In this post on Safety Management Policy, we’re going to look at the policy requirements of a typical project management safety standard. This is the Acquisition Safety & Environmental System (ASEMS).
The Ministry of Defence is the biggest acquirer of manufactured goods in the UK, and it uses ASEMS to guide hundreds of acquisition projects. They will range from the development of large, complex systems to buying simpler off-the-shelf items.
(You may be aware that the UK Ministry of Defence has a terrible record of project failure. I have personal experience of working on both sides of contracts – for buyer and seller. I can tell you that they would have done better if they had followed ASEMS more carefully. The standard is good, but no standard can help if you don’t use it!)
The policy clauses listed here are typical of many found around the world. There is a lot to be learned by studying them.
Safety Management Policy – Overview
ASEMS Part 1 – Policy comprises a series of policy statements grouped in six loosely related sections as follows:
Part 1 – General Clauses
These clauses represent those overarching general requirements that shall be used in all instances. If the clause is self-explanatory, there may not be explicit Instructions in ASEMS – Part 2 Instructions, Guidance, and Support to support them but where these are provided, the Instructions and Guidance will provide a best practice method for compliance.
Clause 1.1 Conform to Secretary of State for Defence’s Policy
Those holding safety and environmental protection delegations shall ensure that in the procuring or supporting Products, Systems, or Services, they conform to the Secretary of State’s Health, Safety, and Environmental Protection Policy Statement.
Clause 1.2 Instructions
The instructions defined in ASEMS – Part 2 Instructions, Guidance, and Support shall be used to manage safety and environmental impact within the Enterprise.
Clause 1.3 Duty Holders
Duty Holders shall be appointed and Letters of Delegation issued in accordance with the Enterprise Chief Executive Officer’s Organisation and Arrangements.
Clause 1.4 Interfaces
Interfaces between organizations shall be identified so that risks across them can be appropriately managed and effectively communicated.
Clause 1.5 Data and Record Format
Data shall be maintained in a format, which satisfies the reporting requirements of senior management within the Enterprise. Auditable records shall be made and kept under review in accordance with relevant legislation.
Clause 1.6 Significant Occurrences and Fault Reporting
All Delivery (Project) Teams shall record and report significant Product, System, or Service faults, accidents, incidents, and near misses to the Enterprise Safety, Health & Environment Committee through the Quality, Safety, and Environmental Protection Team.
Clause 1.7 Learning From Experience
Business Units, Delivery (Project) Teams, or equivalents shall ensure accidents and incidents are investigated to identify opportunities to reduce the likelihood and impact of recurrence. Lessons learned shall be shared amongst all relevant stakeholders to maximize benefit.
Clause 1.8 Training
Enterprise-sponsored courses for system safety and environmental protection shall be the recognized route for achieving suitable and sufficient competence throughout the Enterprise.
Part 2 – Management Responsibilities
Management responsibilities for safety and environmental protection permeate through every Clause, and are the heart of any successful safety and environmental management system; however, these Clauses confer specific requirements upon management and make compliance easier to measure.
Clause 2.1 Organisation and Arrangements
Business Unit Directors or equivalent shall document their Organisation and Arrangements that shall communicate their commitment to the Secretary of State for Defence’s policy statement, continual improvement, positive safety and environmental culture, to minimize adverse effects on the environment, and comply with legal and other appropriate requirements.
Clause 2.2 Communication
Business Units, Delivery (Project) Teams, or equivalents shall ensure that communication procedures are implemented that provide an effective flow of safety and environmental protection information upwards, downwards, and across their organization.
Clause 2.3 Organisational Change Management
Business Unit Directors or equivalent shall identify any increased safety risk associated with organizational change and manage it appropriately.
Part 3 – Safety and Environmental Management System
These Clauses place specific requirements upon organizations and individuals and represent the minimum requirements for a safety and environmental management system. They include the requirement to plan for safety and environmental protection, to enact that plan, check that the plan is working, and to make changes where necessary to improve the system
Clause 3.1 Safety and Environmental Management System
Business Units, Delivery (Project) Teams, or equivalents shall operate in compliance with established Safety and Environmental Management Systems.
Clause 3.2 Safety and Environmental Management Plan
Business Units or equivalent shall ensure that all Products, Systems, or Services have a suitable and sufficient through-life safety and environmental management plan.
Clause 3.3 Stakeholder Agreements
Agreements between Stakeholders shall define and document system safety and environmental protection responsibilities.
Clause 3.4 Availability of Resources
Business Units, Delivery (Project) Teams or equivalents shall ensure the availability of resources necessary to establish, implement and maintain the safety and environmental management system and detail these in a through-life safety and environmental management plan.
Clause 3.5 Core Element Documentation
Business Units, Delivery (Project) Teams or equivalents shall establish, maintain and retain suitable and sufficient information that describes the core elements of the safety and environmental management system(s), their interaction, and any related documentation.
Clause 3.6 Accountability
Individuals deployed to assignments that require the formal delegation of safety and environmental responsibilities, accountabilities, and authority shall be mapped against, and comply with, the requirements of the Enterprise Acquisition Safety taxonomy.
Clause 3.7 Monitoring
Business Units, Delivery (Project) Teams or equivalents shall establish, implement and maintain a suitable and sufficient procedure to monitor and measure safety and environmental performance of their safety and environmental management system on a regular basis.
Clause 3.8 Audit Frequency
Compliance with the documented safety and environmental management system shall be verified via audit at planned intervals according to a published schedule, and as required.
Clause 3.9 Internal Audit
At planned intervals commensurate with the risk:
- Business Units shall audit their Delivery (Project) Teams, or equivalents, safety, and environmental management systems.
- Delivery (Project) Teams or equivalents shall audit the safety and environmental management systems of their projects.
- The Enterprise Quality, Safety, and Environmental Protection Team or their representative, shall audit the safety and environmental management systems of Business Units and Delivery (Project) Teams.
Policy Clause 3.10 Review
Business Units, Delivery (Project) Teams, or equivalents shall review their safety and environmental management systems, at planned intervals commensurate with the risk, to ensure their continuing suitability, adequacy, and effectiveness.
Part 4 – Safety and Environmental Cases/Assessments
These Clauses contain the requirements that each safety and environmental case/assessment shall contain. Defense Regulators may require further, additional, requirements to what is contained in these clauses. Adherence to these Clauses will ensure safety and environmental cases/assessments contain the minimum evidence necessary to support safety and environmental arguments that Products, Systems, and Services are safe to use.
Clause 4.1 Safety Cases
Delivery (Project) Teams or equivalents shall establish and maintain through-life safety cases that provide a compelling, comprehensible, and valid argument that a Product, System, or Service is safe for a given application in a given operating environment.
Clause 4.2 Environmental Cases
Delivery (Project) Teams or equivalents shall establish and maintain through-life environmental cases that provide a compelling, comprehensible, and valid argument that the environmental impact of a Product, System or Service is reduced, or Best Practicable Environmental Option (BPEO) is applied.
Clause 4.3 Identification of Legislation and other Requirements
Business Units or equivalent shall establish and maintain a procedure for identifying and accessing the relevant safety and environmental legislative and other requirements that are applicable to their projects.
Clause 4.4 Legislation Compliance and other Requirements
Delivery (Project) Teams or equivalents shall establish, and demonstrate compliance with, relevant legislation and other requirements.
Clause 4.5 Environmental Impact Identification
Business Units, Delivery (Project) Teams or equivalent shall establish, implement and maintain a procedure for the on-going proactive identification of environmental impacts.
Clause 4.6 Safety Hazard Identification
Business Units, Delivery (Project) Teams or equivalent shall establish, implement and maintain a procedure for the on-going proactive identification of safety hazards.
Clause 4.7 Safety and Environmental Objectives and Targets
Business Units, Delivery (Project) Teams or equivalents shall establish and maintain relevant safety and environmental objectives with a resourced programme to achieve targets.
Clause 4.8 Accident and Incident Records
Business Units, Delivery (Project) Teams or equivalent shall monitor and record accidents, incidents and near misses, where the performance of their Product, Systems or Services results in harm to individuals or damage to the environment and use this information to keep their risk assessments valid.
Clause 4.9 Assessment Approval
Safety and environmental case reports shall be personally approved by the individual with formally delegated authority to confirm their acceptance with the progress of the safety case/assessment and of the risks associated with the project.
Clause 4.10 Independent Assurance
Independent review of the Safety and Environmental Management System shall be ensured, as appropriate and commensurate to the risk, by the individual with formally delegated authority for safety and environmental protection.
Part 5 – Risk management
Risk Management is an essential function of safety and environmental protection and these Clauses reflect that importance. They set both general safety and environmental protection standards and specific the Enterprise requirements that support the need for assurance and performance monitoring to the Defence Board. The requirement to refer risks through Line management is included here.
Clause 5.1 Risk and Impact Assessment
All foreseeable Safety Risks and Environmental impacts shall be identified, assessed, prioritised and managed.
Clause 5.2 Change Management
Business Units, Delivery (Project) Teams or equivalents are to ensure that all new or increased safety risks arising from changes to Products, Systems or Services or to their operating environment are managed appropriately
Clause 5.3 Hierarchy of Controls
Business Units, Delivery (Project) Teams, or equivalent shall adopt a recognized hierarchical approach for achieving a reduction in safety risk and environmental impact.
Clause 5.4 Consultation
Business Units, Delivery (Project) Teams, or equivalent shall ensure that all stakeholders are identified and consulted so that their views and responsibilities are considered when managing safety and environmental risks.
Clause 5.5 Safety Risk
Products, Systems or Services shall not have safety risks that have not been formally assessed, justified and declared to be Tolerable and As Low As Reasonably Practicable (ALARP), unless communicated and accepted by a Duty Holder (DH).
Clause 5.6 Environmental Impact
Significant environmental impacts shall be minimised utilising BPEO.
Clause 5.7 Non-compliance Reporting
In circumstances where the ability of the Delegation Holder to achieve compliance with the requirements of ASEMS may have been compromised, Business Units, Delivery (Project) Teams or equivalents shall take immediate steps to correct the situation. Actions required could include improving the clarity of the authority, instructions or responsibilities provided, increasing resources or correcting deficiencies in practices or procedures. Where resolution of the problem lies outside the control of the Delegation Holder, the issue is to be referred through the line management chain. This requirement is to be applied to any further levels of delegation as necessary.
Clause 5.8 Referral Requirements
Where risks cannot be managed within an individual’s delegated responsibility, the risk shall be formally referred using the Enterprise Risk Referral procedure.
Part 6 – Competence
It is necessary that those involved in safety and environmental protection are suitably qualified and experienced in order for them to perform their roles. These Clauses detail the way that competence is to be captured and assessed.
Clause 6.1 Roles and Responsibilities
Business Units, Delivery (Project) Teams or equivalents shall demonstrate that competence requirements have been established for all roles in accordance with appropriate standards including the Enterprise System Safety & Environmental Protection Competency Maps, Assignment Specifications, and Success Profiles.
Clause 6.2 Suitably Qualified and Experienced Personnel
Business Units, Delivery (Project) Teams or equivalents shall ensure that those engaged in safety and environmental protection are suitably qualified and experienced to discharge their safety and environmental responsibilities.
Clause 6.3 Competence
The competence of all staff with system safety and environmental responsibilities shall be regularly assessed, monitored, and recorded. Staff with formally delegated system safety and environmental responsibilities shall demonstrate their competence to receive the delegation prior to deployment, and their competence shall be regularly monitored and recorded.