Clause 7.3 Awareness (secrets revealed)

Are you confused about the requirements of clause 7.3 awareness? If so, then continue reading the secrets to this requirement. When I’m teaching students on an Internal Auditors course, and after delivering the theoretical portion of the learning, I would have them go out on-site to perform a very short practical audit. The questions that I would set for them for the interview were all based upon this clause. They were to ask the following:

• Do you know where your quality policy is located?
• Could you briefly describe what a policy is?
• Could you give a very brief description of what is contained within your companies’ policy?
• Do you know what quality objectives are?
• Are you aware of any objectives that affect you?
• Do you know how you contribute to the quality management system?
• What do you think the consequences of not conforming to the management system might be?
  
  

How does it relate to auditing?

After doing these hundreds of times, I would like to say that upon reporting back after auditing for a couple of hours the results were positive, but unfortunately in approximately 8 out of 10 test audits the results were very disappointing. As always, the reasons why are simple and were caused by a lack of very basic education and communication on aspects of the management system. I always find it quite odd that organisations are prepared to spend fortunes on adopting and maintaining a management system and yet will fail to provide some basic education and training for it.

What about 3rd party auditors?

Take heed because almost all 3rd party certification auditors will ask that same set of questions to a set of randomly sampled workers. When you consider the quality policy in the top-most document of the management system, failures in this area are likely to be taken quite seriously. Educating ‘everyone’ on this topic can be achieved quite simply through the use of a 15-minute toolbox talk. A lot of organisations provide basic education on this topic during a new employee induction training. Unfortunately, the mistake they make is this is the only time it is done. When a new employee is attending an induction day, they will be having their headspace bombarded with all sorts of new information. Getting them to remember all the points of this topic along with health and safety, security, IT passwords etc. is wishful thinking.

Induction Training.

Yes, do it on the induction day but also have repeat training at least once a year for all workers. If you’re in the habit of walking through different areas of your workplace, then make it a habit of occasionally asking a random worker one of the questions from the list above. After a short time, this will then become somewhat of a game. Workers will almost be expecting a question from you on this topic each time they see you. It’s important to have everyone schooled in this topic area so that they can answer a 3rd party auditors questions confidently should they need to. This requirement is simply asking your employees to be aware of the quality policy, what it means, how the global objectives are driven by the policy, how they contribute to the QMS and what the consequences of not conforming will be.

You can communicate and educate this topic in various ways including using:

• Email
• Newsletters
• Posters
• Induction training
• Formal classroom training
• Informal toolbox talks
• Interactive online training

7.3(a) The quality policy; are your employees able to locate the nearest copy of the quality policy on a notice board or a computer terminal? Could they provide a basic high-level description of what a quality policy is? Could they describe in very simple terms the contents of their organisations quality policy? Would they know how the policy relates to their job roles and the tasks associated with it.

7.3(b) Relevant quality objectives; your quality policy is the driving force behind your global objectives. Objectives are target-based and have to be actioned, monitored and maintained. While the concept of a quality policy might be quite abstract to a great deal of employees the practicalities of objectives are far easier for them to understand. Objectives should be:

• Accessible, paper-based or on the IT system.
• Described in terms of their importance to the organisation and its context.
• Described in terms of how they are being monitored and measured.
• Explained in relation to job roles and how employees can contribute to objectives.
• Relevant, current and updated when necessary.

7.3(c) Their contribution to the effectiveness of the QMS and the benefits of improved performance; by following procedures, safe systems of work, risk assessments, completing forms, performing waste reduction and recycling activities are all ways in which employees contribute to the management system but do they know this? Could they describe it this way to a 3rd party auditor? Could they describe it in terms of benefits such as customer loyalty, customer retention, increased productivity, better environmental management and making the workplace a safer place to work?

7.3(d) The implications of not conforming; this is where you are asking your employees to be aware of and describe all the bad things that could possibly happen as a consequence of not conforming to the requirements of the management system. This might include increased product defects, accidents, environmental pollution, increased use of landfill sites for waste, loss of customers, poor reputation, breaches of legislation resulting in fines, breaches of contract, loss of employment, loss of management system certification etc.

I’ve mentioned 3rd party auditors during the discussion of this topic. The point of this clause is not simply to prepare your employees for the questions posed by an auditor. The important message and learning to be communicated from this clause requirement to the employees is how important the management system is, how it applies to them, how they can contribute to the management system and make the organisation and its processes more effective. It’s also asking you to make your employees aware that non-conformance to the requirements of the management system can have potentially serious consequences.

ISO Awarenss Training

I’m a firm believer in education, communication and training when implementing and maintaining management systems as an ongoing process. Too many organisations leave this topic only to be performed on the new employee induction day. Management systems are dynamic entities that are likely to change according to the risk and the opportunities of the environment in which they operate. Because of this, objectives and processes will require updating, which highlights the requirement for regular communication and training.

The management system will affect everyone working within your organisation. Realising this, each employee within the organisation should at least be provided with some basic training on the management system and in particular, the concept of continual improvement. I think it’s unfair to ask employees to conform to the requirements of the management system when they may never have heard the phrase ISO 9001:2015 or similar, don’t you?

ISO Management System Implementation.

To implement and maintain a management system successfully and have all employees ‘on-board’ and enthusiastic about it, you will need to educate them about the benefits of the system. Try to communicate the benefits both from a global, organisation perspective and also the personal benefits to individuals with their daily tasks. If an individual knows that performing a task according to a standard operating procedure and under the guidance of a risk assessment will make their job safer and cause fewer product defects, they will be more likely to support the requirements of the management system.

It’s often the cultural attitude to the management systems that can make them fail. Some organisations just seem to ‘get it’, they realise that the management system is not just a tick-box exercise so that they can gain certification, but it can bring multiple long-term benefits to the organisation.

The benefits of implementing and maintaining management systems are many and include helping you to:

• Identify risks and opportunities
• Prevent problems from reoccurring
• Gain customer loyalty and retention
• Improve process performance
• Make your business more competitive
• International recognition
• Win contracts
• Promote continual improvement
• Increase your efficiency
• Managing change
  
  

The list is quite endless but if you can communicate some or all of the above in a meaningful way to all interested parties, then you will be embracing the ethos of clause 7.3 awareness and its requirements.

ISO 14001:2015

The clause 7.3 requirements are the same except for:

7.1(b) The significant environmental aspects; are your employees made aware of the environmental aspects of their work and the potential impacts associated with the tasks they perform? For example; are they aware of the protocols and environmental legislation related to which chemicals and the safe amount that can be disposed of down the domestic drain?

7.1(c) The implications of not conforming to compliance obligations; compliance obligations can include adopted, contractual or legal compliance. For example, your organisation might be adopting a commitment to waste reduction, a contract might also specify requirements for waste recycling or legislation might require that a certain product you use is not sent to a landfill. Are your employees aware of these compliance requirements and the potential consequences of non-conformance?

ISO 45001:2018

The clause 7.3 requirements are the same except for:

7.1(d)Incidents and the outcomes of investigations relevant to them; communication is crucial here, a fundamental concept of health and safety is to report and investigate incidents. The results of which are fed into the corrective action process where improvements are designed and implemented. It’s all about prevention and learning from any incidents as they occur. The output from all of these processes must be communicated to all interested parties.

7.3(e) Hazards, OH&S risks; this relates to the requirements of ISO 45001:2018 clause 6.1.2.1 Hazard identification and assessment of risks; It would be pointless to perform hazard identification exercises and then not to communicate the results to all interested parties. This clause formally requires that you communicate your hazards to all interested parties.

7.3(f) Ability to remove themselves from work situations that they consider present an imminent and serious danger; this is self-explanatory. It will be interesting to see how organisations implement this requirement. I think the standard is to be commended in its efforts here, no worker should be asked to perform a dangerous task unless it is fully controlled by a risk assessment and safe system of work.

For Auditors:

Interview against the following:

• Do you know where your quality policy is located?
• Could you briefly describe what a policy is?
• Could you give a very brief description of what is contained within your companies’ policy?
• Do you know what quality objectives are?
• Are you aware of any objectives that affect you?
• Do you know how you contribute to the quality management system?
• What do you think the consequences of not conforming to the management system might be?
• Check for awareness training records and awareness campaigns tools such as posters etc.

ISO 14001:2015

The same as for ISO 9001:2015 but also ask:

• Are you aware of the significant aspects of your job and how they might interact with the environment?
• Are you aware of what compliance obligations affect your job role and what non-conformance to these obligations might mean?

ISO 45001:2018

The same as for ISO 9001:2015 but also ask:

• Are you being made aware of the outcomes of incidents and investigations?
• Are you made aware of hazards and the risks related to your job role?
• Are you aware of your ability to remove yourself from dangerous situations?
• Investigate management review records in terms of output for continuial improvement.

Some further questions that I will be answering in future articles include:

• What is competence training and awareness?
• What is ISO awareness?
• What are the implications of not conforming to QMS requirements?
• How do you communicate ISO awareness?
• How are interested parties made aware of non-conformances?