Transitioning from OHSAS 18001 to ISO 45001
The publication of the 2015 versions of ISO 9001 and ISO 14001 was touted as pivotal in the history of these management systems due to the changes in content and structure. The adoption of the Annex SL framework and introduction of risk-based thinking, among other changes, led Management Representatives and management standard practitioners scrambling to understand the implications of the revisions to their own management systems. As the dust begins to settle, certified organizations ask with b
ated breath, “What’s next?”.
They do not have to wait long as a new standard bound to have big repercussions on their management system is in the works. ISO 45001 shall be ISO’s version of the popular British standard for occupational health and safety – OHSAS 18001. The creation of ISO 45001 can only be described as timely as many organizations around the world have integrated OHSAS 18001 in their management systems. Changes in both ISO 9001 and ISO 14001 can only entail aligning the OH&S management system as well. The development of ISO 45001 makes this alignment as painless as possible while ensuring that the important elements of the reference standard are retained.
The development of ISO 45001 started in 2013 with the creation of the ISO Project Committee 283 that was tasked to re-examine OHSAS 18001 and convert it into an ISO standard. Incidentally, the secretariat was assigned to the BSI Group – UK’s national standards body that also provided the secretariat for OHSAS 18001.
ISO 45001 is expected to reach completion with the expected publication of the final version in October 2016. Based on the draft versions of the new standard, much of the original content of OHSAS 18001 shall be retained such as:
- Proactive attitude towards the prevention of injury and ill-health
- Setting of OH&S policy and objectives
- Internal audits and management reviews
- Following a hierarchy of controls in reducing OH&S risks
There are, however, some new content and enhanced requirements as ISO 45001 followed in the tracks of ISO 9001 and 14001 in adopting the framework described in Annex SL. Some of these, as seen in the draft versions, are as follows:
- In keeping with the Annex SL framework, ISO 45001 shall require determination of external and internal issues as relevant to the organization’s OH&S management system such as: political, sociocultural, environmental, legal, technological and economic issues (i.e. external); and organizational culture, governance, and structure (i.e. internal).
- References to preventive action have been removed, to be replaced with other clauses that serve to manage the organization’s risks such as: (1) understanding the organization’s internal and external issues; (2) planning actions to address risks and opportunities; (3) commitment to satisfy applicable legal requirements and other requirements; and (4) emergency preparedness and response.
- Continual improvement, while described in OHSAS 18001 as a result of interaction of OH&S elements, was given more emphasis in ISO 45001 where it was given a specific clause. Contents of the clause, however, are more or less the same as in OHSAS 18001.
- In understanding the needs and expectations of workers and other interested parties, ISO 45001 includes a subclause where the organization shall determine which of these needs and expectations are to become obligatory requirements and which are to be mere voluntary commitments.
- ISO 45001 shall require that outsourced processes affecting the OHSMS are controlled and that performance indicators are used to monitor performance. This further expands the OHSAS 18001 requirements for contracted services that focus mainly on communication of OH&S policies and procedures, fulfillment of OH&S obligations, competency and awareness, etc.
- Commitment to the OHSMS by top management is given more emphasis in ISO 45001 such that direct participation (i.e. cannot be delegated) is required of them in: (1) taking overall responsibility in the worker’s health and safety; (2) ensuring that OH&S policies and objectives are aligned with the organization’s strategies; (3) integration of OH&S in the organization’s processes; (4) ensuring attainment of OHSMS intended outcomes; etc.
- Use of the term “documented information” to include electronic data such as those processed and stored on electronic equipment and devices (e.g. smartphones and tablets).
Change, as they say, can be wrought with dread and anxiety but organizations can heave a collective sigh of relief with ISO’s decision to create its own standard for occupational health and safety. As much as transitioning to the new standard involves hard work, organizations can rest assured that they shall be managing their organization’s OH&S risks better upon adopting the new standard.