Third Parties, Conformity Assessment and You

Dec. 7, 1999
A new column from the president-elect of the American Industrial Hygiene Association examines the critical issue of third-party audits and its import for OHS pros.

For the past several years, the use of third parties in occupational health and safety (OHS) has been an issue in legislative and policy debates, OSHA policy discussions and the OHS community in general. We, as an OHS profession, need to understand that all third-party auditor proposals for OHS inspections must include a strong conformance-assessment system for these legislative and policy proposals to be acceptable.

What Is a "Third-Party Audit"?

Let's start with the issue of "parties." An audit can be performed by auditors who have the designation "first," "second" or "third" party.

A "first-party" audit is one in which an organization audits itself. That is, the auditor is employed by the organization that he is auditing.

First-party audits have been the preferred mode of operation for organizations. Industrial hygienists, especially those who work for large, well-funded departments within companies, have always had this role. There is a great advantage in using first-party auditors. Those auditors, by virtue of their being part of the organization, have a unique, high degree of access and understanding that might not be available to auditors who are hired from the outside.

A "second-party" audit is one in which a customer is auditing a supplier or contractor.

To me, the second-party audit is the most powerful weapon in our arsenal. The power that a customer has over a supplier or contractor is extraordinary. A customer who includes occupational health and safety requirements for being a responsive and responsible bidder on a contract can clearly define the level of protection of the worker for the jobs that need to be done. The financial impact of such specifications can be far greater than the impact of a citation given by OSHA.

A "third-party" audit commonly refers to the use of qualified individuals or entities whose services are usually paid for by the organization that is to be audited.

Third-party audits have been used in the practice of occupational and environmental health for many years. OSHA uses special governmental employees to help with Voluntary Protection Program inspections. AIHA uses members to perform audits of accredited laboratories. NSF International inspects and certifies all bottled drinking water in the United States All of these use third-party processes and audits. It is a common and well-proven mechanism.

Why Be Interested?

Third parties are being used throughout the OHS field. With third-party audits, the application of existing standards, regulations or other structures to the registration or certification of OHS programs or management systems is complex.

The elevation of the third-party issue can be attributed to three factors:

1. Proposed OSHA-reform legislation in recent sessions of Congress has contained requirements for the use of third parties in activities traditionally performed by OSHA.

2. The conformity-assessment structure developed by the International Organization for Standardization (ISO), as reflected in the ISO 9000 "quality assurance management system" and ISO 14000 "environmental management system."

3. The reference in the National Performance Review (NPR) of 1993 to the potential use of third parties in the Department of Labor. The NPR recommended that "the secretary of labor issue new regulations for work-site safety and health, relying on private inspection companies or nonmanagement companies." Such approaches are usually presented as a means of meeting legislated mandates in the face of diminishing resources and in response to calls for increased industry-government cooperation.

What Is "Conformity Assessment"?

Conformity assessment is "the determination of whether a product or process conforms to particular standards or specifications." Independent third parties have played a significant role in numerous conformity-assessment models in various sectors of the economy for many years. Conformity assessment includes a wide range of approaches applicable to sampling, testing, inspection, evaluation, verification and assurance of conformity, as well as to the certification of quality system assessment and registration, including various combinations of these procedures.

The command-and-control conformance structures of OSHA and EPA have been in prominent use for 30 years. Assessment of conformance with OSHA standards is defined in Sections 8, 9 and 10 of the OSH Act and in OSHA's Field Inspection Reference Manual. Conformance assessment and enforcement interpretations are also impacted by decisions of the Occupational Safety and Health Review Commission and the outcomes of judicial review. Noncompliance with OSHA standards and regulations is determined by OSHA inspectors.

How does OSHA use "thirdparties"? In the case of OSHA programs that use some form of third-party activity, the agency does not delegate its enforcement responsibility. Rather, these programs establish criteria that third parties must meet to be permitted to perform the verification function. OSHA staff oversee the performance of the certification to ensure that the third parties meet these criteria.

One of the criticisms of failed OSHA-reform legislation, especially related to the third-party issue, was that the bills would have severely limited OSHA's traditional enforcement capabilities without establishing a conformity assessment program.

The origins of numerous existing and evolving EHS conformity-assessment structures can be traced to activities of ISO. That is, if you are a third-party ISO auditor, there is a fail-safe program in place to see to it that you are doing your job. This fail-safe program includes auditing of the auditor and of the company that hires the auditor. This system is routinely performed in a uniform fashion on a worldwide basis. This is the conformity assessment system.

In 1995, the National Research Council's (NRC) Science, Technology and Economic Policy Board published a report, "Standards, Conformity Assessment and Trade." The NRC report presents a generic conformity-assessment model that can be applied to manufacturing, service delivery or quality management systems. (For more information read: "Analysis of Third-Party Certification Approaches Using an Occupational Health and Safety Conformity-Assessment Model," AIHA J. 59: 802-812 (1998).)

The question has been raised: "If an audit system conformity assessment structure is required, does that mean that all industrial hygienists and safety professionals must be certified to become first-, second- or third-party auditors, even if they all are CIHs or CSPs?" The answer is "yes" and "no." The answer is "yes" when the audit is performed for a specific purpose that requires a specific certification. For example, a certification is required for EHS professionals who perform ISO 14000 audits. Otherwise, no additional certification is necessary.


All audit systems need a conformity assessment system in place to ensure that audit, inspection, certification, registration, accreditation and workplace compliance inspection systems work. For all systems that are in place and working, this is true. For all systems that are proposed, this must be true. There can be no exceptions.

Critical features of a robust conformity assessment structure must include:

  • A standard against which assessments are made;
  • A way to perform the assessment, an agreed upon measurement method; and
  • A strong accreditation mechanism whereby first, second, and third parties can be certified to perform assessments.
  • A QA/QC mechanism whereby assessor performance is evaluated and modified as needed -- a means where affected parties can register complaints.

If we, as an OHS profession, work to ensure that all proposals for the use of third-party auditors for OHS inspections include a strong conformance-assessment system, then, and only then, will we have an assurance that the system will work. By "work," we mean it will help to ensure that every working man and woman has a safe and healthy workplace.

Contributing Editor Steven P. Levine, Ph.D., CIH2 (Comprehensive Practice & Chemical Aspects) is president-elect of the American Industrial Hygiene Association. He is a professor of environmental health sciences and co-director of the University of Michigan WHO Collaborating Center for Occupational Health, and adjunct professor at the Institute for International Health of Michigan State University. Charles F. Redinger, Ph.D., CIH, co-authored this article.

The opinions expressed in this column have not been debated nor endorsed by the AIHA Board of Directors.

About the Author

EHS Today Staff

EHS Today's editorial staff includes:

Dave Blanchard, Editor-in-Chief: During his career Dave has led the editorial management of many of Endeavor Business Media's best-known brands, including IndustryWeekEHS Today, Material Handling & LogisticsLogistics Today, Supply Chain Technology News, and Business Finance. In addition, he serves as senior content director of the annual Safety Leadership Conference. With over 30 years of B2B media experience, Dave literally wrote the book on supply chain management, Supply Chain Management Best Practices (John Wiley & Sons, 2021), which has been translated into several languages and is currently in its third edition. He is a frequent speaker and moderator at major trade shows and conferences, and has won numerous awards for writing and editing. He is a voting member of the jury of the Logistics Hall of Fame, and is a graduate of Northern Illinois University.

Adrienne Selko, Senior Editor: In addition to her roles with EHS Today and the Safety Leadership Conference, Adrienne is also a senior editor at IndustryWeek and has written about many topics, with her current focus on workforce development strategies. She is also a senior editor at Material Handling & Logistics. Previously she was in corporate communications at a medical manufacturing company as well as a large regional bank. She is the author of Do I Have to Wear Garlic Around My Neck?, which made the Cleveland Plain Dealer's best sellers list.

Nicole Stempak, Managing Editor:  Nicole Stempak is managing editor of EHS Today and conference content manager of the Safety Leadership Conference.

Sponsored Recommendations

Free Webinar: ISO 45001 – A Commitment to Occupational Health, Safety & Personal Wellness

May 30, 2024
Secure a safer and more productive workplace using proven Management Systems ISO 45001 and ISO 45003.

ISO 45003 – Psychological Health and Safety at Work

May 30, 2024
ISO 45003 offers a comprehensive framework to expand your existing occupational health and safety program, helping you mitigate psychosocial risks and promote overall employee...

DH Pace, national door and dock provider, reduces TRIR and claims with EHS solution

May 29, 2024
Find out how DH Pace moved from paper/email/excel to an EHS platform, changing their culture. They reduced TRIR from 4.8 to 1.46 and improved their ability to bid on and win contracts...

Case Study: Improve TRIR from 4+ to 1 with EHS Solution and Safety Training

May 29, 2024
Safety training and EHS solutions improve TRIR for Complete Mechanical Services, leading to increased business. Moving incidents, training, and other EHS procedures into the digital...

Voice your opinion!

To join the conversation, and become an exclusive member of EHS Today, create an account today!