2. EL CONSTITUCIONALISMO GARANTISTA
2.1. La democracia a través de los derechos, de Luigi Ferrajoli
Provides for a maximum 48-hour work week, with a minimum one day off per week, and a cap of 12 hours overtime per week, remunerated at a premium rate.
8. Compensation.
Wages paid must meet all minimum legal standards and provide sufficient income for basic needs, with at least some discretionary income.
9. Management.
SHEilds Ltd www.sheilds.org eLearning: www.sheilds-elearning.com Tel: +44(0)1482 806805
NEBOSH International Diploma v 1.3a (05/08/2014) Page: 43
3.20 SA8000.
Defines procedures for effective management implementation and review of SA8000 compliance, from designating responsible personnel to keeping records, addressing concerns and taking corrective actions.
3.21 ISO 26000.
ISO, the International Organisation for Standardisation, launched an International Standard providing guidelines for social responsibility (SR).
The guidance standard was published in 2010 as ISO 26000 and is voluntary to use. It does not include requirements and is not a certification standard.
There is a range of different opinions as to the right approach, ranging from strict legislation at one end to complete freedom at the other. A middle way that promotes respect and responsibility based on known reference documents without stifling creativity and development is the ideal.
The standard aims to encourage voluntary commitment to social responsibility and leads to a common guidance on concepts, definitions and methods of evaluation.
The need for organisations in both public and private sectors to behave in a socially responsible way is becoming a generalised requirement of society. It is shared by the stakeholder groups that encouraged participating in the WG SR to develop ISO 26000: industry, government, labour, consumers, non-governmental organisations and others, in addition to geographical and gender-based balance.
The ISO Working Group on Social Responsibility (WG SR) were given the task of drafting the International Standard for social responsibility that was published in 2010 as ISO 26000.
3.22 The Influence of the Turnbull Report on Health & Safety Management.
Headline requirements.
There are four basic requirements within the Report, which can be summarised as follows:
1. The maintenance of a sound system of internal control.
2. Regular review of the effectiveness of the system of internal control.
3. An annual statement on the effectiveness of the system of internal control.
4. An annual review of the effectiveness of internal audit, or the need for internal audit if there is no such function.
The important thing to remember is that all four requirements are the responsibility of the board of directors.
Whilst there is some leeway for delegation of certain aspects to board committees, it is made very clear that those committees must report to the board, which retains overall responsibility.
3.23 Maintaining a Sound System of Internal Control.
The board is responsible for setting appropriate policies within which the internal control system will be framed. Such policies should take account of the risks faced by the company, the control of the risks and the cost/benefit of the controls identified.
The control system should be embedded and responsive; it should include procedures for reporting failures and weaknesses, together with the corrective action taken.
The report stresses that while a sound system will provide reasonable assurance, it will not provide
SHEilds Ltd www.sheilds.org eLearning: www.sheilds-elearning.com Tel: +44(0)1482 806805
NEBOSH International Diploma v 1.3a (05/08/2014) Page: 44
3.23 Maintaining a Sound System of Internal Control.
absolute protection.
So, what are the components of a sound system of internal control?
According to Turnbull, they include:
1. Control activities.
2. Information and communications.
3. Procedures to monitor ongoing effectiveness.
Looking at the components in more practical terms, the following list would provide companies with the basis for a sound system:
1. A board procedures manual.
2. A manual of delegated authorities and mandates.
3. Board and committee terms of reference.
4. An organisation chart.
5. Job descriptions for all staff members.
6. A documented strategic plan.
7. Timely, relevant and reliable management information.
8. A formal briefing process for staff.
9. Procedure manuals for every process.
10. A controls manual.
11. A control certification procedure.
12. An ongoing process for the identification and assessment of risks.
For some organisations, each of the above might represent a significant document in its own right, whilst for others, all of the procedural and control matters might be contained within one document. It all depends on the size and complexity of the undertaking.
What is important is to recognise that they all become date very quickly and once they are out-of-date, they are only good for one thing: providing proof positive that the internal control system is not effective. Clearly, it is essential that each of the above components be monitored in such a way that the board can have confidence in the process. Each component must be regularly reviewed in detail; both for relevance and effectiveness. The responsibility for such reviews must be delegated to a specific member of the management team.
It is equally essential that the outcome of each review should be reported to the board and that the directors have the opportunity to discuss each subject fully and obtain the explanations they consider necessary before approving any changes to the system. It would be advisable for the Board Procedures Manual or the Terms of Reference to contain a timetable for dealing with the above reviews, in order to ensure that they are included in the appropriate agendas.
3.24 Regular Review of Effectiveness.
You might be forgiven for thinking that this subject has already been covered, given the repeated use of the word 'review', but this is not the case.
The reviews referred to above are all concerned with maintaining a sound system, rather than assessing the effectiveness of such a system.
First, consider the word regular in the context of board (or board committee) reviews. In large companies, it is likely that boards will meet monthly, but it would surely be too much to expect them to review the
effectiveness of the internal control system at each meeting? After all, they do have the business of running the company to worry about.
SHEilds Ltd www.sheilds.org eLearning: www.sheilds-elearning.com Tel: +44(0)1482 806805
NEBOSH International Diploma v 1.3a (05/08/2014) Page: 45
3.24 Regular Review of Effectiveness.
Whilst it is for the board to define the scope, form and frequency of its reviews, it is management that must provide the necessary reports.
Turnbull stresses the need for openness and a balanced assessment of the system and the significant risks faced by the company. It is particularly important the board receives full and frank reports on failings and weaknesses in the system, dealing with the impact of events and indicating remedial action taken.
Whenever the board does become aware of a significant failing or weakness, it should establish the cause and ensure that the system, including the monitoring processes included within, is properly re-assessed to take account of the shortcoming.
Once a year, the board's review will take the form of an annual assessment, which will form the basis on which it makes its annual statement on internal control in the report and accounts.
The board should, during this review, consider the following:
1. Changes in the nature and extent of significant risks facing the company and its ability to respond.
2. The scope and quality of monitoring processes and the work of internal audit.
3. The extent and frequency of reports to the board/committees and the incidence and effect of significant failures/weaknesses.
4. The effectiveness of the processes for public reporting.
In order to perform its annual assessment properly, the board will also need to take account of matters arising during the previous reviews.
3.25 The Board's Statement.
Now let's move on to the annual statement required of the board in the report and accounts.
There is a minimum requirement that the statement should disclose that there is an ongoing process to identify, assess and manage significant risks, which has been in place for the whole of the financial year under review and up to the date of approval of the accounts, that it is regularly reviewed by the board and that it accords with the guidance given in the Turnbull Report.
In addition to the above, the board should summarise the way in which it, or its committees, have reviewed the effectiveness of the internal control system and disclose how it has dealt with the internal control aspects of any significant problems disclosed in the annual report and accounts.
If the board cannot make any of the statements referred to above, it must state that this is the case and give explanations.
Turnbull makes it clear that additional information, which will help readers to understand the internal control and risk management systems, may also be given.
Overall, the statement must provide meaningful, high-level information and must not be misleading.
3.26 Internal Audit.
Turnbull points out that the listing rules require, in cases where there is no internal audit function and the board has not reviewed the need for one, that this must be disclosed. In such cases, this disclosure needs to be added to those matters referred to in the previous section, dealing with the board's annual statement.
The report recognises that not all companies are large, or complex enough to warrant an internal audit function (whether it be provided by an in-house department or outsourced). At the end of the day, the board must be satisfied that there are other monitoring processes providing adequate objective assurance that the internal control system is operating as intended.
It is difficult to believe that such assurance could be effectively provided without some form of internal audit
SHEilds Ltd www.sheilds.org eLearning: www.sheilds-elearning.com Tel: +44(0)1482 806805
NEBOSH International Diploma v 1.3a (05/08/2014) Page: 46
3.26 Internal Audit.
presence. So, where there is no internal audit function, the board must assess the need for one annually.
In doing this, it should take into account:
1. Any increase, or the likelihood of an increase, in externally generated risks.
2. Any changes to the internal functioning of the company that have, or are likely to, increase risk.
3. Any adverse trends thrown up by the internal control system.
4. Increased incidence of unexpected occurrences.
3.27 Key Elements of the Turnbull Report.
The disclosure requirements are:
• The governing body acknowledges responsibility for the system of internal control.
• An ongoing process is in place for identifying, evaluating and managing the significant risks.
• An annual process is in place for reviewing the effectiveness of the system of internal control.
• There is a process to deal with the internal control aspects of any significant problems disclosed in the annual report and accounts.
The Turnbull report states that in assessing what constitutes a sound system of internal control, deliberations should include:
• The nature and extent of the risks facing the organisation.
• The extent and categories of risk which it regards as acceptable.
• the likelihood of the risks concerned materialising.
• The organisation's ability to reduce the incidence and impact on the organisation of risks that do materialise.
The report also says that the system of internal control should:
• Be embedded in the operation of the organisation and form part of its culture.
• Be capable of responding quickly to evolving risks.
• Include procedures for reporting any significant control failings immediately to appropriate levels of management. In the HE sector, this needs extension to the governing body, where appropriate.
Size matters.
It is worth pointing out, at the very start, that Turnbull recognises the problems that total compliance might cause to smaller, less complex companies and makes repeated reference to the need for judgement and a cost/benefit type approach by directors when assessing the appropriateness of the internal control system within their company.
There is also discussion of the effective management of health and safety, including the appropriate allocation of resources and responsibilities, setting and monitoring performance standards and the establishment of systems for feedback and implementation of corrective action in order to minimise loss.
Management Duties.
The Health and Safety At Work Act (HASAWA) 1974 says that "it shall be the duty of every employer to ensure, so far as is reasonably practicable, the health, safety and welfare at work of all his employees".
More recently, Regulation 4 of the Management of Health and Safety at Work (MHSW) Regulations 1999 lays down that every employer shall make arrangements for the "effective planning, organisation, control, monitoring and review of the preventive and protective measures".
Safety management: employer duties and employee rights.
A common problem faced by safety representatives is getting management to carry out their legal duties.
SHEilds Ltd www.sheilds.org eLearning: www.sheilds-elearning.com Tel: +44(0)1482 806805
NEBOSH International Diploma v 1.3a (05/08/2014) Page: 47
3.27 Key Elements of the Turnbull Report.
The lack of a sound safety management system leads safety matters to be ignored or dealt with in an unacceptably ad-hoc fashion and allows managers to evade responsibility or explain away health and safety failures.
Health and Safety Culture.
A positive health and safety culture is important if you are to effectively manage the health and safety of your organisation.
In reference to health and safety culture can you relate to the following:
• I recognise that the attitudes and decisions of senior managers are critical in setting the priorities of the organisation. My attitudes and those of my senior managers will impact on the styles of
behaviour and priorities of those below us in the organisational hierarchy. If I think it is necessary I will organise training for myself or any of my managers so that we all understand this.
• A manager's role is not simply restricted to directing work and monitoring compliance with rules and regulations. Managers must act as leaders and facilitators: they must encourage suggestions, motivate their staff and engage with the workforce to solve health and safety problems.
• Senior Management must want to hear what is really happening, not what our managers think we want to hear. We should know where there are problems and where things could go wrong. Our staff must feel able to tell us this. When they do, we must work with them to find a solution.
• I want my staff to work safely and comply with the rules, but I also want them to show initiative and be proactive in improving health and safety. Employees play an important part in shaping the safety culture of the organisation. To do this I must engage with them and encourage joint involvement of supervisors with employees in safety activities, wherever possible.
• I make sure that health and safety is not viewed as a separate function, but as an integral part of productivity, competitiveness and profitability and that our health and safety risks are recognised as part of our business risks.
Leading by Example.
Again, can you relate to the following key points:
• Whenever I discuss health and safety I make it clear that an exemplary health and safety performance is our aim and that we value the health and well-being of our workers, contractors, visitors and members of the public.
• Health and safety is on the agenda of any board or management meeting and the company routinely reports our health and safety performance as part of our commitment to corporate social responsibility. I expect health and safety to be on the agenda of management meetings at all levels in the company.
• Health and safety performance is an important element of performance reviews. Managers are accountable for the health and safety performance of their departments. They have specific and reasonable responsibilities. I ensure that my managers know we have adequate resources to carry out our work in a healthy and safe manner and that I do not tolerate 'corner cutting' on health and safety standards. I make sure they know that the health and safety policy, the major accident prevention policy or the company safety cases or reports are not just token documents but that I expect them to be implemented.
• I know we are able to measure our health and safety performance through useful and meaningful indicators. These measures compare our performance both internally over time, and also externally against others working with similar hazards.
• I set long-term goals for the control of major hazards and health and safety as I do for financial and production goals and have a plan to meet these. Every opportunity for learning is taken and used in our drive for continuous improvement.
• I meet the workforce regularly and discuss health and safety with them. I encourage staff to raise health and safety concerns and issues. I ensure a specific and timely response to each suggestion made. I know that individuals who raise issues or make suggestions are provided with positive feedback on their contribution and are informed personally of the actions taken as a result of their
SHEilds Ltd www.sheilds.org eLearning: www.sheilds-elearning.com Tel: +44(0)1482 806805
NEBOSH International Diploma v 1.3a (05/08/2014) Page: 48
3.27 Key Elements of the Turnbull Report.
input.
• I am confident that contracts are awarded to companies who can demonstrate a good health and safety performance and who have a good understanding of the hazards they will encounter while working for us. I meet regularly with the managers of our contractors to review their health and safety performance against our clearly defined expectations and to consider how their activities can impact on our health and safety performance.
• All incidents and near misses are investigated fully to identify the underlying causes and follow up on the agreed action. While I acknowledge that people make mistakes, I do not accept accident investigation reports that identify 'human error' as the sole cause of an accident.
Systems.
For your systems to support your health and safety objectives can you relate to the following points:
• I demonstrate that I understand where in our activities major accidents and incidents can occur and that suitable engineering/ technical and human controls are in place. This is not at the expense of conventional health and safety issues, but I understand that the control of major hazards is a priority.
• I am confident members of my staff are competent to carry out the tasks they are required to perform. Our competence management system identifies safety critical roles and tasks and these are routinely reviewed.
• I know we have developed key performance indicators for major hazards and that process safety performance is monitored and reported against these parameters.
• Our accident/incident investigation procedure ensures we consider all issues, including human factors. It ensures immediate, as well as underlying management-related causes are identified, without attributing blame, and that corrective action is taken to prevent the incident happening again.
• I will make sure that arrangements are in place to facilitate communication and enable people to discuss health and safety. I know my managers encourage the staff to be involved in making health and safety decisions wherever possible. Anyone can, when they perceive the need, intervene in the work process to prevent hazardous working and suggest safer methods. They are fully supported by
• I will make sure that arrangements are in place to facilitate communication and enable people to discuss health and safety. I know my managers encourage the staff to be involved in making health and safety decisions wherever possible. Anyone can, when they perceive the need, intervene in the work process to prevent hazardous working and suggest safer methods. They are fully supported by