CEOs perform best when they truly understand their organization’s entire DNA. To understand the DNA of an organization requires segments of the organization be examined, integrated as a whole, and then presented for management review. Tools to examine segments of an organization are available in the form of auditable international standards or national consensus standards.
For example, an organization’s quality management system is a highly important DNA segment. This segment usually contains a sequence that includes (as outlined in ISO 9001): requirements of the organization’s quality management system and documentation; management responsibility, focus, policy, planning and objectives; resource management and allocation; product realization and process management; and, measurement, monitoring, analysis and improvement. The sequence can be examined through internal and external audit to conformance with the standard. Given that more than one million organizations have achieved certification to ISO 9001; and, there was an eight percent increase in new certifications in 2009 compared to 2008, it is clear that this information is highly sought by CEOs.
Looking at a single segment, such as ISO 9001 alone, does not reveal the entire DNA of an organization. Additional standards to cover other segments such as the environment, occupational health and safety, business risk, and social responsibility are needed to fill in the gaps. A correspondence matrix as shown in Table I can be developed to better understand how a full EHS management system may look when complemented with other standards.
The matrix in Table I is buttressed at each end with international standards, in the form of guidelines, on risk management (ISO 31000) and social responsibility (ISO 26000), both relatively new standards. These standards are in their appropriate place where risk management leads the way and social responsibility wraps up the overarching objective of the organization to “maximize its contribution to sustainable development.” Note, however, that the standards for risk management and social responsibility are designed for internal audit only. There is no third-party certification to ISO 31000 and ISO 26000.
Table I will contain as many cells/rows as needed to complete a review of how the various standards correspond and align. The American Chemistry Council (ACC) has developed full matrix(s) that aligns several EHS standards and programs. These ACC matrix(s), in Word document form that you may edit, are found online at www.americanchemistry.com.