ISO 45001 is a standard created with various requirements to help organisations improve employee safety, reduce workplace risks and create better working conditions. Some of these are:

Hazard identification and assessment of risks and opportunities
You’ll need a process for ongoing and proactive hazard identification, which will take into account many factors – how work is organised, social factors, leadership, culture, routine and non-routine activities, infrastructure, equipment, physical factors, human factors, past and potential incidents and emergencies, people in the workplace, in the vicinity of the workplace and workers at a location not under direct control of the organisation (e.g. mobile workers or workers who travel to perform work-related activities at another location), actual and proposed changes and changes in knowledge. These hazards and the methodology you’ve used to assess them needs to be documented.

Incident, nonconformity and corrective action
This is all about how you are reporting, investigating and taking action on incidents or nonconformities. You need to: react in a timely manner to control, correct and deal with consequences; evaluate, with participation of workers and other relevant interested parties as appropriate; analyse to determine and eliminate root causes; formally investigate if deemed significant; determine if similar incidents have or could occur; review existing risk assessments; review effectiveness of the action taken; check that corrective actions are appropriate.

Consultation and participation of workers
You should have a process for consultation and participation of workers at all applicable levels and functions, including workers’ representatives as necessary, in development, planning, implementation, performance evaluation and improvements of your OH&S system. You need to provide time, training, resources, access to information and remove obstacles and barriers to participation. You should ensure consultation of non-managerial workers on needs and expectations of interested parties, policy, roles and responsibilities, etc.

Determination of legal requirements and other requirements
Similar to ISO 14001, the organisation should have a process to determine and have access to health and safety (as opposed to environmental) legal requirements and other requirements applicable to its OHSMS, and to determine how these requirements apply to the OHSMS. The process should cover:

• What are the organisation’s legal and other requirements and how are they determined, accessed and kept up-to-date;
• How do these legal and other requirements apply to the organisation’s activities, processes, plant & equipment, workforce, hazard profile & associated OH&S risks, the overall OH&SMS and its OH&S performance;
• How these legal and other requirements are taken into account when establishing, implementing, maintaining and continually improving the organisation’s OH&S management system.

Then there are ‘other’ requirements, and this is used as a catch-all term for a range of sources which may or may not apply to you, such as:

• Parent company protocols or policies;
• Collective bargaining agreements;
• Voluntary adherence to sector or trade body guidance documents;
• Contractual conditions;
• Employment agreements;
• Voluntary principles, codes of practice, technical specifications, charters;
• Public commitments of the organisation or its parent company.

Eliminating hazards and reducing OH&S risks
You’ll need to establish, implement and maintain processes for the elimination of hazards using the ‘hierarchy of controls’. This concept is key in health & safety, where risks should be reduced to the lowest reasonably practicable level by taking preventative measures, in order of priority. 

The table below sets out an ideal order to follow when planning to reduce risk from construction activities, and you should consider the headings in the order shown - do not simply jump to the easiest control measure to implement:​

Management of change
You should have a process for implementation and control of planned temporary and permanent changes. This can involve (but is not limited to!) new products, services and processes; workplace locations; work organisation; conditions; equipment; workforce; legal and other requirements; and knowledge about hazards and risks and developments in technology. You need to review the consequences of any unintended changes and take action to mitigate any negative H&S impacts.

If you would like to look at how to implement an ISO 45001 H&S management system, then simply contact us.

Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).

It’s a sobering thought that 95% of all injuries and accidents are caused by unsafe employee acts, not unsafe conditions.

For example, you may develop very effective standard operating procedures only to discover that nobody is following them. You may provide safety glasses and hearing protection, but find no one is wearing them. You may build an ergonomically friendly workstation only to observe poor posture or a ‘creative’ workstation setup.

Because workers’ compensation is a ‘no fault’ system, the costs of injuries that result from lack of employee compliance will still be borne by the organisation, so the only way to ensure a truly successful safety programme is to make the management team responsible for actually preventing injuries and accidents.

In order to accomplish this, a bit of psychology is required. Before managers can take steps to prevent unsafe behaviour they need to first understand what causes people to behave unsafely. This might sound obvious, but when you consider that no one sets out to get injured intentionally, you realise that the complexities of human nature are indeed at play.

There are a range of reasons employees perform unsafe acts. For example, they don’t know the right procedures. Management assumes people will exercise good common sense and therefore does not adequately train employees. Often this is the outcome of safety instruction that is far too general – for example ‘be careful’. Conversely, it may result from handing an employee a large safety rules guide and simply instructing them to read it and sign the dotted line.

Either way, the employee does not really understand – and is therefore not able to follow – correct safety procedures.

They also take short cuts. Sometimes this occurs because an employee simply gets lazy, and believes it’s just easier to not follow the rules. On the other hand, it can also occur because management has inadvertently encouraged not following the rules by placing unrealistic demands on employees or undertaking poor planning, which in turn results in undue pressure to cut corners to meet deadlines.

Then they can get complacent. Statistically, we know that employees can perform an unsafe act hundreds – even thousands – of times, with no resulting accident. This lack of negative consequence reinforces the unsafe behaviour, creating bad work habits and the attitude that “it will never happen to me.”

We know, however, that the more times unsafe acts occur, statistically the more frequently an accident or injury will result.

The key, then, to eliminating injuries and accidents, and ultimately the associated costs, is to eliminate unsafe behaviour by counteracting the scenarios outlined above.

What you’ll be doing when implementing ISO 45001

As with ISO 9001 and ISO 14001, there is a lot of commonality between the ISO 9001 and ISO 45001 standards. Both require you to:

• Look at the context of your organisation
• Demonstrate leadership and commitment
• Have a company policy (one for Quality and the other for Health & Safety)
• Demonstrate organisational roles, responsibilities and authorities
• Demonstrate planning, including actions to address risks and opportunities
• Have objectives and with a plan on how to achieve them
• Show appropriate and adequate resources to implement your management system
• Show competence
• Demonstrate awareness across your organisation
• Use effective communication both internally and externally
• Have control of documented information
• Demonstrate operational planning and control
• Use performance evaluation (e.g. internal audit and management review)
• Show improvement measures (e.g. nonconformity and corrective action and continual improvement)

However, ISO 45001 has in essence beefed up the following elements:

• Hazard identification and assessment of risks and opportunities
• Incident, nonconformity and corrective action

And it introduces these six distinct requirements in addition to all of the above:
​

• Consultation and participation of workers
• Determination of legal requirements and other requirements
• Eliminating hazards and reducing OH&S risks
• Management of change
• Procurement
• Emergency preparedness and response

If you would like to look at how to implement an ISO 45001 quality management system, then simply contact us.

Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).

Last month we looked at why a H&S management system is important. This week we’ll take a closer look at what sort of things are in a H&S management system, the kind of issues that it will need to address.

So, for starters, the sort of things that you'll need to consider would be:

• Defining the OHSMS and its scope within your organisation
• Developing procedures for the ongoing identification of hazards, assessments of risks and determination of the necessary controls
• Developing an OH&S programme with objectives and targets
• Defining relevant management, accountability, structure, roles, responsibilities, authorities, etc
• Ensure that persons performing tasks are competent and trained to do them safely
• Outline effective processes for internal & external communications
• Controlling H&S-related documents so that current versions are distributed and available at points of use and obsolete versions are removed
• Identifying critical functions associated with the identified hazards where controls are necessary
• Having a process in place for identifying and responding to H&S-related emergencies
• Developing plans to monitor and measure OH&S performance on a regular basis
• Developing processes for scheduling evaluations of compliance, investigating incidents and acting on health and safety non-conformances, and conducting audits at planned intervals

 
Why you should use ISO 45001 as your Health & Safety Management System
 
Workplace accidents and injuries significantly damage the productivity and efficiency of your operations. Studies have estimated that for every £1 of direct costs incurred in treating and providing disability benefits to an injured employee, employers incur an additional £4 in indirect costs, such as management time spent investigating and handling the claim, lost productivity of the injured worker, hiring and retraining a replacement employee, associated property damage and more.
 
The cumulative consequences of injuries and accidents are sobering. Such incidents seriously affect bottom-line profit by adding unnecessary costs to your operations and subjecting your company to potential fines and penalties. These costs can range from tens to hundreds of thousands of pounds, depending on the size and scope of your business.
 
In fact, in February 2016, the H&S punishments regime was considerably beefed up - when the court embarks on its consideration of the appropriate financial penalty, it is required to consider a number of separate steps including:

• the seriousness of the offence by determining the risk of harm (low, medium or high) and culpability of an offender;
• the appropriate starting point and category range for an offence, based on a company’s turnover, using tables provided in guidelines. There are five categories of organisation ranging from micro (where turnover is not more than £2 million) to ‘very large’ (where the offending organisation’s turnover very greatly exceeds the threshold for large organisations, namely £50 million and over);
• a range of factual elements providing the context of the offence to establish if further adjustment of the fine within the category range is required (the aggravating and mitigating features);
• whether the proposed fine fulfils the objectives of sentencing these types of offences (i.e. reflecting the seriousness of the offence and the financial circumstances of the offender). The court may adjust the fine upwards or downwards, including outside the range, by looking at factors such as profitability and the impact of the fine on the ability of the offender to improve conditions in the organisation;
• any factors which indicate a reduction, such as assistance to the prosecution and a reduction for guilty pleas. 

 
Courts expect full financial accounts to be served and will consider wider financial information such as details of director remuneration, assets, loans, etc, to establish a clear picture of the company’s financial resources. The guidelines are clear - the fine must be sufficiently substantial to have a real economic impact and bring home to management and any shareholders the need to comply with health and safety legislation. 
 
The need for putting in an OHSMS has never been greater, and ISO 45001 fits the bill perfectly. Once your organisation has embraced the need to prioritise workplace safety, the standard gets you to focus on two interrelated, yet distinctly different, objectives: compliance and accident prevention.
 
Many organisations, however, make the mistake of limiting their efforts to this first objective, and neglect the second, much greater, challenge: accident prevention. A successful workplace safety programme requires that an organisation address and achieve both objectives.
 
If you would like to look at how to implement an ISO 45001 H&S management system, then simply contact us.

Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).

It is becoming more and more important that organisations can demonstrate that they are thinking about their health & safety duties. But it is not just a case of ‘doing the right thing’, there’s also a strong business case to putting in place a strong health and safety management system.

Businesses owe a duty of care to safeguard health and safety at the workplace and they must have an awareness of the main provisions of the Health and Safety at Work Act and subordinate regulations relevant to their activities.

The primary purpose of the Health and Safety at Work Act should be to help prevent death, injury and ill-health within the workplace – not simply to prosecute offenders – and this objective should not be forgotten, despite the increased amount of health and safety prosecutions, particularly of individuals, in recent years.

In order to reduce the risk of prosecution and maintain a preventative approach to health and safety, businesses should:

• Develop and regularly review their health and safety policies;
• Properly assess the risks posed by their activities;
• Consult their employees about anything that could significantly affect their health and safety at work; and
• Seek the advice of competent health and safety professionals to ensure that they are discharging their legal duties.

ISO 45001 is an Occupational Health and Safety Management System (OHSMS) which will make sure you meet these legal obligations as well as providing a system for measuring and improving your health and safety impact.

ISO 45001:2018, as the designation suggests, is a relatively new standard in the ISO community, and is based on OHSAS 18001, as well as conventions and guidelines of the International Labour Organization including ILO OSH 2001, and other national standards. It includes elements that are additional to BS OHSAS 18001 which it replaced over a three-year migration period from 2018 to 2021.

The key additions in ISO 45001 compared to OHSAS 18001 are:

• Context of the organisation
• Understanding the needs and expectations of workers and other interested parties - interested parties would include workers, suppliers, subcontractors, clients, and regulatory authorities
• Risk and opportunities - this would include enhancing health and safety at the workplace
• Leadership and management commitment
• Planning

ISO 45001 follows the High Level Structure of other ISO standards, such as ISO 9001:2015 and ISO 14001:2015, which makes integration of these standards easier.

There can be a range of benefits to companies who use an ISO 45001 OHSMS, such as: 

• Building an organisation around H&S best practice (particularly useful if you operate in a high-risk sector)
• Reducing third party audits - if you work in a high-risk sector, you can often by-pass the need for supplier audits if you can produce evidence of having an OHSMS in place
• Reducing risk of accidents and incidents
• Improving employee motivation, awareness, and morale if you can show you take their H&S welfare seriously
• Lowering insurance premiums
• Improving managerial oversight for H&S - remember, what you can’t meaningfully manage you can’t meaningfully improve
• Continually looking for new H&S risks (e.g. a global pandemic!) and opportunities for improvement

The true value of ISO 45001 comes from linking your business strategy and your health and safety management system - not developing a standalone set of documents.

Using ISO 45001 to help manage risks and contractors, core and support processes, equipment and people gives you the opportunity not only to control but to assess and improve the health and safety of your workers, subcontractors, clients and others. 

If you would like to look at how to implement an ISO 45001 Health & Safety management system, then simply contact us.

Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).

Last month we looked at ISO 14001 and the way it looks at environmental ‘aspects’ - products and services that interact with the environment - and ‘impacts’, namely their impact on the environment.

Another important part of the standard is how you undertake measures for ‘emergency preparedness and response’.

So why is this part of an environmental standard? Basically, if there is an emergency situation where a negative environmental impact takes place, the company needs to have plans in place to deal with this situation to avoid or minimise environmental damage. 

Despite an organisation’s best efforts, the possibility of accidents and other emergency situations still exist. Effective planning and preparation can reduce injuries, protect employees and neighbours, reduce losses and minimise any production downtime. 

The standard requires that three components are addressed by the organisation:

• Establish and maintain procedures to identify the potential for, and the response to, accidents and emergency situations, in order to prevent and mitigate the environmental impacts that may be associated with them.
• Review and revise the importance of learning from incidents. Obviously corrective actions will be taken and results of audits will be considered after the occurrence of accidents or emergencies or even ‘near misses’.
• Testing of emergency plans should be planned and the standard indicates that periodic testing of such procedures should be carried out where practicable.

​
So, in essence, an effective emergency preparedness and response programme should include provisions for assessing the potential for accidents and emergencies, preventing incidents and their associated environmental impacts, plans and procedures for responding to incidents, periodic testing of emergency plans and procedures and mitigating impacts associated with these incidents. 

In order to decide which situations to anticipate, it is best to look to the environmental aspects that we would have identified in last month’s exercise. After deciding what potential emergency situations you have, including potential accidents that could impact the environment, you need to decide how you will respond to them.

The response should be comparable to how significant the situation could be. Plans for a large spill of a potentially harmful chemical (such as dumping a barrel of acid) may entail having supplies on hand that will allow you to contain and clean the spill – including having breathing apparatuses, protective clothing and a team of skilled and trained individuals who can safely remove the spill with minimal environmental impact. 

Conversely, plans for a small spill of a mostly harmless chemical (such as a very small bottle of alcohol) may be addressed with less detail and fewer safety concerns.

After deciding how to respond, this response needs to be documented in such a way that it can be used and understood. This again does not need to be a documented procedure, but needs to be in such a format that those in the organisation who need it can use it consistently. The procedures need to be reviewed periodically, and revised when necessary to ensure that you have a plan that will work consistently.

Lastly, the standard requires that these plans be used when an actual emergency occurs, which is of course the point of having them. 

After an actual incident, it is also an important time to review the procedure for any errors or improvements that may be needed. Depending on the significance of the impacts, it is also required to test out the procedures where you can (such as having a pretend spill that you respond to as if it were a real spill).

Consistent with your organisation’s focus on continual improvement, it is a good idea to review emergency response performance after an incident has occurred. This review can help determine if more training is needed or if emergency plans and procedures should be revised.

If you would like to look at how to implement an ISO 14001 environmental management system, then simply contact us.

Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).