achieving a top-performing environmental health …...2010/01/01 · company’s ehs program...
TRANSCRIPT
Internal Audit, Risk, Business & Technology Consulting
Achieving a Top-Performing Environmental Health and Safety ProgramElevating EHS capabilities begins with a comprehensive risk diagnostic
Getting a precise read on the current state of a company’s EHS program requires a systematic and objective assessment. Third-party EHS experts are well positioned to diagnose, test and validate existing EHS processes.
At companies with leading EHS practices, EHS is not the responsibility of a single manager, team or department. Instead, EHS responsibility is shared throughout the organization and supported by a broad range of enablers, including training, per-formance measures, process integration, budget consideration and the right tone at the top.
It is far more cost-effective (and risk-savvy) to be proactive and invest the time, energy and resources necessary to develop leading EHS practices than it is to pay fines and perform mandated corrective actions in the wake of a significant EHS incident.
Achieving EHS compliance is not a one-time push. OSHA requirements and environmental regulations change constantly and require vigilant monitoring as well as continual adjustments to internal approaches and processes to stay current.
Achieving a Top-Performing Environmental Health and Safety Program · 1protiviti.com
Environmental health and safety (EHS) ini-
tiatives centered on achieving zero accidents
reveal almost nothing about the quality of an
organization’s management and implementa-
tion of EHS standards. Although zero-accident
initiatives are useful components of most EHS
programs, tracking historical measures, such as
past accidents, is rarely as useful at preventing
environmental and safety mishaps as monitoring
leading indicators. Leading indicators should
be actionable by helping organizations mitigate
risks associated with the current regulatory
environment. Leading indicators also should
proactively gauge the effectiveness of the
process while highlighting areas for improve-
ment. This forward-looking stance is crucial
because failing to prevent safety mishaps or
noncompliance with environmental regu-
lations can result in steep fines, mandated
remediation efforts and painful hits to
shareholder value.
Leading indicators and metrics figure prominently
among other attributes of high-performing EHS
programs. To develop such a program, business
leaders should start by gaining a clear understanding
of their current EHS capabilities and the maturity
of their EHS program — which can be difficult.
As business leaders with EHS responsibilities seek to
improve their capabilities in the most cost-efficient
and effective ways possible, they should keep the
following in mind:
Introduction
2 · Protiviti
The Ever-Evolving Case for Improvement
EHS requirements continually change but rarely
decline in number — even with shifts in regulatory
philosophies. While the executive and legislative
branches of government influence the leadership
ranks of federal agencies, and to a lesser extent,
set the tone for some enforcement approaches, the
vast majority of essential EHS standards with which
companies must comply remain relatively stringent
and unlikely to be significantly altered. Insurance
companies also use these standards to set rates for
worker’s compensation and general liability policies,
which is why leading EHS programs often deploy
internal standards that are more stringent versions
of baseline regulatory requirements as a way to avoid
incidents that cause premiums to spike.
Regulatory bodies also continually refine existing
standards, publish new rules, and shift the focus
of their enforcement activities. Between 2015 and
2017, for example, the Environmental Protection
Agency (EPA) published 5,043 items in the federal
register. Since 2010, the EPA has published more
than 14,000 notices, rules and proposed rules in the
federal register — a number significantly higher
than other major government agencies. These rules
apply to environmental protections, reporting and
recordkeeping requirements, air pollution control,
administrative practices and procedures, chemicals,
confidential business information and more. Other
agencies also have made thousands of changes over the
same period of time.
“Based on our experience with a number of experts in the occupational health and safety field, two themes emerge in successfully enhancing the EHS perspectives of an organization: The need for leadership-driven EHS effort and the need to assess EHS programs on leading indicators.” — Jon Critelli, Director, Protiviti
* Items published from Jan 1, 2010 through April 27, 2018. Federal Register, www.federalregister.gov/documents/search?#advanced.
U.S. Federal Agency Federal Register Items Published*
Environmental Protection Agency (EPA) 14,369
Agriculture Department (USDA) 9,227
Justice Department (DOJ) 6,839
Labor Department (DOL) 6,152
Education Department (ED) 3,683
FY 2011 FY 2012 FY 2013 FY 2014 FY 2015 FY 2016
Total programmed inspections Total unprogrammed inspections
0
25,000
20,000
15,000
5,000
10,000
Source: U.S. Department of Labor, OSHA 2016 Enforcement Summary, www.osha.gov/dep/2016_enforcement_summary.html#1
OSHA Inspections
Achieving a Top-Performing Environmental Health and Safety Program · 3protiviti.com
Organizations should remain poised to respond to
further additions, subtractions and alterations to the
regulatory code. A quick glance at the total inspections
conducted by the U.S. Occupational Health and Safety
Administration (OSHA) shows that unprogrammed
inspections have increased in recent years even as
programmed inspections have declined:
Additionally, the penalties for OSHA violations remain
significant, ranging from $12,934 per violation to
$129,336 for willful or repeated incidents.1 OSHA
levied a total of more than $30 million in fines in 2016
for the 152 significant violations that topped the
$100,000-penalty threshold.
These penalties represent only a portion of the prob-
lems companies incur due to ineffective EHS processes
and capabilities. Other potential problems include hits
to shareholder value, brand and reputational damage,
lawsuits, and scrambling to make expensive mandated
remediations while dealing with the fallout.
Establishing an effective and continuously improving
EHS capability is a great way to avoid these issues.
Mature EHS programs help companies keep tabs on
new and developing regulations, integrate an EHS
mindset into the company culture and help support
and manage corporate sustainability initiatives.
1 U.S. Department of Labor, OSHA Penalties, www.osha.gov/penalties/, accessed March 23, 2018.
4 · Protiviti
Warning Signs
A recent EHS Today article described the many compli-
ance challenges posed by OSHA’s new record-keeping
regulation, which requires employers to publish
work-related injury and illness records on a new OSHA
website. Writer Hannah Stewart notes that OSHA
believes this transparency requirement will “nudge”
companies to mitigate brand risks associated with
injuries and the unsafe workplace perceptions among
investors, customers and employees. Stewart pointed
to BP’s 52 percent swoon in market value and 40
percent decline in U.S. gas station revenue following
the 2010 Deepwater Horizon disaster.2 All of these
points neatly summarize the risks associated with
operating under-resourced, underfunded and/or subpar
EHS programs.
The costs of major EHS violations can include remedia-
tion (in the case of an environmental incident); changes
to equipment and facilities (e.g., construction, retrofitting
a facility) that must be performed quickly following an
incident; regulatory fines; lawsuit-related costs; increases
to insurance premiums, which are based on experience
modification rates (EMRs); and potential declines in
revenue and shareholder value. If, for example, a water
bottling company’s mishap introduces unsafe materials
to the manufacturing process, consumers may shun that
product long after the problem has been remedied.
These worst-case scenarios are more likely to occur
in companies with ineffective EHS programs, which are
recognizable by the following:
• Underfunded programs and insufficient staff size
• Treating EHS as an afterthought to other priorities
• EHS complacency resulting from following well-
known standards while neglecting to monitor and
plan for new and emerging standards
• A lack of benchmarking against leading
industry practices
• Focus on lagging indicators of EHS performance
(injuries, environmental incidents, etc.) as opposed to
leading indicators, such as gauging the effective-
ness of EHS programs, encouraging a culture of
safety, enhancing the visibility of EHS performance
to the entire organization, tracking the number of
management visits to that area, monitoring training
completion percentages and more.
2 “OSHA’s New Recordkeeping Rule: Top 3 Challenges Coming Down the Line,” by Hannah Stewart, EHS Today, Nov. 9, 2017: www.ehstoday.com/osha/oshas-new-recordkeeping-rule-top-3-challenges-coming-down-line.
Achieving a Top-Performing Environmental Health and Safety Program · 5protiviti.com
Leading Practices
One of the most vivid differences between companies
with lagging and leading EHS capabilities relates to how
organizations treat specific EHS rules and standards.
The former camp treats these requirements as finite
by seeking to adhere only to the minimum standard and
seeing the compliance effort as a one-time exercise
to reach an end goal. Companies with mature EHS
capabilities regularly treat minimum requirements
as baselines and then establish stricter in-house
standards. They also view their EHS capabilities
dynamically and have the mechanisms in place to
adjust them as required.
A well-established EHS program not only helps prevent
incidents and fines, but also promotes compliance and
even pride throughout the organization. Leading EHS
programs typically possess and/or enable the follow-
ing characteristics:
• The right tone at the top — As is the case with any
regulatory compliance effort, the tone coming from
the top makes the difference between a leader and
a laggard. Organizational leadership should set the
right tone and inspire the right attitudes and behav-
iors regarding how EHS requirements are viewed
and managed throughout the company. This tone is
evident in tangible EHS processes and mechanisms,
such as the use of safety committees, as well as most
of the other items that follow on this list.
• EHS considerations are integrated into routine processes — Rather than addressing EHS standards
and rules after the fact, leading companies have
compliance requirements and other EHS practices
integrated into processes.
• Comprehensive training — Compliance with all
relevant regulations, rules and internal standards
is supported with training that extends to safety
procedures, equipment use, compliance reporting
requirements and more. Additionally, training is
managed by tracking the number of employees
trained (via training hours), dollars invested per
training hour, and savings generated by a
well-executed training program.
• The use of leading indicators — Mature programs
identify, monitor and respond to leading indica-
tors that highlight potential trouble spots so that
incidents can be prevented. Examples of leading
indicators include the percentage of employees that
have received adequate training; the number of
compliance-related visits to a site, and the number
of management visits to a site, among others.
• Performance tracking — Leading EHS teams
develop and implement performance plans with
metrics related to key EHS requirements and
standards. Key performance indicators (KPIs)
typically cover incidents and accidents, near
misses, lost time, permitting and the like. These
types of KPIs are applied at a program level as
well as across multiple departments and sites.
• Benchmarking — In addition to tracking internal
EHS KPIs, leading EHS programs also conduct regular
benchmarking activities to assess their performance
against industry yardsticks. Benchmarking identifies
where the organization is today with respect to health
and safety performance and the level of health and
safety performance the organization strives to achieve
in the future.
• Integration with functional and business processes —
EHS teams collaborate closely with business
partners throughout the organization on any and all
processes related to EHS matters. For example, EHS
teams work closely with their operations counter-
parts to ensure that waste management processes
address regulations and internal standards related
to hazardous waste disposal; EHS teams and their
human resources colleagues integrate EHS-related
6 · Protiviti
training and awareness into onboarding processes;
and EHS teams work with procurement to ensure,
for example, that regulated chemicals used in
refining processes are procured and handled in a
compliant manner.
• Budgetary considerations — Another relationship the
EHS team needs to manage is with corporate finance
and accounting. This ensures that compliance
requirements are understood as important, and are
considered and supported during annual budgeting
and planning processes.
Getting these and other components of a robust EHS
capability in place normally begins with a comprehensive
diagnostic of the program’s current state — typically one
conducted by a third party, which can provide optimal
objectivity and a fresh look at old problems.
“Our EHS team is extremely understaffed.” Business
leaders often utter that realization after examining
the results of a comprehensive third-party diagnosis
of their EHS capability. An effective and objective EHS
diagnosis would identify all of the EHS risks facing
an organization, the resources and structures needed
to address those risks, and the gaps that current EHS
capabilities fail to address. A quick glimpse at this
information in a single document tends to open the
leadership team’s eyes to the sometimes daunting
scope of their company’s EHS needs and the relatively
small number of resources many companies devote to
this area.
A two-pronged approach — consisting of a diagnostic
and a remediation plan — is a highly effective way of
improving EHS capabilities. This work begins with a
comprehensive EHS risk diagnostic, which includes
risk identification and profiling of the current EHS
processes. The results of this diagnostic highlight
all shortcomings within EHS procedures and training
programs. The diagnostic results also include
benchmarking information to help clarify both
the current state of EHS performance and the EHS
performance level the organization wants to achieve.
The second part of the improvement effort consists
of the remediation plan. The plan details how EHS
performance will be improved so that the company
can achieve and sustain compliance with all applicable
EHS rules and standards, as required by law. Again,
companies with leading EHS programs routinely exceed
compliance with those rules and standards, which they
treat as minimums.
In many instances, the remediation plan identifies
preventive and/or corrective actions along with the
development of standard operating procedures related
to each EHS risk area. The operating procedures are
tested and validated, and training plans tied to these
procedures are developed. All of this information is
subsequently used to track the progress of all preventive
and corrective actions being taken in response to the
assessment.
Advancing Along the Maturity Continuum
Achieving a Top-Performing Environmental Health and Safety Program · 7protiviti.com
Although EHS evaluation and improvement efforts
are almost always modified to address the unique
characteristics of a company (e.g., industry, size,
compliance requirements, etc.), most efforts address, at a
minimum, the following four categories:
01 02 03 04
Areas for EHS enhancement, including:• Maintenance plans
• Preventive programs
• Hazmat programs
• Prevention processes
Structures, systems and other mechanisms by which processes and activities are executed, including: • Daily work authorizations
• Safety meetings
• Safety promotions and communications
• Safety training
Organizational initia-tives and programs that enable safety, including: • Companywide initiatives
• Dedicated safety staff or a department
• Employee training
Governance, which covers the specific controls and processes that drive safe execu-tion, such as: • Safety assessments
• Training hours
• Management of new laws and processes
• EHS evaluations
By understanding how an EHS diagnostic works and
the key EHS components it targets, business leaders
are positioned to close troubling EHS-management
gaps while elevating their program’s performance.
Closing those gaps requires a collection of skills and
expertise, ranging from knowledge of current and
emerging regulatory requirements, to familiarity of
leading indicators of EHS performance, to knowing
how to knit EHS considerations into a wide range
of business processes throughout the organization,
change management savvy, and much more.
8 · Protiviti
Conclusion
Well-planned, systematic improvements to
EHS capabilities tend to yield a set of mutually
reinforcing benefits.
EHS programs that integrate OSHA training into the
new-employee onboarding process, for example, send
a clear message to new hires about how seriously the
organization treats external EHS requirements and
more stringent internal standards. This type of process
integration also makes EHS considerations part of the
daily workflow of a larger portion of the workforce and
helps extend compliance responsibilities beyond the
exclusive domain of the EHS group. This widespread
sharing of EHS processes, responsibilities and awareness
increases the likelihood that individual EHS initiatives,
such as zero-tolerance programs, will be embraced by
employees, and recognized and rewarded by leadership.
An EHS diagnostic is the first step in the improvement
work that yields those benefits.
Case Study: An EHS Audit at an Energy Company Leads to Marked ImprovementsEarlier this year, Protiviti performed an audit of an energy company’s environmental, health, safety and security (EHS&S) oversight processes. The effort was motivated by an internal audit plan that identified EHS&S as a high risk area for the company. Specifically, the audit plan called for an audit of the EHS&S management team’s oversight of compliance activities in all refinery and non-refinery operations. It required the team to understand, assess and test key control activities, procedures and supporting technology in three areas:
• Management processes
• A safety management system (SMS) and an environmental management system (EMS)
• Physical plant security programs and protocols
The goal of the EHS audit was to provide an objective EHS diagnostic by a third party to shed light on possible improvements. To this end, a Protiviti EHS expert joined the company’s internal audit team, and, following the comprehensive diagnostic of the identified areas, recommended a set of specific improvements. For example, Protiviti determined that each operational location had a unique management system and that the level of preparation to incorporate new corporate standards into those systems varied widely. Each refinery and non-refinery operation was in the process of identifying its location-specific EHS risks, compliance requirements and risk mitigation strategies. Protiviti helped identify potential areas for improvement that also included implementation of the corporate standards into the management systems.
Benefits Achieved
The company took Protiviti’s improvement recommendations to heart and deployed its internal resources to implement them. Specifically, the company:
• Developed and communicated an SMS and EMS approach for each location. These systems included processes, procedures, training and assessments for each refinery.
• Developed and implemented robust and standardized EHS policies and tools to be adhered to and utilized across the organization
• Established a robust EHS framework based on regulatory and legal requirements and an audit program that tests adherence to the newly implemented SMS and EMS
• Utilized IMPACT, a web-based incident management system, to manage safety and environmental incidents and audit findings across all locations, and
• Established minimum requirements for site security across all locations.
Achieving a Top-Performing Environmental Health and Safety Program · 9protiviti.com
How Protiviti Can Help
Protiviti works with companies across industries to
devise and implement effective EHS programs. These
programs are actionable, attainable, meaningful,
transparent, and easy to implement. Protiviti evaluates
organizations’ current EHS capabilities in four catego-
ries: processes, structures and systems, organizational
initiatives and governance. Following a comprehensive
diagnostic of an organization’s current EHS capability,
Protiviti benchmarks the current and target state matu-
rity (using a proprietary EHS Maturity Model) across all
elements of EHS, and then implements improvements
that close current-target state gaps. Our efforts have
successfully identified and eliminated, or controlled,
risks related to both injuries and incidents, while equip-
ping companies with a framework to sustain high levels
of EHS performance.
ABOUT PROTIVITI
Protiviti is a global consulting firm that delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders confidently face the future. Protiviti and our independently owned Member Firms provide consulting solutions in finance, technology, operations, data, analytics, governance, risk and internal audit to our clients through our network of more than 70 offices in over 20 countries.
We have served more than 60 percent of Fortune 1000® and 35 percent of Fortune Global 500® companies. We also work with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index.
Randall [email protected]
Daniel [email protected]
Ruhtab [email protected]
CONTACTS
© 2018 Protiviti Inc. An Equal Opportunity Employer M/F/Disability/Veterans. PRO-0518-103117 Protiviti is not licensed or registered as a public accounting firm and does not issue opinions on financial statements or offer attestation services.
© 2
017
Proti
viti
Inc.
An
Equa
l Opp
ortu
nity
Em
ploy
er. M
/F/D
isab
ility
/Vet
. PRO
-041
7
THE AMERICAS UNITED STATESAlexandriaAtlantaBaltimoreBostonCharlotteChicagoCincinnatiClevelandDallasDenverFort Lauderdale
HoustonKansas CityLos AngelesMilwaukeeMinneapolisNew YorkOrlandoPhiladelphiaPhoenixPittsburghPortlandRichmond
SacramentoSalt Lake City San FranciscoSan JoseSeattleStamfordSt. LouisTampaWashington, D.C.WinchesterWoodbridge
ARGENTINA*Buenos Aires
BRAZIL*Rio de Janeiro Sao Paulo
CANADAKitchener-Waterloo Toronto
CHILE*Santiago
COLOMBIA*Bogota
MEXICO*Mexico City
PERU*Lima
VENEZUELA*Caracas
EUROPE MIDDLE EAST AFRICA
FRANCEParis
GERMANYFrankfurtMunich
ITALYMilanRomeTurin
NETHERLANDSAmsterdam
UNITED KINGDOMLondon
BAHRAIN*Manama
KUWAIT*Kuwait City
OMAN*Muscat
QATAR*Doha
SAUDI ARABIA*Riyadh
SOUTH AFRICA*Johannesburg
UNITED ARAB EMIRATES*Abu DhabiDubai
ASIA-PACIFIC CHINABeijingHong KongShanghaiShenzhen
JAPANOsaka Tokyo
SINGAPORESingapore
INDIA*BengaluruHyderabadKolkataMumbaiNew Delhi
AUSTRALIABrisbaneCanberraMelbourneSydney
*MEMBER FIRM