Does ISO 45001 replace OHSAS 18001?

With the release of ISO 45001:2018 as the new standard for creating an Occupational Health & Safety Management System (OHSMS), there is a question of what will happen with OHSAS 18001:2007. Because the previous standard was not maintained by the International Organization for Standardization (ISO), but instead was maintained by the British Standards Institution (BSI), there is some confusion as to whether this is a replacement standard. If you have OHSAS 18001, do you need to transition to ISO 45001? The short answer is yes, because ISO 45001 will replace OHSAS 18001. But what does this transition even mean? Learn how ISO 45001 will replace OHSAS 18001 in this article.

What is new with ISO 45001:2018?

First, it is important to note that both standards include many of the same requirements, as both are used to create an OHSMS. While both standards emphasize the management of Occupational Health & Safety (OH&S) hazards and legal requirements, and the importance of top-level management involvement, there are some new requirements in the ISO 45001:2018 standard that are included to further benefit your company. For more information on the benefits that ISO 45001 can bring, see the article 4 Key benefits of ISO 45001 for your business.

One of the biggest changes is to organize the ISO 45001 standard to match the standard format for ISO management systems, called Annex SL, so that the structure and format match those of other management systems such as ISO 9001:2015 and ISO 14001:2015. This organization helps you to better align the different management systems you may implement, and allows you to easily see the common processes that can be done together (such as the internal audit). For more information on the structure, see the article ISO 45001 requirements and structure.

One important change involves how we think about risk in the OHSMS. Where OHSAS 18001 only talked about the risks associated with the OH&S hazards in the organization, ISO 45001 talks about managing other risks and opportunities along with controlling these OH&S hazards. You can find out about the new requirements associated with risk in the article What are the new requirements for risks and opportunities according to ISO 45001? With these additional risks and opportunities to assess, many companies will want to have a more formal risk management process than they did using OHSAS 18001. Some more information on what this could entail can be found in the article What to include in risk management methodology according to ISO 45001.


The new approach to documentation

One change to all of the ISO management system standards that some people have found confusing is the new requirements for documented information, and ISO 45001 also includes these requirements. The new requirements are basically an amalgamation and simplification of the old requirements for creating and maintaining documents and records in the OHSMS. The standard clarifies that documented information refers to information for the management system and its processes, information created for the organization, and evidence of results achieved. In general, the process that has been put into place for document and record control in OHSAS 18001 will meet the requirements of ISO 45001. A more thorough explanation of the new approach can be found in the article New approach to ISO 45001 documentation.

One important thing to note about this change is that there is not a requirement to change your terminology from “documents and records” to the term “documented information” in your OHSMS. Keep using the terminology that your people understand. The new standard also has different expectations of what documentation you will require, so ensure that you compare your current documentation listing with the new requirements. A helpful tool for this is this free white paper: Checklist of mandatory documentation required by ISO 45001, or you could search the standard for the keywords “documented information” to find what is required to be documented.

For a good overview of what has changed, check out this free webinar: ISO 45001:2018 vs. OHSAS 18001:2007 – The main changes.

Is there a need to transition?

Both ISO and BSI have indicated in their communications that there is a three-year transition time to change your OHSMS from OHSAS 18001:2007 to the new ISO 45001:2018 standard. This matches what normally happens when an ISO standard is updated, such as when ISO 9001:2008 changed to the ISO 9001:2018 revision. Companies that are already certified have until 2021 to upgrade their OHSMS, and at this time BSI has indicated that it will make OHSAS 18001:2007 obsolete. Any company that is implementing a new OHSMS should use the ISO 45001 standard as their requirements, because certification bodies will stop granting certification to the OHSAS 18001 standard sooner than this 2021 deadline.

For a good overview of the process to transition, see this free white paper: Twelve-step transition process from OHSAS 18001 to ISO 45001.

So, it is clear that ISO 45001 does replace OHSAS 18001. Now, for your transition, you need a plan. This should start with a gap analysis comparing what you are doing now to the requirements of the ISO 45001:2018 standard. In this gap analysis, go through every “shall” statement and determine if you meet the requirement or not. For each requirement that is not met, determine what you need to do to meet it, and then make that change. It sounds simple, but it can take some time to do. This free ISO 45001 Gap Analysis Tool can help you with your gap analysis.

Does ISO 45001 replace OHSAS 18001 and how it affects you?

Start sooner rather than later

Many companies tend to wait to make the changes in their system, but this can be problematic. While the transition process may sound simple, as mentioned above, it can take some time to accomplish. Waiting to start will only delay your conclusion, and rushing because you started late can hinder the improvements you want to make.

Remember – just because you make improvement changes to your OHSMS so that it meets the ISO 45001 requirements doesn`t mean that you need to change your certificate right away. Take the time to make the changes work for you, implementing the most important first, and get the benefits of each improvement as soon as you can. You have an OHSMS to improve your OH&S performance, so why wait to make improvement changes that will benefit you?

For a better understanding of the transition from OHSAS 18001 to ISO 45001, see this free webinar: How to make the transition from OHSAS 18001 to ISO 45001.

Advisera Mark Hammar
Author
Mark Hammar
Mark Hammar is a Certified Manager of Quality / Organizational Excellence through the American Society for Quality and has been a Quality Professional since 1994. Mark has experience in auditing, improving processes, and writing procedures for Quality, Environmental, and Occupational Health & Safety Management Systems, and is certified as a Lead Auditor for ISO 9001, AS9100, and ISO 14001.