We were all expecting it; it was finally released last March. ISO 45001:2018 "Occupational Health and Safety Management Systems" is the first international standard on OHS. What are the important points of this standard? What should be remembered? Find some answers in this article.
ISO 45001: a separate standard, a common basis
This is a new, separate standard, not a revision or update based on OHSAS 18001 previously deployed in companies. Its novelty lies in the general spirit of the norm. Where OHSAS 18001 clearly has requirements focused only on the OHS management system, ISO 45001 goes much further. The standard does not appear as a collection of requirements, but centers the OSH culture at the heart of certification. Ensuring safe and healthy workplaces, avoiding work-related trauma and pathologies, and continuously improving OSH performance are the elements expected to be ISO 45001 certified. We can say that we "do not just" make sure that there’s a management system, it is insufficient if the company culture is not clearly focused on OSH.
To the delight of multi-certified, being ISO 45001 certified is not the same as to juxtapose a management system to those already existing. Indeed, the standard was developed using the ISO 9001 and ISO 14001:2015 standards common base. The organization can therefore cross-check certain management elements such as its PDCA approach, its processes, or some of its documented information. OSH is no longer apart, it is an integral part of the certified organization..
Leadership in the spotlight
As with these other standards,ISO 45001 places leadership as the cornerstone of the management system. Where OHSAS 18001 only focused on management commitment, ISO 45001 requires commitment and participation from all levels and functions. Among other things, it introduces management’s requirement to protect every worker who ever reported adverse events, dangers, risks or opportunities. In short, the management "is no longer satisfied" to sign the OSH policy, it must reliably embody it.
ISO 45001: the latest news
The main novelty due to the use of the common core to other ISOs is for the organization to put itself in context. For this, it must determine its internal and external issues, its stakeholders (other than workers) and the scope of application of its management system. The latter is therefore expanded in ISO 45001. The multi-certified are already compliant at least in part for this requirement. But beware, what has been defined for Quality or Environmental issues will not necessarily be valid or sufficient for Occupational Safety and Health. It will be necessary to remain vigilant and to ask the right questions again to make sure that the context is complete.
The novelty that "everyone is talking about" is the obligation for the organization to consult and involve all workers and their representatives, if they exist, in the decision-making about OSH. OHSAS 18001 addressed this notion but was vague about it. It was simply asked to involve all workers and to consult all subcontractors. ISO 45001 also places special emphasis on non-supervisory workers for whom it seeks consultation for nine of its paragraphs and participation for seven more of its paragraphs. It involves all hierarchical levels by defining clear expectations and requirements in this regard.
Last big novelty, the OSH management system is no longer limited to taking into account risks and dangers, it also takes into account opportunities. It is therefore the responsibility of the organization to identify the hazards and assess the risks and opportunities for OSH. Although this point is also common to other ISOs, the ISO 45001 standard does not mention SWOT, but mainly considers opportunities to improve OSH performance and those aimed at improving the OSH management system. As for the context, the multi-certified can no longer be satisfied with the existing one. The evaluation of opportunities will have to be reviewed to accommodate OHS. Unlike the ISO which quickly addressed risks and hazards in a single paragraph, each point is detailed here in a separate paragraph with detailed requirements. Moreover, the norm takes the opportunity to claim a specific process for opportunities.
More generally, the ISO 45001 standard eventually takes up all the points dealt with in the OHSAS 18001, by adding some novelties but especially by developing almost all the points of the OHSAS. The paragraphs are redrawn to be accompanied by precise expectations and requirements for each subject. This is the case for operational activities, for example.
After reading the standard, I had mixed feelings. First, I had a concern about the great novelty of this standard, the consultation and the participation of all workers and their representatives. I think that, just like me, many people will ask the same question: integrate them, sure, but how? They will then realize, just like I did, that the standard does not impose a specific format. Each organization will be able to come up with the means that it considers relevant and appropriate to suit the constraints and specificities of this new standard.
The second feeling was satisfaction. Indeed, we can say after reading it that all subjects are discussed and that for many of them, specific frames and instructions / directions are given. Also, after a careful reading of the standard, I think everyone is holding the cards to carry out their certification project.
With an announced goal of 3 years to pass ISO 45001:2018 certification, organizations have time, but be careful not to let others catch up with you! It's better to start the transition or start the project right now to make sure you meet deadlines. On your marks ... get set ! Go!