Maintain A Healthy, Safe And Secure Working Environment

Mukesh Singh

Maintain A Healthy, Safe And Secure Working Environment

COURTESY :- vrindawan.in

Wikipedia

Environment (E), health (H) and safety (S), EHS is an acronym for the set that studies and implements the practical aspects of protecting the environment and maintaining health and safety at occupation. In simple terms it is what organizations must do to make sure that their activities do not cause harm to anyone. Commonly, quality – quality assurance and quality control – is adjoined to form the company division known as HSQE.

 

Workplace Safety: Importance, Benefits and Ways to Create a Safe Workplace

From a safety standpoint, it involves creating organized efforts and procedures for identifying workplace hazards and reducing accidents and exposure to harmful situations and substances. It also includes training of personnel in accident prevention, accident response, emergency preparedness, and use of protective clothing and equipment.

Better health at its heart, should have the development of safe, high quality, and environmentally friendly processes, working practices and systemic activities that prevent or reduce the risk of harm to people in general, operators, or patients.

Maintain a safe, hygienic and secure working environment - ppt video online download

From an environmental standpoint, it involves creating a systematic approach to complying with environmental regulations, such as managing waste or air emissions all the way to helping site’s reduce the company’s carbon footprint.

Regulatory requirements play an important role in EHS discipline and EHS managers must identify and understand relevant EHS regulations, the implications of which must be communicated to executive management so the company can implement suitable measures. Organizations based in the United States are subject to EHS regulations in the Code of Federal Regulations, particularly CFR 29, 40, and 49. Still, EHS management is not limited to legal compliance and companies should be encouraged to do more than is required by law, if appropriate.

Notwithstanding the individual importance of these attributes, the various institutions and authors have accented the acronyms differently. Successful HSE programs also include measures to address ergonomics, air quality, and other aspects of workplace safety that could affect the health and well-being of employees and the overall community. Another researcher transformed it as SHE in 1996, while exploring the “concept of ‘human quality’ in terms of living standards that must follow later than the health…..[as per the] paradigm of SHEQ, ….raising up the importance of environment up to the ‘safety of people as a prime consideration'”. It is because “Safety First” is called in for the commitment to transform the safety culture of countries. Quality is “fitness for purpose”, and without which each and every endeavour will be futile.

Other abbreviations than HSE, SHE, HSQE are also used:

  • The Health and Safety Executive
  • The Environment Agency
  • Local authorities
  • Federal / international
    • Occupational Safety and Health Administration (OSHA)
    • Environmental Protection Agency (EPA)
    • Nuclear Regulatory Commission (NRC)
    • Mining Safety and Health Administration (MSHA), etc.
    • European Union (EU standards) – Health and Safety At Work Act
    • Bureau of Safety and Environmental Enforcement (BSEE)
  • State
    • Safety and Health Council of North Carolina, Massachusetts Nuclear Regulatory Commission, etc.
  • Local
    • Municipal fire departments (building code inspections)
    • Environmental Management Agency (EMA)

EHS guidelines cover categories specific to each industry as well as those that are general to most industry sectors. Examples of general categories and subcategories are:

See also: Occupational safety and health -By industry

The chemical industry introduced the first formal EHS management approach in 1985 as a reaction to several catastrophic accidents (like the Seveso disaster of July 1976 and the Bhopal disaster of December 1984). This worldwide voluntary initiative, called “Responsible Care”, started by the Chemistry Industry Association of Canada (formerly the Canadian Chemical Producers’ Association – CCPA), operates in about 50 countries, with central coordination provided by the International Council of Chemical Associations (ICCA). It involves eight fundamental features which ensure plant and product safety, occupational health and environmental protection, but which also try to demonstrate by image-building campaigns that the chemical industry acts in a responsible manner. Being an initiative of the ICCA, it is restricted to the chemical industry.

Since the 1990s, general approaches to EHS management that may fit any type of organisation have appeared in international standards such as: The Valdez Principles, that have been formulated to guide and evaluate corporate conduct towards the environment.

  • the Eco-Management and Audit Scheme (EMAS), developed by the European Commission in 1993
  • ISO 14001 for environmental management in 1996
  • ISO 45001 for occupational health and safety management in 2018, preceded by OHSAS 18001 1999

In 1998 the International Finance Corporation established EHS guidelines.

As a typical example, the activities of a health, safety and environment (HSE) working group might focus on:

  • exchange of know-how regarding health, safety and environmental aspects of a material
  • promotion of good working practices, such as post-use material collection for recycling
  • Occupational Safety and Health Administration (United States)
  • American Society of Safety Engineers
  • Canadian Centre for Occupational Health and Safety (CCOHS)
  • EHS Today
  • Safety+Health Magazine – National Safety Council
  • Environmental Leader
  • EU-OSHA
  • ISHN
  • NIOSH
  • OHS
  • Occupational safety and health
  • National Safety Council
  • Robert W. Campbell Award, an Award for Business Excellence through EHS Management.
  • Safety engineering
  • Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management. It typically involves preventing or reducing the probability of unauthorized/inappropriate access to data, or the unlawful use, disclosure, disruption, deletion, corruption, modification, inspection, recording, or devaluation of information. It also involves actions intended to reduce the adverse impacts of such incidents. Protected information may take any form, e.g. electronic or physical, tangible (e.g. paperwork) or intangible (e.g. knowledge). Information security’s primary focus is the balanced protection of the confidentiality, integrity, and availability of data (also known as the CIA triad) while maintaining a focus on efficient policy implementation, all without hampering organization productivity. This is largely achieved through a structured risk management process that involves:
    • identifying information and related assets, plus potential threats, vulnerabilities, and impacts;
    • evaluating the risks
    • deciding how to address or treat the risks i.e. to avoid, mitigate, share or accept them
    • where risk mitigation is required, selecting or designing appropriate security controls and implementing them
    • monitoring the activities, making adjustments as necessary to address any issues, changes and improvement opportunities

    To standardize this discipline, academics and professionals collaborate to offer guidance, policies, and industry standards on password, antivirus software, firewall, encryption software, legal liability, security awareness and training, and so forth. This standardization may be further driven by a wide variety of laws and regulations that affect how data is accessed, processed, stored, transferred and destroyed. However, the implementation of any standards and guidance within an entity may have limited effect if a culture of continual improvement isn’t adopted.

    1. “Preservation of confidentiality, integrity and availability of information. Note: In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved.” (ISO/IEC 27000:2009)
    2. “The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.” (CNSS, 2010)
    3. “Ensures that only authorized users (confidentiality) have access to accurate and complete information (integrity) when required (availability).” (ISACA, 2008)
    4. “Information Security is the process of protecting the intellectual property of an organisation.” (Pipkin, 2000)
    5. “…information security is a risk management discipline, whose job is to manage the cost of information risk to the business.” (McDermott and Geer, 2001)
    6. “A well-informed sense of assurance that information risks and controls are in balance.” (Anderson, J., 2003
    7. “Information security is the protection of information and minimizes the risk of exposing information to unauthorized parties.” (Venter and Eloff, 2003
    8. “Information Security is a multidisciplinary area of study and professional activity which is concerned with the development and implementation of security mechanisms of all available types (technical, organizational, human-oriented and legal) in order to keep information in all its locations (within and outside the organization’s perimeter) and, consequently, information systems, where information is created, processed, stored, transmitted and destroyed, free from threats. Threats to information and information systems may be categorized and a corresponding security goal may be defined for each category of threats.A set of security goals, identified as a result of a threat analysis, should be revised periodically to ensure its adequacy and conformance with the evolving environment. The currently relevant set of security goals may include: confidentiality, integrity, availability, privacy, authenticity & trustworthiness, non-repudiation, accountability and auditability.” (Cherdantseva and Hilton, 2013)
    9. Information and information resource security using telecommunication system or devices means protecting information, information systems or books from unauthorized access, damage, theft, or destruction (Kurose and Ross, 2010).Various definitions of information security are suggested below, summarized from different sources:At the core of information security is information assurance, the act of maintaining the confidentiality, integrity, and availability (CIA) of information, ensuring that information is not compromised in any way when critical issues arise. These issues include but are not limited to natural disasters, computer/server malfunction, and physical theft. While paper-based business operations are still prevalent, requiring their own set of information security practices, enterprise digital initiatives are increasingly being emphasized, with information assurance now typically being dealt with by information technology (IT) security specialists. These specialists apply information security to technology (most often some form of computer system). It is worthwhile to note that a computer does not necessarily mean a home desktop. A computer is any device with a processor and some memory. Such devices can range from non-networked standalone devices as simple as calculators, to networked mobile computing devices such as smartphones and tablet computers. IT security specialists are almost always found in any major enterprise/establishment due to the nature and value of the data within larger businesses. They are responsible for keeping all of the technology within the company secure from malicious cyber attacks that often attempt to acquire critical private information or gain control of the internal systems.

       

      The field of information security has grown and evolved significantly in recent years. It offers many areas for specialization, including securing networks and allied infrastructure, securing applications and databases, security testing, information systems auditing, business continuity planning, electronic record discovery, and digital forensics. Information security professionals are very stable in their employment. As of 2013 more than 80 percent of professionals had no change in employer or employment over a period of a year, and the number of professionals is projected to continuously grow more than 11 percent annually from 2014 to 2019.

      Information security threats come in many different forms. Some of the most common threats today are software attacks, theft of intellectual property, theft of identity, theft of equipment or information, sabotage, and information extortion. Viruses, worms, phishing attacks, and Trojan horses are a few common examples of software attacks. The theft of intellectual property has also been an extensive issue for many businesses in the information technology (IT) field Identity theft is the attempt to act as someone else usually to obtain that person’s personal information or to take advantage of their access to vital information through social engineering. Theft of equipment or information is becoming more prevalent today due to the fact that most devices today are mobile, are prone to theft and have also become far more desirable as the amount of data capacity increases. Sabotage usually consists of the destruction of an organization’s website in an attempt to cause loss of confidence on the part of its customers. Information extortion consists of theft of a company’s property or information as an attempt to receive a payment in exchange for returning the information or property back to its owner, as with ransomware. There are many ways to help protect yourself from some of these attacks but one of the most functional precautions is conduct periodical user awareness. The number one threat to any organisation are users or internal employees, they are also called insider threats.

      Governments, military, corporations, financial institutions, hospitals, non-profit organisations, and private businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Should confidential information about a business’s customers or finances or new product line fall into the hands of a competitor or a black hat hacker, a business and its customers could suffer widespread, irreparable financial loss, as well as damage to the company’s reputation.From a business perspective, information security must be balanced against cost; the Gordon-Loeb Model provides a mathematical economic approach for addressing this concern.

      For the individual, information security has a significant effect on privacy, which is viewed very differently in various cultures.