other workers (including temporary workers and contractor personnel), visitors, or any other person in the workplace OHSAS 18001:2007, 3.23

Copyright © Kelmac Group TM Limited, All Rights Reserved OHSMS Auditor/Lead Auditor Course_OHSAS 18001:2007 Rev 1.2

OHSAS 18001:2007 Process Model

MANAGEMENT REVIEW

CONTINUAL IMPROVEMENT

OH&S POLICY

PLANNING

CHECKING and CORRECTIVEACTION

IMPLEMENTATIONAnd OPERATION


Which OH&SMS Standard

• ILO - OSH:2001

• International Safety Rating System (ISRS7)

• OHSAS 18001:21007


ILO-OSH:2001


International Safety Rating System – ISRS7


OHSAS 18001/18002

• OHSAS 18001:2007 - Occupational Health & Safety Management System Requirements

• OHSAS 18002: 2008 - Guidelines for the implementation of OHSAS 18001:2007


Purpose of the OHSAS 18001:2007 Standard is

• To support and promote good OH&S practices, in balance with socio-economic needs


OHSAS 18001:2007 Key Elements

• Management System

• Consultation and Communication

• Risk Assessment and OH&S Control Measures

• ILO - OHS Principles


Why OH&SMS?

• Relatively lower Occupational Health & Safety risks

• Reduced insurance fees and compensation, rehabilitation and curative costs

• Enhanced public image

• Higher productivity and profitability

• Objectively demonstrate legal compliance

• Improved Occupational Health and Safety performance and state of the work environment


OH&SMS Framework

Company GOALSand TARGETS

OH&S POLICY

OH&S OBJECTIVES

DepartmentalOBJECTIVES

BEEINGACHIEVED

BEEINGACHIEVED

BEEINGACHIEVED

Key PerformanceIndicators


Understanding the Process Approach

• ISO 9000:2005 defines a Process as: • “set of interrelated or interacting activities which transforms inputs into outputs”

• Data should be gathered to establish process capability and analyze process performance including input and output characteristics

• Process performance needs to be linked to organizational performance

TransformationProcess

Output InputOutput InputTransformation

ProcessInput Transformation

ProcessOutput


The PDCA Cycle


High level Process Map

SUPPLIERS

CUSTOMERS

INPUTS OUTPUTSPROCESS


SIPOC Example

OH&S Team

SUPPLIERS INPUTS PROCESS OUTPUTS CUSTOMERS

OH&S TeamTechnical Expert

OH&S TeamTechnical Expert

Processes, Products, Activities, Tasks

Initial Review (IR) Risk Identification and

Assessment

Hazard/Risk Register/Safety

Statement

Review preliminary data

PROCESS STEPS

Select Risk Assessment Techniques, Methodology and Criteria

Risk Assessment

Significant Hazard, Risk, Safety Statement

Interested parties

Statutory and Regulatory

Other Requirements

Objectives and Targets

Policy

Meeting Minutes

Interested parties

Top Management

OH&S Team

OH&S Team


Applying the Process Approach based on the Turtle Methodology

PROCESSINPUT

Interested Party who has a need

With what?Equipment Installations

With Who?Training, Knowledge & Skills

OUTPUT

OH&S Performance

What Results?Performance Indicator

How?InstructionsProceduresMethods

SA

TIS

FA

CT

ION

RE

QU

IRE

ME

NT

S


Operational Controls/Control Measures

• Monitoring and management of OH&SMS Management Program’s (MPs); Control Measures and Key Performance Indicators (KPIs) – Proactive & Reactive

• Establishing operating criteria in processes and procedures including the extent to which OH&S objectives are met

• Documented procedures, especially where absence could lead to deviations from OH&S Policy and Objectives

• Controls related to purchase of goods, equipment and services

• Employees completing work related activities under the control of the organization working outside the workplace

• Controls related to Suppliers and Subcontractor Control including Visitors to the workplace


Emergency Preparedness and Response

• Identifying the potential for emergency situations

• Establish, implement and maintain a procedure for responding to emergency situations

• Prevent or mitigate associated adverse OH&S consequences associated with emergency situations

• In planning its emergency response take into account the needs of relevant interested parties

• Periodically test its procedures to respond to emergency situations

• Periodically review and where necessary revise its emergency preparedness and response procedures


Assessment and Management of OH&S risks and significance for

Auditors

• Identification and evaluation of operational controls and validation of acceptable risk (residual)– Data, Process and Methodology

• Policy, objectives and programs to achieve their OH&S policy commitments

• Improvements in OH&S performance

• Conformity to OHSAS 18001:2007

• Compliance with legal and other requirements


Common Risk Assessment Tools

• Checklists/Questionnaires

• Risk Matrices

• Ranking/Voting tables

• FMEA/HAZOP

• Exposure assessment Strategy

• Computer Modeling


Evaluating Measures of Performance of the OH&SMS

• Overall Effectiveness of the OH&SMS

• Acceptable/Residual risk level of the OH&SMS

• Conformity with OHSAS 18001:2007 requirements

• Compliance with regulations and other requirements etc.

• Performance improvement

• Effectiveness of implementation of operational risk control, verification and validation

• Safety Culture of the Organization

• Maturity level of the OH&SMS


Sources of Statutory and Regulatory Requirements

• Internet• Government Publications• Chambers of Commerce/Industry• Industry Representative Organizations• Enforcement Agencies• Legal Practices• Consulting Organizations• Academia• Specialist Publishing Houses


Models and Methodologies

• Occupational Health & Safety Enforcement Agency

• Certification Body/Registrar – Document Review + Sample review of evaluation of compliance

• ISO System/Process Approach – EA7-04


ISO Objectives - Documentation

• ISO requires (and always has required) a “Documented Occupational Health and Safety Management System”, and not a “System of Documents”

• OHSAS 18001:2007 allows an organization flexibility in the way it chooses to document its OH&SMS. This enables each individual organization to develop the minimum amount of documentation needed in order to demonstrate the effective development, implementation and updating of the OH&SMS, when necessary


Typical OH&SMS Documentation Hierarchy


Benefits of a documented OH&SMS

• Demonstrate conformity + compliance• Due Diligence• Communication• Training & Development• Marketing• Auditing

• Plus two other business benefits – what are they?

(1) _________________(2) _________________


Types of Conformity Assessments

• Preliminary Assessment (Mock/Trial)

• Initial Registration assessment (System)

• Surveillance assessment (Partial)

• Follow-up assessment (Partial)

• Re-registration assessment (System)


OHSAS 18001:2007 and Other Management Systems

ISO 20000IT Service Management ISO 9000

Quality Management

ISO 22000FoodSafety

ISO 18001:2007Occupational Health &

Safety

PAS 99Integrated Management

ISO 14001Environment Management


Introduction and Scope of ISO 19011:2002

• An audit is a management tool for monitoring and verifying the effective implementation of an organization's policy for quality and/or environmental management

• This International Standard provides guidance on conducting internal or external QMS and/or EMS audits, as well as on the management of audit programs

• It is discretionary whether or not QMS and/or EMS audits are conducted separately or integrated

• Can be applied to other management system standards


Principles of Auditing

• Ethical conduct – the foundation of professionalism

• Fair presentation – the obligation to report truthfully and accurately

• Due professional care – application of diligence and judgment in auditing

• Independence – the basis for the impartiality and objectivity of the audit conclusions

• Evidence-based approach – the rational method for reaching reliable and reproducible audit conclusions in a systematic audit process


OH&SMS Audit Types

• Regulatory

• Process

• Performance

• Certification

• Supplier

• Due diligence

• Liability

• Combined


Audit Types & Roles

INTERNAL EXTRNAL

1st Party Audit of one’sown organization

2nd Party Audit of a Supplier by a Customer

3rd Party Audit by anIndependent Body


Personal Qualities of an Auditor

• Precise• Reasonable• Objective• Fair• Energetic• Sensitive• Supportive

• Integrity• Organized• Not afraid of reporting the

facts• Astute and analytical• Listener• Sensitive to local customs

PROFESSIONAL’S


Psychometric Testing and their role in identifying, selecting and developing

Auditors

• Various psychometric tools in use, namely Myers Briggs, http://www.myersbriggs.org/ Kiersey temperament Sorter, http://www.kiersey.com or Belbin, http://www.belbin.com

• When used, they act as a guideline when identifying and selecting Auditors

• The aim is to ensure the audit team consists of a team which can suitably, adequately and effectively complete the audit professionally

http://www.myersbriggs.org/

http://www.kiersey.com/

http://www.belbin.com/


Main activities during the Planning Phase

INITIATING the AUDIT

• Agreeing the audit objectives, scope and criteria

• Communicating with the Auditee/Audit Client

• Determining the feasibility of the audit

PREPARING for the AUDIT

• Forming a competent audit team/audit team assignments

• Developing an audit plan

• Creating process based checklists

• Holding an audit team briefing, if required


What is an Audit Plan?

• Description of the activities and arrangements for an audit

ISO 19011:2002


What is a Checklist?

• Structured list of points to evaluate

• Identifies and communicates the scope of an audit

• An Auditor’s tool to gather evidence and provide an audit trail

• Guides the course and controls the pace of an audit


Main activities during the Performance Phase

• Opening Meeting

• Gathering Evidence

• Writing Audit Finding Reports

• Collating and generating the Final Audit Report

• Preparing for the Closing/Exit Meeting

• Closing/Exit Meeting


What is Evidence?

Qualitative or quantitative information, records, or statements of fact pertaining to:

a) the safety of the employees or persons working on behalf of the organizationb) to the existence and implementation of an occupational health and safety management

system requirement

which is based on observation, measurement or test and which can be independently verified.


Different methods of gathering Evidence (On-site/Off-

site)

• Observation

• Interviewing

• Data Analysis

• Document Review


General Points on Questioning Techniques

• Use appropriate types of question

• Adopt a logical approach

• Follow a natural sequence

• Actively listen to what is being said

• Use silence appropriately

• Seek clarification, where necessary

• Verify responses, where necessary


Typical Questions

Information

• How• What• When• Where• Who• Why

Verification

• Show me


Observation

• People

• Product and service

• Processes

• Information systems


Taking Notes

• Employee names and job titles

• Product identification

• Quotes and statements

• Rough sketches

• Surroundings

• Issues which may impact other functions/Audit team members


Mental Notes

• Workload

• Employee behavior

• Management approach

• Organization

• Knowledge of business and applicable standards

• Reactions


Sampling

• Sample frame/Sample

• Representative

• Random

• Reduced time and costs


Importance of Audit Team Performance

• Keep to the original audit plan

• Auditor/Lead auditor checks progress regularly

• Manage delays


Communication during the Audit

• The Audit Team should confer periodically to

– Exchange information– Assess audit progress– Reassign work between audit team members as needed– Discuss concerns about any issues outside the scope of the audit

• The Lead Auditor should communicate to the auditee/audit client any

– Significant risks identified during the audit process– Concerns about any issues outside the audit scope– Evidence which indicates audit objectives are unattainable


Handling Difficult Situations

• Time Wasting

• Discrimination

• Hostility

• Avoidance

• Finger Pointing

• Undermining

• Deception

• Obstruction

• Usurping Control

• Flattery


What is a Nonconformity?

• The absence of, or the failure to implement and maintain, one or more safety management system requirements, or a situation which would, on the basis of available objective evidence, raise significant doubt as to the safety of the work environment within the organization


Audit Finding Definitions

• A Major nonconformity is where there is a total break-down or absence of objective evidence to satisfy one or more occupational health management system requirements, or a situation which would, on the basis of available objective evidence, raise significant doubt as to the safety of the work environment within the organization

• A Minor nonconformity is where there is a defined and documented system which generally satisfies one of more occupational health and safety management system requirements, or a situation which would, on the basis of available objective evidence, raise a concern as to the safety of the work environment within the organization, e.g. the system and/or one or more processes have not reached an acceptable maturity level


Audit Finding Definitions

• An Observation/Opportunity for Improvement is a remark by an Auditor which warrants clarification or investigation so as to improve the overall effectiveness and/or efficiency of the organization's Occupational Health and Safety Management System


Key Elements of a Nonconformity

• Nonconformity Statement - what is wrong, namely test, sample frame, sample and test result

• Supporting evidence, namely objective evidence supporting the nonconformity statement

• Record of the Requirement, namely OHSAS 18001 criteria or clause

• Audit Finding Risk Classification, namely major, minor

• Reference Number, Area Under Review, Auditor Identification, Auditee Representative Signature, Date etc.


A Summary Audit Report is

• A summary or record of the outcome of an audit, in line with the agreed audit objectives, scope and criteria


Contents of a Summary Audit Report

• Audit objectives, scope and criteria• Statement of the confidential nature of contents• Audit conclusions• Strengths and Weaknesses• Number of nonconformities (including classification) and observations, if any• Nonconformity/Observation Reports• Recommendations (risk assessment audit findings), if any• Obstacles encountered• Follow-up activities• Audit Plan• Audit Checklists (Appendix)• Identification of the Lead Auditor and team members• Identification and contact details of Auditee/Client• Opening/Closing/Exit Meeting Minutes


Summary Audit Report Approval

• The Auditor/Lead Auditor should sign and date the summary audit report signifying the audit objectives have been met and the fact the report is accurate and complete

• The Top Manager or Management Representative should sign and date the summary audit report to signify agreement with and commitment to act on the findings


Summary Audit Report Distribution, Timing & Retention

• Distribution should be limited to the Management Representative

• Ideally it should be available for the Closing/Exit Meeting If not, it should be available within an agreed timescale

• It should be retained in accordance with audit organization policy and/or regulatory requirements


Activities to be covered during the Final Team Meeting

• Review the audit findings against the audit objectives

• Agree the audit conclusions (recommendation)

• Decide your strategy for presenting the findings

• Ensure any nonconformity and/or observation reports are signed in advance of the Closing/Exit meeting

• Anticipate possible areas of disagreement

• Decide the follow-up strategy (recommendation)


Process for Collating the Audit Findings

• Collate all the information

• List the strengths

• Evaluate and distil

• List the weaknesses (Nonconformities)

• Evaluate and distil

• List any observations

• List any obstacles encountered, if any

• Decide the overall conclusion (recommendation)

• Decide the follow-up strategy (recommendation)


If the Client does not conform

• Be mindful of the level of your authority

• Maintain control

• Double check the findings are based upon sound evidence

• Do not waiver from the intended message

• Ensure the client does not see it as purely a negative message

• Check the tone and choice of language used


Risks associated with Offers of Advice

• Ownership

• Possible confusion in roles

• Legal and financial

• Therefore, never give advice in an external audit.

• There is greater scope to give advice in an internal audit, however the risks albeit small still exist


Audit Follow-up,why is it important ?

• Corrective action takes place in a timely manner

• Corrective action is effective and suitable

• The real benefits of the audit can be realized

• The effectiveness of the audit program can be measured


Evaluating CAPA Proposals?

• The Lead Auditor or assigned Auditor technically assesses the proposed corrective and preventative action and root cause analysis data

• Ideally the Auditor/Lead Auditor who raised the audit finding should verify and validate closure of any nonconformities raised

• CAPA proposals should be received and reviewed within 10 calendar days or sooner and verified + validated and closed out within 12 weeks, unless a variation is granted


Methods for Closing Out Corrective Actions

• Off-site– Documentation review– Interview (Web conference/Online Meetings)

• On-Site Re-audit– Partial– Full


Purpose of a Closing/Exit Meeting

• To verbally present the audit team’s findings and conclusions in such a manner that they are understood and acknowledged by the client, and to agree, if appropriate, on the time period for the auditee to present a corrective action plan


Who attends the Closing/Exit Meeting?

Audit Team

• Lead Auditor• Auditor(s)• Trainee Auditor(s), if used• Translator(s), if used

Client

• Top Executive/Manager• OH&SMS Representative• Functional Representative(s)• Consultant, if present• Guide(s) (Optional)• Observer(s) (Optional)• Employees (Optional)


Contributions during the Closing/Exit Meeting

• The Lead Auditor should always lead and manage the presentation and deliver the audit report executive summary

• The Lead Auditor may request individual auditors to clarify individual nonconformities, if required

• The Lead Auditor should assign an audit team member to take minutes of the meeting and record attendance


A Typical Closing/Exit Meeting Agenda

• Re-statement of audit objectives, scope, and criteria

• Representative sample statement/confidentiality

• Audit conclusion - executive summary

• Audit findings – detail

• Follow-up activities

• Obtaining ownership and commitment

• Reporting

• Questions

Copyright © 2009 Business Edge, All Rights Reserved | QMS Auditor/Lead Auditor Course_ISO 9001:2008 Rev 3.0