ISO 45001 is designed to replace AS/NZS 4801 and OHSAS 18001 standards for ‘Occupational Health and Safety Management Systems’. The new standard was initially proposed in June 2013. After an extensive consultation process that took into consideration more than 6,300 comments, the ISO released its first draft in January 2016, followed by a final working draft in November 2017. The updated standard was then released in 2018. 

Transitioning to ISO 45001

Businesses that are currently certified to either AS/NZ 4801 or OHSAS 18001 will have three years to migrate their occupational health and safety management system to ISO 45001. Certifying bodies and their auditors will be looking for the below updated requirements to assess the compliance to the standard.

1 – Context of the Organisation

One of the main changes of ISO 45001 is the new standard’s focus on organisational context. In adopting the Annex SL high-level structure, ISO 45001 requires that participants view occupational health and safety management in a broader context, one that includes regulations and governance as well as organisational culture and its impact on all stakeholders, including workers, customers and more. This also aids the integration within existing business practice, rather than being looked upon as a separate function.

Widening the scope of the system considerably, making it easier to integrate health and safety with other goals, including quality, energy management, business continuity and information security.

2 – Leadership and Worker Participation

ISO 45001 requires health and safety to be an organisation-wide concern. It changes several requirements for management participation and engagement to a more general leadership provision — a subtle distinction designed to empower all staff to make safety a priority.

Likewise, communication and documentation take on increased significance. All staff must now be aware of their responsibilities and work together to meet health and safety goals. To facilitate this, organisations will need to set aside adequate resources for worker participation and training on items such as incident reporting, investigations, risk assessment and other tasks that were the exclusive domain of management under the old system.

3 – Health and Safety Planning

ISO 45001 amalgamates several clauses (4.3.1, 4.3.2 and 4.3.3) related to defining objectives, identifying opportunities and managing risk. The new standard addresses opportunities and measures of effectiveness and legislative and common law requirements. 

When setting health and safety objectives, it requires organisations to consider the available resources and identify the responsible staff, timelines and associated metrics for gauging success. These changes require additional documentation, formalising organizational goals and priorities to a greater extent than the previous standards.

4 – Support

Section 7 of ISO 45001 revises several of the support provisions found in the previous OHSAS 18001. It abandons many procedural requirements in favour of more extensive documentation. There is also an increased emphasis on communication. ISO 45001 mandates that communication objectives be defined and measured for their effectiveness. This is related to a renewed focus on awareness, in which managers must communicate with workers on policies, risks and hazards, as well as the results of any accident investigations and other official inquiries and potential changes.

5 – Operation

ISO 45001 introduces several new requirements under the general operation section of the standard. Section 8.1.2 arranges risk management principles according to the hierarchy of control. The heriarchy of control requirements can be located in ISO 31000 ‘Risk Management Systems’. It also identifies potential sources for operational change and outlines their occupational health and safety requirements. These may include new personnel or equipment, changing working conditions, new regulatory requirements and more.

Other new provisions strengthen requirements related to outsourced tasks and procurement processes, as well as controls and communication when working with internal and external subcontractor workers, stakeholders and shareholders. Additionally, ISO 45001 features an expanded section on emergency preparedness and response.

In ISO 45001, an activity’s operational controls must be able to accommodate both new and existing hazards and risks. As a result, the overall occupational health and safety management system becomes more versatile and resilient.

6 – Performance Evaluation

ISO 45001 strengthens, expands or modifies many of the outgoing standard’s requirements for evaluation. Performance and monitoring results must now be documented information. As part of the new emphasis on organizational context, these benchmarks should consider additional factors such as legal requirements, risks, opportunities and objectives.

ISO 45001 also includes more detailed requirements for regulatory compliance and internal and external auditing. These changes are designed to actively engage workers organisation-wide.  In addition, relevant workers are required to know the organisation’s current compliance status, whilst management must inform workers and relevant interested parties of audit results. The new standard also expands the scope of management review to include risks and opportunities, including their assessment and control.

7 – Improvement

Continual improvement is one of the core facets of every ISO system. ISO 45001 further refines this. In it, occupational health and safety management systems must identify and respond to non-conformity with action. The new standard abandons the idea of preventive action as a distinct concept. Instead, prevention becomes a fundamental requirement of the system in its entirety.

ISO 45001 Gap Analysis Audits

If your organisation is already AS/NZS 4801 or OHSAS 18001 certified, in preparing for ISO 45001 is to complete a gap analysis that measures compliance to each of the above areas; identifying where changes are needed. The Work Health and Safety Experts can provide consultants in assisting organisations transitioning to ISO 45001 consulting. Please feel free to get in touch for any further information.