- Provide safe and healthy working conditions to prevent work-related injury and ill health;
- Satisfy applicable legal requirements and other requirements;
- Control OH&S risks by using a hierarchy of controls;
- Continually improve the OH&S management system to enhance the organization’s performance;
- Ensure the participation of workers and other interested parties in the OH&S MS.
The prospective users of the ISO 45001 standard
- Leadership and commitment of top or senior management;
- Promotion of a healthy and safety culture within the organization;
- Participation of workers and/or other representatives in the OH&S Management System;
- Identification of hazards and control of risks;
- Allocation of the necessary resources;
- Integration of the health and safety management system into appropriate processes;
- Alignment of the health and safety policies with the strategic objectives of the organization;
- Continuous evaluation and monitoring of the health and safety management system in regards to performance improvement.
Principally, twenty-five years of experience went into the previous OHSAS 18001 standard and ISO 45001 capitalizes on this learning with the support of the International Labour Organization (ILO). The ILO has given its expertise on the subject and has provided very important insights on the standard.
The case of Cameroon
Overview of ISO 45001
- establish, implement and maintain an OH&S Management System to improve occupational health and safety, eliminate or minimize OH&S risks (including system deficiencies), take advantage of OH&S opportunities, and address OH&S Management System nonconformities associated with its activities;
- continually improve its OH&S performance and achieve its OH&S objectives;
- assure itself of the conformity to the OH&S policy;
- demonstrate conformity with the requirements of this International Standard.
What is an Occupational Health and Safety Management System (OH&S MS)?
Key Clauses of ISO 45001
Clause 4: Context of the organization
- The needs and expectations of workers and other interested parties;
- Determining its scope in terms of organizational units, functions, and physical boundaries;
- The effect of its activities, products, and services;
- Applicable legal, regulatory and other requirements to which the organization will comply.
The standard defines “interested parties” as a “person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity.”
Clause 5: Leadership and worker participation
Consultation and participation of workers
- Hazard identification;
- Risk assessment and determination of controls;
- Incident investigation;
- Development and review of the OH&S policies and objectives;
- Consultation and representation on OH&S matters;
- Consultation with contractors, when there are changes that affect their OH&S.
Clause 6: Planning
- OH&S hazards and their associated risks, and opportunities for improvement;
- Applicable legal requirements and other requirements;
- Risks and opportunities related to the operation of the OH&S Management System that can affect the achievement of the intended outcomes.
Clause 7: Support
Successfully managing an Occupational Health and Safety Management System relies heavily on having the necessary resources for each task. This includes having competent staff with the appropriate training, support services, and with effective information and communication means.
- On/about what to inform?
- When to inform?
- Who to inform?
- How to inform?
- How to receive and maintain documented information and how to respond to relevant incoming communications?
Respectively, the terms ‘document and record’ became obsolete in the new standard, which uses the term ‘documented information’ instead, for the purpose of maximizing the confidence to share information through any media.
Clause 8: Operation
Clause 9: Performance evaluation
The organization must establish a system that involves the monitoring, measurement, analysis and evaluation of its OH&S performance. It should decide what to measure and how, for instance, accidents or worker competence. Moreover, internal audits must be established along with regular management reviews, in order to see the progress made towards the achievement of OH&S objectives and the fulfillment of ISO 45001 requirements.
Clause 10: Improvement
The organization should react accordingly to nonconformities and incidents, and take action to: control, correct them, cope with their consequences, and eliminate their source so as to prevent recurrences.
Integration with other management systems
- Reduce risks and increase profitability, thus improve competitiveness
- Harmonize and optimize practices
- Eliminate conflicting responsibilities and relationships
- Balance conflicting objectives
- Formalize informal systems
- Reduce duplication and therefore costs
- Ensure the sustainable success of the organization
- Focus on business goals
- Ensure consistency
- Improve communication
- Facilitate training and awareness
List of documents required by ISO 45001:2018
The ISO 45001 standard provides us with some insight about what documents are required. Compared to OHSAS 18001, there are not too many changes, but the documentation requirements are easier to manage, following the logic of the new versions of other ISO standards. Of course, the standard does not explicitly mention documents and records, but uses the term “documented information.”
The following represent a list of documents that you need to maintain in order to comply with ISO 45001:
- The scope of the OH&S MS (clause 4.3)
- OH&S management system (clause 4.4)
- Leadership and commitment (clause 5.1)
- OH&S policy (clause 5.2)
- Organizational roles, responsibilities and authorities (clause 5.3)
- Actions to address risks and opportunities (clause 6.1)
- Assessment of OH&S risks and other risks to the OH&S management system (clause 126.96.36.199)
- Determination of legal requirements and other requirements (clause 6.1.3)
- Planning to achieve OH&S objectives (clause 6.2.2)
- Competence (clause 7.2)
- Communication (clause 7.4)
- Operational planning and control (clause 8.1)
- Contractors (clause 188.8.131.52)
- Emergency preparedness and response (clause 8.2)
- Monitoring, measurement, analysis and performance evaluation (clause 9.1)
- Evaluation of compliance (clause 9.1.2)
- Internal audit (clause 9.2)
- Management review (clause 9.3)
- Incident, nonconformity and corrective action (clause 10.2)
- Continual improvement (clause 10.2)
Other supporting documents
- Procedure for determining the context of the organization and interested parties (clauses 4.1 and 4.2)
- Procedure for identification and evaluation of OH&S management system risks and opportunities (clauses 6.1.1 and 6.1.2)
- Procedure for competence, training and awareness (clauses 7.2 and 7.3)
- Procedure for communication (clause 7.4)
- Procedure for document and record control (clause 7.5)
- Procedure for internal audit (clause 9.2)
- Procedure for management review (clause 9.3)
- Procedure for management of nonconformities and corrective actions (clause 10.2)
The standard also emphasizes that it is important to demonstrate the effectiveness of the OH&S Management System, rather than to simply draft endless theoretical procedures.
ISO 45001 – The benefits of using this standard
Organizations will have a wide range of benefits from using this standard, including:
- Globalization: ISO 45001 puts your organization in an elite category of businesses, as it is an internationally recognized standard.
- Improvement in business performance: The implementation of an Occupational Health and Safety Management System based on ISO 45001 reduces workplace illnesses and injuries, and, in turn, increases productivity.
- Best practice creation: It provides consistency and establishes “best practices” for occupational health and safety throughout the organization
- Hazard & Risk identification: Conducting risk assessments in a systematic manner, improves the quality of the assessment.
- Lower Insurance premiums: Having a recognized system in place provides an apron for attracting lower insurance premiums.
- Improvements in efficiency: The implementation of an OH&S Management System contributes to the reduction of accident rates, absenteeism levels, and downtime, all of which improve the efficiency levels of internal operations.
- Establishment of a safe working environment: Promotes the safety of all persons being affected by the organization’s activities.
- Monitoring & measurement: Promotes management oversight through the provision of key performance indicators (KPI’s) in the measurement of the Occupational Health and Safety Management System performance levels.
- Focus: A culture that focuses on the “prevention of problems” rather than on the “detection of problems” is much more effective and rewarding to employees.
- Continual improvement: Encourages continual improvement, e.g. the adoption of the “zero accident” concept.
Implementation of the OH&S MS with the IMS2 methodology
PECB has developed a methodology for implementing a management system. It is called the “Integrated Implementation Methodology for Management Systems and Standards (IMS2)” and it is based on best practices. This methodology is based on the guidelines of ISO standards, which also meets the requirements of ISO 45001.
The sequence of steps required in the process may be changed (inverted or merged) to achieve the most suitable outcome. For example, the implementation of the management procedure for “documented information” (2.4) can be completed before “understanding the organization and its needs” (1.2). Many processes are iterative because of the need for progressive development throughout the implementation project; for example, communication and training.
Certification of organizations
- Implementation of the management system: Before being audited, a management system must be in operation for some time. Usually, the minimum time required by certification bodies is approximately 3 months and/or one full cycle of the system.
- Internal audit and review by top management: Before a management system can be certified, it must have had at least one complete internal audit report and one management review.
- Selection of the certification body (registrar): Each organization can select the certification body (registrar) of its choice; however, choosing the right certification body is a very important decision to be made in order to have a credible certification (one that is internationally recognized).
- Pre-assessment audit (optional): An organization can choose to perform a pre-audit to identify any possible gap(s) between its current management system and the requirements of the standard. This can be performed via a Registrar, an independent consulting firm, etc.
- Stage 1 audit: The Stage 1 audit is a conformity review of the design of the management system. The main objective is to verify that the management system is designed to meet the requirements of the standard(s) and the objectives of the organization. It is recommended that at least some portion of the Stage 1 audit be performed on-site at the organization’s premises.
- Stage 2 audit (On-site visit): The objective of the Stage 2 audit is to evaluate whether the declared management system conforms to all the requirements of the standard, and are being implemented in the organization and can support the organization in achieving its objectives. Stage 2 audit takes place at the organization’s site(s) where the management resides.
- Follow-up audit (optional): If the auditee has significant or numerous nonconformities that require additional auditing before being certified, the auditor will perform a follow-up visit to validate only the action plans linked to the nonconformities (usually a half-day remotely or one-day on site).
- Confirmation of registration: If the organization is compliant with the requirements of the standard, the Registrar confirms the registration and publishes the certificate.
- Continual improvement and surveillance audits: Once an organization is registered, surveillance activities are conducted by the Certification Body to ensure that the management system still complies with the standard. The surveillance activities must include on-site visits (at least 1 per year) that allow the verifying of the conformity of the certified client’s management system, which can also include investigations following a complaint, a review of their website or a written request for further information.
Training and certifications of professionals
PECB training courses are offered globally through a network of authorized training providers; they are available in several languages and include the following: Introduction, Foundation, Lead implementer, and Lead Auditor courses. The table below provides a short description of PECB’s official training courses for Occupational Health and Safety Management Systems (OH&S MS) based on ISO 45001.