Tenth International Quality Forum

Cartagena, Columbia
August 28, 2014

From OHSAS 18001 to ISO 45001

Evolution of a global
occupational health and safety
management system standard
 History
• New work item proposal submitted by BSI
(UK) on “Occupational health and safety
management system – Requirements”.

• The third (and finally successful) proposal to

develop an occupational health and safety
management system standard.
 Significant Dates
• 6 February, 2013: New work item proposal
submitted by BSI
• 26 February 2013 - The International Labour
Organization (ILO) objects to proposal.
• June 2013 - ISO/Project Committee 283
established ISO Technical Management Board
(ISO/TMB)
• August 6, 2013 ISO & ILO sign a Memorandum of
Understanding (MoU)
• 21-25 October 2013 – First meeting of PC 283,
London, UK.
 ILO’s concerns
• ISO should not developing worker health and
safety standards as they are the subject of
national regulations.
• ISO is not competent to deal with labour and
social issues.
• ISO should not develop an OHS standard as
the ILO disagrees with the initiative.
 ISO’s position
• Many ISO standards support public policy
initiatives (Social Responsibility) and highly
regulated areas (food safety, medical devices).

• ISO's members (national standards bodies)

can identify participants with expertise and
interest in an OHSMS.
 Scope of the NWIP
• “This International Standard specifies
requirements for an occupational health and
safety (OH&S) management system, to enable
an organization to control its OH&S risks and
improve its OH&S performance. It does not
state specific OH&S performance criteria, nor
does it give detailed specifications for the
design of a management system.”
 Significant decisions
• NWIP proposal requested a 36 month
development track
• NWIP included a "Proof of concept draft”
using the ISO Annex SL (High Level) structure
for management system standards
• ISO/WD 45001 Occupational health and
safety management systems — Requirements
with guidance for use (20 December 2013)
 Alignment with other
Management System Standards
• ISO/TMB/TAG13-JTCG to ensure that the
proposed ISO management system standards
are aligned.
• ISO/TC 207 - health and safety functions often
combined with environmental management
• ISO/TC 176 - organizations may combine
quality, health and safety, and environmental
management systems into an "integrated"
management system.
 High – level structure
and common core text
• 45001 draft uses the “high-level structure” (i.e.
clause sequence, common text and terminology) set
out in Annex SL, Appendix 2 of the ISO/IEC
Directives, Part 1, Consolidated ISO Supplement,
2014.

• Objective:
– enhance alignment among ISO’s management
system standards,

– facilitate their implementation for organizations

that need to meet the requirements of two or
more such standards simultaneously.
 High – level structure
and common core text
Allows for addition of discipline-specific
(OH&S specific) text applied by including:
• Specific OHSMS requirements to meet the
scope of 45001

• requirements and notes to ensure consistent

interpretation and implementation of the
common text in the context of an OHSMS.
 First meeting – October 2013
• 83 delegates from 27 ISO member bodies and
5 liaison members
 Key issues identified in the
development of Working Draft 1
• The HLS terminology not well suited to OH&S
• Example: the OHS view of “risk” as negative
• What “people” are under the control of the
management system?
• What is a “workplace”?
• Worker participation in the OHSMS
• OHS vs OSH (balloted to decide on OHS).
• The need for guidance in addition to
requirements.
 Objectives for second meeting –
Casablanca: March 31 to April 4, 2014
• Resolve 1300 comments (230 pages)
on the Working Draft.
• Revision WD 1 into a Committee
Draft.
• Bring new members “up to speed” as
of the 85 experts, 33 were attending
for the first time.
 Outcome of second meeting –
Casablanca: March 31 to April 4, 2014
• Review and revision was not complete.

• Task Group members worked electronically

following the Casablanca meeting.

• Draft circulated on July 1 for review by WG 1.

• Members voted in favour of circulating CD1 to

the members of ISO/PC 283.
 Second meeting
Casablanca
85 delegates - 46 participating members
15 observer members and 12 liaison members
 45001 Table of Contents
• Foreword

• Introduction

1 Scope
2 Normative references
3 Terms and definitions
 1. Scope
Requires the organization’s OHSMS to address:
• OH&S risks to persons working under its control
• needs of other persons not engaged in
“occupational” activities (visitors, customers,
passers-by)
• OH&S risks associated work locations under its
control
The organization is required to take preventive
measures to address the OH&S risks associated
with workplaces not under its control.
 1. Scope (continued)
• Organization may choose to address non
“occupational” aspects of health and safety,.
(employee wellness/ wellbeing)
• No specific criteria for OH&S performance, or
prescriptive design for an OHSMS.
• Does not address issues of product safety,
property damage or environmental impacts.
 2. Normative References
• No normative references identified.

• The clause is retained to enable clause

numbering alignment with other ISO
management system standards.
 3. Terms and definitions
• Uses Annex SL definitions with some addition and
deletion of notes
• Additional definitions included for:
– Worker
– Legal requirement
– OH&S management system
– OH&S policy, OH&S objective, OH&S risk, OH&S
performance
– Hazard
– Procedure
– Incident
– Workplace
 4. Context of the organization

4.1 Understanding the organization and its

context
4.2 Understanding the needs and expectations
of interested parties
4.3 Determining the scope of the OH&S
management system
4.4 OH&S management system
 4.3 Determining the scope of the
OH&S management system
The organization shall consider:

a)
b)
c) the functions performed at the workplace(s)

The scope shall include all activities, products or

services within the organization’s control or
influence that can impact on the organization’s
OH&S performance.
5. Leadership
6. Planning
5.1 Leadership and commitment
5.2 Policy
5.3 Organizational roles, responsibilities,
accountabilities and authorities

6.1 Actions to address risks and opportunities

6.2 OH&S objectives and planning to achieve
them
 5.1 Leadership and commitment
a) ensuring that knowledge of the organization’s
context as well as potential OH&S risks are
considered when establishing the OHSMS
b) ensuring that workplace hazards are
systematically identified, risks evaluated and
prioritized, and action taken to improve OH&S
performance
d) taking OH&S performance into account in
strategic planning
 5.1 Leadership and commitment
g) ensuring that the organization establishes
processes for consultation and active
participation of workers and protected from
reprisals
m) promoting and leading organizational culture
with regard to the OHSMS
n) ensuring that persons under the control of the
organization know their OHSMS responsibilities
and the consequences of their actions or
inactions on others in the workplace.
 5.2 Policy

• appropriate to the organizations purpose, risks

and opportunities
• provides a framework for setting and
achieving OH&S objectives
• includes a commitment to control OH&S risks
through a hierarch of controls
• includes a commitment to worker
participation and consultation
 6.1 Actions to address risks and opportunities
has additional OH & S –related clauses
• 6.1.1 General
The risks and opportunities to be addressed,
shall be determine considering:
• risks and opportunities related to the
operation of the OHSMS that affect the
achievement of intended outcomes
• OH&S risks related to the hazards identified in
6.1.2.
 6.1.2 Hazard Identification
• establish, implement and maintain a process
to identify hazards potentially affecting
achievement of the intended outcome of the
OHSMS.

• The process for hazard identification shall

ensure that the organization gives
consideration to: [a list of a) through l) ]
 6.1.3 Determination of legal
and other requirements
The organization shall establish, implement and
maintain a process to:

• a) identify and access current legal and other

requirements related to its OH&S risks and
OHSMS, and

• b) determine how to apply and meet these

requirements.
 6.1.4 Assessment of OH&S Risks
• assess and prioritize OH&S risk
• identify opportunities to reduce OH&S risk
• determine controls, considering legal and other
requirements and the hierarchy of controls
• maintain current, documented information on
the assessment of OH&S risks, methodologies
used, outcomes of assessment and controls
identified
• analyze the causes of incidents and update its
assessment of OH&S risks
• define proactive methodologies for risk
assessment to be used in a systematic way.
 6.1.5 Planning for changes
The organization shall:
• identify hazards and assess OH&S risks and
opportunities associated with changes in the
organization, its processes, or the OHSMS
• undertake assessment of planned changes
before they are implemented.
• retain documented information on planned
changes, including the associated assessments
of OH&S risk.
 6.1.6 Planning to take action
The organization shall plan
• actions to address the risks and opportunities
• actions to prepare for, and respond to, emergency
situations
• how to integrate and implement relevant actions ,
including the application of controls, into its OHSMS
processes
• how to evaluate the effectiveness of these actions and
respond accordingly.

Outcome of these plans shall be retained as

documented information.
 6.2 OH&S objectives and
planning to achieve them
6.2.1
OH&S objectives shall:
• be established for relevant functions and levels to
maintain and improve the OHSMS and continually
improve OH&S performance
• consider:
– the outcome of the assessment of risk and
opportunities
– technological options, financial operational and
business requirements
– the participation of workers and other interested
parties
 7. Support

7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Information, communication, participation
and consultation
7.5 Documented information
 7.2 Competence
Actions to ensure competence, including training, shall
take into account:
• the hazards identified and associated risks assessed
• preventive and control measures resulting from the
risk assessment process
• assigned roles and responsibilities
• individual capabilities, including language skills and
literacy
• updating of the competencies if necessary (context or
work changes).
• competencies prescribed by regulation.
 7.4 Information, communication,
participation and consultation
7.4.1 Information and communication
The organization shall:
• define the objectives to be reached by informing
and communicating
• evaluate whether the objectives have been met.
7.4.2 Participation, consultation and representation
The organization shall:
• establish a process to ensure effective worker
participation in the OHSMS
• provide workers with the mechanisms, time and
resources necessary to participate.
 7.5 Documented information
• describes of the main elements of the OHSMS,
their interaction and reference to related
documented information
• controlled to ensure it:
– is available and suitable for use
– prevents the use of obsolete documents
– is accessible to workers (respecting the need for
confidentiality).
 8. Operations

8.1 Operational planning and control

8.2 Management of change
8.3 Outsourcing
8.4 Procurement
8.5 Contractors
8.6 Emergency preparedness and response
 8.1.2 Hierarchy of controls
The organization shall ensure that the OH&S risks and
controls are taken into account when establishing,
implementing and maintaining its OHSMS.
The process for achieving risk reduction must be based
on this hierarchy:
• eliminate the hazard
• substitute with less hazardous materials, processes,
operations or equipment
• use engineering controls
• use safety signs, markings and warning devices and
administrative controls
• use personal protective equipment.
 8.2 Management of change
The organization shall plan and manage changes to the
OHSMS for:
• the resolution of incidents and nonconformities
• new products, processes or services at the design or re-
design stage
• changes in knowledge or information about hazards
• changes to work processes, procedures, equipment,
organizational structure, staffing, products, services,
contractors or suppliers
• developments in knowledge and technology;
• changes to legal or other requirements.
 8.4 Outsourcing
The organization shall establish and maintain
processes:
• to ensure that relevant requirements of the
organization's OHSMS are met by contractors
and their workers.
• for coordinating the relevant portions of the
OHSMS with other organizations on multi-
employer worksites.
 8.4 Procurement
Procurement controls must be established for
the purchase of:
• products
• raw materials
• equipment
• goods, and
• related services
in order to conform to OHSMS requirements.
 8.5 Contractors
• The organization shall:
• establish and maintain processes to ensure
that the requirements of the organization's
OHSMS are met by contractors and their
workers.
• implement a process for coordinating the
relevant portions of the OHSMS on multi-
employer worksites with other organizations.
 8.6 Emergency preparedness
and response
The organization shall:
• assess OH&S risks of emergency situations
• establish, implement and maintain a process
to anticipate, prevent and minimize risks from
emergencies
• identify and plan for potential emergency
situations
• respond to emergency situations
• periodically test and exercise.
 8.6 Emergency preparedness
and response
The organization shall:
• evaluate and revise emergency preparedness
following an emergency
• provide information on duties and
responsibilities
• provide training for emergency prevention,
preparedness and response
• communicate with contractors, visitors,
emergency response services, government
authorities, and the local community.
 9. Performance evaluation
10. Improvement
9.1 Monitoring, measurement, analysis and
evaluation
9.2 Internal audit
9.3 Management review

10.1 Incident, nonconformity and corrective

action
10.2 Continual improvement
 9.1.2 Evaluation of compliance
The organization shall implement and
maintain a process to:
• evaluate compliance with the standard and
legal and other requirements
• determine the frequency and method for
evaluating compliance
• evaluate compliance and take action if needed
• retain documented information as evidence of
compliance evaluations.
 9.2 Internal Audit
The organization shall conduct internal audits
at planned intervals to determine
conformance with:
• the organization’s own requirements for its
OH&S management system
• the requirements of this International
Standard.
 Internal Audit Process
The organization shall plan, establish, implement and
maintain an internal audit program including
• the audit criteria and scope for each audit
• the frequency, methods, and responsibilities
• planning requirements and reporting the audit results
• performance evaluation outcomes
• previous audit results
• auditor selection to ensure objectivity and the
impartiality of the audit process
• the information to be documented and retained as
evidence of the implementation of the audit program.
 9.3 Management review
The management review shall consider:
• information on OH&S performance
• status and trends in incidents, nonconformities ,
continual improvement, investigation outcomes, and
corrective actions
• communication with interested parties
• the results of worker participation and consultation
• OH&S risk and opportunities
• whether OH&S policy and OH&S objectives have been
met
• the adequacy of resources for maintaining an effective
OHSMS.
 10.1 Incident, nonconformity
and corrective action
When an incident or a nonconformity occurs,
the organization shall:
• react in a timely manner
• determine the cause
• evaluate the need for, implement, and review
the effectiveness of corrective action
• review the identification of hazards and the
evaluation of risks if needed.
 10.2 Continual improvement
The organization shall continually improve the
• suitability,
• adequacy and
• effectiveness

of the OHSMS to prevent incidents and

nonconformities and promote improvement in
OH&S performance.
 10.2 Continual improvement
The organization shall establish, implement and
maintain a continual improvement process using
outputs from the clauses on:
• context of the organization
• actions to address risks and opportunities
• objectives and plans to achieve them
• information, communication participation and
consultation
• monitoring, measurement and evaluation
• management review, and
• the review of opportunities.
 Annex A
• Follows the order of the Table of Contents
• Additional text is strictly informative
• Intended to prevent misinterpretation of the
requirements
• Information is consistent with the
requirements but not intended to add to,
subtract from, or modify them.