Everything You Need to Know About ISO 45001:2018
A safety management system based on ISO 45001:2018 and supported by digital
applications is a critical part of creating a safe and compliant organization.
What is ISO 45001:2018?
ISO 45001:2018 is an international standard for helping organizations create a safety management system that protects workers from harm and promotes a risk-based safety culture that engages everyone from leadership down to the front line. In many industries, ISO 45001:2018 certification is a mandatory part of working with customers or bidding on proposals.
Prevent Incidents and Injuries
A digital safety management system based on ISO 45001 can help you collect and manage data for producing leading indicators that prevent incidents before they happen.
Support a Strong Safety Culture
ISO 45001:2018 can help you create an engaged workforce that values safety and proactively looks for continuous improvement opportunities.
Demonstrate a Commitment to Safety
Certifying to ISO 45001:2018 demonstrates to customers that you take the safety of your workers seriously and that you are a responsible, reliable business partner.
Create an Integrated Approach to EHSQ
ISO 45001:2018 features the same High-Level Structure common to ISO 9001:2015, ISO 14001:2015 and others to help facilitate a better understanding of multiple management systems.
ISO 45001 vs OHSAS 18001: Which Standard Should I Use?
ISO 45001:2018 was introduced to replace the existing OHSAS 18001 standard for occupational health and safety. Organizations certified to OHSAS 18001 had three years, starting from March 2018, to transition to ISO 45001:2018. That period was extended to September 2021 to accommodate the COVID-19 pandemic. Organizations must now have transitioned to ISO 45001:2018. Certifications for OHSAS 18001 are no longer recognized.
How is ISO 45001:2018 Different from OHSAS 18001?
ISO 45001:2018 has several new sections that were not present in OHSAS 18001.
What Are Some Important Elements of ISO 45001:2018?
There are several important elements of ISO 45001:2018 that make it a valuable resource for a safety management system.
High-Level Structure
ISO 45001:2018 features the High-Level Structure common to other management system standards from ISO, including ISO 9001:2015, ISO 14001:2015 and ISO 27001:2013. The high-level structure facilitates integration of multiple management systems to meet customer and compliance requirements more easily. The high-level structure is as follows:
- Scope
- Normative references
- Terms and definitions
- Context of the organization
- Leadership
- Planning
- Support
- Operation
- Performance evaluation
- Improvement
Leadership Participation and Responsibilities
ISOS 45001:2018 has a clear focus on the role of leadership in demonstrating and communicating its commitment to the management system. Leadership is responsible for ensuring the continual improvement of the management system and for creating a safety culture that supports it.
Risk-Based Thinking
ISO 45001:2018 integrates risk-based thinking throughout. Risk-based thinking requires an organization to anticipate and prevent hazards instead of simply responding to them after they’ve happened. This involves identifying potential hazards relating to work areas, processes, equipment, operating procedures and training. Risk-based thinking also requires that organizations determine risks related to hazards and that they view risk as the potential to identify areas of continual improvement to the safety management system.
New Flexibility for Documentation
ISO 45001:2018 provides an approach to documentation that is similar to that of ISO 9001:2015 and ISO 14001:2015. The previous distinction between documents and records has been revised as documented information. This revision gives organizations the flexibility to determine the documentation methods that work best for them while maintaining the requirements for control.
Emphasis on Process and PDCA
Plan-Do-Check-Act (PDCA) is a process-based approach to achieving continuous improvement across the organization. It is applied to all the ISO management system standards, including ISO 45001:2018. PDCA is as follows:
Plan
- Determine and assess all risks and opportunities that relate to OH&S.
- Establish OH&S objectives and processes required to deliver results that meet organizational goals.
Do
- Implement the OH&S processes determined in the planning stage.
Check
- Monitor, measure and report OH&S processes in relation to policy and objectives.
Act
- Ensure continuous improvement of OH&S activities to achieve defined organizational objectives.
How Does Software Support ISO 45001:2018?
With complex workplaces in a globalized marketplace becoming increasingly common, it’s critical for organizations to have digital applications that support an ISO 45001:2018 safety management system.
The goal of a modern safety management system is to prevent incidents from happening. The key to achieving this goal is to have a continuous flow of observations data from frontline workers into the digital applications to provide leading indicators. The information derived from these leading indicators is then communicated back to the frontline workers to enhance their situational awareness and prevent incidents from occurring. Digital applications that support this data-based approach are critical to its success.
While the specific applications will be unique for each organization, there are some essential components that will form the core of the digital safety management system.
Inspection Management
Inspection Management provides oversight of completed and in-progress inspections across the organization. It records nonconformance findings and provides a reference for corrective actions. The application can automatically trigger tasks to address nonconformances to ensure everyone is accountable for implementing actions that prevent incidents.
Audit Management
Audit Management provides a detailed structure for audit activity and data. It creates consistent procedures for audits and ensures responsibility for due dates, findings, action plans and corrective actions. Analyzing trends and patterns can help to identify at-risk areas and provide corrective actions before they become incidents.
Training Management
Training Management supports training for unlimited user groups based on job titles, roles, departments or locations. It can provide training in SCORM format, track the results and identify training gaps that need to be addressed. Training Management provides dynamic data visualization for training data to help ensure every worker understands the risks related to their tasks.
Job Safety Analysis
Job Safety Analysis helps you understand the risk and potential for incidents before workers begin their tasks. Users can organize risks into categories such as Acceptable, Acceptable with Mitigation or Unacceptable to ensure everyone involved with the task has the required training. A configurable risk matrix measures the probability and severity of potential safety threats.
Safety Observations Management
Safety Observations Management gives frontline workers a mobile application that collects observation data and helps to identify leading indicators. Forms can be out-of-the-box or customized to ensure workers capture all important information. Once observations are logged, safety managers can assign corrective and preventative actions (CAPA) or training to mitigate risks.
Behavior Based Safety
Behavior Based Safety logs observations of at-risk behavior. When workers log observations of at-risk behavior from a mobile device, they can trigger a near miss, which can then be assigned corrective and preventative actions or training. Embedded analytics allow managers to visualize and filter leading indicators by employee, task, location and other facets at any location.
Communications Management
Communications Management allows organization to capture critical information such as dates, times, employee information, responses and status from communications such as complaints, information requests and regulatory updates. Actions and tasks can be created directly in the form to support workflows and nonconformances can be associated directly with a record to maintain insight into progress.
Bulletins
Bulletins allow real-time and scheduled communication between the organization and frontline workers. Bulletins can include text and images to provide urgent alerts, microlearning, feedback and polls.
Document Control
Document Control helps to manage documented information that supports an ISO 45001:2018 safety management system. It allows the organization to centralize documentation to ensure effective information governance, approvals and controls. Users can create automated rules for revisions, reviews and deletion to eliminate manual processes.
Incident Management
Incident Management records, tracks, analyzes and reports incident data. It provides root cause analysis such as 5-Whys and supports analyzing trends and gaps in the safety management system. It also manages tasks and the flow of incident information to ensure investigations are addressed and closed properly.
What Are the Benefits of Using Software to Support ISO 45001:2018?
Digital applications provide the support organizations need to manage their ISO 45001 safety management system. With the vast amounts of data, security and information governance required to manage safety in today’s organizations, the manual processes of the past can no longer keep up. ISO 45001 software ensures your safety management system keeps workers safe and provides insight into all your safety processes across the entire organization.
Frequently Asked Questions
That depends. ISO 45001:2018 is a standard, not a regulation, so there is no legal requirement for certification. Further, some organizations might choose to use ISO 45001:2018 as a framework without undergoing the certification process. In many industries, however, certification to ISO 45001:2018 is a condition of conducting business, and customers might include it as a requirement in contracts or RFPs.
No. OHSAS 18001 is obsolete and has been replaced by ISO 45001:2018. If you did not transition during the three-year grace period that ended in September 2021, your OHSAS 18001 certification is no longer recognized.
Transitioning from OHSAS 18001 to ISO 45001:2018 is a new certification process. Organizations will need to compare both standards and identify the gaps in their current management system before certifying to ISO 45001:2018.
ISO 45001 is a standard by the International Organization for Standardization. It is designed to provide a set of common principles for organizations to support a safety management system. ISO standards are not regulations and are not a legal requirement.
OSHA is the Occupational Safety and Health Administration in the United States. Its purpose is to enforce US safety regulations through inspections, training, education and assistance. OSHA does not mandate the use of ISO 45001, and organizations are not considered compliant simply because they use ISO 45001. However, creating a safety management system based on the principles of ISO 45001 can go a long way to ensuring you have a safe workplace that is compliant with relevant regulations in any location.
ISO 9001 is a standard for quality management systems, while ISO 14001 is for environmental management systems. They all share the High-Level Structure common to ISO standards for management systems. Safety, quality and environment have considerable overlap in their scope, and one might argue that they are all different facets of operational excellence in general. As such, many organizations implement all three of them to take advantage of the opportunity for shared processes.
ISO does not conduct certification for standards. Organizations should first purchase a copy of the standard and get a thorough understanding of what’s involved in achieving and maintaining certification. Organizations can then begin implementing the standard on their own or they could bring in consultants who specialize in providing those services. When the organization feels the safety management system is ready, it can contact certified auditors to complete the certification process.
Digital applications are not a requirement for certifying to ISO 45001:2018. It is possible to have a safety management system that uses paper and manual processes. However, with the increasing importance of data for supporting leading indicators and analyzing trends, digital applications are quickly becoming a necessity for supporting a modern safety management system.
Learn how Intelex Quality Management Software simplifies your QMS to save you time and money.
Expand your ISO 45001:2018 knowledge
with these featured resources
insight report
Achieving and maintaining certification to ISO 45001:2018 is a critical component of a healthy safety culture in every industry.
INSIGHT REPORT
This new Intelex Insight Report will show you how to make sure your health and safety management system keeps your employees safe, provides value for your business and meets your compliance requirements.
on-demand webinar
Understanding how ISO 45001 will impact your business, let alone building a business case or convincing executive teams to care, can be hard.