ISO 45001:2018 - NQA
ISO 45001:2018OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE50,000CERTIFICATESGLOBALLYTRANSPARENT90
ISO 45001:2018OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE2*UK and ISOIreland45001:2018onlyOCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE
ContentsIntroduction to the standardP04Benefits of implementationP06PDCA cycleP07Risk based thinking / auditsP08Annex SLP09SECTION 1: ScopeP10SECTION 2: Normative referencesP11SECTION 3: Terms of definitionP12SECTION 4: Context of organizationP14SECTION 5: LeadershipP16SECTION 6: PlanningP18SECTION 7: SupportP20SECTION 8: OperationP22SECTION 9: Performance evaluationP24SECTION 10: ImprovementP28Get the most from your managementP30Next steps once implementedP32How else can we assistP33ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE3
INTRODUCTIONTO THE STANDARDISO 45001:2018 is a new Internationalstandard which provides a framework,regardless of size, activity and geographicallocation, to manage and continuouslyimprove Occupational Health and Safety(OH&S) within the organization.The risk-based approach standard introducesthe common ‘Annex SL’ structure which providescompatibility with other ISO standards including ISO9001 Quality, ISO 14001 Environment and ISO 27001Information Security management systems.By adopting a systematic approach including workerparticipation, the organization can integrate OH&Swithin its business processes which will contribute4to prevention of accidents and long and short termill health effects. The standard provides a platform todevelop a positive safety culture leading to workerwellbeing.Once the policy framework has been put in place,along with processes to facilitate the organization’scommitment, the standard then asks the organizationto audit, review and improve the system includingassessment of compliance obligations. Thisapproach provides the organization with bothassurance and business continuity.Standard requirements can significantly help theorganization improve internally; by embedding aculture of challenge and continual improvement.ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE
A Brief history of ISO 45001OHSAS 18001:2007 (initialversion OHSAS 18001:1999) isthe predecessor to the recentlyreleased ISO standard ISO45001:2018. The OHSAS standardwas recognised internationally butit is not an ISO standard.This was recognised and hence theneed to have a systematic structure forthe management of the activities. ISO45001:2018 is an ISO standard andhas been designed to have greatercompatibility with existing ISO standardmanagement system revisions includingISO 9001:2015 and ISO 14001:2015.Over time it has become increasinglyapparent that too many workers aresuffering from OHS related illnesses,injuries and deaths, placing anunacceptable burden on people, theirfamilies and with moral and welfarecosts to society overall.It uses the same management systemstructure and reflects the requirementsidentified by the International LabourOrganization guidance for OHSsystems. It has been developed over anumber of years by International bodiesand industry experts.Owing to this compatibility ISO45001:2018 should build on all thesuccess of OHSAS 18001 and allow thebenefits to be enhanced and potentiallyintegrated in other generic managementsystem standards.In 2021 OHSAS 18001 will bewithdrawn leaving ISO 45001 theprimary international OHS managementsystem standard.ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE5
BENEFITS OFIMPLEMENTATIONWith or without a formal OH&S management system, organizations have a moral and legalduty to protect workers from accidents and ill health. This next section provides an overviewof a selection of positive benefits from implementation of ISO 45001. These positive benefitsare not exhaustive.Adoption of the high-level structure of ‘AnnexSL’ enables organizations to integrate ISO45001 with existing ISO 9001 Quality andISO14001 Environmental managementsystems. This approach has reduced thecomplexity of multiple clause requirementsacross different standards applications, savingtime and resources.In addition to internal process controls,the standard has provided requirements toassess procurement of products and serviceswhich may have influences on OH&S. Forexample, risk based structured management ofcontractors. Such a process can in-turn providecontrols to reduce both OH&S risk, promotepositive safety culture and protect business.The standard provides a systematic approachfor senior leadership to assess OH&S riskand opportunities, monitor and reviewsafety performance and set objectives forcontinual improvement within the ‘context’ oforganizational activities. This may include, forexample, worker health promotion campaignsor the monitoring of the OH&S effects ofproducts and services provided.The standard provides a structure to monitorand review compliance obligations to ensurethe organization is legally compliant includingproducts and services. It is important for anorganization to understand what it is to achieve,why it needs to achieve and if it has achieved –this should be demonstrated within the system.Implementation is a demonstration andcommitment from senior leadership to internaland external stakeholders (interested parties)of the intent to protect workers from accidentsincluding short and long term ill health effects.Of course, this may in-turn reduce downtime,lead to reduction or prevention of worker losstime hours and potential prosecution.This commitment also provides assurances tothe Board of Directors, Trustees or owners thatmanagement controls regarding OH&S risksinherent within the organization.The standard promotes worker participationwhen identifying hazards, elimination orreducing risk by implementation of controlsintegrated with other business process. Thisapproach can improve safety culture, minimiserisk and embed best practice resulting inincreased productivity.Both internal and external audit programmesprovide scrutiny and effectiveness of the OH&Smanagement system including processes. Theprogramme promotes communication andparticipation of workers with identification ofgaps leading to continuous improvement.With an emphasis on workers taking an activerole in OH&S matters, this can have positivebenefits on an organization’s reputation as asafe place to work leading to staff retention,motivation and greater productivity.Implementation is also recognition for havingachieved an international standard benchmarkwhich may have positive influence on existingand potential customers in fulfilling their ownsocial responsibility commitments.For further information on positive benefits of ISO 45001 standard implementation and its intendedoutcome refer to section 1 ‘Scope’.6ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE
PDCA CYCLEISO 45001 has adopted the four stage Plan-Do-Check-Act (PDCA) cycle for achieving continualimprovement. This is an inherent part of the systematic approach to determine workablesolutions, assessing the results, and implementing ones that have been shown to work.The PDCA cycle can be applied not only to management systems as a whole, but also to each individual element to provide anongoing focus on continual improvement. At the core of each stage is ‘Top Management’ who are pivotal to ensure the OH&Ssystem is managed effectively.In the context of ISO 45001, refer to the following PDCA cycle:Plan:Do:Check: Act:Understand the context of theorganization including OH&Srisk and opportunities. EstablishOH&S objectives, processes andresources required to deliverresults in accordance with theorganizations OH&S Policy.Implement theprocesses asplanned to includingworker participation,hazard identificationand emergencypreparedness.Monitor, measureand evaluate OH&Sactivities andprocesses.Take actions tocontinually improve toincluding findings ofincidents, addressingnon-conformance andaudit findings.SCOPE OF THE OH&S MANAGEMENT SYSTEM (4.3/4.4)CONTEXT OF THEORGANIZATION(4)SUPPORT &OPERATION(7, 8)PlanINTERNAL &EXTERNAL ISSUES(4.1)DoLEADER& WORKERPARTICIPATION(5)PLANNING(6)ActNEEDS ANDEXPECTATIONSOF RELEVANTINTERESTEDPARTIES (4.2)PERFORMANCEEVALUATION(9)INTENDEDOUTCOMESOF THEOH&S MSCheckIMPROVEMENT(10)Establish OH&S objectives, processes and resources required to deliver results in accordance with the organizationsOH&S PolicyDO:CHECK:ACT:Implement the processes as plannedto include worker participation, hazardidentification and emergency preparedness.Monitor, measure andevaluate OH&S activitiesand processes.Take actions to continually improve toincluding findings of incidents, addressingnon-conformance and audit findings.ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE7
RISK BASEDTHINKING/AUDITSAny company that operates an OH&S management system must ensure there are effectivemeasures to evaluate performance which enables continual improvement internally. This sectionoutlines the different methodologies of auditing in relation to the OH&S system to ensure it iseffective at all levels of the organization and meets the requirements of the standard.Risk Based ThinkingWalk Through AuditsRisk Based Thinking (RBT) is a central tenet of ISO 45001.RBT requires the Management Team to continually assess theissues that affect OH&S aspects of an organization and ensurethat appropriate targets, resources and controls are in place.RBT empowers organizations to make dynamic changes totheir objectives and focus, whilst at the same time ensuringthat resources are in place to control changes and unforeseencircumstances. In relation to OH&S, risk-based thinking extendsto areas outside of the organization which may influence safety.A less formal approach maybe adopted in addition to the auditplan by conducting ‘walk through’ audits. This may be conductedby senior leadership or at operational level to inspect areas ofthe organization to pre-determined questions. This is a furtheropportunity to engage with workers, promote communication andbuild a positive safety culture within the organization.1st Party - Internal Audit3rd Party - Certification Audits2nd Party - External AuditsSecond party audits are usually conducted by customers ororganizations on their behalf, however they may be conductedFor example, procurement of products and services (includingby regulators to ensure the organization complies with legalcontractors) and the impact of supplied products and services.The organization must determine the methodology for risk-based requirements. External audits are a useful way to substantiate anorganization OH&S claim and to gather first-hand information andthinking with consideration of compliance obligations and thecontact with workers prior to commitment to a formal businessparticipation of workers. For operational aspects the standardrelationship. Second party audits may be planned; however,clearly defines the hierarchy of control for hazard identificationnotice may not be provided from regulators emphasising theand the reduction of risks with the involvement of workers. Thismethodology requires the organization to reduce risks associated requirement to ensure OH&S organizational requirementsare prepared.with hazards to a reasonably practicable level.Internal audits are taken at a moment in time to determine ifpolicies and practices are effective and achieving the intendedaim. The internal audit is an opportunity to engage with workersand to capture a true reflection of processes. Audits may identifypositive evidence of conformity including compliance obligations,however through inspection and observation they may identifyimprovement opportunities and non-compliance in breach of themanagement standard.Audit PlanningDeveloping an audit plan does not have to be a complicatedprocess. Through risk based thinking a series of audits canbe scheduled to focus areas of higher risk and to engagewith identified groups of workers. It’s up to the organization todetermine the frequency provided it is defined. In addition tooperational aspects the plan will cover core processesincluding compliance obligations, management review anddocumented information.8Third party audits are conducted by UKAS accredited certificationbodies such as NQA in compliance of the ISO 45001 OH&Sstandard. Depending on the number of employees, sites, riskand complexity of the organization, the certification body willdetermine the number of audit days required to cover the fullscope of the standard. Prior to certification, the organizationmay consider a gap analysis conducted by either consultant orcertification body to identify gaps against the OH&S standard.Certification is a demonstration to interested partiesincluding workers, customers and regulators thatthere is: A mechanism for regular assessment to monitor andimplement compliance obligations Regular assessment to monitor and improveOH&S processes Identification of hazards and reduce OH&S risk Regular review and assessment of OH&S riskand opportunities Worker participation in the decision-making processto ensure a safe working environment, continuousimprovement and safety cultureISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE
ANNEX SLPrior to the introduction of Annex SL (previously known as ISO Guide 83), organizations whoimplemented ISO 9001 Quality, ISO 14001 Environmental and ISO 27001 Information Securitystandards had difficulty integrating management systems. Based on different clause structuresand terms of definition, the absence of Annex SL could lead to potential gaps betweenmanagement systems an unnecessary burden on resources. The introduction of Annex SLincluding ISO 45001 has enabled multiple standards to adopt the same high-level structure toharmonise 10 core clauses, making it easier to integrate common management standards.High Level StructureThe first three clauses provide a background to the standard withuseful information including terms of definition. The rationale of‘Context of the Organization’ (clause 4) is that the system focuses onprocesses and requirements needed to achieve organizational policyobjectives. This is achieved by understanding the organization andthe context in which it operates. The Clause sets out the requirementsfor the organization to define the ‘Scope’ of the system, and thesubsequent planning of the system.Annex SL consists of 10core clauses:1.2.3.4.5.6.7.8.9.10.ScopeNormative referencesTerms of definitionContext of organizationLeadershipPlanningSupportEmergency preparednessPerformance evaluationImprovementClause 5 to 10 are common to all management system standards, ISO45001 specifically relates to occupational health and safety issues.So, whilst there is commonality, there are OH&S processes to beestablished, implemented and maintained including understandingof the policy framework, identification of hazards, managementcontrol of risks and worker participation. A successfully deployedAnnex SL enables an integrated management system (IMS) whichsimultaneously handles the requirements of ISO 45001, ISO 9001 andISO 14001. Typically, this would include a harmonised documentedinformation, procurement, audit and management review processwithout the necessity of duplication.Annex SL Clause OverviewPLAN4Context of theorganization4.1Understandingthe organizationand its context4.2Understandingthe needs andexpectations ofworkers andother interestedparties4.3 Determiningthe scope ofthe ISO 45001managementsystem4.4 ISO 45001managementsystem5Leadership5.1 Leadershipcommitment5.2 Policy5.3Organizationalroles,responsibilitiesand authorities6Planning7Support6.1 Actions toaddress risks andopportunities6.2 ISO 45001objectives andplanning toachieve mprovement7.1 Resources8.1 Operationalplanning andcontrol7.2 Competence8.2 Emergencypreparedness7.3 Awareness9.1 Monitoring,measurement,analysis andevaluation9.2Internal audit10.1Nonconformityand correctiveaction10.2 ation7.5 DocumentedinformationISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE9
SECTION 1:SCOPEFor registration all clause requirements must be applied. This section sets the intent andparameters within which the ISO 45001 OH&S management standard can be used to attainits intended outcome.The intended outcome of the OH&S management system is for the organization to: Provide a safe and healthy workplace(s) Prevent work related injury and / or ill health Proactively monitor and improve OH&S performance Eliminate hazards and minimise OH&S risks (including system deficiencies) Take advantage of OH&S opportunities and address management system non-conformities associated with its activities Fulfil legal and other requirements Achieve OH&S objectives Integrate other aspects of health and safety including worker wellness / wellbeingThis section makes it clear that the standard does not address issues such as product safety, property damage or environmentalimpacts beyond the risks they present to workers and other relevant interested parties.10ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE
SECTION 2:NORMATIVEREFERENCESReference to ‘normative references’ are common across all management system standardshowever in the case of ISO 45001 there are no normative references.If applicable to a standard, normative references are essentialdocuments used for the application of the document. In otherwords, the reference document is considered essential for theapplication of the referenced standard.ISO 45001 provides a bibliography with further informationincluding associated ISO management standards.ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE11
SECTION 3:TERMS ANDDEFINITIONSISO standards are written in such a way that their meaning can be open to interpretation. Aswith all standards, this interpretation can lead to confusion. To assist the user section 3 ofthe standard provides prescriptive terms of definition to prevent the wrong interpretation.It is highly recommended that persons responsible forimplementation of the standard clarify and have a clearunderstanding of words described in this section.For example, ‘worker’ may be interpreted without guidance asan operator who works in a factory, when in reality a workercovers many different occupational aspects including agency,contractors, all employees including Top Management andexternal provider staff.Each term is listed in accordance with the hierarchy ofconcepts reflecting the sequencing of the introduction ofthe standard.In addition to the term or definition, notes provide furtherinformation and clarity.If an electronic version of the standard has been purchasedthe definitions are hyperlinked to other definitions so that theirinterrelationships can be seen.12Annex A Guidance‘Annex A’ of the standard provides useful clarificationof selected concepts in relation to OH&S to avoidmisunderstanding. Concepts including: Continual Ensure Interested party Documented informationIf the organization requires the use of specific industryrelated terms and their meanings relative to the OH&Ssystem, these terms can be used, however they muststill conform to the ISO 45001 document.ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE
ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE13
SECTION 4:CONTEXT OF THEORGANIZATIONThe rationale of this clause is that the system focuses on the processes and requirements needed toachieve the OH&S policy objectives. This can be achieved by understanding the organization and the‘context’ in which it operates. Clause 4 also sets out the requirements for the ‘Scope’ and the systemto be defined, and the subsequent high-level planning of the system to achieve the objectives.Understanding the context of the organization is usuallyconducted by senior leadership with information aboutthe business and activities gathered
ISO 45001 has adopted the four stage Plan-Do-Check-Act (PDCA) cycle for achieving continual improvement. This is an inherent part of the systematic approach to determine workable solutions, assessing the results, and implementing ones that have been shown to work.
ISO 45001 is designed to take into account many more factors than 18001. For instance, ISO 45001 recognizes other formats for data collection and storage -such as digital formats to reduce paperwork. Beyond just health and safety, ISO 45001 gives management a tool to strengthen their entire business if they follow it. ISO 45001 is More .
NQA-1-2000 NQA-1-2004 NQA-1-2008 processes to detect and correct quality problems. processes to detect and correct quality problems. detect and correct quality problems. (b) The program shall provide for indo
10CFR830.122/DOE O 414.1B NQA-1-1989 V/S NQA-1- 2000 REQUIREMENTS MATRIX 1 DOE O 414.1B/CFR 830.122 NQA-1-1989 NQA-1-2000 . The capabilities of a candidate for certification shall be initially determined by a suitable evaluation of the candidate's education, experience, training, and either test results or
OHSAS 18001 to ISO 45001 Transition OSHA & State Regulatory Assistance –Compliance Assessment, Mock Audit, Program Development, Corrective Action Assistance On-Site Training –OSHA 10-hour, OSHA 30-hour, ISO 14001, ISO 45001, OHSAS 18001 to ISO 45001 Transition EPA &
NQA is a world leading certification body with global operations. NQA specialises in certification in the construction and engineering sectors. AMERICA'S NO.1. Certification body in Aerospace sector. TOP 3 IN THE UK. ISO 9001, ISO 14001, ISO 45001, ISO 27001. CHINA'S NO.1. Certification body in Automotive sector. BANGALORE. BOSTON. LONDON .
NQA is a world leading certification body with global operations. NQA specialises in certification in the construction and engineering sectors. AMERICA'S NO.1. Certification body in Aerospace sector. TOP 3 IN THE UK. ISO 9001, ISO 14001, ISO 45001, ISO 27001. CHINA'S NO.1. Certification body in Automotive sector. BANGALORE. BOSTON. LONDON .
ISO 9001:2015 QMS and ISO 14001:2015 EMS and ISO 45001:2018 Internal audit 6. Principals of Quality Management System-ISO 9001:2015 7. ISO 9001 and 14001 and ISO 45001:2018 EQHSMS audit records 8. Table of Documented information Summary against ISO 9001:2015 and ISO 14001:2015 require
Draft International Standard ISO/DIS 45001 - released in January 2016 Final Draft International Standard (FDIS) - released end of November 2017 ISO 45001:2018 Standard - published March 2018 You will need to change and adapt your OH&S management system to meet the new requirements and migration timelines. STRUCTURE OF ISO 45001 1 .
