Risk that has been reduced to such a level that it can be tolerated by the organization that fulfills its legislative obligations and its OH&S policy.
Event related to work that has or could have led to injury, death or a professional illness.
Medium extent of incidental damage, due to the temporary loss of work skills or motor functions.
Any occurrence with the potential to cause damage or loss. The event consists of conditions (related to the context) and factors (linked to actions). It can identify with the accident, which can compromise the environment or the health of workers.
Unforeseeable and unexpected event, (generally geopolitical or environmental) with catastrophic consequences such as to jeopardize the trends (planned) of a company.
The cogency is an obligation without exception, this is which must be absolutely respected.
From Latin: cogens, present participle of cogere > compel. The sorting uses this term to refer to those standards which can not be derogated by the parties, because of their importance.
Requirement that an organization is subject (laws or regulations), or who decided to subscribe voluntarily (such as guidelines, contractual relationships, best practices and ethical codes, etc.).
Recurrent process to improve the health and safety management system in order to achieve improvements in all health and safety performance, in line with the organization's policy.
Corporate Governance in an enterprise deals with the social dimension connected to the ownership structure, the structure and the operating procedures of the Board of Directors (BOD), as well as to the relationships between the property, the Board of Directors and the managerial structure. The topics dealt with include the composition of the governing bodies, the selection criteria for directors, the role of independent directors, the transparency concerning the functioning of the governing bodies, the protection of minority shareholders, the internal control systems, the public tender offers (OPA).
Expression of the negative consequences related to the event.
Effect due to the occurrence of the event with negative consequences for the surrounding environment.
Declaration of the principles that guide the company in its daily work and definition of the lines of conduct of the members of the organization towards all the stakeholders. It specifies what the company means by social responsibility and how it puts it into practice in operating every day.
Event, episode. It can have negative consequences (undesired event, adverse) or irrelevant or positive consequences for the system.
The event that occurred determined negative consequences (damage or loss) for the environment or the health of workers.
These are occasions when an event has actually occurred, but without negative consequences (damage or loss) to the environment or the health of workers.
The set of principles, the rules of each level (laws, regulations, etc.) and of the procedures concerning the management and governance of a company or of a public or private body.
ABSTRACT - REPORT POLITECNICO OF MILAN 2016
Very often the top managers of companies associate with a tool/system of Governance, Risk and Compliance management (GRC) primarily a feeling of great complexity. In reality, complexity is inherent in the situation in which companies operate, and not necessarily in the instrument/system; if it is true that it is a good idea to adopt simple tools, it is also true that they should not "simplify" the problems to the point of making them "different" - and therefore not representative - from those that companies really need face up to.
Property or intrinsic quality of a given factor (for example materials or work equipment, methods or operational practices in use) having the potential to cause damage.
Process of identifying the existence of a danger and defining its characteristics.
State of physical, mental and social well-being and not simple absence of disease (WHO).
Internal institute developed by Alfa Acciai for the continuous monitoring, analysis and communication of injuries, accidents, near-events, sentinel events, non-compliance, corrective actions and preventive actions. The Observatory, the principles, the working methods and the tools used are described in the procedure of the SGSSL 5.3PRS01 "Observatory Safety: Investigation of accidents, non-compliance and corrective and preventive actions.
The set of intentions and addresses of an organization in relation to its health and safety performance as defined by the Senior Management.
Results, in terms of health and safety performance, that an organization aims to achieve.
The structure of the standard has been modified to comply with the parameters dictated by High Level Structure for the homogenization of standards ISO.
In order to ensure homogeneity between the different standards for management systems and, therefore, to improve the integration and usability of the users. In 2012, ISO has established a unique pattern to which future revisions will have to comply with all regulations. This will allow easier integration during the implementation process of multiple management systems. The High Level Structure consists of the following 10 sections: Purpose, Statement References, Terms and Definitions, Context of the Organization, Leadership, Planning, Support, Operational Activities, Performance Assessment, Improvement.
Standardized mode of reporting of adverse or unwanted events, aimed at detecting criticalities of the system or of some procedures.
It represents the damage caused by the event on the person. The accident at work is the accident that occurred due to a violent cause during work. It can have different entities.
Maximum extent of incidental damage, causes death.
Serious extent of incidental damage, due to loss of motor or vital functions.
"Risky contact" between the customer's and contractor's personnel or between the staff of different companies operating in the same company with different contracts.
Guideline ISO 31000 proposes a model of risk management and its integration into the business management system. It is applicable to all types of risk: strategic risks, operational, currency, market, compliance, country, etc.
The structure of ISO 31000 is divided into the following chapters: Purpose, Terms and Definitions, Principles, Reference Structure, Process.
The new ISO 31000:2018 version develops the concepts of Risk and Integration differently from the previous version and in line with other standards such as ISO 9001 and ISO 14001. The current meaning of the word Risk is due to "the effect of uncertainty on the objectives", highlighting the opportunities that can derive from the risk itself. The meaning of the term is no longer exclusively negative. The concept of Integration becomes central: the analysis of the external context is now fundamental in order to guarantee continuous improvement over time; at the same time the internal context must be permeable at every level by Risk Management. In fact, the Risk Management process will have to be increasingly integrated in every business area, up to the total involvement in the decision making process.
Founded February 23, 1947, the ISO (International Organization for Standardization) has its headquarters in Geneva, Switzerland and is the most authoritative body in the world for the determination of technical requirements, evaluation, inspection and standardization of quality processes in environments productive.
The International Organization for Standardization has decided not to use an acronym to sum up the name of your organization, as it would be different in different languages. Instead, he used the term “ISO”, which derives from the greek “isos” meaning “equal”. The rules act as an equalizer for companies that operate across global boundaries.
The ISO was established within the Community sphere as a system of certification of compliance on a voluntary basis and the competitive characteristics and quality of processes and products.
Bodies in ISO flow of legislation in 158 industrialized and developing around the world. For Italy to ISO globally and CEN (European Committee for Standardization) in Europe are represented by the private consortium nonprofit UNI (Italian National Standards) that deals in the industrial, commercial and service sectors of regulatory activity. In particular the tasks of UNI are, among others to draw up new rules in collaboration with all stakeholders, disseminate technical standards and support the balance of the rules.
Process or practice to create, capture, capture, share and use knowledge wherever it resides, to improve learning and performance in organizations.
Confirmed through a specific requirement (Ch. 5.1), that leadership and commitment of the top management (top management) are essential to ensure the effective application and the improvement of the Company Management System.
Senior management must demonstrate that commitment: ensuring their involvement in the application of the system, integrating the objectives of environmental improvement in the business environment, in line with the overall strategies of the organization; ensuring the availability of resources to assign roles and responsibilities to ensure that the system complies with the requirements for reporting on performance (see. 5.3 – does not expressly provide a Management Representative), with the involvement of top management in reviews and technical committees for the monitoring activities; supervise, directly or delegating special responsibility in this regard, that the effectiveness of the system and the expected objectives are achieved; communicate to all staff the importance of the system and compliance with its requirements, creating a business climate in which everyone, not only those who hold positions of responsibility, actively contribute to the proper implementation of the system and to the objectives of improvement. The MBO is to predict, align and integrate the objectives of the system to business goals, ensuring the integration of the system in the process of organization.
Minimal extent of incidental damage, due to consequences of limited gravity.
Situation in which the occurrence of the event was avoided thanks to timely intervention or fortuitous reasons.
Documents produced by consensus, (that is, not in an authoritarian manner) and approved by a recognized body (standardization body), that provides for common and repeated use: rules, guidelines or characteristics relating to certain activities or their results, in order to get the best order in a given context. The application of a rule can be mandatory or result from a free choice. Norma compelling: it is a rule that the organization is obliged to adopt such a rule being issued by an entity that can legally and criminally punish the organization, if they refuse observation of the rule. Voluntary standard is a standard that an organization is free to adopt or not to adopt internally.
Group, company, firm, enterprise, authority or institution, or part or combination thereof, whether incorporated or not, public or private, that has its own functions and administration.
Organizational and management model for the definition and implementation of a company policy and the principles, procedures and provisions suitable to prevent the commission of the offenses envisaged by Legislative Decree 231/2001 and which allows the exemption from Administrative Responsibility and related sanctions.
Measurable results of the organization's health and safety management system in relation to its health and safety risks.
The process approach, their management and interaction, should target the achievement of expected results in accordance with the quality policy and strategic direction of organization. The overall management of the processes and the system of quality management, can be achieved through the methodology of the Plan-Do-Check-Act (PDCA) with a focus on “Risk-based thinking” aimed at preventing possible side effects. In the process approach is to consider the requirements and expectations of the relevant stakeholders.
Disease contracted in the exercise and due to the processing to which the worker is used. Averse physical or mental condition resulting from a work activity or related to work situations.
Document indicating the measures taken to eliminate or, where this is not possible, minimize interference risks. This document is attached to the work contract.
The “Risk” associated with Threats and Opportunities is a “new” element to be considered in the planning phase (see. 6.1.4) for: Ensure that the Company Management System achieves its objectives; Prevent, or at least reduce, unforeseen and unintended consequences, including “environmental conditions” that have the potential to damage the organization; Ensure continuous improvement.
Through a comprehensive approach to integrated risk management, companies can effectively address the uncertainties and the consequent risks / opportunities, increasing its ability to generate value.
Propensity to risk. "Risk appetite" therefore means a decision taken from the top relative to the degree of risk that the issuer is able to assume in order to pursue its strategic objectives.
General process for assessing the risk dimension deriving from danger(s) taking into account the adequacy of each existing control and decision on its tolerability or not.
The new ISO 9001:2015 / ISO 14001:2015 / ISO 45001:2016, to be published, made explicit and incorporated the concept of risk in a system approach, where it is necessary to do an analysis threats-opportunities. As part of the QMS (Quality Management System), the risk is related to the desire to realize a opportunities and concerns everything that can facilitate or impede the achievement of objectives related to that opportunity. As part of the Business Management System is the risk associated dealing threats and opportunities in a planned manner, so as to prevent or reduce the effects generated by environmental risks, security risks and internal, to/from the outside.
The maximum level of risk that can be assumed. The issuer is able to assume, without incurring in situations of crisis, bankruptcy or failure to comply with the constraints imposed by shareholders or other stakeholders (stakeholders). As well as requests/impositions of the supervisory bodies.
Preventive or corrective measures to reduce the negative impact on the objectives (precautionary, maintenance, growth, etc.) due to adverse and/or unforeseen events.
The nature and the level of Risk, at a given moment, net of the effect of the existing countermeasures.
The level of objective risk (optimal). What the issuer intends to take to achieve its strategic objectives, taking into account the size and complexity of the company/structure, as well as the organizational model adopted.
The tolerated risk threshold. Maximum deviation allowed by the level of risk, which should then define the more specific risk limits and the related escalation procedures, in case of exceeding.
Risk management has shifted from the risk of occurrence of an event, the risk effect of uncertainty on objectives. The purpose of risk management is to help managers consider more effective decisions on actual risks and weighted in order to reach their goals in an uncertain environment. The concept of “risk” in the context of ISO 9001, is related to the uncertainty in achieving the objectives defined by organization. The concept of opportunity, in the context of ISO 9001, is in relation to exceeding the expectations of customers and the objectives defined by the organization.
Process to identify the bases or causal factors that are responsible for the occurrence of an adverse event, including the occurrence or possible occurrence, of a sentinel event.
State in which the risk of harm to persons or property is limited to an acceptable level.
Adverse event of particular type or seriousness, indicative of a malfunction of the system; although the phenomenon can be verified only once, an immediate investigation is opportune aimed at ascertaining whether some factors that could be corrected in the future have contributed to its occurrence.
Management/communication tool that describes the social dimension of the relationships between the organization and the stakeholders, integrating their needs in the strategic choices.
Also CSR. CSR stands for Corporate Social Responsibility, a concept translated into Corporate Social Responsibility. CSR can be defined as "the integration on a voluntary basis, by companies, of social and ecological issues in their commercial operations and in their relations with the interested parties".
Literally a bearer of interest/stake (stake-holder). In practice, organized and uninformed subjects, who may have directly or indirectly an interest/benefit/risk deriving from the activities of a company, are stakehoder Employees, customers, suppliers, local authorities, non-profit associations, the world of research, schools, universities, business associations, trade unions, the local community, the territory-the environment.
It is a management tool that brings together the economic, social and environmental approaches, structuring them organically with a view to reducing the inconvenience for future generations. It is a tool for communication and dialogue with business stakeholders, which aims to provide information on the profile and economic, social and environmental performance of a company. Its implementation is voluntary and complements the financial statements.
The UN Commission Brundtland defined it in 1987 as a development capable of meeting the needs of current generations without compromising the right to future generations. The concept refers to models of development that aim at a balance between social, economic and environmental dimensions, with synergistic actions of technology, norms, responsible behaviors, economic instruments, and a multi-stakeholder role between companies-civil society-public institutions.
Guarantee of continuity in productive life due to the adequate identification, management and risk protection (ISO 31000). Support for secure management of the company (ISO 9001 ISO-14001 ISO-45001). It is provided to third parties internal (employees and shareholders) and external (suppliers, customers, institutions, public authorities, etc.) An image of security (ISO-9001 ISO-14001 ISO 45001- ISO 22301- ISO 27000). Creation of value (long-term objective) since, if the company were to adopt a short-term, it could deteriorate the foundations of its long-term success (ISO-9001 ISO 14001 ISO-45001). All this by contributing to the maximization of profit through cost minimization within the parameters and business objectives.
Places that contain workstations within the company or production unit and each area accessible for work.
Any physical location in which the work and its activities are carried out under the control of the organization.