6  Requirements and Implementation Documents

Chapter 5 included discussion on flowing down requirements within the organization and establishing a centralized stakeholder review process to act as a clearing house and governing body for regulatory requirements. To recap, the stakeholder process was a centralized committee or group where newly identified regulatory requirements were presented, applicability determined and implementation strategies and or procedures developed and subsequently communicated throughout the organization. This requirement flow down process involves the development of procedures and/or policies at the corporate, organizational and work unit–levels of the organization that either govern or support the requirements flow down process. In this chapter, we will discuss a conceptual hierarchy of these documents and provide discussion and examples of how the procedures and/or instructions at the various organization levels can be integrated into a requirements governance and flow down process.

6.1 Corporate-Level Procedures and Implementing Documents

Corporate-level procedures and policies typically represent a collection of requirements or policies that govern the various activities and functions of the company. These corporate- or company-level policies and procedures represent the top level of the document hierarchy within the company and should establish the upper-level requirements and protocol that describe the bounding conditions organizational elements within the company operate to. As an example, corporate- or top-level policies can be established for the various primary functional aspects of a company such as human resources, finance and budgeting, records management, safety and environmental compliance and, of course, a governance process for requirements management and flow down.

Table 6.1 provides an example of the structure and content of corporate-level policies for the business functions.

TABLE 6.1
Company ABC Corporate-Level Policies and Associated Content

Business Element

Policy Content

Corporate governance

  1. 1. Describes process for managing requirements within the company
  2. 2. Defines roles and responsibilities for organization elements regarding the requirements management process
  3. 3. Authorities for decision-making are defined
  4. 4. Establishes stakeholder review process and organizational participation requirements
  5. 5. Defines requirements tracking system/process
  6. 6. Identifies documentation requirements

Human resources

  1. 1. Personnel policies defined
  2. 2. Preemployment requirements identified
  3. 3. Affirmative action requirements identified
  4. 4. Leave policies defined

Finance and budget

  1. 1. Financial system defined
  2. 2. Financial reporting requirements defined
  3. 3. Cost accounting and allowable costs defined
  4. 4. Contracting and procurement requirements defined

Records management

  1. 1. Records identification requirements defined
  2. 2. Records retention requirements defined

Safety management

  1. 1. Corporate safety philosophy defined
  2. 2. Safety requirements for organizational elements defined
  3. 3. Corporate injury/illness reporting requirements defined

Environmental compliance

  1. 1. Corporate environmental policy defined
  2. 2. Responsibilities for managing environmental regulations defined
  3. 3. Responsibilities for regulatory compliance defined
  4. 4. Corporate environmental reporting requirements defined

 

The level of details in corporate- or company-level procedures is obviously dependent on the size and complexity of the overall organization. Smaller companies focused on a single product or service with fewer organizational components are more likely to have the ability to operate under a set of policies and procedures at the corporate or company level. Larger and more diversified companies that provide a multitude of products and/or services and operate under a more complex organizational structure typically benefit from corporate-level policies and requirements that require lower tiered organizational components to develop procedures and processes to comply with corporate-level requirements and obligations. Whether a company is large or small, it is important that corporate-level policies and procedures provide for clear and unambiguous actions that organization elements must undertake to support and meet corporate policies and requirements.

6.2 Organization-Level Procedures and Implementing Documents

Organization-level procedures are typically a collection of documents that are developed to describe the processes and actions that a specific organizational element (i.e., environmental compliance department) will implement to meet the corporate- or company-level requirements. The concept here is to create an integrated system that allows each organization to develop implementing documents that are tailored to their specific activities and operations. From an environmental compliance standpoint, this approach allows organizational elements to create procedures or instructions that will ideally maximize operational efficiencies to the extent possible while integrating the necessary steps for regulatory compliance. Integrating specific steps for environmental compliance into operational procedures or implementing documents is often less disruptive to work flow and provides for a consistent approach to compliance. Using the information in Table 6.1, we can see that at the corporate level, the requirements for the environmental compliance organization have been defined to include responsibilities for managing regulations, environmental compliance and environmental reporting. Per the model discussed here, the environmental compliance organization would develop implementing documents that would provide the procedural steps for how the organization will actually manage environmental regulations, compliance and reporting. As an example, the environmental compliance organization would develop a procedure that identifies the roles, responsibilities and process steps for identifying regulatory requirements, assigning regulatory SMEs, determining applicability, reporting regulatory requirements to the stakeholder review process and requirements tracking. A separate procedure could be developed for environmental compliance that would describe the roles, responsibilities and processes for managing environmental compliance within the company. This procedure could include steps for assessing operations and activities within the company, identifying nonconformances, reporting requirements, corrective actions and tracking/trending compliance issues. In both cases, these could be a single procedure or a series of procedures depending on the size of the organization and the complexity of the regulatory setting within the company. Figure 6.1 illustrates the relationship between corporate-level requirements and the environmental compliance organization’s implementing documents.

FIGURE 6.1 Corporate-level requirements and organizational implementing documents.

As depicted in the figure, the corporate-level requirements define what must be done and the organization-level implementing documents describe the specifics of how it is going to be done and who is going to do it!

It is important when developing strategies for sustainable environmental performance that the use of implementing documents enables operational efficiencies as well as compliance. This is critically important because procedures and other implementing documents that become too voluminous or unnecessarily complex lose their usability and effectiveness. A strategy that incorporates a defined process for controlling the development, review, revision and collateral effects of procedures will help in mitigating this potential concern.

6.3 Procedural Governance

A systematic approach for managing procedures is an essential element for any compliance strategy. Without a defined process for governing how procedures are developed, reviewed, approved, maintained and revised, the interorganizational connectivity becomes difficult, if not impossible, to maintain and companies can rapidly lose control over implementation of requirements and regulatory compliance. Considering the dynamic nature of environmental regulations, organizations can benefit from establishing a system for procedural governance that invokes participation and ensures consistency throughout the organization as a whole.

6.3.1 Development and Approval

When developing procedures or requirement documents within a company or an organization, it is beneficial if there is an established document template or format. Established formats help ensure that procedural content is addressed consistently throughout the company. An example procedure template is provided in Figure 6.2.

FIGURE 6.2 Procedure template example.

The sectional content included in a procedure template can, of course, be adjusted to best accommodate company needs. This is especially true for the procedural steps in Section 6.0 of the example, which can be broken down into further subsections to capture the desired level of details and instructions.

Company protocols for procedure development and the associated approval process are commonly itself documented in a procedure. This may seem a bit obtuse at first glance, but the proverbial ‘procedure on procedures’ is one of the primary building blocks for developing a controlled and consistent process for managing requirements and flow down through implementing documents such as procedures and work instructions. A procedure for the development and approval of procedures is necessary to not only promote consistency in content as previously discussed, but also to ensure that procedures have defined levels of approval. Approval of procedures most often involves multiple signatures that can vary based on the organizational level of the procedure and the management structure of the organization. A typical approval chain for a procedure or other implementing document will include the author, the work supervisor responsible for personnel implementing the procedure, the work supervisor’s manager and in some instances additional levels of management. Depending on the scope of the procedure and the organizational structure of the company, an approval chain for a procedure may include facility management personnel, safety personnel, compliance personnel or representatives from corporate legal. Since approval chains can vary based on the organizational level and scope of the procedure, a single predefined approval chain is probably not going to work for larger companies with multitiered organizational structures and multiple internal stakeholders. Determining the right approval chain is intuitively part of the procedure development and review process and should be integrally associated with identifying who has responsibilities or a stake in the operations or processes within the scope of the procedure.

6.3.2 Stakeholder Considerations

Including the right people in the development and review of a procedure can make a significant difference in the quality of the procedure. By properly identifying all of the organizational elements that can be affected by the procedure and providing a means for their input, unforeseen impacts of implementing the procedure can be minimized. Chapter 5 presented discussion on the stakeholder review process relative to the process of managing requirements and requirements flow down. This concept can apply to any level of procedure development within an organization in that it is always beneficial to include the appropriate stakeholders in the procedure development, review and approval processes. This is not meant to imply that every level of the organization has to have a formal stakeholder review process equivalent to that presented in Chapter 5. However, stakeholder input should always be considered when developing or revising procedures, including those regarding regulatory compliance. There are numerous means by which stakeholders can provide input. Stakeholders can participate in the development process upfront, be involved in the review of drafts of procedures or procedure changes, be involved in the approval chain or be involved in all of these phases. It is also important to consider that there will be varying levels of interest among the stakeholders based on the level of impact or involvement in the activities that are to be covered in the procedure. These varying interest levels may dictate how involved in the process a specific organizational element wishes to be. Some groups within the company may want to be involved in every stage of the process and some may wish to only be involved in the review. There is no hard and fast rule that can be applied to every company or corporation. The important message here is that some flexibility needs to be built into processes for stakeholder participation. Experience has shown that stakeholder inclusion upfront can reduce the potential for numerous and ongoing procedure revisions that become necessitated by incomplete or inadequate procedure content.

Identifying the correct stakeholders for a given procedure can be accomplished by using several different approaches. One approach would be to provide each organizational element within the company the opportunity to participate in the development and review of all procedures. This approach has some benefit to both larger companies with more complex organizational structures and smaller companies with simpler structures. This approach ensures at a minimum that every organizational element has the chance to review the procedure and determine if there will be an impact on their operations or activities. A second approach is to define stakeholder groups for each organizational element. As an example, there could be a defined stakeholder group that would participate in the development and review of any procedure coming out of the environmental department. Lastly, there is an approach that involves determining stakeholders for each individual procedure. There are undoubtedly pros and cons to each of these methods that will vary based on individual situations. Some general pros and cons for each approach are presented in Table 6.2 for consideration purposes.

TABLE 6.2
Comparison of Approaches for Stakeholder Inclusion

Method

Pro

Con

Each organizational element participates

  1. 1. No inadvertent exclusions
  2. 2. Full company participation and awareness

  1. 1. Every organizational element must review every procedure
  2. 2. Longer development and review time frames

Defined stakeholders for each organizational element

  1. 1. Consistency in reviews
  2. 2. Shorter development and review time frames

  1. 1. Risk of procedure impacting organizational element not represented in defined stakeholder group

Stakeholders determined for each procedure

  1. 1. Limits the number of organizational elements reviewing each procedure
  2. 2. Shorter development and review time frames

  1. 1. Lacks consistency in reviews
  2. 2. Stakeholders may need to be reevaluated with major procedure revisions

 

6.3.3 Controlling Changes

Once approved for use, the majority of procedures, work instructions and other implementing documents will invariably require some level of revision during the time frame that they are actively in use. There are numerous factors that come into play that normally require revisions to procedures. Many times changes are identified during the initial implementation of the procedure that are related to the content within the procedure that doesn’t reflect how the actual operations are performed. In other instances, procedural revisions are needed to add steps to adequately address operational safety concerns or regulatory requirements. Other factors that often necessitate procedure provisions are changes to operations, evolving safety requirements and changes in regulatory requirements. With such a large percentage of procedures potentially going through revision at some point, it is important that procedural changes are controlled to ensure that only the current approved version is being used. Without a process for procedure change control, companies run the risk of losing version control of procedures, which can result in numerous and outdated versions of a procedure being implemented within the company. It goes without saying that implementing outdated procedures can present increased vulnerabilities to companies in regard to worker safety and health, operational efficiencies and regulatory compliance. A fundamentally sound procedural control program does not have to be overly complex and can be effective by incorporating the following elements at a minimum:

  1. 1. Procedure title and number
  2. 2. Page numbers
  3. 3. Approval date included on procedure
  4. 4. Effective date included on procedure
  5. 5. Expiration date included on procedure
  6. 6. Revision number included on procedure
  7. 7. Method for notifying personnel of procedure revisions
  8. 8. Database or another system where employees can access and verify current versions

It is advantageous to include the procedure title, number, approval and effective dates as well as the procedure revision number on each page to preclude any confusion or misinterpretation if the pages become separated during implementation. This may seem like a formality, but there have been more than a couple of instances of procedures being used for operations that actually contained pages from older revisions that had gotten commingled in the current revision of the procedure. Having the revision number and the aforementioned dates in the header or footer of every page provides a simple means to assist in preventing this type of occurrence. These simple elements coupled with a consistent method to notify personnel of procedure revisions and a document control system where employees can readily access current revisions will provide the necessary components for controlling changes to procedures and other documents.

6.3.4 Configuration Management

Not only is it important to control procedural changes to ensure only the most current and correct procedures are being used, but it is also important to understand that other procedures or organizational aspects may be affected by changes to a procedure. As an example, oftentimes environmental compliance procedures include requirements that multiple organizational elements within the company must comply with. As discussed in Chapter 5, ideally these environmental requirements would be flowed down to the organizational elements where they would be incorporated into their organizational procedures. If the environmental compliance procedure is revised, then every procedure or document within the company that has incorporated requirements from the environmental compliance procedure must, at a minimum, be evaluated to determine if similar changes are necessary. Without this type of configuration management, it is fairly easy to understand how quickly procedures and other implementing documents could become disassociated and out of sync with current company or regulatory requirements. To be complete, a configuration management program needs to also consider other operational aspects that could be impacted by procedure changes:

  1. 1. Training associated with or required by procedure
  2. 2. Prerequisite actions identified in procedure
  3. 3. Associated procedures/companion procedures
  4. 4. Forms
  5. 5. Checklists
  6. 6. Diagrams
  7. 7. Regulatory permits

The complexity of configuration management will obviously increase with the complexity of the organization and the number of procedures and documents being utilized. Instituting an effective configuration management program can be directly associated with the procedure development process and the required content for procedures. Referring back to Figure 6.2, if the template includes required content such as prerequisite actions, required training and referenced procedures and documents, then these aspects all become considerations for configuration management if and when there are changes to the procedure. Configuration management is also where stakeholder participation can play an important role. When stakeholders are involved in the development and review of procedures, the ability to identify potential impacts of procedure changes is greatly enhanced.

6.3.5 Periodic Reviews and Updates

Procedures and implementing documents should undergo periodic reviews to ensure that they are still adequate and information within the procedure is still accurate and relevant. Establishing review and update schedules is an efficient and proactive means for maintaining procedures at all levels of the organization. Procedure review cycles are typically identified in the company document that governs the development, review and approval of procedures (the ‘procedure on procedures’). Without an established schedule for reviewing and updating procedures and other critical documents, a company can create a reactive environment where it can become increasingly difficult to keep up with and track all the needed changes. Quality assurance standards such as ISO 9001, NQA-1 and others recommend that procedures and other implementing documents undergo review and update every three years at a minimum. Many approaches used in industry implement review and update cycles that require an annual review of procedures and implementing documents in conjunction with updates every three years. To further clarify this approach, the annual review requirement is intended to be an evaluation of the procedure to determine if the procedure is still accurate. Annual reviews are commonly a review by the procedure owner or responsible person and are often used to capture administrative-type changes (e.g., contacts, phone numbers), typographical errors, references, etc. The three-year review and update is intended to be a complete and thorough review of the procedure that includes participation by all the stakeholders. Three-year reviews typically involve a much more detailed evaluation of the document and often result in substantial changes. At the completion of a three-year review and update, a procedure is usually issued a new revision number and new approval, effective and expiration dates.

6.4 Accessibility of Procedures

Having a set of procedures that are accurate, up-to-date, properly controlled and under robust configuration management will be of minimal value if they are not accessible within the organization. The accessibility of procedures is paramount for every aspect regarding procedure and document management. Ready accessibility is commonly made possible through the utilization of electronic storage and management of documents using databases or other document management software. Obviously, procedures need to be available to those responsible for implementing the procedures within their organizations and areas of responsibility. As previously discussed in Section 6.3.3, having procedures readily accessible allows for users to verify that they are using the most current and correct version of the procedure. With the technology today, there is ample opportunity to utilize handheld electronic devices to access electronically stored procedures in the field, which can add a great deal of efficiency to procedure use and control. However, there are many operations in the field where handheld devices are not practical or allowed and hard copies of procedures are needed during operations. Ready access to current procedures allows for this simple verification to take place prior to the commencement of operations. Procedure accessibility is not only important to the end user, it is also critical to internal stakeholders, procedure owners, administrative personnel, managers, training personnel, safety personnel, etc. Ideally the entire organization should have access to all procedures. There are of course exceptions to this when procedures involve sensitive, proprietary or classified information. In these cases, access obviously has to be restricted to the appropriate audiences, but however limited the audience, the information still has to be accessible for all of the same reasons mentioned above.

6.5 Applied Learning

  1. 1. Discuss the difference between corporate- and organizational-level procedures.
  2. 2. Discuss why having a ‘procedure for procedures’ is important.
  3. 3. What are the important elements that should be included in a ‘procedure for procedures’?
  4. 4. Discuss the consequences that can result from the inadequate management of procedures and implementing documents.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset