ISO 45001:2018, published on 12 March 2018, is the new international standard concerning the management of occupational health and safety, which take a top-down approach to the management of safety risks. The new standard is applicable to all organizations, regardless of size, industry or nature of business, it is formed to be integrated into an organization’s existing management processes and follows the same structure as other ISO management system standards (ISO 9001 for quality management and ISO 45001 for environmental management).
ISO 45001 will help the organizations not only to manage their OH&S risks and improve their OH&S performance by developing and implementing effective policies and objectives, but also to reduce workplace incidents and the cost of insurance premiums. Moreover, it focuses on the creation of a health and safety culture and aims to improved staff morale, respecting legal and regulatory requirements. By these practices the organizations obtains a good reputation as well.
ISO 45001 Key Changes
ISO 45001 replaces OHSAS 18001 and is a fact that compared to the previous one, it makes it easier to implement and integrate to management system, providing high value for users. Operators which are already applying OHSAS 18001, will recognize most of the requirements in ISO 45001. However, they should be aware of a few changes from OHSAS 18001 (as shows the table in Annex I) that need preparation in order to migrate and comply with ISO 45001.
Key changes affect:
• The Organizational Context (Chapter 4.1) The organization should identify both external (technological, economic, legal and other social factors) and internal (culture, knowledge, values and performance) issues that introduce new clauses for systematic determination and monitoring of the business context.
• The needs of interested parties & worker participation (Chapter 4.2) The standard requires to understand the needs and expectation of stakeholders appropriate to the business and also to consider worker participation and consultation.
• Leadership (Chapter 5.1) This clause requires more commitment and involvement from the top management in identifying work-related health & safety risks and integrating OH&S requirements into its business processes.
• Hazards Identification – Risk Management (Chapter 6.1) Organizations should manage and take actions to address any risks or opportunities that may affect the ability of the management system to deliver the intended results.
• Objectives and performance (Chapters 6.2) Focus on objectives as guidance for improvements and evaluation of performance.
• Documented information (Chapter 7.5) All documented information (both documents & records), which includes electronic and process information, should be controlled and managed.
• Outsourcing, Procurement & Contractors Management (Chapter 8) Outsourced processes that has the potential to impact OH&S Management system should be controlled and managed. The OH&S risks that arises should be maintained and controlled.
• Continual Improvement (Chapter 10.2) The standard requires the business to change by taking proactive measures as part of the continual improvement and risk management.
Key role of the representative
The organization has to appoint a “management representative”, who has the responsibility and authority to:
- Ensure that processes of the OH&S management system are established and maintained
- Report to supervisors and to top management on the performance of the management system, including needs for improvement dangerous situations so that corrective and preventive action can be taken
- Report concerns to responsible authorities as required without the threat of dismissal, discipline or other such reprisals.
The persons assigned these roles should be competent and have sufficient access to, and encouragement from, top management authority and resources to keep top management informed of the status and performance of the OH&S management system and whether the OH&S management system conforms with the requirements of this International Standard.
Although certification to ISO 45001 is not a requirement, the implementation of the new standard is recommended for the operators, as it is a useful tool to demonstrate that the company meets these criteria. Operators who are already certified to OHSAS 18001, although it is a very different standard, they will be able to use some of the tools and systems they have already acquired from the previous standard, to implement the new.
There will be a three-year transition period from OHSAS 18001 to ISO 45001 that starts by the time the new standard is published for use (12 March 2018). The company will have an assessment by their certification body, against the new standard.
Recommended Actions for Implementation
Before starting the transition to ISO 45001, the organizations certified with OHSAS 18001 should first carry out a gap analysis, to verify the elements that already have and those that it is needed to focus on.
For those considering to implement ISO 45001, there are some important actions they should take first:
- Conduct an analysis of company’s context which will highlight the internal and external factors that affect the business and are relevant to OH&S.
- Understand the needs before finally decide the actual scopes and aims implementation of the standard.
- Determine resource gaps which need to be addressed before the implementation of the standard.
- Make clear the OH&S policies and concentrate on the set objectives.
- Perform a good planning and then communicate to other employees the way it is best to achieve the implementation of the new standard.
These actions can be managed and guided by an Occupational Health & Safety Manual, containing important information, which also would demonstrate the company’s polices relevant to OH&S, scopes and aims of the standard and assessments for safe approaching of risks and standards.