Informa Markets

Author Bio ▼

Safety and Health Practitioner (SHP) is first for independent health and safety news.
October 1, 2014

Get the SHP newsletter

Daily health and safety news, job alerts and resources

ISO 45001

ISO 45001 occupational health and safety: Everything you need to know about the new standard

SHP asked Richard Green to explain the new health and safety standard, ISO 45001 and it means for occupational health and safety (OH&S) professionals and auditors.

Richard Green is head of technical services at IRCA, the leading professional body for management system auditors, which represents auditors in over 120 countries. He is a current serving member of the UK committee responsible for the preparation, review and amendment of British standards relating to OH&S, including ISO 45001.

Where has ISO 45001 come from?

ISO 45001 will replace BS OHSAS 18001 as the definitive occupational health and safety management system standard.

OHSAS 18001 was first published in 1999 to fill a gap where there was no international standard for OH&S. In recent years there has been a rapid increase in the use of OHSAS 18001 and recent surveys report that approximately 90,000 OH&S certifications have been awarded in over 127 countries.

In 2013, ISO approved the creation of a new project committee to transform OHSAS 18001 into an ISO standard, ISO 45001.

What’s the timeline for its development?

Development of all ISO management system standards follows an established process and sequence: working draft (WD), committee draft (CD), draft international standard (DIS), final draft (FDIS) followed by the standard’s publication.

The committee draft of ISO 45001 (ISO/CD 45001) was published in July for comment and ballot. Following feedback from the committee draft, we are expecting the DIS in April 2015. The FDIS should be published in June 2016, followed by the final ISO 45001 standard in October 2016.

These timings are only a rough guide, however. They can change depending on the amount of comments received.

What are the main changes from OHSAS 18001?

The stated purpose of ISO 45001 is “to enable an organisation to proactively improve its OH&S performance in preventing injury and ill-health”, whereas the purpose of OHSAS 18001 is “to enable an organisation to control its OH&S risks and improve its OH&S performance”. Some will argue that this puts more emphasis on seeking continual improvement, not only by addressing OH&S risks but also through other initiatives like health, education and training. Others may argue that this simply clarifies previous intent.

Familiar concepts and requirements in ISO 45001 include application of the Plan-Do-Check-Act model, setting policy, setting objectives, carrying out internal audits and management review. In many cases the current requirements have been carried over from OHSAS 18001.

ISO/CD 45001 does place more emphasis on risk management and ongoing assessment of risks and opportunities to prevent, or reduce, undesired effects. There is also a strengthening of the requirement to demonstrate and understand compliance status at all times.

One of the newer areas that ISO 45001 will focus on is the organisation’s ‘context’ (e.g. the environment in which it operates, including its supply chain and local communities). What evidence will auditors be seeking to establish satisfactory management in this area?

At the highest level there is no change in that the audit evidence assembled must provide objective evidence that the standard’s requirements are being met. It’s when we move into the detail that things get a little more interesting. In ISO 45001, context is defined by clauses 4.1 and 4.2.

Clause 4.1 requires the organisation to determine the external and internal issues that are relevant to its purpose and objectives, and that affect its ability to achieve the intended outcomes of its OH&S management system.

Clause 4.2 requires the organisation to determine the interested parties (stakeholders) that are relevant to its OH&S management system and the relevant interests of these interested parties.

The auditor must confirm that the organisation has determined both its internal and external issues, the relevant interests of interested parties and that it has considered the resultant information when determining the scope of its OH&S management system.

The standard does not prescribe a methodology for determining these things, nor does it specify what the outcome from the exercise should look like. What matters to the auditor is that the organisation can prove it has completed this task.

The auditor then needs to consider whether the result the organisation has arrived at is an appropriate reflection of their context.

This is where things could get interesting. For example, the auditor might believe that the organisation has not identified its internal and external issues correctly, and in order to challenge the organisation over context, the auditor will need to have a thorough and contemporary understanding of the sector in which the organisation operates, as well as its mode of operation. This means that in future, auditors will require a much higher level of research and planning before conducting audits.

Because the issues an organisation faces and the interests of relevant interested parties change through time, I would expect to see evidence that the organisation is revisiting its context periodically to ensure it remains up to date.

What about leadership?

The challenges around auditing leadership are different. The standard is clear in terms of what top management needs to do to evidence its commitment to the occupational health and safety management system.

Because these requirements are clear the auditor might assume it will be straightforward to assess these. But the challenge going forward is that organisations will have much greater freedom in how they wish to structure their systems and record evidence of compliance.

The OH&S manual, procedures and records have all been replaced by ‘documented information’, which can take almost any form and format that the organisation chooses.

As a result, the auditor is likely to be faced in the future with a wide variety of electronic and paper-based evidence sources which they will then need to interpret in order to determine compliance or otherwise. This may mean certain auditors will need to improve both their IT and analytical skills.

The second challenge for auditors is an interpersonal one. Top management means those at the highest level of the organisation such as the CEO and board – not the OH&S manager. As there are requirements now that cannot be delegated, top management will need to become accustomed to being audited and auditors will need to become accustomed to auditing them.

Not all auditors will feel comfortable with this. Indeed, in some cultures the notion of challenging top management is completely alien. Auditors will need to learn to speak the language of the boardroom, and be able to converse with top management over context, objectives, strategy and risk. IRCA recognises that some may struggle to make this step up, which is why we are mandating transition training for auditors who will be impacted by the release of ISO 45001.

What is IRCA’s involvement with this health and safety standard?

IRCA runs an OH&S certification scheme for individual auditors, and also certifies OH&S auditor training courses run by external training providers.

Our individual auditor scheme is based on OHSAS 18001 and tests individuals’ ability to audit against this standard.

We have seen growing demand for our OH&S auditor training courses, which are based on OHSAS 18001. All of our training providers will need to revise their courses when ISO 45001 is released.

What are IRCA’s plans for updating and testing auditor competence for auditing to the new ISO 45001 standard?

Whenever a standard changes the first step is for IRCA to fully assess the revised requirements. This allows us to make an informed judgement as to whether auditors simply need to acquire new knowledge or whether they must also acquire new skills.

If we conclude that new knowledge alone is sufficient, then we would typically require the auditor to undertake a prescribed amount of continuous professional development (CPD).

In those instances where the changes are more significant, however, requiring the auditor to also improve their existing skills and expertise, we will mandate transition training. In these instances, registered auditors are required to attend an IRCA-approved transition training course within a prescribed period of time in order to maintain their registrations.

Although we won’t see the final version of ISO 45001:2016 for some time we can already say with certainty that this revision will be significant. It will require auditors to use new evidence sources, to understand and assess organisational context and to be comfortable with challenging top management. It will also require changes to be made to the way audits are planned, conducted and reported.

As a result, we have decided to mandate a 1.5-day transition training course for all IRCA OH&S management system auditors. The details of this will not be finalized until the contents of the FDIS are known – expected in mid-2016.

At FDIS stage, we will also revise our core OH&S auditor training courses, along with our associated examination papers.

What does the new standard mean for organisations and OH&S professionals?

By the time ISO 45001 is published in 2016 the new concepts will, for many organisations and individuals, be tried and tested because they also appear in the updated quality management system (ISO 9001) and environmental management system (ISO 14001) standards due to be released in 2015.

Organisations operating quality, environment and OH&S management systems will have a unique opportunity to align and integrate these three, if they wish.

Organisations and OH&S professionals should be aware that at this committee draft stage, technical changes may still occur. I would therefore recommend that while you can make preparations, significant changes shouldn’t be implemented until the final draft international standard is issued.

For more information visit

Navigating the future: EHS workforce and training in a new era of tech

In the first of a new mini-series, Scott Gaddis at Intelex looks at the challenges and opportunities in 2024 for EHS professionals, beginning with training and technology.

Your Chance to Put Your ISO 45001 Questions to the Experts

Join experts from LRQA and ISO/TC 283 for this special webinar on all things ISO 45001. This will be an open forum that will give you the chance to ask questions, hear the discussion and get practical guidance to help you improve your management system as well as the health, safety, and wellbeing of the people in your organisation.

Arco clothing centre receives ISO 45001 certification

Arco’s UK clothing centre has been awarded the British Standards Institution (BSI) certification for its health and safety management system.

Toolkit Helps You Take First Steps to ISO 45001 Certification

Discover how ISO 45001 OHS management system certification can help keep your people safe and healthy with a carefully curated collection of guides and tools from leading assurance provider, LRQA.

Five-Star Audit, Sword of Honour and Globe of Honour Awards, How does it work? SHP meets British Safety Council’s David Parr

The British Safety Council’s Five Star Occupational Health and Safety Audit has been revised and updated for 2021. It now places greater emphasis on assessing how effectively an organisation manages the combined risks to workers’ health and wellbeing, as well as business resilience and recovery.

Does your health and safety management system meet the requirements of ISO 45001?

If you’re looking to achieve ISO 45001 certification, a self-assessment will help you identify the areas to focus on.

ISO 45001 – Risks and opportunities with workplace safety

David Goodfellow, UK Business Assurance Manager at TÜV SÜD talks about the transition to ISO 45001, which replaces OHSAS 18001 from 31 March 2021.

Does ISO 45001 support a strong safety culture?

Getting the support of senior management and leadership is key to creating a strong safety culture, according to a representative from the British Standards Institution (BSI).

‘Natural progression’ for organisations migrating to ISO 45001, says British Safety Council

The advent of the ISO 45001 global standard for occupational health and safety management has led to new organisations coming forward to apply for certification, according to the British Safety Council.

Work Matta will return to Safety & Health Expo 2019

Work Matta, the floor safety company will return to Safety & Health Expo 2019 to demonstrate its new range liquid-hazard locations.

How to achieve global ISO 45001 certification

In 2019, Fujitsu was awarded ISO 45001 from Bureau Veritas. In this case study article, Fujitsu and Make Business tell the story of the achievement.

ISO Consultancy and certification firm to exhibit at Safety & Health Expo 2019

IMSM will be at Safety & Heath Expo 2019 demonstrating to visitors how it can support their company in gaining an ISO certificate.

5 ways the OHSAS migration to ISO 45001 can improve office health and safety

Organisations have until 11 March 2021 to migrate from OHSAS 18001 to ISO 45001. As the deadline for migration draws nearer, more and more organisations are beginning to wonder what the migration means for them, and what benefits it will bring.

Businesses urged to sign up for ISO 45001 standard

IOSH has urged companies to get the ISO 45001 standard, a year after it was first introduced.

Safety trends: How to capitalise in your organisation

SHP caught up with Pamala Bobbitt, VP Product Marketing at Cority to discuss some of the major safety trends and concerns practitioners may be facing over the coming months.

Manufacturing electroless nickel plating: The safety challenges involved

With over 40 years’ experience specialising in the electroless nickel plating process, NiTEC has developed a comprehensive range of metal finishing processes and techniques.

Recycling business awarded ISO 45001 certification

A family-run business, Casepak, is one of the first-ever recycling firms to have been awarded the new ISO 45001 certification.

Safety & Health Expo eBook – trends and highlights from the 2018 seminars

The Safety & Health eBook rounds-up some of the insights and highlights of Safety & Health Expo 2018.

Creating a positive safety culture

How can organisations measure health and safety culture?

ISO 45001 seminar

ACT Associates is hosting a seminar on Tuesday 13 November, providing an insight into ISO 45001.

Practical benefits from Health and Safety Standard accreditation

Earlier this year OHSAS Standard 18001 was replaced by the European Standard ISO 45001. Neither of these standards are legal necessities, so what are the benefits of complying with them, above and beyond the statutory requirements? And what does it take to obtain accreditation?

Related Topics

Notify of

Newest Most Voted
Inline Feedbacks
View all comments
9 years ago

Hi there, I have been looking at ISO 45001 and tried to find sources that could explain to me points 4.1 and 4.2 in practice. I come across commentators and experts who just repeat what is written in the Annex SL itself but what I would hope to see is how can one implement this in practice. Example an easy to understand with practical examples guidance document to show what is meant by these points and how to what to implement in order to comply with these points. I think that its in ISO’s own interest to ensure the implementation… Read more »

The Best Components For A Qm System In Your Business – Modern Management Communications
7 years ago

[…] For the original version including any supplementary images or video, visit […]