Procurement Manager in 90 Days: Contractor Safety Plan

Contractor safety is often decided before the contractor arrives on site, because price, scope, mobilization time, and supervision clauses shape the risk controls that field teams inherit. This 90-day plan shows how a procurement manager can make contractor selection and contract governance part of risk management rather than a paperwork handoff to EHS.

1. What should the procurement manager understand before starting?

A procurement manager should understand that contractor safety is a purchasing decision before it becomes a field-control problem. ISO reports that ISO 45001 gives health and safety stronger emphasis in supply chains, contracting, procurement, and outsourcing, which places procurement inside the prevention system rather than outside it.

Across 25+ years leading EHS in multinationals, Andreza Araujo has seen that serious exposure often enters the site through commercial shortcuts: vague scopes, compressed mobilization, unrealistic headcount assumptions, and contracts that reward speed while leaving supervision undefined. The contractor may be blamed later, although the risk was built into the purchase order.

The first practical move is to map where procurement decisions touch high-risk work. Separate routine suppliers from contractors who enter hazardous areas, perform energy isolation, work at height, manage chemicals, operate vehicles, or supervise subcontractors. Then connect those groups to existing high-risk controls, including the critical control register, because procurement needs to know which controls cannot be negotiated away.

2. What should happen in the first week?

The first week should create a joint view of the contractor lifecycle from request to demobilization. In 5 working days, procurement should identify the top 10 contracted activities by risk, spend, and site exposure, then agree with EHS and operations which activities require technical prequalification before commercial comparison.

HSE describes managing contractors as a practical challenge for companies that use external workers, and its contractor guidance emphasizes selecting contractors and preparing the scope of work before site activity begins. That sequence matters because the safest contractor cannot execute a badly defined scope without improvisation.

Build a 1-page lifecycle map with 6 gates: scope, prequalification, bid evaluation, mobilization, field interface, and demobilization. Each gate needs a decision owner. Procurement should own the commercial process, but EHS must own risk criteria, operations must own field supervision, and legal must ensure the contract gives the company the right to intervene when controls fail.

3. How do you separate price from risk in bid evaluation?

Price should be compared only after minimum risk capability has been verified, because an unsafe low bid often transfers cost to the field in the form of rework, shutdown, incident exposure, and supervision load. A 90-day procurement plan should define at least 5 non-negotiable safety criteria before the buyer opens the commercial ranking.

As Andreza Araujo argues in *A Ilusao da Conformidade* ("The Illusion of Compliance"), a system can look compliant while daily execution tells a different truth. In contractor procurement, that illusion appears when the supplier sends certificates, but the site cannot confirm competent supervisors, task-specific controls, emergency arrangements, or subcontractor management.

Use a red-yellow-green rule. Red means the bidder cannot proceed because legal duty, competence, insurance, or critical controls are missing. Yellow means the bidder may proceed only with a mobilization action plan. Green means the bidder meets the minimum standard and can be compared commercially. This protects the buyer from treating safety as a score that can be averaged away.

4. What belongs in the first 30 days?

The first 30 days should convert contractor categories into risk-based procurement rules. 30 days is enough to classify the top 10 contractor activities and assign mandatory controls if procurement limits the first cycle to high-exposure work rather than every supplier in the database.

The common trap is to ask every supplier for the same safety packet. A catering provider, a scaffolding company, a chemical-cleaning contractor, and a lifting contractor do not create the same exposure. The rulebook should change by work category, because generic prequalification rewards document volume instead of field capability.

Start with the activities that can create fatal or life-altering exposure: confined space, energized work, lifting, work at height, hot work, mobile equipment, chemical handling, and excavation. For each category, write the minimum competence evidence, method-statement expectation, supervision ratio, emergency requirement, and stop-work trigger. Where contractor interfaces are central, link procurement rules to the contractor site representative plan.

5. How should procurement write the scope of work?

Procurement should write the scope of work so risk controls are priced, staffed, and scheduled before the contractor reaches the site. A scope that says "perform maintenance safely" is not a safety requirement; it is a vague instruction that forces the field team to negotiate controls under deadline pressure.

ISO publishes ISO 45001:2018 as the occupational health and safety management-system standard that connects procurement, contractors, and outsourced processes to OH&S control. Those requirements matter because the organization remains responsible for controlling external work that affects its management system.

The scope should include 8 safety-critical details: work boundaries, energy sources, simultaneous operations, permit requirements, competence requirements, equipment standards, emergency response, and verification hold points. In more than 250 cultural transformation projects, Andreza Araujo observes that controls fail when leaders assume contractors will infer what the client never specified.

6. What should change in months 2 and 3?

Months 2 and 3 should move procurement from prequalification to field verification, because a contractor approved on paper can still fail during mobilization and execution. By day 60, procurement should have a feedback loop that compares bid promises with site behavior, near misses, permit quality, and supervisor presence.

The strongest thesis is simple: contractor prequalification without field feedback becomes supplier theater. The supplier learns which documents satisfy the buyer, while procurement never learns whether those documents predicted competent execution. That gap is where repeated incidents and weak contractor control become normalized.

Create a monthly contractor-risk review with procurement, EHS, operations, and contract owners. Review no more than 5 contractors per meeting, and focus on evidence: permit defects, overdue corrective actions, unplanned subcontracting, supervision gaps, and critical-control failures. For complex networks, compare the pattern with the contractor risk visibility case, where leadership had to see contractor exposure across many locations rather than one site at a time.

7. Which common mistakes derail contractor safety procurement?

The most common mistakes are treating safety as a bid attachment, accepting generic certificates, compressing mobilization after the award, and letting subcontracting happen without client visibility. 4 mistakes explain many weak contractor programs: late EHS involvement, weak scope, no field feedback, and no consequence for control failure.

*Safety Culture: From Theory to Practice* (Araujo) reinforces that culture lives in routine decisions. Procurement's routine decisions are visible in bid timelines, award criteria, contract language, escalation rules, and how quickly a buyer challenges a contractor whose low price depends on thin supervision.

Another mistake is using lagging indicators as the main supplier filter. A contractor with no recorded accidents may still have weak controls, poor reporting, or lucky exposure. Ask for task-specific evidence: supervisor competence, method-statement quality, training for the actual crew, equipment inspection, emergency drills, and examples of stopped work.

8. What resources should procurement use after 90 days?

After 90 days, procurement should maintain a contractor-risk dashboard, a prequalification rulebook by activity type, and a quarterly supplier review that includes EHS evidence. The dashboard should not celebrate only spend coverage; it should show control failures, action aging, high-risk work volume, and repeated supervision gaps.

HSE explains that health and safety management follows an ongoing Plan, Do, Check, Act process, including checking whether controls are working and acting when they are not. Procurement can use the same cycle for contractors: plan the scope, buy the control, verify execution, and correct the supplier relationship.

Andreza Araujo's body of work gives procurement a useful filter after the first quarter: compliance is the floor, not the operating reality. Use *Safety Culture Diagnosis: Learn how to do your own* when the organization needs to test whether procurement, EHS, and operations are aligned, and use *Make The Difference: Be a Leader in Health & Safety* when contract owners need stronger field leadership routines.

Comparison: buying documents vs buying controls

Each month without risk-based procurement leaves EHS trying to repair commercial decisions at the gate, while contractors learn that the buyer values documents and price more than verified field control.

Conclusion

A procurement manager's first 90 days on contractor safety should turn supplier selection, scope writing, mobilization, and field feedback into a control system that prevents risk from being purchased into the operation.

If your procurement, EHS, and operations teams need to align contractor safety before the next high-risk contract, Andreza Araujo's team can support the diagnostic, rulebook, and governance rhythm. Start with the consulting paths at Andreza Araujo.