Glossary
QEHS terminology, defined.
136 core terms every safety, quality, and environmental program owner encounters, short definitions for skimming, long definitions with sources. Published as schema.org/DefinedTerm for AI-assistant lookup.
Metrics
- Days Away, Restricted, TransferredDART
Rate of cases involving days away, restricted duty, or job transfer.
DART = ((column H + column I cases) × 200,000) / hours worked. Captures OSHA columns H (days away) and I (job transfer or restriction). More severity-weighted than TRIR, less noisy than LTIR.
- Lagging indicator
A reactive metric measuring past performance.
TRIR, LTIR, DART, fatalities, citation counts — all lagging. Useful for benchmarking, weak for steering. Programs that report only lagging indicators to leadership are flying blind.
Related: leading-indicator, trir
- Leading indicator
A proactive metric predicting future performance.
Examples: near-miss rate, inspection closure time, training-currency rate, observation-to-action conversion. Leading indicators let a program steer, not just measure — they change before the lagging indicators they predict.
Related: lagging-indicator, trir
- Lost Time Incident RateLTIR
Cases with days away from work, per 100 FTE per year.
LTIR = (lost-time cases × 200,000) / hours worked. A subset of TRIR that only counts OSHA column H (days away). Useful for comparing across jurisdictions that emphasise lost-time over broader recordability.
- Lost Time Injury Frequency RateLTIFR
Lost-time injuries per million hours worked.
LTIFR = (number of LTIs × 1,000,000) ÷ hours worked. Common in Australia, the UK, and global mining/construction benchmarking. US equivalents normalise to 200,000 hours (100 workers × 2,000 hrs). An LTI is any work-related injury causing at least one full shift of lost time.
- Severity rate
Days lost per recordable incident, measuring injury seriousness.
Severity rate = total days away from work ÷ number of recordable incidents. A low TRIR with a high severity rate signals that rare incidents are serious — a different risk profile than a high TRIR with low severity. Pair with TRIR and leading indicators for a complete picture.
- Total Recordable Incident RateTRIR
Recordable injuries per 100 full-time workers per year.
TRIR = (recordable cases × 200,000) / hours worked. OSHA uses 200,000 as the normalising constant (100 FTE × 2,000 hrs). It is the single most-cited safety metric, but it is a lagging indicator — it measures what already happened.
Related: ltir, dart, leading-indicator
Incidents
- Incident
An unplanned event causing or with potential to cause injury, illness, or damage.
Incident is the umbrella term covering near-misses, first-aid cases, recordable injuries, lost-time injuries, fatalities, and environmental releases. OSHA uses "injury or illness" for work-related recordable incidents.
- Incident management
The end-to-end process of reporting, investigating, classifying, and closing workplace incidents — from near-misses to recordable injuries.
Incident management covers the full lifecycle of a safety event: intake (first report from the field), classification (near-miss, first-aid, recordable, lost-time, SIF), investigation (root cause analysis), corrective actions (CAPA), and close-out verification. Modern incident management software captures incidents on mobile devices with geolocation and photo evidence, auto-classifies severity through a guard tree, and automatically updates the OSHA 300 log.
- Incident Severity Matrix
A grid combining likelihood and consequence to classify incident severity.
Typically a 5×5 or 4×4 matrix. Consequence axes: people (first aid → fatality), environment (no impact → catastrophic), assets ($0 → major loss), reputation (no media → international). Likelihood axes: almost certain, likely, possible, unlikely, rare. The intersecting cell determines severity level (S1–S5), which drives investigation depth, escalation protocol, and reporting requirements.
Related: risk, incident, risk-register
- Near miss
An incident with potential for harm that did not result in injury or damage.
A near-miss is an unplanned event that could have caused injury, illness, or damage but did not. Capturing near-misses is a proxy for organisational safety culture — low report counts signal under-reporting, not a safe site.
Related: incident, leading-indicator
- Near-miss Investigation
A formal review of a near-miss event to identify causes and prevent recurrence.
Near-misses are leading indicators of future incidents — Heinrich's Triangle suggests hundreds occur before a serious injury. A near-miss investigation follows the same methodology as an incident investigation (5-Whys, fishbone, bowtie) but with lower urgency. Reporting culture is the key variable: organisations where near-misses are celebrated, not punished, collect the richest data.
Related: near-miss, rca, five-whys, leading-indicator
- OSHA 300 Log
OSHA-mandated log of work-related injuries and illnesses.
US employers with 11+ employees must maintain the OSHA 300 Log throughout the year. Each entry records: case number, employee name, job title, date, injury/illness type, and outcome (days away, restricted duty, etc.). The companion Form 301 captures per-incident details. The 300A summary is posted 1 Feb – 30 Apr each year.
Risk
- As Low As Reasonably PracticableALARP
The UK regulatory standard for demonstrating risk has been reduced to an acceptable level.
ALARP requires that risks be reduced until the cost of further reduction is grossly disproportionate to the benefit. It sits between broadly acceptable risk (<10⁻⁶/yr fatality) and intolerable risk (>10⁻³/yr). The Health and Safety Executive (HSE) publishes risk tolerability criteria. ALARP is the dominant framework in UK, Australia, and Singapore; the US uses feasibility-based cost-benefit for OSHA standards.
Related: safety-case, lopa, risk
- Bowtie analysis
A risk-visualisation method connecting threats, a top event, and consequences.
A bowtie diagram has a central "top event" with preventive barriers on the left (threats → event) and mitigative barriers on the right (event → consequences). Used heavily in process safety and major-hazard facilities.
- Combustible Dust Explosion
An explosion triggered by airborne combustible dust particles in an enclosed space.
The "dust pentagon" requires: combustible dust, ignition source, oxygen, dispersion, and confinement. Common dusts: wood, grain, sugar, metal, coal, plastic. NFPA 652 (Fundamentals) and commodity-specific standards (NFPA 61, 484, 654, 655, 664) govern. OSHA NEP targets grain handling, food processing, and wood products. Primary explosions often trigger more devastating secondary explosions.
- Critical Control
A control whose failure or absence could lead directly to a fatal or catastrophic event.
The ICMM Critical Control Management (CCM) framework, widely adopted in mining, distinguishes critical controls from supporting controls. Critical controls are subject to more rigorous verification — field checks, dedicated inspections — than routine controls. A critical control failure triggers immediate work stoppage regardless of residual risk assessment. The CCM framework is aligned with ISO 45001 risk management.
Related: control-hierarchy, bowtie, inherent-risk
- Failure Mode and Effects AnalysisFMEA
A structured analysis of how components can fail and the effect of each failure.
FMEA assigns a Risk Priority Number (RPN = Severity × Occurrence × Detectability) to each failure mode. High-RPN modes get corrective action priority. DFMEA covers product design; PFMEA covers manufacturing process. Required by IATF 16949 for automotive suppliers and common in aerospace (AS9100) and medical device contexts.
- Fault Tree AnalysisFTA
A top-down, deductive failure analysis using Boolean logic to map causes.
Starting from a defined undesired event (the "top event"), FTA traces backward through AND/OR logic gates to identify combinations of basic events (equipment failures, human errors) that could cause it. Used in process safety, aerospace, and nuclear contexts. Complements FMEA, which works bottom-up.
- Fire risk assessmentFRA
A systematic evaluation of fire hazards, the likelihood of a fire occurring, and the consequences for people and property.
A fire risk assessment identifies fire hazards (ignition sources, fuel sources, oxygen sources), evaluates the risk to people (employees, visitors, contractors, vulnerable persons), and prescribes controls (detection, suppression, compartmentation, evacuation routes, emergency lighting). It is a legal requirement in the UK under the Regulatory Reform (Fire Safety) Order 2005 and is enforced through local fire authorities. FRAs must be reviewed regularly and after any significant change to the premises or work activities.
Related: risk-assessment, emergency-response-plan, hazard
- Hazard
Any source of potential damage, harm, or adverse health effects.
Hazard is the source (e.g. moving machinery). Risk is the combination of likelihood and consequence when exposed to the hazard. Programs control risk by removing or isolating the hazard, not by warning about it.
Related: risk, jha, control-hierarchy
- Hazard and Operability StudyHAZOP
A structured review of a process using guide-words to find deviations.
A team-based PHA technique that walks the process design, applying guide-words (No, More, Less, Reverse, Other Than, etc.) to each parameter (flow, temperature, pressure, level) to identify deviations, causes, consequences, and safeguards.
- Hazard Identification StudyHAZID
A structured workshop identifying hazards at the earliest design stage.
HAZID is typically the first risk review in a new project, conducted before detailed engineering. A multi-disciplinary team systematically considers categories (fire, explosion, toxic release, structural, environmental) and identifies hazards, consequences, and safeguards. Results feed the project hazard register.
Related: hazop, hazard, risk-register
- Hierarchy of Controls
The ranked order of effectiveness for controlling workplace hazards.
NIOSH and ISO 45001 recognise five levels: (1) Elimination — remove the hazard entirely; (2) Substitution — replace with a less hazardous alternative; (3) Engineering controls — isolate people from the hazard; (4) Administrative controls — change the way people work; (5) PPE — protect the individual. More effective controls are at the top. PPE is a last resort, not a primary control.
- Inherent risk
The raw risk level before any controls are applied.
Inherent risk = likelihood × consequence, assessed as if no controls exist. It represents the true hazard potential of an activity. Organisations use it to prioritise resources — high inherent risk scenarios warrant robust control frameworks even if current residual risk is acceptable, because control failure could be catastrophic.
Related: residual-risk, risk, risk-register
- Job Safety AnalysisJSA
A step-by-step breakdown of a task identifying hazards at each step.
Functionally equivalent to a JHA. The term JSA is common in Australian and Canadian workplaces; JHA is more common in US OSHA contexts. The output is a written document: task steps, associated hazards, recommended controls. JSA completion before high-risk work is a common procedural requirement.
Related: jha, ptw, control-hierarchy
- Job Safety and Environmental AnalysisJSEA
A JHA that explicitly includes environmental hazards alongside safety hazards.
JSEA is common in mining, oil and gas, and utilities, where spills, soil contamination, and noise are material alongside personal safety risks. Each task step is evaluated for both safety AND environmental consequences, and controls are specified for both. Integrating safety and environment in a single document reduces form fatigue and improves field compliance.
- Layers of Protection AnalysisLOPA
A semi-quantitative method for evaluating whether risk reduction is adequate.
LOPA assigns a probability of failure on demand (PFD) to each independent protection layer (IPL) and calculates mitigated event frequency. If the mitigated frequency exceeds the tolerable risk target, additional layers — often a Safety Instrumented System (SIS) — are required. LOPA is the primary method for determining SIL requirements per IEC 61511.
- Residual risk
The risk remaining after controls are applied.
Residual risk = inherent risk adjusted for the effectiveness of controls in place. ISO 45001 requires organisations to determine whether residual risk is acceptable (tolerable) or requires further action. A risk register typically records both inherent and residual scores for each entry. Residual risk is the basis for management decisions on further treatment.
Related: inherent-risk, risk, risk-register
- Risk
The combination of likelihood and consequence of harm from a hazard.
ISO 31000 defines risk as the effect of uncertainty on objectives. In QEHS practice, risk is calculated as Likelihood × Consequence, often on a 5×5 matrix with named thresholds (Low / Medium / High / Critical).
Related: hazard, risk-register, bowtie
- Risk assessment
The process of identifying hazards, evaluating the likelihood and severity of harm, and determining appropriate controls.
A risk assessment is the foundation of any safety, quality, or environmental program. It involves identifying hazards (what could cause harm), evaluating the risk (how likely and how severe), and implementing controls following the hierarchy of controls (elimination, substitution, engineering controls, administrative controls, PPE). Risk assessments can be qualitative (matrix-based), semi-quantitative, or quantitative (QRA). They must be reviewed periodically and after any significant change (management of change).
Related: hazard, moc, control-hierarchy, bowtie, jha
- Risk register
A living list of identified risks with owners, controls, and review dates.
Core artefact of any risk-based management system. Typical columns: risk description, category, likelihood, consequence, risk score, controls, residual score, owner, review date. Periodic review — usually quarterly — keeps it live.
- Safety Case
A structured argument, supported by evidence, that a system is acceptably safe.
Required for major hazard facilities in the UK (COMAH), Australia (MHF regulations), and offshore installations (Safety Case Regulations 2015). A safety case demonstrates that all major accident hazards have been identified and risks reduced ALARP (As Low As Reasonably Practicable). It is a living document, updated after significant changes. Differs from a PHA in that it makes a formal safety argument to the regulator.
- Safety Instrumented FunctionSIF
A specific safety function implemented by a Safety Instrumented System.
A SIF is defined by its sensors, logic solver, and final elements (e.g., shut-off valve). Each SIF has an assigned SIL. Examples: high-pressure shutdown, emergency depressurisation, burner management system trip. The full collection of SIFs in a facility forms the Safety Instrumented System (SIS).
- Safety Integrity LevelSIL
A discrete level (SIL 1–4) defining the reliability required of a safety function.
Defined in IEC 61508 and IEC 61511. SIL 1 requires a PFD of 0.1–0.01; SIL 4 requires 0.0001–0.00001. SIL is determined through LOPA or risk graph methods. Safety Instrumented Systems (SIS) must be designed, verified, and validated to achieve the required SIL. SIL is not a product rating — it is a system-level achievement.
- Task Risk AssessmentTRA
A field-level risk assessment completed immediately before a task.
A TRA (also called a FLRA — Field Level Risk Assessment) is completed by the work crew on-site, immediately before starting work. It accounts for real conditions: weather, crew experience, equipment condition, nearby activities. A TRA supplements — but does not replace — a formal JSA or JHA prepared in advance.
Operations
- Behavior-Based SafetyBBS
A proactive safety approach focusing on observing and reinforcing safe behaviors.
BBS programs use trained observers to conduct structured safety observations, recording safe and at-risk behaviors without blame. Data drives coaching conversations and process improvements. Common frameworks: DuPont STOP, ABC (Antecedent–Behavior–Consequence). BBS is most effective when combined with a strong just culture and leading indicator tracking.
Related: leading-indicator, near-miss
- Competency management
The systematic process of defining required competencies for each role, assessing individuals against those requirements, and closing gaps through training.
Competency management goes beyond training completion tracking. It defines the knowledge, skills, and behaviours required for each role (competency framework), assesses each individual against the framework (self-assessment, supervisor assessment, practical demonstration), identifies gaps, and assigns training or development actions. ISO 45001 requires organisations to ensure workers are competent to perform tasks that may impact OH&S. Competency records should be linked to incident data — if a pattern of incidents correlates with specific competency gaps, the training program needs revision.
Related: management-review, leading-indicator, iso-45001
- Confined Space Entry
Entry into a space not designed for continuous occupancy with limited egress.
OSHA 29 CFR 1910.146 defines permit-required confined spaces as those with a serious hazard (atmospheric, engulfment, entrapment, or other). Entry requires: atmospheric testing (O2, LEL, toxic gases), isolation and lockout of energy and fluids, a written entry permit, an attendant outside, and a rescue plan. NFPA 350 provides additional guidance.
- Contractor Management
Processes for pre-qualifying, onboarding, and monitoring third-party workers.
Host employers retain liability for contractor safety under OSHA Multi-Employer Citation Policy. A robust programme covers: pre-qualification (insurance, safety stats, training records), site orientation, PTW integration, performance monitoring (observations, incidents), and periodic re-evaluation. PSM sites have explicit contractor management requirements under 29 CFR 1910.119(h).
- Crane safety
OSHA 1926 Subpart CC requirements for crane operation on construction sites, including operator certification, inspections, and lift planning.
OSHA's crane standard (29 CFR 1926 Subpart CC) mandates operator certification (by type and capacity), annual inspections, monthly and shift inspections, and a documented lift plan for critical lifts. Key requirements include ground condition assessment, power line clearance (20 ft minimum up to 350 kV), signal person qualifications, and load chart compliance. Crane-related incidents are frequently fatal; OSHA data shows that over 60% of crane fatalities involve struck-by or crushed-by incidents.
Related: risk-assessment, permit-to-work, working-at-heights
- Digital twin
A virtual replica of a physical asset, process, or system — used for real-time monitoring, simulation, and predictive safety analytics.
A digital twin is a live digital representation of a physical asset (pump, compressor, reactor), process (production line), or system (plant, refinery). It ingests real-time sensor data (IoT), historical operational data, and engineering models to simulate behaviour, predict failures, and optimise performance. In QEHS contexts, digital twins are used for predictive safety — modelling gas dispersion, explosion overpressure, or evacuation scenarios — and for linking equipment condition to permit-to-work risk assessments.
Related: moc, risk-assessment, bowtie
- DOT complianceDOT
Regulatory requirements from the US Department of Transportation covering the safe transport of hazardous materials by road, rail, air, and water.
DOT compliance under 49 CFR covers hazardous materials transportation (HMR — Parts 171-180), including classification, packaging, marking, labelling, placarding, shipping papers, and emergency response information. Shippers must classify hazardous materials into one of nine hazard classes, select proper packaging, provide 24/7 emergency response contact, and train all hazmat employees within 90 days. DOT drug and alcohol testing (Part 40) applies to safety-sensitive transportation employees and includes pre-employment, random, post-accident, and reasonable suspicion testing.
Related: sds, ghs, emergency-response-plan
- EHS softwareEHS
A digital platform for managing environment, health, and safety programs — incidents, audits, permits, training, and compliance.
EHS software centralises environment, health, and safety management into a single audited platform. It replaces spreadsheets, paper forms, and siloed point solutions with configurable modules for incident reporting, inspections, audits, permit-to-work, training, risk assessments, and regulatory reporting. Modern EHS software supports responsive web capture from any device, offline-first mobile, real-time dashboards, and SIEM-grade audit trails.
Related: incident, permit-to-work, rca, leading-indicator
- Electrical safetyNFPA 70E
Requirements for protecting workers from electric shock, arc flash, and arc blast — governed by NFPA 70E and OSHA 1910 Subpart S.
Electrical safety programs address shock hazards (current passing through the body) and arc flash hazards (explosive release of energy during a fault). Key elements include: establishing an electrically safe work condition (lockout/tagout, test-before-touch), arc flash risk assessment (incident energy calculation, arc flash boundary, PPE selection using the PPE category method or incident energy analysis), qualified person training, and insulated tool requirements. NFPA 70E requires arc flash assessments be reviewed every 5 years or when the electrical system changes. OSHA 1910.333 requires live parts to be de-energised before work unless de-energising introduces additional hazards.
Related: loto, ppe, risk-assessment, control-hierarchy
- Emergency Response PlanERP
A documented plan for responding to foreseeable emergency scenarios.
OSHA 29 CFR 1910.38 requires an Emergency Action Plan for all workplaces; OSHA 29 CFR 1910.119 imposes additional requirements for PSM sites. An ERP covers: evacuation routes, assembly points, emergency contacts, shutdown procedures, fire response, chemical release, medical emergencies, and communication protocols. Annual drills are standard; post-drill reviews drive continuous improvement.
- Excavation safety
OSHA requirements for protecting workers from cave-ins and other hazards when excavating trenches or excavations deeper than 5 feet.
OSHA 29 CFR 1926 Subpart P requires protective systems (sloping, benching, shoring, trench box) for all excavations 5 feet or deeper, unless the excavation is in stable rock. A competent person must classify soil type (Type A, B, or C), inspect the excavation daily and after rain, and ensure adequate access/egress within 25 feet of workers. Atmospheric testing is required for excavations deeper than 4 feet where hazardous atmospheres may exist. Cave-ins are one of OSHA's "Fatal Four" and are almost always preventable with proper protective systems.
Related: confined-space, permit-to-work, risk-assessment
- Explosion protectionEx
The design, installation, and maintenance of equipment in atmospheres where flammable gases, vapours, mists, or dusts may be present.
Explosion protection addresses the risk of fire and explosion in hazardous areas classified under the ATEX (EU) or NEC/CEC (North America) frameworks. Key concepts include area classification (Zone 0/1/2 for gases, Zone 20/21/22 for dusts), equipment protection levels (EPL), ignition source control, and explosion venting/suppression. The DSEAR (UK) and OSHA 29 CFR 1910.307 (US) regulations mandate that employers classify hazardous areas and select appropriate equipment.
Related: dust-explosion, lel, hazop, psm, moc
- Fleet safety
The management of occupational road risk — policies, driver qualification, vehicle maintenance, and telemetry for commercial vehicle fleets.
Fleet safety addresses the single largest cause of occupational fatalities in many countries: driving for work. A fleet safety program includes driver qualification (licence verification, medical fitness), vehicle selection and maintenance (pre-trip inspections, preventive maintenance schedules), journey management (route planning, fatigue management, weather assessment), and monitoring (telemetry, dash cams, GPS tracking). Key metrics include crash rate per million miles, preventable vs non-preventable incidents, and near-miss reports from drivers. ISO 39001 provides a framework for road traffic safety management systems.
Related: risk-assessment, leading-indicator, near-miss
- Hazard Communication StandardHazCom
OSHA's right-to-know standard requiring chemical labelling and SDS availability.
OSHA 29 CFR 1910.1200 (HazCom 2012) aligns the US with the GHS. Requirements: written program, chemical inventory, SDS for every hazardous chemical, GHS-compliant labels, and employee training. HazCom violations are among the most frequently cited OSHA standards.
- Hot Work Permit
A permit authorising activities that produce sparks, flame, or heat near flammable materials.
Hot work includes welding, cutting, grinding, brazing, and soldering. Before a hot work permit is issued, the area is tested for flammable atmosphere (LEL), combustibles are removed or shielded, fire watch is assigned, and extinguishers are staged. The permit specifies location, duration, and required precautions. Post-work fire watch continues for a defined period (commonly 30–60 min).
- Job Hazard AnalysisJHA / JSA
A step-by-step breakdown of a task with hazards and controls per step.
Also called Job Safety Analysis (JSA) or Safe Work Method Statement (SWMS) in some jurisdictions. Structure: task steps → hazards per step → controls per step → residual risk. Most useful when reviewed on-site by the crew performing the work.
- Lock-Tag-Try
The three-step verification that energy isolation is complete before working on equipment.
After applying lockout/tagout devices, the worker must attempt to activate the equipment ("try") to confirm all energy sources are isolated and the equipment cannot be energised. This is the critical last step of LOTO that prevents accidents from incomplete isolation. OSHA cites LOTO violations as one of the top 10 most frequently cited standards annually.
- Lockout / TagoutLOTO
Isolating hazardous energy during servicing and maintenance.
OSHA 29 CFR 1910.147 requires identification of energy sources (electrical, hydraulic, pneumatic, thermal, mechanical, chemical, gravity), application of locks/tags, verification of zero-energy state ("try-out"), and documented return-to-service.
Related: ptw, lock-tag-try, permit-to-work
- Machine guarding
Physical barriers, devices, and procedures that prevent worker contact with hazardous machine parts — points of operation, rotating parts, flying chips.
OSHA 29 CFR 1910 Subpart O requires that all machine hazards be guarded. Guards must be affixed to the machine where possible, secured such that they cannot be removed without tools, and designed to prevent any part of the worker's body from reaching the danger zone. Types include fixed guards, interlocked guards, adjustable guards, and self-adjusting guards. Devices include presence-sensing mats, two-hand controls, and light curtains. Machine guarding violations are consistently among OSHA's top 10 most-cited standards, and amputations from unguarded machinery are among the most preventable serious injuries.
Related: loto, risk-assessment, control-hierarchy
- Management of ChangeMOC
A structured process for evaluating changes before they are implemented.
A PSM element (1910.119(l)) and an ISO expectation. Captures the technical basis of the change, affected procedures, training needs, and authorising approvals before execution. Skipping MOC is one of the most common root causes in major-hazard incidents.
- Material Safety Data SheetMSDS
The legacy 8-section chemical information sheet, replaced by the 16-section SDS.
MSDS was the pre-GHS term for chemical safety documents. Since the 2012 HazCom revision, "SDS" (Safety Data Sheet) is the correct term with a standardised 16-section format. Legacy MSDS documents from before the GHS transition may still exist in older facilities and must be updated to the SDS format.
- Permit to workPTW
A formal authorisation to perform high-risk work with defined controls.
PTW systems cover hot work, confined space, working at height, energy isolation, excavation, and critical lifts. The permit captures the controls agreed between requestor, authorising person, and operations, and is retained as audit evidence.
Related: hot-work, confined-space, loto, jha
- Permit to Work System
A formal, documented system authorising hazardous work for a defined scope and duration.
A PTW system ensures that all hazards are identified and controlled before work starts, and that multiple work activities are coordinated safely. Types: hot work, confined space entry, working at heights, electrical isolation, excavation, radiography. The permit is issued by an authorised person, accepted by the work team, and formally closed on completion. PTW failures are implicated in many major industrial disasters.
Related: ptw, hot-work, confined-space, loto
- Personal Protective EquipmentPPE
Equipment worn to minimise exposure to hazards.
OSHA 29 CFR 1910.132 requires a hazard assessment certifying the PPE selected. PPE is the last rung of the hierarchy of controls — elimination, substitution, engineering controls, administrative controls, and PPE.
Related: control-hierarchy, sds
- PPE managementPPE
The systematic issuance, tracking, inspection, and replacement of personal protective equipment across a workforce.
PPE management goes beyond handing out hard hats. It includes hazard-specific PPE assessments, a PPE matrix by job role, issuance records with size and expiry tracking, periodic inspections, replacement schedules, and training verification. OSHA requires employers to assess workplace hazards, select appropriate PPE, train employees on use and limitations, and maintain or replace PPE as needed. Digital PPE management links issuance records to training records and incident reports, providing a complete chain of accountability.
Related: ppe, hazard, control-hierarchy, jha
- Pre-Startup Safety ReviewPSSR
A structured review confirming a facility or system is safe to start up.
Required by OSHA PSM (29 CFR 1910.119(i)) for new or modified facilities where the change triggers MOC. A PSSR confirms: construction complies with design specs, safety/operating/maintenance/emergency procedures are in place, a PHA has been performed and recommendations addressed, and affected employees have been trained. Sign-off by operations, maintenance, and safety is typical.
- Pressure vessel inspection
Periodic internal and external inspection of boilers, pressure vessels, and storage tanks — mandated by ASME code and jurisdictional regulations.
Pressure vessel inspection is the scheduled examination of boilers, pressure vessels, air receivers, heat exchangers, and storage tanks to confirm they remain safe to operate at their design pressure. In the United States, vessel design and construction are governed by the ASME Boiler and Pressure Vessel Code (BPVC) Section VIII, and in-service inspection follows the National Board Inspection Code (NBIC). Vessels covered by OSHA's Process Safety Management standard (29 CFR 1910.119) — those holding a hazardous substance above the threshold quantity — must also meet the PSM mechanical-integrity requirements for inspection, testing, and deficiency correction. There are five main inspection types. An external inspection is performed annually while the vessel is in service, checking for leaks, corrosion, insulation damage, and relief-valve condition. An internal inspection requires the vessel to be shut down, isolated, and entered (or boroscoped) on a 3-5 year interval to examine the shell, heads, welds, and internal components for cracking, pitting, and wall thinning. Thickness testing (ultrasonic measurement) maps remaining wall at corrosion-prone locations and feeds the remaining-life calculation. Pressure-relief devices are tested and recalibrated on their own schedule. Non-destructive examination (NDE) — ultrasonic, magnetic-particle, dye-penetrant, and radiography — is used for weld inspection and crack detection without removing material. Inspection intervals are set by the NBIC, the manufacturer's recommendation, and jurisdictional rules, which in many states and provinces require a commissioned inspector and a filed report. Every inspection must be documented: the record identifies the vessel (including its ASME U-stamp serial and National Board number), the inspector, the methods and tests used, thickness readings, any corrosion or crack findings, the remaining-life calculation, and the next due date. In a QEHS platform these records live against the asset, with automated renewal schedules that flag the next inspection before it falls due and trigger a permit-to-work for the shutdown. Pressure vessel certification is the authority to sign off an inspection or perform a repair. In-service inspection is typically performed by an Authorized Inspector commissioned by the National Board, often working for an Authorized Inspection Agency (AIA) or, in jurisdictions that operate it, the state boiler inspector. Repairs and alterations must be performed by an ASME-certified organization holding an R Stamp (the NBIC repair stamp), and the repair must be documented on an R-1 form filed with the National Board. A vessel that has been repaired outside this process is not certified and should not be returned to service. Insurance is closely tied to inspection. Boiler and machinery (B&M) insurance carriers require current inspection records as a condition of coverage, and many jurisdictions require a valid certificate of inspection before a vessel may legally operate; uninspected vessels are typically excluded from property and liability policies and can void business-interruption cover. CSB investigations have documented fatalities from uninspected or improperly repaired vessels, which is why insurers and auditors treat a missing or overdue pressure vessel inspection as a finding, not a paperwork issue.
Related: risk-assessment, moc, psm, permit-to-work, internal-audit
- Process Safety ManagementPSM
OSHA's 14-element framework for preventing catastrophic releases of highly hazardous chemicals.
PSM (29 CFR 1910.119) applies when quantities of listed chemicals exceed thresholds. The 14 elements include: PHAs, MOC, PSSR, operating procedures, training, mechanical integrity, hot work permits, incident investigation, emergency response, contractor management, and compliance audits every 3 years. Non-compliance can result in Willful citations and multi-million dollar penalties.
- Safety Culture
The shared values, beliefs, and behaviours that determine how safety is prioritised in an organisation.
Safety culture is often assessed using maturity models (Bradley Curve: reactive → dependent → independent → interdependent). Key dimensions: leadership commitment, worker involvement, just culture (reporting vs. blame), hazard reporting rates, and safety communication. A weak safety culture is the root cause behind most major disasters (Chernobyl, Challenger, Deepwater Horizon). Culture change requires sustained leadership behaviour, not slogans.
Related: bbs, near-miss, leading-indicator
- Safety Data Sheet Management
The process of maintaining current SDS documents for all hazardous chemicals on-site.
OSHA HazCom requires SDSs to be readily accessible to workers during their shifts. An SDS management system tracks: chemical inventory, SDS revision date, storage location, access controls, and superseded versions. When a supplier updates an SDS (e.g., new health data, revised exposure limits), the system must propagate the update and notify affected workers.
- Scaffold safety
OSHA-mandated requirements for scaffold design, erection, use, and dismantling — covering supported, suspended, and mobile scaffolds.
OSHA 29 CFR 1926 Subpart L governs scaffold safety in construction. Key requirements include: scaffolds must be designed by a qualified person, erected and dismantled under a competent person's supervision, equipped with guardrails and toeboards at 10 feet (or fall arrest at higher elevations), inspected before each shift, and never loaded beyond their rated capacity. Common violations include missing guardrails, inadequate planking, and improper access. Scaffold-related incidents are among the OSHA "Fatal Four" construction hazards.
Related: working-at-heights, ppe, risk-assessment
- Trench boxTrench shield
A steel or aluminium protective system placed in a trench to protect workers from cave-ins during excavation work.
A trench box (also called a trench shield) is not designed to prevent cave-ins but to protect workers if one occurs. It is one of several protective systems allowed under OSHA 1926 Subpart P, along with sloping, benching, and shoring. Trench boxes must be designed by a registered professional engineer or manufactured to a recognised standard, extend at least 18 inches above the excavation face, and be properly installed with no lateral movement. They are commonly used for utility work, pipe laying, and foundation excavation.
Related: excavation-safety, confined-space, risk-assessment
- Working at Heights
Any work where a person could fall and be injured.
Regulatory thresholds vary: OSHA general industry ≥4 ft; construction ≥6 ft; OSHA scaffolding ≥10 ft. Controls follow the hierarchy: elimination (working at ground), passive protection (guardrails), fall restraint, fall arrest (full-body harness + lanyard or PFAS), then administrative (rescue plan, supervision). Rescue capability is a mandatory part of any fall arrest programme.
Related: ppe, ptw, control-hierarchy
Standards
- 21 CFR Part 11 — Electronic Records
FDA regulation governing electronic records and electronic signatures.
Applies to electronic records that are required to be created or maintained by FDA regulations, or submitted to FDA. Key requirements: audit trails (time-stamped, user-attributable, computer-generated), access controls, system validation, and electronic signature controls. Non-compliance can invalidate submissions and trigger 483 observations or Warning Letters.
- AS9100 — Aerospace QualityAS9100
The quality management standard for aerospace, space, and defence suppliers.
AS9100 Rev D (2016) layers aerospace-specific requirements onto ISO 9001:2015 — including product/process risk management, configuration management, first article inspection, key characteristics, and FOD (foreign object damage) prevention. Required by Boeing, Airbus, Lockheed Martin, and most aerospace primes. Oversight by IAQG registrars.
- Environmental Management SystemEMS
A structured framework for managing an organisation's environmental responsibilities.
An EMS follows the Plan-Do-Check-Act cycle and is formalised through ISO 14001. Core elements: environmental policy, aspects and impacts assessment, legal register, objectives and targets, operational controls, emergency preparedness, monitoring and measurement, nonconformity management, and management review. An EMS can be certified by an accredited third party or implemented without certification (self-declaration).
Related: iso-14001, environmental-aspect, esg
- Gap Analysis
A structured comparison of current practice against a standard or target state.
A gap analysis maps each requirement of a standard (ISO 9001, 45001, etc.) against evidence of current conformance, rating each clause as conforming, partially conforming, or non-conforming. Results produce a prioritised implementation plan. Typically conducted before a first certification audit or after a significant regulatory change. ISO 9001 Annex C and OSHA VPP self-evaluation tools are common frameworks.
Related: internal-audit, capa, management-review
- IATF 16949 — Automotive QualityIATF 16949
The global quality management standard for automotive production and service parts.
IATF 16949:2016 (developed by IATF, published with ISO 9001:2015 as a foundation) adds automotive-specific requirements: APQP, PPAP, FMEA, MSA, SPC, and customer-specific requirements (CSRs) from OEMs. Required for Tier 1 and often Tier 2 automotive suppliers. Certification is by IATF-recognised CBs; annual surveillance audits are mandatory.
- Internal Audit
A planned, systematic review of a management system by the organisation itself.
ISO 19011 provides guidance on auditing management systems. Internal audits must be: planned (programme covering all processes and areas), competence-based (auditors independent of the area being audited), documented (findings, nonconformities, and opportunities for improvement), and followed up for corrective action closure. Results feed the Management Review.
Related: management-review, ncr, capa
- ISO 14001
Environmental Management System standard.
Most-widely adopted environmental standard globally. Life-cycle perspective on aspects and impacts, compliance obligations register, and emergency preparedness for environmental releases.
- ISO 45001
International standard for Occupational Health and Safety Management Systems.
Published 2018. Replaced OHSAS 18001. Uses the Annex SL high-level structure shared with ISO 9001 and 14001. Ten clauses: Context, Leadership, Planning, Support, Operation, Performance evaluation, Improvement.
Related: iso-14001, iso-9001, internal-audit
- ISO 50001 — Energy Management
The international standard for energy management systems.
ISO 50001:2018 follows the Annex SL high-level structure shared with ISO 9001, 14001, and 45001, enabling integrated management. Core concepts: energy baseline, energy performance indicators (EnPIs), significant energy uses (SEUs), energy objectives, and management review. Certification is voluntary but increasingly required in supply chains and for public-sector procurement.
- ISO 9001
Quality Management System standard.
The most-widely certified management-system standard. Customer focus, process approach, risk-based thinking, and the PDCA cycle as operating philosophy.
- Legal and Other Requirements Register
A living list of applicable laws, regulations, and voluntary commitments relevant to EHS.
ISO 14001 and ISO 45001 both require organisations to identify and maintain access to applicable legal requirements. The register typically captures: regulation reference, jurisdiction, applicable activities, compliance obligations, responsible person, and evidence of compliance. Annual review and gap analysis against new regulations are standard practice.
Related: iso-45001, iso-14001, gap-analysis
- Management Review
A periodic top-management assessment of a management system's performance.
Required by ISO 9001, 14001, 45001, and 50001. Inputs must include: audit results, nonconformities and CAPAs, performance metrics, customer/stakeholder feedback, and progress on objectives. Outputs must include decisions on resource needs, improvement opportunities, and any changes to the system. Management review records are a mandatory documented information requirement.
- QEHS management systemQEHS
An integrated Quality, Environment, Health and Safety management platform — one tenant, one data model, every program.
A QEHS management system integrates quality (ISO 9001), environment (ISO 14001), and health and safety (ISO 45001) management into a single platform. Rather than running three separate systems, a unified QEHS platform shares locations, users, audit trails, and workflows across all three domains. This eliminates duplicate data entry, reduces audit preparation time, and provides leadership with a single dashboard covering quality, environmental, and safety KPIs.
Related: iso-9001, iso-14001, iso-45001, management-review
- Safety management systemSMS
A systematic approach to managing workplace safety, including policies, procedures, risk assessments, and performance monitoring.
A Safety Management System is the structured framework an organisation uses to identify hazards, assess risks, implement controls, monitor performance, and continuously improve. Key elements include a safety policy, hazard identification and risk assessment, operational controls, emergency preparedness, incident reporting and investigation, training and competency, performance measurement, and management review. ISO 45001 provides the international standard for occupational health and safety management systems.
Related: iso-45001, risk, hazard, leading-indicator, management-review
Quality
- Calibration
The process of comparing a measurement instrument against a traceable standard of known accuracy — and adjusting if necessary.
Calibration ensures that measurement equipment produces results within specified tolerances, traceable to national or international standards (NIST, ISO 17025). A calibration program includes an equipment register, calibration intervals based on usage and drift history, out-of-tolerance procedures (assessing impact on products tested since last calibration), and calibration certificates. ISO 9001 and IATF 16949 require documented calibration procedures and records. In QEHS platforms, calibration management links to equipment inspection schedules and preventive maintenance workflows.
Related: iso-9001, iatf-16949, internal-audit
- Corrective and Preventive ActionCAPA
Actions taken to fix a nonconformity and prevent its recurrence.
CAPA separates corrective action (eliminate the cause of the detected nonconformity) from preventive action (eliminate the cause of a potential nonconformity). ISO 9001:2015 uses CAPA as part of clauses 10.2 (nonconformity) and 10.3 (improvement).
- Document control
The systematic management of documents — creation, review, approval, distribution, revision, and obsolescence — ensuring the right version is used.
Document control is required by all ISO management system standards (ISO 9001, 14001, 45001). Key elements include: unique document identification, version control, approval before issue, distribution to points of use, prevention of unintended use of obsolete documents, and periodic review. A controlled document is one whose distribution and revision are managed — the opposite of an uncontrolled copy printed from a shared drive. In modern QEHS platforms, document control is digital: workflows for review and approval, read-receipt tracking, and automatic notification when a new revision is published.
Related: iso-9001, iso-14001, iso-45001, internal-audit
- Fishbone / Ishikawa
Cause-and-effect diagram grouping causes by category.
Also called the Ishikawa diagram. Cause categories commonly include Man, Method, Machine, Material, Measurement, Environment (the 6 Ms / 6 Es). Better suited to multi-cause problems than Five Whys.
- Five Whys
Iterative asking of "why" to trace a cause chain.
Developed at Toyota. Repeatedly ask "why did this happen?" — typically five iterations are enough to cross from symptom to cause. Works best for single-fault-path problems, less well for systemic issues where multiple causes interact.
- Gauge R&RGR&R
Gauge Repeatability and Reproducibility — a measurement system analysis that quantifies how much variation comes from the measurement tool, the operator, and the part.
Gauge R&R is part of Measurement System Analysis (MSA) required by IATF 16949. Repeatability is the variation when the same operator measures the same part with the same gauge repeatedly. Reproducibility is the variation between different operators measuring the same parts. Total GR&R below 10% is excellent; below 20% is acceptable; above 30% requires corrective action. A high GR&R means the measurement system cannot distinguish between good and bad parts, making process control impossible.
Related: spc, six-sigma, iso-9001, iatf-16949
- Gemba Walk
A leadership practice of going to the actual workplace to observe and engage.
"Gemba" (現場) means "the actual place" in Japanese — the shop floor, the worksite, the clinic, wherever the value-creating work happens. A structured gemba walk follows a standard observation sheet covering safety, quality, delivery, and housekeeping. It is not a management inspection; questions are open-ended and the goal is learning, not fault-finding.
Related: bbs, kaizen, leading-indicator
- Kaizen
Japanese for "change for the better" — continuous, incremental improvement.
Kaizen events (3–5 day focused improvement workshops, also called "blitzes") bring cross-functional teams together to eliminate waste in a targeted process. Sustained kaizen is a culture, not just events — every employee, every day, improving their work. Kaizen is a foundational element of the Toyota Production System and Lean manufacturing.
- NonconformityNCR
A failure to meet a specified requirement — the trigger for corrective action in quality and compliance programs.
A nonconformity is any deviation from a defined standard, procedure, or customer requirement. In ISO 9001 and IATF 16949, nonconformities drive the corrective action process: identify the nonconformity, contain it, determine root cause, implement corrective action, and verify effectiveness. Nonconformities can be identified through internal audits, customer complaints, inspections, process monitoring, or employee observations. They are distinct from observations (which are advisory) and incidents (which involve harm or damage).
Related: ncr, capa, rca, internal-audit, iso-9001
- Nonconformity ReportNCR
A record of a product, process, or system that does not meet a requirement.
Used in ISO 9001 quality programs and regulated industries. Each NCR is linked to a CAPA for containment, correction, and preventive action.
- Pareto Analysis
The 80/20 rule applied to quality defects — 80% of problems from 20% of causes.
Pareto analysis ranks defect categories by frequency or cost, cumulating until 80% of the total is explained. The resulting Pareto chart (bar + cumulative line) shows which few causes account for most defects, directing corrective action effort. A standard tool in Six Sigma DMAIC and ISO 9001 continual improvement cycles.
- Root Cause AnalysisRCA
A structured method to find the underlying cause of a problem.
Common methods: Five Whys (iterative questioning), Fishbone / Ishikawa (cause categories), Fault Tree Analysis, and Apollo RCA. The output is a cause chain, not a list of symptoms. The usefulness of an RCA is measured by whether the CAPA it produces prevents recurrence.
- Six Sigma
A data-driven improvement methodology targeting 3.4 defects per million opportunities.
Six Sigma uses the DMAIC cycle (Define, Measure, Analyse, Improve, Control) for improvement projects and DMADV for new designs. Practitioners are certified at White, Yellow, Green, Black, and Master Black Belt levels. Motorola originated it; GE popularised it. When combined with Lean (waste elimination), the result is Lean Six Sigma — the dominant manufacturing excellence framework.
- Statistical process controlSPC
A method of monitoring and controlling a process through statistical analysis of process outputs — detecting variation before it produces defects.
Statistical Process Control uses control charts (X-bar, R, p, c, u charts) to distinguish between common-cause variation (inherent to the process) and special-cause variation (assignable to a specific factor). When a process is "in control," all variation is common-cause and the process is predictable. SPC is a core tool in Six Sigma DMAIC, ISO 9001 quality management, and IATF 16949 automotive quality. Key concepts include control limits (typically ±3σ), process capability indices (Cp, Cpk), and the Western Electric rules for detecting out-of-control conditions.
Related: six-sigma, iso-9001, iatf-16949, ncr
- Statistical Process ControlSPC
The use of control charts to monitor process variation and detect abnormalities.
SPC distinguishes common-cause variation (inherent, random) from special-cause variation (assignable, non-random). Control limits (±3σ) are calculated from process data, not specifications. When special causes appear (points outside limits, trends, patterns), investigation and corrective action are triggered. Core IATF 16949 requirement; also used in pharmaceutical, food, and aerospace quality.
Health
- Biological monitoring
The measurement of a chemical, its metabolite, or a biochemical effect in a worker's biological sample (blood, urine, breath).
Biological monitoring assesses worker exposure by measuring the chemical agent or its metabolites in biological specimens. It complements air sampling by capturing all routes of exposure (inhalation, dermal, ingestion) and accounting for individual factors like metabolism and workload. Biological Exposure Indices (BEIs) published by ACGIH provide reference values. Common applications include blood lead monitoring, urinary mercury, and breath sampling for volatile organic compounds.
Related: tlv, pel, industrial-hygiene, sds
- Chemical hygiene planCHP
An OSHA-required written program for laboratories using hazardous chemicals, specifying procedures, equipment, and work practices.
Under OSHA 29 CFR 1910.1450 (Occupational Exposure to Hazardous Chemicals in Laboratories), any laboratory that uses hazardous chemicals must develop and implement a Chemical Hygiene Plan. The CHP must designate a Chemical Hygiene Officer, describe standard operating procedures for handling hazardous chemicals, specify control measures (engineering controls, PPE, administrative controls), detail fume hood and ventilation requirements, provide for employee training and medical consultation, and designate particularly hazardous substances requiring prior approval.
Related: industrial-hygiene, tlv, pel
- Ergonomics
The science of designing work, equipment, and the workplace to fit the worker — preventing musculoskeletal disorders.
Ergonomics addresses the physical, cognitive, and organisational factors that affect worker health and performance. Physical ergonomics focuses on posture, repetition, force, and vibration — the risk factors for work-related musculoskeletal disorders (WMSDs) like carpal tunnel syndrome, tendonitis, and low back pain. Assessment tools include RULA, REBA, NIOSH Lifting Equation, and the Strain Index. An effective ergonomics program includes hazard identification, risk assessment, control implementation, and medical management.
Related: rula, reba, risk-assessment
- Globally Harmonized SystemGHS
UN-harmonised system for classifying and labelling chemicals.
GHS standardises hazard classification (physical, health, environmental), label elements (pictogram, signal word, hazard statement, precautionary statement), and SDS format. Adopted by OSHA HazCom 2012 in the US.
- Hearing conservation programHCP
An OSHA-mandated program for workplaces where noise exposure equals or exceeds 85 dBA as an 8-hour TWA.
A hearing conservation program is required under OSHA 29 CFR 1910.95 when noise exposure reaches the action level of 85 dBA TWA. Required elements include noise monitoring, audiometric testing (baseline within 6 months, annual thereafter), hearing protection devices (HPDs) with appropriate NRR, employee training, and recordkeeping. The program must be reviewed annually and updated when changes in equipment or processes affect noise levels.
Related: noise-exposure, ppe, tlv
- Heat Stress
The physiological strain imposed by a hot environment exceeding the body's cooling capacity.
Heat stress disorders range from heat cramps and syncope to heat exhaustion and heat stroke (a medical emergency). Wet Bulb Globe Temperature (WBGT) is the standard exposure metric. OSHA has proposed a heat rule (29 CFR 1910/1926) requiring heat illness prevention programmes, rest/water/shade, and acclimatisation schedules. ACGIH publishes TLVs for heat stress.
Related: ppe, leading-indicator, tlv
- Indoor Air QualityIAQ
The quality of air inside buildings affecting occupant health and comfort.
IAQ concerns: CO2 (indicator of ventilation adequacy; ASHRAE 62.1 targets <1,000 ppm), VOCs, particulates, biological contaminants (mould, Legionella, allergens), and radon. OSHA has no comprehensive IAQ standard but enforces under the General Duty Clause. NIOSH IAQ investigations are a frequent response to "sick building" complaints.
Related: legionella, hazard, tlv
- Industrial hygieneIH
The science of anticipating, recognising, evaluating, and controlling workplace conditions that may cause injury or illness.
Industrial hygiene is the discipline of protecting worker health from chemical, physical, biological, and ergonomic hazards. Core activities include exposure monitoring (air sampling, noise dosimetry, heat stress monitoring), establishing exposure limits (TLV, PEL, REL), implementing controls (ventilation, substitution, administrative), and maintaining exposure records for the duration of employment plus 30 years (OSHA requirement). A strong industrial hygiene program integrates sampling schedules, lab results, and control recommendations into the broader QEHS platform.
Related: tlv, pel, noise-exposure, heat-stress, sds, control-hierarchy
- Legionella Risk Assessment
Assessment and control of Legionella bacteria in water systems.
Legionella pneumophila thrives in water at 20–45 °C, especially in stagnant, scale-laden systems. Risk sites: cooling towers, hot water systems, decorative fountains, dental units. Control: maintain hot water >60 °C, cold <20 °C, regular disinfection, and routine sampling. In the UK, HSE ACoP L8 and HTM 04-01 are the standards. CDC MMWR guidance applies in the US.
- Lower Explosive LimitLEL
The minimum concentration of a gas in air at which ignition can occur.
Below the LEL, the mixture is too lean to ignite. Above the UEL (Upper Explosive Limit), it is too rich. Gas detectors typically alarm at 10% LEL (action level) and 25% LEL (evacuation). Oxygen deficiency (<19.5%) can suppress combustion while still being immediately dangerous to life.
Related: hot-work, confined-space, sds
- Noise Exposure / Hearing Conservation
Occupational noise management to prevent noise-induced hearing loss.
OSHA 29 CFR 1910.95 requires a Hearing Conservation Programme when noise exposure reaches 85 dBA TWA (Action Level). Components: noise monitoring, audiometric testing, hearing protector provision, training, and recordkeeping. Engineering controls (enclosures, vibration damping) are preferred over PPE. NIOSH recommends 85 dBA as the REL; OSHA's PEL is 90 dBA.
- Permissible Exposure LimitPEL
OSHA's legally enforceable occupational exposure limits.
PELs are codified in 29 CFR 1910.1000 (Z-tables) and substance-specific standards (e.g., 1910.1025 for lead). Most PELs were adopted from 1968 ACGIH TLVs and have not been updated, making many inadequate by modern toxicological standards. Employers are encouraged to use more current TLVs or NIOSH RELs as voluntary targets.
- Rapid Entire Body AssessmentREBA
An ergonomic tool assessing whole-body posture for musculoskeletal risk.
REBA extends RULA to include lower body postures and is better suited for dynamic, unpredictable tasks (healthcare patient handling, construction). Scores 1–15 map to risk levels from negligible to very high. Often used alongside NIOSH Lifting Equation for manual handling tasks.
Related: rula, leading-indicator
- Rapid Upper Limb AssessmentRULA
An ergonomic assessment tool scoring upper body posture and muscle use.
RULA assigns scores to upper arm, forearm, wrist, neck, trunk, and leg postures, plus muscle use and force. The final score (1–7) indicates the level of intervention required: 1–2 acceptable, 5–6 investigate soon, 7 investigate immediately. Widely used in office, manufacturing, and healthcare ergonomics programmes.
Related: reba, leading-indicator
- Respiratory protection program
An OSHA-required program covering selection, fit-testing, use, cleaning, and medical evaluation for respirator users.
Under OSHA 29 CFR 1910.134, any workplace that requires respirator use must implement a written respiratory protection program. Elements include: hazard assessment to determine airborne contaminant levels, respirator selection based on assigned protection factor (APF), medical evaluation to ensure fitness to wear a respirator, fit-testing (quantitative or qualitative), training on use and limitations, cleaning and maintenance procedures, and program evaluation. The program administrator must be qualified and the program must be updated as conditions change.
Related: ppe, tlv, pel, sds, industrial-hygiene
- Safety Data SheetSDS
16-section document describing a chemical hazard and its controls.
OSHA HazCom 2012 adopted the GHS 16-section format: Identification, Hazard identification, Composition, First-aid, Fire-fighting, Accidental release, Handling and storage, Exposure controls / PPE, Physical and chemical properties, Stability and reactivity, Toxicological information, Ecological information, Disposal, Transport, Regulatory, Other.
- Threshold Limit ValueTLV
ACGIH occupational exposure guideline values for airborne contaminants.
Published annually by the American Conference of Governmental Industrial Hygienists (ACGIH). Three types: TLV-TWA (8-hr time-weighted average), TLV-STEL (15-min short-term exposure limit), and TLV-C (ceiling, never exceeded). TLVs are not regulatory limits (PELs are); however, they are often more current and health-protective than OSHA PELs.
Related: pel, sds, noise-exposure
Environment
- Chemical inventory management
The systematic tracking of all chemicals on site — quantities, locations, SDS documents, and regulatory reporting triggers.
Chemical inventory management is foundational to both safety (knowing what hazards are present) and environmental compliance (EPCRA Tier II reporting, TRI Form R reporting). A modern chemical inventory links each chemical to its Safety Data Sheet (SDS), tracks quantities per location, flags chemicals that exceed regulatory thresholds, and auto-generates reports for fire departments, LEPCs, and environmental agencies. Integration with procurement and waste manifests provides cradle-to-grave tracking from purchase to disposal.
- Cradle-to-Grave Waste Tracking
Generator accountability for hazardous waste from generation to final disposal.
Under RCRA, hazardous waste generators remain legally responsible for their waste until it is properly treated, stored, or disposed of. This is enforced through the Uniform Hazardous Waste Manifest system, which tracks waste from the generator site through transporters to the permitted Treatment, Storage, and Disposal Facility (TSDF). e-Manifest (EPA myRCRAid) is the electronic manifest system.
- CSR and ESG reportingESG
Corporate Sustainability Reporting and Environmental, Social, and Governance disclosures — increasingly mandated for enterprises.
Corporate Social Responsibility (CSR) and Environmental, Social, and Governance (ESG) reporting has moved from voluntary to mandatory in many jurisdictions. Frameworks include GRI (Global Reporting Initiative), SASB (Sustainability Accounting Standards Board), TCFD (Task Force on Climate-related Financial Disclosures), and the EU CSRD (Corporate Sustainability Reporting Directive). QEHS platforms support ESG data collection by capturing environmental metrics (emissions, waste, water, energy) alongside safety and quality data in a single audited system.
- Emissions trading
A market-based approach to controlling pollution by creating economic incentives for reducing emissions — cap-and-trade systems.
Emissions trading (cap-and-trade) is a regulatory mechanism where a government sets a cap on total emissions, allocates allowances to emitters, and allows trading of allowances. Emitters who reduce emissions below their allocation can sell surplus allowances; those who exceed must buy. The EU ETS (Emissions Trading System) is the world's largest carbon market. In the US, the Acid Rain Program (SO₂ and NOₓ trading) demonstrated that market mechanisms can achieve environmental goals at lower cost than command-and-control regulation.
- Environmental aspect
An element of an organisation's activities that can interact with the environment.
ISO 14001 requires organisations to identify environmental aspects — fuel combustion, wastewater discharge, chemical storage, noise, land disturbance — and determine which are "significant" based on their actual or potential environmental impact. Significant aspects drive objectives, operational controls, and emergency preparedness. The aspect-impact register is the environmental equivalent of a safety risk register.
Related: iso-14001, esg, risk-register
- Environmental, Social, GovernanceESG
A framework for reporting non-financial sustainability performance.
ESG reporting is distinct from environmental management under ISO 14001, though the two overlap. Common standards: GRI, SASB, TCFD, CSRD (EU), ISSB. QEHS data (emissions, water, waste, injuries, diversity) is frequently the source for ESG disclosures.
Related: iso-14001
- Greenhouse Gas InventoryGHG
A quantified account of greenhouse gas emissions from an organisation.
Governed by the GHG Protocol Corporate Standard. Emissions are organised into Scope 1 (direct combustion, fugitive releases, company vehicles), Scope 2 (purchased electricity/heat/steam), and Scope 3 (supply chain, employee travel, use of sold products). ISO 14064-1 provides an auditable reporting standard. GHG inventories feed ESG disclosures, TCFD reports, and carbon offset programmes.
- Life cycle assessmentLCA
A methodology for evaluating the environmental impacts of a product, process, or service across its entire life cycle — from raw material extraction to disposal.
Life cycle assessment (LCA) is standardised under ISO 14040 and 14044. It quantifies environmental impacts across multiple categories (global warming potential, acidification, eutrophication, resource depletion) for each life cycle stage: raw material extraction, manufacturing, distribution, use, and end-of-life. LCAs inform product design (design for environment), environmental product declarations (EPDs), and regulatory compliance. In QEHS platforms, LCA data feeds ESG reporting, supplier scorecards, and sustainability disclosures.
Related: environmental-aspect, esg, ghg, iso-14001
- PFAS — Per- and Polyfluoroalkyl SubstancesPFAS
A class of synthetic chemicals called "forever chemicals" due to environmental persistence.
PFAS encompass thousands of compounds (PFOA, PFOS, GenX, etc.) used in non-stick coatings, firefighting foam (AFFF), food packaging, and stain repellents. They accumulate in groundwater and living tissue. EPA has set MCLs for PFOA/PFOS at 4 ppt in drinking water (2024). Sites with AFFF use or manufacturing must assess and potentially remediate PFAS contamination.
- REACH — Chemical RegulationREACH
EU regulation requiring registration, evaluation, and restriction of chemical substances.
REACH (EC 1907/2006) places the burden of proof on manufacturers and importers to demonstrate chemical safety. Substances of Very High Concern (SVHCs) are listed on the Candidate List; articles containing SVHCs above 0.1% w/w must be disclosed. Authorisation is required for listed substances; restrictions apply EU-wide.
- Restriction of Hazardous SubstancesRoHS
EU directive restricting hazardous substances in electrical and electronic equipment.
RoHS 3 (EU 2015/863) restricts ten substances including lead, mercury, cadmium, hexavalent chromium, and four phthalates. Applies to EEE placed on the EU market. Manufacturers must issue a Declaration of Conformity and maintain technical documentation for 10 years. Enforcement is by market surveillance authorities.
- Scope 1 emissions
Direct GHG emissions from sources owned or controlled by the organisation.
Scope 1 includes: stationary combustion (boilers, furnaces), mobile combustion (company fleet), process emissions (cement calcination, steelmaking), and fugitive emissions (refrigerant leaks, methane from pipelines). Scope 1 is the most controllable category and the starting point for any decarbonisation roadmap.
- Scope 2 emissions
Indirect GHG emissions from purchased electricity, heat, steam, or cooling.
The GHG Protocol allows two Scope 2 accounting methods: location-based (average grid emissions) and market-based (contract-specific factors from RECs, PPAs, or supplier rates). Market-based Scope 2 can be reduced to zero through renewable energy certificates; location-based reflects actual grid carbon intensity. Both must be disclosed.
- Scope 3 emissions
All other indirect GHG emissions in the value chain, upstream and downstream.
The GHG Protocol defines 15 Scope 3 categories including purchased goods and services, capital goods, fuel/energy-related activities, transportation, waste, business travel, employee commuting, and use/end-of-life of sold products. Scope 3 typically accounts for 70–90% of total corporate footprint, making supply chain engagement critical to net-zero targets.
- Spill prevention, control, and countermeasureSPCC
EPA-required plans for facilities storing oil above threshold quantities — preventing oil spills and containing them if they occur.
Under 40 CFR 112 (EPA), facilities with aggregate above-ground oil storage exceeding 1,320 gallons (or 42,000 gallons buried) must prepare an SPCC plan. The plan must be certified by a Professional Engineer, describe oil storage locations and quantities, identify spill pathways, specify containment measures (secondary containment, diversion structures), detail inspection procedures, and provide for discharge response. SPCC plans must be reviewed every five years and updated when storage capacity or containment configurations change.
Related: swppp, environmental-aspect, emergency-response-plan
- Stormwater Pollution Prevention PlanSWPPP
A plan required under NPDES permits to prevent stormwater contamination.
Required for industrial facilities and construction sites under EPA NPDES Multi-Sector General Permit (MSGP) or Construction General Permit (CGP). A SWPPP identifies pollutant sources, describes BMPs (Best Management Practices), and establishes inspection and monitoring schedules. Annual comprehensive site inspections and quarterly visual assessments are typically required.
- Tier II Report — EPCRA Section 312Tier II
Annual chemical inventory report filed with state and local emergency planners.
EPCRA Section 312 requires US facilities storing hazardous chemicals at or above threshold quantities to submit Tier II reports by March 1 each year to the State Emergency Response Commission (SERC), Local Emergency Planning Committee (LEPC), and local fire department. Reports include chemical name, CAS#, quantity, storage locations, and physical/health hazards.
- TRI Form R — Toxic Release InventoryForm R
Annual EPA report on releases and transfers of listed toxic chemicals.
EPCRA Section 313 requires US facilities meeting SIC code, employee, and threshold criteria to file Form R (or the abbreviated Form A) by July 1 for the prior calendar year. Reports cover on-site releases to air, water, and land, plus off-site transfers for disposal or recycling. Data is published in the EPA TRI National Analysis and accessible via the TRI Explorer database.
- Waste management
The collection, transport, treatment, and disposal of waste — including hazardous, universal, and solid waste streams.
Waste management in a QEHS context covers the full lifecycle from generation to final disposal. Hazardous waste (RCRA Subtitle C) requires cradle-to-grave manifesting, generator classification (LQG, SQG, VSQG), and land disposal restriction compliance. Universal waste (batteries, lamps, mercury devices, pesticides) follows streamlined requirements. Solid waste (Subtitle D) and construction debris have their own regulatory frameworks. Key compliance triggers include monthly generation rates, accumulation time limits, and emergency preparedness requirements.
Related: environmental-aspect, ghg, scope-3, form-r
Culture
- Safety observation
A structured, non-punitive observation of worker behaviour — the foundation of behaviour-based safety (BBS) programs.
A safety observation is the core data-collection activity in behaviour-based safety (BBS) programs. A trained observer watches a worker perform a task, records both safe and at-risk behaviours, provides immediate positive feedback on safe behaviours, and discusses at-risk behaviours constructively. The data is aggregated (not individualised) to identify behavioural trends and target systemic improvements. Effective observations focus on specific, observable behaviours, not attitudes or personalities, and are never used for discipline. The goal is to increase safe behaviours through positive reinforcement, not to punish.
Related: bbs, leading-indicator, near-miss, safety-culture