Publisher of leading trade magazines for the Footwear, Leather-goods, Leather & PPE industries

Developing a risk-based safety management system programme

Published: 20th Jul 2023
Author: By Leighton Bennett; Construction H&S Agent; SHE & Risk Management Consultant; Benrisk Consulting.

At an OSHAfrica conference, speakers raised the topics of ‘Health & Safety Management Systems’ and ‘Safety Risk Management Systems’ which many people think of as vastly separated from each other.
The proposed Occupational Health & Safety Amendment Act (OHSAct) (not promulgated yet) is expected to require safety management systems and risk management to be performed at workplaces in the future.
As H&S practitioners, we have seen the publication of the 2018 ISO 45001 Occupational Health & Safety Management System that replaces the SANS OHSAS 18001 Health & Safety Management System, but how can we develop a risk-based H&S management system programme to manage Health & Safety (H&S) in the workplace?
The ISO 45001 Standard only gives us part of the process, as it only presents the framework for an H&S management system. To see the whole process, we must consider the SANS/ISO 31000 Risk Management – Principles & Guidelines Standard (of 2009 and now 2018), as it presents the relationship between the risk management principles, the risk management framework, and the risk management process. The 2009 and 2018 ISO 31000 Risk Management Standard documents present these relationships as follows:

The ISO 45001 H&S Management System standard only illustrates the framework for the H&S Management System Programme, but the Principles & Risk Management Process involving the risk assessment process are not shown in the published standard.

Let’s consider the 2018 guidelines edition of the 31000 Principles, which provides a statement of 8 risk management principles, as follows:
1. The risk management framework and processes should be customised and proportionate for the organisation and its objectives.
2. The risk management system requires the appropriate and timely involvement of its stakeholders.
3. Risk management requires a structured and comprehensive approach to be applied.
4. Risk management is an integral part of all organisational activities.
5. Risk management anticipates, detects, acknowledges, and responds to changes.
6. Risk management explicitly considers any limitations of available information.
7. Human and cultural factors influence all aspects of risk management.
8. Risk management is continually improved through learning and experience.
For developing a health & safety management system, the risk management principles above can be adopted and made applicable as the principles of a health & safety management system by purely replacing the word ‘Risk’ in the risk management principles, cited above, by ‘Health & Safety’.
Then use the health & safety management framework illustrated in the ISO 450001 standard, with the addition of ‘worker participation’ contributing to the leadership.

Part of the “PLAN activity” above is to identify the health & safety risks (hazards & exposures) of the organisation or the workplace/s so operational and support management function can be established and implemented. Part of this process involves using the 2018 ISO 31000’s Risk Management Process, shown below, which is also suitably title adapted to the Health & Safety Management Process.


The Scope of the Management Process is about deciding the boundaries and the applicability of the management system which could involve the whole organisation or just parts of or a specific part of the organisation in terms of the health & safety of the health & safety management system or range to a full enterprise-wide business risk boundary scope for establishing an enterprise-wide risk management system.


The context refers to deciding whether just the internal influencing factors or the external influencing factors or both the internal and external factors influencing and/or impacting on the organisation or workplace are to be considered, within the decided scope of the management system and noting that these influencing factors can be positive or negative influences.
The criteria involves reflecting the organisation’s values, objectives, resources and the imposed regulatory factors in establishing and defining the risk criteria parameters to be used to evaluate the significant of the risks (hazards & exposures), by firstly identifying the risks, then analysing the magnitude of the identified risks, and finally evaluating the risk’s acceptability or not to the organisation’s sustainability.
The management system requires a risk assessment to be performed to identify, analyse and evaluate the risks using the decided risk criteria parameters. Many risk identification methods could be used, but identifying the risks by using the 7 critical resources which are ‘at risk’ in any business operation or for a project, namely by using the acronym PEPMELF, meaning the People, Equipment, Procedures/Processes/ Practices/Policies, Materials, Environment, Legal/Liability and Financial resources ‘at risk’ is a universal and user-friendly method to identify risks (hazards, exposures and threats). Note this PEPMELF method provides a higher level (baseline) risk assessment than a HIRA type of risk assessment.
The high risk-rated magnitude risks can be subjected to a Risk Treatment Response involving the 4T’s, namely risk Termination, Tolerance, Transfer and/or Treatment to reduce the risk rating to within the decided acceptable risk level of the organisation.
All risk assessments must be recorded for future monitoring and review and re-assessment if new or risk changes occur, while the whole OHS (Risk) management system and process must be communicated and consulted to promote the understanding of OHS/risk and the management system among all the organisation’s employees.
Returning to the management system framework: once the operational PLANS and management function are established, they are implemented as part of the ‘DO activities’. The functionality and performance of the management system processes need to be periodically CHECKED and evaluated, normally by audits (e.g. OHS audits) to ensure operational effectiveness and performance.
Where the CHECKS highlight non-conformances, such that management system improvements need to be made by performing ACTS to correct and/or to PLAN corrective measures or system changes to mitigate the risk to achieve an acceptable risk level, and these measures are again implemented through ‘DO activities’.
This article describes how one can easily develop a risk-based H&S management system programme by combining both the 31000 Risk Management & the 45001 H&S Management System standards.

References:
ISO 31000:2009/2018: Risk Management – Principles & guidelines standards
ISO 45001:2018: OHS Management Systems standard.
L Bennett, Risk Assessment – guide to understanding the basics, Safety First Association, published 2006, 2nd edition 2022. (www.safety1st.co.za)
7/2023 -10/2019 

About the author:
Leighton G Bennett is Sole Proprietor of and SHE and Risk Management Consultant with Benrisk Occupational & Construction Safety, Health, Environment & Risk Management Consultants, in Johannesburg (Established in 1999).
He holds a BSc Degree (Natal University) and a Management Development Programme (MDP) Diploma (Durban Westville University Business School), as well as some 28 qualifications and certificates covering: Safety, Fire, Occupational Hygiene, Risk Analysis, Risk Assessment, Enterprise-wide Risk Management, SHE & Risk Auditing, & Asset Maintenance (NOSA, ILCI, FPA, IRCA, DNV, Insurance Institute of USA, CE at Pretoria University, IRMSA/Alexander Forbes).
He is a member of a number of professional bodies and is director and chairperson of the Safety First Association.
He has written a number of articles for various publications.
And perhaps most intriguingly, he is a retired and undefeated SA Masters Ballroom Dancing Champion who, in 1996, represented SA at the World Senior Dance Sport Championships in Germany.
Contact details: Leighton Bennett, +27 (0)83 325 4182, benrisk@mweb.co.za, Benrisk Consulting, 62 Blanca Ave, Berario, Johannesburg, 2195, Gauteng, SA.

Footwear Industry Articles

Leather Industry Articles

PPE Industry Articles

© S&V Publications
×
This website uses cookies to ensure you get the best experience on our website. Learn more
Accept
Untitled Document