When you’re the health and safety expert assigned to oversee your organization’s ISO 45001 management, it can feel like a daunting task. You not only need to ensure everyone from the boardroom to frontline workers are engaged in the process, but you also need to juggle the needs of multiple departments, often across many job sites and/or several cities.
So what’s the best way to get started?
The first step is to look at ISO 45001 as a whole to get a clear view. Then you can start tackling specific clauses individually. To simplify things, we’re going to take the 6 most important clauses (which are clauses 4-10) and boil them down to the basics.
Let’s dive in!
Clause 4: Context of the Organization
This clause has four sub-clauses:
4.1 Understanding the Organization and its Context
Identify the internal and external factors that will impact your ability to meet your quality management goals.
- Outdated infrastructure or tech
- A poor safety culture
- A recessionary environment
- Skilled labor shortages
4.2 Understanding the Needs and Expectations of Workers and Other Interested Parties
“Workers and other interested parties” includes nearly anyone that can be impacted by your safety culture. This includes contractors, suppliers, visitors, shareholders, regulators, auditors, and local communities.
Next, outline their needs and expectations. This includes overarching things like compliance to industry safety standards, or things more specific to your company like, “We need to pay employees more to perform task A.”
4.3 Determining the Scope of the OH&S Management System
Using the information in 4.1 and 4.2, create a scope statement. This needs to include the nature of your current and future work, as well as the work done by all branches and all geographic locations under your organizational umbrella.
4.4 OH&S Management System
Define how your organization will explore, maintain and improve your OHM management system. This may involve creating a chart or organogram to define how your processes involve the different levels of your organization.
Clause 5: Leadership and Worker Participation
ISO 45001 is one of the first standards to ensure the top level of an organization’s management team has taken an active role in building your health and safety program.
This clause has four sub-clauses:
5.1 Leadership and Commitment
The management team needs to define their specific commitment to their team’s health and safety. This needs to outline how they are investing in terms of both human capital and infrastructure.
5.2 OH&S Policy
This includes the specifics of how management will:
- Create a safe environment
- Eliminate hazards/risks
- Ensure worker consultation and participation
All of this information must be documented, communicated, and available.
5.3 Organizational Roles, Responsibilities and Authorities
Management must demonstrate the various roles, responsibilities, and authorities throughout the organization.
Assign and document everything using:
- Legal appointment letters
- Job descriptions
- Instructions for frontline operators
5.4 Consultation and Participation of Workers
In this section, you’ll find outlined how your organization should encourage and ensure employee consultation and participation.
- Consultation: Employees are asked their opinion before management makes a decision.
- Participation: Employees are actively involved in the decision-making process.
ISO 45001 Clause 6: Planning
Now, take the information outlined in sections 4.1, 4.2, and 4.3 to plan how to eliminate or mitigate risks.
This clause has two sub-clauses:
6.1 Actions to Address Risks and Opportunities
This section covers assessing the risks and then providing assurance that the management system can achieve its intended outcomes.
This can include:
- Hazards from tasks, equipment, or substances
- Psycho/socio risks such as violence, bullying, and harassment
- Hazards that come from the design, layout, and installation
- Opportunities to improve safety and well-being
This is also where you would outline your organization’s legal requirements based on your product, services, industry, or area.
6.2 OH&S Objectives and Planning to Achieve Them
Set objectives, but ensure they are consistent with your health and safety policy. Your objectives also need to be measurable, monitored, communicated, and appropriate.
They should also include feedback from your employees.
ISO 45001 Clause 7: Support
Clause 7 focuses on how your organization supports your team and overall management system. It has five sub-clauses:
What are the people, equipment, services, products, and budget that support your goals? This includes anything that helps your organization build, maintain, improve operations, and meet OHS goals.
How are you ensuring that your team has the skills and expertise needed to succeed in their roles and do so safely? How do you track each employee’s qualifications, education, training, and experience? What steps do you take to help them gain and maintain competence, or fill in any training/knowledge gaps?
To ensure maximum employee participation and operational efficiency, it’s important to ensure everyone is aware of:
- Your OH&S policy and objectives
- Consequences of noncompliance, either legally or organizationally
- Location of all SOPs (standard operating procedures), manuals, instructions, and other documents
- Every employee’s rights, i.e. the right to leave unsafe conditions
This section deals with how your company communicates OH&S policies, both internally and externally. Internal communications would include how you communicate with your employees and stakeholders, while external communications could include contractors, site visitors, vendors, or other partners.
Your communications also need to factor in the gender, language, and ethnicity of your audience.
7.5 Documented Information
A disorganized or outdated document management system can undermine your organization’s communication.
Retaining documented evidence is crucial to maintaining compliance and your overall workflow. This clause explores how you manage documents, policies, procedures, supporting documents, files, and records.
You need to look into how your documents are:
- Stored and accessed
- Updated and maintained
- Protected for confidentiality
- Disseminated and approved
ISO 45001 Clause 8: Operation
The previous clauses help you identify risks and hazards, as well as the controls in place to maintain safe operations. Clause 8 focuses on operationalizing these items.
Clause 8 has two sub-clauses:
8.1 Operational Planning and Control
How will your organization use planning and control measures on a day-to-day basis, while maintaining the proper records? For example, if you’re working with hazardous materials, what PPE, policies and procedures are provided? How can this task be substituted or better controlled?
You also need to plan how you’re going to ensure that any changes that take place are done so in a controlled manner. What changes need to be considered if your operations expand to a new location, or add a new piece of equipment? What are the new hazards and risks that this change brings to the table? What are the new legal considerations? If you bring in new contractors or outsource aspects of your business, how will this be accounted for?
8.2 Emergency Preparedness and Response
You have already identified your risks and hazards. Now, you need to develop an emergency response plan, determine how to communicate it and roll out training.
This clause can be particularly challenging because you need to look beyond your facility. Do any of the neighboring buildings present a risk to you? What risk do you present to them? Do fire hydrants adequately protect your local area, or would you need your own water storage tanks and pumps to deal with an emergency?
ISO 45001 Clause 9: Performance Evaluation
This is your organization’s opportunity to validate or improve your hard work at every level we've discussed so far.
Clause 9 has three sub-clauses:
9.1 Monitoring, Measurement, Analysis, and Evaluation
Your organization is required to have a process for evaluating your health and safety performance, which includes the methods and criteria you will use to ensure results. This includes focusing on both leading and lagging indicators:
- Leading Indicators: Could include the number of inspections, audits, and training sessions
- Lagging Indicators: Could include the number of incidents and near-misses
9.2 Internal Audit
Does your health and safety management system conform to the requirements of ISO 45001? And does it conform to your own needs (i.e. your own internal requirements)? You need to audit your management system to ensure that it continually conforms to both.
You need to develop an audit plan, as well as a follow-up action plan to address the findings of these audits to ensure constant compliance and constant improvement.
9.3 Management Review
You're required to have a process to review your management system at a planned interval.
This could include reviewing:
- The status of actions from previous reviews
- Any changes to the needs of interested parties and workers
- Ongoing or new legal requirements
- The need for changes to your goals or policies
- New or ongoing risks and opportunities
ISO 45001 Clause 10: Improvement
This is one of the most important parts of ISO 45001, as it ensures that your entire team is constantly working toward continuous improvement.
It includes three sub-clauses:
Your organization needs to find opportunities to improve, take action and achieve your intended outcomes. Often these are found through nonconformities or incidents. This doesn’t need to be the case! These opportunities can be identified through worker feedback.
10.2 Incident, Nonconformity and Corrective Actions
When nonconformities do occur, what is your process to respond and correct the issue?
Let’s say there is a fire in your facility. You need to ask:
- Did you react in a timely manner?
- What did you do to control and correct it?
- Are you investigating it to find the root cause and similar events so you can take action to prevent it from happening again?
- Will these new actions be introduced in a controlled way? How will they be communicated to your team?
- What records need to be created or updated?
10.3 Continual Improvement
It’s important to remember that safety and compliance are ongoing journeys, not destinations. You need to be constantly striving to move forward and improve. This clause can be your roadmap.
You are required to:
- Improve your OHS performance over time
- Promote a strong safety culture (you may recall that was part of Clause 5)
- Encourage employee participation
- Communicate the results of this continuous improvement, and…
- Maintain records of it
How Do We Manage All of This?
Managing the complexities of ISO 45001 can be overwhelming, especially when juggling multiple departments and locations. As we've explored the six most crucial clauses of ISO 45001, it's clear that a streamlined and efficient solution is needed for successful implementation.