How to Handle Nonconformities in ISO 45001
ISO 45001:2018 defines nonconformity as “not meeting the stated, implied, or obligatory requirements of standards, rules, or laws”. In other words, it refers to the deviation from a system or documented requirement. As this can be detrimental to workplace safety and the well-being of people, businesses aligned with the ISO 45001 system need to be able to identify and eliminate non-conformities with agility and nimbleness.
While a sure giveaway of nonconformity is the occurrence of an incident, near misses and safety observations can also be indications that need to be identified and corrected before they become a full-blown event. Therefore, to ensure improved safety management aligned with ISO 45001, managing nonconformance becomes critical.
Some of the key factors indicating nonconformities include:
- Improper functioning of protective equipment
- Improper application of regulatory requirements
- Improper implementation of standard operational procedures
Three Ways to Identify a Nonconformity
Businesses today need a strong safety culture, and not only because it is dictated so by ISO 45001 and other safety standards. A strong safety culture that eliminates nonconformities and improves worker well-being will enhance employee engagement, productivity, and brand reputation. Therefore, it is essential to put in processes that help with identifying and mitigating nonconformity risks – by running a robust CAPA management process and preventing future occurrences.
A three-pronged approach to this would include:
- Incident Investigation: Any incident should be thoroughly investigated and root cause analysis must be done to identify the root causes, some of which may be due to nonconformity.
- Periodic Audit: Internal audits will help with identifying nonconformities and other potential risks to workplace safety.
- Worker Feedback: Taking inputs from the workers about safety risks on the shop floor or work sites is important as they are the experts and will have knowledge of near misses and observations, which are critical to improving workplace safety.
Once the nonconformities have been identified, corrective and preventive actions should be taken, the results of root cause analysis communicated with the stakeholders, and the processes tracked and monitored to ensure that the preventive measures are effective.
ISO 45001 system also requires that the CAPA and RCA process be formally documented and easily available to auditors and inspectors.
For the effective elimination of nonconformity, the following actions are recommended:
- The root cause should be identified and CAPA triggered.
- The details of the nonconformity along with the root cause and changes in processes, if any, should be shared with all relevant employees.
- Metrics to monitor and measure the effectiveness of CAPA should be established and KPIs tracked.
- The nonconformity lifecycle should be documented.
- Management reviews should be conducted to review the effectiveness of the safety management program in complying with the ISO 45001 system and improving wherever there is a gap.
Automating the Nonconformity Management Process with a Next-Generation EHS with Built-in Risk Management, CAPA and RCA Modules
Sometimes, identifying and eliminating nonconformities can be very complex and time-consuming. The related documentation is a key part of ISO 45001 requirements, and compliance can be challenging for safety leaders and managers as they fight to optimize resource utilization while continuously improving safety management and minimizing nonconformity.
Managing nonconformity requires various integrated processes, from identifying them to determining the root cause, implementing CAPA, documenting, reporting, and monitoring. It also requires a proactive approach to risk mitigation. Process changes need to be analyzed and the impact needs to be understood to ensure the new processes do not introduce their own set of nonconformities and other risks.
Conducting periodic audits, a robust management review process and tracking progress on open CAPAs are critical to ensure nonconformities are managed well. The entire process becomes easier with an EHS solution that offers a holistic approach empowered by data, analytics, and a risk-based approach at the core. Visibility and traceability are critical and a modern EHS solution like ComplianceQuest certainly comes in handy.
All these can be difficult in a manual process or even on legacy systems. A cloud-based safety management solution aligned with ISO 45001 and enabling end-to-end integration of safety management is critical to successfully managing non-conformities.
Some of the key features of the ComplianceQuest EHS solution that has nonconformity as one of its modules include:
Identify Deviations: A central registry of near misses, observations, and incident-related information help safety leaders identify trends and spot deviations quickly for timely action and prevent it from becoming a full-blown event.
Dynamic Reports and Dashboards: The CQ Nonconformance solution is integrated with a dashboard and reporting feature that allows customized visualization to draw insights and improve safety strategy
Improve Compliance: The Nonconformance solution improves ISO 45001 compliance by empowering employees to report observations and near misses, enabling documentation and audit management. It also helps with a risk-based approach to safety management.
Access to Tower of Safety Data: The management can review data from across locations and functions to understand trends and risks
Mitigate Risks: The risk-based approach of the CQ Nonconformance solution also helps with ranking risks based on severity and frequency and prioritizing mitigation to optimize resource utilization while minimizing damages and cost.
5 Why Root Cause Analysis: The software is integrated with a 5 Why Root Cause Analysis feature that helps with reaching the root cause and finding effective solutions. This is also linked to CAPA, enabling appropriate action to be taken to correct and prevent future recurrences.
Documentation and Communication: A cloud-based solution enables collaboration and communication between teams, and effective version control of documents, approvals, and reviews to improve compliance and workplace safety.
Mobile Ready: It can be accessed from anywhere, anytime, with secure access to respond to events in a timely manner.
To know more, request a demo: https://www.compliancequest.com/online-demo/