What does the development of ISO 45001 mean for the process and high hazard industries?
03 February 2016
ISO 45001, which sets requirements for occupational health and safety management systems, is designed to help companies and organisations around the world ensure the health and safety of the people who work for them. David Smith, Chairman of the ISO committee developing the standard, tells us more.
The development of international management systems standards by the International Standards Organisation (ISO) hardly needs any introduction. Many will already be familiar with the already published standards including ISO 9001 Quality Management to which over one million organisations worldwide subscribe. Additionally, some 350,000 organisations have adopted ISO 14001 Environmental Management.
Given the large number of organisations already interested in systems offering a structured approach to managing aspects of risk in their operations, it is perhaps surprising that there has been no development of an equivalent ISO development on occupational health and safety despite the fact that that every 15 seconds a worker dies from a work-related accident or disease, and 153 people experience a work-related injury.
This situation is about to change with the publication of a draft international standard (DIS) in January 2016 - ISO DIS 45001 Occupational health and safety management systems – Requirements with guidance for use. The publication of this draft is a key step towards a full standard and represents the culmination of the work that was started in July 2013 by the ISO committee set up to develop the new OH&S management standard.
Anything that can make an impact on the hardship and misery caused by injury or ill–health in the workplace must be a welcome development, and the sooner the full standard is published and operational the better.
Occupation health and safety has long been recognised as a major risk by organisations and there have been a number of guidance standards created over the years including guidance document BS 8800 and ILO-OSH guidelines that gave impetus to the development of an ISO requirement standard. OHSAS 18001 paved the way, firstly in 1999 and then updated in 2007. Its success can be illustrated by the fact that accredited certification is possible and over 90,000 certificates had been awarded by the end of 2011 in 127 countries.
The need for an ISO standard on occupational health and safety that is widely used in the supply chain could bring great benefits. The International Labour Organisation (ILO), a United Nations Body, estimates that 2.3 million workers die every year as a result of their work activities. Two million of these are attributable to occupational ill-health and disease, and many of these will be from long term exposure. The UK-based Institute for Occupational Safety and Health (IOSH) estimates that about 650,000 are due to cancer. It is also estimated that there 300 million non-fatal accidents every year, according to the World Congress on Safety and Health at Work with the cost to the world economy estimated at US$ 2.8 trillion. This being the case, the moral and financial case for the development and adoption of such a standard by all types of organisations across the world was well established.
The framework being used for ISO 45001 is the same as for the recently revised ISO 9001:2015 and ISO 14001:2015, based upon the Annex SL template with common structure, terms and definitions applicable to all management systems standards – presently in excess of 40. This common approach will facilitate integration of systems such as quality, environment, OH&S and other technical management system requirements for those who choose this route.
In September 2015, some 100 delegates met at the ILO headquarters in Switzerland to finalise the DIS. They represented national standards bodies (NSBs) and many liaison bodies such as IOSH and the ILO – the latter having developed many standards and conventions which are widely adopted around the world by national governments. The drafting is a long process as it has to take account of translation issues and the local standards in operation in member countries, the sector of operation of the individual experts and much more.
At the last stage, Committee Draft 2 attracted about 2,500 comments that had to be dispositioned in the development of the DIS. The process is now at a key stage and the DIS will be published for voting and comments over a three-month period commencing January 2016. The next stage will depend on the outcome of the vote and the number and type of comments made. The final standard could be published in late 2016 or early 2017.
The structure of ISO45001
All the standards referred to above are risk-based and ISO 45001 is no different in this respect. An initial starting point is in Clause 4 where there is a requirement that organisations determine those issues – “the context” - both internal and external, that can impact on the purpose of the organisation and delivery of organisational objectives. This drives the organisation to determine its risks and opportunities and to manage them appropriately.
ISO 45001 recognises that there are regulatory requirements all organisations have to address but focuses on prevention of harm. Regulations are often developed after many deaths or injuries have occurred and in a world of rapid change with new technology, there is a need to anticipate what may cause harm rather than wait for a law to be written and adopt a proactive approach.
It specifies that top management must demonstrate its leadership and commitment though a number of clauses in delivering effective OH&S management. Three of the key leadership requirement clauses are given below:
• Ensure that the OH&S policy and objectives are established and are compatible with the strategic direction of the organisation
• Ensure the integration of the OH&S management system processes and requirements into the organisation’s business processes
• Support other relevant management roles to demonstrate their leadership
There is also a very prescriptive clause about the role that workers should play in the development, implementation and operation of the OH&S management system. It specifies that the organisation must ensure their participation and consultation in OH&S issues including risk assessment and incident investigation. The involvement of workers is essential in the drive for a positive safety culture.
The standard is intended for all organisations - large and small, and high or low risk. OHSAS 18001 is being used in over 127 countries in over thirty sector codes, and there is no reason why ISO 45001 should not have the same broad appeal if not greater, given its ISO endorsement.
In line with OHSAS 18001, the standard uses a simple Plan-Do-Check-Act (PDCA) model, which provides a framework for organisations to plan what they need to put in place in order to minimise the risk of harm. This is consistent with the way a business manages its operational risk and should be helpful to those small to medium size businesses that wish to adopt it.
Clause 6 deals with planning actions for risks and opportunities but does not specify the process that should be used for risk assessment and evaluation. It recognises the need to determine the risk and opportunities that are relevant to the intended outcome for the OH&S management system and those identified through of hazards and risk assessment process.
Clause 8 deals with operational control, management of change, outsourcing, procurement and contractors. These elements are key considerations in high risk industries and ISO 45001 should offer a positive improvement for those adopting it over OHSAS 18001.
The section on performance evaluation (clause 9) encourages a more holistic approach to performance assessment, particularly in respect of internal audit and management review. The commonalities of requirements are such that, for many organisations, there will be great benefit in having a more holistic approach to audit and for having a combined management review for quality, environment and OHS.
The same commonalities exist in the support part of the standard with all other management system standards, where it defines what is expected for the following areas:
• Information and communication
• Documented information
For those organisations with accredited certification to OHSAS 18001, it is hoped to provide a transition process via the certification bodies over three years. This is the case for ISO 9001 and ISO 14001 and it is hoped a similar process can be adopted for OHSAS users.
Those wishing to follow developments should look at the ISO website for ISO 45001: www.iso.org/iso/iso45001
Contact Details and Archive...