Wednesday, April 2, 2014

Safety Management Systems: Form vs. Function

Form follows function. This concept, which came from the architectural field has permeated thinking in many areas, such as physiology and product design. The basic idea is that the shape and structure of an object should be based on its intended purpose. The structure is a slave to the function. The structure should enable the function to be achieved in some way.

Safety management systems (or any other management system you’d like to analyze) are essentially the same (at least as they are intended). At its core, a management system is a framework that facilitates the achievement of organizational objectives. It’s the processes and procedures that must be developed and/or improved to enable this. Form follows function.

Enter standardized management systems, such as OHSAS 18001, ISO 9001, ISO 14001, ANSI Z10 or the myriad of other regional, national, and international management system standards that are out there (including the forthcoming ISO 45001 standard). These standards were designed to achieve a purpose. For example, the safety management system standards (e.g. OHSAS 18001 and ANSI Z10) are designed to enable an organization to create a system that reduces occupational health and safety risks.

To facilitate this purpose, the management system standards create a minimally required structure that the organization must have to be in compliance with the standard. For example, to be in compliance with most safety management system standards you need to have a process for identifying and dealing with risks.

This is all well and good, but trouble ensues when it comes time to audit the management system – to ensure that the organization is indeed in conformance with the standard (which is another common requirement of management system standards). You have to not only have a process for identifying risks, you have to prove that you have a process for identifying risks. The result? Written procedures, documentation, bureaucracy. The management system quickly structures itself in a way so that it can pass audits. Function follows form.

This isn’t to say that management system standards are necessarily inherently flawed. Rather, we have to remember an important fact - your organization, your business unit, your jobsite is different than any other on earth. The unique environment, with unique people, with a unique culture all work together to create a unique mixture of complexity. Audits of management systems are often designed in such as way as to identify and encourage similarity (usually through complication, which is different than complexity).

Do you see the conflict here? If your jobsite is unique how can a cookie cutter management system work? Such a management system might have some positive benefits, but it will never truly fit.

What if instead of identifying how your organization can mold itself into conformance with the standardized management system you want to implement (function follows form), you sought to identify how the standardized management system you are considering implementing will work with the uniqueness of your organization (form follows function)? Rather than constraining the organization with the management system, what if you constrained the management system and forced it to help you reduce unnecessary bureaucracy?

As members on one of the committees developing the upcoming ISO 45001 safety management system standard, we can tell you that this is what the authors of every single management system are often hoping for – that the form you choose to take would be determined by the functions and goals of your organization, such as enabling your organization to reduce risk, build resilience, and foster adaptive capacity to achieve success under the varying conditions that your workers and your organization faces.

Perhaps we’re a bit too foolishly optimistic though. What do you think?


  1. Its a nice theoretical construct, but I am not convinced that in practice you will end up with a dramatically changed system. Due to audits you will still have to prove that you have a process for identifying risks and you will still end up with lots of procedures. You need to provide a convincing argument how it will be possible to pass audits without the mass of documentation as well as adequately explaining what difference will be made in practice to the system

    1. Good point Garth. I think you're right that if all that changes is the mindset of the organization then the management system will not change. This is because (ironically) most of those advocating management systems do not understand systems theory. To really change the way management systems operate the entire system needs to change. The auditing system in place right now looks primarily at form in the theory that the form is a reliable indicator of function. But this leads to unnecessary paperwork and mindsets that may inhibit function.

      That's why we advocate a change in thinking. Right now the system is in place because no one questions it. Essentially we're saying that the proverbial emperor has no clothes - i.e. the system doesn't work the way it was designed and therefore we must change it.