Q&A: The New ISO 45001 Standard
June 22, 2017 - Kestrel Management
What is ISO 45001?
ISO 45001 is a new international standard created by the International Organization for Standardization (ISO) that specifies requirements for an occupational, health & safety management system (OHSMS). It provides a framework for managing the prevention of death, work-related injury, and work illnesses. The ultimate goal of the standard is to help organizations proactively improve OHS performance and create a safe and healthy workplace.
Note that ISO 45001 provides guidance. It does not state specific criteria for OHS performance, nor is it prescriptive about the OHSMS design. It is a management tool for voluntary use by organizations to minimize OHS risks.
Why Is ISO 45001 necessary?
There are several reasons why the creation of an international standard to manage OHS performance is necessary:
- First and foremost, organizations are responsible for minimizing the risk of harm to all individuals that may be impacted by their activities. The standard aims to protect human lives by encouraging organizations to create a safer, healthier workplace.
- According to the International Labour Organization (ILO), there were 2.34 million deaths worldwide in 2013 as a result of worker activities. The greatest majority (2 million) are associated with health issues, as opposed to injuries. The economic burden associated with this number of occupational injuries and illnesses is significant. Organizations must manage all their risks—including OHS—to survive. Poor OHS management can result in loss of key employees, business interruption, claims, higher insurance premiums, regulatory action, reputational damage, loss of investors, and loss of business.
- Finally, increased globalization creates new OHS challenges. ISO 45001 is an international standard that promotes global conformity.
What are the key aspects of ISO 45001?
Many of the elements of ISO 45001 are the same or similar to those found in OSHAS 18001. However, there are additions and changes in ISO 45001 that differentiate the new standard.
ISO 45001 establishes new roles for the organization’s people. First, it emphasizes worker participation in the OHSMS. This includes ensuring that workers are competent and have the appropriate skills to safely perform their tasks. Second, the role of top management is different than in OHSAS 18001. Of note, a designated Management Representative is no longer required; however, those individuals in management roles are expected to take ownership and demonstrate commitment to OHS through leadership. Top management must demonstrate direct involvement and engagement with the OHSMS by:
- Ensuring the organization’s OHS policy and objectives are compatible with the overall strategic direction of the organization
- Integrating OHSMS processes and requirements into business processes
- Developing and promoting an OHS culture that supports the OHSMS
- Being accountable for the OHSMS’s effectiveness
In addition to people, ISO 45001 follows a risk-based approach that advocates prevention. This requires identifying activities that could harm those working on behalf of the organization. A large part of this involves understanding the “context” of the organization, another new element of ISO 45001. Organizations must be able to identify all external and internal factors that have the potential to impact OHS management objectives and results.
To address risks and opportunities, there are new clauses related to hazard identification, as well. As with other sections of the standard, hazard identification becomes a process rather than a procedure and, importantly, considers all individuals near the workplace who may be impacted by the organization’s activities. ISO 45001 further outlines a more defined hierarchy for organizations to determine appropriate controls.
How does ISO 45001 fit in with other ISO standards and management system approaches?
ISO 45001 follows the same high-level management system approach being applied to other ISO management system standards (e.g., ISO 14001 and ISO 9001)—Annex SL. Because of this, the ISO 45001 requirements should be consistent with the other standards to allow for relatively easy alignment and integration into the organization’s overall management processes.
In addition, ISO 45001 takes into account other OHS standards, including OHSAS 18001, ILO-OSH Guidelines, various national standards, and the ILO’s international labour standards and conventions.
What is Annex SL?
As mentioned above, Annex SL is the structure for all new and revised ISO standards. It defines the framework for a generic management system—and is then customized for each discipline. This standard structure allows for easier integration between management systems and improved efficiencies. The major clauses for all ISO management system standards are identical under Annex SL and fall into the Play-Do-Check-Act (PDCA) cycle. Organizations who have already implemented ISO 9001:2015 or ISO 14001:2015 will be familiar with the Annex SL structure.
The table below outlines the main clauses in Annex SL, as well as the OHSMS-specific clauses. Highlighted areas indicate those sections that are significant changes/additions to the existing OHSAS 18001 standard.
What does this mean for OHSAS 18001?
As outlined in the table above, ISO 45001 does not conflict with OHSAS 18001. In fact, it expands and enhances the existing standard to improve integration of the OHSMS into the overall business. Once it is finalized, ISO 45001 is intended to replace OHSAS 18001. Much like other management system standards, current users of OHSAS 18001 will need to update their systems according to the requirements of the new standard within a three-year transition period.
When will it be finalized?
The current expected publication date is February 2018. Drafts will be available through local ISO members once they reach the public enquiry (DIS) stage and Final Draft (FDIS) stage.
Once it’s published, who should use ISO 45001?
The short answer is everyone. ISO 45001 is designed to be a flexible management system that can be implemented by any organization, no matter the size, type, or industry. As long as the organization has people who may be affected by its activities, an OHSMS has value in ensuring worker health and safety and fulfilling legal requirements.
Why should I do this? Why are management systems like ISO 45001 beneficial?
A management system is the organizing framework that enables companies to achieve and sustain their operational and business objectives through a process of continuous improvement. A management system is designed to identify and manage risks through an organized set of policies, procedures, practices, and resources that guide the enterprise and its activities to maximize business value. There are a number of reasons to implement a management system (see this article: http://kestrelmanagement.com/business-benefits-mgmt-sys/).
What do I do next?
- Get informed! Start reading up on ISO 45001. While the final standard may not yet be published, current versions can provide a good indication of what is to come.
- Identify gaps in your existing OHSMS that will need to be addressed to meet any new requirements. If you don’t have an existing OHSMS, review the requirements and determine what pieces you may already have in place.
- Develop an implementation plan. There is a three-year transition period once the new ISO 45001 standard is published (anticipated February 2018). Plan according to this timeline.
- Provide training. It is vital to ensure that workers and management are engaged in the OHSMS and that they are competent in any new skills/responsibilities that may be required.
- Put your plan into action. Update/develop your OHSMS to meet the ISO 45001 requirements and provide verification of its effectiveness to ensure certification.