ISO 45001

Continuously improve the health and safety of your workers.

Auditoría de seguridad y salud ISO 45001 realizada por una trabajadora

What is ISO 45001?

ISO 45001:2018 is the international standard made from the best practices that keeps employees safe from work-related risks by establishing a framework for Occupational Health & Safety (OH&S) management system. This aims to identify occupational health and safety hazards in the workplace and to minimize the occurrence of work injuries, illnesses, and death.

Importance of ISO 45001

Employers are responsible for the health and safety of their employees. ISO 45001:2018 is a reliable standard that can help reduce work-related risk for workers such as occupational accidents and diseases if properly implemented and maintained. This standard directly impacts workers within the organization and it’s up to the top management to commit to this initiative.

Management needs to ensure that resources are provided for the Occupational Health and Safety Management System (OHSMS). Both the leaders and workers have to work together in order to create an effective OHSMS. Leaders provide resources such as time, money, and information while workers are tasked to relay data on workplace risks and hazards. Employees can help think of recommendations to reduce these identified risks. Management will then have to use risk assessment tools such as a 3×3 risk matrix, 4×4 risk matrix, or 5×5 risk matrix when making decisions for mitigating or eliminating safety hazards.

risk matrix risk analysis infographic

Additionally, this standard can help prevent costs from possible litigation, insurances, hospital bills, among others and also enhance the safety culture of the business.

ISO 45001:2018 Requirements

Here are the documented information required by the ISO 45001:2018 standard, separated per clause:

Clause Requirement
  • Context of the organization
  • Scope of the occupational health and safety management system
  • OHS management system
  • Leadership and commitment
  • OHS policy
  • Organizational roles, responsibilities, accountabilities and authorities
  • Consultation and participation of workers
  • Plan to address risks and opportunities
  • Risk Assessment
  • Identify legal and other requirements
  • OHS Objectives
  • Support
  • Information and communication
  • Operational planning and control
  • Contractors and procurement/outsourcing
  • Emergency preparedness and response
  • Performance evaluation
  • Internal audit
  • Management review
  • Reports on the incident, nonconformance, and corrective action
  • Continuous improvement

Legal requirements will vary depending on your local governments. Be sure to check if there are any occupational health and safety regulations in your area and document the requirements as stated in the 6th clause. Once this has been established, identify how these requirements affect your OHS management system and organization.

Explore our Free ISO 45001 Audit Templates

See how digital checklists simplify business processes with just a tap.

View now

7 Steps for an Effective ISO 45001 Implementation

To create an effective ISO 45001 plan it has to be simple and there should be little additional documentation involved for the OHS plan. Here are the seven simple steps that your organization can follow:

  1. Determine the external and internal influences – This is important when determining the needs of your stakeholders and allows the management to set the scope of the OHS management system.
  2. Leaders and workers set the policy and assign roles and responsibilities – Both parties are integral when creating the occupational health and safety plan. Assign roles and responsibilities during this step.
  3. Plan to identify and mitigate the risks – There are multiple methods and tools available, the risk matrix is highly recommended for identifying risks. During this step, legal and other requirements should be taken into account.
  4. Determine the support needed – This will depend on the plan created in the previous step. Allocate necessary resources to control the risks.
  5. Operational implementation – Leaders have to manage changes and be ready for an emergency situation.
  6. Perform evaluations, audits, and reviews – A regular evaluation can uncover repetitive incidents and additional risks that weren’t seen during the planning process. An audit will ensure that issues will be accounted for and compliance is maintained.
  7. Continuously improve and follow through – The organization should follow and improve the ISO 45001 plan continuously. This is a key step for a safe work environment with a culture of safety. Employers should also regularly remind and train employees about the occupational health and safety plan and procedures.

Throughout this process, OHS can also be controlled by using the hierarchy of controls. The hierarchy of controls is a system typically used for reducing and eliminating hazard exposure. Commonly, there are 5 factors in this hierarchy as provided by the National Institute for Occupational Safety and Health (NIOSH):

  1. Elimination – removing the hazard
  2. Substitution – replacing the hazard
  3. Engineering Equipment – isolating people from the hazard
  4. Administrative controls – change the work process
  5. Personal Protective Equipment (PPE) – provide workers with protective gear

There is an additional level, Isolation, which comes after substitution but isn’t recommended by leading OHS organizations. The isolation method is also unnecessary since engineering equipment’s purpose is to do the same. Hierarchy of controls is a method to control risks. The control methods, as provided by the CDC, should be used from the top to the bottom, the top being the most effective and protective. Move to the next method if the current method is exhausted or isn’t able to reduce the risk. For example, if the elimination method isn’t possible or isn’t able to control the risk, management should move to substitution and so forth until risks are substantially reduced.

Occupational Health and Safety Audit Example

Businesses are highly encouraged to perform self-assessments since they are required to conduct an internal audit if they wish to comply with ISO 45001:2018. Here is an example of an ISO 45001:2018 audit checklist that contains important clauses that are part of the requirements as stated earlier. The clauses in this checklist are divided into sections: context of the organization, leadership, planning, support, operation, performance evaluation, and improvement.

Managing ISO 45001 with an OHS App

A digital checklist makes the evaluation, auditing, and review process more efficient and also eliminates paperwork. An OHS app such as SafetyCulture (formerly iAuditor), allows your organization to easily comply with the ISO 45001 requirements. Other helpful features include:

  • Thousands of free safety and compliance checklists which are also customizable to fit your organizational needs.
  • Schedule an audit and assign workers
  • Automatically save and sync the audits
  • Data Analytics that provides insights on failed items and required corrective actions
Article by
Sare Hawes