ISO 45001:2018 Standard Requirements and Applicability

Key principles in standard development

1. ISO standards respond to a need in the market
ISO does not decide when to develop a new standard, but responds to a request
from industry or other stakeholders such as consumer groups. Typically, an industry
sector or group communicates the need for a standard to its national member who
then contacts ISO. Contact details for national members can be found in the list of
members.
2. ISO standards are based on global expert opinion
ISO standards are developed by groups of experts from all over the world, that are
part of larger groups called technical committees. These experts negotiate all
aspects of the standard, including its scope, key definitions and content. Details can
be found in the list of technical committees.
3. ISO standards are developed through a multi-stakeholder process
The technical committees are made up of experts from the relevant industry, but also
from consumer associations, academia, NGOs and government. Read more
about who develops ISO standards.
4. ISO standards are based on a consensus
Developing ISO standards is a consensus-based approach and comments from all
stakeholders are taken into account.

ISO 45001:2018 specifies requirements for an occupational health and safety

(OH&S) management system, and gives guidance for its use, to enable
organizations to provide safe and healthy workplaces by preventing work-related
injury and ill health, as well as by proactively improving its OH&S performance.
ISO 45001:2018 is applicable to any organization that wishes to establish, implement
and maintain an OH&S management system to improve occupational health and
safety, eliminate hazards and minimize OH&S risks (including system deficiencies),
take advantage of OH&S opportunities, and address OH&S management system
nonconformities associated with its activities.
ISO 45001:2018 helps an organization to achieve the intended outcomes of its
OH&S management system. Consistent with the organization's OH&S policy, the
intended outcomes of an OH&S management system include:
a) continual improvement of OH&S performance;
b) fulfilment of legal requirements and other requirements;
c) achievement of OH&S objectives.
ISO 45001:2018 is applicable to any organization regardless of its size, type and
activities. It is applicable to the OH&S risks under the organization's control, taking
into account factors such as the context in which the organization operates and the
needs and expectations of its workers and other interested parties.
ISO 45001:2018 does not state specific criteria for OH&S performance, nor is it
prescriptive about the design of an OH&S management system.
ISO 45001:2018 enables an organization, through its OH&S management system, to
integrate other aspects of health and safety, such as worker wellness/wellbeing.
ISO 45001:2018 does not address issues such as product safety, property damage
or environmental impacts, beyond the risks to workers and other relevant interested
parties.
ISO 45001:2018 can be used in whole or in part to systematically improve
occupational health and safety management. However, claims of conformity to this
document are not acceptable unless all its requirements are incorporated into an
organization's OH&S management system and fulfilled without exclusion.
ver 7 600 people die each day from work-related accidents or diseases - that’s over
2.78 million every year*.
The burden of occupational injuries and diseases is significant, both for employers
and the wider economy, resulting in losses from early retirements, staff absence and
rising insurance premiums.
To combat the problem, ISO has developed a new standard,
ISO 45001, Occupational health and safety management systems -
Requirements, that will help organizations reduce this burden by providing a
framework to improve employee safety, reduce workplace risks and create better,
safer working conditions, all over the world.
The standard was developed by a committee of occupational health and safety
experts, and follows other generic management system approaches such as
ISO 14001 and ISO 9001. It will take into account other International Standards in
this area such as OHSAS 18001, the International Labour Organization's ILO-
OSH Guidelines, various national standards and the ILO's international labour
standards and conventions.

WHAT IS ISO 45001?

ISO 45001:2018 is the replacement to OHSAS 18001 and is the international ISO standard for
Occupational Health and Safety Management Systems (OHSMS).

Not only has the standard superceded OHSAS 18001, it makes integration with other
management systems simpler than ever before; because it shares the new common structure
defined by Annex SL, it is directly aligned with the 2015 versions of ISO 9001 and ISO 14001.

You can find more information about this standard and the differences to OHSAS 18001 here
in the NQA ISO 45001 Gap Guide - download HERE.

IMPLICATIONS AND MIGRATION TO ISO 45001

If you have certification to OHSAS 18001 you will need to migrate to ISO 45001 to maintain the
validity of certification.

There is the normal 3 year migration period so there is still time to plan your move over to
ISO 45001.
FREQUENTLY ASKED QUESTIONS
Because ISO 45001 is agreed globally, do you think it will be a 'watered down' version of
OHSAS 18001? No – it is a new standard using an established structure based on an effective
management model, it is designed to be used as part of a business management system.

Legislation Registers / Aspects and Impacts Registers: Is there a minimum requirement for
what they must contain? No – the contents are based on the business activity, geographical location
and local /national enforcement requirements. Each organisation is unique.

NEW TERMS AND DEFINITIONS IN ISO 45001

The new definitions of the terms ‘Risk’, ‘The Worker’, ‘The Workplace’ and ‘Hazard Identification’
may change for the following reasons:

Risk. A universal definition of the term ‘Risk’ is clarified in ISO 45001 as the meaning of this
varies in some countries. The term ‘Hazard Identification’ is covered by the terms ‘risk
identification and ‘risk control’ to ensure we encompass all potential hazards applicable to all
industries and sectors.

The worker. There are differences in the definition of this term and various legal constraints
around this term in different countries – in the context of ISO 45001, ‘The Worker’ is defined as
the person working under the control of the organization and includes subcontractors.

The work place. There are questions amongst organizations regarding what the workplace is, is
it your organization’s site?

SIGNIFICANT BUSINESS BENEFITS

The issue of hazard identification is that it is currently very manufacturing, and hardware
orientated, when more and more of us are working in services. ‘Hazard’ identification, therefore
becomes ‘risk’ identification and ‘risk’ control to ensure we encompass all potential hazards
applicable to all industries and sectors.

If your organization sends people to work at other people’s site, what is your responsibility for
their safety? A universal definition of the term will need to be clarified.

CURRENT ISSUES WITH OHSAS 18001

Outsourcing - What is your responsibility?

What would be the damage to your business reputation if one of your outsourced suppliers or
contractors created a significant OHS incident? ISO 45001 looks to define the answer in a way
that can apply to all sectors and industries.

Worker participation:

There is some clarification required around expectations upon ‘worker participation’ and the
‘participation of worker representatives’ e.g. union and/or employee health & safety reps’
involvement in the day to day operations of the health & safety management system.

While top management will be responsible for setting organizational health & safety policy, they
should be in consultation with union representatives and health & safety personnel.

The International Labour Organization wanted a lot more requirements on this issue. Many
companies do not have any representatives what so ever. If there are no representatives within
an organization, the standard will not force this requirement upon them as it is not a legal
obligation either.

PREPARING FOR THE FUTURE

Charles Corrie’s recommendations to adopters and non-users of OHSAS 18001 health and
safety management systems:

EXISTING USERS – DON’T PANIC!

Many clauses requirements of ISO 45001 are the same or similar to OHSAS 18001 – however
they are presented in a different sequence and may use different terminology

SO 45001 TIMELINE