The Key Differences between ISO 45001 and

OHSAS 18001

Proactive vs Reactive
 The Key Differences between ISO 45001 and
OHSAS 18001
• Reactive and proactive are approaches that people take in different
situations in life.
• Reactive approach entails action after an event has taken place to
either minimize its effects or to take advantage of the event.
• On the other hand, proactive approach enables people to gauge or
anticipate events and work accordingly to reap the rewards in a
bigger manner.
 The Key Differences between ISO 45001 and
OHSAS 18001
• The release of the ISO 45001 Standard is arguably the most significant
event for EHS managers in a generation. This new standard, which will
replace OHSAS 18001, follows the approach of other management
systems such as ISO 14001 and ISO 90001 and has an increased
emphasis on management commitment, worker involvement, and
risk control.
• Adoption of the standard over the next three years will, no doubt,
lead to many questions as organizations evaluate their current health
and safety processes. Understanding the key differences between ISO
45001 and OHSAS 18001 is an important first step. Below is an
overview of ISO 45001 and a list of the key similarities and differences
in the two standards.
 The Key Differences between ISO 45001 and
OHSAS 18001
• What is ISO 45001?
• ISO 45001 was published on March 12,2018and is the new international
standard for occupational health and safety (OH&S) management
• ISO 45001 specifies requirements for an occupational health and safety
(OH&S) management system and gives guidance for its use to enable
organizations to provide safe and healthy workplaces by preventing work-
related injuries, illnesses, and fatalities and by proactively improving OH&S
performance
• ISO 45001 is applicable to any organization worldwide regardless of its size,
type, or nature
• ISO 45001 replaces OHSAS 18001, the world’s former reference for OH&S
management (organizations currently certified under OHSAS 18001 will
have until March 12,2021to migrate to ISO 45001)
 The Key Differences between ISO 45001 and
OHSAS 18001
• How is ISO 45001 similar to OHSAS 18001?
• Intent: The overall intent to create a framework for managing the
prevention of employee injuries, illnesses, and fatalities is the same for
both standards
• Plan-Do-Check-Act: The PDCA cycle remains the fundamental operating
principle in both standards
• Other Similarities: Many of the requirements covered in OHSAS 18001,
although consolidated, relocated, or expanded on, are found in ISO 45001,
including policy requirements; identification of legal and other
requirements; improvement objectives; awareness requirements;
competency requirements; resources needed to support the system; and
requirements for monitoring, measuring, and analyzing OH&S performance
and improvement
 The Key Differences between ISO 45001 and
OHSAS 18001
• What are some of the main differences between ISO 45001 and OHSAS 18001?
• Structure: The structure of ISO 45001 is based on Annex SL, which is the
framework used in other ISO management system standards, making
implementation easier and more efficient
• Management Commitment: ISO 45001 requires the incorporation of health and
safety into the overall management system of the organization, requiring
management to take a stronger leadership role in OH&S
• Worker Involvement: ISO 45001 requires employee training and education to
identify risks and help create a successful safety program, allowing broader
employee participation
• Risk v. Hazard: ISO 45001 follows a preventative process, requiring hazard risks to
be evaluated and remedied before they cause accidents and injuries, unlike
OHSAS 18001, which focused only on hazard control
•
Table 1: Key Differences Between ISO 45001:2018 and OHSAS 18001:2007

The Key Differences between ISO 45001 and

OHSAS 18001
ISO 45001:2018 OHSAS 18001:2007

process-based procedure-based

dynamic in all clauses not dynamic in all clauses

considers hazards, risks (incl. organizational risks), and opportunities deals exclusively with hazards and risks (excl. organizational risks)

includes the views of all interested parties does not include the view of all interested parties

uses ISO’s High Level Structure does not follow ISO’s High Level Structure
 The Key Differences between ISO 45001 and
OHSAS 18001
• Understanding and reacting to the key differences between OHSAS 18001 and ISO 45001 is the
most important dimension of your transition - so we've listed the 8 main areas to consider.
• 1. Annex SL
• ISO 45001:2018, like most other ISO standards, has adopted the Annex SL High Level Structure
(HLS).
• Annex SL is designed to simplify integration with other management systems like ISO 9001 and
14001 with consistent language and matching sub-clauses, making it easier for you to build and
manage an integrated business management system.
• Understanding Annex SL isn't just crucial for ISO 45001 - it's the core of any modern ISO standard
you can expect to accredit to in the future, so you should start your reading as soon as possible.
• Annex SL is a management system format that helps streamline creation of new standards, and
make implementing multiple standards within one organization easier. While many standards
have common elements, they were described and organized differently, making it difficult for
organizations to implement multiple standards.
 The Key Differences between ISO 45001 and
OHSAS 18001
• 2. The role of the management representative
• Under OHSAS 18001, the operation of the occupational health and safety
management system could be delegated by senior management to a
representative.
• Under ISO 45001, the role of the management representative is permitted but
strongly discouraged, for 3 main reasons:
• Like all modern ISO standards, 45001 places a strong emphasis on risk. Investing
control of the H&S system in a single employee should be recognised as a risky
set-up, particularly for larger businesses
• On the other hand, divesting responsibility and buy-in to multiple employees
should be recognised as an opportunity for continuous improvement
• Most importantly, top management can no longer distance themselves from the
operation of the health and safety management system by simply delegating a
representative which brings us
The Key Differences between ISO 45001 and
OHSAS 18001
• 3. Enhanced role of top management
• Clause 5 of ISO 45001 pushes and encourages the incorporation of health and safety into the
broader management system of your organisation.
• That means senior management are now expected to take a stronger top-down leadership role,
driving performance improvements into action and taking responsibility for the protection of
their employees.
• But what does this mean in practice? Engagement can be demonstrated in several ways,
including:
• 1. Frequent management reviews of the health and safety system performance
• 2. Management initiating and participating in safety audits, actively collecting feedback from
employees for improvement and corrective/preventive action
• 3. Adequate resources, such as the latest PPE or quality management tools, being actively
invested in
• 4. Issue-raising, hazard-spotting and constructive suggestions being encouraged, praised and
rewarded
 The Key Differences between ISO 45001 and
OHSAS 18001
• 4. Health and safety culture
•
• Your transition from OHSAS 18001 to ISO 45001 should be designed to embed
health and safety responsibility and engagement as widely as possible.
• A natural by-product of the removal of the management representative position
and greater top-down focus should be a greater proportion of your staff
understanding how they can support and contribute to a culture of health and
safety.
• This goes beyond just training your staff on health and safety procedures and
expecting them to stick to them.
• Instead, health and safety should be seamlessly part of 'business as usual', with
all workers aware of the objectives and advantages of a safe and efficient
workplace, and empowered to contribute to it.
 The Key Differences between ISO 45001 and
OHSAS 18001
• A robust health and safety culture should comprise:
• Integrating your H&S vision into recruitment
• Giving staff increased participation and consultation, testing new
initiatives before implementation and building policies around staff
feedback
• Utilising your workforce as 'moles', in the habit of flagging risks and
opportunities alongside their day-to-day work
• Openly sharing accident investigation and enquiry results, as well as
planned changes and developments
 The Key Differences between ISO 45001 and
OHSAS 18001
• 5. Risks, hazards and opportunities
•
• OHSAS 18001 focused on controlling hazards.
• ISO 45001 follows the general direction of recent ISO standards by
encouraging 'risk-based thinking': a more proactive, flexible and
preventative approach based on remedying a broader range of risks before
they materialise.
• Chapter 6.1 of the standard discusses risks in the same breath as
opportunities, encouraging businesses to scope, evaluate and address
opportunities for continuous improvement just as they'd identify and treat
risks. Rather than simply reacting to non-conformances, your HSMS should
use them positively to drive your continual improvement cycle.
 The Key Differences between ISO 45001 and
OHSAS 18001
• And the influence of Annex SL permeates into the risk focus of ISO
45001 - so the context and external influences on your organisation
should be as much a part of your H&S risk register as a piece of
machinery.
• For instance, a regulatory or legal development that prompts you to
change an ingredient or step in your manufacturing process might
introduce a fresh risk to the workers following that process.
• ISO 45001 also includes an expanded section on preparing for and
responding to emergency situations.
• In short, you should go beyond simple pinch points and slip hazards
and adopt a more holistic understanding of health and safety risk.
 The Key Differences between ISO 45001 and
OHSAS 18001
• 6. Improved planning
• Closely connected to risk-based thinking is a stronger emphasis on
planning and setting objectives.
• Your H&S objectives should take resource availability, responsible
staff, relevant KPIs and timelines into account.
• And ISO 45001 is more explicit than OHSAS 18001 about formalising
organisational goals, linking them to health and safety objectives,
setting priorities and establishing documentation.
•
 The Key Differences between ISO 45001 and
OHSAS 18001
• 7. A new definition of 'health'
• Health and safety tends to make people think in purely physical terms.
• And while mental health isn't explicitly mentioned in ISO 45001, the standard is designed to be
flexible enough to map onto your specific company needs.
• So if mental wellbeing is a concern for your business, there are several areas of ISO 45001 you can
leverage for a more integrated HSMS protecting body and mind.
• 1. Clause 4.2: the needs of workers and interested parties can include mental wellbeing, and can
be included in your health and safety policy
• 2. Clause 6.1.2.1: as part of your hazard/risk identification, you can now consider factors such as
employee stress and fatigue and how these might impact your business processes and functions
• 3. Clause 6.2: mental health can be integrated into your H&S improvement objectives and plans,
and tracked as a KPI through mechanisms like annual reviews and satisfaction surveys.
• 4. Clause 8.1.2: mental health risks can be treated and their residual risk scores lowered like any
other risk. For instance, mentally taxing processes can be rotated and divided among employees
to prevent excessive stress.
 The Key Differences between ISO 45001 and
OHSAS 18001
• 8. Terminology updates
• Of the 37 terms and definitions included in ISO 45001, only 3 are
identical to those in OHSAS 18001.
• New definitions include ‘worker’ and ‘workplace’, while 'documents
and records' are now 'documented information' to reflect the wider
focus of a 45001 health and safety system.
•
 The Key Differences between ISO 45001 and
OHSAS 18001
OHSAS 18001 ISO 45001

OHSAS 18001 ISO 45001

British Standard International Organization of Standardization Standard

Reactive planning Proactive planning

Hazard control Risk evaluation, reduction and prevention

Procedures are prepared Documented results are required

Safety management personnel play Top management plays leadership role

leadership role
The Key Differences between ISO 45001 and
OHSAS 18001
Company management reviews the process after development Company leadership takes leading role to ensure it fits within the overall
organization’s processes.

Safety and health is the responsibility of safety management personnel Safety and health is the responsibility of leadership and the overall
management system of the organization. External and internal issues related to
the safety management system should be addressed by leadership. Workers and
interested parties’ needs should be addressed and incorporated into the plan.

Employee participation consultation Everyone, including leadership, is responsible for safety. Workers should be
provided education to help identify risks and everyone should participate.
Internal audits and risk assessments should be shared with all employees and
non-managers should participate in internal audits, risk assessments and
incident investigation.
The Key Differences between ISO 45001 and
OHSAS 18001
Information and communication procedures are prepared
— Additional Elements
Information and communication documentation is required including
who, what, when, the objective of the communication and was it
effective?
• Outsourced processes, procurement and contractors are addressed.
• Hierarchy of controls are to be used.
• Procurement of goods are to be considered.
• Contractor controls and communication requirements for their workers,
your workers and any other affected parties are required.