Health and Safety Management Systems – What, why and how...

Health and Safety Management Systems – What, why and how...

Published April 1, 2021

6 minute read

What is a health and safety management system?

Health and safety management systems (HSM) are formal systematic prevention programs designed to manage health and safety risks through all aspects of a business, to prevent incidents and resulting loss with the underlying goal of creating a culture of safety throughout an organisation.

Current health and safety (H&S) at work legislation requires an employer to develop, implement and manage risk-based systems. As a systematic approach to identifying hazards and evaluating any associated risks within a workplace, risk assessment is the foundation of an effective safety management system and fundamental to business success. Health and safety risks in the workplace using risk assessment are eliminated, prevented and/or controlled through the design, implementation and mainstreaming of a documented health and safety management system.

In addition to the reduction in costs due to loss related to a functioning H&S system, it is also a legal requirement to protect the health and safety of all in the workplace as far as reasonably practicable. A documented health and safety system demonstrates compliance with health and safety management requirements. A compelling economic case for H&S compliments the legal and moral case.

Check out our article - What should I look for in a safety management system (

Health and safety management system legal requirements and system elements 


Health and safety management system is ‘the part of an organisation’s management systems that controls and manages health and safety risk by having in place clearly defined and communicated documents on:

  • Health and safety at work policy, procedures, and organisation – detailing how health and safety will be managed throughout the organisation, who will be responsible at the various levels, how workers will be involved, how the system will be monitored and tested, reviewed, and improved
  • The planning process for the prevention of accidents and ill-health – risks identified, controlled, recorded, and maintained.
  • The management responsibilities for H&S practice and implementation across the organisation - determining who will be responsible in each area, department etc and how this will be managed.
  • The procedures, practices, and resources to support development, implementation, reviewing and maintaining of the health and safety policy.
  • Reviewing and measuring performance
  • Continuous improvement by acting on the learning.

The health and safety management system can then be said to comprise of key or core elements which are presented in Figure 1. These elements are used as they align with the plan, do, check, act (PCDA) approach used as the basis for management of systems and management systems standards such as the International Organisation for Standardisation (ISO) international standards one such being ISO 45001:2018 Health and safety management standard.



Figure 1: Health and safety management system Key/Core Elements with the Plan, Do, Check, Act (PCDA) approach

Organisations have a legal duty to put systems in place to manage health and safety. The law requires employers to protect all in the workplace by having by managing and controlling health and safety risks. As part of the health and safety management system, organisations must prepare a health and safety policy by law that sets a clear direction for the organisation to follow. Using the PDCA approach ensures that health and safety management is seen as an integral part of good business management generally.


New call-to-action

Health and safety management system policy statement 


A legally required part of health and safety management systems in the workplace is the health and safety policy, a statement of intention. Stating what you will do to keep a safety and healthy workplace for your workers and anyone else who could be affected by your work activities. The policy should clearly set out everyone’s roles and responsibilities and state how safety will be implemented, managed and monitored. The policy should include statements on how the core elements will be addressed and managed. This planning stage, detailing how health & safety will be managed in the workplace. The policy must therefore be appropriate to the hazards and risks of the organisation’s work activities and include:

  • A commitment to protect as far as is reasonably practicable the health and safety of all in and associated with the workplace and to comply with governing health and safety legislation as a minimum.
  • Be documented in a manner that can be understood by all, implemented, and managed at all levels of the business.
  • Detail H&S objectives and targets that are measurable and outline how performance will be measured and how continuous improvement will be ensured and achieved.
  • Demonstrate how employees and safety representatives (if applicable) will be involved and consulted on health & safety matters.
  • Cover employee cooperation, compliance and competency with H&S regulations and rules.
  • The policy should also address critical safety issues and allocated resources e.g., emergency plans, maintenance, PPE, access, egress, reporting of accidents and dangerous occurrences to authorities, monitoring arrangements (audits, inspections etc.,) training and cooperation with employees etc. This list is not exhaustive and will depend on the risks within each organisation.

Although there are many examples of policies available (see useful links section of this article), it is important to note that the policy and the content of a policy must be specific to each individual organisation.


Health and safety management system implementation 


In addition to planning, documenting, and preparing a health and safety management system, organisations must implement the system throughout the organisation. Again, having planned and developed an appropriate health & safety policy, this can be implemented through the management system, implementation should not be difficult. To be successful with implementation all staff must be engaged and involved, there must be effective communication and promotion of competence. Implementation of the system is with the aim of eliminating and reducing risk to health and safety of all.

Where hazards and risk exist decide on preventive and protective measures and put in place. To do this correctly the correct tools, equipment, PPE etc must be supplied and maintained, and staff must be trained and competent in their job tasks. Following this supervision is essential to ensure that planned and implemented arrangements are followed and are working.

Although health and safety management systems are documented systems, this should be kept as simple as possible, and the focus should be on the practice. Overcomplicating systems can make them impossible to implement and follow. This is the ‘Do’ stage of the PDCA cycle.


Health and safety management system review report/checklist


Following the implementation of the health & safety management system, you must monitor and check that is working, that the safety and health of all is protected. This is the ‘check’ stage of the PCDA cycle. At the planning stage objectives and targets were set out and now these must be measured to determine the performance of the system. As with all aspects of the system, these checks must be documented and therefore are completed using checklists. Again, there are many examples of checklists available from governing authorities (see useful links), while these can be used as a guide, the checklist for your business must reflect checks on your systems, hazards, risks etc., checklists must be relevant and meaningful. Selecting the right performance measures is critical to the success of your management system. Therefore, planned targets and objectives must be measurable and active monitoring and reviewing such as routine inspections, health surveillance and planned preventive maintenance should be carried out. Checklists can be designed to guide the individual conducting the review and to ensure the review is documented.

Finally, to improve health and safety management performance the data collected or gathered at the review stage must be analysed and acted upon. This is the ‘Act’ stage of the PDCA cycle. For example, if routine inspection results in the documentation of the same hazard time and again, this hazard must be risk assessed and controls put in place as it is a risk to health and/or safety.


What makes a health and safety management system successful?


Develop a health and safety management system that is specific to your organisation that assesses and controls the actual risks to all in your workplace by engaging and listening to all employees. A system that demonstrates how you are dealing with the hazards and risks in your organisation and is monitored, periodically reviewed, improved, and communicated to all. In addition to engaging all and communicating, having a trained and competent workforce leads to the success of the health and safety management system.

In summary, a good health and safety management system is one where the core elements are addressed, developed, implemented, reviewed, and maintained. The system should cover the entire organisation be inclusive of all occupational health and safety risks and be continuously reviewed.


Plan, Do, Check and Act



  • Determine your policy (roles, targets, and objectives)
  • Plan for implementation


  • Assess your health and safety risks
  • Organise for health and safety
  • Engage and involve all in the workplace
  • Implement your plan


  • Measure performance
  • Investigate accidents and incidents


  • Review performance
  • Continuously improve

Plan Formal health and strategy and risk management systems 


Depending on business and customer requirements, a formal health and safety management system standard might be required. Some customers prefer to purchase from businesses that can demonstrate compliance against a recognised standard. The globally recognised standard for health and safety management is ISO 45001:2018. This formal management system or framework can help you to manage health and safety.


In Summary


The health and safety management system must be practical and relevant to your business and business needs. The system must work and must therefore be alive system reviewed and updated regularly. The health and safety management must be documented but this does not mean that it must be paper-based, there are software systems available to solve these challenges easier.  one such is our own Health and Safety Management Software Systems: 7 steps for easy roll-out (

Keep it simple and keep it relevant.

The benefits of a good health and safety management system in addition to be being legally compliant are, fewer incidents, less lost time, and an engaged and happy workforce. Which in turn result in higher productivity and a more reputable and profitable business.

Workplace safety within an organization can be improved step by step. A digital HSE system is one of the best tools for promoting and systematizing work safety. Digitization of safety processes is the most important investment you can make for your employees, reputation and sustainable productivity. To succeed, a commitment must be created throughout the organization, beginning with management.

With a digital HSE tool, it becomes easier to follow the law, engage the entire organization and adapt to different needs and situations with a variety of tools available.

At EcoOnline, we can help your business create a safer workplace and simplify the process. EcoOnline EHS is a leading digital HSE system that offers comprehensive tools for managing health and safety in the workplace. The software adapts to your needs and is easy to use.

Request A Demo or contact us for more information.

Author Laura Fitzgerald

Laura Fitzgerald is a Content Marketing Manager with EcoOnline. She has been writing about health and safety topics since 2017, with a focus on the areas of improving employee safety engagement and EHS legislation.

Our related posts

| Health & Safety
All about Scope 3 emissions (including how to report them)

Measuring scope 3 emissions can be a tricky task. In some instances, they can be mandatory requirements, such as in the...

| Health & Safety
How to properly identify and analyse hazards in your workplace

One of the most fundamental parts of any health and safety professional’s job is to properly identify and analyse...

| Health & Safety
Mental health and wellbeing in the workplace

Keeping your employees safe from harm is a top priority for any employer. Not only does this include physical harm, but...