ISO 45001 Occupational Health and Safety Management System

Background

The ISO 45001 Occupational Health and Safety Management System was developed to respond to customer demand for a recognizable occupational health and safety management system standard against which their management system could be assessed and verified.

ISO 45001 Occupational Health and Safety Management was developed to be compatible with ISO 9001:2015 (Quality) and ISO 14001:2018 (Environmental) management systems standards in order to facilitate the integration of quality, environmental and occupational health and safety management systems by organizations if they wish to do so.

Organizations are increasingly concerned with achieving and demonstrating sound occupational health and safety (OH&S) performance by controlling their OH&S risks consistent with their policy and objectives. They do so in the context of increasingly stringent legislation, the development of policies and other measures that foster good OH&S practices. The advantages of an effective OHSAS management system include:

• Provides a structured approach for managing OH&S
• Establishes and maintains a commitment to occupational health and safety
• Demonstrates strong commitment to safety excellence
• Organisational structures in place with clear roles and responsibilities
• Existence of a continuous improvement culture
• Strong levels of trust and communication
• Reduction in incident levels with increased measures of performance.
• Contributes to business performance by reducing cost and liabilities.

OHSAS ensures a consistency of approach which as a minimum ensures compliance.

Benefits of Implementing ISO 45001 Occupational Health & Safety Management System

Organizations certified to the Standard report a range of benefits, including:

• A reduction in lost working days
• Fewer workplace accidents
• Fewer medical claims
• Recognition by insurers and regulators
• A more disciplined approach to safety
• Improved employee motivation, retention and satisfaction
• Reduced legal costs
• Less time and money spent on accident-related investigation and paperwork.

Fundamental Elements of ISO 45001 Occupational Health & Safety Management System

Occupational Health and Safety is based on the following three aspects:

• Hazard identification: this involves recognizing a hazard exists(the situation or source which has the potential to cause harm in terms of ill health or human injury)
• Risk Assessment: this involves evaluating the risk arising from the hazard(a combination of the likelihood of a hazardous event or exposure and the severity of injury or ill health that can be caused by the event of exposure)
• Determination of applicable controls: measures relevant to eliminate or reduce risk to an acceptable level. Measures are based on the hierarchy of control measures

It is vital for organizations to handle these aspects with greater significance in order to achieve an effective health and safety system. The aspects above are the foundation for implementing ISO 45001 Occupational Health and Safety Management. Theoretically they are considered a part of the Plan step in the PDCA cycle, however most auditors agree that these aspects should be dealt with before designing the system as a whole.

The ISO 45001 Occupational Health and Safety standard uses the management approach tool which is called the PDCA (Plan – Do – Check – Act) cycle. The PDCA is an on-going process which allows organizations to establish, implement and maintain its health and safety policy based on top management leadership and commitment to the safety management system. It consists of the following steps:

PDCA model applied to ISO 45001 Occupational Health and Safety Management

Plan

Establish the objectives and processes necessary to deliver results in accordance with the organisation’s OH&S policy

Do

Implement the process

Check

Monitor and measure performance against OH&S policy, objectives, legal and other requirements, and report results

Act

Take actions to continually improve OH&S performance

The standard can be implemented to your whole organization or to just a part of it. In order to achieve the best results the whole organization has to work on the same system and OH&S policy is integrated into other management systems and into the culture of the organization.

Plan

In the planning stage the organization has to:

• Devise an OH&S policy
• Plan for hazard identification, risk assessment and determination of controls
• Identify relevant legal requirements
• Plan for emergencies and responses
• Manage change effectively
• Devise procedures for performance measuring, monitoring and improvement
• Provide and ensure the appropriate use of safety equipment
• Train in order to introduce an OH&S culture and establish the importance of organization’s safety statement, policies and objectives
• Consult employees and communicate

The management has to be consulted firstly in order for them to feel confident in supporting the new system and constantly driving it forward. The workforce then has to be consulted as the lower level employees have valuable insight, ideas and feedback about the new system. As they are the ones going to be most affected by the change, it is logical to ensure they believe and understand the need for change. If this is not realised it could result in too much resistance

Do

A lead senior manager should be in charge of the new OH&S system in order to ensure smooth implementation and at the same time there should be a person that looks after that part of the system or ‘owner’ of each element of the process. This ensures the appropriate structure at your organization and effectively minimizes risk.
The implementation should be started by breaking the system down into specific elements instead of tackling it as a whole. A solid foundation for the whole system to work effectively is created by concentrating on specific elements in a logical order.
Another important aspect of health and safety is having employees do jobs that suit their competencies. A matrix should be created to show all groups of personnel, their required competencies, training and status of each. These formal procedures should instil the required awareness within your organization.

Check

This step consists of the following:

• Conducting internal audits
• Evaluation of legal compliance
• Identifying non-conformities and addressing them
• Thorough analysis of incidents and incidental data
• Measuring performance and monitoring

If an internal audit is not conducted periodically it will probably result in the breakdown of the system as a whole. Where there is no control it often happens that risks tend to arise especially quickly.

Corrective actions should be used to instantly tackle any arising non-conformities. As well as dealing with non-conformities it is crucial that your organization implements preventative action where any possible emergencies should be identified and relevant response procedures should be developed.

It is important to strike a balance between being overly bureaucratic and overly light on certain elements of the system when devising controls and measuring performance. The OHSAS 18001 Occupational Health and Safety Management Specification is not supposed to hinder the performance of your organization but improve it.

Act

The management review is the final step, it is a vital part of the continuous improvement process and so the standard itself outlines what should be included in such a review.

The senior management carry out the management review and this involves reviewing the suitability, adequacy and effectiveness of the system. It should also include assessing opportunities for improvement and the necessity to change the OH&S policy and the OH&S objectives. If changes are needed, the necessary resources for implementing them should also be provided by the senior management. Providing resources is a way of showing commitment to the new health and safety system.

Key Steps to Getting Certified for ISO 45001 Occupational Health & Safety Management System

In order to get certified for ISO 45001 Occupational Health and Safety Management there are a number of steps involved:

Applying

The first step involves the application for certification

Gap Assessment

This is where:

• An on-site analysis of your current system is conducted
• This will then be assessed against the standard
• A report is then prepared to highlight the gaps between your current system and the standard

The gap assessment is optional and is not required for the certification process.

Preliminary Assessment – Stage 1

Your documentation has to be inspected and various areas have to be reviewed including:

• The proposed scope of your registration
• The status of implementation of your management system
• The appropriate regulatory and legal requirements
• Your management policies and objectives
• Whether the system addresses the key areas of your business
• Your site-specific activities – top level process review
• Your key management elements, e.g. internal audits, reviews and complaints procedures
• Your readiness to move onto Stage 2 of the assessment, the Registration Assessment

There should be a period of several weeks between preliminary assessment and registration assessment so that any issues can be sorted in relation to the preliminary assessment. If there are major non-conformities a second preliminary assessment will have to be carried out.

Registration Assessment – Stage 2

This involves a full review of your management system in order to confirm that your management system is controlled. When the registration assessment is complete a notified body issues a detailed report along with the outcome which recommends registration or not. If any issues arise during the assessment you will be expected to submit an action plan which should describe what changes are to be made to the management system in order to reduce or eliminate the risk of the same issues occurring again.

Surveillance and Re-assessment

A notified body visits each company at least once a year to make sure the management system is being maintained and that it is achieving it’s expected outcomes. A part of the management system is reviewed in depth during each visit.

There is an expiry date on the certificate and the certificate expires every three years. Before the expiry date occurs a detailed assessment of the whole management system is undertaken to ensure every element of the system is performing satisfactorily and the results of the previous visits are taken into account.

During the registration period, changes are inevitable. In order to make sure the management system remains sound the notified body works with each registered organization. Usually, change can be reviewed and assessed during routine surveillance visits. The notified body reserves the right to suspend or revoke certification in cases where change leads to the breakdown of the system.

Implementing ISO Systems

The steps in the implementation of an ISO system are as follows:

• Gap Analysis Audit
• Project Planning
• Implementation
• Full Systems Audit
• Certification

We are also acutely aware that many of its customers are often under tight deadlines for the implementation and certification of management systems, a problem that is often exacerbated by the difficulties in releasing staff members from the day to day needs of the organisation to work on this type of project. Therefore in order to meet the requirements of our clients we provide the following services:

Turn-Key Implementation:

We can provide a complete turn-key system, whereby we will undertake every aspect of the implementation specifically the preparation of the manuals, procedures, work instructions & forms for each process owner.

Dedicated Personnel:

We will provide a dedicated consultant to the project who will remain solely with the project for the duration of the implementation and will provide a contact/reference point for all members of the organisation. Should the project be of such a scale where additional consultation is required, this can be catered for at a moments notice. In addition we will also provide further specialist consultation in specific areas such as waste management, energy reduction etc.

Project Management:

At the outset of any project we will provide a complete project plan outlining each deliverable and its respective target date in order to ensure the project is brought in on time and within budget. The project plan will be forwarded on a weekly basis to the organisation for review.

Staff Timeline Plan:

In order to allow for changes in our clients workload, at the outset of each project we will provide a project plan outlining which of the clients staff will be required, when and for how long in order to implement a system. This plan is flexible but it allows the client to plan from the outset the requirements placed on the organisation.

Paperless Systems:

Both the Quality and Environmental systems can be designed and implemented in a completely electronic format this in turn will reduce hard copy paperwork which benefits the environment and increases personal efficiency within the organisation.

Certification Management:

We maintain strong links with largest and most recognised certification bodies presently operating in Ireland. We will arrange and manage all aspects of the certification process including quotation, time tabling & leading the audit with any certification body the organisation sees fit to use. The above are just some of the practical benefits provided by us over the course of each and every implementation of a Management System.

Maintenance of ISO Systems

By using an outside company to maintain your ISO systems, the following benefits can be achieved:

• The organisation is always in a state of audit readiness and will be in a position to receive customer audits at a moment’s notice.
• An individual from the organisation does not have to be responsible for the day to day maintenance of the system which thus ensures the organisations staff is free to concentrate on the core aspects of their jobs.
• In using an outside company to maintain & review systems, the organisation gets the benefit of an independent and unbiased review of its operations.

Each certified Management System contains a number of mandatory elements such as which must be reviewed on an ongoing basis as a requirement of the Management System such as:

• Internal System Audits
• Management Reviews
• Legislation Reviews
• Improvement Plans
• System Policies
• Corrective & Preventive Actions

Each maintenance contract is tailor made through discussion with the client to ensure the organisations requirements and needs are being met whilst also striving to offer constructive opportunities for improvement to the organisation should they arise.

The above elements will all be covered as a minimum of any maintenance contract.

Integrating ISO Systems

By integrating Management Systems the organisation will achieve the following benefits:

• A reduction in the number of auditing days required per annum by the certification body, as all certified systems will be audited at the same time. This should provide a significant cost saving.
• A reduction in the number of maintenance days required by the organisation, as both systems will be reviewed at the same time. This again should provide a significant cost saving.
• As both systems will be integrated, those similar elements of each system will only will only be actioned once which will reduce the number of installation consulting days and again provide a significant cost saving.
• With the integration of the systems there will be no paperwork repetition which in-turn will ensure the organisations staff are always focused on value added tasks.

The ISO:9001 Quality Management System, ISO:14001 Environmental Management System, ISO:50001 Energy Management System and the ISO:45001 Occupational Health & Safety System have been written as complimentary systems, meaning each system can be easily combined with another to form one simple to manage system.

System integration is simple solution to providing cost savings to the organisation and achieving enhanced benefits from your Management Systems.