Workplace Health and Safety: organizational models/systems conforming to BS OHSAS 18001:2007

Mauro Ginesi, Fabio Perini S.p.A., Alessandro Mazzeranghi, Rossano Rossetti, MECQ S.r.l.

An approach that derives from a serious analysis of the founding principles of the company's very existence:

a) attention to "ethical" aspects by markets demanding that certain elements permeate the entire supply chain (and not only the chain's final element);

b) attention by public opinion to the issue of safety in general and in particular, to occupational health and safety;

c) finally, the ascertainment that a safe and healthy working environment is an essential element also for personal satisfaction and for the efficiency of everyone involved.

The ensemble of these elements lead companies to re-examine their entrepreneurial vision and to explicitly underscore those values that were previously considered implicit.

When a certain principle powerfully emerges as a founding element of company life, the company inevitably asks itself what it is doing to pursue this value and consequently establishes a modus operandi - which in this case leads to an organizational model/management system for health and safety in the workplace. Of course, it is not necessary to create something totally new! There are legislative documents and voluntary norms¹ that serve as guidelines for the implementation of such a system.

The system's objective and its substance is the review of company organization in order to render it appropriate for preventing job-related accidents and illnesses, firstly through a system of responsibilities and regulations, and subsequently through a continuous improvement process.

Hence a "real" management system (one that serves its purpose) must per force start with the risks present in the company (highlighted by a risk assessment process) and on this basis, regulate at least the activities and processes characterized by significant residual risks, or those that have a relevant impact on safety. Let it be clear that the term "regulate" can (must) be flexibly intended based on the company's organizational structure.

To begin the continuous improvement process, the start-off point must be the management of existing risk situations. Intrinsic to the model is the fact that it is not perfect and that it must be continually improved. This is important because it means that the initial effort will be aimed at attaining a certain level which will then, through continuous effort, undergo progressive improvement.

Implementation: subjects, logical flow and documents.

The cornerstones that contribute to creating the structure for the prevention of job-related accidents and illnesses are those described in the Figure 1.

We are not speaking of system application but rather definition, and hence we leave aside - for now - aspects of training and involvement. Let's look at a possible flow, considering a company with a concrete safety management but one which is not in system form. The company will have a reasonably complete risk assessment documentation, some procedures and a few working instructions. The safety organizational chart exists but it is a summary one, while a clear and detailed job description concerning safety does not.

First of all, we need to have a general overview of the company and then an analysis of its gaps with respect to "acceptable" safety management systems. Once this analysis is made, it is necessary to turn it into a list of actions to be performed in order to attain results - of course we are speaking about macro-actions. The results of the analyses and the action plan must then be brought to the attention of the management and, if confirmation to proceed² is granted, on to the company directors. Once it has been established to proceed, there is a mandatory passage: if the analysis has revealed some gaps in risk assessment, this is the first situation that needs to be remedied, because it represents the basis for the definition of any safety rule (see Figure 1).

At the same time, we can start to work out the organization of safety. Two are the essential elements that must be clearly defined: hierarchical lines (from the administrative organ, to the employer, to the employees) and the task and powers of each (of course, in relation to safety). Tasks and powers have to be made official and they have to be accepted by the "receiver". This leads to a critical re-examination of the entire company organization to make sure that it correctly safeguards - through appropriate capabilities, competence and resources - all the critical aspects of safety.

Once these two aspects are "settled" (risk assessment and definition of roles and responsibilities) the biggest part of the work begins. At this point, the fundamental directions have been given, but the entire purely managerial and operational parts are still missing, i.e. the procedures and instructions aimed at ensuring safe working behavior and modes and a continuous improvement.

Let's start with the procedures. There are two types of processes important³ for safety: those related to organizational and/or operational elements particular to the management system (or to the laws) and the operational ones, already existing within the company and indispensable for its proper functioning, but that have an impact also on safety. The former are compiled into a sort of list that can be extrapolated from applicable norms and laws and cover aspects that span from document management to the organization of management review to the emergency plan. The latter can be found only through an attentive analysis of process-connected risks. This is a complex issue that we can summarize in a few lines:

• For transversal processes (purchasing, maintenance programming, human resources management, etc.), the analysis is performed considering the consequences of possible errors such as lack of verification of the existence of conformity certificates for the equipment, lack of maintenance of a given piece of equipment, etc.
• For strictly operational processes (production, maintenance, cleaning, loading and unloading of materials, etc.), the aspects to be considered are those that go beyond traditional risk assessment. A "classic" example: the performance of electrical maintenance work on an industrial system, where the most critical element for safety is the coordination between the activities carried out by the different people involved.

Having established which processes must be regulated, we can proceed to define first the activities and then the relative responsibilities (meaning who takes certain decisions and who performs certain tasks), and then any detail rules, but this only if the definition of the activities is not self-explanatory. Naturally, if these activities include relevant executive aspects for safety, operational instructions will also have to be provided (unless of course these aspects are plainly obvious).

The experience of the KPL group companies. At the end of 2008, the three Tissue companies of the KPL Group (Fabio Perini S.p.A., Perini Engraving S.r.l. and KPL Packaging S.p.A.) began the design and implementation process of the health and safety management system for employees.

It began with the identification and analysis of the gaps of the organization, i.e. the identification and analysis of "organizational and system gaps"⁴. This led to a review of the DVR - Documento di Valutazione dei Rischi (Risk Assessment Document) to also include those risks connected to company processes, including those that appear "innocuous" such as human resource management.

The review of the Risk Assessment Document constituted the starting point for the implementation of the system. First, a distinction was made between those risks that require a technical measure for their mitigation, and those for which an organizational action is instead necessary. On these issues, Direttori Prevenzionistici - DPs (Health and Safety Operation Managers) were involved, who contributed to clarifying the processes and risks connected to them.

At the same time, a Team was created that saw the participation of Datori di Lavoro Prevenzionistici - DLPs (Health and Safety General Managers), the Prevention & Protection Service (PPS), the HR managers and the legal Counsel for each of the three companies with the task of addressing and supporting the workgroup charged by the management with implementing the system in its "critical" decisions. This Team meets on a monthly basis. The workgroup is instead formed by the leaders of the PPS of the three companies and by external specialists.

The first action that the group undertook was to institute a "register" in each department where employees could note down any problems pertaining to safety. These "registers" are examined monthly by the Safety and Environment Committee, which is comprised of the DLPs, the DPs, the SPP and the maintenance supervisor. The committee analyzes problems and indicates solutions, people in charge of their application and resolution times. This information is then passed on to the employees through the company's safety billboard and through publication of the safety improvement management plan in the company's intranet.

What described above is the approach that the three companies have chosen to "usher in" the implementation of the system with maximum involvement of the entire company population, from the management to all the employees.

The project is a work-in-progress with the aim of certifying the system in accordance with BS OHSAS 18001:2007 by the end of 2010. Now, here are some practical instruments that have turned out to be particularly useful in implementing and putting the system into effect; among them, we have chosen:

• training methodology;
• accident treatment procedure;
• job description.

The methodology used for training purposes regarding the Health and Safety Management System (SGSSL - Sistema di Gestione della Sicurezza e Salute del Lavoro) issues is non-conventional in that it does not involve head-to-head lessons where the instructor illustrates general principles and procedures and trainees listen and learn in a class-room. Rather, we have tried to turn training into an occasion for sharing and comparing the different themes involved, explaining the idea of the project and consulting with all the employees (each for what concerns his/her own department) in order to build-up this system together. Of course, this represents a substantial burden for the structure in terms of hours dedicated by each individual employee involved. But it is above all a way of constantly putting things at stake and reconsidering them, and of underscoring that the company is made up of people, and that safety - just like the product it creates - must be "made up" of people. This approach results in a much greater comprehension and wider application of the procedures for the employees who have actually written them. (Figure 2).

Another effective instrument used was accident management. The aspect that is further emphasized is the importance of communication as a tool for supplying employees with easily comprehensible information on safety, aimed at "making them continuously more sensitive" to this issue. The department supervisor compiles an accident report (accident on the job, damage to property or a near-miss) that is then sent to the other supervisors. If the person compiling the report retains that, in order to define the solution to be adopted, it is necessary to involve colleagues, he or she will call a brief meeting during which a solution will be defined and then endorsed by the DP or the DLP. The solution will then be made official through an internal communication and at the same time, it will be illustrated by each individual supervisor to the employees. The relevant aspect is indeed the diffusion of the solutions to all departments, and hence the opportunity to transfer experiences from one department to another (Figure 3).

Finally, a particular approach to the definition of detail tasks regarding safety: the instrument used to produce the job description relative to Health & Safety stems from the generation of procedures⁵ from which individual responsibilities are merged into the system's database of responsibilities. This activity has allowed clarifying each individual person's responsibilities within the System, in order not to duplicate functions or leave certain areas not provided for. Figure 4: flow of definition of responsibilities.

These are just some examples of the instruments used to implement the organizational model that have allowed us to make certain flows (even informative ones) systematic - something indispensable in order to get the entire company population involved.

Of course, the solutions may be different and depend largely on the size and the articulation of the organization itself, and also on the type of activity performed by the company.

[1] Among which BS OHSAS 18001:2007.

[2] Following an attentive cost/benefit analysis.

[3] For the process definition, refer to ISO 9001:2008.

[4] For organizational gap, we do not mean an unperformed activity by the company, but rather a lack of method on the part of the organization in confronting certain issues.

[5] As can be seen in the figure, the procedures are articulated as follows: procedure defines the organization of a project that is split into phases and activities; for each phase, a person generally responsible it designated, while each activity is briefly described and assigned to a person responsible for its execution. These latter responsibilities (for the execution of a given activity) merge into the job description.