Working Towards ISO 45001 Certification and Beyond
The adoption of ISO 45001 can significantly improve your safety management system.
- By Glenn D. Trout
- Sep 01, 2019
Last year, the International Organization for Standardization (ISO) published the ISO 45001 standard to replace OHSAS 18001. Aimed at providing organizations with a single, clear framework to improve Occupational Health and Safety (OHS) performance and address persistent problems with safety performance, ISO 45001 represents the first true international standard on safety management systems. Moreover, it takes a more proactive, integrated approach to risk control by incorporating OHS practices into the organization’s overall management system, and encourages top management to take a stronger leadership role in the company’s safety and health program.
While there is no requirement to certify to an ISO management system standard, simply having a formal management system in place aligned with the standard brings many benefits of its own through the implementation of industry best practices. Here are some of the ways the adoption of ISO 45001 can significantly improve your safety management system and boost your facility safety performance.
Hazard Assessment & Risk Analysis
Before we dive in, it’s important to first highlight how ISO 45001 defines “hazards” and “risks” with related, yet distinct meanings.
“Hazards” are conditions that have the potential to cause injury and ill health. They can be physical, observable conditions like wet floors which might create such risks as slips or electrical shocks, or they might be conditions that are not directly observable, such as poor safety awareness or training effectiveness which may also create the risk for various workplace accidents. The likelihood of such a negative outcome, combined with its probability, is what the standard defines as a “risk.” In other words, hazards are conditions that create risks.
Another important definition to know: “opportunity.” ISO 45001 defines an “opportunity” as the circumstances, or set of circumstances, that can lead to the improvement of OHS performance. It explains that an organization needs to take opportunities into account along with hazards and risks, highlighting the fact that an effective safety management system needs to be proactive.
Why is this important? According to ISO 45001, the best way to boost safety performance is to eliminate hazards, reduce associated risks, and adopt a mindset of continual improvement. This means regularly putting all of your operations, training, programs and policies under the microscope and looking for ways to strengthen safety awareness and reduce the potential for accidents. Being proactive with safety instead of only responding to incidents is key to ISO 45001, and is what sets it apart in its overall effectiveness. Once you can integrate this continual improvement mindset into your business philosophy and make it part of your culture, you’ll pave the way toward better safety performance.
Incident Investigations and Root Cause Analysis
Even with an excellent safety management system in place, unplanned events can still happen. You likely know that when someone gets injured, it’s important to conduct an incident investigation to identify the real underlying reasons—or root causes—for it.
However, when was the last time you applied a root cause analysis to a near miss? The truth is, we often think of near misses as “almost incidents” rather than their own type of incidents, and therefore don’t see the significance of performing a root cause analysis.
ISO 45001 improves this awareness by emphasizing that there doesn’t need to be an actual injury or illness for the event to count as an incident to be investigated and managed. If you simply wait until someone becomes injured or sick, you miss the chance to respond to clues that unsafe conditions exist, and to change related behaviors before something more serious happens. You also send your employees a message that you only will respond to workplace safety incidents when they’re so serious that they force your hand. This can erode employee confidence in your EHS programs and jeopardize your workplace culture.
Management of Change
One of the most common scenarios in which unsafe conditions get overlooked is when those conditions arise due to changes to the workplace. Some of the worst industrial disasters in history have occurred because a normal process was interrupted or altered, and those doing so did not assess the risks involved.
ISO 45001 acknowledges this reality and prompts organizations to establish a process, or processes, to implement and control planned temporary and permanent changes that impact OH&S performance. It’s important that this process not only addresses changes to operations, but also changes to workplace conditions, personnel and the organization itself to the degree that such changes can impact safety. For example, if a planned staff cut will reduce the number of workers available to perform a certain process that could introduce risks to the remaining workers, management must try to control those risks during the planning stages.
While many facilities need to have a management of change (MOC) process in place due to applicable regulations, ISO 45001 reminds us that MOC shouldn’t only be a tool for the select few. Any organization can introduce unintended risks through planned changes and a robust, widely implemented MOC process is its best defense.
A good EHS software solution with a comprehensive MOC product helps streamline operational change within your organization by creating a systematic approach to managing the people and processes involved. By giving you total visibility and control at every step, from concept approval to completion, the best MOC software helps you define and schedule change, design workflows, manage documents, create and deploy checklists, tracking approvals, and assign action items—all from one centralized system.
One of the biggest hurdles companies struggle with when it comes to worker training is determining who needs training, and ensuring that it’s being completed. This is even more of a struggle for facilities where multiple employers have employees working at the same time, in the same space; or where workers on the regular payroll work alongside contractors and temporary workers.
ISO 45001 seeks to improve this by saying that workers include those “employed by the organization, workers of external providers, contractors, individuals, agency workers, and by other persons to the extent the organization shares control over their work or work-related activities.” This perspective is similar to that expressed by OSHA in its Temporary Worker Initiative, which maintains that employers present at multi-employer worksites share responsibility for worker safety, with employers being responsible for addressing the aspects of safety specifically under their control.
Make sure all your employees, including temp and contracted labor, are aware of the specific hazards of chemicals in your facility and how to reduce exposure. A good practice is to maintain open lines of communication between all employers represented in your workplace so you all understand your roles, and no communication gaps occur.
All of the EHS activities we’ve talked about so far in relation to ISO 45001 can generate corrective actions. That means at any given time, your organization is likely managing numerous concurrent action items, and your EHS management program will succeed or fail based on how efficiently and effectively you’re able to address those actions. Therefore, having a system that captures and funnels all of your different actions into one place can dramatically simplify management and follow-up. A modern corrective actions software solution can be a big help here.
ISO 45001 lays out its expectations that organizations have a process for reacting to an incident or nonconformity in a timely manner. Remember that incidents as defined by ISO 45001 includes close calls and near misses, so a “nonconformity” is essentially any instance when the company fails to do what its own management system policies and procedures require.
It also states that management needs to involve workers and other interested parties in the corrective action process to eliminate the root cause(es) of the incident or nonconformity. This highlights a key feature of ISO 45001—its strong emphasis on employee participation. According to the standard, an organization also can’t simply complete the action(s) related to a particular incident or nonconformity and call it a day. Instead, ISO 45001 directs them to determine if similar incidents have occurred, or could potentially occur. It also states that organizations need to document the results of actions taken and evaluate their effectiveness. This helps ensure that management is looking wider and deeper than the immediate problem at hand, and is validating the effectiveness of actions.
This emphasis on promptness, scope and applicability of actions, and employee participation all serve to mutually reinforce management system performance. Prompt completion of actions demonstrates management’s commitment to reducing risks, while focusing our attention beyond immediate incidents increases the likelihood of identifying other relevant risks. Worker involvement improves the odds that actions will be effective, since workers know more about their job tasks and associated safety risks than anyone else. The more frequently we can document that actions are effectively managed and completed through employee involvement, the more likely it is that workers will buy into our EHS culture, which makes every facet of our management system facility safety program that much better.
ISO 45001 puts a priority on organizations to consult and participate with workers or their representatives because all too often management systems are the domain of a select few with program documents only existing on a handful of computers within corporate EHS.
The new standard attempts to fix that by specifically requiring non-managerial workers to consult on various aspects of OHS to ensure that all employees are included. A common historical reason safety management systems fail in this regard has been because they existed in a separate universe from all of the organization’s production activities, which caused compartmentalized thinking and a lack of true engagement. That’s why ISO 45001 states that OHS management must be an integral part of an organization’s identity.
The take-away here is that any organization seeking ISO 45001 certification, or looking to pattern their safety management system on it, needs to have a healthy and engaged EHS culture. It’s important to involve your entire workforce, including temporary and contracted workers, in all levels of your OHS management system, such as incident investigations, development and tracking of corrective actions, and planned changes to operations.
This article originally appeared in the September 2019 issue of Occupational Health & Safety.