Whether you are an employee, a manager or a business owner, you share a common goal – you don’t want anyone to get hurt on the job. Improved productivity stems from ensuring people operate in workplaces that provide transparency and build trust throughout their operation and supply chain. In addition, responsible practices are becoming increasingly important to brands and reputations.

ISO 45001 is the new ISO standard for occupational health and safety (OH&S). It has become one of the most eagerly awaited standards in the world, and is set to drastically improve levels of workplace safety.

Given that ISO 45001 will become part of the business norm, regardless of whether organizations choose to adopt it or not, it’s important for companies to stay abreast of the latest developments. ISOfocus spoke to Kristian Glaesel, Convenor of the working group that developed the new standard, and Charles Corrie, Secretary of ISO/PC 283, to get the low-down on this highly anticipated standard.

ISOfocus: What is ISO 45001?
Photo: C. Corrie
Charles Corrie
Charles Corrie, Secretary of ISO/PC 283, Occupational health and safety management systems.
Photo: K. Glaesel
Kristian Glaesel
Kristian Glaesel, Convenor of the ISO/PC 283 working group that developed ISO 45001.

K. Glaesel and C. Corrie: ISO 45001 is a milestone! As the world’s first International Standard dealing with health and safety at work, ISO 45001, Occupational health and safety management systems – Requirements with guidance for use, offers a single, clear framework for all organizations wishing to improve their OH&S performance. Directed at the top management of an organization, it aims to provide a safe and healthy workplace for employees and visitors. To achieve this, it is crucial to control all factors that might result in illness, injury, and in extreme cases death, by mitigating adverse effects on the physical, mental and cognitive condition of a person – and ISO 45001 covers all of those aspects.

While ISO 45001 draws on OHSAS 18001 – the former benchmark for OH&S – it is a new and distinct standard, not a revision or update, and is due to be phased in gradually over the next three years. Organizations will therefore need to revise their current thinking and work practices in order to maintain organizational compliance.

What are the major differences between OHSAS 18001 and ISO 45001?

There are many differences, but the main change is that ISO 45001 concentrates on the interaction between an organization and its business environment while OHSAS 18001 was focused on managing OH&S hazards and other internal issues. But the standards also diverge in many other ways:

  • ISO 45001 is process-based – OHSAS 18001 is procedure-based
  • ISO 45001 is dynamic in all clauses – OHSAS 18001 is not
  • ISO 45001 considers both risk and opportunities – OHSAS 18001 deals exclusively with risk
  • ISO 45001 includes the views of interested parties – OHSAS 18001 does not

These points represent a significant shift in the way health and safety management is perceived. OH&S is no longer treated as a “stand alone”, but must be viewed within the perspective of running a sound and sustainable organization. That being said, although the two standards differ in their approach, a management system established in accordance with OHSAS 18001 will be a solid platform for migrating to ISO 45001.

Female workers in the Bluefield Tea Factory, Nuwara Eliya, Sri Lanka.

I am certified to OHSAS 18001. How do I begin the migration?

When migrating from OHSAS 18001, several steps must be taken to “prepare the ground”, so to speak, before the new management system itself can be established. If you follow the sequence below, you will be well on your way:

  1. Perform the analysis of interested parties (i.e. those individuals or organizations that can affect your organization’s activities) as well as internal and external factors that might impact your organization’s business, then ask yourself how these risks can be controlled through your management system.
  2. Establish the scope of the system, while considering what your management system is set to achieve.
  3. Use this information to establish your processes, your risk evaluation/assessment and, most importantly, to set the key performance indicators (KPIs) for the processes.

Once you have adapted all the data to the tools of OHSAS 18001, you can reuse most of what you already have in your new management system. So, while the approach is quite different, the basic tools are the same.

What do I need to know if I am new to ISO 45001?

The answer depends on how much you know about ISO management systems. ISO 45001 adopts Annex SL, thus sharing a high-level structure (HLS), identical core text and terms and definitions with other recently revised ISO management system standards such as ISO 9001:2015 (quality management) and ISO 14001:2015 (environmental management). If you are already acquainted with the common framework, then much of ISO 45001 will seem familiar to you and you will just need to fill the “gaps” in your system.

If this is not the case, things could be a little more tricky. The standard is not easy to apprehend when you read it as a normal book. You have to realize all the interconnections between the specific clauses. My best advice would be to find a good training course to help you unlock the standard’s full potential. You may also want to consider employing consultancy services to assist you in the process.

I have an integrated system certified to ISO 9001 and ISO 14001. How can ISO 45001 be used with other management systems?

ISO’s common framework (the aforementioned HLS) for management system standards was deliberately developed to facilitate the integration of new management topics into an organization’s existing management systems. For example, ISO 45001 is based fairly closely on ISO 14001 as we are aware that many organizations combine their OH&S and environmental functions internally.

How will ISO 45001 be used?

We predict that most organizations will use ISO 45001 to establish an effective OH&S management system, and just a few will want the extra recognition that comes with certification. There is no requirement to certify to an ISO management system standard. Simply having a formal management system in place will bring many benefits of its own through enforcing best practice. Certification is merely an added endorsement that demonstrates to external parties that you have achieved full compliance with a specific standard.

The benefits of ISO 45001 are endless when implemented correctly. While the standard requires that OH&S risks be addressed and controlled, it also takes a risk-based approach to the OH&S management system itself, to ensure that it is effective and that it is being continually improved to meet an organization’s ever-changing “context”. Moreover, it ensures compliance with current legislation worldwide. All these measures combined can establish an organization’s reputation as a “safe place to work”, bringing a host of corollary benefits, from reducing insurance costs to improving employee morale – all while continuing to meet your strategic targets.