Rank: Guest 
|
Posted By Taff2
We recently had an audit team on site & they've recommended that we improve our risk assessment process (correctly so).
They mention a 3 tier process:
Strategic risk assessments - by employer (to comply with MHSWR)
Regulatory risk assessments - by competent persons (to comply with PUWER, COSHH, NaWR etc)
Task Based risk assessments - by local teams.
Where does this philosophy come from?
Comments?
|
|
|
|
|
|
Rank: Guest
|
Posted By Chris Jerman
Not sure that they've quite got the right end of the stick there with regard to assessment, but the Strategic, operational, direct approach is well established in larger organisations (well, should be) it's simply another name for top down, bottom up. Again a slight misnomer as it's bottom to middle, middle to top, top decides, instructs middle, middle acts, effect felt at the bottom. Dunno, not that snappy as a title really?
See the thread from today on risk registers - it's relevant to this.
In reality, the bottom should do task based assessment, the middle takes that information and turn it into operational speak - ie relative to compliance and feeds it to the top who look at it in the whole business context - Phew talk about condensed explanation! It's not really a case (in safety terms) of doing separate, stand-alone assessments at each level, one cascades into the other getting fuzzier as it climbs the system.
We used to call it 'communication'
Chris
|
|
|
|
|
|
Rank: Guest
|
Posted By Ian G Hutchings
Taff
It comes from a few different principles. I would disagree that the way it is described is strategic.
Much of it depends on the size and complexity of the business.
The way I normally look at it is:
1) business risks i.e. top level H&S plus financial etc. (see the thread on risk registers).
2) business unit level (sometimes called tactical).
3) work situation / workplace general / task specific (sometimes called operational).
The issue sometimes is that people just look at the tasks and miss the big picture. For example a company may spend loads of time and money on glove policy, when their significant risk is occupational driving.
You can look from a strategic perspective and determine the top ten business health and safety risks (usually done best in a workshop with directors/managers).
Based on this you can then apply the right level of resource for further assessments and controls.
I am not personally a great believer in being legally specific in all areas (e.g. having a PUWER risk assessment). Legislation and guidance should inform your approach, but if the generic and task specific risk assessments are done correctly they will cover the legal requirements.
All the best
Ian
|
|
|
|
|
|
Rank: Guest
|
Posted By Robert K Lewis
You have to remember that the auditors recognise that the system standards for both EHS and OHS have a clause requiring that regulatory compliance is maintained on an ongoing basis. The standards also require that significant relevant legislation is identified. This leads inexorably to the need to assess the regulatory risks faced by the company and how they are controlled.
The strategic stance is one of ensuring that the senior management team is identifying the key business risks and the strategies to control them.
The operational level is about the day to day nuts and bolts ensuring that every significant task has a formal assessment made for it specific to the task - not simply a standard assessment made weeks/months before.
As an auditor that is what it says to me
Bob
|
|
|
|
|
|
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.