I am quite sure that you have heard that OHSAS 18001 is changing into ISO 45001 in late 2016. So far there has been an initial draft copy issued. I thought I would use this blog to discuss some of the planned changes. Since its initial release in 2000, there has only been one update to OHSAS 18001 as it’s a fairly new standard in the scheme of things. As I said in some of my previous blogs, most of us don’t like change, so I am sure many people will be asking questions starting with when, what and why. So let’s look at what is coming in late 2016 with ISO 45001.
When will ISO 45001 be available?
- A second DIS draft version of ISO 45001 is now available, however, this is not a public draft document and will only be available to selected people.
- The final approved version of ISO 45001:2016 will be published in October 2016 (UPDATE: The release of ISO 45001 has been delayed and is estimated to be released mid 2017).
How soon can I start the transition from OHSAS 18001 to ISO 45001?
- It may be useful to start communicating internally that OHSAS 18001 is changing to ISO 45001 in October 2016. You should start to look at your processes to see if they are in line with the new high-level structure; but take note that your system must remain compliant with the requirements of OHSAS 8001:2007 until the new standard has been released.
How long will OHSAS 18001:2007 continue to be recognized and audited to?
- The current standard will be recognized and can be audited until the end of the 3-year transition period for ISO 45001:2016 (expected October 2019).
What are the main changes expected in ISO 45001?
- There are now 10 clauses, which is a significant departure from OHSAS 18001. The requirements are better organised around the new 10 clause structure which all the other Management System standards will follow in the future (including ISO 9001 and ISO 14001).
2.0 Normative References
3.0 Terms and Definitions
4.0 Context of the Organisation
9.0 Performance Evaluation
4.1 Context of the Organisation: The intention of this is to ensure that the organisation has a high-level understanding of the important issues that can affect, either positively or negatively, the way the organisation manages its responsibilities in relation to the OH&S Management System for persons working under its control. The issues are those that affect the organisation’s ability to achieve the intended outcome, including the objectives it sets for its OH&S Management System, which include meeting its OH&S policy commitments.
4.2 Understanding the needs and expectations of interested parties:The organisation needs to establish whom the interested parties (such as legislative bodies, clients, the public, etc.) are and whether or not they are relevant to OH&S, and to identify the needs and expectations that those interested parties have.
5.0 Leadership: ISO 45001 adds an important new requirement; that top management has to demonstrate its leadership and commitment, and by taking accountability for the effectiveness of OH&S.
5.2 Policy: This now needs to make mention of the organisation’s commitment to continual improvement and has a commitment to worker participation and consultation.
6.0 Planning: You now need to consider risk and opportunities associated to the issues you identified in 4.1 with regards to requirement(s) of the interested parties.
7.0 Support: This requirement takes into account the areas of Resources, Competence, Awareness, Communication and Documented Information. Apart from restructuring of the requirements there is very little change. The most notable change is use of the term “documented information”, not “documents and records”, as is the case in OHSAS 18001. Documented information includes processed information held, for example on smartphones, tablets and the cloud.
8.0 Operations: This requirement takes into account the areas of Operational Planning and Control, Management of Change, Outsourcing, Procurement, Contractors and Emergency Preparedness and Response. There is very little change from OHSAS 18001 in this requirement apart from making some of these requirements more specific and explicit.
9.0 Performance Evaluation: This requirement takes into account the areas of Monitoring, Measurement, Analysis and Evaluation, Evaluation of Compliance, Internal Audit and Management Review. Again, there is very little change from OHSAS 18001 in this requirement apart from making some of these requirements more specific and explicit.
10.0 Improvement: This requirement takes into account the areas of Incident, Nonconformity and Corrective Action and Continual Improvement. As in other areas of ISO 45001, these follow the same requirements of OHSAS 18001 with the notable exception that Preventive Action is no longer mentioned, as this is managed under the concept of risk based thinking which is explicit throughout the standard.
The new concepts coming from Annex SL will, for many organisations and auditors, be tried and tested because they appear also in the updated version of ISO 9001 and ISO 14001. Organisations operating an Integrated Management System will then have the unique opportunity to more easily align and integrate the three Management Systems and standards.
There are many more minor changes in the new ISO 45001 standard in relation to OHSAS 18001 including lots of small changes to words, phrases and terms which have varying negligible impacts; however, in this blog I have tried to focus on some of the more significant changes. I would point that this blog is my interpretation of the first draft of ISO 45001 and once the next draft has been published, I will then revisit the standard with another blog – so keep checking back.
Next time I will explain the requirements of API Q1 and its relationship to ISO 9001.
Alan McInnes,CMIOSH, CIQA, MIIRSM