Outsourced or Uncontrolled? Safer Contractor & Supplier Strategies

Mallory Hendry  00:00:00

Mallory, Hello everyone, and thanks for joining us today. I'm Mallory Hendry, Content Specialist Manager with Canadian Occupational Safety, and I'm pleased to introduce today's webinar outsourced risk or uncontrolled risk strategies for safer contractor and supplier management. Today, we're joined by Wyatt Bradbury, Principal of Health and Safety at Avetta, and he's all set to dive into the safety and compliance challenges involved when work is outsourced, as well as the key requirements of applicable standards. He'll cover common hazards that arise, outline those resulting business risks and share proven methods for controlling those risks. At the end of the presentation, Wyatt will also participate in a question and answer period, so be sure to type any questions you may have in the Q and A box within the webinar software. I'll turn things over to our host now to begin the presentation, take it away, Wyatt.

Wyatt Bradbury  00:00:57

Thank you so much. Appreciate it. So glad to be here. This is going to be an interesting session where we kind of dive into primarily the health and safety considerations for this, but we're going to touch on some supplier management and some procurement considerations as well. So I think for folks who may not have a traditional safety background, maybe they came from that space. Or if we have any procurement supply chain folks on the call, we're going to dive into some of those considerations. So we're going to try to take a bit of a multifaceted approach. Please be sure to put your questions in the chat as we go. I do really look forward to engaging with you, and I like to make it as interactive as possible. I realize we're spread across probably a full continent between a couple countries, but I think there's still a lot that we can do to try to make this interactive. So a little bit about me. I am the principal for health and safety at Aveda. My background is electrical construction, power line utility. I've got some general construction and most recently, I supported rail design, build and operation and maintenance. I had two projects in Canada up until a couple months ago when I joined avetta. They were in the Toronto area, the her Ontario light rail system, and then the Toronto metro rail system that they're building down Queen Street and then out into the suburbs. I'm getting my PhD in Occupational Safety and Health from West Virginia University. I teach at the University of Alabama, Birmingham in their advanced safety engineering and management program, and we're on a number of ANSI and ISO committees. So today, we're going to do a number of different things. We're going to look at the hazard hazards that are presented by outsourcing operations internally to facilities and then externally across our site. So we're going to look at kind of both sides of that coin. We're going to explore what ISO 45,001 and I realize this is a Canadian webinar, but I think with the fact that I think it was z1 100 is what I was told is is no longer applicable. It's been replaced by so 45,001 I still think there's some things that we can take away from Z 10. It's it's still a consensus standard. It still focuses on best practices, and really, that's what we're here for. And so looking at a multi faceted, a multi country approach to standards, could actually give us some insights, because I think there's gaps in ISO 45,001 that need to be addressed in this area. And so looking at what other countries have in place in their health and safety standards, management system standards as it pertains to procurement and contractors would be great if anyone has a copy of the former Canadian standard that I know is replaced. I'd love to take a look at that and update this presentation. Based on that I couldn't find one that was from within, like, the last 20 years online. And then the last thing we do is we're gonna kind of look at what are strategies to do this effectively. What does good look like? I'm going to give you some insights, some thoughts that I have. We'll see what, what you all think? Maybe, maybe I'm off base, maybe I'm on base. We're going to take a look. But the first thing that we need to do is define a couple of terms. That's where we have to start with this. I pulled these definitions from ISO 45,001 I think that does present kind of the best standard internationally for definitions. And if we were all in a room and I was to ask you, Hey, when you talk about contractors, when you talk about outsourcing, when you talk about suppliers, do you use these terms interchangeably? And the procurement folks would say, Absolutely not. They're all very different things. And the health and safety people are like, Well, yeah, they're all the same. They all mean the same thing. Language is extremely important to kind of look at when we're digging into standards, which we're going to do today, because language is very. Very specifically used and chosen as someone who's written standards, I can tell you, there will be debates over words as simple as should and shall. So the definitions are very important. Kind of set up the discussion for today, so I'm going to walk through the definitions, and then I'm going to put the definitions into English that I hope we can all understand. So to outsource is where you have an arrangement where an external organization performs part of an organization's function or process. That external organization is outside the scope, but their function, what they are doing, is within the scope. So let me give you an example. Let's say that you make some sort of a pump, pump housing, pump motor. You make a like a water pump. There's different valves, there's different fittings, there's different nuts, there's different bolts. You have those as requirements to build what you are creating. However, if you don't machine those and manufacture those yourselves, you outsource that to another function, to another entity. That responsibility is within your scope. However, the you've given it to an external organization that's not you don't have that same health and that same responsibility for from a health and safety perspective, I'm sure I have some qhse folks in the call today, quality takes a very different approach to health and safety. I think a lot of that has to do with the legal considerations that are presented in safety, that are different in quality. So for my qhse Folks, I'm taking a very strict health and safety interpretation, quality, has a different way that they they kind of live with this, and that's okay there. It's not a right or wrong, it's just differences in the world that we live in. Contractors, on the other hand, are external organizations providing services in accordance with an agreed specification, term and condition. So what does this mean in practice? Well, I'm really curious. If I have any f1 fans. I know we just had, I believe Montreal was in the last couple of weeks. Hopefully there were some folks that got to enjoy it, and hopefully there are some folks enjoying a little bit of competition and spice this year. That's that's kind of been absent from the last couple of years. But if I was to ask you, what do all of these specific f1 teams have in common? And no, it's not that they're at the bottom of the table, because McLaren's kind of leading it right now. There's one common denominator in all of these, and that common denominator is that they do not make their own engines. Now this is probably one of, if not the most important part, at least, to start with in an f1 car, the engines are extremely critical. This is what makes it go. They don't make their own engines. That's fully in the scope, but what they have done is these specific teams have outsourced the making of those engines in accordance with with these relationships. Kick saber and Haas go to Ferrari. They buy Ferrari engines. McLaren Williams, Aston Martin buy Mercedes engines, and alpine goes to Renault. Renault, however, we're supposed to say it. I took Spanish, not French, so give me a pass there. But these teams, the engine is absolutely in their scope, but they outsource it. Now, when they outsource it, from a quality perspective, it still matters, right? McLaren wants those good engines from Mercedes, AMG, because they want to beat Mercedes with those with the Mercedes engines. But from a health and safety standpoint, there's not that same responsibility, we're going to look at what would or could be required in that sense. Now, when we talk about contracting, it's very different. Now, I love Clarkson's farm. I had the pleasure to go to Clarkson's farm in March. That was a lot of fun to be able to see everything I've been watching on TV for the last couple years. Clarkson is the perfect example of contracting. He is a TV personality. I think five years in four years in, he's absolutely worthless still at farming. He can't even buy the right tractor spoiler for the new season. What does he do? He runs his entire business on outsourcing. He should be able to know what crops to plant. He should be able to drive a tractor. He should be able to drive a fence post and and build a fence line and manage the hedges. But he's, you know, doing it probably more for comedy. Than he is for farming, and so he's had to contract all of those entities out. He's had to bring other people in to his organization who have the skill sets that he definitely does not have. So this presents a question, where's the risk in this. What's the issue with this? Why? Why is this even something worth discussing?

Wyatt Bradbury  00:10:29

Well, I'm going to give you this example. I pulled these numbers from the US because in the US, we have a massive problem with this. We haven't figured it out, and we're very good at publicizing this problem. In fact, we just had our Construction Safety Week, the second, first full week, second full week of May, right at the beginning of May. So it's been just over a month now where we talk about all the construction issues and the fatalities that we're having. So the easy way to look at kind of what's the issue with contracting or outsourcing it's just to go to construction. Okay? Construction is an industry. It's not a perfect one to one, but it's a pretty good proxy for contracting out work. Now, you might have activities within your own organization, generally within a facilities management type group, that might fall under a construction definition. But by and large, we end up with construction as a good proxy for contracted work. So in the US, in 2023 this is the most recent data we have available, there were a total of just over 1000 fatalities. Fatalities are on the rise. Right? We're finding that Sif and PCF globally need to be the focus. Focuses on recordables and TR IR and some of those lagging indicators. We need to, we need to kind of evolve. They're not, they're not good measures, they're not accurate measures. They don't they're not predictive in the way that we believe them to be predictive. So this, we need to shift our focus a little bit, but falls continue to be about a third of that. So an easy answer is to say, well, construction presents the largest number of fatalities falls in construction present, the largest single cause energy source of fatalities. That's a pretty easy risk to consider. That's why contracting is so dangerous. And then you can say, well, they're not this, they're not that. They're not the other. The reality is, we're under appreciating the complexity our organizations are complex organizations, and we're going to do a little bit of systems theory for you today. So something I do with my graduate students, and this is the opening of a much, much, much broader conversation. So maybe if, if you all like the presentation, we can come back. You'll let me come back, and we can just unpack systems theory for for an hour. Maybe we'll have the pleasure to do that in the future. You'll let me know in about 45 minutes. But we under appreciate the complexity. Let me walk you through what this means. There's three different categories of systems that exist in the world today. There are simple systems, complicated systems and complex systems, and all systems boil into these categories. Now here's what I will tell you, this USB drive and the cap collectively make a system, USB drive the cap itself is an article, right? So to qualify to be a system, you have to be a collection of components, right? You can't be at the article level. The nut and the bolt collectively make a system individually, they're nothing. So the first category of symptom, systems, simple systems. Simple systems have degrees of predictability. I love to use my pilot g2 pen. It's my favorite example of a system. Simple System. Another one I got my my water bottle. Here it's the cap on the water bottle. Two great examples of a simple system, there's a degree of predictability if I open this because I use point oh, seven. Now, I used to think that the finer point was better. I've come to realize it just makes it harder, right? Point 07, or even I have some some 1.0 when I press this down, I'm going to get ink all over my clothes. If I have it in my pocket, I'm going to get ink all in my pocket, and then I'm going to have a terrible time in the wash. So there's a degree of predictability. I press this down and I get it my Expo marker. My Expo marker is easy. I pull the cap off. I'm going to get in trouble for saying so many brand names here in a minute. You think I'd be getting paid. Simple systems require technical knowledge. Right? When I give either of these to my almost one year old, still, they don't know to press down. They're just going to stick the whole thing in their mouth, saying they don't know to twist and pull. They're just going to stick the whole thing in their mouth. They they try to drink the water with the cap on it. They know where they're supposed to do something with it, but they don't have the technical knowledge to unscrew and then drink. And if they try to drink, they just spill it. Simple systems have defined inputs and outputs. We just went through those, unscrew, twist and pull, click, click. And these can give you trends and routines and patterns pretty easily, easy to develop off of this. So one step up from articles, you get simple systems. Okay, and simple systems are the first systems that we learn. In fact, more and more toys for infants and children are focused on helping them learn the mechanics of simple systems. Right? You put the ball at the top and it rolls all the way down, and then you gotta figure out how to open the door, get in, pull the ball out, stick it back in. That's one of his favorite toys. Learning how to operate a simple system. Complicated systems are the majority of the systems that we have in our workplaces, right? You have simple systems. When you go one step up from simple systems, you start to add complexity to that, and we end up with complicated systems. Complicated systems can be broken down into sub complicated systems. And until we get to sub sub simple systems, until we get to the articles that make them up, complicated systems have a degree of predictability. They operate in a complex environment. I will explain that in a moment. But the systems themselves have a degree of predictability. There is a multitude of inputs and outputs. I was in the US Navy, but I have always been in awe of the Canadian Coast Guard icebreakers. I think those are the coolest ships ever. It would be awesome to take to be on one of these and experience going up into the Arctic Circle and seeing the might of these ships. Now, as I said, these ships operate in a complex environment, the weather, we'll get to that. But the ships themselves are complicated. If I want to turn a ship, there are three ways that I can do it. I can use the wheel, the helm, to shift the rudder. That's the one that pretty easy to think about. But I can also just use the screws. As soon as I've got more than one screw propeller, I'm able to operate one forward, one reverse, and that will also give me a turning motion. And then from that point the I can use both of those options together to help me turn, depending on the specific needs. How, how tight Am I turning? How fast am I trying to turn? What is it? What are the strains, the stresses? What? What are all the considerations? Right? There's a multitude of inputs that get me to multitude of outputs, or the the singular desired output that I want. Now these systems have redundancies. They have nested systems. That's why I have an example of a four engine airplane. The four engine airplane is what opened the world to travel. Funny enough, where we start today is 50% failure for where we were in the past. So there's redundancies, there's nested systems, there's subsystems that all allow us to move forward and to be successful despite complexity and challenges rearing their ugly head. We're not going to talk about reliability today. That's a presentation really to get into another time, but at least you know something to think about. Maybe that's the third time y'all let me come back. Maybe next year. We talk about reliability, but that's where we get these redundancies and nested systems. Now, in order to do all of these things, you need a higher degree of technical competence to operate and navigate redundancies as failure occurs, right? We're putting that complicated system, that cell phone, in the hands of younger and younger people as we go, and we all believe that they have the technical competence to operate a car, generally around 1516 right? So that just, just put that in perspective, what we're how we handle complicated systems in our daily lives, and these are spread throughout your facilities. Now, all of these systems operate in a complex environment. Notice, up to these point, we've only been talking about technical systems. The technical systems operate in a socio technical environment. That socio technical environment includes the Internet of Things. It includes other systems that they connect with, and it also includes the people that operate those systems and all the baggage that. People bring to the table with them our drama llama. We bring all of our different considerations. We bring our emotions, our fatigue, our challenges, and we bring all the great things, our ability to adapt, our ability to problem solve, our ability to think with complexity and to learn and to adapt, right? So we bring all of that with us, bringing this complexity together. Complex Systems are non linear, right? I use an example this week. Someone told me they loved it, so I'll throw it in here. Think of a spider web. I like to think of the scene. And maybe it's in the extended cut. I only watched the extended cut of Lord of the Rings. When Frodo goes up into, uh, she loves lair. It's this is, I believe the believe it's in The Return of the King, although it might be two towers, he's up, climbing up in kirath, uncle, climbing up the stairs. He's gotten into the tunnel, and he hits the spider web, and that sends the network out. And all of a sudden the spider at the other end feels that and is able to trace that back and know where someone is caught or where someone is looking this case Frodo, that's kind of what we have here. We've got a spider's web. We hit one thing, and we're expecting to get an output. But the reality might be the opposite. It might be completely misconstrued. Examples of that are all over the news, right? Take any any easy one to pick on is major advertising campaigns that backfire. I'm not going to name them because we don't need to get into the negative, but you can go and you can find those major advertising campaigns that backfire. That's an example, right? Someone said, Hey, this is going to do this for the market. And the market responds in a very, very, very different way, non linear degree of predict about predictability. We've got those interaction points. You want to know where your people are going to get hurt. They're going to get hurt when people interact with a technical system. Arguably, that's the only way they can really get hurt is when people interact with people, or people interact with a system, the system operating with its within itself, generally can't hurt the people, right? There has to be some interface, or ability to interface, right? There's not necessarily a clear set of inputs and outputs. The relationship between the input and output is not always clear, and in these systems, you have to be continually learning and adjusting and updating. Humans are designed to operate in a complex world. So my examples, hopefully there's some Star Trek fans, hopefully I don't totally botch this. Enough Trekkies have told me that I'm good, they haven't complained. So that means I'm I'm I can get by. But the Kobayashi Maru was the, you know, this test of thinking, this test of how a leader would react in a situation, but it was designed such that this test was never intended to be passed. It was designed to test your resolve, to test your decision making, to test how you respond to things, whatever input you gave. If you took a logical approach, it was going to take an emotional response. If you gave it an emotional approach, it was going to take the logical response, right, testing how you then move forward. That's an example of a complex system. There's no predictable there's nothing that you can do that's going to give you exactly what you're looking for. And wildfires. I grew up in Southern California. I know folks throughout Canada have issues with wildfires. These are another example of a complex system in California, where we deploy our resources is oftentimes dependent on whose vineyard and what trailer park are affected by the wildfire, or whose multi million dollar home or whose Ranch, fortunately, resources of the individuals that that affects their deployment. Wildfires create their own weather systems. You could build a fire line, you could drop the retard, and you could do a lot of things to try to cover off and and push the fire a certain direction, and it might jump the fire line, the embers might fly miles and ignite a new part. Your efforts may have been in vain. And if you waited until you had 100% of the information and made a singular decision, and you put all your eggs in that basket, great for Hollywood, if it works, but you're going to be in trouble, because then you have no ability to pivot, no ability to adjust, no ability to learn, these situations are about, hey, let's, let's take this approach and let's evolve as we go. Frankly, we talk about fire specifically in terms of containment. It's not about out, it's about how well are they contained? And you never hear them really contained at 100% that this might be the challenges of media, but. But you know, we're trying to get to a mass percentage to say, Hey, we've kind of got this under control. So complicated and complex, complicated systems, more experience, more information, gives you the ability to analyze and act when you're dealing with machines. This works because you know what's going to come out of the machine. You know how. You know your different inputs and outputs. You can play with things a different way. Complex systems don't work that way though. We can't get stuck in analysis paralysis. We need to plan, take an action, evaluate, review, update the plan, take another action. This sounds very familiar. Plan, take an action. Evaluate, review, update the plan. Oh, PDCA, hopefully for safety professionals are familiar with this. In the complex world, the socio technical world that we live in, PDCA has got to become integral to our thinking. This is why systems, thinking and management systems, are so effective in the safety and health space, because this is what we need. If we've tried to operate with experience, information, analyze, act based on a series of programs or a set of regulations, you have a ceiling that you will hit in how effective you can be. Taking a management systems approach, a PDCA approach, even just a continual improvement approach, is going to allow you to be more effective. Now there's another element of consideration here, as we start to increase complexity in our organizations, as we start to increase the number of entities that are involved, we're layering the communication. We're layering who's involved. We're layering the understandings. And it's very, very hard for us to say we've truly vetted, and we truly have ownership of all the different elements that we need to there's this element and this, I stole this from our prince, our direct, I think, Director of Procurement, Caldwell Hart. I kind of ripped these slides off of him. But there's an element of visibility and transparency that decreases the further out you go. It's called the tier N challenge, because risks are multi factor. They're not just singular and they exist across the supply chain. So if I am a host employer, and I hire wandering around me, there's a degree of risk that I can probably see pretty well. I understand, because it's in my world. But what we need to be careful of is that around each of those entities there's another ring that goes out and then there's another ring that goes out, and I lose visibility, I lose control, I lose understanding. I don't even know the risks that are present in those organizations, because they're not in my ecosystem. They're not in my environment. So we need to work to develop solutions and identify risks across tiers and across stakeholders. This is where we start to see that procurement and health and safety are so critical to be linked up your supply chain, your health and safety have got to be linked up because it's not just who you qualify, it's who you qualify and all the people that stand behind them. This may be a bad example. I'm home alone this week. The rest of my family's traveling, so I'll use this example. We'll see. But you don't just marry an individual or start to date an individual or have one partner. You then, by proxy, adopt all of their circle. You get all of their friends, and you get all of their family. You get all of their in laws and all of their challenges, right? It's kind of the perfect proxy for this. You almost are marrying into or joining something that you probably didn't see, depending on their situation and and the person you're joining up with, they may have hit some things from you, not to scare you off. I've certainly seen that with myself or others throughout my life, right? And that's the reality of what we kind of face here when we talk to suppliers, Company A's tier four might be B's, tier three might be C's tier one, which is Company D, right? So Company C knows what's going on with company Company D, but Company A has no idea. They don't. They probably don't even know that they exist. And so we've got to start to expand the information that we're collecting. I love this image. This image, I think, is fan. Fantastic, because it's kind of a bit of a paradox. We can look and we do look at a lot of things in a very black and white sense, in safety, we're very compliance driven. So I might look at a lot of things in a very black and white kind of way and say, Hey, no, this is what this is the policy, this is the procedure, this is the expectation, but the reality is the complexity. So this, this image, kind of has multiple facets to it. Where I could look at this black and white nature and say, No, it's clear. It's linear, it's I know exactly what I'm doing, but there's a complexity, and engineered complexity in these systems, and this was designed this way. Most of our organizations aren't. They just kind of evolve, right? And things change and people move around. Emotions come into play, right? And that's the reality. Think, if it's happening in your organization, think about what it looks like further afield. So how do we approach outsourcing and contracting? Well, we need to look at assessment, execution, planning and reflection that is the PDCA cycle, and we're going to kind of look for elements of PDCA as we start to dig into the standards. Now this the snippets I'm going to kind of breeze through them. You can look at them in the presentation when it's distributed. Dig into them yourself. I encourage you to. I kind of want to hit the high points just for the sake of time, but I want you to at least have access. And I can tell you that yesterday, actually, I had a group of global business leaders in a room, and they took the standards from the over or they took sections of the standards that relate to procurement, outsourcing, contractors, that are part of a more full PDCA model, and we broke it down, and we found that within these individual sections, there are many PDCA models. That's one of the reasons why I love standards, management system standards, is that it's nested feedback loops, right? That's the one of my students I talk about interconnections. You've got these nested feedback loops from one large loop, and you nest them down to smaller loops, so it's a lot of feedback loops working overlapping and within one another, that allows them the information, but to kind of share, it's almost a ripple effect in some regards. So what are the standards stay? Well, let's start with ISO 45,001 and then I'll hit a couple key points from Z 10, because there's some interesting things in Z 10, I realize not applicable. But there's some interesting considerations that at least we need to think about. So 8.1 point four is the section on procurement. 8.1 point four sits in Section eight, which is the operational section of ISO 45,001 which is part of the do the D of the PDCA cycle. Section six planning is the P support and operations. Seven and eight are the do your monitoring, measurement, performance analysis. Section nine is your check and your continual improvement. Section is your further actions, right? Just so you can kind of orient yourself. So this standard is broken down into a general section, contractors and outsourcing. We're going to unpack these summative points. You can go back and and read and unpack this, and it is a fun exercise. If you were to take this and write PDCA over each of the different lines, which sections fall into the various elements, and then what actions do we take to respond to that? Right? We had some great visual boards that we did yesterday. Maybe we'll have an opportunity to do that at a Canadian safety conference here later this year, next year. So ISO 45,001 section 8.1 point four procurement. These are some high level takeaways that I have. It's general. The key terms are, establish, implement and maintain. Establish, implement and maintain. What are you establishing? Implementing and maintaining? You're trying to establish, implement and maintain processes to control procurement of goods and services. Now, goods and services, my quality people, you just kind of perked up again. We do have an interest in the procurement of goods. It is a different interest than what ISO 9001 would say. And the goal is to ensure we create conformity, harmony within the OSH, MS, or HS, EMS, as we dig into contractors, contractors are some very specific things we need to look at. We're focused on identifying hazards and assessing and controlling risks, but we need we're focused in two ways. We need to look at what is the contractor doing, planned or unplanned, that could. Affect your operations as the host. And what are your operations as the host that's going to affect the contractor? And that needs to be discussed, that needs to be open. They need to know, if you're going in this space, you need this certain type of protection, or this hearing protection, or there this hazard exists, and this is how we've designed it out or substituted or what have you that needs to be given to them. They need to be able to work with that and know about that. Just like you train your employees and have a responsibility to share hazards with your employees, you have a responsibility to share with them, but they also have a responsibility to share with you. What are the ways that you were doing this functionally. What does it look like? I'll give you some ideas at the end. Another consideration is that your management system requirements need to be met by the contractors and their workers. That doesn't mean that the workers have to do your management system. Doesn't mean the contractors have to do yours. It means they have to meet or exceed the requirements of and you need to be able to prove that and show how you're managing that. Additionally, within this section, procurement processes shall define and apply what are the criteria that apply to contractors. Now, for folks who do ESG, in looking at ESG standards globally, and we're going to do this maybe in a little bit, I might be jumping ahead of myself, but you're going to find that ESG distills health and safety down to a couple of lagging metrics. In fact, they probably simplify us, oversimplify us at TR, IR, or versions thereof. The reality is that that's not able to be sustained in our businesses today. We've got, we need to be looking at much more comprehensive scorecards. TR IR is hopefully on its deathbed, and it'll be a quick death, painless to it. We'll see. Time will tell we're going to reach, as Gladwell says, a tipping point. And then we'll know, I love Gladwell. I love the tipping point. It's a fun thought experiment to see where are we getting to tipping points in safety, right? Where are we there we don't realize it, or which ones are the ones coming right? It's helpful to include these expectations in contractual documents, and it's important for you to understand if your company has ESG requirements. Let's make sure the ESG requirements for health and safety are the ones the health and safety people are actually planning to track and actually care about, and maybe we collaborate on that point if it's separate functions and not the same. Now as we're looking at outsourcing, you do have a responsibility to control outsource processes. They need to be consistent with legal and other requirements and tenant outcomes of the management system, but you get to define the type and the degrees of control in your management system. Now, some organizations will say we are going to go do health and safety audits of our outsourced organizations. We're going to go and we're going to visit them. Quality does this all the time. I worked for a global business that was in 56 countries. Quality was all the time going and visiting other suppliers, health and safety didn't do that very much. We would use an experience that we've had with suppliers and other and other projects, or if we knew them from from other locations, past positions. But not as often is health and safety actually going out and doing supplier health and safety compliance verification. But you do have to define what you feel your responsibilities are and how you're going to enact those under ISO 45,001 all right, let's hit Z 10. I'm going to kind of skim through this a little bit. I'm just going to hit the high points. I'll let you read it if you want, and I'll, I'll talk about the differences that are key. Because, again, I do think, even though this is not a standard that any of you may have even heard of, there's good things that we can pull from it, it's still a good consensus standard written by a very smart group of professionals, including avetta. I'll just put that out there, section 8.6 procurement. We want to identify and evaluate risks. We want to establish requirements and ensure products conform to requirements across products, raw materials, other goods and services, right? Other goods and services is anything you're, you're doing where you need help. You're, you're, whether it's outsourced or contracted, right? So we're specifically taking a risk driven approach, and it's across the entirety of our supply chain.

Wyatt Bradbury  00:39:50

When we look at contractors again, I'll let you read that on your own. This is where there's some really interesting comments. Identify, evaluate, control. And control again. What are they doing to you? What are you doing to them? Great. How are they going to meet your management system? Great. But how are you actually controlling and coordinating the expectations on a multi employer worksite? This is fascinating, and I think it's brilliant. I think this is a big opportunity for ISO 45,001 now we got to be careful we don't make too many opportunities out of 45,001 and then it becomes a behemoth that we can't even do right? There's some element to having things more loosely defined. There's something to be said for that. But I still think it's interesting for us to consider that there are standards out there, consensus standards that say you have a responsibility to coordinate requirements on a multi employer worksite and and how are you going to do that? And then, as a follow up, your accountabilities and responsibilities for health and safety, they need to be defined, both in the contract and by the scope of work. So I asked you to consider, Are you coordinating today? Maybe, maybe not, and are your accountabilities and responsibility abilities not just defined, but adequately defined? And if not, then this might be an opportunity for improvement, something to consider that could help your organization. Now, once again, as I kind of said, PDCA model, we're talking about Section eight, which is in the do you do have check, plan, check and act that have the other sections of the standard? And again, we're looking at a full feedback loop that contains a little micro feedback loop in the middle. Now, what do other standards say? I looked at another other other standards. I looked at ISO, 2400 guidance for sustainable procurement. ISO, IWA, 48 IFRS, s1 GRI, 403, went through these different standards. Talk through them with my team. I've got a again, I mentioned a Director of Procurement. We have a director of sustainability, ESG, certainly my director of health and safety. We kind of brainstorm this, what are other standards saying about health and safety as it relates to this topic of procurement, of outsourced of contractors. Now ISO, 2400 arguably, what we would say would might be the strongest, because it's ISO. Health and safety is an inclusion element in sustainability, sustainable procurement, but it's a guideline. It's not an enforceable standard. And really, what we are seeing throughout organizations is that health and safety is moving from compliance to value creation and business impact health and safety. We've got to get out of that compliance mindset. That compliance mindset is what is keeping us siloed. It's it's what is making it hard for us to impact the business overall. The reason I don't believe in safety culture is a great example of this safety culture. If we only talk about safety culture, we limit ourselves to only think touching things that relate to safety, and then we have to assume that we're focused on safety culture and quality is focused on quality culture, and you've got ESG focused on ESG culture, and HR is focused on HR culture. Well, at that point, we've just devolved into chaos because that you can't have that many different cultures or groups that are focused on culture. Instead, we are using a health and safety lens to impact organizational and business culture overall, we need to, in our heads, get out of this compliance mindset that you need to comply, from a health and safety mindset into, hey, health and safety is good business. We are driving business impact. We're just doing it primarily through health and safety. But we're not limited by health and safety, our lessons learned, our continual improvements, may extend far, far, far beyond. This moves health and safety to a higher level of organizational risk management. It allows us to better integrate, I think, a lot of places still they might have, oh, that's the insurance person, or I'm a health and safety person. It's like you're a team, right? You're a team. You need to be managing this together and right now. ESG, sustainability kind of has its own vertical. Sometimes there's overlap or coupling with with health and safety. Think there's a lot of folks that might say, Yeah, I just I wasn't ready for more to be dumped on me. Fair, fully agree with that. It's what happened in our last organization. And half of us threw up our hands and said, Hey, we don't even do what we do right, what we're supposed to be doing right? Forget it. And the other half said, hey, well, we're just going to go focus on that now and we'll let the others kind of fall by the wayside. And it, it didn't work. So. Um, so right now, ESG sustainability is floating in its own vertical. But what's going to happen? What has to happen is that it's going to go from its own vertical, it's going to kind of rotate 90 degrees, and it's going to have to become horizontal, and ESG is going to start to be owned individually, in the individual ways it needs to by those functions. So we'll own the health and safety component of ESG, and there will still be ESG governance, but they're not going to be responsible to do it all. They're going to be there to monitor, manage, govern, administer, how other folks are doing it. That's where we want to go. From a health and safety standpoint. We want to go from health and safety being responsible for everything to a point where, hey, we're here to monitor, measure and you're responsible. I was sitting in a meeting this week with one of our largest global clients, one that you all would know probably have their equipment on your site. And he explained to me that his team is fully and solely in an advisory capacity. Anything that happens with a supplier or contractor on site, it is the responsibility of their host to manage. Their host has to own it. They have to own the incident investigations. They have to own the safety inspections. They have to own the safety issues that crop up. And it's when they need help that they involve the health and safety team. But even the learning reviews are often carried out solely by the contractors and their operational hosts. How awesome would that be? I mean, we would say that is, for many of us, wow, that's That's maturity, that is world class, that is high reliability. That's where we want to go. So I think we need to consider, how do we also start to invert health and safety to be horizontal, one, so we get out of owning ESG, if you do and two, so we actually can integrate health and safety is an operational performing metric. It's a business impact metric. We need to start thinking in that way, which is a departure, and we need to start acting in that way. So how do we put this into practice? How do we actually do this, right? How do we make this happen? Well, I'm going to give you a couple ideas. I'm not giving you all of the ideas. I'm going to give you some seed thoughts, and then we can see where we go from there. And maybe you take an idea and you run with it. There's, there's something that you kind of pull from so put it into practice, and there's a 345, I can't remember how many examples I have, but I have a handful of examples. The first of that is a dedicated contractor management program. Okay, this should be a document within your management system that outlines the expectations for your contractors. Really, it should be a mini management system, not just a feedback loop, but a mini management system for contractors that sits around your overall contract, overall health and safety management system. It needs to outline the expectations, the standards, laws, policies, procedures and deliverables I should be able to read, or they should be able to read that document and know exactly what to do, what you expect them to know, what you expect them to follow, what policies and procedures are in place and what's applicable to them. It should be written almost in a mirrored or a light version of your health and safety manual that should do the same for your organizations. Shouldn't be hundreds of pages. It should be very short, and it should reference exactly where they go for all the additional information. Should tell them where they get their resources from. Where are the procedures, the policies, where are the forms? What forms should they be using? It should tell them how they're supposed to engage with you. Do they owe you Safety Data Sheets? Are there kickoff meetings? Are there joint inspections? Are there walkthroughs? They should know all of that upfront. These are the ways and that we are going to evaluate your performance. These are the ways in that you are going to be monitored and measured. These are the ways that we are going to partner. These are the deliverables you owe us as a result. And what do they have to give you daily a daily briefing, a weekly toolbox talk, some sort of weekly health and safety inspection, daily health and safety inspection. Do they owe you incident reports? What To what degree all of that needs to be defined up front. It needs to be very clear. This is where your KPIs are set. This is how we're going to evaluate your health and safety performance. If you put that into one document, that's 30 to 40 pages and oh, by the way, best practice would be to have the baseline contract specs back there and a baseline example. For any RFP specs. That way, when folks are writing, hopefully they come to health and safety, but if they don't, you can always tell procurement or operations, who's ever writing the RFPs and who's ever then contracting say, hey, this document has all of their expectations and, oh, by the way, it has my minimum expectations for terms and conditions and for what should be in the RFP that they should be bidding against, makes it a lot easier to swallow a pill when they know how big the pill is they have to swallow up front, and it's going to make your life easier to manage, because they're going to know it upfront. If they don't want the work, they can walk and if they already have it, they're gonna say, okay, great, I can resource and allocate this job appropriately, which, oh, by the way, is then going to reduce risk, which is exactly what we want to do. Another consideration here is contractor, safety, leadership. This is something that goes beyond. This is new. Not many folks are doing it. But how do we This isn't like an OSHA 30. This isn't, this isn't even like the joint health and safety committee, the JHS, see training. This is beyond your orientation induction, beyond your JHS, see, beyond your OSHA 30. This is a training program for supervisors. BHS, quality inspectors. PMS, other leaders on how you expect them to act as leaders on your site for their project or their work, you're giving them all of your expectations in the US, for folks who know the US, it would be like a bcsp trade safety train supervisor on steroids and actually going into how they practice specifically for that project. Get a little bit more of a JHSC, but specific to that client site and those needs, and it's expanded, maybe it's a half day workshop. You don't just give them the forms and say, Here, fill out this Jha T, H, A, H, A, P, T, P, whatever term. Ara, pick some term, but you actually are teaching them how to use it and verifying they know how to use it, and giving them the tools and resources to be successful. Qualification standards. Qualification standards are critical. I won't say you know what qualification standards, but there are organizations out there that will be very good at helping you establish what these look like. And, oh, by the way, we can help you benchmark them. And, oh, by the way, we can help you understand what, what are other people in your industry sector doing? You having some baseline set of consistent qualification standards makes it a lot easier. Now, how do you build those well, you work cross functionally to determine what good looks like. You have to determine what makes sense for you as an organization. Are you ready for Sif, or do you need to stay with TR IR? Do you work globally and you've got to consider multiple legal entities, or are you pretty well set in one legal entity, and you can know what those requirements are, who are your stakeholders? Is this something that needs to be built out with supply chain? What makes sense for you. What data do you want to capture? What do you wish as health and safety, supply chain, procurement professionals, quality professionals? Do you wish you knew or you had line of sight to that you don't? And how can you drive consistency? Something else to think about is the safety maturity index. So this is one of the ways that we had a better feel that we are getting away from lagging indicators, is by essentially this being a scorecard approach to determine what good looks like in an organization's health and safety. It's 33 questions that span safety leadership and structure worker training and competency, hazard identifications and controls, incident management, improvement in communications, your supply chain fills this out. They have to provide evidence. They fill this out, they provide the evidence. And now you've got insights into do they hit the core tenants of what a health and safety program a management system should have. I think we could all agree if we were to cut out some of the fluff from the ISO standards and cut out some of the things that we really suck at, like management change and we kind of distill it down to the core stuff that every business, no matter what their size, needs for good business. I think we could pretty well agree on these five things. Might be a little variation, but I think we come up with these categories and our we're taking a very progressive approach to measuring, evaluating, how well are people doing in these categories? Are they forward thinking, or are they someone that you're going to have to bring along for the ride a little bit? And that insight is extremely valuable as you're trying to do resource deployment as a host and for our suppliers, this is an extremely valuable tool for you to understand your maturity, even if you're not ready for a global management system standard to be implemented. This is helping you raise the bar. And this is the kind of data that we've got to understand and have access to if we're really going to shift the needle. We now know where so people need support, guidance, additional governance, and we can step in instead of it's, oh, you had an incident. There was a slip, trip and fall that could have happened to anybody. Now we know that these guys really have a problem, and it's organizational culture. This is the Ontario line transit system that I was privileged to work on and support. Louis Fleming is the director of that team that is somewhere to keep an eye on that is going to be a really, really cool project in Toronto. But one of the coolest things that is built into this contract, and I won't take credit for it, I will say that, you know, the government and the contracting authority in Toronto did this, is they've mandated by contract organizational cultural evaluations to be conducted every single year on the project, and that spans not just the high level JVs, not just the high level GCS, but those have to penetrate throughout the entirety of those contracts. So consider how to evaluate contractor culture along with compliance, take a multi faceted approach. So with that, I know we've got a couple minutes left, but I wanted to share my contact information that QR code goes straight to my LinkedIn, a great way to stay in touch. If there are questions, I can take them for a couple minutes, and I genuinely appreciate the time that folks have joined us for. Mallory?

Mallory Hendry  00:57:03

Yeah, we've had a few questions come in. You might have touched on some of this, but maybe you could just summarize it for the people asking. What are some metrics or KPIs that you've passed down to subcontractors?

Wyatt Bradbury  00:57:16

Yeah. So some of it is the requirements that we've given folks. We've said, Hey, you have to provide a conduct a daily job briefing. We want to see those. We want to see the records of those and the number of times you're doing. It could be simple accident statistics. It could be hours worked. It could be number of these are the good ones, the number of findings that you've closed, the number of high hazard direct controls that you've put in place. I've seen it where you're saying, hey, I want to know how many inspections you're doing. Who's doing the inspections? Number of people on site, really, it's it should almost be an extension of your targets and objectives as an organization. The KPIs that you're tracking. Maybe you add a couple, maybe you subtract a couple, but it should mirror your management system and then be dedicated to those contractors. That's what you're passing down in those contracts.

Mallory Hendry  00:58:08

That's good advice. Okay, and you talked about contractor management programs, when and how are these shared with the contractors?

Wyatt Bradbury  00:58:16

Yeah, I think you've got to be sharing them at the RFP stage. If you're not sharing them very, very early in the process, then I think what's going to happen is that you're going to have a contracted entity, then you put new requirements on them, like a better like our competitors, and they're not prepared for it. They didn't resource it, they didn't budget it, and now you've got frustration when there could be ease. We're not doing risk management. We're distracted from purpose. So I think the earlier we give the requirements and make them clear, and then the more consistently we maintain those, the more successful we're going to be in how we partner with those entities and overall find success in health and safety, makes sense.

Mallory Hendry  00:59:04

And if you are dealing with a contractor who's sort of struggling to meet the expectations you've set out, what are some practices you've seen taken in your organizations?

Wyatt Bradbury  00:59:13

Yeah, I think this. This is why I love the SMI. I love the SMI because it's going to get, it's almost like a gap analysis, right? It's going to give you those areas that they struggle, and then you're going to have to sit down and say, Hey, I'm going to help you with this. Maybe I'm going to refer you. I've referred folks to consultants that I know and said, Hey, you're really in trouble. You need to go spend the investment and have someone help you. I've sat down and explained it to them. I partnered with them to write documentation. We partnered with them to review their pick plans and what have you. But I think you need the data so that you can then assess how you need to deploy, either yourself your team, or if you need to refer to external resources to help. Them be successful. Because ultimately, you can't just say, go figure it out. They've kind of given you what they got. And so there has to be that element of partnership so that you can help them improve, so that they can protect their people moving forward.

Mallory Hendry  01:00:14

Absolutely. All right, well, we have hit the hour here. I just want to say, you know, thank you so much, Wyatt for sharing your expertise today. It was a really interesting discussion, and thanks to everyone in the audience for joining us as well. Today, keep an eye out for more upcoming webinars and enjoy the rest of your day. Thank you.