ISO-45001-blog

ISO 45001 Blog

Hazards vs. risks – What is the difference according to DIS/ISO 45001?

As with OHSAS 18001, the new ISO/DIS 45001 standard requirements focus on understanding the hazards and risks in the Occupational Health & Safety Management System (OH&SMS). This draft international standard is expected to replace the OHSAS 18001 standard when it is released, so understanding what is the same and what has changed  from the current OHSAS 18001 requirements will help you be ready when this occurs.

What is a Hazard in ISO/DIS 45001?

ISO/DIS 45001 defines a hazard as a “source or situation with a potential to cause injury and ill health” (Definition 3.19). In other words, what features of your processes have the ability to harm individuals? This could be a hazardous chemical you need to use in a process, or a machine that has a pinch point that needs to be guarded to protect the people who need to use it. It could also be an office position that requires certain actions that over time could lead to repetitive strain injuries.

The definition of a hazard has not changed dramatically from the current OHSAS 18001:2007 standard, so any current definition you are using in your OH&SMS will not change. For some guidance on hazards in the OH&SMS, here is an article on How to identify and classify OH&S hazards.


What is a Risk in ISO/DIS 45001?

An OH&S risk is defined as the “combination of the likelihood of occurrence of a work-related hazardous event or exposure(s) and the severity of injury and ill health that can be caused by the event or exposures” (Definition 3.21). So, the hazard is the feature of the process that can harm an individual, and the risk is the likelihood that it will happen along with how sever the consequences will be.

So, if you have two office jobs that require repetitive motion, but one is done every day and the second is done once a month, the risk will be higher with the first job. Likewise, if you have two processes that require the addition of a chemical to a bath, but one is a very hazardous chemical and the other is not, then the first will have a higher risk.

To find out more about assessing the risks in your OH&SMS, check out this article on How to perform risk assessment in OHSAS 18001.

What are the requirements for Hazard Identification and Risk Assessment in ISO/DIS 45001?

ISO/DIS 45001 section 6.1.2 identifies the requirements for hazard identification and assessment of OH&S risks, and overall, this process is the same as is currently required in OHSAS 18001. For a well-functioning OH&SMS you still need to identify what hazards are presented by your processes, and then assess the risk these hazards present.

Hazard identification in section 6.1.2.1 of ISO/DIS 45001 still requires that the organization have a process to proactively identify the hazards arising from their operations. This hazard identification needs to take into account: routine and non-routine activities, emergency situations, all people involved, other issues such as workplace design, changes in the organization, changes in knowledge about hazards, past incidents, and the social factors of the organization.

Risk assessment in section 6.1.2.2 still requires that the risks from the identified hazards be addressed, as well as the risks related to the OH&SMS and its operations. These criteria need to be defined by the organization, since they will be different from one organization to the next.

The one area that has been added in ISO/DIS 45001 that is absent in OHSAS 18001 is Section 6.1.2.3 on the identification of OH&S opportunities and other opportunities, which addresses the need to act on any opportunities to enhance or improve the OH&SMS that come out of the hazard identification, risk assessment, and other activities of the organization.

Hazard identification and risk assessment: A critical first step in your OH&SMS

This critical first step in implementing your OH&SMS, the step that requires you to understand what hazards are present in your processes and the risks presented by these hazards, is one of the foundations of designing an OH&SMS that will be useful for your organization. Any changes in the requirements between OHSAS 18001:2007 and ISO/DIS 45001 are clarifications on how to make this work better, and anything that will help you better protect the health & safety of the people who work within your organization is worth your attention.

To find out more about ISO/DIS 45001, check out this  ISO/DIS 45001:2016 vs. OHSAS 18001:2007 matrix.

Advisera Mark Hammar
Author
Mark Hammar
Mark Hammar is a Certified Manager of Quality / Organizational Excellence through the American Society for Quality, and has been a Quality Professional since 1994. Mark has experience in auditing, improving processes, and writing procedures for Quality, Environmental, and Occupational Health & Safety Management Systems, and is certified as a Lead Auditor for ISO 9001, AS9100, and ISO 14001.