Our lowdown on the new standard replacing OHSAS 18001
Unless you’ve been hiding under a rock, you’ll know that a new international standard – ISO 45001 Occupational Health and Safety Management Systems (45001) – will soon replace the British Standard OHSAS 18001. You need to prepare for ISO 45001 now, as publication of the new standard is expected early in 2018.
Here’s our lowdown on the reasons behind the revision, some of the key changes you need to be aware of, and what you can do to prepare for ISO 45001.
Why revise 18001?
18001 is a British Standard that has been adopted worldwide. Organisations in over 100 countries use this certification, demonstrating the need for a standard meeting international requirements.
The structure and format of ISO 45001 will be based on Annex SL, like many other risk management ISO standards to which your organisation may be certified – ISO 14001 (Environmental Management Systems) and ISO 9001 (Quality Management Systems), for example. If your health and safety management system is not yet certified, the new structure of ISO 45001 will mean seamless integration to your current suite of risk management standards and day to day operations.
ISO 45001: what are the key changes?
In addition to ISO 45001 following the structure of Annex SL, another new requirement is understanding of the context of your organisation. In practice, this means you need to consider factors, both external and internal to your organisation, that can influence your organisation and the operation of the management system itself.
Considering organisational context
External factors could include industry regulators, insurers, technological developments, worker unions and legislative requirements. Internal factors could include your organisation’s structure, culture, employee demographic, competence, and internal employee consultation groups.
Leadership, commitment and planning
When you prepare for ISO 45001, another new requirement concerns leadership and commitment: top-level management must play a clear, demonstrable and visible role in health and safety. This could be by participating in workplace initiatives and working to influence and improve worker culture and consultation, for instance.
The planning stage also has more emphasis on consultation and participation. It includes a requirement to involve workers in the planning, implementation and improvement of your management system.
Identify risks and opportunities
In another new clause, risk and opportunities, ISO 45001 will require you to identify:
- Risks to the health and safety management system
- Methods employed to effectively manage risks, and
- New opportunities to contribute to the overall improvement of the management system.
Risks to consider can be drawn from factors influencing the context of your organisation discussed above i.e. structure changes, legislative amendments, financial changes and even the loss of competent people who maintain the management system.
Hierarchy of control
OHSAS 18001 required organisations to consider a hierarchy of control when implementing risk control measures. Now, ISO 45001 has an explicit requirement for organisations to use a hierarchy of controls, in order of their preferred use (elimination, substitution and so on), as a specific clause for risk management.
Clauses covering control of documents and records in OHSAS 18001 have now been combined into a single ‘Documented information’ clause. This means that documents, templates and records relating to your management system are now subject to the same requirements for creation, authorisation, retention and control. The new clause also covers information used by your organisation to operate, regardless of its format, media or source.
Internal audit requirements in ISO 45001 remain largely unchanged: you still need to develop an audit schedule and select suitable, competent and impartial auditors. However, there is increased emphasis on audit objectives, and you’ll now be required to communicate the results of audits to interested parties such as workers, and take corrective action to address nonconformities.
The term preventive action (to prevent an occurrence of an incident or nonconformity) no longer exists in ISO 45001. Preventive action should now be addressed by using the hierarchy of controls mentioned earlier in this article. Corrective action (to prevent reoccurrence) remains, and only corrective actions are required for both incident investigation and where nonconformities are identified.
Definitions that you may be used to in OHSAS 18001 will change to accommodate international understanding. For example, the definition of ‘workplace’ will be expanded to incorporate workplaces other than your organisation’s main site (think client sites and home workers). The term ‘worker’ will be introduced, and will clearly cover permanent and temporary employees as well as any other worker your organisation has some degree of control over, such as contractors.
Plan. Do. Check. Act.
ISO 45001 will continue to follow the Plan, Do, Check and Act (PDCA) structure we are all familiar with. Here’s how 45001 relates to each stage of PDCA.
How to be ready for ISO 45001 – and how we can help
Firstly, don’t panic! If you’re already certified to OHSAS 18001, you’ll be familiar with many requirements that remain, such as having policies and objectives, internal auditing and carrying out management reviews. You’ll also have a three-year transition period to move to ISO 45001.
If you’re looking to gain certification to OHSAS 18001, planning for transition to or wishing to certify or align to ISO 45001, there are many ways in which our expert consultants can help:
Our gap analysis process will help you understand your current position and identify areas of improvement. Our audits can be purely based on your management system documentation, a physical site visit to determine how effective your management system is, or a combination of the two.
Top level management briefings
We can host senior management briefings to help you gain buy-in from your top level management team, in support of your aims.
Our expertly run planning workshops will help you:
- Determine the context of your organisation.
- Identify interested parties, their needs and expectations, and how they can impact the management system outcomes.
- Identify risks and opportunities.
Already certified? We can provide you with a wide variety of top notch operational support, to help you stay that way. We can:
- Maintain your organisation’s legal register.
- Develop and maintain an organisation-wide training needs analysis and communications plan, to evidence competence and awareness.
- Deliver your training needs.
- Support your internal auditing needs and act as competent, independent auditors.
Certification and audit support
Your certification audits should still be carried out by an external certification body, however we can support and attend these audits to see you successfully through the certification process to ISO 45001.
Attend our ISO 45001 seminar/webinar event
We’re busy planning a free seminar/webinar to help organisations prepare for ISO 45001. If this would be useful for you, drop us a line and we’ll make sure you’re the first to receive details of the event, once finalised.