With the intended outcome of providing and improving a safe and healthy workplace for workers and persons under an organisation’s control, ISO 45001 provides a structured framework for managing the prevention of work-related injury and ill health. This standard is intended to help organisations, regardless of size or industry, in designing systems to proactively prevent injury and ill health. All its requirements are designed to be integrated into an organisation’s management processes.
ISO 45001 will adopt a new high-level structure that is common to ISO 9001, ISO 14001, ISO 27001, and so on
Points of difference from OHSAS 18001
ISO 45001 mainly concentrates on the interaction between an organisation and its business environment while OHSAS 18001 was focused on managing OH&S hazards and other internal issues. This structure aims to facilitate the implementation process and the integration of several management systems in a consistent, structured and effective manner. Some of listed standards diverge as given in the following:
ISO 45001 is process-based.
ISO 45001 is dynamic in all clauses
ISO 45001 considers both risk and opportunities
It provides recognized standards towards which conscious and aware organizations can aim, plan, prepare state-of-art OHS Management System, implement and mature it – and finally get assessed and certified. This is a methodology-based standard adopting a P-D-C-A (Plan-Do-Check-Act) cycle and growing into a positive spiral of continuous Risk reduction and benefitting the plant with continuous improvement. Some of the newly made changes, additions and specific requirements as mandated under ISO 45001 are provided below:
(Readers please take note that the description provided below, only includes new clauses that have been added, in contrast to OHSAS 18001, under the Shewart cycle)
Clause 4. Context of the organization
This is a completely new requirement; the organization will need to determine the external and internal context that affects the organization and its OH&S management system.
Interested parties are mentioned several times in OHSAS 18001, but there were no explicit requirements for identification of their needs and expectations. Furthermore, ISO 45001 distinguishes workers from other interested parties to emphasize their importance.
Clause 5. Leadership and worker participation
ISO 45001 does not require the organization to appoint a member of the top management to be responsible for the OH&S management system. The main difference is that the new standard does not require appointing a management representative.
Clause 6.1 Actions to address risks and opportunities
This is a completely new requirement compared to OHSAS 18001. When planning the OH&SMS, the organization will need to determine the risks and opportunities affecting the organization.
Risks related to the OH&S management system are a new requirement compared to OHSAS 18001; this clause covers not only hazard-related risks but also risks regarding legal and other requirements and overall context of the organization. Opportunities are only mentioned in ISO/DIS 45001, and this sub clause defines what kind of opportunities must be addressed.
Clause 7.5 Documented information
Documents and records now belong to the same category – documented information.
Clause 10 Improvement
Under this improvement clause, sub clause of incident, nonconformity and corrective action and continual improvement has been incorporated. Also, incident investigation is merged with nonconformities and corrective actions. The new standard points out the need to use all available information for continually improving the OH&S management system.
In spite of these changes, the overall aim of ISO 45001 remains the same as OHSAS 18001, which is to reduce unacceptable risks and ensure the safety and wellbeing of everyone involved in an organisation’s activities.
Procedure of transition of the management system
The following four steps should be taken to ensure transition to the new ISO 45001
- to understand the requirements of the new ISO 45001 standard
- to identify gaps in the system through gap analysis
- to determine the implementation approach (e.g. project plan. Internal audits)
- to prepare for recertification
Three years after the publication of ISO 45001, the OHSAS 18001 will be withdrawn and will no longer be valid. Until then, all requirements must be checked by the certification body i.e. a corresponding audit must be conducted for the conversion.
NOTE: A similar version of this article appears in the latest issue of B-Proactive Magazine titled “OHS Management System to comply now with latest 45001:2018 in place of OHSAS 18001:2007”