P. Hohnen, P. Hasle Accreditation body Certification bureau Certified organisation Safety Science 109 (2018) 76-85 Fig. 1. The certification value chain. accreditation conditions are fulfilled. This includes both the assessment of the certification bureau itself and participation in audits carried out by the certification bureau in the certified organisation. If requirements are not fulfilled, the certification bureau must make corrections and report back to the accreditation body, and it may risk losing its ac- creditation. A similar process takes place between the certification bureau and the private or public company receiving a certificate. The certification bureau issues a certificate, provided that the company fulfils all the requirements in a management standard such as OHSAS 18001. Before the certificate is issued, an audit is carried out in order to ensure con- formity. Audits are subsequently carried on a regular basis to check whether conditions are still being complied with. The certificate is is- sued for three years and is audited at least once a year. The auditors basically assess two things: (1) whether the requirements for the management systems are being complied with, and (2) whether na- tional legislation is being followed. The audit will therefore assess both the paperwork in the shape of procedures and policies and the physical work environment. The relations between the parties in the chain are purely market- based, and the parties pay for all services provided. In Denmark, the accreditation body DANAK is a non-profit foundation owned by sta- keholders and regulated by the government based on a yearly perfor- mance contract. Competition exists between certification bureaus, which must therefore set their prices at a competitive level; this may influence the quality, unless the market and compliance with the ac- creditation requirements are strictly controlled (Zwetsloot et al., 2011). The requirements for accreditation including audits are stipulated in the ISO standard: ISO/IEC 17,021 (International Organization for Standardization, 2015). The basic requirement for the audits is that they must be objective and evidence-based, but the interpretation of these concepts is not further specified in the standard. Three types of reactions are available to the auditors: (1) they may point out non- conformities, which the certified company needs to rectify and report back to the certifying company; (2) they may state observations, which will be checked at the next audit, and (3) they may make suggestions for improvements, which include no follow-up obligations. 2.2. Theorising standards - a sociological perspective In order to understand how the mechanisms in the certification and audit system work in practice, we conceptualise international standards as regulatory tools. According to Brunsson and Jacobsson (2000), standards can be understood as 'rule-making' and as a form of orga- nized governance'. Distinguishing between three types of regulation - directives, norms and standards - Brunsson and Jacobsson define standards as a combination of directives and norms. Norms and stan- dards are less explicit and more voluntary than directives, whereas directives and standards are more explicitly related to a written source (e.g. OHSAS 1001) than norms. Standards can be regarded as non- hierarchical and voluntary, in that one does not need to but may choose to follow a standard. Moreover, they are usually considered global advice. Accordingly, Brunsson and Jacobsson developed the following definition: "Standards are rules that are claimed to be voluntary, have a source and are explicit" (ibid. 13). In practice, as in the Danish case, standards are often used in combination with directives. Not only do OHS systems require compliance with national and international law, they may also, as in the Danish case, function as a direct legislation tool substituting for instance regular labour inspection (Jespersen et al., 2016a). Furthermore, standards can be considered as abstract expert systems which are de facto a product of several processes of production, interpretation and monitoring involving several actors (ibid). Both Jacobsson (2000:41) and Power (1996; 1997) emphasise that standards are based on what they term abstract expert systems. Para- phrasing Giddens (1990), standards are abstract systems disembedded from local context enabling functioning at a distance (Jacobsson, 2000). Precisely because standards are voluntary rules, they need to be for- mulated at a high level of abstraction in order to appeal to a wider audience of potential customers. "Standards are by definition 'rules for the many'. As such they are ne- cessarily abstract to some degree and general in scope, and cannot cater for the idiosyncrasies of the organisations to which they apply". Brunsson et al. (2012: 621) As a consequence of the high level of abstract knowledge, standards need to be adapted to the national as well as the local regulatory contexts. The actual implementation of a standard therefore requires a two-way interpretation process involving both the translation of gen- eral, abstract rules into concrete practices in a local cultural and legal context, and a translation of these local practices 'back' into general procedures and forms of documentation which demonstrates (through an audit) that the standard is being followed (Brunsson et al., 2012: 621-22). As stated by Hohnen et al. (2014), this makes some room for local versions of standard compliance, and in addition, the adaption of standards is shaped by the organisations involved, which apply their understanding of how the specifications in the standard should be in- terpreted and when compliance is reached. In order to understand how standards are being applied, we need to look into concrete interpreta- tion and audit practices. It follows from the above sociological discus- sion that standards are de facto a product of several processes of produc- tion, interpretation and monitoring involving several actors. This highlights the fact that the regulatory process involved is complex, in- volving both international and national institutions and the above- mentioned workplace interpretations (Brunsson and Jacobsson, 2000: 13) Although the organisational literature on standards highlights the complexity in the regulatory mechanism and the variety in their adaption, few attempts have been made to study these processes sys- tematically in terms of investigating the 'value chain' outlined in the section above. In particular, we lack knowledge about how the most central regulatory and monitoring tools are de facto being interpreted by the three key levels of actors, i.e. the accreditation body, the certi- fication bureaus and the local workplaces. In the following section, based on the above-mentioned understanding of standards as a 78 P. Hohnen, P. Hasle framework, we embark on an analysis of the rather complex regulatory chain in certified OHSM systems in a Danish context. Our aim is to understand the way in which audits are carried out in practice within the area of the psychosocial work environment. 3. Method and material The paper builds on a case study conducted in Denmark of the value chain for certification of OHSM systems according to OHSAS 18001. We have therefore included case studies with data from each of the three links in the value chain: (1) the accreditation body, (2) the certification bureau, and (3) the certified workplaces. The data collection included both general information on the working of the value chain and a particular focus on the system's ability to handle the psychosocial work environment. 3.1. Data (1) The accreditation body (DANAK): An interview with the manager responsible for the accreditation of certification companies in OHSAS 18,001 (duration 1.5h, main themes: the role of the accreditation body, the practice of accred- itation including assessment, the OHS and psychosocial competence in DANAK, their way of dealing with the psychosocial work en- vironment). The formal framework for the accreditation body as presented at DANAK's homepage, including a number of instructions regarding the interpretation of ISO/IEC 17,021 for OHS certification, assess- ment practices, competence requirements for auditors, and the implementation of executive orders from the Working Environment Authority. Minutes from the eight meetings between DANAK, the Working Environment Authority and the certification companies about OHSAS 18,001 certification 2013-2016. A description of the accreditation system prepared by DANAK for the WEA of 7 April 2016 A sample report from the assessment of an audit carried out by a certification bureau in a Danish municipality. (2) The certification bureau: In order to gain knowledge of the auditing practices of auditing bureaus, we conducted a (critical) case study of an auditing bureau operating in Denmark. The bureau was chosen because they are parti- cularly focused on the challenges of their auditors in auditing psycho- social work environment issues as well as on how these are, to some extent, related to the type of logic and procedures on which the stan- dard rests. Therefore, the chosen case may be referred to as a critical case (Flyvbjerg, 2006). If problems are found with the audits of the psychosocial work environment in this bureau, it is likely that such problems are also found in other bureaus. As well as 'shadowing' (Czarniawska-Joerges, 2007) auditors while they conducted the ex- ternal audits in four workplaces in the two municipalities in the study, we interviewed five auditors. The specific aim of the interviews with these auditors was to gain knowledge about their experiences and challenges in auditing (identifying as well as reporting) psychosocial work environment problems. Five interviews with auditors at the certification bureau (duration 1-1.5 h, main themes, the audit practice, their competences, their 3 The bureau in question has initiated a specific competency development program concerning psychosocial work environment issues for its employees and has employed an industrial PhD with the specific aim of developing ways of auditing the psychosocial work environment. The bureau in question currently participates in an explorative network of Danish companies aimed at improving the auditing of the psychosocial work environ- ment. Safety Science 109 (2018) 76-85 way of dealing with the psychosocial work environment with a particular focus on ambiguities). The formal framework of the certification bureau as described by the company itself (anonymous) and in the standard ISO/IEC 17,021 and the accreditation instructions mentioned above. Participants' observations of four workplace audits in two munici- palities. The audit reports from the audited workplaces. (3) Four case studies (two primary schools and two elderly care cen- tres) in two OHS-certified Danish Municipalities: Participants' observations of four external audits in two munici- palities. Interviews with the management and the work environment re- presentative before and after the audits (duration 1-1.5 h) (main themes, the organisation of the workplace, main work environment issues with a particular focus on PWE, the organisation of OHSM, the use of OHSM procedures and systems, the follow-up of audits). The audit reports from the workplaces. Interviews with work environment managers responsible for the overall OHSM system in the municipalities. All interviews were semi-structured, based on a prepared interview guide, transcribed and uploaded in Nvivo. For all observations, detailed notes were written immediately after the observations and uploaded in Nvivo. The coding process was rather complex. First, the analysis involved a combination of prefixed codes and open coding in an iterative process involving both descriptive and interpretive codes (Miles and Huberman, 1994). Second, the analysis was based on different types of data (participant observation, semi-structured interviews and docu- ments) and different contexts. Third, some codes were concrete, e.g. 'ways of auditing psychosocial work environment issues' or 'tools used in auditing psychosocial work environment issues', while others would be more analytic, e.g. 'assumed logics in auditing' or 'differences be- tween guidelines and practices'. In the interview with DANAK, we looked for ways the accreditation body interpreted and communicated their understanding of the stan- dard's ability to target psychosocial work environment issues in audits. Consequently coding focused on the concrete guidelines given to the certifying bodies, acknowledged as well as possibly unacknowledged challenges concerning the auditing psychosocial issues. In the inter- views with the external auditors we have coded their descriptions of the standard, their experience with audits and their interpretation of the guidelines received from the accreditation body. We have also coded their descriptions of concrete audit practices. More analytically we have noted relationships between types of psychosocial work environment issues and the use of audit tools in order to identify possible problem areas. We have also noted patterns in the ways in which auditors consciously and unconsciously translate the standard into concrete usage in the area of psychosocial work environment. For example we have coded the kind of psychosocial work environment problems that auditors experience and the kind of tools that were being used/not used. Finally, regarding the organisation of empirical data from the workplace cases and municipalities, we focused on identifying how external auditors in concrete contexts target psychosocial work en- vironment issues. In order to do this we have followed the whole au- diting process, which includes different steps (agreed focus areas, the concrete auditing of a workplace and the final the audit report). Examples of specific topics coded/written down are: the role of psy- chosocial work environment issues in pre-audit guidelines, the role of psychosocial work environment issues in concrete audits, types of work environment issues targeted, reactions to these choices by workplaces, variations in audits between auditors, possible disagreements at dif- ferent levels and possible contrasting definitions or assumptions by different actors or between different steps in the process. The analysis is the result of collaborative work between researchers 79