ISO 45001 Requirements and structure
Which ISO 45001 requirements need to be met to comply with the standard? The ISO 45001 standard itself is split into ten clauses designed to provide the user with a clear and defined structure and set of requirements that must be met when applied to the OH&S management system. Sections 1 to 3 provide details on the scope of the standard, normative references, and explanations or terminology that help better your understanding of the standard, while sections 4 to 10 contain the requirements.
Though it makes sense to approach the clauses chronologically, you will find that you have to return to each clause and make amendments as it becomes obvious where requirements overlap and your understanding of how the standard can meet the needs of your particular organization changes. You will obviously also have to carefully define whether your existing documented information meets the needs of the standard, but first, let’s look at the clauses that will make up the basic structure of your operational health & safety system requirements.
Clause 4 Context of the Organization
Section 4 requires each organization to analyze and understand the context of its activities, both externally and internally, and understand the needs of interested parties. Among other things, this will include understanding legislation, employee, stakeholder and shareholder requirements. It will also go a long way towards defining the scope of your OH&S management system. It is also worth noting that the standard requires this to be retained as documented information, and is a key part of ISO 45001 structure.
For more information on this topic see the article Defining the context of the organization according to ISO 45001.
Clause 5 Leadership and Worker Participation
The Leadership section encourages both management commitment and involvement from employees. This gives an implied outcome that health and safety should become embedded in an organization’s activities, as opposed to the concern of one responsible individual, as was possible in the past under the terms of OHSAS 18001. For example, sharing tasks and responsibilities across the team can ensure that knowledge is shared, and multiple team members become proficient in the running of the system. This allows consolidation of the culture and reinforcing the importance of OH&S within the organization.
For more assistance with this topic, reference the article How to demonstrate leadership according to ISO 45001.
Clause 6 Planning for the OH&S System
Planning to avoid undesired outcomes such as failures to meet legislation or the risk of employee injury is at the heart of the ISO 45001 standard, which now recognizes “opportunity” as a key element of OH&S activities. Critically, Section 6 deals with objective-setting for the OH&S management system, and there are also requirements to document some aspects of this section. The article List of mandatory documents according to ISO 45001 can prove invaluable in ensuring your document requirements are covered.
For more detail on this clause, see the article How to define objectives and plans in ISO 45001 and for specific guidance on risk and opportunity, refer to What are the new risks and opportunities according to ISO 45001?
Clause 7 Support
Clause 7 covers “support” elements such as communication, competence and awareness and documented information as well as resources. These specific requirements should ensure that the OH&S management system is more aligned with the activities of the business as a whole than may have been the case under OHSAS 18001. In your organization it is important to ensure that top management play a leading part in the communication process, and that employees are consulted when key information is recorded as documented information. Such decisions can ensure that the business objectives and the OH&S management system are closely related.
You can learn more about certain elements of this clause in the article How to perform training and awareness in OHSAS 18001.
Clause 8 Operation
Operational controls and emergency preparedness and response are addressed in Clause 8. This clause is now more specific about outsourcing and procurement management, meaning that organizations must ensure that the responsibility for risk is retained by management and not passed on to contractors. Effective operational control is a critical factor in any health & safety management system, particularly in terms of managing contractors. Paying close attention to this clause will prove to be of benefit to most organizations.
Clause 9 Performance Evaluation
Monitoring and measuring the OH&S management system performance, including compliance to legislation and internal audit results, is covered in clause 9. This section also emphasizes that management must review the OH&S management system performance to ensure effective performance. There is a distinct advantage of ensuring that top management is involved in performance evaluation as would be the case with objective setting, thereby allowing actions for continual improvement to be considered as a result.
For more details see How monitoring, measuring, evaluation and analysis in ISO 45001 works.
Clause 10 Improvement
The last clause sets out how an organization must ensure that continual improvement is derived from the OH&S management system. This can include dealing effectively with non-conformance and employing a good corrective action process. In real-life situations, it can pay to involve the team in corrective action processes, as nobody will be more effective at defining the root cause of an issue than those directly involved in the process. Likewise, this will ensure that the team who are responsible for the prevention of reoccurrence have possession of the full facts and can be vigilant against a repeat non-conformance, laying the foundation for improved performance.
The article Using corrective actions to eliminate nonconformities and drive health & safety improvements can provide some useful tips here.
Putting it all together
The biggest challenge is ensuring that the procedures, policies and activities that are undertaken on the OH&S management system complement each other and that your system structure is correct, effective and able to be improved. This can be achieved by using the “plan, do, check, act” cycle that remains central to the standard. Concentrate on meeting the requirements set out in the individual clauses as outlined above, and the job of implementing ISO 45001 in your OH&S management system will become significantly easier.
See this free white paper Checklist of Mandatory Documentation Required by ISO 45001 to find out which policies and procedures you need to write.