Clause 6 is still in the planning phase; this is a specific area around planning.
This is not a demonstration of the risks that you have assessed, basically, this is looking at how you go about doing it. It's the method you use in terms of looking at risks and opportunities, and hazards, and also aspects, environmental aspects and their impact as well.
What you have to do in terms of your compliance obligations. In the planning phase you need to understand and determine your legal requirements and your compliance obligations for the industry. The work in the products or services you provide, and also planning to take action, what actions do you have to take associated to that and your objectives and how you're going to achieve them.
We've got these objectives that are set back in the context, leadership or supporting them, now in this planning phase, let's look at how we're going to achieve them and what are we going to put in place.
And then lastly, it's about change. All organisations going through change, whatever that may be. This area is looking at what methods do we use to plan our change, so that when a planned change happens, it’s understanding what we do in that situation, that we have a method of change management, and this is how it's done.
Actions to address risks and opportunities, what we want to do in this case, is prevent and reduce undesired effects and look to achieve continual improvement.
In terms of the planning phase, for risks and opportunities,
· do we have in place, an effective system that demonstrates how these risks are measured?
· how do we identify them against opportunities?
· are they proportionate to the potential impact in the business?
We think about a risk-based approach to our management system. This is a fundamental area where we want to look at the methods, we are using to address risk?
What are the experiences I’ve had is that people sometimes within organisations believe the area of the working is the most important, it's the most relevant to the business and potentially can have the greatest risk if it's not done really well.
But it needs a slightly different approach to business risks and addressing risks and opportunities, so that it has a group of people look at it to try and decide what areas have the greatest impact, and you can't do that by just sort of sticking your finger in the air and having a guess at it, you really have to go through the process of assessing it, and using others to help with that assessment
In terms of the effects of uncertainty, from a quality point of view, it's the risks that are associated to the uncertainty and what it is that you're trying to achieve.
· What could happen?
· how likely is it to happen?
· what effect will it have if it does happen?
And this is the uncertainty aspects,
· what if we do not deliver those parts on time?
· if we cannot produce that?
· if we cannot fix the item on site?
It's a slightly different mindset to environmental and health and safety risk because that's very focused on people and the environment. I'm not sure I would say easier, but it's certainly more defined.
When we look at it from a quality point of view, there can often be a lot more thought has to go into the uncertainty of things not meeting their requirements.
What's the likelihood of achieving our stated objectives? Is it consistent with what we're expecting? And is it going down the approach of trying to achieve what our customer and internal goals might be? Successful companies intuitively take a risk-based approach regardless of the areas that are working in.
Within the planning, we have to think about our compliance obligations, we have to identify and have access to what our compliance obligations are. Whether that be that we have someone in our organization that recognizes and has the education and knowledge competence to be able to Identify what our compliance requirements are, or whether we use external source consultant or whatever that may be.
The key method here is we have to identify. This is an important first step of making sure that we know all the legal requirements, all that are applicable to us as a business. They can originate local, regional, or national or even international, depending on where we work and activities we do.
And if we don't know, that specific item of legislation exists, how are we going to actually find that out? What are some methods of identifying it and importantly, when we identify legislation, we have to again, look at how it is applicable to our business?
· Are we just throwing that in there because we see it's a legal requirement?
· How applicable is it to our business?
Obviously, there's a whole bunch of legal requirements that as an organization employing people we have to comply with.
What we're really referring too much more here is specifically the ones associated to the business we are working in, the industries that we are working in, and we'll go into that a little bit later. This is just the planning element of it in terms of how we go about identifying what those are.
And we spoke again, about objectives, and how we call it achieve them.
Taking our objectives from the context, the high level, what's expected the commitment from the leadership team, what that’s going to be and how they're going to resource it.
Then it's how do we plan to achieve them?
We want to reduce our scrap by 20%, we want to reduce our recalls, we want to deliver our projects on time, whatever these might be, how are we going to plan to achieve that?
We might want to break it down month by month, we might say we're going to try and have an improvement of 1 to 2% month on month, and that 1 to 2% is going to be focused in these areas, because these are the areas that we had the greatest issues in. When you're planning these areas, it's important that you can show that they can be
1. timeline bound,
2. that they are measurable, and
3. you can evaluate the information.
And again, that's an area that you can clearly internally audit against, so that you can see
· these are the objectives that we plan to set for an end of year or a three or a five-year goal.
· This is how we were planning to do it.
· These are the resources and commitment that we had.
· How are we measuring them and how well is that going?
Auditing against that is a way of being able to throw up any issues or showing how we are in terms of being targeted for achieving what you want to achieve.
Objectives is one of the biggest areas that we hear about in terms of organizations not quite understanding what it means. We often see companies that put exactly the same objective against their management system or against their business plans and objectives year on year, thinking that these have to be specific to health and safety, or specific to quality, or whatever that may be.
Business should look at these as their overall objective,
· Where are the areas of weakness in our business?
· Where are the areas that we want to focus on improvement
whether that be for financial,
whether that be for efficiency,
whether that be for improvement on health and safety culture,
waste control, etc.
I think companies need to take a little bit less focus on the quality objectives, health safety objectives, and look more as a general consensus,
· what is it that we want to try and do?
· why are we trying to do this?
· What's the purpose for our business that we want to try and improve our environmental impact?
Is it simply because our external auditor says we have to demonstrate something,
or is there other ways and means that we can demonstrate our objectives and how
that they are going to be achieved?
When we think about changes in our business, we need to try and understand when we're planning for changes, that we recognize that there's almost a process approach to how it's done.
· What's the purpose of the change?
· What are any potential consequences if we do the change?
· The consequences if we don't do the change?
· Does it have any impact on the integrity of our management system?
These are things we need to look at that could have an impact, some of these changes could change our risks, and we have to consider that.
What about the availability of resources? When we're planning for changes are, we considering the resources we need? When we talk about resources, we talk about human equipment, infrastructure, IT etc.
What about the allocation and reallocation of roles and responsibilities and authorities?
I remember back in 2015, when there was a slump in the oil and gas industry, I was working on an organization at the time where I was an oil and gas operator, where they simply just took a broad brush stroke activity, which was to remove 25% of the workforce. Instead of taking an understanding around what impact that might have, and how allocation and reallocation of jobs went, what actually happened at that time, I remember a number of departments and functions that where they had a low number of people working in them, they couldn't remove 25% so they effectively removed 50%, if it was two people in the organization, one left.
There wasn't a real huge amount of interaction with the person that was left. It was simply a case of ‘you've still got your job, good for you, move on.’ Unfortunately, what I did experience was a number of people that were basically asked to try and do double the workload.
If you can have a think about that in terms of what the potential impacts would be, your management system and purpose of being in business is to try and be successful. If these things happen, and you're in control of it, then you can try and manage expectations, manage inconsistencies and errors, but if it's simply just a case of letting people get on with it, often other errors can occur and often these decisions are made can have significant influencing factors.
In terms of change it is important that we recognize that change can bring about additional significant risk, and importantly, I think, a big part of how it's managed and communicated.
· What are we trying to achieve by this change?
· The consequences of doing it or not doing it?
· What resources do we require to put this change in place successfully?
· What effect will it have upon other staff and their roles?
· Do we understand what the impact might be?
· Could that change affect other areas?
· Could it bring about additional risks?
· Could it have an impact on other parts of the business that we need to understand?
Remember, the whole purpose of this is not actually the results from management of change, but how we actually demonstrate how we will plan to do it. A process approach is a good method of demonstrating how you plan to do changes. And of course, as part of an internal audit it’s a very good example, to be able to look at changes that have happened in your organization and go back and audit the process that you went through.
· Did you follow the management of change process
· Was it properly done?
· Are you able to demonstrate that
· how successful was it?
My name is Chris from FQM. We'd appreciate it if you subscribe to our YouTube channel and follow us on LinkedIn.