Issue 122 – Is “safety” out-of-scope during a QMS audit?
ISO 9001:2015…
Is “safety” out-of-scope during a QMS audit?
I appreciate receiving emails with questions and/or comments from readers of this Newsletter… please continue to do so since it provides me with ideas on what these publications should cover. In my last Newsletter (ISO 9001:2015 Newsletter Issue 121) we discussed the topic of “Are you using “red stamps” on hard-copy printouts of documents?”, and now in this Newsletter we will discuss “Is “safety” out-of-scope during a QMS audit?”.
The ISO 9001:2015 Element numbering…
Element 4 – Context of the organization
Element 5 – Leadership
Element 6 – Planning
Element 7 – Support
Element 8 – Operation
Element 9 – Performance evaluation
Element 10 – Improvement
Is “safety” out-of-scope during a QMS audit?… My first response is that “safety” should never be out-of-scope during any audit. However, there are two words that every auditor needs to always remember… “it depends”… let me explain… if I see an obvious safety infraction that could physically harm either the person them-self or others, then I would intervene and report it immediately to someone in authority… if on the hand I observed an issue pertaining to the safety management system that was not an acute safety problem then I would move-on and stay focused on the QMS that I am auditing.
The reason I decided to cover this topic in this Newsletter is because I have run across a few External Auditors who take great liberty in including “safety” within their audit radar. I have two examples where my Clients unfortunately had to deal with this issue. The first example occurred during an External Audit when my Client was advised that OSHA needed to be added as an “Interested Party”, under Clause 4.2 of the ISO 9001:2015 Standard. Luckily I was able to intervene and help my Client push-back because OSHA could care less about the “Quality” of their product… and that’s all that Clause 4.2 is focused on. The logic being spouted by the External Auditor was that OSHA could shut-down the facility and then all Customer Orders would get delayed. My response to that was “then should we also include Banks… as well as the Security and Exchange Commission (SEC)… since they both could shutter the business fairly quickly?”… common sense eventually prevailed and OSHA did not have to be added as an “interested party” for their QMS.
My second example happened quite recently when I was attending an end-of-day debrief session conducted by an External Auditor who was auditing a QMS + EMS integrated system. This particular External Auditor was passionately describing how awful it was that he had seen “Safe Work Permits” that were not filled out properly, nor signed off, and implying that a major non-conformance was being considered. Upon hearing this, my initial reaction was “He’s way out-of-scope”.
Here is the response I gave to my Client explaining my position:
a) The word “safety” does not show up as a “shall” requirement anywhere within the ISO 9001:2015 Standard… therefore the “Safe Work Permit” is out-of-scope for the QMS… in fact Section 0.4 [Relationship with other management system standards] explicitly states that “safety” is covered in other ISO Standards… it states… This International Standard does not include requirements specific to other management systems, such as those for environmental management, occupational health and safety management, or financial management.
b) If your QMS does NOT reference the “Safe Work Permit” document… then the “Safe Work Permit” is out-of-scope with respect to “document control” (Section 7.5) of your QMS;
c) The word “safety” does not show up as a “shall” requirement anywhere within the ISO 14001:2015 Standard… therefore the “Safe Work Permit” is out-of-scope for the EMS;
d) If your EMS does NOT reference the “Safe Work Permit” document… then the “Safe Work Permit” is out-of-scope with respect to “document control” (Section 7.5) of your EMS… the only section remotely connected to “safety” is Clause 8.2 (Emergency preparedness and response), and a “Safe Work Permit” has nothing to do with an “emergency” situation.
When is “safety” NOT out-of-scope?… Well the easy answer is: “Safety” is IN scope when you are auditing a Health & Safety Management System that is modelled upon the ISO 45001:2018 Standard… or alternatively, “safety” could become part of your audit scope if you are auditing an Environmental Management System (EMS), based on the ISO 14001:2015 Standard, but only IF that EMS makes reference to the entire safety management system, including its associated safety procedures and safety documentation.
Be sure to watch for our next Newsletter issue where I will be answering some of the questions that I get from Readers of my Newsletters about how to implement the requirements of ISO 9001:2015 in a specific and practical way, that will also help improve business performance…
To view all of our past Newsletters or to sign up to receive them… click here
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Need Help?
ISO 9001:2015 Internal Audit Outsourcing (we can do it for you OR with you!)
For cost effectiveness, the Internal Audit function can be outsourced to an external experienced auditor on a periodic basis. This will provide an independent and objective assessment to management, of where process issues may exist, along with identifying opportunities for improvement. It will also provide the evidence needed to satisfy the Internal Audit requirements in the ISO Standards. We have used two different approaches with this service: a) We conduct the entire audit ourselves, or b) We act as the lead auditor, and along with your Team of internal auditors, we complete the entire audit together. This latter approach allows your people to receive guidance and direction from an experienced lead auditor while at the same time maintaining significant involvement in the internal audit process.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Internal Process Auditor Training for ISO 9001:2015
The two (2) day Internal Process Auditing for ISO 9001:2015 Training Session is focused on a process approach to auditing with the objective being not only to assess conformance of the quality management system, but also to uncover process improvements during an audit. This goes hand in hand with the process auditing requirements found within ISO 19011 and the process approach covered in ISO 9001:2015, which promotes continual process improvement throughout this Standard. An enhanced checklist is developed, and there will be workshops throughout, to reinforce learning, as well as a live, practice audit. If you are looking to meet the ISO 9001:2015 internal audit requirements and to “raise the bar” for your internal audit program then this is the course you should consider.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Until next time…
Tim Renaud
Helping Business Professionals Reduce Risk and Remove Waste!