A New Process-Based Approach for Implementing an Integrated Management System: Quality, Security, Environment

Page 1

A New Process-Based Approach for
Implementing an Integrated Management
System: Quality, Security, Environment
Ahmed Badreddine∗
Taieb Ben Romdhane∗∗
Nahla Ben Amor∗
Abstract—This paper presents a new approach for
implementing an integrating quality, environment and
security management system on the basis of three
aspects:process-based approach, risk management
and a global monitoring system used as integrating
factors to satisfy three important levels of integra-
tion, namely, correspondence, coordination and in-
tegration.The different steps of the proposed ap-
proach cover the whole PDCA (Plan, Do, Check, Act)
scheme.
Keywords: Integrated management system, Process-
based approach, Risk management, Monitoring Sys-
tem.
1 Introduction
The evolution of the current industrial context and the
increasing of competition pressure led the companies to
adopt new concepts of management.
started with focusing on control, customers requirements
and continuous improvement, which leads organizations
to be more oriented towards the standard ISO 9001 [8].
Later, the companies felt the need to consider the envi-
ronmental requirements for civil society, which led them
to focus on the environmental management system ISO
14001 [9]. Soon after, the safety of peoples and goods
became a major concern as result of recurrent industrial
accidents such as Chernobyl explosion and AZF. For this
reason OHSAS 18001 [13] was formulated as the basis for
certification of occupational health and safety manage-
ment.
This evolution
The major problem with these three management sys-
tems is that they were proposed separately and thus their
combination is not an obvious task. Generally, paral-
lel management systems are used, leading to separate
and independent implementations of each system suffer-
ing from several weaknesses since they require many du-
plicate management tasks, such as written procedures,
checking, control forms and other paper work suggested
∗LARODEC, Institut Sup´ erieur de Gestion de Tunis, 41 Av-
enue de la libert´ e, 2000 Le Bardo, Tunisie.
des Sciences Appliqu´ ees et de la Technologie, Centre Urbain Nord
BP 676 - 1080, Tunisie. Email: badreddine.ahmed@hotmail.com,
benromdhane.t@planet.tn, nahla.benamor@gmx.fr
**Institut National
by the three standards.
Hence, proposing an integrated management system
(IMS) including Quality, Environment and Safety man-
agement systems also known as QSE management system
have drawn the attention of both academics and practi-
tioners. These researches studied the integration of the
three systems from various viewpoints, including examin-
ing the possibility of integrating, analyzing the potential
benefits of it and exploring possible ways and criteria for
its success. Nevertheless, a few studies have developed
methodologies and approaches to implement an IMS.
This paper proposes a new process-based approach of
implementing an integrated management system (IMS),
on the basis of three aspects used as integrated factors
namely, process approach, risk management and a global
monitoring system and satisfies the three integration lev-
els recently defined by Jorgensen et al. [10], namely, cor-
respondence, coordination and integration. The different
steps of the proposed approach cover the whole PDCA
(Plan, Do, Check, Act) scheme.
The remainder of this paper is organized as follows: Sec-
tion 2 presents a brief recall on international standards.
Section 3 gives an overview on existing integrated man-
agement systems. Finally, Section 4 details our new ap-
proach for implementing an integrated management sys-
tem.
2A brief recall on international stan-
dards
This section gives a brief recall on quality, environment
and security management systems.
2.1Quality Management System standard
(ISO 9001)
The first two editions of the standard series ISO 9001, rel-
ative to the quality system, were published in 1987 and
revised several times. The most important revision was
done in 2000 and the most recent one in 2008 [8]. With
these versions, the standard has migrated from quality
assurance to quality management. The eight main prin-
Proceedings of the International MultiConference of Engineers and Computer Scientists 2009 Vol II
IMECS 2009, March 18 - 20, 2009, Hong Kong
ISBN: 978-988-17012-7-5IMECS 2009

Page 2

ciples of the quality management system (QMS) are cus-
tomer focusing, organizations, leadership, involvement of
people, process approach, continual improvement, factual
approach and supplier relationship.
Figure 1 shows the continual improvement of the quality
management system which is a process-based approach
composed by four types of processes i.e. management
responsibility, resource management, product realization
and measurement analysis and improvement.
in order to maximize the customers satisfaction and the
efficiency of the organization, this system considers the
customers requirements as input for product realization
process and their expectations as input for management
responsibility. Then, a measure of their satisfaction and
of the effectiveness and the efficiency of the organization
will be considered as input for the measurement analysis
and improvement process in order to ensure the continual
improvement of the quality management system.
In fact,
Figure 1: Model of process-based quality management
system [8]
2.2Environmental Management System
standard (ISO 14001)
The standard relative to the Environmental Management
System (EMS), known as ISO 14001, was first published
in 1996 and revised in 2004 [9]. This system is used to
develop and implement the environmental policy and to
manage its aspects by providing tools to enable the orga-
nizations to control the impact of their activities, prod-
ucts and services on the natural environment aspect. Fig-
ure 2 shows different steps for continual improvement in
EMS.
Figure 2: The environmental management system ac-
cording to ISO 14001 [9]
2.3Occupational Health and Safety Man-
agementSystem
18001)
standard(OHSAS
The standard relative to the Occupational Health and
Safety Management System (OHSAS), actually known
as ISO 18001, was first proposed in 1999 [13] and revised
in 2007 in order to create and maintain a safe working
environment. This standard is applicable for any organi-
zation to establish an OHS management system, which
will help it to minimize risks regarding its employees and
customers. It is important to note that this standard
has the same structure than the standard ISO 14001(see
figure 2).
3 Related work
Research concerning integrated management systems,
started at the same time with the publication of EMS
in 1996 by Puri [14] where a set of guidelines were pro-
posed in order to integrate the EMS and QMS. Once the
OHSAS was formulated, the need to consider the three
systems was resented and many researches have been car-
ried out in order to build more sustainable integrated
management systems.
Theses researches can be classified into three categories:
the first discusses the relations among the three man-
agement systems as similarities, compatibilities and dif-
ferences. On the basis of these three characteristics the
second one proposes a set of guidelines including ideas
and factors for a successful integration of the three sys-
tems. In this context, Fresner and Engelhardt [7] propose
through the experience of two small companies in Austria
Proceedings of the International MultiConference of Engineers and Computer Scientists 2009 Vol II
IMECS 2009, March 18 - 20, 2009, Hong Kong
ISBN: 978-988-17012-7-5 IMECS 2009

Page 3

an immediate and visible improvement in OHS, service
quality and EMS. Moreover, Jorgensen et al. [10], pro-
pose three ambitious levels of integration i.e. correspon-
dence, coordination and integration for a more sustainable
IMS, then, Zeng et al. [17] define the internal and exter-
nal factors affecting the implementation of IMS through
a structured questioner survey conducted in china and
recently, Jorgensen [11] proposes more sustainable man-
agement systems through life cycle management on the
basis of the three levels proposed in [10]. Using results
and ideas from the second category, the third one pro-
poses models and approaches to implement an IMS. In
this context, Wilkinon and Dale [16] propose two ap-
proaches, the first consists in achieving integration in-
cluding the emergence of documentation through aligned
approach and similarities in the three standards and the
second implements the integrated system through a total
quality management approach.
Another important work is the one of Labodova [12] who
proposes two ways of integration, the first consists of the
introduction of individual systems followed by the inte-
gration of originally separate ones and the second is an
integrating management system based on the risk analy-
sis. Finally, Zeng et al. [17], propose a different approach
based on the definition of specific integration factors ex-
tacted from questionnaires then they propose a synergetic
multi-level model for implementing an IMS.
We can also mention the case of several countries which
developed their own integrated management standard
such as Australia [2] and France [1]. However, these lo-
cal standards can not be intended for certification since
they just represent guidelines and recommendations for
the integration.
From this review, it is clear that the proposed approaches,
are not still in coherence with the original and recent
ideas proposed by Jorgensen et al. [10]. Indeed the ap-
proach proposed by Labodova [12] involves only the cor-
respondence level, by introducing the risk management,
which is not sufficient to deal with all management sys-
tems since it allows a separate evaluation of risks levels
relative to each system and ignoring the interaction be-
tween them. Also the approach proposed by Zeng et al.
[17] is only based on the internal and external factors
affecting the implementation and does not take into ac-
count the three levels of integration. Thus, our idea is
overcame the weaknesses of existing systems by propos-
ing a new process-based approach for implementing an
IMS dealing with the three integrating levels proposed
by Jorgensen et al. [10]. This approach will be detailed
in the next section.
4New approach for total integration of
IMS
We propose now a new approach for a total integration
of the three management systems i.e. Quality, Security
and Environment by considering different interactions be-
tween their policies, objectives and resources. Indeed, the
three systems are based on the same continual improve-
ment approach i.e. PLAN, Do, Check, Act (PDCA) as
shown in table 1 and their consideration in the same or-
ganization can generate confusion, incoherence and in-
compatibility while integrating them. Thus, in order to
implement a robust integrated management system, we
propose the use of the three integration levels recently
defined by Jorgensen et al. [10] and detailed as follows:
Table 1: The correspondence between the three standards
StandardsISO 9001OHSAS 18001
:2008
Plan Quality policy
ISO 14001
:2004
Environmental
policy
Environmental
objectives planning
Implementation
and operation
:2007
Security and
health policy
OHS objectives
planning
Quality objectives
planning
Realization of product ImplementationDO
and operation
of OHS program of environmental
program
Checking andCheckanalysis and
and improvement
Management
review
Checking and
corrective action corrective action
Management
review
ActManagement
review
Correspondence: this level is important since it increases
the compatibility between the three systems in order to
reduce add-problems issued from parallel systems as bu-
reaucracy and duplication of work tasks. In addition, this
level minimizes duplication of paper work and confusion
between standards. It also, simplifies the internal and
external audits.
Coordination: this level is based on a common under-
standing of generic process and tasks management cycles
(Plan-Do-Check-Act) and it, essentially, ensures syner-
gies and tradeoffs between the three systems by aligning
their policies and coordinating their objectives and tar-
gets.
Integration: this level leads to the interaction with stake-
holders, continuous improvement of the performance, a
better understanding of internal and external challenges
and also to a responsibility culture.
To satisfy these three levels, our idea is to use three inte-
grating factors, the first one is risk management to guar-
antee the correspondence between the three management
systems, the second is process approach to coordinate be-
tween the activities and to reach more efficiently the ob-
jectives, and the third is a monitoring system to ensure
the integration as continuous improvement of the perfor-
mance around the same structure i.e. (Plan-Do-Check-
Proceedings of the International MultiConference of Engineers and Computer Scientists 2009 Vol II
IMECS 2009, March 18 - 20, 2009, Hong Kong
ISBN: 978-988-17012-7-5 IMECS 2009

Page 4

Act). Before detailing our approach, we just give some
basic concepts regarding these three integrating factors.
4.1Integrating factors
4.1.1Risk management
The use of risk management as integrating factor, in-
creases the compatibility and the correspondence between
the three systems in order to reduce add-problems issued
from parallel implementations since the same source of
hazard can causes risks to targets in many management
areas, as the risk on the environment, the risk for health
and safety, and risk for quality and economic losses. For
instance, an explosion in a plant (as the AZF one) can
cause:
- a security problem sine employees can be injured,
- an environmental problem since it can blew the win-
dows of nearby residents and pollute the air,
- and a quality problem since it can generate a supply
disruption for customers.
The risk management is the common factor between each
management system to identify each risk source and pos-
sible target system relating to quality, security and envi-
ronment leading to a possible failure to reach up differ-
ent objectives. Once, the sources of risks are identified,
we have to evaluate each risk by the combination of the
probability of occurrence and the consequences of it. This
evaluation allows us to define the appropriate preventive,
corrective and improvement plans to reduce the levels of
risks. Finally, we should provide the personnel, technical
and financial resources required for each program.
4.1.2Process-based approach
To deal with coordination as integration level, we should
consider all the activities of a company and their interac-
tions in the same model. To satisfy this requirement, the
process based approach seems to be an adequate tool.
This approach is only a normative requirement of the
standard ISO 9001 V2008, and our idea is to adopt it for
the three standards to have a global process-based ap-
proach integrating the requirements of stakeholders and
taking into account quality, security and environment as-
pects. The process based-approach consists in modeling
all the whole process of a company and their interaction
in the same model namely process cartography. Thus,
this cartography allows us in one hand to identify the in-
put and the output of each process, therefore it leads
us to a common understanding of the generic process
and the examination of synergies and trade-offs, in the
other hand to the alignment of policy, objectives and tar-
gets. In addition, the process analysis allows the iden-
tification of sources of hazard. This identification is the
starting point to control the process and to define the
requirements such as personnel, technical, and financial
resources to reach up different objectives. Also, the pro-
cess approach provides an adequate framework to analyze
the potential causes of risks and help decision makers to
adopt the appropriate decisions for the three systems.
4.1.3Monitoring System
To ensure the monitoring of the global system and the
integration as a continuous improvement of the perfor-
mance we have to evaluate the states of processes. An
adequate tool to ensure this task is the use of perfor-
mance indicators which are variables indicating the effec-
tiveness and/or efficiency of a part or whole of any pro-
cess or system in order to evaluate its state with regard
to pre-set objectives. Typically, a model of performance
indicators is composed of three main parameters i.e. ob-
jectives, measures and evaluations [4]. Measures can be
provided from four different sources, such as customers,
audits, controls and ouridea is to consider each of them
as a performance indicator.
4.2Proposed process-based approach for
IMS
Our approach for integrating management system is il-
lustrated by figure 3, where the different steps cover the
whole PDCA (Plan, Do, Check, Act) scheme. The idea
here is to gather these steps into three phases such that
the first one concerns the Plan step, the second, the Do
step and the third the Check and the Act steps. These
three phases can be detailed as follows:
Figure 3: Proposed process-based approach for IMS
Proceedings of the International MultiConference of Engineers and Computer Scientists 2009 Vol II
IMECS 2009, March 18 - 20, 2009, Hong Kong
ISBN: 978-988-17012-7-5IMECS 2009

Page 5

• Plan phase: This phase leads us to a better under-
standing of the current situation in order to carry out
the objectives and to define for each process the re-
quirements, tools, methods, responsibilities and the
resources. To this end, we propose six steps, the
first consists in setting up all quality, security and
environment objectives issued from the requirements
and the expectations of stakeholders (i.e. customers,
employees, population, environment, etc.). In the
second, we will deploy all these objectives in each
process on the basis of the support and the realiza-
tion process to coordinate and balance them, from
this step each process will have its own objectives.
The third step consists in the analysis of each pro-
cess with respect to the pre-set objectives defined
in the second one in order to identify the sources
of hazard and possible targets leading to a possi-
ble failure to reach up the objectives. In the fourth
step, each identified risk has to be analyzed in term
of potential consequences in each management area.
Unfortunately, existing approaches for risk evalua-
tion as preliminary risk analysis preliminary (APR),
hazard operability (HAZOP), failure mode and ef-
fects analysis (FMEA), fault tree analysis, event tree
analysis and bow tie analysis are not appropriate to
deal with many management areas simultaneously
and they are usually limited to technical level. In
a previous work, we have proposed an extension of
the FMEA analysis method in order to take into ac-
count a risk level for each management area using a
multi-criticity system based on a fuzzy logic [3], such
an approach can be used in order to deal with many
management areas, also the process-based approach
provides an adequate framework to analysis the po-
tential causes of risks. In the fifth step we have to
define a global management plan QSE to implement
selected treatments as preventive and corrective ac-
tions, in order to reduce levels of risks already identi-
fied and to improve the efficiency of the IMS. To this
end, we have to consider the interaction between the
different management areas, indeed some decisions
can be beneficial for some management areas and
harmful for others, for this, we propose to use the
multi-criteria approach proposed by Ben Romdhane
et al. [3], this approach is based on the Analytic Hi-
erarchical Process (AHP) methodology to define the
appropriate action plan when many criteria (as the
management areas) should be considered. finally, the
sixth step is devoted to the definition of an appropri-
ate monitoring plan, in order to ensure the well im-
plementation of the global management plan. This
monitoring plan should, obviously, take into account
the importance of different processes, their interac-
tions and the level of identified risks . The global
monitoring plan can be built by several tools such
as: customers satisfaction, audits, controls and per-
formance indicators of processes. The idea here is
to consider of all these tools as performance indica-
tors. Since they are heterogeneous, to this end we
propose the use a system of performance indicators
such as the one proposed by Berrah et al. [5] which
considers several performance indicators allowing us
to take into account different diversified objectives.
• Do phase: This phase has as input the global man-
agement plan QSE and the corresponding global
monitoring plan generated from the plan phase and
will implement the selected treatments. Note that
we have to define the appropriate Scheduling to op-
timize the resources in order reach up the objectives
more efficiently.
• Check and Act phase:
achieved, this phase will finalize the process of inte-
gration by the measure of the effectiveness of differ-
ent decisions and their readjustments via three steps.
In the first one, we have to measure all the indicators
already defined indicators in order to evaluate the
effectiveness of selected treatments and to estimate
the degree of achievement of objectives.
reason, we have to aggregate the indicators of each
objectives. In the second step, a readjustment of the
management plan will be done in order to satisfy un-
reached objectives. To deal with these two steps, we
can adopt the approach developed by Cliville et al.
[6] which is based on Berraha et al. methodologies [5]
to aggregate the performance measurements and to
allow decision-makers to define appropriate correc-
tive actions in order to reach up all the objectives.
Although, some objectives may not be reached, that
is why we should revise some of the initial assigned
objectives in order to make their satisfaction possi-
ble, in this context we propose the third step (i.e.
revision of objectives) in order to contribute to sus-
tainable development.
Once the do phase
For this
5 Conclusion
This paper proposes a new process-based approach for
implementing an integrated management system respect-
ing Quality, Security and Environment standards. Our
approach covers the whole PDCA (Plan, Do, Check, Act)
scheme and ensures from its initialization a coherent and
complementary design. This is visible from the definition
of different objectives where we introduce a predictive
step supported by adequate tools in order to ensure their
coherence so that they so that they can control the three
systems simultaneously. Using these objectives, we de-
sign a global management program through a controlled
deployment. This is realizable on the basis of the process-
based approach and the risk management. This program
will integrate an optimized planning of all resources and
methods needed for an effective management. It will be
also consolidated by an adapted global monitoring system
Proceedings of the International MultiConference of Engineers and Computer Scientists 2009 Vol II
IMECS 2009, March 18 - 20, 2009, Hong Kong
ISBN: 978-988-17012-7-5 IMECS 2009