5 levels of hazard controls in ISO 45001 and how they should be applied

Updated 2018-11-29 according to ISO 45001

Within the planning phase, the ISO 45001 standard has a requirement for organizations to establish a hierarchy of controls. During the process of identification of occupational health and safety hazards (for more information, see How to identify and classify OH&S hazards), the organization needs to identify if there are any existing controls and whether they are adequate for the identified hazard. When defining controls or making changes to the existing ones, the organization needs to take into account the hierarchy of the controls.

What does it mean?

Hierarchy of the controls does sound a little confusing, and I think “hierarchy” is not the best term. It basically means the priority in selection and implementation of controls related to occupational health and safety hazards.

There are several groups of controls that can be established to eliminate or decrease the occupational health and safety hazards: elimination, substitution, engineering controls, signage/warnings, administrative controls, and/or personal protective equipment. But, the problem is that the effects of these groups of controls are not the same, and some of them don’t really eliminate or decrease the risk of a hazard in the most satisfying way. And that is why the hierarchy is introduced, to encourage the organization to try to implement the better controls and really eliminate the hazard, if possible.

How does it work?

Once you have completed a risk assessment and taken account of existing controls, you should be able to determine whether existing controls are adequate or need improving, or if new controls are required.

If new or improved controls are required, their selection should be determined by the principle of the hierarchy of controls, i.e., the elimination of hazards where practicable, followed in turn by risk reduction (either by reducing the likelihood of occurrence or potential severity of injury or harm), with the adoption of personal protective equipment (PPE) as a last resort.

Basically, this hierarchy defines the order of considering the controls; you may choose to implement one or a combination of several kinds of controls.


Here is where you need to start when planning the controls:

Elimination – modify a design to eliminate the hazard; e.g., introduce mechanical lifting devices to eliminate the manual handling hazard;

Substitution – substitute a less hazardous material or reduce the system energy (e.g., lower the force, amperage, pressure, temperature, etc.);

Engineering controls – install ventilation systems, machine guarding, interlocks, sound enclosures, etc.;

Signage, warnings, and/or administrative controls – safety signs, hazardous area marking, photo-luminescent signs, markings for pedestrian walkways, warning sirens/lights, alarms, safety procedures, equipment inspections, access controls, safe systems of working, tagging, and work permits, etc.;

Personal protective equipment (PPE) – safety glasses, hearing protection, face shields, safety harnesses and lanyards, respirators, and gloves.

Although the first three levels are the most desirable, they are not always possible to implement. In applying the hierarchy, you should consider the relative costs, risk reduction benefits, and reliability of the available options.

The work of establishing and selecting of controls is still far from over, as there are still a lot of things to consider:

  • The need for a combination of controls, combining elements from the above hierarchy (e.g., engineering and administrative controls),
  • Establishing good practice in the control of the particular hazard under consideration, adapting work to the individual (e.g., to take account of individual mental and physical capabilities),
  • Taking advantage of technical progress to improve controls,
  • Using measures that protect everyone (e.g., by selecting engineering controls that protect everyone in the vicinity of a hazard rather than using individual personal protective equipment (PPE)),
  • Human behavior and whether a particular control measure will be accepted and can be effectively implemented,
  • Typical basic types of human failure (e.g., simple failure of a frequently repeated action, lapses of memory or attention, lack of understanding or error of judgment, and breach of rules or procedures) and ways of preventing them,
  • The need to introduce planned maintenance of, for example, machinery safeguards,
  • The possible need for emergency/contingency arrangements where risk controls fail,
  • The potential lack of familiarity with the workplace and existing controls of those not in the direct employment of the organization, e.g., visitors or contractor personnel.

Let’s make it work

Once the controls have been determined, the organization can prioritize its actions to implement them. In the prioritization of actions, the organization should take into account the potential for risk reduction of the planned controls. It is preferable that actions addressing a high-risk activity or offering a substantial reduction of risk take priority over actions that have only limited risk-reduction benefit.

In some cases, it is necessary to modify work activities until risk controls are in place or apply temporary risk controls until more effective actions are completed – for example, the use of hearing protection as an interim measure until the source of noise can be eliminated, or the work activity segregated to reduce the noise exposure. Temporary controls should not be regarded as a long-term substitute for more effective risk control measures.

Legal requirements, voluntary standards, and codes of practice can specify appropriate controls for specific hazards. In some cases, controls will need to be capable of attaining “as low as reasonably practicable” (ALARP) levels of risk.

Selection and implementation of controls is the most important part of the Occupational Health and Safety Management System, but that is not enough to make it work. The effects of the implemented controls must be monitored to determine whether they achieve desired results, and the organization should always pursue new controls that are more effective and less costly. The cost of controls can be very high in some cases, but the most expensive are the ineffective ones.

Use our free ISO 45001 Implementation diagram to plan your ISO 45001 implementation effectively.

Advisera Strahinja Stojanovic
Strahinja Stojanovic

Strahinja Stojanovic is certified as a lead auditor for the ISO 13485, ISO 9001, ISO 14001, and OHSAS 18001 standards by RABQSA. He participated in the implementation of these standards in more than 100 SMEs, through the creation of documentation and performing in-house training for maintaining management systems, internal audits, and management reviews.