Audit of Occupational Safety and Health (OSH)



Similar documents
Audit of Human Resources Management Planning

J u n e N a t i o n a l R e s e a r c h C o u n c i l C a n a d a. I n t e r n a l A u d i t, N R C. Audit of Risk Management.

Audit of the Financial Management Control Framework - Revenue

Indian and Northern Affairs Canada. Internal Audit Report. Audit of the Security Program. Prepared by: Audit and Assurance Services Branch

4.00 Student means a Student registered, enrolled or participating in any course or program offered by the university.

Risk Management Committee Charter

Internal Audit Manual

Corporate Health and Safety Policy

Audit of the Test of Design of Entity-Level Controls

PUBLIC SERVICE COMMISSION AUDIT REPORTS 2012

Effective Internal Audit in the Financial Services Sector

Audit of Construction Contracts

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

Benchmark OHS Consulting Pty Ltd Self Assessment WHS Audit Tool

Internal Audit Terms of Reference

A Guide to Corporate Governance for QFC Authorised Firms

Audit of Monitoring and Payments

Compliance Management Systems (CMS) Division of Depositor and Consumer Protection

HEALTH SAFETY & ENVIRONMENT MANAGEMENT SYSTEM

1. Establishment of Committee A committee of directors to be known as the Human Resources Committee (the Committee ) is hereby established.

Contractor Safety Management

OSFI Updates Guidance on Regulatory Compliance Management. By Carol Lyons and Jared Grossman

EDUCATION AND CULTURE - REGULATION OF PRIVATE TRADE SCHOOLS

AUDIT COMMITTEE CHARTER

Health and Safety Management Standards

Internal Audit. Audit of HRIS: A Human Resources Management Enabler

Audit and Risk Committee Charter. 1. Membership of the Committee. 2. Administrative matters

Position Description

444 Seventh Avenue SW Calgary, Alberta T2P 0X8

Audit and Risk Committee Charter. Knosys Limited ACN (Company)

BOARD OF DIRECTORS MANDATE

Audit, Risk Management and Compliance Committee Charter

Regulatory Compliance Management (RCM) (formerly Legislative Compliance Management (LCM))

ALAMOS GOLD INC. AUDIT COMMITTEE CHARTER

Phase II of Compliance to the Policy on Internal Control: Audit of Entity-Level Controls

Aboriginal Affairs and Northern Development Canada. Internal Audit Report

Recognition of Prior Learning (RPL) BSB40515 Certificate IV in Business Administration

Board Risk & Compliance Committee Charter

NSERC SSHRC AUDIT OF IT SECURITY Corporate Internal Audit Division

SAFETY and HEALTH MANAGEMENT STANDARDS

HALOZYME THERAPEUTICS, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS ORGANIZATION AND MEMBERSHIP REQUIREMENTS

ESM Management Comments on Board of Auditors Annual Report to the Board of Governors for the period ended 31 December 2014

Charter of the Audit Committee of the Board of Directors

Human Services Quality Framework. User Guide

Audit of Business Continuity Planning

Administrative Procedure Manual

Company s Audit and a Review of the Outside Auditor

Quality, Environmental, Health and Safety Manual Toshiba International Corporation

Status Report of the Auditor General of Canada to the House of Commons

AUDIT AND RISK MANAGEMENT COMMITTEE CHARTER

Sydney Brisbane Perth Adelaide Melbourne

Occupational Safety and Health Training Guidelines. For Federal Agencies

Leading Experts in Employment Law, Industrial Relations and best practice Human Resource Management in Ireland

Construction Occupational Health and Safety Management System COHSMS Guidelines & COHSMS External System Evaluation External Audit By JCOSHA

FMCF certification checklist (incorporating the detailed procedures) certification period. Updated May 2015

CHARTER OF THE AUDIT AND RISK MANAGEMENT COMMITTEE OF THE BOARD OF DIRECTORS OF BLACKBERRY LIMITED AS ADOPTED BY THE BOARD ON MARCH 27, 2014

B o a r d of Governors of the Federal Reserve System. Supplemental Policy Statement on the. Internal Audit Function and Its Outsourcing

Aboriginal Affairs and Northern Development Canada. Internal Audit Report. Audit of Management of Negotiation Loans. Prepared by:

KING III CORPORATE GOVERNANCE COMPLIANCE REGISTER

1. This bulletin, which contains the Charter of the Office of Internal Oversight Services (IOS) of

Audit of Financial Management Governance. Audit Report

Health and Safety Policy and Procedures

INTERNAL AUDITING S ROLE IN SECTIONS 302 AND 404

Audit of Physical Security Management

CORPORATE GOVERNANCE FRAMEWORK

HEALTH AND SAFETY POLICY AND PROCEDURES

CVS HEALTH CORPORATION A Delaware corporation (the Company ) Audit Committee Charter Amended as of September 24, 2014

1. Purpose. 2. Membership and Organization. 3. Meetings. Canadian Imperial Bank of Commerce Risk Management Committee Mandate

FIRST CITIZENS BANCSHARES, INC. FIRST-CITIZENS BANK & TRUST COMPANY CHARTER OF THE JOINT AUDIT COMMITTEE

SYNACOR, INC. AMENDED AND RESTATED AUDIT COMMITTEE CHARTER. As adopted by the Board of Directors on November 16, 2011

Statement of Management Responsibility Including Internal Control Over Financial Reporting

INTERNAL AUDIT CHARTER AND TERMS OF REFERENCE

Job and Person Specification Approval. 1. Summary of the broad purpose of the position in relation to the organisation s goals

Audit, Business Risk and Compliance Committee charter

WORK HEALTH AND SAFETY

Audit, Business Risk and Compliance Committee Charter Pact Group Holdings Ltd (Company)

FINANCIAL ASSESSMENT CRITERIA (The Assessment Criteria should be read in conjunction with OSFI s Supervisory Framework)

Integrated Quality and Safety Framework

How To Set Up A Safety Committee

Audit of Financial Reporting Controls

Internal Audit Division

How To Manage Risk In Ancient Health Trust

Revised Body of Knowledge And Required Professional Capabilities (RPCs)

Industry Services Quality Management System

LAW ENFORCEMENT PROGRAM ACCREDITATION MANAGER (PROGRAM SPECIALIST 4)

Charter of the Audit Committee of the Board of Directors of The Ensign Group, Inc. Adopted & Effective April 26, 2007 Last Revised October 29, 2015

POLICY MANUAL. Responsibility: Approved by: Last Approval Date:

Work Plan for : Enhancing Audit Quality and Preparing for the Future. The IAASB s Work Plan for December 2014

Audit of Procurement Practices

Framework for Cooperative Market Conduct Supervision in Canada

Senate Bill No. 466 CHAPTER 489

Final Report Audit of Vendor Performance and Corrective Measures. September 18, Office of Audit and Evaluation

Audit Committee Charter Altria Group, Inc. In the furtherance of this purpose, the Committee shall have the following authority and responsibilities:

R000. Revision Summary Revision Number Date Description of Revisions R000 Feb. 18, 2011 Initial issue of the document.

EXECUTIVE SUMMARY. PURPOSE OF REPORT To provide Council with a report on the Follow Up Audit of CVOR-Fleet.

Board Charter. HCF Life Insurance Company Pty Ltd (ACN ) (the Company )

Draft Classification Model HUMAN RESOURCES MANAGEMENT FUNCTION

6/8/2016 OVERVIEW. Page 1 of 9

OF CPAB INSPECTION FINDINGS

2010 ohsrm Audit Tool OHS & Injury Management

Transcription:

National Research Council Canada Audit of Occupational Safety and Health (OSH) Internal Audit, NRC SEPTEMBER 2010

1.0 Executive Summary and Conclusion Background This report presents the findings of the National Research Council (NRC) Canada s Audit of Occupational Safety and Health. The decision to conduct the audit was approved by the President following the recommendation of the Audit, Evaluation and Risk Management Committee 1 on March 19, 2008, as part of the NRC 2008-09 to 2010-11 Risk-Based Internal Audit Plan. The audit was focused on OSH management practices at the corporate level and within a sample of six Institutes, Branches and Programs (IBPs) for the period April 2006 to August 2009. Additional information was gathered between August 2009 and March 2010 in order to validate audit findings and identify progress made by management to address findings. NRC must adhere to federal Occupational Safety and Health (OSH) legislation, including the Canada Labour Code Part II (CLC Part II) and associated regulations. Treasury Board has also established a Policy on Occupational Safety and Health and an Occupational Health and Safety Directive 2. Although NRC is not required to adhere to the Treasury Board OSH Policy given its status as a Schedule II departmental corporation in the Financial Administration Act, it has opted to participate in the National Joint Council of the Public Service of Canada, and as such, collective bargaining agreements require that NRC follow the Treasury Board OHS Directive and National Joint Council Occupational Health and Safety Directive. Like the CLC Part II and its regulations, the Treasury Board directive is intended as a minimum standard that should be complemented by an employer's own occupational health and safety policies and procedures. 1 In January 2009, this Committee of Council was replaced by the Departmental Audit Committee upon the appointment of its members by Treasury Board. 2 As of May 31, 2010, the Treasury Board OSH Directive is hosted by the National Joint Council, where it was codeveloped by participating bargaining agents and public service employers. This document has not been changed and continues to apply as it did before. September 2010 3

Audit objective, scope and methodology The overall objective of this audit is to provide assurance with respect to the adequacy and effectiveness of the management control framework employed by NRC and NRC s compliance with OSH laws and regulations, including the Canada Labour Code Part II, as well as the Treasury Board and NRC Occupational Safety and Health policies and guidelines. Due to the highly technical nature of the audit, the NRC audit team was supplemented by a team of professionally qualified OSH specialists in partnership with an audit firm that were contracted to assist in conducting the audit work. The audit examined key elements of NRC s OSH management control framework by focusing on the OSH management practices in place at a sample of six IBPs. The audit did not seek to obtain assurance that employees consistently work in a safe manner and that workplaces are free of unreasonable hazards; however, point in time observations were made of workplaces and work practices at the IBPs selected for examination. The audit was conducted using a series of detailed audit criteria that addressed the audit objective, against which we drew our observations, assessments and conclusions. Prior to finalizing the audit criteria, they were assessed for significance and areas of greatest risk. These audit criteria, were formulated from requirements of the CLC Part II and its regulations, the Treasury Board OSH Policy, and the requirements outlined in Canadian Standards Association (CSA) Standard Z1000. Audit opinion and conclusion Within the limitations of the samples drawn and the audit procedures performed, we conclude that, for the period covered by our audit, NRC s occupational safety and health management control framework needs improvement 3 to meet the complex occupational safety and health (OSH) needs of the National Research Council. Those areas requiring improvement include: updating OSH policies and programs to ensure consistency with 3 See Appendix for the list of potential overall ratings. September 2010 4

legislative requirements and appropriate alignment of responsibilities between, supervisors, management, the corporate NRC OSH Group, and local Committees on Occupational Safety and Health (COSH); retaining the services of more IBP-level OSH specialists to reduce the reliance placed on COSH; developing and implementing more IBP-level Hazard Prevention Programs; addressing OSH training needs including employee assessments, timing and consistency of training courses and mandatory training for certain employee groups; developing tools to permit COSH to operate more effectively; and establishing performance measures in order for senior management to more effectively evaluate NRC s performance with respect to OSH. During and subsequent to the audit, we observed steps taken by management to proactively address many of the significant gaps in the management control framework for OSH. At the time the onsite inspections were conducted, we found for the physical facilities and equipment in the NRC workplaces examined and the work practices of NRC employees to be generally safe and compliant with applicable regulatory, Treasury Board, and NRC OSH requirements. We believe that strong worker and workplace safety is most likely the result of NRC employees most of whom have come to NRC with advanced academic credentials in their disciplines, well-ingrained good safety habits, and adequate knowledge of the health and safety aspects of their work. While NRC has an overall OSH policy that defines high level roles and responsibilities, and a series of hazard-specific OSH programs, the OSH management control framework is principally decentralized with limited performance reporting and measurement being made available to senior management. The corporate NRC OSH Group provides valuable OSH related advice and services to IBPs, but it does not have the mandate to support and oversee the development and implementation of a comprehensive OSH management control framework across NRC. Our audit found that many conventional management practices such as needs assessment, objective setting, formalized planning to meet objectives, resource allocation in accordance with plans and strategies, systematic implementation, measurement and evaluation of performance, and overall September 2010 5

program review were not fully applied to the management of OSH. At the time of our audit, most IBPs relied heavily on the volunteer members of the workplace safety committees (i.e., COSH) to perform leadership and control functions that should be exercised by managers or their representatives. One of the six IBPs included in the audit has implemented a strong OSH management control framework with sufficient permanent capacity to ensure a sustained and effective implementation. At the time of our audit, the other five IBPs had mostly informal OSH management systems with no dedicated OSH resources. These five IBP s were found to have low levels of compliance with OSH requirements relating to record keeping, performance of hazard and risk assessments, OSH training, inspection and auditing of their practices. Although we provide no opinion on the adequacy of management s response to this concern, we noted that this concern was proactively addressed subsequent to our fieldwork with the addition of full or part-time OSH advisors in four of the five IBPs in which it was identified as a concern. For all of the six IBP workplaces inspected, work practices of employees and health and safety conditions of facilities and equipment were generally found to be compliant with legislative and policy requirements at the point in time that our site inspections were conducted. Where issues were observed, a few were serious and required management s attention, and most were minor. All of these serious issues could have been proactively identified had qualified safety practitioners been involved in the conduct of management-led inspections. During and subsequent to our audit fieldwork, the management of all of the IBPs examined proactively addressed most serious issues, with only a few outstanding which would reasonably require a longer time-frame to address. September 2010 6

Recommendations (all are rated as HIGH priority) 1. The overall NRC OSH Policy and its related policies and programs should be updated to ensure consistency with legislative requirements and appropriate alignment of responsibilities between, supervisors, management, the local OSH specialists, the corporate NRC OSH Group, and local Committees on Occupational Safety and Health (COSH). In performing this update, consideration should be given to: (a) amending the clause in the NRC OSH Policy that allows IBP Director Generals to delegate OSH responsibilities to their COSH members (6.1.4.6.a); (b) articulating clear responsibility at the corporate level for monitoring and enforcement; and (c) identifying the role and responsibilities of the corporate NRC OSH Group, including its roles and responsibilities for advising IBPs on their OSH programs, monitoring IBP OSH programs, enforcing NRC OSH Policy, and reporting comprehensive performance information to senior management and the National Committee on Occupational Safety and Health (NCOSH). NRC Management Response: NRC agrees with this recommendation. The Senior Executive Committee (SEC) Steering Committee will oversee a Working Group to draft a recommended policy, including the training requirements, by October 2010 followed by SEC approval November 2010. 2. IBPs should retain, exclusively or in partnership with other IBPs, the services of OSH specialist(s) to support them in fulfilling their OSH responsibilities and reduce reliance placed on COSH members. The level of effort devoted to OSH by each IBP should be commensurate with its occupational hazard profile. September 2010 7

NRC Management Response: NRC agrees with this recommendation. Analysis will be conducted and a staffing plan will be recommended. OSH specialists will be assigned to each IBP by March 2011. 3. Each IBP should develop and implement a hazard prevention program (Part 19 of the Canada Occupational Health and Safety Regulations), ensuring that adequate hazard and risk assessment processes are in place to inform OSH program planning and the implementation of preventive and protective measures. The corporate NRC OSH Group should review each IBP s implementation plan and timeline, monitor each IBP s progress against the plan, and report on the status of its implementation to the Senior Executive Committee and the National Committee on Occupational Safety and Health (NCOSH). NRC Management Response: NRC agrees with this recommendation. The NRC-OSH Group will work with IBPs to develop individual action plans for Hazard Prevention and Internal Ergonomics Programs, as follows. Call letter to IBPs to initiate program planning and appoint a program administrator was completed February 2010; Intranet Zone story to announce program was completed July 2010; Training for program administrators was completed August 2010; Available online training to be completed by all NRC employees by September 2010; Draft plans to be received by NRC-OSH Group by March 2011; Draft plans and program reviewed by NRC-OSH Group in consultation with IBPs to be completed by June 2011; September 2010 8

Finalization and implementation of plans and programs by September 2011; and On-going monitoring of Hazard Prevention programs (annual reports submitted to NCOSH and SEC by December 2011). 4. OSH training needs assessments should be completed in a timely manner for all employees and visiting workers 4 to determine individual workplace and job specific OSH training needs. NRC and IBP OSH training program and courses should be improved to ensure that training is accessible to workers in a timely manner and that training in general OSH matters is standardized and consistently delivered across NRC. To permit analysis of whether employees have taken required training, completed training should be tracked at the IBP level for each employee and monitored by the corporate NRC OSH Group. NRC Management Response: NRC agrees with this recommendation. The Senior Executive Committee has approved in principle, funding for an online training system and suite of courses to be made available to all IBPs. Until the online training tool is available, the NRC-OSH Group is assisting IBPs to ensure the completion of mandatory OSH training as part of IBP orientation packages for all employees and visitors. Training needs assessments will be completed for each employee by their supervisors and training plans approved by Directors General by June 2011. Following approval of the funding for the online training tool: An OSH Training System Project Team (OTSP) will be appointed by October 2011; The contract will be awarded (following the RFP period) by June 2011; 4 Visiting workers work on NRC premises but are not employees of NRC. September 2010 9

Core training will be finalized12-18 months after software purchase; and Specialized training will be finalized 18-30 months after software purchase. 5. NRC should institute mandatory training for all COSH members, Directors General and IBP OSH specialists to ensure that they have an adequate and uniform understanding of their roles, responsibilities and obligations. The corporate NRC OSH Group should provide the Committees on Occupational Safety and Health (COSH) with a set of tools to help them systematically carry out their functions that should include, for example, agendas covering all of the subjects that the COSH is to address over the course of a year, inspection checklists and inspection tracking forms, and a form to log and track the resolution of issues and complaints brought to the COSH by employees. NRC Management Response: NRC agrees with this recommendation. Mandatory training requirements will be included in the revised policy (see Management Action Plan for Recommendation #1) by October 2010. The OSH Group is currently developing tools for the COSH committees and DGs in order to help them perform their duties. This will include online tools as well as classroom-style training by March 2011. NCOSH will also provide guidance and assistance. This will be expanded to include IBP OSH advisors. 6. NRC OSH performance measures should be established and targets should be set for each IBP. Performance measures should include OSH regulatory compliance indices, NRC OSH program implementation indices, and COSH activity measures. Information should be collected, maintained and analysed by IBPs, and provided to IBP management and the corporate NRC OSH Group for monitoring purposes. The September 2010 10

NRC OSH Group should prepare an annual OSH performance report for NRC senior management that includes these recommended measures. NRC Management Response: NRC agrees with this recommendation. The Senior Executive Committee Steering Committee will identify suitable performance measures by December 2010. Performance measures will be reported to SEC annually beginning December 2011. In the short term, the NRC-OSH Group will conduct, on a risk-basis, IBP-level OSH audits. Statement of assurance In my professional judgement as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the conclusions reached and contained in this report. The conclusions were based on a comparison of the situations as they existed at the time against the audit criteria. The evidence was gathered in accordance with the Treasury Board Policy, directives and standards on Internal Audit, and the procedures used to meet the professional standards of the Institute of Internal Auditors 5. Jayne Hinchliff-Milne, CMA, Chief Audit Executive NRC Audit Team Member 6 Jean Paradis, Audit Manager, CA, CIA 5 Although the audit was conducted in accordance with the International Standards for the Professional Practice of Internal Auditing, NRC Internal Audit has not undergone an external assessment at least once in the last five years as required. 6 The NRC audit team was supplemented by a team of experienced contracted auditors from Orbis Risk Consulting and OSH experts from Resource Environmental Associates who assisted in conducting the audit. September 2010 11

Appendix: Potential Overall Ratings Management Attention Required Significant issues exist that require management s attention. Needs Improvement Some areas of practices / processes are in compliance with OSH laws and regulations and Government of Canada and NRC policies and directives pertaining to Occupational Safety and Health but many deficiencies exist. Adequate Most of the areas of practices / processes are in compliance with OSH laws and regulations and Government of Canada and NRC policies and directives pertaining to Occupational Safety and Health but there are opportunities for improvement. Strong All areas of practices / processes are in compliance with OSH laws and regulations and Government of Canada and NRC policies and directives pertaining to Occupational Safety and Health. No areas for improvement were identified. September 2010 12 Internal Audit, National Research Council of Canada

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information