ASEMS Part 3 - Assurance
Primary tabs
The primary objective of undertaking audits is to provide assurance to the Chief of Defence Materiel and the DE&S Safety Board, that Acquisition Safety and Environmental Management specifically within DE&S complies with MOD Policy and relevant legislation.
The proscriptive use of this guidance is not mandatory, as long as the DT demonstrates a case for suitable alternative methodologies which achieve the desired objectives and deliverables as defined in the procedure. Therefore, when following the system procedures, four options exist to demonstrate conformance:
- Use the recommended guidance and tools contained within the procedure, including allowed variations and options, and document the outcomes.
- Use an equivalent process and tool-set generated elsewhere – document evidence of procedural equivalence along with the outcomes.
- Use a bespoke process and tool-set for the project – document how the bespoke procedure achieves the system/procedure objectives along with the outcomes.
- Where it is possible to omit a procedure, or part of a procedure, the basis for the decision must be documented (in the Safety or Environmental Case) before progressing to the next applicable step or procedure.
Sections
1. Introduction
Click to view
2. System Audit (Audit Management and Initiation)
Click to view
3. System Audit (Audit Planning)
Click to view
4. System Audit (Conduct)
Click to view
5. System Audit (Reporting and Follow-Up)
Click to view
6. ASEMS Audit Question Set Overview
The assurance question sets have been created as a means of assuring the requirements described in the ASEMS Part 1 Clauses and their equivalent HS&EP Elements within DSA01.1
Policy Clause Auditing Question Sets
1. General Clauses
1.1
Conform to Secretary of State for Defence’s Policy
Those holding safety and environmental responsibilities and/or delegations shall ensure that in the procuring or supporting Products, Systems or Services, they conform to the Secretary of State’s Health, Safety and Environmental Protection Policy Statement.
1.2
Instructions
The instructions defined in ASEMS - Part 2 Instructions, Guidance and Support shall be used to manage safety and environmental impact within DE&S.
1.3
Duty Holders
Duty Holders shall be appointed and Letters of Delegation issued in accordance with the DE&S Chief Executive Officer’s Organisation and Arrangements.
1.4
Interfaces
Interfaces between organisations shall be identified so that risks, and opportunities for performance improvement, across them can be appropriately managed and effectively communicated.
1.5
Data and Record Format
Data shall be maintained in a format which satisfies the reporting requirements of senior management within DE&S. Auditable records shall be made and kept under review in accordance with relevant legislation.
1.6
Significant Occurrences and Fault Reporting
All Delivery Teams shall record and report significant Product, System or Service faults, accidents, incidents and near misses to the DE&S Safety, Health & Environment Committee through the Quality, Safety and Environmental Protection Team.
1.7
Learning From Experience
Operating Centres, Delivery Teams or equivalents shall ensure accidents and incidents are investigated to identify opportunities to reduce the likelihood and impact of recurrence. Lessons learned shall be shared amongst all relevant stakeholders to maximise benefit. Lessons learned (i.e. Audit Reports and LfE Artifacts) shall be shared amongst all relevant stakeholders and stored on the BMS/SharePoint as appropriate.
1.8
Training
DE&S sponsored courses for system safety and environmental protection and sustainability shall be the recognised route to support suitable and sufficient competence throughout DE&S.
2. Management Responsibilities
2.1
Organisation and Arrangements
Operating Centre Directors or equivalent shall document their Organisation and Arrangements that shall: i. communicate their commitment to Secretary of State for Defence’s policy statement; ii. foster a proactive safety and environmental culture; iii. continually improve the safety and environmental management systems and their outcomes; iv. and comply with legal and other appropriate requirements.
2.2
Communication
Operating Centres, Delivery Teams or equivalents shall ensure that communication procedures are implemented that provide an effective flow of safety and environmental information upwards, downwards and across their organisation.
2.3
Organisational Change Management
Operating Centre Directors or equivalent shall identify any increased safety risk associated with organisational change and manage it appropriately.
3. Safety and Environmental Management System
3.1
Safety and Environmental Management System
Operating Centres, Delivery Teams or equivalents shall operate in compliance with established Safety and Environmental Management Systems.
3.2
Safety and Environmental Management Plan
Operating Centres or equivalent shall ensure that all Products, Systems or Services have a suitable and sufficient through life safety and environmental management plan.
3.3
Stakeholder Agreements
Agreements between Stakeholders shall define and document system safety and environmental responsibilities.
3.4
Availability of Resources
Operating Centres, Delivery Teams or equivalents shall ensure the availability of resources necessary to establish, implement and maintain the safety and environmental management system and detail these in a through life safety and environmental management plan.
3.5
Core Element Documentation
Operating Centres, Delivery Teams or equivalents shall establish, maintain and retain suitable and sufficient information that describes the core elements of the safety and environmental management system(s), their interaction and any related documentation.
3.6
Accountability
Individuals deployed to assignments which require the formal delegation of safety and environmental responsibilities, accountability and authority shall be mapped against, and comply with the requirements of, the DE&S Acquisition Safety Taxonomy (S&EP Leaflet 17/2023) and DE&S Acquisition Environmental Taxonomy (S&EP Leaflet 18/2023).
3.7
Monitoring
Operating Centres, Delivery Teams or equivalents shall establish, implement and maintain a suitable and sufficient procedure to monitor and measure safety and environmental performance of their safety and environmental management system on a regular basis.
3.8
Audit Frequency
Compliance with the documented safety and environmental management system shall be verified via audit at planned intervals according to a published schedule, and as required.
3.9
Internal Audit
At planned intervals commensurate with the risk: i) Operating Centres shall audit their Delivery Teams, or equivalents, safety and environmental management systems. ii) Delivery Teams or equivalents shall audit the safety and environmental management systems of their projects. iii) The DE&S Quality, Safety and Environmental Protection Team or their representative, shall audit the safety and environmental management systems of Operating Centres and Delivery Teams.
3.10
Review
Operating Centres, Delivery Teams or equivalents shall review their safety and environmental management systems, at planned intervals commensurate with the risk, to ensure their continuing suitability, adequacy and effectiveness.
4. Safety and Environmental Cases/Assessments
4.1
Safety Cases
Delivery Teams (DTs) or equivalents shall establish and maintain through-life safety cases that provide a compelling, comprehensible, and valid argument that a Product, System, or Service is safe for a given application in a given operating environment. For Platforms and Large Complex Systems, DTs shall utilise the Safety Case Maturity Tool to assess the breadth and appropriate coverage of the produced safety case report and submit findings to QSEP for inclusion in the Safety Case Maturity Dashboard.
4.2
Environmental Cases
Delivery Teams or equivalents shall establish and maintain through-life environmental cases that provide a compelling, comprehensible and valid argument that the Product, System or Service delivers Sound Environmental Performance.
4.3
Identification of Legislation and other Requirements
Operating Centres or equivalent shall establish and maintain a procedure for identifying and accessing the relevant safety and environmental legislative and other requirements that are applicable to their projects.
4.4
Compliance with Legislation and other Requirements
Delivery Teams or equivalents shall establish, and demonstrate compliance with, relevant legislation and other requirements.
4.5
Environmental Impact Identification
Operating Centres, Delivery Teams or equivalent shall establish, implement and maintain a procedure for the on-going proactive identification of environmental impacts.
4.6
Safety Hazard Identification
Operating Centres, Delivery Teams or equivalent shall establish, implement and maintain a procedure for the on-going proactive identification of safety hazards.
4.7
Safety and Environmental Objectives and Targets
Operating Centres, Delivery Teams or equivalents shall establish and maintain relevant safety and environmental objectives with a resourced programme to achieve targets.
4.8
Accident and Incident Records
Operating Centres, Delivery Teams or equivalent shall monitor and record accidents, incidents and near misses where the performance of their Product, Systems or Services results in harm to individuals or damage to the environment and use this information to keep their risk assessments valid.
4.9
Assessment Approval
Safety and/or environmental case reports shall be personally approved by the individual with formally delegated authority to confirm their acceptance with the progress of the safety and/or environmental case/assessment and of the risks and impacts associated with the project.
4.10
Independent Assurance
Independent review of the Safety and Environmental Management System shall be ensured, as appropriate and commensurate to the risk, by the individual with formally delegated authority for safety and environmental protection. Information/findings arising from independent assurance shall be stored on the BMS/SharePoint as appropriate.
5. Risk Management
5.1
Risk and Impact Assessment
All foreseeable Safety Risks and Environmental impacts shall be identified, assessed, prioritised and managed.
5.2
Change Management
Operating Centres, Delivery Teams or equivalents are to ensure that all new or increased safety risks arising from changes to Products, Systems or Services or to their operating environment are managed appropriately
5.3
Hierarchy of Controls
Operating Centres, Delivery Teams or equivalent shall adopt a recognised hierarchical approach for achieving a reduction in safety risk and environmental impact.
5.4
Consultation
Operating Centres, Delivery Teams or equivalent shall ensure that all stakeholders are identified and consulted so that their views and responsibilities are considered when managing safety risks and the delivery of sound environmental performance.
5.5
Safety Risk
Products, Systems or Services shall not have safety risks that have not been formally assessed, justified and declared to be Tolerable and As Low As Reasonably Practicable (ALARP), unless communicated and accepted by a Duty Holder (DH).
5.6
Environmental Impact
A proportionate systematic approach shall be utilised to minimise negative environmental impacts and maximise positive impacts so far as is reasonably practicable.
5.7
Non-compliance Reporting
In circumstances where the ability of the Delegation Holder to achieve compliance with the requirements of ASEMS may have been compromised, Operating Centres, Delivery Teams or equivalents shall take immediate steps to correct the situation. Actions required could include improving the clarity of the authority, instructions or responsibilities provided, increasing resources or correcting deficiencies in practices or procedures. Where resolution of the problem lies outside the control of the Delegation Holder, the issue is to be referred through the line management chain. This requirement is to be applied to any further levels of delegation as necessary.
5.8
Referral Requirements
Where risks cannot be managed within an individual’s delegated responsibility, the risk shall be formally referred using the DE&S risk referral procedure.
5.9
Specialist Advice
Delivery Teams or equivalents shall ensure all specialist advice (including guidance/recommendations from industry and/or Independent Specialist Advisors) is documented and formally reviewed by the appropriate Safety and/or Environmental committees. Additionally, the Executive Safety Responsible and/or Executive Environmental Responsible is to ensure that the Senior Responsible Owner is informed if any appropriate independent advice/guidance is not followed. This clause applies to both safety and environmental specialist advice.
6. Competence
6.1
Roles and Responsibilities
Operating Centres, Delivery Teams or equivalents shall demonstrate that competence requirements have been established for all roles in accordance with appropriate standards including the DE&S System Safety & Environmental Protection Competence Maps, Assignment Specifications and Success Profiles.
6.2
Suitably Qualified and Experienced Personnel
Operating Centres, Delivery Teams or equivalents shall ensure that those engaged in safety and environmental protection are suitably qualified and experienced to discharge their safety and environmental responsibilities.
6.3
Competence
The competence of all staff with system safety and environmental responsibilities shall be regularly assessed, monitored and recorded. Staff with formally delegated system safety and environmental responsibilities shall demonstrate their competence to receive the delegation prior to deployment, and their competence shall be regularly monitored and recorded.