ISO 45001 (OHSAS 18001)

INTRODUCTION TO ISO 45001

We knew it was coming! And on March 12, 2018, ISO 45001 was published. On March 13, ISO hosted a livestream video to answer all of your questions about this new standard. Although we’ve been learning more about ISO 45001, and even wrote a blog a few months ago about the differences between ISO 45001 and OHSAS 18001, we wanted to summarize the main points made by the experts that created the standard. The conversation was hosted by Maria Lazarte from the ISO General Secretariat with guests Richard Jones, Charles Corrie, David Smith and Jan Toft Rasmussen. Richard Jones was actively involved in the development of OHSAS 18001 and its guidance and the development of ISO 45001. Charles Corrie is Secretary of the committee (ISO/PC 283) that developed ISO 45001. David Smith is the committee chair of ISO PC 283 responsible for the development of 45001 and a variety of BSI management standard committees. Jan Toft Rasmussen is an experienced consultant on health and safety with a history of working in trade union federations and confederations. We have summarized the main points addressed into the What, When, Why, How and Who’s below.
Quality Standards
Quality Standards

WHAT IS ISO 45001?

ISO 45001 is an International Standard that specifies requirements for an occupational health and safety (OH&S) management system, with guidance for its use, to enable an organization to proactively improve its OH&S performance in preventing injury and ill-health. ISO 45001 is intended to be applicable to any organization regardless of its size, type and nature. All of its requirements are intended to be integrated into an organization’s own management processes. It enables an organization, through its OH&S management system, to integrate other aspects of health and safety, such as worker wellness/wellbeing; however, it should be noted that an organization can be required by applicable legal requirements to also address such issues

WHAT IS DIFFERENT BETWEEN ISO 45001 AND OHSAS 18001?

They are very similar in that they both use a Plan, Do, Check, Act model. ISO 45001 encompasses most of the areas of OHSAS 18001 for occupational health and safety.

45001 Speaks To Leadership

The differences are that 45001 follows the structure of other international standards. There is a much larger focus on the responsibility of leadership in ISO 45001. It also speaks to the need for worker participation. The standard aims to have worker health and safety be a central tenant in the way a company operates, integrated into overall business processes. Health and safety isn’t a stand alone process or the responsibility of one person or department.

From the delegates on the committee representing workers, they sought to participate in making their workplace safer but they really wanted language in the standard to make sure their top management was clear that they hold ultimate responsibility for setting this into place in their organization

45001 is More Comprehensive

ISO 45001 is designed to take into account many more factors than 18001. For instance, 45001 recognizes other formats for data collection and storage – such as digital formats to reduce paperwork. Beyond just health and safety, 45001 gives management a tool to strengthen their entire business if they follow it.

45001 is More Proactive

ISO 45001 focuses on continually assessing opportunity to reduce risks.

ISO uses terms across all of their standards that users will be familiar with – for example, the term “legal requirements” is used instead of “compliance obligations” because they wanted to make it clear that some countries have a legal requirement to do certain things.

The standard pursues the idea that every employee has a role to play in thinking about health and safety. For example, the purchasing manager should think about risks before they place every order for equipment that workers will use.

What about small businesses?
Small businesses (SMEs) can absolutely adopt 45001 even if they don’t currently have 18001.
ISO 45001 makes it clear that all top management have a role to play in health and safety.

PUBLISH & TRANSITION PERIODS

ISO 45001 was published on March 12, 2018. On that day, OHSAS 18001 was withdrawn. Companies who were certified to OHSAS 18001 were required to migrate to ISO 45001 within three years. Transition period started 3-12-18 and by 3-12-21 all OHSAS 18001 certifications must be migrated to 45001.

WHY WAS THE ISO 45001 STANDARD CREATED?

Too Many Work-Related Injuries, Illnesses and Deaths

Over 7,600 people die each day from work-related accidents or diseases. The video mentioned the fact that every 12 seconds a worker dies in the world on the job. The burden of occupational injuries and diseases is significant, both for employers and the wider economy, resulting in losses from early retirements, staff absence and rising insurance premiums.

International Standard Makes it Accessible

Clearly this a problem across the world that having an international standard was almost overdue. Although there are health and safety standards locally and even nationally, there needed to be an official standard that transcends borders to create a safe and healthy working environment everywhere. Hopefully, with the new international standard in place, it will create a more popular and accessible standard worldwide and the number of injured workers will decrease over time.

HOW DOES ISO 45001 HELP WORKERS?

The ISO 45001 standard provides a systematic, comprehensive approach to health and safety on the job. It answers many specific questions on how to prevent injury and illness, rather than just dealing with them as they arise.

Health and Safety is Everyone’s Job

All levels of the organization are addressed in this standard. It’s not just applicable to one employee or department, rather, it offers guidelines for the entire organization, especially decision makers and leadership.

Using PPE As Last Resort

Rather than offering PPE (personal protective equipment) and hanging safety signs, this standard aims to be “in front” of issues before they happen.

An example was shared in the video regarding excess noise. While many recommendations may be to simply offer PPE to workers near the noise, this standard illustrates how to work to pinpoint the noise, measure it, and how to mitigate it instead of simply handing out ear protection.

PPE is not the foundation of the safety standard. The standard helps organizations create an environment that doesn’t require PE in the first place. In other words, PPE is a last resort.

HOW CAN WE CONVINCE TOP MANAGEMENT TO ADOPT ISO 45001?

There are many benefits to following or certifying to ISO 45001. These include overall improved performance, better cooperation amongst employees and managers, better respect amongst ranks of workers and management, insurance costs reduced, and less worker turnover.

In some countries, this standard helps ensure legal requirements are met. It may reduce the pressure organization’s face from labor or government inspectors. And finally, it fulfills customer request or demand that their vendor partners have a system in place to protect employees.

HOW IS ISO 45001 CONNECTED TO OTHER ISO STANDARDS?

In developing ISO 45001, the committee made sure it’s compatible with Annex SL – which is the framework used by ISO 9001, 14001 and 27001. Common terminology is used between all standards so it is easier to align 45001 with 9001. For companies that use both of these standards, it will be a stronger, better, higher quality and safer company.

WHO DEVELOPED ISO 45001?

ISO 45001 was developed by ISO/PC 283, a technical committee made up of experts from around the world. The ISO 45001 committee ensured they had feedback from all parties that would be affected by ISO 45001. They sought to achieve balance between government, employers and workers, so they requested and received recommendations on who should be involved in the process of developing the standard from those three major group.

Delegates from these three areas nominated to represent their interests in the development of the standard. The delegates represented 85 countries.

The committee also had external liaison representation from: International Labor Organization, International Trades Union Congress, International Organization of Employers and others.

WHO NEEDS ISO 45001?

ISO 45001 is designed for any company, in any industry, of any size, in any location around the world. Any company that cares for their employees can use this standard, even if they are not seeking to be certified to it.

Whether Seeking Certification or Not

Companies are able to use this standard to confirm their organizations are safe by benchmarking themselves against it. It was designed to be used as a tool regardless if the company is seeking the certification or not.

Existing OHSAS 18001 Certification Holders

OHSAS 18001 has been withdrawn effective March 12, 2018. Companies who are currently using OHSAS 18001 will need to migrate to ISO 45001 within three years. Three years is the standard period of time that ISO uses to give standard holders to upgrade to newly published standards. All new certifications will be to the ISO 45001 standard.

WHO DOES ISO 45001 IMPACT?

Employees and Subcontractors/Vendors

Organizations must also consider what their suppliers and subcontractors are doing. They don’t need detailed knowledge, but the organization should put the interaction into place for personnel for suppliers within the organization’s system.

Frequently Asked Question

ISO certification follows the same process, regardless of the ISO standard you are seeking:

  1. Establish, implement and verify your ISO management system
  2. Stage 1 audit – Documentation Review
  3. Stage 2 audit – Full system audit
  4. Closure of any findings
  5. Certification!

The standards that best suit your company vary by the industry you are in. In order to identify the standards that will provide your company with the greatest benefits, we recommend the following:

  1. Talk to your customers – many of them may require certain ISO standards.
  2. Evaluate your companies risks – see where your companies great liabilities are what needs to be controlled (e.g. quality, environmental aspects, health & safety hazards, IT security, etc.).
  3. Be proactive and identify new business opportunities – evaluate new areas / industries you want to grow your business. Often times, these new industries may require some sort of certification in order to enter. Certification takes time, so being proactive and having the certifications before bidding on projects can put you ahead of your competition.

The time to become ISO certified really depends on a few different factors:

  1. The resources you have available to support the ISO process
  2. Your own internal timeframe that you need / want to be certified by
  3. The standard’s requirement for how much evidence you need to support certification

Certification requires you to show through objective evidence that you have an effective ISO management system in place. In order to do this, you need to show that you have sufficient evidence available to support this claim. At a minimum, most standards will require 3 months of evidence of implementing your management system in order to be certified.

Some standards, such as IATF 16949, may require a minimum of one year of evidence to support certification.

The cost for certification can vary greatly from one company to another. There are typically several factors that go into the costs for certification:

  1. Certification body fees
  2. Certification body audit day rates
  3. Auditor travel costs
  4. Standard license fees (e.g. R2, RIOS, eStewards license fees)
  5. Consulting Fees

Audit time and consulting time is typically based on the following factors:

  1. Number of employees
  2. Number of processes and the risks associated with those processes
  3. Number of locations

We have the experience to help you navigate the certification body costs and possible discounts they can offer.

You can Request a Quote here or get an Instant Quote here

ISO certification shows your customers that you follow industry best practices and that your business is well structured and ready for growth.

Each ISO standard has its own benefits, for example:

  • ISO 9001 – Ensures you provide your customers with a quality product or service
  • ISO 27001 – Protects your information, data and reputation
  • ISO 14001 – Reduces your environmental impact
  • ISO 45001 – Protects your workers
  • Responsible Recycling (R2) – ensures responsible management of used electronics

Common benefits across all ISO standard include:

  • Increased efficiency
  • Reduced costs
  • Improved customer satisfaction
  • More engaged employees
  • Reduced risks
  • Reduced insurance premiums
  • Helps with project bidding

By achieving and maintaining an ISO certification, you are showing your company’s commitment to achieving your objectives, improving your business and increasing the credibility and customer confidence in your product or service.

Yes. We have been providing remote auditing and consulting services for years. We have found remote auditing and consulting to be just as effective as on-site. We use a variety of tools to ensure we are thorough in our remote services, while saving you time and money.

The great thing about working with Glacier consulting is that you don’t need anything in place to get started. We will work with you ever step of the way to ensure you have everything you need to get certified.

Most companies have far more in place than they realize. Just because it may not be documented, doesn’t mean you don’t have processes in place. We will work with your team to improve, streamline and formalize these processes.

One of the most common questions we get is how much time and effort does it take to get and maintain certification. The bulk of the effort should be at the beginning to get your management system established and implemented. To do this, we take what you already do and formalize it to meet the standard requirements. There may be some minor tweaking done, but this typically only improves and streamlines your process.

Once your ISO management system is in place, maintaining it should be as easy as breathing because it should become part of your culture and everyday operations. At the end of the day, you shouldn’t think of it as your ISO system, you should think of it as simply your way of operating your company.

We work with countless ISO standards. We’ve only listed the most common ISO standards typically sought after. We have a diverse team with tremendous knowledge in many of the ISO standards. Contact us and let us know what standard you are interested in. If we don’t offer that service, we can find you someone who can.

We can tailor a service specific to your needs to help you along your ISO journey. We can provide basic guidance to full “White Glove” support. If it’s business or ISO related, we’ve got you covered. A few of our services include:

  1. General ISO Consulting
  2. Documentation Prep
  3. Training
  4. Auditing
  5. Maintenance

Contact us with any questions you have or for services not listed here.