- What should you be doing now?
- What is the process for migrating to ISO 45001:2018?
- What is the timeline for migration to ISO 45001:2018?
- How Does ISO 45001:2018 standard compare to OHSAS 18001:2007? ISO 14001:2015?
In a recent blog post, we noted that we are in the final year of the original 3-year timeline until the March 2021 deadline for migrating existing OHSAS 18001:2007 registrations to the new ISO 45001:2018 standard. After March 2021, existing OHSAS 18001:2007 registrations will expire. A year is not that far away and if your organization has not already migrated to the new standard; it is important to take steps now in order to avoid lapses in certification and minimize costs of migration.
STEP ONE: Contact your Registrar and schedule migration audit dates now. If you have upcoming ISO 14001:2015 surveillance or re-certification audit, most Registrars can schedule a combined audit. It is important to schedule the audit now so that dates are available and reserved (it may be difficult to schedule dates if you wait until too close to the deadline – many registrars schedule these audits 6 to 12 months in advance).
STEP TWO: Obtain copies of the ISO Standards, including: ISO 45001:2018 (Occupational Safety & Health Management Systems) and ISO 14001:2015 (Environmental Management Systems). Also obtain copies of related guidance documents ISO 14004, and ISO 45002 when available. Licensed copies of these standards can be purchased electronically at www.iso.org and www.ansi.org
STEP THREE: Conduct a gap analysis and develop a clear action plan for areas that need to be address prior to migration.
STEP FOUR: Address gaps, and schedule internal systems audit to assess readiness and meet requirements of the standard. Although you can retain a consultant or contractor to conduct the internal audit, the Registrar audit does not count as your internal systems audit.
STEP FIVE: Successfully complete the ISO 45001:2018 migration audit, address findings, and obtain registration to the new standard.
Existing OHSAS 18001:2007 registrations expire March 11, 2021. The good news is that if you are already registered to both ISO 14001:2015 and OHSAS 18001:2007, the migration will be easier (typically 3 to 6 months process). Alternatively, if your organization does not have existing ISO system registration, you can readily develop integrated ISO 14001:2015 and ISO 45001:2018 systems (if do not have an existing system, it can take up to 12 months depending on available resources).
ISO 14001:2018 vs OSHAS:18001:2007 and ISO 14001:2015
OHSAS 18001 was originally released by a subgroup of ISO members to have a standard for occupational health and safety management systems (HSMS) equivalent to the ISO 14001 standard for environmental management systems (EMS). OHSAS 18001 added internal communication and participation, which was later adopted by subsequent revisions to ISO 14001. All recent ISO standards have been restructured to follow ANNEX SL (see first bullet below) to better facilitate integration of all ISO management systems standards. The ISO 45001:2018 standard and the most recent ISO 14001:2015 standard align much more closely. Highlights of the changes to ISO 45001:2018 from OHSAS 18001:2007 are summarized below:
- Use of Annex SL Structure: Structure of ISO 45001 follows the ISO Guide 8 Annex SL (as do the more recent versions of all ISO management system standards, including ISO 9001:2015 and ISO 14001:2015). The most recent version of ISO 14001 also follows this structure, which makes it easier to integrate systems for EH&S and minimize duplication of processes. The Annex SL structure is intended to make it clearer where the different ISO standards align as well as where there are specifics applicable to the subject. Annex SL structure includes:
- Normative References
- Terms and Definitions
- Context of the Organization
- Performance Evaluation
- Addition of Context: Similar to ISO 14001:2015, the ISO 45001:2018 standard has added a requirement to identify applicable issues within the context of their organization, and ensure the organization’s systems address this context, including internal and external stakeholders and drivers of organizational culture. With ISO 45001, organizations need to look beyond their own internal health and safety issues and consider what their interested parties (e.g., government, customers, investors, employees, non-governmental organizations) expect from them regarding occupational health and safety. The organization needs to identify stakeholders and specifically define the needs and expectations of internal & external stakeholders and other interested parties. The management system then needs to address these needs and expectations.
- Leadership Emphasis: Similar to ISO 14001:2015, ISO 45001:2018 has a greater emphasis on ensuring the organization’s leadership is engaged and involved in oversight of the effectiveness of the system, including integration with overall organizational objectives.
- Integration with Overall Organization: With OHSAS 18001:2007 organizations could choose to delegate health and safety responsibilities to an occupational health & safety manager. The ISO 45001:2018 standard emphasizes the integration of health and safety aspects into the overall management system and operations of the organization, with the intent of driving top management to have a stronger leadership role with respect to the OH&S management system.
- Greater Focus Risk & Opportunities: ISO 45001:2018 has more focus than OHSAS 18001:2007 on identifying and controlling risks rather than just focusing on hazards. Organizations are required to determine the risks and opportunities affecting the ability to deliver planned results. ISO 45001:2018 specifies use of hierarchy of controls, similar to the approach used by OSHA with the concept of minimizing hazards and risks as much as possible before applying controls. ISO 45001:2018 also requires addressing management of planned changes in operations.
- More Focus on Effectiveness: Although documentation remains important for some processes, the new standard places greater emphasis on effectiveness. Organizations need to identify metrics to evaluate ongoing performance so that adjustments can be made if needed to be able to better achieve overall objectives
- More Defined Communication & Participation Processes: Internal and External communication and employee participation needs to be identified as well as related processes.
- Increased Consideration of Contractors & Suppliers: In addition to assessing the organization assessing risks to its contractors and suppliers, ISO 45001:2018 requires organizations to consider how suppliers and contractors are managing their risks.
- Concepts & Terminology: In ISO 45001:2018 some fundamental concepts are changed, like risk, worker and workplace. There are also new definitions of terms such as: monitoring, measurement, effectiveness, OH&S performance and process. The terms “document” and “record” have both been replaced with the term “documented information” in ISO 45001:2018. The standard also states that documented information must be maintained to the extent necessary to have confidence that the processes have been carried out as planned.
The overall intent of ISO 45001:2018 remains the same as OHSAS 18001:2007, which is to reduce unacceptable risks and ensure the safety and wellbeing of organization internal and external stakeholders. ISO 45001:2018 is also better aligned with other ISO management systems to facilitate better integration with ISO 14001:2015 and ISO 9001:2015.
Our team at Capaccio Environmental Engineering is available to help you navigate through the process and prepare for a successful ISO migration audit with your Registrar.We can conduct a gap analysis, identify a prioritized action plan, and facilitate development and implementation of systems that both meet the ISO requirements and create business value for specifically for your organization. Contact us for more information and answers to your questions.
At CAPACCIO, we live our mission of “Helping Industry and the Environment Prosper”. We align EHS with your overall business objectives to strategically position you for success. Our unique approach combines our extensive EHS experience with innovative tools, such as our EHS Dashboard™, to effectively address your challenges. Our comprehensive solutions have resulted in award-winning EHS and overall business performance for our clients. We are certified WBENC, WBE. To learn more visit us at www.capaccio.com.