Paula Brady of Auva Certification considers whether the pandemic has prompted better methods for auditing management systems.
The COVID-19 pandemic has impacted industries and sectors to varying degrees – but all organisations have needed to keep employees, clients, contractors and service users safe and healthy. The requirements for operating and maintaining a health and safety management system have remained unchanged, and have arguably come even more to the forefront of effective business management.
The question for all companies operating under, or trying to reach, ISO management system standards such as ISO 45001 has been: how do we do this in the current climate? They have had to ensure thorough and effective risk assessments, safe systems of work, guidance documents, signage and, most critically, the monitoring of operations to ensure compliance with COVID-19 requirements, with top-line management involvement – and all of this in addition to normal operational risks and requirements.
Managing and running a compliant ISO 45001 management system has never been so difficult. Scarce resources, due to furloughed workers, have impacted these management systems. This is where the key elements of risk management and the ‘Plan, Do, Check, Act’ mantra of management system standards come into their own. The tools and methodologies developed by organisations to meet ISO 45001 requirements have helped companies to plan and manage their operations during this time. Many of the organisations I have audited during the past 12 months have effectively navigated difficulties related to health risks, resource issues, the restructuring of physical workplaces and the restructuring of the working day by utilising their health and safety management system toolkit.
The rise of remote auditing
ISO certification bodies have needed to ask themselves: how can we deliver our certification services safely without impacting our quality of service? The answer has been remote auditing. Fortunately, the industry quickly realised the specific risk that on-site audit team visits posed to client companies during the pandemic. Pre-pandemic, auditors would visit up to five companies on-site a week. This raised not only the risk to the auditor’s safety, but threatened to spread the virus and effectively shut down the companies visited.
The move to remote audits has been aided by the fact that many organisations have moved to remote working. The technological developments in software and hardware, online communication and documentation-sharing platforms have eased this transition. Remote auditing, while not always ideal, offers indisputable benefits for client companies and auditors alike.
First and foremost, it is by far the safest option for all involved. Online meetings have proved effective for interviews with key staff, and remote working has meant that audit plans are followed more effectively.
Documentation sharing platforms have had the added benefit of moving the organisations involved towards a paper-free office. This has resulted in improved document and record control and is also more environmentally efficient.
Virtual site visits are possible and can be fully interactive through online communication software. I have successfully conducted many virtual audits – including a United Kingdom Accreditation Service (UKAS) witnessed virtual audit.
Preparation is the key to success, for both the company being audited and the awarding certification body. Many certification bodies have developed their audit plans to specifically highlight the potential documentation and records the auditor may require. Some certification companies have also developed checks and measures to ensure the auditee has the required technologies to enable a remote visit. I have found that companies have really increased their preparation and commitment to the audit process, which has resulted in a more in-depth understanding of the process than ever before.
As lockdowns ease and vaccination programmes progress, we have been able to begin making partial remote visits in which site operational visits are completed and the remainder of the audit is completed off-site. This allows for the best of both worlds. While an effective site/premises audit can be completed virtually, greater value sometimes comes from the auditor’s access to the wider context of the location and surroundings.
As we move towards a new way of working and living, it is important for an organisation to review its health and safety management system and ask: what could we have done better? Even if they have had to downsize, it will be vital for companies to ensure their systems and processes continue to meet requirements, in order to prove ongoing performance improvement and organisational excellence when bidding for new work.
Additionally, auditing the organisation’s response to the past 12 months by employing the ‘Check, Act’ portion of the methodologies behind the ISO management system standards will highlight any areas that need to be reviewed.
This COVID-19 situation is unprecedented in recent history, but it is not the first pandemic the world has faced. Has your organisation sufficiently resourced and developed a health and safety management system that will ensure it can manage all risks faced within its greater context, both now and in the future?
Paula Brady is chief operating officer Northern Ireland/Republic of Ireland at Auva Certification