New OH&S Standard published on March 15th
The new Standard was published on March 15th, 2018, after a long gestation period (the initial Work Proposal for the Standard was issued in June 2013). Thankfully, for those of us involved in implementing and maintaining an Occupational Health & Safety Management System (OHSMS) there are few surprises.
The High-Level Structure (HLS) that now applies to all new ISO Management System Standards has been used here. Many of the requirements, phrases and wording that we have become accustomed to in ISO 9001 and ISO 14001 (and elsewhere) are to be found here also.
This will greatly facilitate those who wish to combine ISO 14001 and ISO 45001 requirements into a single management system. In particular, it facilitates a single internal audit programme being developed to audit against both Standards simultaneously.
No Transition Period
As ISO 45001 is a new Standard, there is no official ISO 45001:2018 Transition Period. If you are currently certified to OHSAS 18001, you can migrate to the new Standard whenever you wish. Most will choose to changeover at the end of their current 3-year contract with their Certification Body.
The new Standard is very similar in content to OHSAS 18001 (see below). Therefore, there is no justification for a significant once-off or for an on-going increase in fees in changing to ISO 45001.
A few new requirements
There are a few new requirements as compared to OHSAS 18001. These mostly arise from the adoption of the HLS. They are:
4.1 Understanding your organisation and its’ context: This new concept relates to the factors and conditions affecting organisational operation e.g. regulation, governance and stakeholders. What drives the culture and requirements of your organisation relating to OH&S.?
4.2 Understanding the needs and expectations of interested parties: Consider who the interested parties might be and what their relevant interests might be, e.g. workers, customers, shareholders, board members, competitors and regulators.
There may be consequential risks and opportunities that will need to be addressed. There may be documents and records that need to be included in your OHSMS so as to meet these needs and expectations
8.1.2 Eliminating hazards and reducing OH&S risks: The standard specifies a hierarchy of controls in order of preference regarding risk management principles.
8.1.3 Management of change: Planned changes of the operation, e.g. working conditions, equipment, workforce and changes to legal requirements, will have to take cognisance of known and potential OH&S hazards and risks.
220.127.116.11 Procurement: Requires the procurement of product and services to conform with OH&S management system requirements.
18.104.22.168 Contractors: Establishes controls and communication requirements regarding contractor’s worker activities, as well as the host company’s worker activities. Consideration must be given to the competence and other requirements for contractor workers in relation to OH&S criteria.
22.214.171.124 Outsourcing: Specifically strengthens the OHSAS 18001 requirements in relation to outsourced processes.
Few new terms and definitions
There are no significant changes in definitions as compared to OHSAS 18001.
Changes to Clause on Incident, nonconformity and corrective action
The changes here in Clause 10.2 are noteworthy.
The phrase preventative action has been dropped, as it has in all Standards based on the HLS. Actions to address OH&S risks and opportunities plus action taken under corrective actions will achieve equivalent results.
Direct action (think ‘correction’) must be taken in a timely manner to control the incident or nonconformity and deal with the consequences.
Root cause analysis is the key to progressive improvement and is a specified requirement here. It requires the organisation to determine what cause(s) has been identified for the incident or nonconformity, what can be actioned to address the cause, review any risk assessments or establish a new assessment, as required, before implementing a corrective action.
When corrective action has been completed (and effectiveness verified), the organisation can move on to consider whether any further action is required to prevent a similar incident or nonconformity occurring in future. The principles of risk assessment and risk reduction will apply.
If you have not already done so, get a copy of the Standard and have a good read. Note that the Standard includes an Annex of Guidance to implementing and maintaining an OHSMS in compliance with ISO 45001 – so a careful read is essential, especially for providers of OHSMS consulting services.
If you want to get a legitimate copy at a bargain price, we suggest purchasing your copy from the Estonian Standards Organization. You’ll find there Shop here.