Hierarchy of Risk Controls in ISO 45001
All processes within an organization, from procurement of raw material, to production and final delivery involve a number of risks or hazards which people working on these areas are exposed to. The environment an organization exists in could expose workers, visitors, contractors to various risks which could potentially harm their health or safety. These risks may include harmful exposure to; noise, radiation, poisons, dust mechanical or electrical risks such as; falls, slips, electrical equipment or psychological risks like; fatigue, violence, bullying. Clause 8.1 of ISO 45001 requires organization plan, implement and control the processes necessary to meet the health and safety requirements and eliminate health hazards.
Organisations must plan how they will address occupational health and safety related risks to ensure risks levels are as low as possible. ISO 45001 suggests a step-by-step approach using hierarchy of controls to enhance occupational health and safety and reduce or control risks. This hierarchy is stimulated by ISO 31000.
The steps involve:
- Eliminate the Risk: This is the first step organizations should take to control risk. This approach requires organisations avoid the risk altogether. This calls for stopping or not starting the activities itself, which may be cause of potential risk. For example, eliminating the risk of using the hazardous substance would involve discontinuing the use of the substance altogether. This may involve redesigning the process itself.
- Substitute the risk: Eliminating the risk may not always be possible. In such cases, organization should go for the next level of control, i.e. substitute. This involves searching for another method that is less risky. This may include substituting hazardous by the not-so-hazardous or non-hazardous activity or material.
- Engineering Controls: The next level of control is engineering controls. These may be applied to change the consequence of the risk. This step focuses on applying collective protective measures rather than individual protective measures used in Isolating the risk. Design the process so that the hazardous material is locked in, these may include gas detection systems, shutdown systems, ventilation systems to control exposure to hazardous substance.
- Administrative Controls: All the last steps would control the risk to extent or eliminate the risk. In case risk still remains, administrative controls may be applied to remaining risk. This involves providing information, instruction, training, or supervision for the risks involved. A documented procedure or work-instruction comes under administrative control. Restricted access to only trained professional to handle hazardous material is also an administrative control that can be put in place to handle hazardous material.
- Personal Protective Equipment: If the risk still remains, Personal Protective Equipment (PPE) should be used to ensure handling of any remaining risk. This may involve PPE provided to workers for eye, face, hand, forearm protection, as required.
Using this hierarchy of controls, organizations can ensure adequate controls are planned for any OH&S related risks and ensure health and safety of its workers.
ISO Terms Explained
To the novice quality manager, ISO jargon can be extremely overwhelming. What is an NCR? What do you mean by OFI? Are we certified or accredited? But before you go and pull out your hair, let’s take a moment to go over some of the most frequently used terms and their definitions with regards to ISO and Management System Certification.