Do you remember reverse parking a car before the invention of the reversing camera and sensors that beep if you get too close to an object? It was not uncommon to see a car driving around with a dent the shape of a bollard! To manage the risk, some people avoided reversing, yet others learned to use their mirrors well and to assess the distance to the stationary object.

We all have different tolerances for risk, but in business when it comes to health and safety, quality or the environment, risks must be understood and controlled. However, this doesn’t mean organisations don’t take financial and all sorts of other risks as the business grows and expands over time.

Planning is Critical

The Planning section in each of the ISO 9001, ISO 45001 and ISO 14001 standards may look short, but planning is a critical part of any business management system. A good system will be designed based on known risks and then include a process to continually identify, assess and manage new risks as they appear. In an integrated system, if you are doing this for safety but not for quality, then you might add an annual or project-based review of all business risks. ISO 31000 can be a helpful reference.

The second key planning activity listed in the ISO standards is to set objectives which improve performance and improve the system. Be careful these are not ‘set and forget’. Ideally all relevant staff will be involved in setting them and/or achieving them, and they will continually evolve year on year. Remember – objectives that are static are not inspiring anyone to improve.