Join us in this two-part blog series all about ISO 45001. In part one, you will learn what is ISO 45001, as well as how it differs from OHSAS 18001. In part two, dive into how to become ISO 45001 certified. Let’s get started with part 1 below!
Do you know the costs of work-related diseases and accidents in your organization? According to the International Labor Organization (ILO), over 7,600 people die each day from work-related accidents or diseases. This adds up to over 2.78 million every year! The human cost is vast, with the economic burden of poor occupational health and safety practices estimated at 3.94 per cent of global Gross Domestic Product each year.
So, what is ISO 45001? ISO 45001 is an international standard that can help you reduce the number of accidents in your organization. It provides a proven framework to implement effective Occupational Health and Safety (OH&S) management systems. Organizations demonstrate their commitment to protecting the health and safety of employees by implementing this standard. As an added bonus, this will also help to improve your business processes (and who wouldn’t want to be more efficient!).
The bottom line: Implementing the ISO 45001 framework could help you protect your people and your business.
And this is how to do it.
Let’s start at the very beginning. If you want to manage health and safety well, you need to start with a systematic framework. The ISO 45001 Standard is an ISO international standard providing this framework.
ISO 45001 helps any type of organization prevent work-related deaths, injuries, and illnesses which is every health and safety professional’s top priority. It also helps organizations stay compliant with legal requirements, systematically improve safety performance, and reach set OH&S objectives.
Although an external audit of your safety management system isn’t mandatory, it’s the only way to ensure certification. Alternatively, you can choose Self-Declaration of Conformance, to avoid the associated costs of certification. But it’s important to note, business partners may require or prefer suppliers and contractors who hold an ISO 45001 compliant OH&S certificate.
The main objective of ISO 45001 is to ensure organizations can provide a safe and healthy working environment for their employees. The standard covers areas such as risk assessment, training, emergency preparedness, monitoring and measurement, and more!
It provides guidance on how to design and implement effective OH&S management which aligns with applicable laws and regulations. To gain certification, organizations must demonstrate compliance with all the requirements outlined in the standard.
The standard uses the same high-level structure as the quality management standard ISO 9001:2015 and the environmental standard ISO 14001:2015, as defined in Annex L, formerly known as Annex SL. The high-level structure starts with three introductory information clauses. These clauses are followed by seven clauses based on the Plan – Do – Check – Act cycle as seen below. The PDCA cycle ensures continual improvement of the management system.
Introductory Information
|
Plan | Do | Check | Act |
Clause 1: Scope |
Clause 4: Context of the organization |
Clause 7: Support |
Clause 9: Performance Evaluation |
Clause 10: Improvement |
Clause 2: References (to associated guidelines) |
Clause 5: Leadership and worker participation |
Clause 8: Operation |
||
Clause 3: Terms and definitions |
Clause 6: Planning |
|
You might be wondering how ISO 45001 is different from OHSAS 18001. ISO 45001 focuses on processes, the organization as a whole, and different stakeholders. It also emphasizes both risks and opportunities, while OHSAS 18001 is procedure-based, does not consider interested parties outside the organization, and deals exclusively with risk. OHSAS 18001 was also retired in 2021, so most organizations follow ISO 45001 regulations.
ISO 45001 requires organizations to identify the potential hazards in the workplace and then develop strategies to mitigate those risks. This includes assessing the risk level associated with each hazard. Additionally, procedures must be developed to reduce or eliminate that risk.
Organizations that have achieved ISO 45001 certification will have improved processes for risk management. This will result in fewer accidents, injuries, and fatalities in the workplace.
Clause 4 of the ISO 45001 standard contains a requirement related to the context of the organization. The context of the organization refers to the elements that are relevant to the organization’s purpose. These elements can either positively or negatively impact the intended results of your OH&S management system.
Examples of these elements include the legal, political or competitive environment, changes in this environment, suppliers, partners, new technologies and/or resources. Not only should the needs and expectations of workers be determined, but also the requirements of other interested parties such as clients, shareholders, suppliers, and people affected by the organization’s activities.
Certification involves implementing the requirements outlined in the standard across all aspects of an organization’s operations.
This includes:
✔ identifying risks
✔ training employees on safety protocols
✔ and much more.
Internal audits must be conducted periodically to ensure the organization remains compliant with the standard’s requirements over time.
The definition of workers in OHSAS 18001 and ISO 45001 also differ. While OHSAS 18001 focused in practice on the employees, contractors, and visitors at the workplace, ISO 45001 includes workers from external providers, contractors, agency workers, and others. This is the extent the organization shares control over their work or work-related activities (Clause 3.3).
Contractors, hired personnel, and even suppliers must be included in safety management as part of the scope. Top management is also defined as workers in the standard.
OHSAS 18001 required that employees only be informed about the organization’s safety policy, legal and other safety requirements, consequences, and their own role. ISO 45001 requires consultation and participation of non-managerial workers. Employers must consider their needs and expectations as well.
ISO 45001 specifies in detail where consultation and participation of workers is required: see clause 5.4. of the standard.
OHSAS 18001 only covers negative risks. Risk in OHSAS 18001 is defined as the combination of probability and consequences of a hazardous event. On the other hand, ISO 45001 defines risk as the effect of uncertainty, which can be both positive and negative.
That’s why ISO 45001 introduces the term occupational health and safety opportunity. This term includes circumstances that can lead to improvement of occupational health and safety performance.
ISO 45001, like OHSAS 18001, doesn’t include product safety, property damage or environmental impact. These elements are beyond the risks to workers and other relevant interested parties. The focus of ISO 45001 remains on occupational risks and opportunities. (See clause 1 of the standard.)
The following are some new or considerably modified clauses in ISO 45001 compared to OHSAS 18001:
Employers must identify all relevant internal and external issues. These issues influence the organization’s ability to achieve its intended performance of the OH&S management system. See Annex A.4.1 for a large list of examples.
The organization shall identify in addition to workers, the other interested parties relevant to the organization’s OH&S management system. Interested parties can be defined as people or organizations that can affect, be affected by, or even perceive themselves to be affected by a decision or activity (Clause 3.2).
Next, identify the needs and expectations of the workers and those parties. Additionally, existing or potential future legal requirements related to those needs and expectations need to be identified. This results in a set of requirements.
The next thing required is documentation. This documentation should include products, services and work-related activities (operations) that can impact the organization’s OH&S performance. Based on the issues, requirements, and operations, the actual scope of the OH&S management system must be documented. The scope must be factual and representative of the organization.
Senior leadership commitment to OH&S management is still more emphasized in the new ISO 45001 standard compared to the OHSAS 18001 standard. A list of senior leadership duties can be found in clause 5.1.
It is summarized as follows:
Top management must be able to provide evidence these duties are fulfilled by showing documentation.
A culture of open communication should be created by top management and supported by middle and lower management. A combination of leadership training, new processes and tools, as well as the removal of barriers to participation will help people in the organization achieve an open and secure safety culture.
This creates an environment where workers can express their views freely, and their input is appreciated. Timely and easily accessible clear information about the OH&S management system must be guaranteed.
This clause sets out a separate list where consultation of employees and worker participation is required. Items where employees might have specific knowledge or experience, which directly affects others, requires their participation. Examples of such items include identifying hazards, investigating incidents, determining control measures, or determining training needs.
The needs and expectations of interested parties, the OH&S policy, organizational roles, etc. (see Clause 5.4) also require consultation of non-managerial workers.