Category Archives: Safety

CSR Auditing and Toilet Paper

In the 1990s I worked for a large paper company and one of the products we made was a name brand toilet paper. As TP goes, this was nice stuff – 2 ply, thick and soft. We marveled that the product didn’t sell well in markets dominated by products that were thin, had holes and fell apart too easily. It baffled us that so many people didn’t care about what ends up on their hands.

Today there is a surprising demand for third party environmental/safety/social/supply chain audits that are equivalent to cheap TP – thin, single “ply” (i.e., one dimensional) and full of holes.   Yet even in the midst of so much reliance on audits, very few buyers of these audit services seem to be concerned. Its not only us that sees this – a fascinating article published earlier this week called out Amazon, The Children’s Place, Gap, Hanes, J-Crew, JC Penny, Kohl’s, Macy’s, Nike, Pink, Polo, Target, Walmart and Zara for “ineffective … CSR monitoring, corporate codes of conduct and industry ‘social audits’ … in protecting the rights, health and safety of millions of workers in global supply chains.”  This, after a decade of CSR audits, is the author’s conclusion.

The article goes on to discuss related failures and inconsistencies in certifications and audit scopes. Our own experiences support this – all too frequently we have seen companies pursuing various certifications solely in order to have a certificate to frame and hang in their lobby. One unfortunately memorable experience came a week after a client had completed their ISO14001 recertification audit. The ISO auditor passed the site with flying colors and was highly complimentary of their program. However, our compliance audit found – with little effort – criminal environmental violations that resulted in the site environmental manager losing his job and one of the few instances where self-disclosure to EPA was warranted without question. This isn’t necessarily a problem with the standards themselves – the problem rests completely with the auditors responsible for assessing the sites.

This criticism shouldn’t be a surprise to anyone who is familiar with current CSR audits and auditors. Certainly there are excellent and conscientious practitioners in the field, but the pricing model of these audits tends to support minimalism all the way around. In a recent article on this topic, we stated our belief that the pricing of CSR audits is directly in response to severe operating cost pressures placed on the manufacturers by the brands. But that circles back to consumer buying preferences as we pointed out six years ago. If attributes other than price and product performance were truly key buying criteria, then the entire economic ecosystem (eco-ecosystem??) would be different.

We do not offer typical CSR/supplier audits because we flatly refuse to compromise our professionalism in order to be cost competitive in this market. Our respect for clients and concern for the risks they face exceeds our desire to compete for revenue from these services in the current market. But, as evidenced by what the article states is an $80B year CSR industry, many people are okay with using cheap toilet paper and don’t seem to care what will end up on their hands.

A few key things you should do to help prevent continuing CSR audit failures:

  • Ensure the audit scope matches the auditor(s)’ backgrounds.  For example, after Raina Plaza, CSR auditors have been increasingly asked to provide information on structural engineering and local electrical code compliance.  These matters require specific technical knowledge beyond that of a typical CSR auditor.
  • Explore the auditor(s) professional qualifications. Do they hold a relevant third-party certification?  How much continuing education do they require on an annual basis?  What fraud detection training have they had?  What are the audit firm process for ensuring independence of the individual auditors, not just the firm as a whole?  Auditors should consider themselves professionals and hold themselves accountable to appropriate standards for qualifications.  If they don’t, that speaks volumes about their attitude toward their work.
  • Test the auditor(s) technical knowledge beyond their checklist.  Does the auditor understand the applicable requirements beyond what is written in the audit checklist or protocol?  There are few times when reality matches the criteria on paper.  You want a professional who is prepared to apply knowledge and expertise objectively and pragmatically, not just check boxes on paper or a screen.
  • Find out how much time the auditor(s) spend onsite, and on each audit activity.  Generally speaking, one day (or less) total on-site is too little for any credible audit scope.  The auditor should reasonably balance their time between document reviews, interviews and visual observations.  If you don’t feel there is adequate time spent or balance in the activities, make your auditor change their practices.
  • Observe – or get feedback on – the auditors’ bedside manner.  An auditor’s attitude and non-verbal cues have a significant impact on the amount and quality of information they are able to gather from the audited entity, and how that entity responds to the audit and corrective actions.  Interviews conducted by the auditor should be non-threatening.  Using active listening techniques without sounding condescending or like a robot is an art form not easily mastered.
  • Look at audit report findings and the cited evidence.  Are findings based solely on interviews?  While this can be acceptable in some settings/situations, information from interviews should be corroborated with another type of audit evidence such as documentation, recomputation or direct visual observations.  If findings are not based on objective and repeatable evidence, make your auditor change their practices.  Issues based on interviews alone should be brought forward in a mechanism outside the audit report as those don’t meet the requirement for a formal finding.
  • Determine how audit reports are peer reviewed – or are they peer reviewed at all?  Does the review require the auditors’ original notes so the reviewer can confirm that the audit evidence supports the findings?  All audit reports should go through a formal internal quality check.
  • Don’t get swayed by broad company or program certifications such as ISO.  While these certifications can be an indicator of internal process formalization, understanding the reality of auditor performance in your specific need is far more important.
  • When considering an auditor, call client references and discuss their experiences, both positive and negative.  Obviously, references are specifically selected to present a positive image.  Expressly ask the reference to offer comments about matters or situations that are not so positive.

Apropos: Dia de los Muertos and the Billable Hour

Today is Halloween in the US and Dia de los Muertos in Mexico.  It is a time based on the idea of reflecting on death.  Now we aren’t being morbid here – instead we grinned at the amusing irony of the timing of this article on LinkedIn which is an obituary to the billable hour.

We absolutely agree with the downsides of billable hours.  All of us at Elm, in prior points in our careers, have had ourselves and clients held hostage by the almighty billable hour.  Over the past several years, we decreased our use of hourly rates and billings – instead working on a daily rate or, increasingly, on a fixed fee basis.

Given all that is right with eliminating hourly billing, a reasonable person might ask why doing so remains ubiquitous for consulting/auditing firms?  Yet another irony for those of us who help client organizations in changing their internal culture – because it’s the way it’s been done in the past. 

Hmmmmm.

Cyber Attack on Iron Furnace Controls Causes Physical Damage to Plant

A few years ago, we wrote about how the growth of cyber attacks should be considered when companies assess environmental risk of their operations.  As highlighted in that article, rogue code was discovered before harm was done.

But an iron foundry in Germany was not so lucky.  As reported in this  WSJ article,

The plant’s control systems were breached which “resulted in an incident where a furnace could not be shut down in the regular way and the furnace was in an undefined condition which resulted in massive damage to the whole system,”

This situation should cause concern to anyone responsible for HSE and sustainability matters.  Malicious control of production operations can result in all sorts of nightmare scenarios, especially where the manufacturing operation involves the use of chemicals.  In the most minor case, environmental permit violations and media coverage are probable.  The worst scenario could involve the intentional weaponization of manufacturing by hacking operational controls and intentionally creating another Bhopal or Chernobyl.

We continue to recommend that companies consider these issues when conducting environmental risk assessments of their operations.

Blog Launch, Webinar Annoucement

Greetings.  This blog was newly launched on February 11, 2010 and we plan to build it over time.

We hope this will become a useful source of information and dialog for those interested in – and actually using – the iPad for EHS auditing.

In the meantime, check out these upcoming webinars are the subject to be held in themorning and afternoon of Febraury 25, 2010.  The cost is a mere $25.

We hope to see you.

PlayPlay

Blog Launch, Webinar Announcement

Greetings.  This blog was newly launched on February 11, 2010 and we plan to build it over time.

We hope this will become a useful source of information and dialog for those interested in – and actually using – the iPad for EHS auditing.

In the meantime, check out these upcoming webinars are the subject to be held in the morning and afternoon of Febraury 25, 2010.  The cost is a mere $25.

We hope to see you.

PlayPlay

The Elm Consulting Group International LLC Launches iPad Environmental Audit Protocols

Following a successful implementation of the iPad for HSE auditing, Elm is today rolling out environmental compliance audit protocol modules for field testing this week.

“We believe this is the first formal environmental audit protocol implemented in the iPad form factor,” said Lawrence Heim, Director of Elm’s Georgia operations and the firm’s lead for iPad service development.

The protocols are reflective of a traditional paper-based format proven in the field over a number of years.   Modules selected for field testing are waste generation, Emergency Planning and Community Right-to-Know (“EPCRA”) and ozone depleting substances.

“In our view, this as a potentially dramatic step forward in HSE auditing.  While version one does not automatically generate audit findings or reports, it has other significant strengths in addition to the benefits already seen by Elm from iPad implementation,” Heim said.

Elm highlights the following features:

  • Flexibility.  The protocol can be used in a manner matching auditors’ own personal styles in collecting audit data.  Handwritten notes are captured in any format, including different “ink” colors, “highlighters”, and line weighting.  While the initial protocol version is based on Elm’s standard audit process, other custom formats can be developed virtually without limitation.
  • Adaptability. Elm’s iPad HSE protocol can be used alongside existing audit systems for initial data capture and organization prior to entering the information into less user friendly, highly structured audit systems.  Also, the resulting PDF file can be attached into other HSE audit systems as supporting documentation.
  • Merging related documents into the protocol.  Documents such as state regulations, permits, plans, applications, agency correspondence and enforcement agreements can be incorporated into the protocol itself without effort of retyping, restructuring or reformatting.  Once the appropriate document is merged, auditors are able to write notes and highlight text directly in the document.  Further, by using a cellphone camera, additional documents can be captured and merged into the protocol in a few minutes while on-site.
  • Languages. The iPad application in which the protocol was created can drastically reduce the need to translate audit protocols and related documents between languages.  Audit documents are captured in their source format and original language, eliminating language translation costs/errors and allowing auditors to use their local language.

“We fully expect a successful test, with only minor changes to Version 1 being necessary.  Additional environmental compliance modules are already in initial stages, awaiting our assessment of the field trials.  Health and safety modules will be developed soon after,” Heim stated.

Law Firm Publishes Details on OSHA Severe Violator Enforcement Program

The law firm of Morgan, Lewis & Bockius LLP has published details about the upcoming OSHA Severe Violator Enforcement Program (SVEP).  The SVEP has been in development for more than a year, but Morgan Lewis indicated that a 27-page draft Directive was sent from OSHA to state officials in early April.

Highlights from the Morgan Lewis review:

According to the draft Directive, the SVEP will “focus increased enforcement attention on significant hazards and violations” by concentrating on employers that have demonstrated “indifference” to workplace safety obligations through willful, repeated, or failure-to abate-violations in four areas: (1) fatality or catastrophe situations; (2) industries that expose employee to the most severe hazards, including those identified in the draft Directive as “High-Emphasis Hazards”; (3) industries that expose employees to the potential release of highly hazardous chemicals; and (4) egregious enforcement actions. Once an employer is selected for the SVEP, OSHA will undertake a number of enforcement steps including enhanced follow-up inspections as well as inspections at other worksites of that same employer, potentially on a nationwide basis…

OSHA will consider any inspection that meets one or more of the following criteria as a candidate for the SVEP:

  • Fatality/Catastrophic Criteria. A fatality/catastrophe inspection in which OSHA finds one or more willful or repeated citations or failure-to-abate notices based on a serious violation related to the death of an employee or three or more employee hospitalizations. Violations under this section do not need to be classified as “High-Emphasis Hazards.”
  • Nonfatality/Noncatastrophic High-Emphasis Hazards. An inspection that finds two or more willful or repeated violations or failure-to-abate notices based on high-gravity, serious violations due to a High-Emphasis Hazard.  A “High-Emphasis Hazard” is one based on a fall or a specific National Emphasis Program (NEP) identified in the draft, and thus includes (1) fall hazards under general industry, construction, shipyard, marine terminal, and longshoring standards; (2) amputation hazards; (3) combustible dust hazards; (4) crystalline silica hazards; (5) lead hazards (based on sampling); (6) excavation and trenching hazards; and (7) ship-breaking hazards.
  • Nonfatality/Noncatastrophic Hazards Due to the Potential Release of a Highly Hazardous Chemical—Process Safety Management (PSM). An inspection that finds three or more willful or repeated violations or failure-to-abate notices based on high-gravity, serious violations related to petroleum refinery hazards, i.e., hazards covered by the petroleum refinery PSM NEP and hazards associated with the potential release of highly hazardous chemicals, as defined by the PSM Covered Chemical Facilities NEP.

… Placement into the SVEP will trigger a number of serious consequences for employers. While actions taken against an employer will be judged on a case-by-case basis, SVEP employers may be targeted for:

  • Enhanced, Broad Follow-Up Inspections. Follow-up inspections of the cited workplace will be conducted after the citation becomes a final order, even if abatement verification has been received. In other words, these follow-up inspections are not limited in scope to whether the identified hazard has been abated, but will also include an assessment of whether the employer is engaging in similar violations. For Construction Industry worksites that close before a follow-up investigation can be conducted, at least one of the employer’s other worksites will be inspected.
  • Nationwide Inspections. Where the agency has reason to believe that a citation is part of a broader pattern of noncompliance, OSHA will conduct inspections at related worksites of that employer.
  • Egregious Violations. All “egregious” enforcement actions—cases where OSHA has alleged instance-by-instance violations of a particular standard—will be considered SVEP cases…

…while OSHA has not announced an implementation date for the SVEP, employers should take the time now, before its implementation, to audit their safety programs to ensure that they are not identified as repeat offenders under the program.

Employers should consider taking the following steps, among others, with counsel:

  • Audit recent citations to ensure (1) that steps to abate those violations have been completed, and (2) that similar problems do not exist in facilities that were not inspected. Employers that adopt a multi-facility curative process for violations, rather than instituting a site-specific, temporary “fix,” may be less likely to receive further citations under the SVEP.
  • Identify worksites with High-Emphasis Hazards and/or PSM hazards, and audit safety practices against OSHA’s NEPs in these areas. These areas of emphasis—from falls to combustible dust hazards—encompass a wide-ranging target group for OSHA enforcement moving forward. These are particularly vulnerable areas for employers, because the hazards themselves are often difficult to identify and abate from a safety perspective…
With the recent catastrophes in the mining and offshore oil industries, companies should expect OSHA to move swiftly and firmly with their new enforcement program.

Largest Fine in the History of OSHA Announced Today

The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) today announced it is issuing $87,430,000 in proposed penalties to BP Products North America Inc. for the company’s failure to correct potential hazards faced by employees. The fine is the largest in OSHA’s history. The prior largest total penalty, $21 million, was issued in 2005, also against BP.

BP entered into a settlement agreement with OSHA in September 2005, under which the company agreed to corrective actions to eliminate potential hazards similar to those that caused the 2005 tragedy. Today’s announcement comes at the conclusion of a six-month inspection by OSHA, designed to evaluate the extent to which BP has complied with its obligations under the 2005 agreement and OSHA standards.

For noncompliance with the terms of the settlement agreement, the BP Texas City Refinery has been issued 270 “notifications of failure to abate” with fines totaling $56.7 million. Each notification represents a penalty of $7,000 times 30 days, the period that the conditions have remained unabated. OSHA also identified 439 new willful violations for failures to follow industry-accepted controls on the pressure relief safety systems and other process safety management violations with penalties totaling $30.7 million.