Strengthening Human Factors in a Management System – ISO 10018:2012

Hold on to your seat! ISO recently published a new management system plug-in, with an addition to its 10000 series of guidance documents on quality management.  The new standard is called Quality Management – Guidelines on People Involvement and Competence – ISO 10018:2012.  It was published on September 1, 2012. The standard states that is intended to support ISO 9001 implementation, and that it also can facilitate “people’s involvement” in other management systems, e.g ISO 14001, 50001, 28000.

Beyond the direct ISO management system implications, my sense is that ISO 10018 will help organizations that been adverse to establishing competency criteria in EHS/S, as well as other areas. Read More


Generation Flux – Challenges and Opportunities

Generation Flux is a new distinction introduced in several recent Fast Company (FC) articles.  This notion builds on terms, such as, Gen X, Gen Y, and Millennials, used broadly to describe generational characteristics.  I learned about this evolving idea at the AIHA Fall Conference this past week in San Antonio.

This term, coined by FC’s editor, Robert Safian “is less a demographic designation than a psychographic one: What defines GenFlux is a mind-set that embraces instability, that tolerates – and even enjoys – recalibrating careers, business models, and assumptions.”  Safian’s articles provide an overview on how numerous large traditional organizations (e.g. Nike, GE) and newer, smaller start-ups are embracing Generation Flux.

Read More


Boards and Risk Management

Increasing risk oversight is a priority of boards and management since the global financial crisis, but many are unprepared to do this according to a recent report from the Canadian Institute of Chartered Accountants (CICA). A Framework for Board Oversight of Enterprise Risk presents a nine-step roadmap to help directors identify, understand and address enterprise risk and recognize potential compounding effects when risks collide.  The roadmap is sound and also can be a valuable resource for risk management professionals.

The CICA report states “a common concern among boards of directors is the lack of a comprehensive framework and toolsets to assist boards to structure an effective, robust risk oversight process.”  Key activities in the CICA framework include: identifying risks; analyzing, validating and prioritizing them; determining risk tolerance and risk appetite; managing risk through various response strategies; and ongoing monitoring.  These are similar to recommendations included in ISO’s risk management standard (31000) and their business continuity management system standard (22301). Read More


The intersection of sustainability and business continuity: Water cascading through ISO 22301

The importance of water cannot be over estimated.  It is of course essential to life.  Many businesses have known for some time that it is essential to their products and production process.  From an ISO 14001 perspective, companies often list water as a significant aspect.  From a business continuity perspective, many companies have identified water (or lack of) as a significant BC threat.

Since my post on July 19, I have been writing short pieces about the new ISO Business Continuity Management System (BCMS), called ISO 22301:2012 and thought about this new management system standard while reading a report from ABC News on work that beverage companies are doing to conserve water.  These efforts include building alliances with NGOs such as the Nature Conservancy and the World Wildlife Fund, and proactively protecting watersheds. Read More


Communication and ISO 22301 – Grist that make the Wheels Turn

Communication is grist that makes the management system wheels turn.  This section within management system standards (MSS) have historically addressed, to varying degrees, the internal and external mechanisms used to communicate information and knowledge about the management system, the content it address, and specifics about hazards and risks.  It is a MS’s information conduit, much like blood vessels in humans.  Actors in the communication scheme include senior management, employees, vendors, contractors, regulators, and neighbors, to name a few. Read More


Context of the Organization – A 360 Perspective and ISO 22301:2012

Black Swan events, holistic business continuity, Emerging Risk Audits, and non-financial risk management are terms swirling in C-Suites, on Boards, and in the business, risk management and auditing literature.  Also swirling around are discussions about sustainability, corporate social responsibility, organizational resilience, as well as organizational health.

The confluence of these signals suggest an emerging business model that incorporates a 360 Perspective. Central to this perspective is a systems view and an integration orientation. Read More


Deepwater Horizon – U.S. Chemical Safety Board Releases Preliminary Findings

In a presentation yesterday, the U.S. Chemical Safety Board (CSB) released preliminary findings from its investigation of the Deepwater Horizon drilling rig, well blowout on April 20, 2010.  Several investigation reports have been issued, including ones from BP and The Bureau of Ocean Energy Management, Regulation and Enforcement (BOEMRE)/U.S. Coast Guard Joint Investigation Team.  I have discussed some of the findings in previous posts and will address some of these issues in future posts.

In the presentation, the CSB said “BP focused too much on the little details of personal worker safety instead of the big systemic hazards that led to the 2010 Gulf of Mexico oil spill and wasn’t as strict on overall safety when drilling rigs involved other companies that they hired.” Safety board managing director Daniel Horowitz told the AP that “BP applied lesser process safety standards” to rigs contracted out than it does to its own facilities. “In reality, both [drilling contractor] Transocean and BP dropped the ball on major accident hazards in this case.” The CSB went on to state that BP “did not conduct an effective comprehensive hazard evaluation of the major accident risks for the activities of the Deepwater Horizon rig or for the Macondo well” because the oil company’s large risk evaluation program “looked only at BP assets, not drilling rigs that it contracted” to other firms for operation.  Read More


Use ISO 22301 to Help Develop Your Risk Management System

As mentioned in a previous post, ISO recently published a management system standard (MSS) devoted to business continuity.  It is titled ISO 22301:2012, “Social security – Business continuity management systems – Requirements.”  This is one of the first ISO management system standards that follows the generic MS format presented in ISO Guide 83.

This post is one in a series that will focus on ISO 22301, also referred to as a Business Continuity Management System (BCMS).  For those of you who are contemplating either an upgrade of your existing EHS or security management systems, or are considering the development of a risk management system that is tailored to ISO 31000, you might want to consider using ISO 22301 as your guide and template.  This could provide a win-win for you and your organization. Read More


Business Continuity Management Evolves, Meet ISO: ISO 22301:2012

Since events such as 9/11, Katrina, the SARS (severe acute respiratory syndrome) pandemic of 2002/3, the 2011 Tohaku earthquake in Japan, and others, the field of Business Continuity Management (BCM) has become more formal and taken on greater visibility in overall organizational risk management.

Some of this evolution is seen in the recently published ISO Business Continuity Management System (BCMS) standard, ISO 22301:2012. The ISO Technical Committee (TC) that developed 22301:2012 is ISO/TC 223.  This TC’s overall subject area is “Societal Security.”  ISO indicates that TC 223 is working on an ISO 22301 companion guidance document that will be called ISO 22313

ISO Focus+ reports that work on ISO 22301 originated in 2006 during a workshop on Emergency Preparedness and that an interim guidance document (ISO/PAS 22399:2007) was prepared that addressed business continuity (BC) and incident preparedness. Read More


Strengthening CEO Links with EHS/S and Risk Management

A recent survey of leading European companies, conducted by the Ashridge Business School and University of St. Gallen and reported in the MIT Sloan Management Review (Spring 2012), suggests that links between corporate functions and the CEO could be stronger.

Some of the reported consequences of these weak links include: mixed performance, more bureaucracy, a sense of C-Suite interference, lack of cooperation from operating managers, and a focus on transactional issues as opposed to value-added ones.

Read More

Page 1 of 912345...Last »