ISO 45001: Understanding the New International Standard for Occupational Health & Safety
Organizations worldwide recognize the need to provide a safe and healthy working environment, reduce the likelihood of accidents and demonstrate they are actively managing risks. ISO 45001 will provide an internationally accepted framework that will help protect employees as well as protect the longevity and health of an organization. The standard is flexible and can be adapted to manage occupational health and safety in a wide range of organizations. ISO 45001 is also based on the ISO High Level Structure (HLS) for management system standards. This article provides you with a summary of the enhanced features of ISO 45001 and references to materials that can help with both understanding and implementation.
Key Requirements of ISO 45001
Clause 1: Scope
This establishes the requirements for the management system and the intended outcomes. ISO 45001 is aimed at not only providing a framework for an occupational health and safety management systems (OH&S MS) but on the explicit prevention of work-related injury and ill-health and the provision of safe and healthy workplaces.
Clause 2: Normative references
There are no normative references. This clause was retained simply to maintain consistent numbering across all ISO management system standards.
Clause 3: Terms and definitions
There are a number of new and revised definitions from OSHAS 18001. Some of the key terms are fundamental to the requirements of the standard – such as “consultation – seeking views before making a decision”.
Clause 4: Context of the organization
New from OSHAS 18001 but part of the HLS, this clause ‘sets the scene’ for the organization and the scope and boundaries for the OH&S MS. Importantly ISO 45001 should be aligned to the strategic direction of the organization, embedding OH&S management into the core business functions, rather than as a stand-alone discipline. Within this clause, the organization has to determine the internal and external factors that may affect its ability to achieve the intended outcomes of its OH&S MS. Externally this may be issues such as socioeconomic and political instability; internally, it may be issues such as restructuring, acquisitions or new products.
The organization is also required to determine the needs and expectations of ‘interested parties’ with regard to the OH&S MS. Those who have an interest in the outcomes of the OH&S MS – workers, shareholders, legal authorities, contractors etc. have to be considered. How could political insecurity or an organizational restructure put workers health and safety at risk? Or provide an opportunity to improve the workplace? The final scope for the OH&S MS must be documented.
Clause 5: Leadership and worker participation
Top management in ISO 45001 are responsible and accountable for the prevention of work-related injury and ill health as well as the provision of safe and healthy workplaces. It should also be noted that leadership and culture is identified as a potential hazard later in the standard (188.8.131.52a). It is also top management that has to ensure that a process for consultation and participation with workers is established. It is also top management’s responsibility to establish, implement and maintain the health and safety policy. The required contents for the policy include elements such as a commitment to consultation and participation of workers. Consultation and participation of workers (including non-managerial workers) is significantly enhanced from OSHAS 18001 which was limited to participation in hazard identification and consultation on changes. In ISO 45001 the organization is now required to provide the mechanisms, time, training and resources for consultation and participation of workers. This includes removing any barriers such as language, literacy or fear of reprisals.
Clause 6: Planning
Alignment to the HLS structure has seen planning split in a slightly unusual way. In order to incorporate the HLS and the aim of the OH&S management system, risk and opportunities has been broken into two elements:
- Assessment of OH&S risks and other risks to the management system
- OH&S risks being the ‘traditional’ likelihood x severity
- Risks to the management system are those more traditionally related to business risk (effect of uncertainty) such as peaks in work flow, restructuring as well as external issues such as economic change
- Assessment of OH&S opportunities and other opportunities to the OH&S management system
- OH&S opportunities are circumstance(s) that can lead to improvement of OH&S performance
This includes adapting work to workers, eliminating hazards and other opportunities for improving the OH&S management system such as implementing ISO 45001. Importantly risks and opportunities shall be determined before planned change. There is also increased emphasis on identifying hazards associated with mental ill-health such as workload, bullying and the leadership and culture of the organization. Additionally the identification of hazards has to start at conceptual design stage as well as the on-going lifecycle of workplace, facility, equipment, processes, activity etc. The principles of horizon scanning are also introduced within this clause.
Clause 7: Support
This clause begins with a requirement that organizations shall determine and provide the necessary resources to establish, implement, maintain and continually improve the OH&S management system. These cover human resources, natural resources, infrastructure and financial resources. ISO 45001 uses the term ‘documented information’, instead of ‘documents’ and ‘records’ as used in OSHAS 18001. This reflects modern types and use of information – cloud based, multi-media etc.
Clause 8: Operation
This clause is significantly enhanced from OSHAS 18001. Not only does it remove the ‘option’ of using the hierarchy of controls, instead making its use a specific requirement, it introduces new sub-clauses on procurement and change. Organization will need to plan how to implement change in a manner that does not introduce new (unforeseen) hazards or increase the OH&S risks, while also identifying the opportunities for improving OH&S performance that the change may enable. The new sub-clause on procurement provides recognition that the risks related to the supply chain are most effectively managed when they are taken into account at the very first stages of procurement – pre-tender and tender. With ISO 45001, organizations have to establish procurement processes that conform to the OH&S MS, including defining OH&S criteria for the selection of contractors. New within this section is outsourcing. A responsible organization will establish control of those outsourced functions to achieve the intended outcomes of the OH&S MS. Controls can include things such as procurement and contractual requirements, training and inspections.
Clause 9: Performance evaluation
The key change here is where in OSHAS 18001 it was a ‘procedure’, in ISO 45001 it now has to be a ‘process’. While the introduction of ‘processes’ is a reflection of the alignment to the HLS, it also reflects that an effective OH&S MS is a continually improving one. A process is a cycle, it should reflect a PDCA (plan, do, check, act) cycle and not be static. Therefore ISO 45001 requires processes for consultation and participation, planning, hazard identification, assessment of risk and operational control. Management reviews have to consider risks and opportunities and trends in aspects such as consultation and participation of workers to ensure it is happening effectively, which is part of their leadership responsibility.
Clause 10: Improvement
Gone from ISO 45001 is the OSHAS 18001 requirement related to ‘preventative action’ because the whole of ISO 45001 is about prevention. Also in this clause is the requirement to eliminate the root cause(s) of incidents and non-conformities reflecting the overall aim of the standard to prevent injury and ill-health and provide safe and healthy workplaces.
BSI (British Standards Institution) works with more than 80,000 clients in 172 countries to help them adopt and cultivate the habits of excellence. Clients are trained and provided with practical guidance for implementation alongside a suite of compliance tools. BSI is assessed and accredited by more than 26 accreditation bodies including ANSI-ASQ National Accreditation Board (ANAB) and United Kingdom Accreditation Service (UKAS). BSI’s influence plays a key role within the International Organization for Standardization (ISO). As one of the founding members, it ensures that international standards address business and societal needs, while delivering real benefits to organizations.