Planning an Occupational Health and Safety Management System (OHSMS)

After having written an earlier series of articles about the ANSI Z490.1 standard for Safety, Health, and Environmental Training, we’re now in the middle of writing a series of articles about ANSI Z10, the ANSI/ASSE/AIHA standard for Occupational Health and Safety Management Systems (we’ll use OHSMS for short for that).

In this article, we’re going to take an extended look at Section 4 of Z10, which is all about planning an OHSMS. That includes reviews, both initial and ongoing; assessments and prioritization of tasks; objectives; implantation plans; and allocation of resources.

Below, we’ll remind you of the other articles in the series (and give you links) and then we’ll dive right into this one.

Our Ongoing Series of Articles on ANSI Z10

Here are the earlier articles in this series:

The entire series of articles is based on information from ANSI Z10, Occupational Health and Safety Management Systems. As we’ve said in the earlier articles, we highly recommend that you buy a copy of the Z10 standard for yourself. There’s a ton of useful information in it, including a large collection of helpful appendices at the end. It never hurts to take some guidance and get some helpful resources from the experts at ANSI and ASSE.

ANSI Z10 Section 4: How “Planning” Fits Into the Big Picture of Occupational Health and Safety Management

So, we’re going to talk about planning an OHSMS. Let’s start by seeing how planning fits into the entire process.

Z10 was written to fit the familiar Plan-Do-Check-Act workplace management method (PDCA), which is often associated with Dr. W. Edwards Deming.

As represented in a somewhat simple illustration, section 4 of Z10 covers planning and also neatly maps to the “Plan” phase of PDCA. (The drawing below is modeled after a few similar ones within Z10 itself.)


Because this is all part of a continuous improvement cycle, there’s an initial planning phase and ongoing planning phases over time.

Planning the OHSMS

Now, let’s take a deep-dive into what the standard says about planning an OHSMS.

We’ll look at:

  • The purposes of planning
  • Review phase
  • Assessment and prioritization of issues
  • Objectives
  • Implementation plans and allocation of resources

Purposes of the Planning Process

In section 4.0, the standard explains that the broad purposes of planning is to:

  • Identify OHSMS issues
  • Prioritize those issues identified
  • Establish objectives that offer the greatest chances for OHSMS improvements and risk reduction

In case you’re wondering, “OHSMS issues” are defined as hazards, risks, management system deficiencies, and opportunities for improvement.

The planning process isn’t something you do just once. Instead, it’s an ongoing and recurring process. As a result, the planning process includes what’s called an initial review and then later, periodic reviews.

Within the context of the management system, planning is done to identify the more strategic activities that help identify the best opportunities for continual improvement. Operational plans (by “operational,” the standard means “tactical equipment/task level processes and issues rather than management system processes or issues”) are addressed in Section 5.

Planning should be performed in an organized, sequential manner that involves the following steps:

  • Gather and review relevant information to identify OHSMS issues (as described in 4.1)
  • Prioritize the OHSMS issues identified during the review mentioned above (as described in 4.2)
  • Develop objectives for the OHSMS and for risk control based on the prioritized OHSMS issues (as described in 4.3)
  • Create implementation plan to accomplish the prioritized objectives  above (as described in 4.4)

These steps are described further in the sections below.


The Review Phase of Planning

The organization must create a review process for performing the initial review and for the later, ongoing/periodic reviews.

The purpose of that review process is to create a “gap analysis.” In general terms, gap analysis is the difference between the current state and an ideal state. In specific terms related to an OHSMS, it’s the difference between the organization’s OHSMS and the requirements for an OHSMS that Z10 sets out. That difference is the gap, and the ultimate goal is to close the gap.

An organization begins by gathering and then reviewing information to identify OHSMS issues. This includes gathering and reviewing the information necessary to establish the OHSMS or, in later cycles, to improve the OHSMS.

This includes gathering and reviewing information about:

  • Management leadership and employee participation, as described in Section 3
  • Planning the OHSMS, as described in Section 4 (and in this article)
  • Implementation and operation, as described in Section 5
  • Evaluation and corrective action, as described in Section 6
  • Management review, as described in Section 7

The organization should document the process for conducting the review and also document the review itself. After that, the organization should use the same documented process (or an updated version) to perform the ongoing, periodic additional reviews. The organization should always keep documentation of the most recent reviews.

In order to identify the OHSMS issues, it’s important to review a broad spectrum of relevant information. Doing so will allow for identification of system and operational issues. Items to consider in the review are listed below.

Relevant Business Systems and Operational Processes

Reviews of business systems should focus on management system elements and not on specifics of operations. Examples include:

  • Determination of resource levels and expertise
  • Effectiveness of communication and employee participation
  • Review of change management timelines and effectiveness

Remember to review management systems that are not directly related to health and safety but may have an affect on health and safety. Examples including procurement, engineering, performance, qualifications of employees carrying out OHSMS responsibilities, quality, environmental, and recognition systems.

It’s also important–especially important–to direct attention to compensation systems.

All of these systems that are seemingly unrelated to safety and health can in fact have significant effects on safety and health in a positive or negative manner.

Operational Issues such as Hazards, Risks, and Controls

Although the primary focus on this section is on the management system itself, it still pays to review these operational issues. That’s because many operational issues are caused by deficiencies in the management system.

Operational issues may include hazards, health and disaster-related emergencies, as well as emergency events that may arise from the characteristics of materials, processes, and activities of the workplace or of neighboring activities.

Previously Identified OHSMS Issues

If there are OHSMS issues that have been identified before, gather information about them (and/or confirm that the existing information about them is accurate and up-to-date)

Allocation of Resources

Resources may be external or internal and  include funding, personnel, equipment, mechanisms, and results of employee input into the OHSMS and data systems.

Risk Assessments and Evaluations

For more about risk assessments, see Section 5 and Appendices D and F of the standard.

Evaluations should include data such as:

  • Loss control data
  • Workers compensation case information
  • Compliance status
  • Injury/illness metrics
  • Findings of incident investigations, including near misses and close calls
  • Audits
  • Monitoring
  • Measurements

If the organization hasn’t yet completed a workplace inspection, it should do so as part of the review.

Processes and Mechanisms for Employee Participation

Section 3 of the standard covers employee participation. Gather all relevant information derived from employee participation in the OHSMS for this review.

Results of Audits

They can provide information that’s useful during the planning review process.

For example, the standard notes that “internal audits can check whether the risk assessments performed reflect the actual workplace conditions and practices.

Management system audits are explained in more detail in 6.3.  The review of audits performed for Section 4 (planning) does NOT replace the audit process set out in Section 6.3.

Other Relevant Activities

According to the standard, these may include things like contractor activities, maintenance, and non-routine operations.

Assessment and Prioritization of Identified Issues

Once the information has been gathered and reviewed, and once the issues are identified, it’s time to assess the issues and prioritize them for action on an ongoing basis.

This takes place in four phases:

  • Assess impact
  • Assess level of risk
  • Establish priorities
  • Identifying underlying causes and contributing factors

Select the method of assessment based on the type of issue, the nature of the risk, or operations. For example, Z10 says: “…system issues such as lack of a Management of Change process or a non-conforming Management Review process may be assessed using multiple methods that consider level of risk imposed, financial impact, and regulatory compliance.”

Setting priorities may require judgements based on several factors, such as:

  • Issues that require immediate attention
  • Opportunities with the greatest potential for risk reduction or improvement
  • Issues with the highest severity or greatest impact
  • Issues related to organization, resource, participation, or accountability or other conditions that are fundamental to improvement in other areas

For more on assessment and prioritization, see Appendices D and F.

Once the process has been established, define and document the process so you can use it periodically to help identify new objectives. Once a prioritized list of OHSMS issues has  been created, document the list. See Section E5.4 for more on this.

Let’s look at each of the aspects in more detail.

Assess the Impact and Risk of OHSMS Issues on Health and Safety

Assessment of risk should include factors such as:

  • Identification of potential hazards
  • Exposure
  • Measurement data
  • Sources and frequency of exposure
  • Human behavior, capabilities, and other human factors
  • Types of measures used to control hazards
  • Potential severity of hazards–consider not only high-probability hazards but also high-severity/low-probability hazards

Although you’ll be making assessments for this section, remember that they’re only for prioritizing occupational health and safety issues and they’re likely not complete or sufficient to determine appropriate hazard controls (see 5.1.2 for more on the Hierarchy of Controls).

For more on risk assessment methodologies, see Appendices F and O.

Establish Priorities for Addressing/Correcting Issues

Establish the priority for addressing concerns based on a number of considerations, including:

  • The level of risk
  • The potential for system improvements
  • The feasibility of addressing the issue
  • Standards and regulations that may apply
  • The potential business consequences (these may include things such as effect on productivity, revenue, sales, and/or profit; public image; and similar business considerations)

Identify Underlying Causes and Other Contributing Factors Related to System Deficiencies that Lead to Hazards and Risks

Underlying causes that may be related to system deficiencies and that can contribute to hazards and risks could include things like the following:

  • Human resource issues, including staffing, culture, capability, training, and/or job demands
  • Issues related to machines, processes, or equipment, such as the absence of a process for assessing machine guarding maintenance, hazardous material controls, or design
  • Issues related to management, including measurements, supervision, accountability, communication, or participation
  • Job methods including rules, practices, or procedures
  • Issues related to the facility and work environment, including layout, ventilation, and lighting

Deliver. Report. Manage. Convergence Training EHS Course Library


The next step is to then create a process for setting objectives based on the identified and prioritized OHSMS issues and, of course, to create those objectives.

The objectives should be based on the OHSMS issues that offer the best chances for risk reduction and OHSMS improvements. When possible, the objectives should be expressed in a quantifiable manner.

The number and content of the objectives should be:

  • Based on the priorities just developed (above)
  • Focused on making system-level improvements to eliminate or control underlying causes and contributing factors associated with risk
  • Consistent with the organization’s occupational health and safety policy in general

These objectives should have a qualitative or quantitative measurement where possible and appropriate. They should be set, reviewed, and modified at appropriate time intervals to reflect the efforts of the continuous improvement cycle, and they should be modified information changes and/or when conditions that impact the schedule or possibility of meeting the objectives change.

According to the standard, an organization isn’t required to set an objective for every OHSMS issue they identified. But the organization SHOULD set enough objectives to reduce risk and improvement health and safety in the workplace in a measureable manner. Focusing on objectives that provide the greatest improvement in employee health and safety is an effective way to do this.  Organizations may find that focusing on the critical objectives often is associated with improvements in organizational performance.

It’s not necessary to create objectives (or later, implementation plans) for “find and fix” issues that can be quickly resolved.

Implementation Plans and Allocation of Resources

Once the objectives have been created, it’s time to plan for putting this all into action. And that’s why the final part of Z10, Section 4 deals with implementation plans and allocation of resources.

There are three basic aspects of this, as explained below.

Establish and Implement a Documented Implementation Plan

The organization may choose to create a documented implementation plan for each objective or a single plan that addresses multiple objectives.

The implementation plan should determine and define:

  • Resources
  • Responsibilities
  • Intermediate steps
  • Time frames
  • Measurements of progress

Assign Resources to Achieve the Objectives of the Implementation Plan

The allocation of resources must be consistent with the timeframe mandated in the implementation plan.

Periodically Review and Update the Implementation Plan

The organization should review the implementation plan on a periodic basis and updated the plan if necessary. If the organization has changed any of the following, that/those changes may call for a corresponding revision in the implementation plan:

  • Policies
  • Objectives
  • Activities
  • Products
  • Services
  • Operating conditions

Conclusion: Following ANSI Z10 to Plan an Occupational Health and Safety Management System (OHSMS)

That’s our look at planning an OHSMS system and at Section 4 of Z10.

Our next article will look at section 5 of Z10. This is when you could say the rubber really meets the road–planning is done and implementation and operation is the focus.

Earlier in this series of articles, we mentioned that the standard comes with a very nice series of Appendices. Until this article, however, we haven’t mentioned them much. Within Section 4, however, Z10 calls out a few of these Appendices in particular, so we thought we’d call them out here as well.

  • Appendix D, Planning-Identification, Assessment, and Prioritization, page 38 (mentioned in E4.1F, E4.2)
  • Appendix F, Risk Assessment, page 47 (mentioned in E4.1F, E4.2, E4.2A)
  • Appendix O, Bibliography and References, page 78 (mentioned in E4.2A)

Also, Section 4 itself calls out various other Sections of the standard a few times as well. These are listed here for you:

  • Section 3, Management Leadership and Employee Participation (mentioned in 4.1)
  • Section 5, Implementation and Operation (mentioned in 4.1, E4.0)
  • Section 6, Evaluation and Corrective Action (mentioned in 4.1)
  • Section 7, Management Review (mentioned in 4.1, E4.1A)
  • Section 6.4, Corrective and Preventive Actions (mentioned in E4.0)
  • Section 5.1.1, Risk Assessment (mentioned in E4.1F, E4.2)
  • Section 6.3, Audits (mentioned in E4.1H)
  • Section 4.3, Objectives (mentioned in E4.2)
  • Section E5.4 (mentioned in E4.2)
  • Section 5.1.2, Hierarchy of Controls  (mentioned in E4.2A)

Hope you found this all interesting and helpful! See you a few articles down the line for the continuation of this series, in which we look at implementation and operation.



Effective EHS Training: A Step-by-Step Guide

Learn how to design, create, deliver, and evaluate effective EHS training by following these best practices with our free step-by-step guide.

Download Free Guide








Jeffrey Dalto

Jeffrey Dalto

Jeffrey Dalto is an Instructional Designer and the Senior Learning & Development Specialist at Convergence Training. Jeff has worked in education/training for more than twenty years and in safety training for more than ten. You can follow Jeff at LinkedIn as well.

Leave a Reply

Your email address will not be published. Required fields are marked *