Subchapter M is a positive Regulation from the USCG to improve safety

Introduction. Industry maturity is essential in the implementation of any regulatory requirements. The reluctance of the industry toward implementation of the Subchapter M requirements is short-sighted.

Based on the analysis of casualties, tragedies and near misses, statutory bodies at the insistence of the executive (Congress as the representative of the citizens) propose regulations for compliance; to ensure the safety of the marine environment. The USCG is a premier internationally respected maritime authority and they have taken a lot of time to come out with Subchapter M, incorporating the best practices and lessons learned from years of implementation and enforcement of the ISM Code (toned down as required for the domestic towing industry in the US). Owners often, especially small businesses, see the initial investment as an expensive inconvenience. They perhaps fail to recognize the long-term benefits of safe operations using a system approach. An incident, accident, loss of life or marine pollution will be far more expensive than the initial investment. Not only to them but to the entire industry on the inland waters.

Appreciating Risks in the Context of the Maritime Environment. [1]This regulation may initially seem to many like another ‘policing’ activity by statutory bodies. When driving a car, people don’t wear a seatbelt to avoid being caught by the police. It is to keep the passengers in the car safe. The industry too must implement the Sub M regulations in the spirit of ensuring safety, mitigating risks in the context of the maritime environment and systematizing their operations. It is all about the PBMS (process-based management system) approach.

ROI (Return on Investment). Even without pollution or injuries estimated costs for the towing and barge industry are greater than $3 million. The cost of a closed waterway can amount to millions of dollars per day.[2] The NTSB concluded the probable cause of the grounding of the MODU Kulluk was, inadequate assessment of the risk for the planned tow of the Kulluk and implementation of a tow plan insufficient to mitigate that risk. As part of the Kulluk[3] team responsible for recommending safety measures, following the USCG & NTSB report them core reason for the incident is not surprising.  After all, “A bad system will let down a good person every time”.

Correct Implementation. This non-implementation of maritime safety regulations typically leads to tragedies. Every organization endeavors to produce a conforming product/service. Inspection before releasing the product to customer results in either clearing or rejecting the product or service. This dependence on inspection is a cost raiser. After all, rejection means delays and off-hire in the maritime industry. The intent should be to improve the auditing of the procedures comprising the management system so that processes result in a conforming product/service. The USCG has come out with the Subchapter M to provide that framework to create the management system, monitor it, inspect and audit it; thereby ensuring safety and in effect prevent loss in every way, including the loss of a vessel to a casualty. The industry must understand this aspect of the intended.

Learning from Tragedies. The tragic sinking of the Titanic a century ago is still teaching us lessons that we often neglect in implementing in the international maritime industry. I bring this international example as it has a lesson for the domestic industry. The SOLAS convention which was the outcome of the tragedy, investigations, and introspection by the maritime industry, further led to MARPOL, the ISM Code and later the STCW convention. The implementation of all these was dependent on the Flag States, then the issue came up, about the Flag States doing their job. Ships had the SMC[4] and other trading certificates; the maritime companies maintained some standards by them maintaining a DOC[5]. However, Flag States had no check. So, more regulations now, to bring the Flag States under the preview of the IMO with the IMSAS Audits to the III Code. More regulations are not the answer but are essential when implementers are reluctant to implement in the spirit of the regulation.

Lessons from the Sinking of the Herald of Free Enterprise. The example of the Titanic is essential as Sub Chapter M is implemented. The ISM Code is a good safety initiative to be implemented. The learning in its clauses has been at the cost of precious seafarers’ blood. One of the primary lead-ups to the ISM Code was the sinking of the Herald of Free Enterprise, a British RoRo[6] car passenger ferry on 7 March 1987 killing 193 passengers in near calm seas, when the vessel put to sea with the bow door open. A public inquiry into the sinking lead by Lord Justice Sheen castigated the ship’s owners when Lord Sheen “identified disease of sloppiness and negligence at every level of the corporation’s hierarchy”. This was almost the first time that instead of blaming just those at sea, those ashore were held responsible. It was this need for the operators and owners of seagoing vessels to have a management system with well-designed procedures that were to be resourced and monitored that necessitated the ISM[7] Code.

Role of TPOs. It is this ISM Code then which has been studied by the USCG and converted into the Sub Chapter M with all their expertise and wisdom. USCG is following the pattern of monitoring based on ROs[8] for international shipping by decentralizing and approving TPOs[9] for monitoring and controlling the implementation of Sub M. The purpose and objectives of these TPOs is not to interpret the Sub M to the convenience of the industry, but to implement the USCG intend to ensure safety.

This simple P-D-C-A, Plan-Do-Check-Act cycle is the magic in ensuring the TSMS[10]  or the MS as per USCG direction, works to ensure safety on board and for the others. A good plan based on company policy wisely converted into measurable objectives to drive the procedures, work instructions and the personnel on board and ensure leading to good implementation. The competence of the crews and top management motivated to understand this is essential for them and others who ply in our waters. The Check Stage should be all-encompassing with primarily getting inputs from objective auditing, enabling better decision making by the leadership based on objective inputs. The check stage is mainly the audits, but it should consider any other inputs as failed inspections, near misses, industry inputs and new emerging risks. This stage also includes reports from the USCG and so on. This stage is vital and requires good training of auditors[11]. Auditors and management who understand that “the only bad nonconformity is the one which is not known to the organization.”[12] The Act stage is often very neglected, where top management leaves the review to their second-tier management. If they are committed to the management system (TSMS), it is essential that the leadership conduct a management review at regular intervals, soon after a mishap and any time they are in doubt about the state of the system functioning. At each stage of the PDCA cycle risk must be considered.

The TPOs will be cleared by the USCG as per USCG procedures. A lot is dependent on them, as they will implement the Subchapter M requirements on behalf of the USCG. The Statutory USCG requirements are created to provide, the required oversight, to maintain stakeholder focus, to protect the interests of the customer when tow boats & services are certified. USCG has outsourced this to TPOs who should perform to expectations, be well resourced, have the infrastructure and create the environment for compliance in the spirit of the regulations. The TPOs should maintain organizational knowledge levels as also maintain competent personnel and take accountability for the effectiveness of the TSMS.

Options for Compliance to Sub M. The USCG has provided options to the towing industry to choose from to ensure compliance. In Option A -the “Coast Guard Option” per (46 CFR 136.130(a)(1)) offers the best for small towing companies who own just two or three vessels. This option requires annual visitation by the CG for the inspections. In Option B wherein the “TSMS” Option (137.130) would be the more logical choice, for larger operators, for convenience, and for the cost. It requires, either Internal (first-party) surveys to be overseen by a TPO or external (TPO) surveys, where the TPO conducts independent verifications to assess compliance at the appropriate times in the cycle. The USCG Certificate of Inspection (COI)[13] is valid for five years and requires a valid TSMS issued by a TPO.

Whichever option is selected by the company they have to see the value of their system. If it is a paper exercise, of course, it will not bring the results. The fear that this will increase paperwork is misplaced. The TSMS does mean a little more of system implementation and so a little increased paperwork is to be expected. Companies should not go overboard with paperwork. Refrain from over documenting your system or using a template that does not reflect how they operate. Increased operating & compliance costs are not necessary. There will perhaps be some initial costs to comply however, the cost of operating safely is much lower than the cost of an accident. Another fear owner may have could be the interference in their business. However, increased safety on the inland waterways benefits all including, boat owners and other leisure craft operators, crew members, the environment and the economy (ensuring waterways not shut down).

Conclusion. In summing up, based on my experience and involvement as also work with USCG, I can say this is a very well-intended, well-meant initiative to help the towing industry. The real joys will come from the correct implementation. Subchapter M is not only about compliance. It is about building a safety culture. It encourages the industry to streamline and reduce the paperwork that supports compliance/conformity, by greater use of technology, by identifying common areas and integrating documentation requirements as also motivating the workforce to use and improve the system. To use the reporting and monitoring systems, to build a culture of risk assessment / risk-based thinking and to explore measures to reduce the cost of compliance as also to improve monitoring and develop performance indicators. The early risk appreciation from data driving risks and NC[14]s driving Correction[15] and CA[16] will itself pay for the investment by providing confirming vessels as product and service of the industry.

 

 

[1] For the Context of the Organization guidelines refer to Clause 4 (4.1,4.2 & 4.3) read with Clause 6.1 of the Standard ISO 9001:2015.

[2] Transportation Statistics Annual Report 2017.

[3] https://maddenmaritime.files.wordpress.com/2016/10/tsac-1401-recommendations-kulluk-grounding.pdf

[4] Safety Management Certificate per the ISM Code.

[5] Document of Compliance as Per ISM Code.

[6] Roll-on roll-off.

[7] International Safety Management Code.

[8] RO: Recognized Organization representing a Flag State as per role defined in SOLAS.

[9] Third Party Administrators.

[10] Towing Safety Management System.

[11] https://www.qmii.com/iso-9001-training/

[12] Quote original by Dr. IJ Arora President and CEO QMII. www.QMII.com

[13] Coast Guard Certificate of Inspection.

[14] Non-Conformity.

[15] Correction is a quality term describing the immediate actions taken to address a NC.

[16] Corrective Action. CA is based on RCA-root cause analysis.

Obtaining Top Management Commitment

Who cares about the system? 

Management systems need top management commitment to work well, and yet many systems lack the necessary commitmentYou may recognize some symptomsPolicy – ignoredObjectives  are barely alive. Corrective actions remain open. Managers seem not to appreciate the value of the requirementsEmployees are unsure about the system’s requirementsProactive identification and addressing of risks/opportunities is rareRoot causes of failure remain in the system. Consequently, the system is not improved. Employees are unaware of what the system should do for themManagement reviews are embarrassingLeaders either do not show or do not contribute. Top Management Commitment is lacking. Audits may temporarily energize the playersManagement representatives ask, Am I the only person who really cares?” 

Who trained the leaders? 

Many leaders do not explain their management systemsThey may know the importance of certification, but they rarely explain why their system is vital for survival and growthWhy is this? Examine your internal audit program; is it driven by top management’s objectives?  Audit your training recordsDo they show that leaders are competent and confident to show their top management commitment? Who trained the leaders in their organizational management systemCompetent leaders take responsibility for their systemThey explain how their system works and why its requirements are so important to themUnaware leaders blame employees for mistakes caused by their system. 

Your system, is it perceived as worthy? 

Even if your system is certified, do not expect leaders to support it Every organization is a systemDoes the documented part of this system describe how it converts stakeholder needs into cash (or continued funding)?  Is this the management system that was certified or was it some new ISO system built on templates?  

Is your system irresistible to the leaders?  If notshow how your system converts needs into cash so top managers would not want to lead without itTry our methodology to appreciate how others have developed systems and gained top management commitment beyond certification. Everyone should fulfill their objectives and earn their bonuses by using and improving  the system.  

Awareness Leaders Workshop 

Engage us to design and facilitate your one-day Awareness Leaders Workshop™Select attendees who are leaders by job title and those who are leaders by personalityInclude the skeptics! 

We listen to your objectives and design your workshop to fulfill your required outcomesThis may need  system analysis to result in a diagram that explains how the system converts needs into cash. This  workshop is facilitated by our senior management system consultant and auditor, who for over 20 years  has helped many willing and reluctant managers to understand and commit to their systems. 

Prepare for action 

Remove the root causes of what ails many management systemsYou want your top management commitment  to the requirements of their management systemClear the backlog of stale CARs  and pending actions on identified risks to prepare for the surge of improvements flowing from the renewed leadership of your system 

When you are ready, please email IJ Arora or call 888.357.9001 with your requirements.

What is SMEA and FMEA?

Success Modes and Effects Analysis

An organization is likely to succeed if it understands the system that runs its business. It can then identify where it needs to make improvements and use its system to succeed. QMII help clients to develop their process-based management systems by using success modes and effects analysis (SMEA). SMEA conversely to FMEA focuses on the success areas (opportunities) the organization is trying to achieve and determining what are the potential risks to achieving them. They then taken action to address these risks. While all risks cannot be eliminated based on resource constraints, SMEA provides an opportunity for organization to prioritize the risks and take appropriate action.

To implement SMEA, top management need to analyze and document what their organization does to convert customer needs into cash (success modes). This enables them to see where waste can be eliminated by applying lean principles to achieve lean design, lean manufacturing, lean administration and lean service.This determines the key processes in the system that runs the business. The next step involves working with the process owners to analyze each of the key processes for the fulfillment of process objectives (effects analysis). This results in a flowcharted procedure for each key process.  If you’re not fond of flowcharts then any other method of documentation will do. These procedures refer to the interacting processes and supporting documents.

Competent employees, from the recruiting and training processes, are coached by their leaders to use their system to eliminate causes of waste and succeed. These systems include procedures for creating new products and new processes with inputs from successful designs (see FMEA below).

Organizations can use SMEA to build and grow the success of their organizations.

Failure Modes and Effects Analysis

FMEAs during product and process design prevent failures of products and processes. A team, representing customers, designers, manufacturers, installers, users and suppliers agrees upon the rules for evaluating risk. The team works through each of the ways in which the process or product could fail (potential failure modes) and assign a score per the rules to signify the frequency and impact of each type of failure (effects analysis).

Failure modes that potentially are the most frequent or could have the biggest impact (or both!) are the highest priority. Teams remove the root causes of such failure modes to prevent their occurrence. These preventive actions make processes and products much more reliable from the beginning.

As you might expect the entire automotive industry now uses FMEA to improve reliability. Yes, not one car maker considered the sudden loss of global financing; a rare failure mode with dire consequences! Organizations that fail to use FMEA have to suffer the many losses due to incapable processes and poor products. Repeated failure may enable them to learn the hard way if they remain in business.

FMEA works best as a preventive action tool within a process-based management system (see above).

QMII facilitates failure modes and effects analysis (FMEA) and success modes and effects analysis (SMEA) for our clients.

Management review: A Necessity or Improvement driver

The management review is a critical step to ensure sustained success of the management system, yet this is often left to the relevant manager to document to meet the system standard requirements. A myriad of reasons is given for a management review not being done within the timeframe as defined by the organization. These include unavailability of senior management due calendar conflicts, waiting on inputs from department heads and sometimes just a lack of commitment by leadership.

Even when conducted ‘timely’ the review is often done purely out of necessity of meeting the requirements of the standard. The review, however, is a critical step for the success of the system and enables the continual improvement of the system. Leadership may, at times question, why money invested in a Quality Management System; that certification to ISO is not delivering the intended ROI. The answer often lies in their lack of commitment to the system as perceived by the users of the system.

Why are my reviews not driving improvement?

Management reviews when done out of necessity become a documentation exercise. The responsible manager collects all the data and analyzes/evaluates it for presentation to management. They proudly share these presentations with whomsoever asks about the management review. The ISO standards (e.g. ISO 9001, ISO 14001 and others) in clause 9.3 give the requirements for what shall be included in a management review. However, the review need not be limited to just these topics.

In consulting, QMII has often heard, “But we do daily reviews with our team and weekly updates with the managers”. Why not record these as a part of your management review? Do keep in mind that ISO standards ask organizations to conduct management reviews at planned intervals. It does not say it has to be a meeting or be held in a boardroom or the planned intervals need to be equally spaced. When the system is incorrectly implemented, or the standard incorrectly interpreted it often leads to a weak foundation of the system. Soon users of the system are complying and doing what has been documented rather than asking “is this really correct for us?”

With the passage of time, the lack of commitment percolates through the system to where the person tasked with championing the system, such as a quality or environmental manager, is fighting a lone battle. This lack of commitment may be apparent from the lack of decisions by management to issues presented in the review.  At times the concerned departments are trying to drive their own agendas, and this creates conflict and disconnect. Also, in recording the outputs of the review, the decision and actions from management must be recorded. QMII, often finds these missing.

How do I improve my management reviews?

To do so the organization must first understand the intent of this clause in the ISO standards. Clause 9.3 (under the high-level structure) asks management to review their systems to ‘ensure its continuing suitability, adequacy, effectiveness and alignment with the strategic direction of the system.’ This, in essence, must be the guiding principle for the management reviews.

This is the reason why these reviews must be done holistically. It is this guiding principle that will determine the intervals for the review. Clause 5.1 of the ISO standards (those aligned per the HLS) asks leadership to take accountability for the effectiveness of their systems. The management review is the platform via which they can assess if the system is effective in meeting their policy as set. The management review is also where management reviews the system and determines the required changes in the context of the organization, the needs of the interested parties to determine new risks,  if any changes to the policy / strategic direction needs to be made and resourcing needs.

Engaging Leadership and the rest of the team

There is no mantra that will deliver sure-shot success. I wish there was one, for I know many an organization that would willingly invest in it! However, educating management on the WHY of the management review has often helped. If need be consider external consultants to deliver the message. Additionally, you can consider these three steps to get more engagement:

  1. Gather review inputs from management team: This is a good method to get everyone involved. Pass around a draft meeting agenda so all system users can prepare for the review (should you be having a meeting) and can provide their inputs /items that they need management’s decision on. It is also an opportunity for them to gather opportunities for improvement from users of the system.
  2. Use a review format that works for leadership: Document how your reviews are done exactly the way they are done within your organization. Perhaps some agenda items are discussed on a quarterly basis and others on a weekly basis. The intent is not to please an auditor but to use this tool to drive improvements through the system, as needed. Remember, the guiding principle discussed above.
  3. Communicate the outputs of the review …. including leadership’s decisions. While the standard does not require this, it is implicit in ensuring continual improvement. Communication is important but the outputs of the review need not to be communicated to the entire organization. Perhaps relevant parts to the concerned managers and their teams. It demonstrates to the users of the system that management is involved, is aware of the problems and has provided decisions on various matters presented.

Management Reviews ….  Improvement Driver

When done correctly management reviews become the springboard for improvement throughout the system. It comes at the end of the ‘Check’ stage of the PDCA cycles leading into the ‘Act’ stage for continual improvement. It enables leadership to assess how well their system is doing. It delivers, in the long run, the engagement needed from users of the system and the ROI that leadership are seeking in their quality management system.

Subchapter M: Bane or a Boon?

Request a free copy of IJ's Subchapter-M Presentation 


Integrated Management Systems AKA ‘A balanced lifestyle’

Integrated Management Systems (IMS) when well implemented enable improvement across various facets of the system. Management system implementation reminds me of the orientation that my gym instructor gave me when I first enrolled at my local health club:- “Losing weight doesn’t happen just in one day and with crash diets: you gotta workout, gotta sleep the right amount, have a little fun in life and yes, food is the most important factor, but everything is in moderation. A combination of all that will give you a satisfying result and you’ll be a happier person. No shortcuts.”

When I look at the anatomy of an organization, I remember these words and know they are applicable to those looking to implement management systems, especially Integrated Management System (IMS). With IMS, they are looking to address multiple concern areas such as quality, environmental protection, safety, security, and overall happier stakeholders.

What is an Integrated Management System?

These days search engines like Google are the go-to source for all the answers, angles, interpretations and everything else. As I thought about the IMS and its benefits, I too turned to the ‘Google’ for insights! This is what I understood: “A management system is a set of policies, processes and procedures used by an organization to ensure that it can fulfill the tasks required to achieve its objectives. These objectives cover many aspects of the organization’s operations including financial success, safe operation, product quality, client relationships, legislative and regulatory conformance, and worker management.” (Source: Wikipedia)

Another applicable example that I can give is how a country runs? There is politics, religion, economics, business all in a blender with a spoonful of “science” and “logic” to it, which is rarely used (winking). A successful balance is needed and the country well-managed for it to be successful and have happy citizens.

There has been an increased demand for integrated management systems in recent years. Organizations are beginning to recognize how these systems enable improvement across various facets of the business. For organizations looking for continual improvement and efficiency as also ensuring the security of information, the question is: why to implement two different systems when one can meet both requirements. Think of a cocktail – If you want Vodka and Tequila together, why not order a Long Island Iced Tea instead of two separate drinks.

The International Organization for Standardization (ISO) has, since 2013, been aligning its standards to the new High-Level Structure in which all ISO requirement standards are published with 10 clauses and identical sub-clauses. The High- Level Structure allows for easier integration of management systems into our existing system and ensures that the policies and objectives for each standard do not conflict with those of another. ISO standards use the basic Plan-do-check-act cycle to achieve continual improvement through vigorous use of the system.

Benefits of Integrated Management System

Integrated management systems allow organizations to identify and address various and different kinds of risks to their system: financial, strategic, competitor, security, safety environmental and others. All this while ensuring continual improvement of the organization. This approach enables organizations to meet the needs of its stakeholders and to adjust to the changing needs through systematic and planned changes.

Back in the good ol’ days, we did not have to worry about computer hackers, though there were other means by which our security was threatened. An information security breach can be a large liability for many organizations these days. How do we ensure that our organization is prepared for such potential breaches? We do not want a cyber-security system operating outside of our business system. We want it integrated into it.

Integrated management systems also are more cost-effective in the long run. There are cost savings in implementation, training, and auditing. Why spend on two/three different system audits in order to meet with the requirements of each Standard, when an integrated audit can assess the common requirements of each standard at the same time. These include competence, control of documented information, system measurement and analysis, etc. For the users of the system, benefits include objectives that align with the integrated policy, reduced duplication of effort and no conflict in the expectations of the management with respect to each policy. This makes the system more efficient, effective and very progressive. It also makes the system more flexible and adaptive in nature to the changing context of the organizations and needs of the relevant interested parties.

Conclusion

Integrated Management Systems can help the organization align its existing system to the requirements of multiple international standards using a single common factor in lieu of discrete systems. Hence, reducing duplication or redundancies. This includes its scope, policies, objectives, programs, processes, protocols and many more. In the maritime field ISO 9001:2015 can easily be merged with ISM Code or in the aviation industry, aerospace requirements along with requirements for occupational health and safety. To meet the growing demand of stakeholders for environmental sustainability, you can also add on the requirements of ISO 14001. Add Security to it, and you got your self a perfect Long Island Iced Tea, I mean your perfectly integrated system.

A lot of time and money is saved in implementing integrated management systems. It also helps in maintaining accountability and consistency for one perfect integrated system. Once your management system is integrated, you will notice reduced bureaucracy along with a reduction in duplication of efforts, redundancy, and expense. It will optimize resources and streamline the process. Integrated management systems will also help with the following: –

  • Curbing conflicting objectives
  • Eliminates conflicting responsibilities and relationships
  • Improves Internal and External communication
  • Harmonizes practice for each Standard in one
  • Business focus is unified to maintain its objective/goal
  • Customer focus is one and not for various tasks

Oh and continuing my health analogy, a well-integrated management system will give you the desired outputs and satisfaction as does those number reducing on the weighing scale! Lastly, remember that there are no shortcuts. Templates come with many promises but do not enable the long-term gains that a well-implemented system will afford. Refer QMII’s time tested approach here.

Stop the Firefighting: Use Effective Root Cause Analysis

Root Cause Analysis (RCA) or Causal Analysis when applied correctly should help to prevent the recurrence and occurrence of similar issues within the organization. Why then is such little time, money and or effort afforded to it?

Heroes save the day! Yet again! How often have we come across news articles that laud those who manage the crisis, stop the plane from crashing or save the patient. The reality in any casualty is that, a system failure has resulted in a non-conforming product/service, including failed inspection. Organizations should laud and appreciate those who prevent incidents/ accidents/non-conformities and those who perform effective root cause analysis. Those who recognize near misses and perform CA  should receive equivalent if not more praise.

The root cause of many diseases is lack of a healthy lifestyle. Presumably, annual medical check-ups would show the flaws and enable risk appreciation to prevent a disease or illness from manifesting itself. This data however may not be enough to provide an accurate diagnosis or prevent a serious medical condition. Perhaps some may see the regular check-ups as a waste of money and time! This may help to explain why companies are reluctant to do root cause analysis when non-conformities arise. Their instincts are to do the firefighting when something goes wrong. This basic firefighting often appears to be less expensive, quick and seemingly more convenient. However, as has been proved again and again in various fields (quality, safety, security, etc.) prevention is better and more cost effective than the cure.

Why Problems Persist?

There are many methodologies for root cause analysis (RCA). It is not the intent of this article to educate its readers on the various RCA methodologies. Before we delve into why problem persists let us considers why problems occur. Problems usually occur because of the lack of a functional well implemented management system. This includes the lack of management commitment, timely identification of risks and lack of controls/adequate resources for the processes. Despite repeated warnings from their doctor, patients choose to continue living their current lifestyle. During incident investigation interviews this comment is often heard ‘this is the way we always did it’. Humans are not always accepting of changes and ‘if it ain’t broke then why fix it?’ Management of change is never easy. The larger the organization the more difficult it is to enable the change. Often in management systems, problems are ‘fixed’. This makes the issue go away albeit temporarily. Everyone likes a good score card and ‘fixing’ the issue makes everything look good again. However, when the root cause(s) are not addressed this dragon will raise its ugly head again.

When root cause analysis points toward leadership or top management, the job security aspects may prevent the middle managers from completing the RCA process. This political limitation, to avoid exposing process issues within the ranks of leadership are counterproductive, and yet a reality. As preposterous as it may sound, in some cases leadership may opt for paying the fine when things go wrong and then proceeding as is. This is seen as the ‘less expensive’ option than resourcing actions to prevent the recurrence/occurrence of problems. Conflicts of interest in the workplace, can often be a reason for a lack of effective root cause analysis.

Stopping the Firefighting.

With all due respect to firefighters and other emergency personnel, organizations want to solve the problem, so they do not have to call them back! This means getting to the root cause(s) of the incident. Very often when identifying the root cause(s), the work group or practitioners often stop short of finding the actual “root cause.” These may be the immediate direct or indirect causes. The root case may lie in another part of the organization and often gets missed. Root Cause Analysis when done correctly drives systemic changes to prevent similar issues from cropping up again. As with everything else the RCA team needs the backing of the leadership including the needed resources to be effective.

In conducting effective root cause analysis, the inputs of customers and other stakeholders may be needed. For effective root cause analysis is of interest to all organizations that are integral to the successful implementation of a management system. The element of social responsibility in the defined duties of leadership need to be audited and have consequences when customer focus is lost. The new root cause analysis model should have an element of responsibility attributable to the top management. The intent, not to encourage a blame culture, but a responsibility culture. As a part of QMII’s management system implementation we train selected candidates as a problem-solving team to enable and empower continued success of the system. To sit in the fire house and focus on other initiatives such as innovation, social responsibility etc. an organization has to proactive rather than be responsive.

Conclusion

Leadership often questions why money spent on management systems, particularly when based on ISO Standards do not work? Why a conforming product or service is not constantly delivered by an organization? Mature organizations recognize that the only bad nonconformity (NC) is the one that they do not know about. Once the NC is identified, the system must drive Correction and CA (corrective action, based on RCA). Closed NCs added to the database, along with the proper analysis of the information, will allow system users to appreciate risks and trends to identify the opportunities for improvement (OFI). However, all this will fail if the MS (management system) users do not understand the value of RCA.

For the success of a Management System, its outputs based on inputs must deliver conforming products and services.  When the Management System does not achieve this, all stakeholders should be interested in the root cause analysis and corrective action.

Re-thinking the ISM Code

The ISM code, when implemented in 1998, was meant to encourage organizations to take ownership for the safe operations of their ship and the safety of the environment they operate within. Many years hence and the benefit of the ISM code is still being debated. Has it been a boon or a burden to the maritime industry?

Given the number or maritime accidents and loss of lives, most would opine that safety would be second nature to those at sea. Something like wearing a seatbelt when driving a car where the person does it for their own safety and for those travelling with them. It is not done out of fear of the enforcement authorities. So then why has the ISM code not driven a similar safety culture within the maritime industry?

Boon or Burden?

In many companies, the ISM code implementation has become a paperwork drill; where it is seen as a means of demonstrating to regulators that the requirements have been met. The reasons for this culture are many, including but not limited to:

  • Lack of effective communication between ship and shore staff (one of the key issues the ISM code aimed to address)
  • Fear of reporting of non-conformities / near misses (lack of job security)
  • Hierarchical structure of companies
  • Authoritarian leadership (my way or the highway)
  • Systems not customized to the vessel (generic to the fleet)
  • Poor system implementation

The ISM code provides a system approach to continual improvement but only when the code is implemented in the right spirit. Personnel often do not understand the ‘WHY’ for implementing an SMS and their need to do the right thing. Often conformity/compliance is stressed even when the actions may not be the right thing to do. Measures such as Bridge Resource Management are add-ons to ensure effective communication of risks and challenging of group thinking. However, often the training is not sufficient to enable challenging a senior officer unless they are encouraged to do so. Most mariners today view the SMS on board as a burden. Over-documentation is slowly killing the system and once incorporated into the system, requirements rarely get removed. SMS reviews done by the Master do not truly evaluate how the SMS is adding value to the effectiveness of the system.

The Case for Risk-Based Thinking

ISO 9001 in its revision in 2015 introduced the concept of risk-based thinking, wherein organizations shall assess the risks to their system given the changing environment they operate within and then plan to take actions to address these risks. This concept of risk-based thinking is driven down to awareness of the entire staff of the need to contribute to the effectiveness of the system. While the ISM code in its objectives requires companies to identify and safeguard against all risks this has in many cases become a paperwork exercise of completing a risk assessment form and filing it. The ISM code in essence has encouraged companies to identify potential emergencies, prepare contingency plans for them and the drill in these. Often these are limited to the same 10 or 12 scenarios such as grounding, oil spill, man overboard etc. Many maritime companies are ISO 9001 certified but often the scope of this certification only extends to the shore-based offices. While the certification scope may be limited, there is nothing stopping companies from extending the system to vessels or at the least the concept of risk-based thinking.

The safety culture must start with the commitment of the leadership and then be reinforced throughout the organization. The fear of reporting non-conformities must be eradicated. This can only be achieved when personnel are confident that there will be no repercussions. Regardless of the safety culture of organizations however, given the contractual nature of employment at sea, it is often difficult to inculcate a sense of commitment to the SMS. Mariners in general tend to work safely and watch out for safety of their shipmates. At times though, the culture of “follow the procedure” leads to actions being taken even when they may not be the best, given external influences and circumstances.

Consultation and Participation

ISO 45001, a standard for occupational health and safety management systems, introduces the need for ‘organizations to maintain a process for consultation and participation of workers at all applicable levels and functions, and, where they exist, workers’ representatives, in the development, planning, implementation, performance evaluation and actions for improvement of the OH&S management system’. Getting inputs from the entire workforce enables quicker and easier buy-in to the system. The SMS while capturing the various requirements should be designed for easy use by the users of the system. Often SMS manuals on board are bulky and rarely referenced. Personnel choose to follow the practices they have learned over the years from other ship mates and mentors rather than reference the SMS.

When asked for feedback on how to improve the system, many mariners have ideas but the system at times does not provide an avenue for this feedback to be captured and formally implemented within the SMS. Best practices often remain limited to a vessel as a result. Following the concept of risk-based thinking, organizations need to consider the risk of barriers to participation and take measures to reduce these. Many accidents/incidents and near misses could be addressed if mariners could have asserted themselves in the situation and alerted someone to the problem/potential non-conformity.

Conclusion

Some in the industry are calling for increased regulation to improve the maritime industry in ensuring ships are operated safely. However, regulators can only do spot checks. They are not on board 365 days of the year. Operational pressures play a major role in how risks are assessed. The grounding of the Torrey Canyon is a prime example of this as is perhaps the Titanic.

As the use of technology increases and reliance on electronic systems, consequently new risks will be introduced to the maritime industry. This new era will benefit from a re-think of the ISM code to encourage the inclusion of risk-based thinking (beyond just a documentation exercise) and the participation of mariners to actively improve the SMS and embrace safety. In conclusion, maritime companies (with or without a change to the ISM code), in the interest of their mariners and the maritime industry at large need to rethink their approach to implementation and maintenance of the SMS.

Myth: Management system implementation – documentation must align to the ISO standard

Companies use different management system implementation methodologies to understand the requirements / inputs of their customer and then plan to deliver outputs meeting requirements as a conforming product / service. The International Organization for Standardization (ISO) publishes standards which when correctly interpreted enables companies to systematically and consistently provide desired outputs while addressing risks. Using the framework/methodology provided by ISO, companies design systems / processes to work together to deliver desired outputs.

The endeavor of the organization should be to define the outputs (products/services) accurately, after understanding customer requirements, both stated and unstated. ISO standards allows companies of any size and industry to implement them. Hence a lot is left open to interpretation. Despite this, certification of these systems delivers confidence to potential and existing customers that the company is implementing a process with the intent of continual improvement. Across the globe, an ISO certification gives confidence of a certain basic framework being implemented and followed.

The risks are appreciated in the context of the organization. The core process of the organization has its objectives directly derived from the company policy. The Key and Support procedures ensure the objectives of the core procedure are met and deliver a confirming product and or a confirming service.

Why ‘ISO-ized’ systems fail?

This understanding of how a management system works and delivers products and services must be understood in the spirit of the ISO standard. The use of the standard is not like a magic wand which will guarantee excellence or success. The Standard needs careful interpretation to design the processes necessary to meet stakeholder requirements. Many an ‘ISO-ized’ management system implementation do not deliver sustained success because, when written around the clauses of the standard the system is not actively used and therefore does not deliver the feedback that a good system should.

The process needs to be documented around what the users do. These processes then need to be resourced, controlled, monitored, audited and reviewed for continuing suitability, adequacy and effectiveness. Organizations blunder into believing that ‘ISO-izing’ their system is the panacea to all their problems. It is not. These systems documented to the clauses only benefit the external auditors of the system. The system should be documented for easy use by the users of the system. Auditors and auditing are an integral part of the system; meant to provide objective inputs for improvements and not to dictate how the system functions.

The process approach to management system implementation

The process-based approach is the fundamental to management system implementation. The success in ISO standard implementation (be it for efficiency, managing risk, security, environment, aerospace quality or food safety etc.), lies in a good plan that accounts for system risks given the organizational business context. Management system implementations should ideally capture the “as-is” of the system, compare it to requirements and identify the gaps enabling design of new procedures and an update of existing procedures. These procedures are designed to meet measurable objectives, that are based on the policy of the leadership. Users of the system do the work to meet the objectives and the procedures must capture the ‘how’ of what they do.

The chain from understanding requirements, risks and inputs to creating the policy should be systematically considered in designing the management system prior resourcing it. The system approach as prescribed by ISO standards allows for involvement of the leadership from cradle to cradle i.e. from the planning to implementing to monitoring and reviewing of performance for improvement. This approach gets Top Management (TM) to take personal ownership of their management systems.

Conclusion

ISO standards are not prescriptive and need interpretation by the users of the system. Using the Plan-Do-Check-Act (PDCA) cycle approach leaders convey their policy to the users of the system. The system ensures adequate controls and resources, so outputs meet the inputs and the measurable objectives as set. Management system implementation, when done correctly, allows for feedback to be captured so risks and opportunities for improvement are identified and addressed in a timely manner. As for the auditors let us have them use their innovative approaches to identify how the system meets the requirements and intent of the standard. To make it easy we could provide them with a cross-reference matrix to demonstrate where the requirements of the system are met within the documented procedures. Bottom line: Embrace your system when developing it to meet requirements, including those per ISO standards, and you will see the benefits of ‘De-ISO-ized’ system.

Defining Measurable Objectives/ Metrics to Drive Continual Improvement

Measurable objectives are an essential input for all levels of the management and come from the top management (TM). These objectives guide personnel at the work level to help ensure the success of a management system. The need for a set of value-based metrics is met by looking carefully at the company policy (based on the strategic direction) and then drawing the measurable objectives from it.

My thought is for any organization giving more than the desired value is a challenge! Values in today’s business world are often related solely to the ROI (Return on Investment). Providing value to the customer is a goal. The question is at what cost? Due to budgetary concerns, no organization wants to do more than what is required. Availability of funds is input to the design of the final product and or service. Consequentially, the values that an organization sets for itself must be based on trying to meet the objectives and expectations of the customers, or the statutory bodies (if relevant) within the constraints of the resources. Where a statutory body is involved, it is the vital responsibility of that body to precisely define expectations and what metrics they will accept.

My opinion is that the statutory bodies such as the FAA, FDA, EPA, and USCG, would have concerns about continual improvement by the external service providers. It is therefore critical to conduct an analysis and conduct management reviews internally to achieve the intended purpose of Clause 10.3 of ISO 9001:2015. However, it all starts with defining, providing and monitoring these clear expectations. This means that the statutory body should provide guidelines for stated requirements, as the IMO does in the ISM Code, within Resolution A.1118(30) & MSC-MEPC.7/Cir8. In a similar manner, the USCG could provide clear guidelines for TPO (Third Party Organization) and for the towing companies for the Subchapter M.

Statutory bodies, understandably, may struggle with defining their policy in the initial stages and clearly converting it to a set of measurable objectives (Value based metrics) for external providers. The need for the Leadership (TM) is to spend time and resources well at the plan stage of the PDCA cycle (Plan-Do-Check-Act) by understanding the context of the organization (Clauses 4.1 and 4.2 of the ISO 9001) and appreciate the various risks (Clause 6.1 of ISO 9001) keeping the customer focus in mind. The Standard here provides useful clauses to make the decision. An objective audit of the internal procedures of the statutory body (Clause 9.2 of ISO 9001) would provide the inputs for the Management Review (Clause 9.3) and ensure a robust decision-making process. This then should be followed by regular audits of the organization to which the processes have been outsourced (meeting the requirements of Clause 8.4.1 and 8.4.2 of ISO 9001). The organization which provides the outsourced service or product needs the information in terms of clause 8.4.3 to perform to the total satisfaction of the statutory body. As such providing clear requirements is a vital role of the statutory body.

Once requirements are clear, then the organization providing a product or service will use these inputs to design their Policy (Clause 5.2 of ISO 9001) 5.2.1d. This policy would then ensure that the feedback loop will help to drive continuous improvement efforts of the QMS. This policy would then provide the framework for the “value-based metrics” which in Quality terms would be the measurable objectives in terms of clause 6.2. Both 6.2.1 and 6.2.2 would put the organization on the correct path to success. The statutory body would vigorously and regularly audit the correct implementation itself or by using an independent professional service provider.

In effect, what this means is that just being certified to e.g. ISO 9001:2015 is not enough for any organization. What is required is a functioning PBMS (process-based management system) based on the chosen standard and other criteria implemented by committed leadership and motivated manpower.

(The author Dr. IJ Arora, is the President and CEO of QMII)