Professional Documents
Culture Documents
Iso 45001-2018 Course PDF
Iso 45001-2018 Course PDF
Iso 45001-2018 Course PDF
1. Learning Outcomes
After completing this module you will be able to:
Comparing Standards
OHSAS 18001 helps companies to develop a healthy and safe working environment, by
providing a framework to achieve the following:
• Determine health and safety risks and minimize them to an acceptable level
• Minimize the likelihood of accidents
• Establish a framework to assess legal compliance
• Improve overall health and safety performance.
ANSI / AIHA Z10: ANSI is the American National Institute standard. The American
Industrial Hygiene Association (AIHA) serves as its Secretariat. The Accredited Standards
Committee, Z10, approved the standard in 1999.
• The standard’s scope is “minimum requirements of occupational health and safety
management systems”.
• The standard’s purpose is “[as a] Management tool to minimize the risk of illnesses, injury
and fatalities in the workplace.”
• The application of the standard includes organizations of all types and sizes, including
contractors.
While making the standard, the Z10 Committee adopted inputs from OSHA, US industry,
ISO Quality and environmental systems and the International Labor Organization.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
CSA Z1000-06: The Canadian Standard Association (CSA), published a standard for
Occupational Health and Safety Management Systems in 2006, known as CSA Z1000-6.
This standard lays out the conditions for the creation, enforcement and improvement of a
Health and Safety Management System.
The elements are similar to those outlined in other management systems and include the
following:
• Management Commitment and Participation
• Health and Safety Planning
• Implementation of Controls
• Performance Evaluation
• Management Review
• Continuous Improvement
Other Standards
REQUIREMENTS: The need for a globally recognized standard for
occupational health and safety management systems, has always
been felt. Professionals have had the ISO 9001 - quality management
system and ISO 14001 - environmental management system, since the
early 2000s. However different systems for occupational health and
safety, were being followed in different countries.
Experts claim that the development of the new ISO 45001 OHSMS standard, is well timed,
because it matches the recent publication of the newly revised ISO 9001:2015 (quality
management system) and the ISO 14001:2015 (environmental management system). Both
employ a risk-based structure.
The shared common requirements of the three most widely used international standards,
should empower organizations to incorporate them more easily into their organizational
processes.
OHSAS 18001:2007: OHSAS 18001:2007 has been the most important standard for
occupational health and safety management systems and has been adopted by many
companies, operating in countries other than the UK. Since it has been employed and
observed in multiple organizations, it is important to compare the two standards (OHSAS
18001 and ISO 45001). This will serve as an aid, to help organizations transition.
What are the major differences between OHSAS 18001 and ISO 45001? The primary
difference is that ISO 45001 focuses on the interface of an organization and its business
environment; OHSAS 18001 concentrates on managing OH&S hazards and internal
issues. However, the standards differ in other ways. See below the table for comparison.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
TABLE:
Plan-Do-Check-Act:
PLAN: The ISO 45001 standard comprises the Plan-Do-Check-Act
(PDCA) model. This model offers a mechanism for organizations to plan
what they require, so as to mitigate the probability of OH&S damages.
The “Plan” part of the model, should reflect concerns relating to health
problems in the long term and absenteeism at work. The measures
used, should address the factors that contribute to accidents at work.
For instance, many workers undergo stress, which is classed as a psycho-social risk.
Stress is considered to be one of the main problems at work in the current economy. Plans
can also include measures to deal with stress management.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
DO: The ISO 45001 standard directs top management to "own" the
workplace and the hazards associated with it. Top management must
prove their commitment through leadership, to make sure that
workers have the sufficient skills, knowledge and expertise.
Moreover, top management should put in place effective controls in
the “Do” phase of the PDCA model; these are known as operational
controls. Encouraging workers' participation and advice is necessary,
in order to be able to enforce better occupational health and safety measures.
CHECK: The “Check” part of the PDCA model, lists all of the main constituents that
should be resolved, to make sure that the system is operational. This includes opportunities
for enhancement and improvement in the “Act” phase.
ACT: The “Act” part of the PDCA model is the improvement part of the process and is
referred to, in the standard, as “Continual Improvement”.
It is a recurring activity that needs to be maintained, in order to enhance performance.
ADVANTAGES: How will the new ISO 45001 standard perform for
users of, for example OHSAS 18001? It is expected that users of
OHSMS standards, such as OHSAS 18001 and the ILO-OSH
Guidelines, will easily be able to take up ISO 45001, as it does not
contradict these standards. In addition, ISO 45001 empowers
organizations with the opportunity of incorporating OHSMS into their
integrated business processes.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
The advantages of implementing ISO 45001, aside from the fact that it is now the accepted
new international standard by consensus, is that it will naturally integrate with earlier
management approaches, especially in the area of business risks. It will thus act as an
added advantage to SMEs, when opting to have more than one standard.
Global Solution
SUITABILITY: Why is ISO 45001 better than OHSAS 18001? ISO 45001 was developed
in collaboration with other ISO management systems.
Developers tried to ensure it is an easy-to-use framework, compatible with the latest
versions of the ISO 9001 QMS and the ISO 14001 EMS. Companies who have already
implemented other ISO standards, will find it easy to implement ISO 45001.
GAP ANALYSIS: If your organization is currently using the OHSAS 18001 standard,
migrating to ISO 45001:2018 is a beneficial solution, as multiple clause
requirements of ISO 45001:2018 are equivalent or analogous. Note
however, that clauses may utilize different terminology or be arranged
in a different order.
Guide to existing OHSAS 18001 users:
• Get a copy of the standard from the ISO Store at: www.iso.org/iso/iso45001 or from your
national ISO representative.
• Examine the changes in the standard, or use the comparative matrix in this course as a
free resource.
• Conduct a 'gaps analysis' between ISO 45001 and your current OHSAS 18001 system.
• Apply the necessary actions to fill any identified gaps.
Employee Participation
CLAUSES: The internal and external issues of organizations need to
be addressed, in a business context analysis perspective, with
occupational health and safety in mind, as per Clause 4.1 of the ISO
45001:2018 standard. This mandates the company to recognize
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
systematically and study the various issues which effect their business operations, as well
as the management system.
Clause 4.2 focuses on the need for organizations to address workers’ needs and
expectations, as well as the needs and expectations of other effected parties, in the matter
of workplace health and safety. The company is required to address these issues through a
verifiable occupational health and safety management system. Clause 4.3 relates to scope.
Unlike in OHSAS 18001, scope should only be defined when clauses 4.1 and 4.2 have
been adequately addressed.
ILLUSTRATION
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
WORKERS: Worker - The ISO 45001 standard defines the term
“worker” (clause 3.3), as a “person performing work or work-related
activities, that are under the control of the organization”.
The concept of 'worker' in the standard, is different to that which is
perceived in certain industries. The term worker, in the standard, includes
top management, managerial and non-managerial staff.
This term incorporates the following:
1. Workers from external providers
2. Contractors
3. Individuals
4. Agency workers
5. Other persons involved in work-related activities
ILLUSTRATION A.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
PARTICIPATION: Participation is a term defined in clause 3.4 of the ISO 45001
standard, as “involvement in decision making”, regarding the occupational health and safety
management system. It includes the involvement of health and safety committees and
workers’ representatives, or by other parties in the organization.
The involvement of workers and staff in decisions, is part of the ownership of the health and
safety management system. Participation is different from consultation. In the former,
workers are part of the decision-making process; in the latter workers' views are welcomed
and considered but are not necessarily a deciding factor. In consultation, management
considers workers' views on the basis of their merit.
Participation is a democratic style of management, where opinions are directly involved in
the decision-making process. This means a more empowered role for workers in the
management system, giving workers an increased level of ownership and involvement. See
the illustration on the next tab.
ILLUSTRATION B.
The term “injury and ill health”, implies the presence of injury or ill health, either separately
or in combination. The occupational health and safety management system's main focus, is
to prevent injury and ill health at work. Recording incidents of injury and ill health at work, is
part of the performance monitoring criteria of the OH&SMS. Successful organizations aim
to achieve zero occupational injury and ill health at work, as their primary OH&S objective.
If objectives are made using SMART principles, it is likely that an organization will achieve
its targets. Also, it will be easier for people to follow the procedures and to complete
activities that are defined in the objectives. Examples of OH&S objectives include: zero
accidents, reduction in loss-of-time injuries, increase in safe working hours, decrease in the
number of reports of unsafe acts and unsafe conditions.
ILLUSTRATION:
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
Risk and Uncertainty
RISK: ISO 45001 defines the term risk as “the effect of uncertainty”. The standard further
explains that the effect is a deviation from the expected. This effect can
be positive or negative. Uncertainty is a state of deficiency of
information relating to the understanding or knowledge of an event, its
consequences, or its likelihood. Risk is often characterized by
reference to potential “events” and “consequences”, or a combination of
these.
Risk is often expressed in terms of a combination of the severity and consequences of an
event (including changes in realities) and likelihood or occurrence. Therefore, risk is
commonly a multiple of severity and occurrence (Risk = Severity x Occurrence). The joint
terminology of “risks and opportunities” is used in ISO 45001. See the illustration on the
next tab.
ILLUSTRATION:
Module 1 Summary
• Occupational Health and Safety Management Systems help companies to improve their occupational
health and safety performance continually.
• Some of the national standards for implementing OH&SMS systems, prior to ISO
45001:2018 have been: BS OHSAS 18001; ANSI/AIHA Z10 and CSA Z1000.
• The BS OHSAS 18001, Occupational Health & Safety Assessment Series, is a globally
recognized British Standard for occupational health and safety management systems.
• ANSI stands for the American National Standards Institute. The Accredited Standards
Committee “Z10” approved the standard in 1999.
• The Canadian Standards Association (CSA), published a standard for Occupational Health
and Safety Management Systems, in 2006, known as CSA Z1000-6.
• The ISO 45001 standard matches closely with the newly revised ISO 9001:2015 quality
management system and the ISO 14001:2015 environmental management system. Both
similarly employ a risk-based structure.
• The committee responsible for the development of the ISO 45001 standard is known as
ISO/PC 283.
• Experts from approximately seventy countries, collaborated on the drafting of ISO 45001.
• The British Standards Institution (BSI), served as the committee’s secretariat for the
development of ISO 45001.
• ISO 45001 incorporates a Plan-Do-Check-Act (PDCA) model. This is a mechanism for
organizations to plan what they require, in order to mitigate the probability of OH&S
damages.
• Companies need to migrate from OHSAS 18001 to ISO 45001 within three years after
publication of ISO 45001 (March 2018).
• Brief comparison between the ISO 45001 and OHSAS 18001 standards: ISO 45001 uses a
process-based approach > OHSAS 18001 uses a procedure-based approach; ISO
45001 uses a risk-based approach > OHSAS 18001 uses a preventive approach; ISO
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
45001 incorporates both risks and opportunities > OHSAS 18001 considers risk only;
ISO 45001 incorporates the views of interested parties > OHSAS 18001 does not
include the views of interested parties.
• In a rapidly growing and creative world, the requirement is felt for organizations to be
proactive in the area of occupational health and safety management, rather than reactive.
ISO 45001 provides such a framework.
• Most organizations are small to medium-sized enterprises. ISO 45001 is applicable to
those, as well as to larger enterprises.
• Most organizations will benefit from ISO 45001 and significant numbers will welcome the
recognition that comes with ISO 45001 certification.
• The users of existing OH&SMS, such as OHSAS 18001 and the ILO-OSH Guidelines, will
easily be able to implement ISO 45001, as it does not contradict these standards.
• The ISO 45001:2018 OH&SMS, offers a vigorous set of processes for improving workplace
safety in the area of global supply chains.
• The new ISO 45001:2018 international standard, when implemented, is expected to reduce
workplace injuries and illness significantly around the world.
• According to ILO statistics (2017), 2.78 million fatal accidents occur in the workplace each
year. In addition, there are approx. 374 million non-deadly incidents of work-related damage
and illness each year. Most of these incidents involve loss-of-time injuries, meaning
absenteeism from work, loss of productivity and loss of revenue.
• According to the ISO 45001:2018 standard, the ultimate accountability of top management
for the OH&SMS cannot be delegated.
• The support functions listed in clauses 7.1 to 7.5 of ISO 45001:2018, include: availability of
sufficient resources; competency of workers to perform work safely, the necessary
awareness of workers, visitors and contractors regarding occupational health and safety;
sufficient communication; documentation of information.
• Clauses 8.1 to 8.2, deal with operational planning and controls; emergency situations;
cases of failure and the development of preparedness plans by organizations.
• Clause 9 in ISO 45001, deals with performance evaluation, similar to that contained in the
British standard OHSAS 18001.
• The linguistic reference to ‘preventive’ action in OHSAS 18001, has been removed from
clause 10 in ISO 45001, as it is already considered in the risk management phase.
• Risk should not only be managed for hazards, but also for internal and external issues,
including the needs and expectations of 'interested parties'.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
1. Learning Outcomes
After completing this module, you will be able to:
• Discuss what an emergency response is and how organizations are required to plan for
emergency situations.
LEADERSHIP B.
g) Guiding and empowering workers to play their role in the sustenance of the OH&SMS.
h) Ensuring and encouraging continuous improvement.
I) Empowering other management to prove their leadership in the areas they lead.
j) Establishing, leading and encouraging an organizational culture that assists the desired
results of the OH&SMS to succeed.
k) Safeguarding workers from retaliation or reprisals, when it comes to reporting accidents,
unsafe conditions, hazards, risks and areas for improvement.
l) Ensuring that the organization develops and applies processes for discussion and the
participation of workers.
m) Empowering the development and operation of health and safety committees.
OH&SMS Participation
The latest discoveries and research with regard to contemporary illness, e.g. recurring
stress, strains and depression, demonstrates that adhering to OH&S legislation improves
performance.
ASSESSMENT:
Assessment of health and safety risks (Clause 6.1.2.2).
Management must develop, apply and carry out processes for the
following:
(a) Assess the health and safety risks from a list of hazards, while considering the
effectiveness of current controls;
(b) Identify and assess other risks related to the establishment, application, operation and
maintenance of the overall OH&SMS.
The management’s procedures and criteria for the assessment of health and safety risks,
must be defined, to ensure they are preemptive rather than responsive and that they are
utilized in a systematic way. Documented information must be developed and retained on
the assessment principles and methodology.
Management must develop, apply and carry out processes for the following:
(a) Health and safety opportunities to enhance health and safety performance, changes to
management, policies, processes or activities.
(b) Opportunities to upgrade work, management and the work environment for employees.
(c) Opportunities to eliminate hazards and reduce health and safety risks.
(d) Opportunities for improving the OH&SMS.
LEGAL:
Legal and other requirements (6.1.3)
Management must develop, apply and carry out processes for the following:
A. Identify and subscribe to the latest legal and other requirements that are relevant to
hazards, risks and health and the OH&SMS.
B. Identify how legal and other requirements apply to management and which requirements
need to be communicated to staff.
C. Take legal and other requirements into account when developing, applying and
improving the OH&SMS.
D. Retain documented information on legal and other issues and ensure it is upgraded to
incorporate any relevant changes.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
ACTIONS:
Management must plan actions relating to the following:
Management must take into consideration the "hierarchy of controls" (clause 8.1.2) and
results from the health and safety management system, when deciding on new actions.
When planning actions, management must take into account best practice, technological
alternatives and economical, functional and business needs.
OBJECTIVES:
Health and Safety objectives (Clause 6.2.1)
Management must develop health and safety objectives at appropriate functions and levels,
to carry out and continually improve the OH&SMS and OH&S performance (clause 10.3).
Health and safety objectives must take into consideration the following:
(c) Relevant requirements.
(d) The outcomes resulting from the assessment of risks and opportunities.
(e) The results of consultation with employees or employees’ representatives where they
Exist.
(f) Checks, communications and upgrades.
PLANNING:
Planning to attain health and safety objectives (Clause 6.2.2)
When planning how to attain organizational health and safety objectives,
management must address the following questions:
A. What needs to be worked on?
B. What resources will be needed?
C. Who will be delegated?
D. When it will be finished?
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
E. How will the outcomes be assessed (including pointers for monitoring)?
F. How will the measures needed to attain health and safety objectives, be assimilated into
business processes?
Management must produce and retain documented information on health and safety
objectives and the plans to achieve them.
Duties of Management
COMPETENCE:
Support Functions - Organizational Resources (Clause 7.1)
Management must recognize and render the resources required for the establishment,
application, maintenance and continual enhancement of the OH&SMS.
NOTE: Relevant actions can involve the delivery of training, mentoring, the re-allocation of
presently employed persons and the hiring or outsourcing of competent persons.
AWARENESS:
Awareness (Clause 7.3)
Employees must be made aware of the following:
- Health and safety policies and objectives
- The effectiveness and benefits of the OH&SMS
- The implications and potential outcomes of not conforming to OH&S requirements
- H&S incidents and the results of investigations
- Their ability to leave work situations when there is a grave danger to their life or health
OBLIGATIONS:
Communication (Clause 7.4)
Management must develop, apply and carry out the processes required for the internal and
external communications applicable to the OH&SMS, together with identifying the following:
• The appropriate subjects of communication
• The appropriate timing
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
The standard stipulates that management must take into account the "diversity" of the
audience when considering its communications. Diversity includes: • Gender • Language •
Culture • Literacy • Disability
Management must ensure that the opinions of external interested parties are considered,
when developing the communications process. In addition, management must:
DOCUMENTED INFORMATION:
The level of documented information required (Clause 7.5) in an OH&SMS, varies from
one organization to another. This is due mainly to the types of products and services it
provides and the requirement to show legal and other compliance.
CHANGES: Management must develop a process or processes, for the application and
control of intended short term and long-term changes that impact on health and safety
performance. This includes:
• Modifications to old products and services, work sites and the neighborhood
• Labor force and machinery
• Legal and other requirements
• Modifications in knowledge and facts about hazards and health and safety risks
• Upgrades of technology and related knowledge
Management must analyze the outcomes of unplanned changes and take measures to
decrease the impact of adverse effects.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
▪ Management must identify all "interested parties" in the system, together with employees.
Interacting with the organization’s workers, contractual partners and shareholders is an
important part of maintaining a list of all interested parties. If a business has a high accident
rate, insurance premiums will rise. Insurers are therefore an "interested party".
▪ External factors are outside an organization's direct control. However, they influence an
organization’s business and operations and consequently its OH&SMS.
▪ The latest discoveries and research into contemporary illness in the workplace highlights:
recurring stress, strains and depression (mental health). It finds that legislation must be
upgraded and business contexts need to be fully documented, if organizations are to truly
alter their health and safety systems to function effectively.
▪ Employees must be made aware of the organization's health and safety policy and its
health and safety management objectives.
▪ Management must react to appropriate communications regarding its health and safety
management system.
▪ The documented information relevant to the OH&SMS, should include the following
components: Identification and description; Format, language and reference number; Title,
date and author; Software version (if relevant); References to media and graphics used.
▪ Management must develop, apply and carry out processes for the eradication of hazards
and the minimization of health and safety risks, using the following 'hierarchy of controls':
(a) Remove or eliminate the hazard; (b) Substitute or replace hazards and risks with less
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
hazardous operations, processes, supplies and machinery; (c) Use engineering controls
and management of work; (d) Use administrative controls such as training and visual
controls; (e) Use adequate personal protective equipment.
▪ Where short or long term changes are applicable to work practices, a risk and opportunities
assessment should be undertaken before the change is applied.
▪ Only top management or its delegated personnel should develop, apply and carry out the
processes for hazard identification.
▪ Legal and other requirements relevant to health and safety, constitute risks and
opportunities for an organization, which management must address.
▪ Management must develop, apply and carry out processes to assess occupational health
and safety opportunities, in order to enhance occupational health and safety performance in
an organization.
▪ Management must develop occupational health and safety objectives relevant to different
work functions and levels.
▪ Management must identify and provide the resources needed for the establishment,
application, maintenance and continual enhancement of the OH&SMS.
▪ Management must send information regarding its OH&SMS and concerning legal and other
requirements, to any relevant external parties.
▪ Management must develop, apply and carry out processes to control the acquisition of
products and services, to ensure their compliance with the OH&SMS.
▪ Management must ensure that its outsourcing activities, with respect to health and safety,
are in fulfilment of legal and other requirements.
▪ Management must develop, apply and carry out processes to prepare for possible
emergency situations.
▪ Management must produce and retain documentation, regarding its processes and plans
for reacting to potential emergency situations.
1. Learning Outcomes
After completing this module, you will be able to:
Performance Measurement
PERFORMANCE: Performance evaluation (Clause 9) lists the
requirements of assessing the performance of the OH&SMS. This clause
encompasses three areas of evaluation:
• Monitoring, measurement and analysis
• Internal auditing
• Management reviews
Management must develop, apply and carry out (Clause 9.1) different processes for
monitoring, measurement and analysis. Management must identify the following:
Analysis is the study and interpretation of data to discover patterns, relationships and
trends in workplace activities. It is closely associated with measuring events.
Management must assess its health and safety performance and be aware of the
efficiency of its OH&SMS. Management must ensure, for example, that work equipment is
relevant, calibrated, verified and used appropriately.
NOTE: There can be legal and other requirements (national and international standards)
concerning the use, calibration and verification of equipment.
Competence is identified in Clause 9.1, as evidence that workers and management work
effectively together, in terms of the recognition of hazards and risk mitigation measures.
COMPLIANCE: The ISO 45001:2018 standard states what must be measured and
monitored to ensure OH&S legal compliance. Discontinuities must be recognized, solved
and documented. Examples of other factors that must be taken into account are:
• Corporate policies and agreements
• Insurance requirements
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
• Company and union agreements
• Other rules regulations
The ISO 45001 standard renders certain guidelines as key factors that can be used to
quantify performance. For example, if incidents are measured by occurrence, frequency
and severity, this constitutes a method of measuring performance. The measurement of the
completion of a corrective action, within a certain time or at a certain rate of completion, is
another form of measurement.
To quantify particular OH&S criteria, key performance indicators are used. For
example, if a criterion is a comparison of health and safety related incidents, an
organization may check: occurrence, type, impact, incidents, statistics etc. The indicators
are the results of the comparisons.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
ASSESSMENT: A compliance assessment program covers all
occupational exposure to legislation requirements. Evaluation can be
influenced by elements such as historic compliance, or the time at which
legislation was adopted or changed.
A compliance assessment plan can be joined to other evaluation
activities. These can form part of the management system audit, for
example environmental audits or quality management system assessments.
The internal audit should be conducted more vigilantly than in the comparable standards of
ISO 9001 (quality management system) and ISO 14001 (environmental management
system).
NOTE: Learn to carry out management system audits in this free online course:
https://alison.com/course/iso-management-system-audit-techniques-and-best-practices
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
Auditing Scope
NOTE: Management should conduct internal audits at consistent intervals, as part of their
management review.
HOW?: The internal auditor must have all the relevant information available, as part of the
“input” of the auditing process, i.e. risk assessment, data and outcomes, health and safety
performance results, stakeholder inputs and health and safety objectives. The auditor must
also have full access to all of the information and people relevant to the performance of
OH&S in the organization.
Management reviews should be completed on a regular basis, for example: quarterly, bi-
annually or annually. Fractional management reviews of an organization's OH&SMS, can
be performed at more regular intervals, if needed.
4. Continuous Improvement
DOCUMENTATION:
Management must retain documentation as proof of:
A. Nonconformities or incidents following measures taken
Professional investigators must account, not only for immediate causes, they must also
focus on root causes and the corrective measures that need to be taken.
The incident should be documented and presented internally and externally, were
appropriate, to regulatory bodies.
Corrective Actions
MODIFICATIONS: Organizations are responsible for corrective
actions concerning the management of change and the hierarchy of
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
controls. They are also responsible for making modifications to the OH&SMS by:
A. Updating process maps
B. Revising procedures
C. Updating the risk register
Continuous Improvement
▪ Management must develop, apply and carry out different processes for the monitoring,
measurement and analysis of its OH&SMS.
▪ Data analysis discovers patterns, relationships and trends in performance. It is related with
the measurement of events.
▪ Criteria is what the management compares its performance with, for example the
performance of other companies, developed codes, acknowledged standards, the
organization's own codes, the organization’s objectives and its historical health and safety
record (statistics).
▪ Management must ensure that monitoring and measuring equipment is calibrated, verified
and used as appropriate.
▪ Management must develop, apply and carry out processes for evaluating organizational
health and safety compliance, with legal and other requirements.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
▪ An organization should have a systematic method for monitoring and measuring its
occupational health and safety performance, on a recurrent basis. This should be a core
component of its OH&SMS.
▪ An organization should employ preemptive and responsive measures to OH&S gaps and
should primarily focus on proactive solutions, in order to maximize its performance.
▪ The internal audit plan must be scheduled and developed according to the system's scope.
The plan should be developed according to a risk assessment and take into account the
results of former audits.
▪ When choosing auditors to perform audits, objectivity and the absence of bias in the
process, must be assured.
▪ The ISO 45001 OH&SMS standard, mandates that the results of internal audits should be
presented to all employees and interested parties.
▪ Documenting the internal audit, together with the outcomes, measures and results, is a
requirement and a part of the OH&SMS continual improvement process.
▪ The management review should not only assess data and historical trends; it should aim to
improve the OH&S standards and performance in the organization.
▪ Management must develop, apply and carry out processes, together with investigations,
reports and measures, to identify and manage OH&S-related incidents and
nonconformities.
▪ An organization must take into account the following: the results from the evaluation and
analysis of its OH&S performance; the assessment of its OH&S compliance; the lessons
learned from internal audits and the lessons learned from management reviews.
▪ Incidents that lead to health and safety risks, include: near misses, disabilities, injuries, ill
health, damage to property and equipment.
▪ When a nonconformity or incident occurs, the organization must respond in a timely way;
they must act to manage/contain the issue, correct it and deal with the outcomes.
▪ Organizations must assess the corrective actions that are required to eliminate the root
causes of health and safety-related incidents and nonconformities. They must endeavour to
ensure that incidents and nonconformities that occur in one part of an organization, do not
occur in another part of an organization.
ISO 45001:2018 - Principles of Occupational
Health and Safety Management Systems
▪ Required corrective actions should be planned and implemented with the participation of
employees and interested parties.
END OF COURSE .