Chat with us, powered by LiveChat

Looking to Integrate 9001+14001+45001+50001? Click here!

Comparing OHSAS 18001 to ISO 45001

The structure of ISO 45001 from OHSAS 18001 was one of the biggest changes. ISO 45001 is now based on the same high level structure as other management systems, such as quality (ISO 9001: 2015) and environment (ISO 14001: 2015).

Annex SL is a new management system format that helps streamline the creation of new standards. As a result of it being used across multiple standards, it makes implementing a number of standards within a single organization easier. Annex SL replaces ISO Guide 83. Guide 83 originally was a base structure and standardized text for management system standards. This structure was not common across the multiple standards making it difficult for organizations to implement multiple standards.

In 2012, ISO decided that all management system standards shall use a common framework. This framework contains several key features including:

  • a unified high level structure
  • common text and terminology
  • individual management systems standard will add additional “discipline-specific” requirements

There are several advantages of the high level structure of ISO 45001 compared to OHSAS 18001. The new standard allows for enhanced compatibility of standards, due to the common framework; it is now easier to implement new standards and transition; easier to integrate standards into an organization’s management system, increase values for users; and increase the effectiveness in standard development for the technical committees.

The Annex SL, or high level structure, has 10 clauses:

  1.  Scope
  2.  Normative References
  3.  Terms and Definitions
  4.  Context of The Organization
  5.  Leadership
  6.  Planning
  7.  Support
  8.  Operation
  9.  Performance Evaluation
  10. Improvement

Within this structure, the 10 clauses are organized by four steps called “Plan-Do-Check-Act” (PDCA). The first three clauses are not a part of the PCDA, they consist of general information and support for understanding the clauses. Clauses 4-7 fall under planClause 8-Operation falls under doClause 9- Performance Evaluation falls under check, and Clause 10-Improvement falls under act.

Whats new?

There are several key changes from OHSAS 18001 to ISO 45001 in regards to structure. Overall the purpose of the standard remains the same. In regards to the structure, some key changes are:

  • the new standard provides additional focus on process approach, and clarifies why it is essential to implement it throughout the organization
  • The commitments maintain the same but there is strengthening within the basic concepts
  • There are new specific requirements of top management in terms of demonstrating leadership, commitment and encouraging a positive occupational health and safety culture throughout the organization
  • ISO 45001 has more documentation flexibility
  • Emphasis put on the importance of hierarchy of controls
  • Proactive strategic approach
  • ISO 45001 focuses on identifying and controlling risks, rather than hazards as it is required in OHSAS 18001

Major Key Changes are:

Risk based thinking is one of the biggest changes. This requires organizations to consider the risks and opportunities associated with the issues that are identified in clause 4.  This clause has made a significant change by replacing preventive actions and reducing the need for corrective actions.

Interested Parties is the other big key change. There is a greater focus on stakeholders in ISO 45001 compared to OHSAS 18001. There are two new subclauses that address interested parties “understanding the organization and its context” and “understanding the needs and expectation of interested parties.”

Implications is another key change. Annex SL helps facilitate management system standards and integration. This helps deliver increased benefits and efficiencies while providing a more complete view of an organization often spanning multiple sites, geographies and suppliers. Overall there are more areas where top management is required to demonstrate their direct involvement and engagement with the OH&S management system.

Terminology

There are several new definitions in ISO 45001. Three key definitions are Worker, Workplace and Contractor.

Worker: “person performing work or work related activities under the control of the organization.” This means that it can be paid or unpaid, regular or temporary workers, includes workers from external providers, contractors, individuals and situations where the organization has some degree of control over the workers such as agency workers.

Workplace: “place under the control of the organization where a person needs to be or to go by reason of work.”

Contractor: “external organization providing services to the organization at a workplace in accordance with agreed specifications, terms and conditions.” “Services may include construction activities.”

There are several common terms used throughout the Annex SL for ISO 45001 including:

Interested Party: “Person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity.”

Documented Information: “Information organizations are required to control and maintain, including the medium on which information is contained.”

Top management: “Person or group of people who direct and control an organization at the highest level”  

Injury and ill health: “Adverse effect of the physical, mental or cognitive condition of a person.”

Competence: “Ability to apply knowledge and skills to achieve intended results.”

Occupational Health and Safety Management System (OHSMS)/OH&S Management System- “Management system, or part of a management system used to achieve the OH&S policy.”

Policy: “Intentions and direction of an organization, as formally expressed by its top management.”

Compare and Contrast Chart

ISO/DIS 45001.2 – PROCESSES
4.3.1

Hazard identification, risk evaluation and establishing control measures 

The organization must establish, implement and maintain a procedure(s) for continually identifying hazards, evaluating risks and establishing the necessary control measures.

6.1.1/ 6.1.2

General
The organization shall maintain documented information on: – OH&S risks and opportunities;
– the process(es) and actions needed to determine and address its risks and opportunities (see 6.1.2 to 6.1.4) to the extent necessary to have confidence they are carried out as planned. 

The organization shall establish, implement and maintain a process(es) for hazard identification that is on-going and proactive. 

The organization shall establish, implement and maintain a process(es) to: a) assess OH&S risks from the identified hazards …. 

The organization shall establish, implement and maintain a process(es) to assess: a) opportunities to enhance OH&S performance, while taking into account: …..

4.3.2 Legal and other requirements
The organization must establish, implement
and maintain a procedure(s) for identifying and having access to applicable legal and other OH&S requirements.
6.1.3

Determination of legal requirements and other requirements 

The organization shall establish, implement and maintain a process to:
a) determine and have access to up-to-date legal requirements … b) determine how these legal requirements and other requirements apply …
c) take these legal requirements and other requirements into account …

OHSAS 18001 – REQUIRED PROCEDURES ISO/DIS 45001.2 – PROCESSES
4.4.2 Competence, training and awareness
The organization must establish, implement and maintain a procedure(s) to make persons working under its control aware of: ……

7.2 

7.3

Competence (no process required)
The organization shall:
a) determine the necessary competence of workers that affect or can affect its OH&S performance;
b) ensure that workers are competent on the basis of appropriate education, induction, training, or experience;
c) where applicable, take actions to acquire the necessary competence, and evaluate the effectiveness of the actions taken;
d) retain appropriate documented information as evidence of competence.
Awareness
Workers shall be made aware of:
a) … to e) …
4.4.3.1 Communication
With regard to its OH&S hazards and its OH&S management system, the organization must establish, implement and maintain a procedure(s) for a) internal communication
b) communication met contractors and other visitors in the work environment,
c) receiving, documenting and responding to relevant communication from external interested parties.
7.4

Communication
The organization shall establish, implement and maintain the process(es) needed for internal and external information and communications relevant to the OH&S management system including determining:
a) on what it will communicate;
b) when to communicate;
c) with whom to communicate: 

1) internally among the various levels and functions of the organization; 

2) among contractors and visitors to the workplace; 

3) among other external or interested parties. d) how to communicate.

4.4.3.2 Participation and consultation
The organization must establish, implement and maintain a procedure(s) for:
a) worker participation by: ….
b) consultation with contractors ….
5.4 Consultation and participation of workers
The organization shall, establish, implement and maintain process(es) for consultation and participation of workers at all applicable levels and functions, and where they exist, workers’ representatives in the development, planning, implementation, performance evaluation and actions for improvement of the OH&S management system.
The organization shall:
a) …. to e) ….
4.4.5

Document control
Documents required by the OH&S management system and by this OHSAS standard must be controlled. Records are a special kind of document and their control must meet the requirements set in 4.5.4. 

The organization must establish, implement and maintain a procedure(s) to
a) … through g) ….

7.5 Documented information (no process required)
When creating and updating documented information the organization shall ensure appropriate:
a) identification and description (e.g. a title, date, author, or reference number);
b) format (e.g. language, software version, graphics) and media (e.g. paper, electronic);
c) review and approval for suitability and adequacy.
OHSAS 18001 – REQUIRED PROCEDURES ISO/DIS 45001.2 – PROCESSES
4.4.6

Operational planning and control
The organization must identify the tasks and operations associated with the identified risks and for which control measures must be implemented to control OH&S risks. This must also include ‘management of change’ (see 4.3.1). 

For these tasks and operations, the organization must implement and maintain the following: a) through c) 

d) documented procedures, intended for situations where their absence could lead to deviations from the OH&S policy and objectives,

8.1.1 

8.1.2 

8.1.3 

8.1.6

Operational planning and control – General
The organization shall plan, implement and control the processes needed to meet requirements of the OH&S management system, and to implement the actions determined in Clause 6, by: a) to e) 

At multi-employer workplaces, the organization shall coordinate the relevant parts of the OH&S management system with other organizations. 

Eliminating hazards and reducing OH&S risks
The organization shall establish, implement and maintain a process(es) for the elimination of hazards and reduction of OH&S risks using the following hierarchy of control: a) to e). 

Management of change
The organization shall establish a process(es) for the implementation and control of planned temporary and permanent changes that impact OH&S performance including: a) to d). 

Contractors
The organization shall establish (a) process(es) , in coordination with its contractor(s) for hazard identification and to assess and control the OH&S risks, arising from the:
a) contractors’ activities and operations that impact the organization;
b) organization’s activities and operations that impact contractors’ workers;
c) contractors’ activities and operations that impact other interested parties in the workplace. 

The organization shall establish and maintain processes to ensure that the requirements of the organization’s OH&S management system are met by contractors and their workers. This process(es) shall define and apply OH&S criteria for the selection of contractors.

4.4.7 Emergency preparedness and response
The organization must establish, implement and maintain a procedure(s) to:
a) identify potential emergency situations,
b) respond to these situations.
8.2 The organization shall establish, implement and maintain a process(es) needed to prepare for and respond to potential emergency situations, as identified in 6.1.2.1, including: a) to g).
4.5.1 Performance measurement and monitoring
The organization must establish, implement and maintain a procedure(s) to periodically monitor and measure the OH&S performance. This procedure(s) must include the following: a) through f)
9.1.1

The organization shall establish, implement and maintain a process(es) for monitoring, measurement, analysis and performance evaluation. 

The organization shall determine: a) tot e)

4.5.2.1/ 4.5.2.2 As part of its commitment to compliance (see 4.2c), the organization must establish, implement and maintain a procedure(s) to periodically evaluate
its compliance with relevant legal and other requirements (see 4.3.2).
9.1.2 Evaluation of compliance
The organization shall establish, implement and maintain a process(es) for evaluating compliance with legal requirements and other requirements (see 6.1.3).
The organization shall: a) to d)
OHSAS 18001 – REQUIRED PROCEDURES  ISO/DIS 45001.2 – PROCESSES
4.5.3.1 Incident Investigation
The organization must establish, implement and maintain a procedure(s) to record, investigate and analyze incidents in order to: …
10.2 Incident, nonconformity and corrective action
The organization shall establish, implement and maintain
a process(es), that include(s) reporting, investigating and taking action, to determine and manage incidents, and nonconformities.
When an incident or a nonconformity occurs, the organization shall: a) to g).
4.5.3.2 Nonconformity, corrective and preventive measures The organization must establish, implement and maintain a procedure(s) to deal with any real
and potential nonconformity(-ies) and for taking corrective and preventive measures. The procedure(s) must define requirements for: a) through e).
10.2 See above
4.5.4 Control of records
The organization must establish, implement and maintain a procedure(s) for the identification, storage, protection, retrieval, retention and disposal of records.
7.5.3

Control of documented Information (no process required) Documented information required by the OH&S management system and by this International Standard shall be controlled to ensure: 

a) it is available and suitable for use, where and when it is needed;
b) it is adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity).
For the control of documented information, the organization shall address the following activities, as applicable: ….

4.5.5 Internal audit
Audit procedure(s) shall be established, implemented and maintained that address:
9.2.2 Internal audit program
The organization shall:
a) plan, establish, implement and maintain an audit program(s) including the frequency, methods, responsibilities, consultation, planning requirements and reporting, which shall take into consideration the importance of the processes concerned and the results of previous audits,
b) define the audit criteria and scope for each audit,
c) to f)
8.4 Procurement
The organization shall establish, implement and maintain a process(es) to control the procurement of products and services in order to ensure …….

MAKE ISO 45001 REGISTRATION SIMPLE AND FOOLPROOF!


Our All-in-One Certification Package is a proven, efficient system. It gives you all you need to prepare for registration – in one simple to use package.

Customer Review:

"I have just passed my Audit with zero non-conformances for the second year in a row using your ISO products. Thank you for producing documents of this quality"

Bettye Patrick

United Plating, Inc

Buy the Standard

45001 Store Logo  ISO 45001:2018