Health and Safety Management System
ISO has recently published the 45001 standard to help organisations improve their health and safety performance by creating safer work conditions, where injuries and diseases are prevented, and lives are saved.
ISO 45001 is a fresh answer to the old world scale concern about health and safety at work. It wants to put health and safety at the core of the business strategy and change the way both employees and employers think of the well-being at work.
Up to 90 experts worked together for five years, and their work resulted in the first international occupational health and safety standard that specifies requirements for an occupational health and safety management system (OHSMS), to enable an organisationto proactively improve its OH&S performance in preventing injury and ill-health.
This standard shares many basic ideas about safety with the previous ones but separates itself from the others by taking a new perspective towards the biggest occupational safety challenges that make it difficult for a company to protect its people.
People keep organisations alive with their work, commitment, and motivation. The existence of any business depends on its employees; this is a fact that will never change. Therefore, it is fair to say that the first responsibility of any organisation towards its people is to keep them safe and send them to their families in full health. However, statistics tell another story.
Data shows that each year over 2.78 million people loses their lives just because they’re doing their job; this number is more than half of the population of Sydney. Yet many more people are suffering from work-related diseases and injuries that can change their lives forever. This is why health and safety at work have been the common concerns of businesses around the globe for many years now.
Organisations needed guidelines to show them the best way of protecting their workers. This demand for safety guidelines led to various occupational health and safety standards.
However, there was still room for another standard to improve occupational safety and consider new changes in the business environment. A new standard that goes beyond basics and integrates into the overall business process of companies.
ISO stepped in to fill the gap and provide organisations with a new exciting opportunity to make their environment a safer and better place for work.
Members of ISO health and safety committee wanted to create a standard that could make a real difference in health and safety at work. To do so, the standard had to be capable of dealing with safety challenges standing in the way. By going through the standard requirements, we can say that ISO 45001 has been able to target the most critical safety challenges and provide organisations with different tools to overcome them.
Without prevention, any system would be just a reactive machine that is concerned with treatment and rehabilitation. However, this is a matter of life and death so a successful OHSMS should be more lined towards preventing and proactive actions. While the proactive approach to safety saves more lives, it also tends to be less costly, and in long time, it can help the organisation’s bottom line.
Given all that, ISO 45001 puts a strong emphasis on identifying and controlling hazards and risks to avoid accidents or any threat to the people’s health and safety. The standard makes a comprehensive effort to address all the activities or elements that could harm people in order to prevent safety issues in the first place.
ISO realizes that among the different management systems in an organisation, health and safety system is the first one that needs the greatest amount of proactivity; otherwise, the results could be catastrophic. The PDCA model makes sure that the process of identifying risk and hazards never stops.
So far, all we have said has been around the organisation’s responsibility towards people working on its behalf. Although, there is one important thing missing which is people’s responsibility towards safety. The picture is not complete unless everyone, from top management to frontline workers, takes safety seriously. There must be a culture of safety to promote OHSMS practices in organisations and create awareness of hazard and risks, if not; no one is going to do what a safety manual says.
Safety culture is one of the success factors that ISO 45001 mentions, and talks about it on different occasions in the requirements. The standard demands organisations to involve their workers in the H&S management system, to ask them about their ideas, and to give them enough training and tools, so workers consider themselves as a part of the OHSMS.
The intent of ISO 45001 is to make safety everyone’s responsibility and to create an environment where workers can express their safety concerns with the management and know that their concern is recognized and respected.
A safety culture needs a lot of effort and openness from both sides of the company, but when they get to the point that everyone values safety, and it becomes the first priority, positive results will be enormous. The new standard guides organisations to reach that point and develop new behavior that can make a difference in people’s lives.
Strategic directions and policies are among the key aspects of any business and come directly from top management. A process in the organisation cannot be effective unless top management includes that in those key aspects and commits to implement that process.
ISO admits the significant role of senior management and assigns big responsibilities to it, in fact, we can see the leadership trace all over the requirements. Based on 45001 standard, improving safety is a top-down process, and there is no other way to ensure it will work.
ISO 45001 believes that safety management system must be linked to the overall system of organisation to ensure there’s enough support coming from above, and leadership is accountable for the safety procedures. When leadership has a safety vision and motivates people to achieve that vision, the organisation also gains valuable outcomes and enhances its safety culture. The culture of safety in turn results in lowering the cost-benefit ratio, which can be a motivation for the top management as well.
An organisation cannot be successful in its safety attempts if the safety system leaves these challenges unanswered. However, ISO 45001 knows exactly how to address them.
The 45001 standard could significantly improve your safety performance and bring many values to your organisation, continue reading to find out more about the benefits that you can get from it.
ISO 45001 is a global standard, which is recognized across the world. This standard shows companies worldwide that your organisation is committed to the welfare of staff and external parties. It can help organisation to create a positive image of themselves.
Besides, 45001 standard minimises the risk of production delays and promotes a better service to the customers which results in standing out among the competitors.
ISO 45001 minimises the risk of downtime through accidents and provides possible cost saving through public liability insurance premiums. Identifying hazards and controlling risks at the earliest stage could help reducing business cost by preventing safety issues.
Leadership commitment to safety and safety culture can change the way employees think of the organisation. As long as workers see their health and wellbeing is important for leaders, they are more likely to work better and be more productive.
Certification to this ISO demonstrates a strong commitment to ongoing improvement of safety performance and proves that the safety of people who are somehow related to the company’s operation is very important.
It is always better to have someone from outside of the company double check the safety process to make sure every vital aspect has been considered and taken care of. Also, an outsider could see problems from a different angle that is beneficial as well.
If your organisationis already certified to one of the recently revised ISO standards such as 9001 or 14001 you can easily notice the same feel and look in the ISO 45001 as well. The reason lies is the matching core text and common terms and definitions that all of these standards share which comes from adopting the new high-level structure of Annex SL.
Clause 1: Scope
Clause 2: Normative references
Clause 3: Terms & definitions
Clause 4: Context of the Organisation
Clause 5: Leadership and worker participation
Clause 6: Planning
Clause 7: Support
Clause 8: Operation
Clause 9: Performance Evaluation
Clause 10: Improvement
All the new ISO standards are developed using this10 clauses. This identical structure aims to help organisations to easily integrate more than one ISO standard and avoid conflict, confusion and extra effort as much as possible.
However, the real capacity of this framework is in not fully understood unless we combine it with the Plan-Do-Check-Act cycle (PDCA). PDCA is a powerful tool that if used in the correct way it can move the needle in the organisations’ performance.
The combination of Annex SL framework and PDCA model helps organisations to see their management systems as a never-ending loop that only improves and becomes a better version of what it was before. In fact,10 clauses of standard don’t have a linear relationship together, on the contrary, they are different parts of a process to achieve the management system goals.
The whole process is the same for all of the ISO standards so organisations can benefit from the simplicity of integrating different standards together and to their overall business process.
Here we try to mention some important points of ISO 45001 requirements and provide a high-level explanation of the 10 clauses to help you better understand the logic and intent behind them.
This clause refers to the intent of ISO 45001, which is continual improvement of safety in organisations fulfilling legal requirements.
This standard has no normative reference.
This clause provides the list of terms and definitions in ISO 45001.
Context of organisation is a new concept in the ISO standards that simply refers to all the internal and external issues that can affect your OHSMS ability to reach its intended objectives. In this step, you must identify all those issues that are specific to your own organisation.
Another new term in this clause is interested parties, which means organisations have to consider the needs and expectations of all the internal and external parties that can have an impact on their OHSMS, not just their employees. These internal and external parties could be stakeholders, unions, governments, etc.
The important point here is to know your company’s environment inside and out, so that you can create a global scope to implement your OHSMS in it.
The importance of top management engagement in OHSMS is shown in this exclusive clause for leadership. These are tasks that leadership must be accountable for them:
Engaging in these tasks demonstrate the commitment and participation of senior management.
This clause talks about creating plans to achieve intended outcomes of OHSMS and considerations for risks and opportunities along the way. Some of its key outlines include:
Support refers to the competency and awareness criteria needed for the effectiveness of OHSMS, meeting objectives and the necessary documented information.
The required actions to implement the plans of clause 6 are included in this clause. Organisations need to consider the following aspects:
This clause talks about the monitoring and measuring the process to evaluate the performance of OHSAS, also to reassure that leadership is actively participating. Here is what organisations need to do:
This last clause directly reflexes one of the biggest aspects of this standard, which is being proactive and looking for improvement opportunities all the time. To be able to do that:
If you are already certified to AS/NZS 4801, and you are thinking about transition to ISO 45001, it would be useful to know more about the differences between the two standards. Here is a brief review of the key differences:
Previously there was a requirement for appointing a management representative that has been removed and replaced by 13 responsibilities for Senior Management.
ISO 45001 includes additional commitments that an organisation needs to demonstrate in its Health and Safety Policy. The new policy has to include preventive measures, eliminating hazards and reducing OH&S risks.
ASNZS 4801 had sections for consultation and communication but ISO 45001 adds some more requirements in order to provide time, training and resources necessary for consultation and participation, also, determine and remove obstacles or barriers to participation and minimise those that cannot be removed.
As part of ISO 45001 organisations are required to determine and assess risks and opportunities related to the establishment, implementation, operation and maintenance of the management system.
The requirements for the identification of hazards have been expanded to take into account elements such as “how work is organised, social factors (including workload, work hours, victimisation, harassment and bullying), leadership and the culture of the organisation.” when identifying hazards.
AS/NZS 4801 had required documented procedures for topics such as hazard management and training and competency. ISO 45001, like other Annex SL based ISO standards requires organisations to have documented information. Documented information is defined as:
“Information required to be controlled and maintained by an organisation and the medium on which it is contained.”
Given that ISO 45001 has a risk-based approach to management systems it is up to the organisation to determine what documented information will be retained to demonstrate compliance. Examples of this include emails, videos, forms, chat messages, software, and photos. When determining what documented information is required you’ll need to take into account legal requirements, e.g. SWMS and WHS Management Plans.
A common criticism for AS/NZS 4801 was the lack of specific requirements for extending the health and safety management system to address subcontractors and other parties. ISO 45001 filled this gap by adding a section just for procurement and its related issues.
Previously in AS/NZS 4801 organisations were required to establish procedures to identify and have access to all legal and other requirements that are applicable to the organisation. ISO 45001 requires organisations to evaluate their compliance with legal and other requirements and retain documented information of the evaluation results. For organisations already compliance with ISO 14001:2015 for the environment this is something you’ve already had to consider.
You can’t effectively transition without understanding how your existing management system aligns with the standard. Compliance Council’s gap-analysis checklist that is designed based on the key differences between AS/NZS 4801 and ISO 45001 is a great tool for determining where the gaps are and then creating an action plan to address them.
You have the opportunity to refine your processes and integrate them with your quality and environment management systems. Given that the majority of ISO 45001’s requirements follow the same high-level structure as ISO 9001 and ISO 14001 it will be a very straightforward project to integrate the processes.
With the changes that occur as part of implementing ISO 45001, it is a good opportunity for your organisation to educate your colleagues at relevant functions and levels in your organisation from Senior Management to your frontline employees. Education doesn’t just have to be presentations and other training, it could be through involving your employees in the revision of the health and safety processes so they gain a better understanding of the requirements.
Here at Compliance Council, we specialise in assisting organisations with developing and implementing management systems, which put your business on the path to becoming certified.
Our 8 Step Process is designed to give your organisation the most efficient turnaround time whilst delivering service second to none. Here is a diagram that shows these 8 steps:
Third Party Certification is the process of having your Management System audited by an independent third party. This type of auditing is typically used by Conformity Assessment Bodies (CABs) who are regulated by a government organization known as JAS-ANZ. These CABs can issue registered certificates of compliance to various standards such as ISO 9001, AS 4801, and ISO 14001.
The formal assessment process includes two stages. In stage 1, the auditing body will confirm whether you have met the requirements of your proposed scope and the objectives you have set for yourself. If there is any kind of minor or major nonconformities, you will have some extra effort to put in.
The auditing body will give you some time to address the nonconformities, before beginning stage 2 of the audit. In stage 2, your system will be assessed again to make sure that all nonconformities are corrected.
At this point, if there are no major nonconformities, your certification can be issued; otherwise, you will be given time to correct existing nonconformities before the next visit of the audit and only after removing all the major nonconformities you will be eligible for ISO 45001 certification.
Typically, the certification body will do yearly surveillance of your management system for the first three years after your certification is issued. This way, you will be sure that everything is working the way that you wanted and your OHSMS still meets the ISO 45001 requirements.
Have a question? Contact Compliance Council on 1800 771 275 or enquire online
I’ll be directing your enquiry to the right person and will ensure an immediate response.
Copyright © Compliance Council Pty Ltd T/AS Compliance Council 2020