Mastering CoR: Lifting the veil on how to manage Chain of Responsibility

Mastering Chain of Responsibility (CoR) is a challenging mission, but the journey can help you develop a strategic edge and improve the road safety outcomes within your supply chain. I’ve often ruminated that the keys to success in managing CoR are regularly presented by professionals as some ethereal culmination of “things” that only they can help with. I’ve tried to lift the veil here by talking to some simple things that can help change the way you play the game, and enable easier navigation of your CoR requirements.

1. Who are you, and what do you do?

This might seem fairly straightforward, but it is something I’ve found that is not well understood by many of the businesses with whom I’ve worked. 

So you make packaging and outsource distribution of this to a third party? Obviously you consign freight! But you also receive freight on heavy vehicles, so you’re a consignee too? And you load and unload trucks … and pack containers for shipping overseas … and you have one site with a few medium rigids to service customers in that area with full time drivers … the list goes on.

When you’re really honest about what transport activities you actually do, you’re finally in a position to start assessing all your risks, which is an excellent place to start. It’s also where you identify to which parties you outsource other transport activities – but more on what to do with that information shortly.

2. Managing risk

“CoR is no different to workplace safety.” 

What does that mean?

Obviously we’re talking about different legislation here, and I’m not trying to say that low lumens in an office is the same as travelling 500km with a bundle of steel unrestrained. When it comes to risk however, what individuals and organisations need to do is based on the same principles. 

Some of the key shared principles include:

• Proactively identifying and managing risks

• Consider: Are there things that I influence or control that may cause harm or may not be meeting legal requirements? How likely is it that it will occur? What can I do to prevent it from happening? What is the appropriate response given the likelihood and the harm, and my level of influence/control?

• You must do everything as is reasonably practicable to eliminate or reduce risk

• Consider: Once you’ve identified a risk, there is a duty to act on that risk. Your actions should reflect the level of knowledge you have about the risk/controls, (which includes the knowledge you’d be expected to have based on your role in the supply chain, even if you don’t). What controls exist to reduce the risk? Is the cost to implement those controls relative to the risk versus being grossly disproportionate? 

• When considering controls and relative cost, the measure of relative cost (and therefore what are reasonable controls) often depends on what similar companies are doing in the industry to manage those risks. That being said, given there are high stakes when things don't go as planned, it’s prudent to be more cautious. 

So does CoR basically mean managing risks for any transport activities you do? 

Well, mostly. But it’s also about the transport activities you outsource – after all, they wouldn’t be exposed to a risk if someone wasn’t paying them to do so. And on that note, quite often when someone outsources an activity, they still have a lot of influence on how it gets done. For example: “Can you do it quicker if I pay more?” 

3. Seeking assurance

You’ve read this far and might be thinking “well that’s pretty easy, I’m awesome at safety – I’ve got over 200 job safety analyses (JSAs)  just for changing a lightbulb as proof”. Aha - there’s still more to do! (and maybe rethink the 200 JSAs).

Having great systems and processes to identify and manage risks is a fantastic foundation, but we need to make sure it’s working. I spoke earlier this year about a recent primary duty prosecution which emphasised that systems need to do more than sit on a shelf.

By seeking assurance that what we said we were going to do is actually happening and controlling the risk effectively, we finally start to get ahead. Seeking assurance could include the following but ultimately depends on your business and its needs:

1. Reviewing risk assessments to make sure everything is captured.

2. Reviewing controls (including those suggested after an incident) to make sure they are implemented and working.

3. Reporting on safety performance (such as number of hazards, breaches, near misses, toolbox talks, inspections) – is it trending in the right direction?

4. Completing audits/gap assessments on yourself (consider an independent third party) – you don’t know what you don’t know.

5. Establishing minimum standards for parties that you outsource activities to, and double checking that they actually meet those standards (inspections, internal/external audits, annual reviews, etc).

6. Inspecting jobs, work environments, loads, and more.

Use any other means, data or feedback to either reinforce that what you’re doing is working, or wake you from your revery and push you to consider other controls.

4. Training – one size fits all?

Any good risk management process will at some stage identify the importance of people and preparation in managing a risk. This starts with training.

It’s vitally important that your team know what is expected of them, what their legal obligations are, and how to do their jobs safely. Finding effective ways to get this knowledge across could fill a novel, and then some. But these are some good places to start.

• E-learning: an awesome start for consistent training that covers high level content and is easy to distribute. This is perfect for general awareness courses or conveying expectations, but usually falls flat when trying to train more technical skills.

• Face-to-face training: depending on the format, this can achieve everything that E-learning can with the added bonus of being more engaging (hopefully), and it being easier to demonstrate technical skills. It is harder to scale than E-learning.

• Buddy training: Pairing a new person up with someone who is considered skilled in the same job is an effective way to train technical skills and obtain an idea of competency. It is also typically quite structured, but for a condensed period. This is harder to scale again.

• On-the-job training: a fantastic method for teaching skills, but runs the risk of inconsistency or forgotten instruction. This can be overcome when combined with competency assessments and knowledge checks at strategic points. In my experience, this is the hardest training to scale when it is done properly. (As a point of distinction, I am not talking here about the “learn on the job” mentality where someone who has no idea what is going on is thrown in the deep end, and hopefully learns to swim.)

Ultimately your training solution will probably end up being a combination of these things, and might even include some techniques I haven’t even mentioned here.

 5. Documentation and other ‘things’

And finally we have the other “things”. The things that probably are closer to compliance than doing things safely – but that doesn’t mean it isn’t important. 

The most logical place to start is documentation. Having a standalone document on its own probably won’t save a life or stop an injury, but it can show what measures you took to try and prevent it. Where you’re able, make sure you document what you do. 

While this starts with things like policies and procedures, you shouldn’t forget about your toolbox talks, the safety meeting you held with staff, that time you recognised Jimmy for speaking up about a hazard, and the incident last week out the back near the bins. How you document it doesn’t need to be elaborate, it could just be a note in your diary, but doing this could go a long way in demonstrating the effort you put in to managing a risk, rewarding safe behaviours, or measuring the effectiveness of your controls.

As for the other “things” – this is my way of cutting short what has already been a long read. The NHVR’s Master Code is intended to be a guide to cut through the noise and even that is 91 pages. So yes, there’s some other stuff to it (such as executive due diligence, accreditation, work and rest rules, incident management, consequences and enforceable undertakings, and more), but we’ve covered a lot here that can help you elevate your CoR management already.

 So does reading this mean you have suddenly mastered CoR? Probably not. But I hope I’ve removed the mysticism around meeting your CoR obligations. And with a bit of luck in viewing this differently we might even influence some better outcomes on the road. 

After all that’s what this is all about.

CoRsafe gives you visibility of the training progress of your supply chain partners in real time. Auditors are able to see your data quickly and easily. Our team can show you how CoRsafe can be customised to your needs. Chat to them today for a complimentary consultation and demo. 

© 2024 Logistics Safety Solutions Pty Ltd (LSS) ABN 25 134 417 379. This newsletter contains general information only. LSS bears no responsibility, and shall not be held liable, for any loss, damage or injury arising directly or indirectly from your use of or reliance on the information in this newsletter.