Overview

In 2010, NAEM held a series of roundtable discussions on managing global EHS programs. In this section you will find notes from the discussions on:

• Global EHS Compliance
• Understanding EHS Risk Management v.s. Compliance Assurance
• Managing Global EHS Data Systems

Global Compliance

Discussion Notes: "Global EHS Compliance”

Key Topics:

• Identifying and monitoring changes in legal requirements globally
• Assuring and maintaining high levels of legal compliance

Challenges Raised:

• Knowing EHS legal requirements in various countries (what are the requirements?)
• Dealing with extensive supply chains
• Trusting locals to be knowledgeable and honest on local regulations
• How do legal requirements apply to a particular business?
• Tracking changes in legal requirements
• How do you handle legal requirements in an audit program?
• How do you know when you have achieved compliance with a high degree of confidence?
• Lack of proactive trending metrics
• Interpretation of standards/regulations
• Dealing with regional cultural differences
• Example: disconnect between self-assessment and second- or third-party audit results
• Varying degrees of regulatory enforcement in different countries
• Complete and current access to legal requirements in any jurisdiction is usually very expensive
• Who is responsible for tracking local legal requirements?
• Lack of trending information

Solutions/Strategies Offered:

• Monitor compliance in stages: "journey” concept
• Meet local legal requirements
• Meet corporate standards
• Achieve full compliance
• Make sure corporate standards are well-based: Why are the standards important from a business risk perspective?
• Industry engagement is important in establishing standards
• Drive industry standards
• Consensus based standards
• Customers sometimes drive business practices
• Reputation (outside looking in) can drive standards: positive image
• Engage stakeholders-even adversarial-gain new insights
• Benchmarking roles and responsibilities: Who does what and has what responsibilities?
• Advocacy can be a useful tool
• EHS maturity matrix used based on 25 EHS aspects
• Value of publishing metrics à establish standard metrics

Experiences & Lessons Learned:

• Expensive to buy regulations and updates for all countries
• The "Devil is in the details”: screening tools are general
• Needs to be systems-driven: integrate into current business systems (avoid systems "silos”)
• Cost may appear high for outside consultant auditing, but independence, objectivity, and third-party perspective are value-added
• Would suggest outside audit address legal requirements only, and not corporate standards
• Disconnect between corporate standards and operational knowledge

Summary of Learning:

• Establish and broadly publish a set of standard metrics (EHS maturity matrix)
• Monitor compliance in stages. View it as a journey with various levels of compliance.
• Factors in determinable standards
• Industry consensus driven
• Reputation (outsiders view)
• Customer requirements
• Stakeholder input (consider adversarial)
• Business risk based
• Benchmark others to determine roles and responsibilities (who does what at what level – local vs. corporate)
• Screening services can be used to monitor regulations, but beware of lack of details

Risk Management

Discussion Notes: Understanding Risk Management vs. Compliance Assurance

Key Topics:

• Compliance
• Risk Management

Challenges Raised:

• Managing compliance globally vs. locally
• Biggest challenges: understanding where to focus resources in complying with multiple regulatory standards
• Knowing what the local rules are
• How to set corporate standards that are risk based
• How to define, value, and resource the risks appropriate in order to minimize it – implementing preventive measures
• Implementing risk assessment measures: top-down or bottom-up approach?
• Identify where focus is needed (risk assessment/management vs. compliance assurance)

General Lessons Learned:

• Bringing in consensus from the larger base
• Centralizing operations
• Ensuring stores are using process (on site audit and paper trail)
• Conducting risk assessment and to identify perceived and actual risks
• Setting up enterprise risk assessment committees
• Bottom up vs. top down approach to risk management:
• Bottom up for smaller risks/implementation
• Top down for bigger scale risk standards
• Target: Corporate risk and responsibility pyramid (define actual vs. residual risk)

Solutions:

• EMS: system implementation and uniform systems
• BBY: Moving to metrics system to identify where to invest resources
• 3M: implementing cross functional team to identify risk
• Identify whether risk assessment vs. compliance program is most needed

Global Data Systems

Discussion Notes: Managing Global EHS Data Systems

Key Topics:

• How to demonstrate business case for effective data systems
• Data Quality Collection
• Compelling Reports
• Resources

Challenges Raised:

• Perception of driving EPA and OSHA requirements globally (U.S.-centric perspective can be limiting)
• Data accuracy – need right data and consistency in analysis and reporting
• Key metrics to measure varies significantly across business unites and geographies – how to select?
• Right mix of leading and lagging indicators
• Effective systems to extend from U.S. only to international data collection
• How to best report out the results of data collected in order to be compelling
• Regulations can be very complex and subject to wide interpretation; key is how to track changes
• Collection of "one off” unique data (e.g., state and local regulations)
• Resources to keep data collection functional/accurate/current
• Picking the right metrics to drive action
• Redundancy of work in the various tools

Solutions/Strategies Offered:

• Selection of right metrics to drive change
• Key performance indicators vs. metrics
• "Focus on the critical few”
• Use of consultants to confirm key issues, then look at software most relevant to those issues
• Data collection quality and effectiveness of tools
• Issue – need to consider cost/value proposition as counter balance
• Bring in your client base for input in defining and selecting tools/software
• Maturity of software matters!
• Compelling reports – info/trends vs. just data
• Work with executives to confirm what they care about, how and what they want to see
• EHS scorecards – RYG, some number ranking of all sites
• Resources to maintain
• Think about resources at design stage (e.g. pick/design software that has QA/QE checks and has useful and intuitive reports)
• Business Case
• Worker comp costs
• Sustainability demands data (and quality data)
• Compliance – fines/federal sentencing guidelines
• Productivity