Andrea Aulisi The advantages of integration between multiple management systems are known to everybody, but I have never heard about quantitative measures (or at least estimates!) of the benefit of integrating. According to my data, based on an economic control system before and after the integration, the time saved by implementing integrated 9001/18001 varies from 40 to 60% versus having two different systems. And, this doesn’t count benefits in terms of efficiency, effectiveness, and quality!
Integration is Natural
Many common points stand out when integrating ISO 9001 and OHSAS 18001 management systems so they can be exploited for an integrated approach. There are many processes in common, as we will see later, that lead to a very interesting series of synergies with consequent saving of time, money, and even better results.
In the next two years the structure of the standards will further converge according to ISO Annex SL, making both standards (ISO 9001 in 2015, OHSAS 18001 maybe in 2017) aligned by adopting a unique structure in 10 clauses:
- Scope
- Normative References
- Terms and Definitions
- Context of the organization
- Leadership
- Planning
- Support
- Operation
- Performance evaluation
- Improvement
And, this structure will be common to all the ISO family norms in the world (the first was 22301 in 2012).
Differences between ISO 9001 and OHSAS 18001
However, the integration of ISO 9001 and OHSAS 18001 is particularly delicate because the rules cover different business risks.
In fact, while ISO 9001 is centered on the “core” business activities of the company and analyzes risks to quality, OHSAS 18001 addresses issues for safety, and therefore activities not related to production. Specific safety requirements of OHSAS 18001 can be implemented separately from one another, and this will positively affect the integration of other elements:
- Assessment of security risks. Security risks must be assessed: identifying hazards, estimating probabilities, evaluating risks, and defining actions to be taken.
- Legal requirements. An important section at the basis of the safety management system is the identification, fulfillment, and verification of legal safety-related requirements.
- Emergency management. Management of emergencies must be controlled. In addition to being a legal requirement, the importance of proper planning, exercising, and testing of emergencies is not always clear.
Where to start?
The most natural answer to this question comes from the common ground where both standards were born: Deming’s Plan-Do-Check-Act Cycle. This well-known cycle of improvement has helped hundreds of thousands of companies worldwide to improve year after year for the past 20 years.
The first phase of the cycle, Plan, is when you design the entire system, and when the vision of the system is fulfilled. The following questions (along with a few others – see next paragraph for a complete list) are the basis of the construction of the integrated management system according to ISO 9001 and OHSAS 18001:
- What skills do I need for both quality management and health & safety management?
- Which documents are common for both QMS and HSMS?
- What are the common objectives for both quality and health & safety?
- What resources do I need for the implementation of both ISO 9001 and OHSAS 18001?
Common requirements of ISO 9001 and OHSAS 18001
We can now establish a set of contact points to begin to integrate these two very important rules. The contact points are:
- Definition of a policy for quality and safety: top management defines the basic principle for each aspect.
- Setting goals: they are different for Quality and Safety, but the mindset and the review and monitor process is the same.
- Resources disposal: no improvement is possible without budgeting time or money resources.
- Process of risk management: ISO 9001 will include this requirement from 2015 on.
- Responsibility and Authority: key roles for an effective management of quality and safety should be defined, and sometimes may coincide.
- Competence, Training and Awareness: quality and safety requires skills and awareness, and not only for those who are directly involved.
- Communication: both quality and safety management systems require communication.
- Control of System Documents: the requirements for document management are the same for both standards. (See also: Some Tips to make Document Control more useful for your QMS)
- Control of Records: the requirements for records are also the same for both standards.
- Monitoring and measurement: indicators and measures are different for Quality and Safety, but the review and monitor process is the same.
- Management of non-conformity: the requirements for non-conformity management are the same for both standards.
- Corrective and preventive actions: the requirements for corrective and preventive actions are the same for both standards.
- Internal audits: the requirements for internal audits management are the same for both standards.
- Management Review: the requirements for management review are the same for both standards.
It appears evident that the similarities of the two standards are so wide that integration can bring great benefits to the System Management; however, there are some aspects that make this operation delicate, because the risks to quality are different from health & safety risks.
Integrating 9001/18001 systems gets you immediate management buy-in!
It is definitely possible to integrate ISO 9001 and OHSAS 18001: in my experience, when I first completed an ISO 9001 / ISO 14001 integration project (see also this article: Integrating ISO 9001 and ISO 14001) with a safety management system, OHSAS 18001 didn’t exist as a standard yet. After many years and many integrated systems, I can say that integrating OHSAS 18001 in a company that respects safety standards and is ISO 9001 compliant is a feasible job, especially for those who have solid experience, and it can be done within a few days of work.
