Request a Demo

Fill in the form below and we will contact you shortly to organised your personalised demonstration of the Noggin platform.

The Noggin Platform

The world's leading integrated resilience workspace for risk and business continuity management, operational resilience, incident & crisis management, and security & safety operations.

Learn More
Resilience Management Buyers Guide - Thumbnail
A Resilience Management Software Buyer's Guide
Access the Guide

Who We Are

The world’s leading platform for integrated safety & security management.

Learn More
Whitepaper

Guide to Understanding ISO 45001

Noggin

Safety Management Software

Updated March 12, 2024

The state of occupational health and safety today

To contextualize the number of occupational accidents and work-related diseases that lead to death in any given year, researchers at the World Economic Forum drew a troubling comparison to casualties from armed conflict at the height of the Syrian Civil War. In 2015, as the researchers found, some 167,000 people around the world died in armed conflictsi.

Meanwhile, on the occupational health and safety (OHS) front, over 2.3 million workers die every year from work-related accidents and diseases, according to ILO (International Labour Organization) statistics from the year 2014ii. Subsequently, researchers from the Workplace Safety and Health (WSH) Institute would revise those figures upwards to 2.78 million, or an estimated 7,500 OHS-related deaths per dayiii.

And while fatal occupational accidents crept up slightly from 2010 to 2014, non-fatal accidents, those causing at least a four-day absence from work, shot up to nearly 374 million: an increase of 60 million from 2010iv. The cumulative impact of these OHS incidents on the global economy: 3.94 percent a year in lost GDPv.

ISO 45001 aims to improve OHS practices around the world

But it’s, of course, individual organizations, not the economy at large, that bear the direct costs of poor OHS practices. Individual companies will suffer from lost productivity, diminished employee morale, increased regulatory scrutiny, legal action, and even financial penalty, unless they prioritize and develop robust workplace safety cultures. And now, they have the means to do so.

To help organizations provide a safe and healthy workplace to their employees and prevent work-related injury and ill health to other stakeholders, the ISO (International Standards Organization) recently published ISO 45001, a new, high-level, international standard that gives organizations a common framework to manage their OHS riskvi. The standard itself, applicable to organizations of all size, kind, and in any market, provides a systematic, integrated approach to managing OHS-related matters.

The world’s first international standard to deal exclusively with work health and safety, ISO 45001 represents a landmark in the space. It replaces a number of pre-existing national health and safety standards and proprietary certifications, the most popular being the internationally applied British standard, OHSAS 18001, from which ISO 45001 is principally derivedvii.

The first British standard for occupational health and safety management, OHSAS 18001 focuses on business requirements to create an effective OHS management systemviii. The standard helps businesses implement a flexible framework to identify and control their OHS risks, as well as reduce on-the-job accidents, achieve compliance, and improve OHS performance.

The system has proven to be extremely popular, and companies, not just in the U.K., have flocked to it. But despite the widespread adoption, OHSAS 18001 isn’t without its limitations. For one, it doesn’t have the imprimatur of an international organization, like the ISO, which narrows its scope.

ISO 45001: Key business benefits 

  • Enables the development of an effective OHS management system
  • Enforces OHS best practices
  • Ensures senior management and workers take an active interest in OHS management 
  • Seeks to address and control key OHS risks
  • Takes a risk-based approach, ensuring constant updating as an organization’s context shifts
  • Aligns OHS risk management with other management processes
  • Helps ensure compliance
  • Bolsters a company’s reputation for being a safe place to work, which can 
    – Contribute to improved morale 
    – Reduce regulatory oversight
    – Lower insurance costs
  • Reduces the cost of OHS disruptions 
  • Can help reduce employee downtime and absenteeism, thereby improving productivity
So, the ISO decided to intervene. In 2016, a draft international standard was circulated to all ISO members, and a year later the draft was approved. In March of 2018, the official standard was rolled out. And now companies currently using the OHSAS 18001 certification have until March 2021 to migrate to the new ISO 45001 standard.

How ISO 45001 differs from OHSAS 18001

Having adopted OHSAS 18001 gives companies a substantial head start in migrating to ISO 45001. But there are still plenty of differences between the two certifications. For one, the high-level ISO approach provides for easier integration with other ISO standards, including 9001 (designed to help organizations meet the product needs of customers and other stakeholders), 1400 (related to environmental requirements for businesses), and 22000 (which deals with food safety).

Additionally, ISO 45001 tasks senior management, not the rank-and-file, with taking a leading role in implementing OHS best practices. Getting business leaders to take the central role in encouraging a positive occupational health and safety culture is meant to embed OHS prerogatives in the fabric of wider business practices and to make OHS matters absolutely crucial to running a sustainable business.

ISO 45001 also provides a new, proactive and strategic emphasis on risk (not just a reactive approach to hazards), with risk understood in the wider context of the management system, including outsourced tasks. ISO 45001 also ushers in a broader conception of risk-based thinking, which extends to exploiting opportunities when setting objectives.

Notably, ISO 45001 is heavily focused on organizational context, i.e. the interaction between an organization and its larger business environment, while OHSAS is more concerned with managing hazards within the organization. Indeed, the new standard moves away from “hazard identification” as a concept.

Similarly, the new standard broadens the scope of parties interested in OHS matters. Organizations now must have a keen understanding of the needs and expectations of their workers as well as suppliers, subcontractors, clients, and regulators. Companies must also provide for the gathering and dissemination of (consistent) information to these parties, especially during an emergency situation.

At a glance: ISO 45001 differences for OHSAS 18001 

  • Process (not procedure-) based
    – Requirement for “documented information” rather than documented procedures and records
  • Dynamic in all clauses
  • Introduces focus on organizational context
  • Considers risks and opportunities
  • Greater management commitment 
  • Prescribes strategic (not reactive) approach to OHS management
  • Inscribes OHS within larger management of the business
  • Calls for organization to determine relevant internal and external issues 
  • Calls for organizations to understand the needs and expectations of workers, suppliers, subcontractors, clients, and regulators

Emergency management changes from OHSAS 18001 to ISO 45001 

Emergency situations create their own set of distinct OHS risk. And therefore, ISO 45001 calls for drastically more robust emergency preparedness and response measures than OHSAS 18001 before it-the latter focused exclusively on logging fire evacuation practice sessions and other superficial changes to emergency evacuation procedures.

ISO 45001, on the other hand, mandates that OHS professionals take a far more active part in all stages of the emergency management lifecycle (mitigation, preparedness, response, and recovery). As mentioned, the standard broadens the number of (internal and external) stakeholders who must be consulted. This requirement holds in emergency situations as well, when emergency response agencies and the local community must be consulted as well as internal stakeholders. 

Under the terms of ISO 45001, organizations must take the following steps to anticipate, prevent, or minimize risk from potential emergencies. Those steps include the following:

  • Identify and plan for potential emergency situations
  • Prepare a planned response to emergency situations
  • Periodically test and exercise emergency response capabilities
  • Evaluate and revise emergency preparedness measures, especially after the occurrence of emergency situations
  • Provide relevant information to all members of the organizations regarding their duties and responsibilities
  • Provide emergency prevention, preparedness, and response training
  • Communicate information to contractors, visitors, relevant emergency response services, government authorities, and the local community 

Conclusion: Migrating to ISO 45001

Companies have until March 2021 to migrate to the new standard. That might sound like a lot of time, but it’s not as much as you think. In actuality, it’s best to get started sooner rather than later: not only because updating your OHS processes to best practices in the field is a good in and of itself, but also because migrating to the new standard requires careful analysis and might simply be beyond the scope of many of your existing tools and systems.

To get started, you’ll need to perform a thorough OHS risk assessment, not just of internal factors that might impact your business but also an analysis of a whole host of external and semi-external interested parties who might affect your activities as well.

By then, you’ll have a good sense of whether your existing OHS toolkit is able to help you manage all of the risk factors you’ve identified. For instance, do your tools offer integrated emergency management preparedness functionality, pursuant to the new ISO requirement?

Business leaders, in particular, must be able to answer these questions, as the new standard calls for their participation in managing OHS. That means getting involved in creating processes, performing risk evaluations and assessments, as well as setting key performance indicators.

Finally, though this call for direct senior management commitment might seem onerous, consider the alternative: disengagement; how will that play in the event of a major incident? Remember, senior leaders are the people most likely to carry the reputational repercussions of serious OHS incidents for their entire careers, not to mention the shorter-term consequences of poor OHS practices, like lost productivity, low morale, increased scrutiny, and financial penalty. Now, thanks to ISO 45001, senior leaders have a comprehensive framework to use to minimize risk and bolster the safety culture at their organizations.

The PDCA cycle 

Like OHSAS 18001 before it, ISO 45001 also includes a PDCA “Plan, Do, Check, Act” cycle. In both contexts, the cycle provides a helpful framework for organizations to take stock of critical OHS risk areas. In addition, the cycle lays out the following:

  • Plan by establishing the objectives and processes you need to deliver positive OHS results. 
  • Do by implementing the processes you’ve sketched out above. 
  • Check by monitoring and measuring what you’ve done against what your OHS policy, objectives, and regulatory requirements outline. 
  • Act by addressing gaps and taking action to ensure continual improvement.

Source: Public Safety Canada

Citations

i Michael Buehler, Edmundo Werna, and Mark Brown, World Economic Forum: More than 2 million people die at work each year. Here’s how to prevent it. Available at https://www.weforum.org/agenda/2017/03/workplace-death-health-safety-ilo-fluor

ii International Labour Organization: Safety and health at work. Available at https://www.ilo.org/global/topics/safety-and-healthat-work/lang--de/index.htm.

iii Paivi Hamalainen, Jukka Takala, and Tan Boon Kiat, Workplace Safety and Health Institute: Global Estimates of Occupational Accidents and Work-related Illnesses 2017. Availableat http:// www.icohweb.org/site/images/news/pdf/Report%20Global%20 Estimates%20of%20Occupational%20Accidents%20and%20 Work related%20Illnesses%202017%20rev1.pdf.

iv Ibid.

v International Labour Organization: Safety and health at work. Available at https://www.ilo.org/global/topics/safety-and-healthat-work/lang--de/index.htm.

vi NSF International Strategic Registrations: ISO 45001 Occupational Health and Safety Management Systems: Information Guide. Available at https://www.nsf.org/newsroom_ pdf/isr_dis45001_guide.pdf.

vii British Standards Institution: ISO 45001 Whitepaper: A new International Standard for Occupational Health and Safety Management Systems. Available at https://www.bsigroup.com/ LocalFiles/en-GB/iso-45001/Resources/BSI-ISO45001-RevisionWhitepaper-EN-UK.pdf.

viii Ibid