ISO 45001 provides a practical, risk based approach to safe contractor management. If you are managing an ISO 45001 Occupational Health and Safety management system, a real challenge can be the safe contractor management as these workers may work for another organisation and report to a separate line of management.
Accidents and incidents can often be attributed to the poor selection of contractors which can have a detrimental impact including loss of life, physical disability, mental health and financial impact. Because of this, ISO 45001:2018 requires you to implement and maintain a process to control the procurement of externals providers (contractor management).
Risk based thinking is a central tenant of the ISO 45001 Occupational Health and Safety standard. Using a risk-based approach means that your organisation can allocate the appropriate level of resources to hazards depending on the risk they pose. For example, contractors employed for office activities would probably be lower risk than a mechanical or electrical contractor.
Risk assessment can be based on a variety of criteria, such that the negative impact of harm on workers, or the potential loss of building premises through fire and subsequent invalid insurance. Decision making should be supported by appropriate evidence that provides confidence. This evidence might include:
It is essential to ensure, during the contractor selection process, that the awarded contractor is legally compliant. Failure to obtain evidence of licensing or competency might cause detrimental effects on your organisation if an incident occurs at any time.
For example, if you are procuring resource to manage Asbestos, ensure that you have identified the need for appropriately qualified asbestos contractors with correct documentation. If you fail to do this, it may lead to breaches of legal requirements, civil claims, loss of insurance and potentially, prosecution.
Once a contractor has been selected, it is essential to ensure there are documented contracts that clearly define scopes of work. ISO 45001 requires evidence to satisfy it’s requirements, and more importantly, any regulator will review any documentation in the event of incident. Using a risk-based approach, a contract maybe as simple as a short description, whereas a more complex scope of work would be written into a schedule of works with stipulated controls.
Prior to work being carried out, and applying appropriate levels of resource to it, it is key to communicate effectively, for example:
Related ArticlesWhat's in ISO 45001