On November 27, 2017, a final version of the new International Standards Organization (ISO) 45001 standard was published, creating an official ISO standard for occupational health and safety programs.
In the early 2000s there were international standards for environmental management systems with ISO 14001, but not health and safety. Thus, a British Standard was developed, called Occupational Health and Safety Assessment Series (OHSAS) 18001.
ISO 45001 takes much of what’s already in OHSAS 18001 and adds to it, reorganizes it to match current ISO formats, and modifies some areas. If you’re already OHSAS 18001 certified, you will have a good head start on ISO 45001 certification.
ISO 45001 brings the responsibility of safety to company leadership and establishes how safety incorporates into the entire organization, rather than making it a responsibility of safety management. The standard has more detailed clauses lining out its expectations of employee involvement, requiring the documentation of results and program effectiveness, risk evaluation and considering how safety affects all affected parties, not only employees but contractors, outsourced operations, vendors, etc.
Here are just a few of the differences between the two standards:
| OHSAS 18001 | ISO 45001 |
|---|---|
| British Standard | International Organization of Standardization Standard |
| Reactive planning | Proactive planning |
| Hazard control | Risk evaluation, reduction and prevention |
| Procedures are prepared | Documented results are required |
| Safety management personnel play leadership role | Top management plays leadership role |
| Company management reviews the process after development | Company leadership takes leading role to ensure it fits within the overall organization’s processes. |
| Safety and health is the responsibility of safety management personnel | Safety and health is the responsibility of leadership and the overall management system of the organization. External and internal issues related to the safety management system should be addressed by leadership. Workers and interested parties’ needs should be addressed and incorporated into the plan. |
| Employee participation consultation | Everyone, including leadership, is responsible for safety. Workers should be provided education to help identify risks and everyone should participate. Internal audits and risk assessments should be shared with all employees and non-managers should participate in internal audits, risk assessments and incident investigation. |
| Information and communication procedures are prepared | Information and communication documentation is required including who, what, when, the objective of the communication and was it effective? |
| — | Additional Elements • Outsourced processes, procurement and contractors are addressed. • Hierarchy of controls are to be used. • Procurement of goods are to be considered. • Contractor controls and communication requirements for their workers, your workers and any other affected parties are required. |