audit

(1)

Joint Accreditation System of Australia and New Zealand

JAS-ANZ Procedure 02

Part 2, Issue 1

Requirements for bodies providing audit and certification of

Public Safety Management Systems (PSMS Scheme)

15 March 2012

Authority to Issue

Dr James Galloway Chief Executive

(2)

Issue 1, 15 March 2012 Page No. i of i

0.2.3 This Part is intended to only be used for the audit and certification of an ESI or GSI organisation’s PSMS to NZS 7901. It is not applicable to the audit and certification of a PSMS to Regulations 49 and 50 (ESRs 49 and 50) of the Electricity (Safety) Regulations 2010 (ESRs), which would require more detailed guidance to ensure a uniform

understanding of the requirements to be met by any PSMS in order that it be deemed to comply with the content of ESRs 49 and 50.

0.2.4 For ease of reference, the clause numbers in this Part refer to the clauses of ISO/IEC 17021 and should be read in conjunction with ISO/IEC 17021.

0.2.5 The term ‘should’ is used in this document to indicate recognised means of

meeting the requirements of the standard. A CB can meet these requirements in an equivalent way provided this can be demonstrated to the satisfaction of JAS-ANZ. The term ‘shall’ is used in this document to indicate those provisions that,

reflecting the requirements of the relevant standard, are mandatory.

0.3 Transition Policy

0.3.1 Accreditation

0.3.1.1 Accredited PSMS CBs should be aware of JAS-ANZ Policy 1/11, which requires accredited CBs to demonstrate complete transition from ISO/IEC 17021:2006 to ISO/IEC 17021:2011 by no later than 30 November 2012.

(4)

1 Scope

1.1 Regulation 51 of the Electricity (Safety) Regulations 2010 (ESRs) requires every safety management system to be regularly audited by an accredited auditor. Regulation 4 defines an accredited auditor to include a body accredited by JAS-ANZ to assess an organisation’s compliance with the ESRs and safety management systems generally. 1.2 The Gas (Safety and Measurement) Regulations 2010 (GSMRs) include equivalent

requirements.

1.3 The scope of the PSMS includes work carried out on the Assets to the extent necessary to ensure that, at the completion of the work, the objectives of the safety management system are met.

1.4 The PSMS does not cover the presence of new assets that are not commissioned since they are not part of the Assets.

1.5 CBs seeking to audit the effectiveness of OHS management systems shall not do so using JAS-ANZ Procedure 02 Part 2 for PSMS.

1.6 CBs seeking to audit the effectiveness of PSMS shall not do so using JAS-ANZ Procedure 02 Part 1 for OHS management systems.

1.7 Where the scope of certification is to include another management system certification standard such as AS/NZS 4801, the applicant shall demonstrate compliance with this procedure and the accreditation requirements for the other management systems standard.

2 Normative requirements

2.1 Electricity Act 1992 2.2 Gas Act 1992

2.3 Electricity (Safety) Regulations 2010 as amended to 10 November 2011 (New Zealand) 2.4 Gas (Safety and Measurement) Regulations 2010 as amended to 10 November 2011

(New Zealand)

2.5 IAF MD1:2007 - IAF Mandatory Document for the Certification of Multiple Sites Based on Sampling

2.6 IAF MD2:2007 - IAF Mandatory Document for the Transfer of Accredited Certification of Management Systems

2.7 IAF MD4:2008 – Use of Computer Assisted Auditing Techniques ("CAAT") for Accredited Certification of Management Systems

2.8 ISO/IEC 17000:2004 – Conformity Assessment - Vocabulary and general principles 2.9 ISO/IEC 17021:2006, – Conformity assessment – Requirements for bodies providing

audit and certification of management systems

2.10 ISO/IEC 17021:2011 - Conformity assessment – Requirements for bodies providing audit and certification of management systems

2.11 ISO 19011:2002 – Guidelines for quality and/or environmental management systems auditing

Note: ISO 19011, Clause 1 Scope, 1st paragraph shall be read to mean:

This International Standard provides guidance on the principles of auditing, managing audit programmes, conducting quality management systems (QMS) audits, environmental management systems (EMS) audits, occupational health and safety (OHS) management

(5)

systems audits and public safety management systems (PSMS) audits as well as guidance on the competence of QMS, EMS, OHS and PSMS auditors.

2.12 JAS-ANZ Policy 1/11 – Arrangements for transition from ISO/IEC 17021:2006 to ISO/IEC 17021:2011

2.13 NZS 7901:2008, Electricity and Gas Industries – Safety Management Systems for Public Safety

3 Terms and definitions

Asset All assets that include any facilities and equipment for the supply of energy to the custody transfer point of a customer.

Asset owner or

operator The owner or operator of an asset.

Field audit The field audit is an audit of the effectiveness of the PSMS across the sites and assets of the organisation including sites that have been temporary work sites. Property Includes publicly or privately owned property that is owned by a person other

than the person who owns or operates the assets in accordance with the requirements of the Electricity Act or Gas Act.

Public Safety

Management System

Is a Public Safety Management System (PSMS) that satisfies NZS 7901:2008 Regulatory authority Ministry of Economic Development (MED)

Serious harm Refer to definitions in Electricity Act and Gas Act Significant property

damage

Damage that is greater than superficial, so that property is either damaged beyond repair and requires removal or demolition, or else requires substantial repair or reconstruction in order to restore it to a habitable, useable, or operable condition as appropriate.

Significant risk A high likelihood that a hazard will cause serious harm or significant damage to property.

4 Principles

No additional requirements.

5 General requirements

6 Structural requirements

7 Resource requirements

7.1 Competence of management and personnel

(6)

a) PSMS methods and techniques: to enable the auditor to examine PSMS and to

provide appropriate audit findings and conclusions. Knowledge and skills in this area shall cover:

(i) PSMS terminology,

(ii) PSMS principles and their application,

(iii) PSMS and tools including, but not limited to hazard identification and risk assessment, selection and implementation of appropriate risk controls, developing proactive measures and reactive performance measures, understanding techniques to encourage employee participation and evaluation of accidents involving serious harm to members of the public or significant damage to property other than that of the PSMS operator, and (iv) The ability to trace evidence of failure in the organisation’s PSMS back to

the appropriate element of the system.

7.2 Personnel involved in the certification activities

J.7.2.5.1 In reading ISO/IEC 17021:2006, references to ISO 19011, clause 7.3.3 and 7.3.4 shall be read to include a reference to J.7.1.1.1 of this procedure.

7.3 Use of individual external auditors and external technical experts

7.4 Personnel records

7.5 Outsourcing

8 Information requirements

8.1 Publicly accessible information

8.2 Certification documents

J.8.2.3.1 Where applicable, certification documents shall include the statement:

The Public Safety Management System was assessed in accordance with JAS-ANZ Procedure 2, Part 2, Issue 1 and found to comply with NZS 7901:2008.

8.3 Directory of certified clients

8.4 Reference to certification and use of marks

8.5 Confidentiality

8.6 Information exchange between a certification body and its clients

(7)

J.8.6.3.1 The legally enforceable agreement shall require the ESI or GSI organisation to inform the CB without delay of any significant Public Safety events that lead to serious harm or significant property damage.

9 Process requirements

9.1 General requirements

J.9.1.1 The certification shall include a three year certification cycle with surveillance audits conducted at least once each year and a recertification audit in the third year prior to the expiry of certification.

J.9.1.3.1 PSMS audit teams shall be able to collectively demonstrate sufficient knowledge and skills in the technical aspects of the operations of the sector to enable the audit team to comprehend the interaction of activities within the auditee’s extent of operations. In addition to the competencies defined at J.7.1.1.1, these competencies shall include: a) Sector specific terminology;

b) Sector specific PSMS and related legal and regulatory requirements;

c) Sector specific PSMS and related codes of practice, guidelines and standards; d) Critical characteristics of operational processes, products and services;

e) A general knowledge of sector-typical health and safety hazards and risks, and typical sector specific technologies used to prevent public safety related serious harm and significant property damage; and

f) The ability to assess the effective application of the PSMS control plans during field audits.

J.9.1.4.1 The scope of activities to be included in field audits and total audit durations shall be determined in accordance with Annex A.

J.9.1.9.1 In collecting and verifying information in accordance with ISO 19011, clause 6.5.4, it is recognised that there will always be an element of uncertainty and that those acting on the audit conclusions should be made aware of this uncertainty. CBs shall demonstrate that auditors conduct audits to a sufficient depth to gain a reasonable understanding of the level of systemic conformance to the specified requirements.

J.9.1.9.2 Remote auditing techniques shall be used only in accordance with IAF MD4.

J.9.1.10.1 The CB may adopt reporting procedures that suit its needs but, as a minimum, these procedures shall ensure that audit reports contain, where applicable:

a) A statement that within the scope of the audit, the PSMS has been found to be effectively implemented in accordance with NZS 7901.

b) Sufficient comments to demonstrate the means of determining conformity or nonconformity with the specified requirements for each of the sites within the scope of the audit;

c) Positive as well as negative comments relating to the effectiveness of the ESI or GSI organisation’s PSMS with clear statements of conformity or nonconformity; d) Any useful comparison with the results of previous audits of the organisation; and e) An explanation of any differences from the information presented to the

organisation at the closing meeting.

J.9.1.15.1 The CB may define different grades of deficiency and areas for improvement (e.g. major and minor nonconformities, partial and unattained requirements, observations etc), but any deficiency that meets the definition described in ISO/IEC 17021, Clause 9.1.15.b) shall be treated as follows:

(8)

a) The time allowed to implement corrective action shall be commensurate with the risk of serious harm to persons or the risk of significant property damage. b) Where the risk of serious harm or significant property damage poses an

immediate threat, the CB shall require an appropriate and immediate response, e.g. suspension of the audit until the risk is removed or significantly reduced. In such cases the time allowed shall be promptly and independently reviewed by the CB.

J.9.1.15.2 The CB shall develop procedures that detail action it will take if a member of the audit team, in their professional judgement, discovers a breach of an Act of Parliament, or a contravention of a regulatory requirement. These procedures shall include a requirement that any breach or contravention is recognised as nonconformity as soon as practicable and urgently communicated to the organisation.

9.2 Initial audit and certification

9.2.1 Application

J.9.2.1.1 The information provided to support the application shall identify all assets to be included in the scope of the PSMS certification.

J.9.2.1.2 Applications for transfer of certification shall be treated in accordance with IAF MD2, but limited to CBs accredited by JAS-ANZ for the certification of PSMS.

J.9.2.1.3 The CB may provide certification of eligible multiple site organisations based on sampling in accordance with IAF MD1.

9.2.3 Initial certification audit 9.2.3.1 Stage 1 audit

J.9.2.3.1.1.1 In all cases at least part of the Stage 1 audit shall be carried out at the organisation’s premises.

J.9.2.3.1.1.2 During the Stage 1 audit, the CB shall:

a) Consider additional hazards that may arise from public exposure to the assets of the organisation;

b) Review the Client Profile to evaluate the adequacy of the PSMS hazards identified for the range of the organisation’s activities;

c) Identify any issues that will require special attention during the Stage 2 audit; and d) Develop a plan for the Stage 2 audit of the PSMS including a Field Audit of the

assets and, where applicable, changes to the assets as a result of work carried out on the assets.

9.2.3.2 Stage 2 audit

J.9.2.3.2.1 The audit team should normally spend the majority of the Stage 2 audit time verifying the effective implementation of the management system in the locations where the

organisation’s activities take place including a field audit covering a sample of the assets as described in J.9.2.3.1.1.2 d).

9.3 Surveillance activities

9.3.2 Surveillance audit

J.9.3.2.1 Surveillance audits are on-site audits, but are not necessarily full system audits, and shall be planned together with the other surveillance activities so that the CB can maintain

(9)

confidence that the certified PSMS continues to fulfil the requirements between recertification audits. The surveillance audit programme shall include, at least: a) Review of any changes to the organisation and the PSMS;

b) A review of actions taken on nonconformities identified during the previous audit; c) Treatment of complaints;

d) Use of marks and/or any other reference to certification;

e) NZS 7901 Clause 2.10, Legislative requirements for specific assets;

f) NZS 7901 Section 4, Identification control and review of significant hazards; g) NZS 7901 Section 6, Performance monitoring;

h) The effectiveness of the PSMS in achieving the requirements of NZS 7901 within the scope of the audit.

Note: Some of the requirements of ISO/IEC 17021, clause 9.3.2.1 are not applicable to NZS 7901. J.9.3.2.1 revises clause 9.3.2.1 to the extent necessary to apply it to NZS 7901. J.9.3.2.1 does not diminish the requirements of ISO/IEC 17021 as applicable to NZS 7901.

9.4 Recertification

9.5 Special audits

9.6 Suspending, withdrawing or reducing the scope of certification

9.7 Appeals

9.8 Complaints

9.9 Records of applicants and clients

10 Management system requirements for Certification Bodies

(10)

11 Annex A

Audit duration

0 INTRODUCTION

0.1 This Annex is mandatory for the consistent application of Clause 9.1.4 of ISO/IEC 17021:2006 for audits of ESI or GSI organisations to NZS 7901. It is intended that this will lead to a general level of consistency of audit duration among CBs, as well as among similar clients of the same CB.

0.2 The audit durations for each company shall be determined using the Client Profile included in this Annex. The Client Profile is appropriate to electricity generating and electricity network (both transmission and distribution) organisations as well as gas distribution network organisations of varying size.

0.3 This Annex does not stipulate absolute minimum/maximum times, but provides a framework that shall be used within a CB’s own procedures to determine appropriate audit durations, taking into account the specifics of the organisation to be audited.

0.4 If the ESI or GSI organisation holds accredited certification to another recognised

environmental, quality, or occupational safety and health standard (e.g. ISO 9001, ISO 14001 or AS/NZS 4801), then the PSMS office audit days may be reduced to a maximum total reduction not exceeding 25%.

2 DEFINITIONS

2.1 Audit Duration

The audit duration provided includes the on-site audit time as well as the off-site time required for planning, document review and report writing but excludes travel time.

It is expected that the on-site audit duration should not be less than 80% of the total audit duration as applied to initial, surveillance and recertification audits.

2.2 Client Profile

The client profile comprises the essential facts about each organisation that is a client of a CB and includes such information that establishes its size and PSMS range (and consequently its relative size and range in comparison with other like organisations).

2.3 Effective Number of Personnel (full time)

The effective number of personnel (FTEs) is one of the inputs for calculating the audit duration for PSMS audits.

It should be derived from the persons under the control of the organisation whose decisions and actions impact on the state and safety of the assets to which the PSMS applies.

The number of part time personnel, including contractors, may be reduced by up to 50% when calculating the effective number of full time personnel.

Where a significant number of personnel carry out nearly identical activities, for example, line mechanics, electrical fitters, gas network operatives, etc., then the effective number of personnel for this group, being the sum total for this group across the entire organisation, can be calculated as being the square root of the number of personnel in this specific group rounded up.

For example SQRT of 127 = 11.269, rounded up equals 12.

The working details and justification for each reduction in audit duration shall be clearly documented and retained on file. To facilitate surveillance planning, these working details shall include a breakdown for each site of number of personnel in the group and the type of activity.

Where appropriate, the CB should consider the timing of an audit to best demonstrate the full range of the organisation’s activities.

(11)

2.4 Line

An overhead line or underground cable that links power stations and /or substations or distributes electricity. Where the line is composed of two or more circuits following the same route, it should be assessed as constituting a single line in terms of its distance.

2.5 Overhead line

Overhead line in this document means an overhead line supported on towers, poles or other supports linking power stations and /or substations or distributes electricity. Where the overhead line is composed of two or more circuits following the same route, it should be assessed as being a single line in terms of its distance.

3 METHODOLOGY FOR DETERMINING AUDIT DURATION

3.1 Table 1, the Client Profile shall be used to document the range and extent of the organisation’s assets for planning field audits. Table 2, Audit Durations shall be used to determine audit durations for combined office and field audits based on the effective number of personnel. 3.2 The CB shall have procedures that provide for the allocation of adequate time for auditing of

relevant processes of the organisation. Experience has shown that the time required to carry out an effective audit depends on the effective number of personnel and the range of the PSMS.

3.3 The Client Profile shall be reviewed at each audit to record changes to the assets and services covered by the PSMS, and the effective number of personnel. The evidence of review

including any adjustments to audit duration shall be recorded.

4 INITIAL AUDIT DURATION (STAGE 1 PLUS STAGE 2)

4.1 Table 2 provides a starting point for estimating the duration of an initial audit (Stage 1 and Stage 2).

4.2 Where a CB has applied a reduction to the times established in Table 2, it shall record the justification and make it available to JAS-ANZ for review on request.

5 SURVEILLANCE

5.1 The surveillance audit duration shall be calculated on the basis of any updated information on the organisation and should not be less than one third of the total time required for an initial certification audit using the updated Client Profile.

6 RECERTIFICATION

6.1 The recertification audit duration shall be calculated on the basis of any updated information on the organisation and should not be less than two thirds of the time that would be required for an initial certification audit using the updated Client Profile.

7 RANGE OF PSMS

7.1 The range of the PSMS can be determined by reviewing the types and number of assets, the types and numbers of services provided and the industry sectors covered based on the information provided in the client profile, publicly available asset management plans, and confirmed at the stage 1 audit.

8 ADDITIONS AND REDUCTIONS TO AUDIT DURATIONS

8.1 Maximum additions or reductions should not normally exceed 25% of the office audit duration and 50% of the field audit duration.

8.2 Justifications for additions include but are not limited to-

 Geographical coverage (Network)

 Urban rural mix

 Extent and proportion of overhead lines

 Average age of the assets

 Number of zone substations or gas network entry points

(12)

 Public access

 Large number of assets

 High level of complexity.

8.3 Justifications for reductions include but are not limited to-

 Integrated certified systems such as AS/NZS 4801

 Auditor familiarity

 Maturity of system

 Site security

 Limited number of sites (Generators)

 Confidence that can be placed on the internal audit system

 Low level of complexity.

9 OFFICE AUDIT

9.1 Permanent sites may be sampled as per J.9.2.1.3.

10 FIELD AUDIT

10.1 The focus of the field audit should be on the implementation and effectiveness of the documented PSMS system and the associated risks with regards to the safety of the public and damage to property.

10.2 Temporary sites and associated works

The scope of the PSMS does not cover the presence of new assets that are not commissioned since they are not part of the Assets.

The scope of the PSMS includes work carried out on the Assets (which then becomes a temporary site) to the extent necessary to ensure that, at the completion of the work, the objectives of the PSMS are met.

When selecting temporary sites, a sample of current work sites and recently completed work sites should be included.

The work sites would cover such activities as pole inspection, maintenance and replacement, vegetation control, transformer maintenance and commissioning or decommissioning of assets. 10.3 Sampling of assets

The sampling of assets will be a combination of reviewing records, including boundary demarcation, and in the field observation to confirm that the planned SMS arrangements have been fully implemented. Typical sample sizes are included in Table 1.

(13)

TABLE 1 - CLIENT PROFILE (consisting of parts 1.1 to 1.4)

Table 1 shall be used to document the range and extent of the organisation’s assets.

1.1 Range of the PSMS – Electricity Generators

Profile Factors Total Sampling method/ for information Sample

Hydro Power stations Square root rounded up to whole number Thermal power stations Square root rounded up to whole number Geothermal power stations Square root rounded up to whole number Wind farms Square root rounded up to whole number

Overhead lines (km) For information

Size of the organisation - FTEs Calculate FTEs ref paragraph 2.3

1.2 Range of the PSMS – Electricity Distribution Network Companies

Profile Factor Total Sampling method/ for information Sample

Geographic area(s) supplied For information

Supply area(s) (km2) For information

Delivery Isolation control points For information

Total line distance (km) For information

Rural/urban ratio of overhead lines (%) For information

Poles (to nearest 1000) 25

Zone substations Square root rounded up to whole number Distribution substations (pole mounted) 25

Distribution substations (other) 25

Distribution pillars and service boxes (to nearest 10)

25

Depots For information

1.3 Range of the PSMS – Electricity Transmission Network Company

Total line distance (km) For information

Towers (No. to nearest 10) 25

Poles (No. to nearest 100) 25

Converter and voltage control stations Square root rounded up to whole number Grid injection points Square root rounded up to whole number Grid exit points Square root rounded up to whole number Network control centres Square root rounded up to whole number

(14)

1.4 Range of the PSMS – Gas Distribution Network Companies

Geographic area(s) supplied For information

Supply area(s) (km2) For information

Delivery isolation control points For information Total length of pipes (km) For information Gas network entry points (gate stations

/ entry points)

Square root rounded up to whole number District pressure regulating stations Square root rounded up to whole number Strategic network isolation valves Square root rounded up to whole number Cathodic protection monitoring points Square root rounded up to whole number Odorisation monitoring points Square root rounded up to whole number Leakage surveys undertaken in last 12

months (mains plus services) (km)

For information

TABLE 2 – AUDIT DURATIONS

Audit durations shall be determined based on the Effective Number of Personnel as determined in accordance with Annex A, clause 2.3.

Size of the organisation

Initial Audit Duration Stage 1 and Stage 2 (days)

Stage 1 Stage 2

FTEs Document review, confirmation of readiness for stage 2,

and planning for the stage 2 audit Office audit +/- 25% As justified by the range of the organisation Field audit +/- 50% As justified by the range of the organisation 1 - 25 1 2 2 26 - 45 1 2 2.5 46 - 65 1 3 2.5 66 - 85 1 3 3 86 - 125 1 3 4 126 - 175 1 3 5 176 - 275 2 3 5 276 - 425 2 4 5 426+ 2 4 6

audit

JAS-ANZ Procedure 02

Part 2, Issue 1

Requirements for bodies providing audit and certification of

Public Safety Management Systems (PSMS Scheme)

CONTENTS

0

Introduction

0.1

Background

0.2

Object and field of application

0.3

Transition Policy

1

Scope

2

Normative requirements

3

Terms and definitions

4

Principles

5

General requirements

6

Structural requirements

7

Resource requirements

7.1

Competence of management and personnel

7.2

Personnel involved in the certification activities

7.3

Use of individual external auditors and external technical experts

7.4

Personnel records

7.5

Outsourcing

8

Information requirements

8.1

Publicly accessible information

8.2

Certification documents

8.3

Directory of certified clients

8.4

Reference to certification and use of marks

8.5

Confidentiality

8.6

Information exchange between a certification body and its clients

9

Process requirements

9.1

General requirements

9.2

Initial audit and certification

9.3

Surveillance activities

9.4

Recertification

9.5

Special audits

9.6

Suspending, withdrawing or reducing the scope of certification

9.7

Appeals

9.8

Complaints

9.9

Records of applicants and clients

10

Management system requirements for Certification Bodies

11 Annex A

Audit duration