The webinar covers:
• Description of ISO 45001 and OHSAS 18001
• Changes made in the ISO 45001
• Implementation tips for both standards
Presenter:
This webinar was presented by Tariq Khan, PECB trainer and partner, who is also the country manager for IMS Reliance.
Link of the recorded session published on YouTube: https://youtu.be/c2AIUfRGjxs
2. Development
• Development of ISO 45001 has now reached the Committee Draft
(CD) stage. This briefing note provides the background to
development of ISO 45001 and outlines the likely main similarities
and differences between OHSAS 18001 and ISO 45001.
3. The need for integrated risk-control systems
• ISO management system standards (MSSs), for quality, environment, food safety
standards etc, have been developed and published over a number of years. While some
may say these standards are compatible with each other, the reality is that the
proliferation of ISO MSSs and the manner in which they have been developed has
resulted in many apparently common requirements that are subtly or substantially
different.
• This has caused confusion and inconsistent understanding and implementation.
Consequently, it has been easy to compartmentalize these different risk-control systems.
But that is simply not how organizations operate or top management thinks.
• This compartmentalization can be a significant barrier to getting the buy-in and hands-on
participation of top management and often results in failure to embed these systems
into routine operations. Instead, each is operated as an independent system in its own
right with its own dedicated management structure. This had led to the need to combine
or integrate these different aspects of business risk management more easily in an
effective and efficient manner.
5. ISO 45001 will adopt the high-level structure
This is the same common structure, definitions and core text being used to revise ISO 14001 (EMS) and ISO 9001 (QMS).
• This will mean the structure of the standard will be:
• Scope
• Normative references
• Terms and definitions
• Context of the organisation
• Leadership
• Planning
• Support
• Operation
• Performance evaluation
• Improvement
• The first significant change therefore is that there are now ten sections instead of four in OHSAS 18001.
6. ISO/CD 45001 includes new concepts
• Context of the organisation, leadership and documented information
are generally thought to be the more significant new concepts.
7. New clause: Context of the organisation (4.1)
• The intent of 4.1 is to provide a high-level, conceptual understanding of the important issues that can affect,
either positively or negatively, the way the organisation manages its responsibilities in relation to the OH&S
management system for persons working under its control. The issues of interest are those that affect the
organisation’s ability to achieve the intended outcome, including the objectives it sets for its OH&S
management system, which include meeting its OH&S policy commitments.
• Examples of the issues are:
• a) External issues such as the cultural, social, political, legal, financial, technological, economic and natural
surroundings and market competition, whether international, national, regional or local.
• b) Internal characteristics or conditions of the organisation such as governance, structure, roles and
accountabilities and the organisation’s culture.
• The guidance given in ISO/CD 45001 adds the comment that:
• “The results of the context review should be used to assist the organization in understanding and
determining the scope of its OH&S management system, determining its risks and opportunities, developing
or enhancing its OH&S policy, setting its OH&S objectives and determining the effectiveness of its approach
to maintaining compliance with applicable legal requirements and other requirements to which the
organization subscribes”.
8. New clause: Interested parties (4.2)
• The organisation has to determine the interested parties that are relevant to the OH&S
management system, and then the relevant requirements of those interested parties. However,
there is no expectation that the organisation shall comply with all those relevant requirements.
ISO/CD 45001 adds the statement:
• “and which of these become applicable legal and other requirements to which the organisation
subscribes”.
Referring to the guidance given in Annex A, we have the explanation:
• “That Interested party needs and expectations are not necessarily compliant requirements of the
organization. It is important to distinguish between what these needs and expectations will lead
to:
• mandatory requirements, laws, regulations
• voluntary commitments to interested parties to which the organization voluntarily subscribes
• Needs and expectations from interested parties only become obligatory requirements for an
organization if that organization chooses to adopt them”.
9. Scope of the OH&S management system (4.3)
• ISO/CD 45001 states that “The scope shall include all the activities,
products or services within the organization’s control or influence that can
impact on the organization’s OH&S performance”.
• An area likely to cause some discussion will be that of outsourced
operations. In the definitions ISO/ CD 45001 states that “An external
organization is outside the scope of the management system, although the
outsourced function or process is within the scope”. The question will be –
to what extent is the organisation responsible for the OH&S of outsourced
operations carried out by another organisation or contractor? The
guidance given in Annex A advises that:
• “Supply and procurement policies should address hazards and potential
OH&S risks to persons in the organization and, as far as possible, impacts
on persons, outsourced or subcontracted, carrying out activities or
producing products or services for the organization”
10. New clause: Leadership (5)
• Section 5 dedicates itself to “Leadership”
• This section is divided into three sub-clauses:
• 5.1 Leadership and commitment.
• 5.2 Policy.
• 5.3 Organizational roles, responsibilities, accountabilities and authorities.
• Although some of section 5 will seem familiar to users of OHSAS 18001
there are significant new and enhanced requirements.
• This clause calls for the organisation’s top management to demonstrate
their involvement and engagement with the OH&S management system
through direct participation in, for example:
11. New clause: Leadership (5)
• Taking OH&S performance into account in strategic planning
• Communicating the importance of effective OH&S management and of conforming to
the OH&S management system requirements
• Directing and supporting persons to contribute to the effectiveness of the OH&S
management system for all functions
• Promoting and leading organisational culture with regard to the OH&S management
system
• Top management shall identify one or more of its members to be accountable for the
OH&S policy and OH&S management system.
• Note that these are activities top management are required to carry out, they cannot
delegate them to others. Thus, the top management assume an active role in the OH&S
management system. The leaders must also ensure the integration of the OH&S
management system requirements into the organisation’s business processes.
12. Revised requirements – Documented
information (7.5)
• OHSAS 18001 requirements for documentation and records are
largely transferred to section 7.5, with revisions.
• Sub clause7.5 is further divided into three parts:
• 7.5.1 General
• 7.5.2 Creating and updating
• 7.5.3 Control of documented Information
• The significant change is use of the term “documented information”
not “documents and records” as is the case in OHSAS 18001.
Documented information includes processed information held for
example on smartphones, tablets etc.
13. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Introduction Introduction
Scope 1 1 Scope
Normative references 2 2 Normative references
Terms and definitions 3 3 Terms and definitions
Context of the organization (title
only)
4
4 OH&S management system
Requirements (title only)
14. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Understanding the organization
and its context
4.1
Understanding the needs and
expectations of interested
parties
4.2
Determining the scope of the
OH&S management
System
4.3 4.1 General requirements
OH&S management system 4.4 4.1 General requirements
15. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Leadership (title only) 5
Leadership and commitment 5.1
OH&S policy 5.2 4.2 OH&S policy
Organizational roles, responsibilities
and authorities
5.3 4.4.1 Resources, roles, responsibility and
authority
16. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Actions to address risks and
opportunities (title only)
6.1
General 6.1.1
Hazard identification, risk
assessment and
determining controls
6.1.2 4.3.1 Hazard identification, risk
assessment and
determining controls
Compliance obligations 6.1.3 4.3.2 Legal and other requirements
Planning action 6.1.4
17. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
OH&S objectives and planning to
achieve
them (title only)
6.2
4.3.3
Objectives, targets and
programme(s)OH&S objectives 6.2.1
Planning actions to achieve OH&S
objectives
6.2.2
18. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Support (title only) 7 4.4 Implementation and operation (title
only)
Resources 7.1 4.4.1 Resources, roles, responsibility and
authority
Competence 7.2
4.2.2
Competence, training and
awarenessAwareness 7.3
19. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Communication (title only) 7.4 4.4.3 Communication
General 7.4.1
Internal communication 7.4.2
External communication 7.4.3
20. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Documented information (title only) 7.5 4.4.4 Documentation
General 7.5.1
Creating and updating 7.5.2 4.4.5 Control of documents
4.5.4 Control of records
Control of documented information 7.5.3 4.4.5 Control of documents
4.5.4 Control of records
21. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Operation (title only) 8 4.4 Implementation and operation (title
only)
Operational planning and control 8.1 4.4.6 Operational control
Emergency preparedness and
response
8.2 4.4.7 Emergency preparedness and
response
22. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Performance evaluation (title only) 9 4.5 Checking (title only)
Monitoring, measurement, analysis
and evaluation (title only)
9.1 4.5.1 Monitoring and measurement
General 9.1.1
Evaluation of compliance 9.1.2 4.5.2 Evaluation of compliance
Internal audit (title only) 9.2 4.5.5 Internal audit
General 9.2.1
Internal audit programme 9.2.2
23. Correspondence between standards
ISO 45001 BS OHSAS 18001
Clause title Clause number Clause number Clause title
Management review 9.3 4.6 Management review
Improvement (title only) 10 4.5.3 Nonconformity, corrective action
and preventive action
General 10.1
Nonconformity and corrective action 10.2
Continual improvement 10.3