AQS is an auditing, testing and certification company working in the field of management systems and product certifications providing quality assurance certifications.

Contact

+91 8700656111, 7011912736

F-132, Krishna Apra, D Mall, Indirapuram, Ghaziabad

info@aqssolution.com

Facebook-f Twitter Linkedin-in Instagram Pinterest Quora

ISO 45001

ISO 45001 Overview

You’re not required by law to implement a formal management system, but they can help provide a structured framework for ensuring a safe and healthy workplace.

If your business is small or low-risk, you’ll probably be able to demonstrate effective risk management without this sort of system.

A simpler and less bureaucratic approach may be more appropriate such as that set out in our introduction to managing health and safety. Although the language and methodology between systems vary, the key actions can usually be traced back to the steps Plan, Do, Check, Act.

Minimise documentation

Concentrating too much on the formal documentation of a health and safety management system will distract you from addressing the human elements of its implementation. The focus becomes the process of the system itself rather than actually controlling risks.

Attitudes and behaviours

Effectively managing for health and safety is not just about having a system in place. The success of whatever process or system is in place still hinges on the attitudes and behaviours of people in the organisation (sometimes referred to as the ‘safety culture’).

Our publication Managing for health and safety (HSG65) provides examples to help you identify positive and negative health and safety attitudes and behaviours.

Examples of systems that may help you

Examples of formal management systems or frameworks that can help you manage health and safety include national and international standards such as:

  • ISO 45001 Health and safety management standard
  • BS EN ISO 9001 Quality management system
  1. ISO 45001 health and safety management standard

ISO 45001 is an international standard for health and safety at work developed by national and international standards committees independent of government.

Implementing ISO 45001 may help your organisation demonstrate compliance with health and safety law. But, in some respects, it goes beyond what the law requires, so consider carefully whether to adopt it.

If your organisation already has a developed health and safety management structure, or you’re familiar with other management standards, it may be straightforward for you to adopt ISO 45001. However, if your organisation is small, with less formal management processes, you may find it difficult to:

  • interpret what the standard asks for
  • gauge what proportionate implementation looks like
  • This may particularly be the case if you're adopting management standards to meet supply chain requirements of customers or contracting bodies.
  • It is important to carefully consider:
  • the practical implementation of the standard, including audit and certification
  • whether it can be easily tailored to work effectively for for the size and complexity of your organisation in a way that's in proportion to the risks you must control

Contracting bodies and customers should therefore ask themselves whether the supplier really needs certification to 45001, or whether they can demonstrate competence in managing health and safety using other means.

HSE inspectors will continue to rely on a wide range of evidence and observations when assessing an organisation’s compliance with health and safety law, not just whether they claim to meet the ISO 45001 standard or not.

Your organisation can apply the standard to your activities (in full, or in part) to help provide evidence of good health and safety management, and improvements made, without getting certification. However, you can only claim to conform to the standard if it’s implemented fully.

Audit

To implement ISO 45001 in a proportionate way, auditors or certifiers should understand that it needs to be:

  • tailored to an organisation's size and level of complexity
  • in proportion to the risks
  • You should ensure that any auditor or certifier you use has evidence that they're competent to a recognised standard, such as ISO 19011:2011 or the relevant parts of the ISO 17021:2011 series.
  • The certification body should be accredited by either the United Kingdom Accreditation Service (UKAS) for ISO 45001 or an equivalent body

Product standards

The advice on this page relates solely to the health and safety management systems standard ISO 45001.

  • HSE continues to recognise the valuable role that product standards can play in:
  • delivering consumer and worker protection
  • providing a level playing field for businesses
  • enabling trade with other countries
Help with ISO 45001 from outside your organisation

You can get external advice to help comply with the standard but your organisation will remain legally responsible for the day-to-day control of risk.

If you choose to use a third party (including auditors and certifiers) ask them for proof that they have experience of implementing the standard proportionately across a range of business sizes, types and sectors.

ISO 45001: Occupational Health & Safety Management System (OHSMS)

ISO 45001 is an international standard for Occupational Health and Safety (OH&S) Management Systems, published by the International Organization for Standardization (ISO). It provides a framework to improve workplace safety, prevent injuries, and ensure employee well-being.

Key Features of ISO 45001
  • Proactive approach : to identifying & controlling workplace hazards.
  • Applies to all industries: and organizations, regardless of size.
  • Risk-based thinking : to prevent work-related accidents & illnesses.
  • Integration with ISO 9001 (Quality) & ISO 14001 (Environmental) : for streamlined management.
Benefits of ISO 45001 Certification
  • Reduces workplace accidents & health risks.
  • Ensures legal & regulatory compliance.
  • Improves employee safety & morale.
  • Enhances business reputation & credibility.
  • Reduces costs related to incidents & insurance premiums.
Steps to Get ISO 45001 Certified
  • Conduct a gap analysis (identify current OH&S weaknesses).
  • Develop an OH&S policy & risk assessment framework.
  • Implement hazard controls & employee training.
  • Conduct internal audits to ensure compliance.
  • Undergo a certification audit by an accredited body.
  • Maintain certification through continuous improvement & audits.

ISO 45001 vs. OHSAS 18001

ISO 45001 replaced OHSAS 18001 in 2018, with key differences:

Feature

ISO 45001

OHSAS 18001
Approach Proactive risk-based thinking Reactive hazard control
Integration Aligned with ISO 9001 & 14001 Standalone system
Worker Involvement Emphasized participation Limited involvement

Key Elements of ISO 45001

ISO 45001 follows the Annex SL structure, which aligns with other management system standards like ISO 9001 (Quality) and ISO 14001 (Environmental). The core elements include:

Context of the Organization

Understanding the internal and external factors affecting OH&S
Identifying interested parties and their needs

Leadership and Worker Participation

Top management commitment to OH&S
Defining OH&S policies and roles
Encouraging employee participation

Planning

Identifying OH&S hazards and risks
Establishing objectives and risk management plans
Addressing legal and regulatory requirements

Support

Providing resources, training, and awareness programs
Ensuring effective communication

Operation

Implementing risk controls (hierarchy of controls)
Emergency preparedness and response
Outsourcing, procurement, and contractor management

Performance Evaluation

Monitoring, measuring, analyzing, and evaluating OH&S performance
Internal audits and management reviews

Improvement

Incident reporting and corrective actions
Continuous improvement of the OH&S management system

Risk-Based Approach
  • ISO 45001 emphasizes hazard identification, risk assessment, and risk control.
  • It follows the PDCA (Plan-Do-Check-Act) cycle to drive continuous improvement.
  • Organizations must establish a hierarchy of controls:
    1. Elimination
    2. Substitution
    3. Engineering controls
    4. Administrative controls
    5. Personal protective equipment (PPE)
Integration with Other ISO Standards
  • ISO 45001 follows a high-level structure (HLS), making it easy to integrate with ISO 9001 (Quality Management) and ISO 14001 (Environmental Management).
  • It aligns with the Deming Cycle (PDCA) to ensure systematic implementation.
Certification Process

To achieve ISO 45001 certification, an organization must:

  • Conduct a gap analysis against ISO 45001 requirements.
  • Develop and implement an OH&S management system.
  • Conduct internal audits and a management review.
  • Undergo a third-party certification audit by an accredited certification body.
  • Maintain and continually improve compliance.
Benefits of ISO 45001
  • Reduces workplace accidents and illnesses
  • Ensures compliance with legal and regulatory requirements
  • Improves employee engagement and safety culture
  • Enhances business reputation and stakeholder confidence
  • Increases efficiency and reduces downtime due to workplace incidents

Mandatory Technical Requirements

The standard is structured into 10 clauses, but Clauses 4–10 contain the mandatory requirements that must be implemented for compliance and certification.

Context of the Organization

Organizations must:

  • Identify internal and external factors that affect OH&S.
  • Determine interested parties (e.g., employees, regulators, suppliers) and their needs.
  • Define the scope of the OH&S management system.
Leadership & Worker Participation
  • Top management commitment to OH&S.
  • Define OH&S policy and objectives.
  • Assign roles, responsibilities, and authorities.
  • Ensure worker participation and consultation in decision-making.
Planning for the OH&S Management System

Organizations must:

  • Identify hazards, risks, and opportunities.
  • Establish a risk assessment methodology.
  • Define legal and regulatory compliance obligations.
  • Set measurable OH&S objectives with action plans.
  • Establish a hierarchy of controls to mitigate risks.
Support
  • Allocate resources (financial, human, and technical) for OH&S.
  • Ensure competence and training of workers.
  • Maintain effective internal and external communication about OH&S.
  • Control documented information (policies, procedures, and records).
Operational Controls
  • Establish and maintain safe work procedures.
  • Implement risk control measures (e.g., elimination, substitution, PPE).
  • Manage outsourced processes and contractors to ensure OH&S compliance.
  • Develop an emergency preparedness and response plan.
Performance Evaluation

Organizations must:

  • Monitor and measure OH&S performance (accidents, near misses, compliance).
  • Conduct internal audits to assess effectiveness.
  • Perform management reviews to ensure continuous improvement.
Improvement
  • Implement a corrective action process for nonconformities.
  • Continuously improve the OH&S system.
  • Learn from incidents, audits, and worker feedback.
Maintaining Certification & Continuous Improvement

To retain certification, organizations must continually monitor and improve their EMS.

  • Conduct periodic audits (internal and external).
  • Update environmental objectives and policies as needed.
  • Train employees on new environmental initiatives.
Documentation Requirements

ISO 45001 requires specific documented information, including:

  • Implement a corrective action process for nonconformities.
  • Continuously improve the OH&S system.
  • Learn from incidents, audits, and worker feedback.
Risk-Based Approach & Hazard Control

ISO 45001 follows a risk-based approach using the Hierarchy of Controls:

  • Conduct periodic audits (internal and external).
  • Update environmental objectives and policies as needed.
  • Train employees on new environmental initiatives.