ISO 45001 FIVE-STEP ACTION PLAN

The adoption of ISO 45001 is a watershed moment 1 for occupational health and safety
management systems (OHSMS). With the standard now published, it will provide
organizations a structure around which they can work to prevent workplace injuries,
illnesses and fatalities.

In this time of change for the standards community, OSH professionals may ask
themselves ‘what do I do next?’ The steps below outline the measures that safety
professionals can take to begin implementing ISO 45001.

1. Understand OHSMS and ISO 45001. The first step in implementing ISO 45001, or
any standard for that matter, is understanding its purpose and how it can benefit
an organization.

“Start by building your knowledge on what a management system is and how you
can leverage it to benefit workers as well as the organization to improve health and
safety performance and risk management,” says Vic Toy, CSP, CIH and chair of the
U.S. Technical Advisory Group (TAG) on ISO 45001.

Safety professionals should also take this opportunity to familiarize themselves

with ISO 45001 and its requirements. The standard provides 11 success factors for
the implementation of an OHSMS, which can provide guidance on how it can be
carried out.

With deeper knowledge of OHSMS and ISO 45001, safety professionals can develop
a strong business case for why their organizations should implement the standard.
By understanding ISO 45001 requirements, safety professionals can gain insight
into the impact the standard can have on the company’s bottom line and
communicate that to executives.

“OSH professionals need to understand the business impact of the integration of

this standard on commercial excellence,” says Kathy Seabrook, CSP, CFIOSH,
EurOSHM and vice chair of the U.S. TAG on ISO 45001. “It is a competitive
advantage, and organizations who understand how to leverage it will outperform
their competitors.”

2. Examine your current system. To understand how ISO 45001 will fit into a safety
management system, it is important to examine what standards and systems are
already in place. For example, some organizations have adopted ISO 9001 (quality)
and 14001 (environment), which contain the same core language as ISO 45001.

If an organization is already using ISO 9000 and ISO 14001 and is familiar with this
management system approach, integration of 45001 becomes much less complex
and the transition can be made more seamlessly.

1
3. Engage with stakeholders. Safety professionals need to understand that
implementing ISO 45001 could lead to an organizational change. As with any
change, individuals and groups will be affected in a variety of ways. Some may be
in favor of the change, while others may be opposed. Therefore, safety professionals
should gather input from the entire organization and understand the different
perspectives that people have about safety and health risks.

“Based on an understanding of different perspectives,” says Toy, “you will then

have a good place to start to conduct a gap analysis based on not just the
requirements in the standard but, more so, what your objectives should be for your
OHSMS.”

Beyond gathering information on different perspectives, engaging with

stakeholders also helps foster a culture where everyone feels a sense of ownership
in the safety management system.

“This is an opportunity to develop leaders within an organization,” explains

Seabrook. “From the worker who is building the bridge, or the electrician
performing the lockout/tagout, all the way up to the board of directors, ISO 45001
establishes that everyone has a role, a responsibility and ownership of safety
through an accountability system.”

It is also crucial at this stage to engage with leadership and educate them on why
they may want to implement ISO 45001. Safety professionals should explain to
executives the operational and financial impacts of implementing such a system so
that they can then make an informed decision.

4. Determine priorities and establish goals. With the information gathered from
engaging with stakeholders, safety professionals can begin to determine the
desired priorities for the organization’s OHSMS, as well as the safety and business
performance goals the organization hopes to achieve through the implementation
of ISO 45001.

Organizations can then align the implementation of the standard with actual
business objectives. Identifying business objectives in terms of occupational safety
and health and aligning them to ISO 45001 allows business to generate metrics by
which they can measure the success of the OHSMS and make adjustments and
improvements over time.

5. Establish or improve your OHSMS. By following the first four steps, safety
professionals can then develop an OHSMS that is customized to their organization
or improve on an existing system. This process will also help them to bring together
a team that can execute the plan.

2
 With ISO 45001 in place, that team can then track performance against the goals
and objectives that have been identified to continuously improve both safety and
business performance across the entire organization.

1 watershed moment: ~an event marking a unique or important historical change of course or
one on which important developments depend (watershed - Dictionary Definition).

Comparison Matrix on ISO 45001:2018 & OHSAS 18001:2007

OHSAS 18001:2007 is the most widely used British standard for occupational health and
safety management system. Since it was a British standard and in past it was not
incorporated by the International Organization for Standardization i.e. the ISO. Therefore,
there was always a need that ISO should made a worldwide standard for occupational
health and safety management system. With this thought and intensive working of the
ISO committee ISO PC/283, finally ISO 45001:2018 is released.

Now organizations complying with OHSAS 18001:2007 have got migration period of three
years starting from 12 March 2018 to upgrade their systems on ISO 45001:2018. This does
not mean that organizations should wait for last year to work for the migration rather they
should start working on this project today. Since those who will immediately transform
themselves with the latest version of ISO 45001:2018 can actually be more competitive and
reputable within the industry.

Surgical unit’s comparison matrix between the two standards is shared below:

ISO 45001:2018 & OHSAS 18001:2007 Clause-wise Comparison Matrix

ISO 45001:2018 OHSAS 18001:2007
1 Scope 1 Scope
2 Normative References 2 Reference Publications
3 Terms and Definitions 3 Terms and Definitions
4 Context of The Organization (Title)
4.1 Understanding the organization & Corresponding Clause does not
its context exist
4.2 Understanding the needs and
expectations of interested parties
4.3 Determining the scope of the OH & 4.1 General requirements, paragraph-2
S management system
4.4 OH & S management system 4.1 General requirements, paragraph-1
5 Leadership Corresponding Clause does not
exist

3
 ISO 45001:2018 & OHSAS 18001:2007 Clause-wise Comparison Matrix
ISO 45001:2018 OHSAS 18001:2007
5.1 Leadership and commitment 4.4.1 Resources, roles, responsibility,
accountability and authority,
paragraph-1
5.2 OH & S policy, paragraph-1 4.2 OH & S Policy
5.2 OH & S policy, paragraph-2
5.3 Organizational roles, 4.4.1 Resources, roles, responsibility,
responsibilities and authorities accountability and authority,
paragraph-2. b & 3 to 6
5.4 Consultation and participation of 4.4.3.2 Participation and consultation
workers
6 Planning (Title) 4.3 Planning (Title)
6.1 Actions to address risks & Corresponding Clause does not
opportunities (Title) exist
6.1.1 General
6.1.2 Hazard Identification and 4.3.1 4.3.1 Hazard identification, risk
assessment of risks and assessment, and determining
opportunities controls, paragraph-1 part, 2 to 4 &
7
6.1.3 Determination of legal 4.3.2 Legal and other requirements
requirements and other
requirements
6.1.4 Planning action 4.3.1 Hazard identification, risk
assessment, and determining
controls, paragraph-1 part, 5 & 6
6.2 OH & S objectives and planning to Corresponding Clause does not
achieve them (Title) exist
6.2.1 OH & S objectives 4.3.3 Objectives and programme(s),
paragraph-1 to 3
6.2.2 Planning actions to achieve 4.3.3 Objectives and programme(s),
OH & S objectives paragraph-4 & 5
7 Support (Title) 4.4 Implementation and Operation
(Title)
7.1 Resources 4.4.1 Resources, roles, responsibility,
accountability and authority,
paragraph-2. a
7.2. Competence 4.4.2 Competence, training &
awareness, paragraph-1 & 2
7.3 Awareness 4.4.2 Competence, training &
awareness, paragraph-3
7.4 Communication (Title) 4.4.3 Communication, participation &
consultation (Title)

4
 ISO 45001:2018 & OHSAS 18001:2007 Clause-wise Comparison Matrix
ISO 45001:2018 OHSAS 18001:2007
7.4.1 General 4.4.3.1 Communication
7.4.2 Internal Communication Corresponding Clause does not
7.4.3 External Communication exist
7.5 Documented information (Title) 4.4.4 Documentation
7.5.1 General
7.5.2 Creating and updating 4.4.5 Control of documents, paragraph-
2 part
4.5.4 Control of records, paragraph-2
part
7.5.3 Control of documented 4.4.5 Control of documents, paragraph-
information, paragraph-1 1
4.5.4 Control of records, paragraph-1
7.5.3 Control of documented 4.4.5 Control of documents, paragraph-
information, paragraph-2 & 3 2 part
4.5.4 Control of records, paragraph-2
part & 3
8 Operation (Title) 4.4 Implementation and Operation
(Title)
8.1 Operational planning and control 4.4.6 Operational control
8.2 Emergency preparedness and 4.4.7 Emergency preparedness and
response response
9 Performance Evaluation (Title) 4.5. Checking (Title)
9.1 Monitoring, measuring, analysis Corresponding Clause does not
and evaluation (Title) exist
9.1.1 General, paragraph-2, 4, 6 4.5.1 Performance measurement and
9.1.1 General, paragraph-1, 3, 5 monitoring
9.1.2 Evaluation of compliance 4.5.2 Evaluation of compliance
9.2 Internal audit (Title) Corresponding Clause does not
exist
9.2.1 General 4.5.5 Internal audit, paragraph-1
9.2.2 Internal audit programme 4.5.5 Internal audit, paragraph-2 to 4
9.3 Management review, paragraph-1 4.6 Management review, paragraph-1
9.3 Management review, paragraph-2 4.6 Management review, paragraph-2
9.3 Management review, paragraph-3 4.6 Management review, paragraph-3
Corresponding Clause does not 4.6 Management review, paragraph-4
exist
10 Improvement (Title) Corresponding Clause does not
10.1 General exist
Corresponding Clause does not 4.5.3 Incident investigation, NC, CA &
exist PA (Title)

5
 ISO 45001:2018 & OHSAS 18001:2007 Clause-wise Comparison Matrix
ISO 45001:2018 OHSAS 18001:2007
10.2 Incident, Nonconformity & 4.5.3.1 Incident investigation, paragraph-
corrective action, paragraph-1, 2 1 to 3
4.5.3.2 Nonconformity, CA and PA
10.2 Incident, Nonconformity & 4.5.3.1 Incident investigation, paragraph-
corrective action, paragraph-3 4
10.3 Continual improvement Corresponding Clause does not
exist

Comparison matrix on ISO 45001:2018 versus OHSAS 18001:2007 will help organizations
to upgrade themselves since it can help them identify gaps existing in system developed
on OHSAS 18001:2007 and therefore they can work to fill in those gaps so as to upgrade
on ISO 45001:2018.