While OHSAS 18001 has been widely embraced, what's ISO 45001 going to bring to safety leaders? While both standards are targeted toward improvements in working conditions, ISO 45001 takes a proactive approach to risk control that starts with the incorporation of health and safety in the overall management system of the organization, thus driving top management to have a stronger leadership role in the safety and health program. OHSAS 18001 takes a reactive approach of hazard control by delegation of hazard control responsibilities to safety management personnel rather than integrating the responsibilities into the overall management system of the company. Understanding the differences between the programs is important for employers as they move into the new system and explore the organizational possibilities. Below are several of the main differences between the two standards:
Management Commitment In ISO 45001, management commitment is central to the standard’s effectiveness and integration. The shift in the new standard is toward managerial ownership. The safety culture of the organization is to be supported by the engagement of management with workers, and demonstrated by a top-down emphasis. Instead of providing oversight of the program, management should be true safety leaders. This means an active, participatory role in the organization’s safety and health for C-suite and those in management. Protection of workers, as well as performance improvements, are roles of leadership under the new ISO 45001.
Worker Involvement Workers also have broader participation in the new standard, with employees working with management to implement the safety management system (SMS). Employees should be provided training and education to identify risks and help the company create a successful safety program. Internal audits and risk assessment results should be openly shared with workers and allow for employee input. According to ISO 45001, the responsibility of safety management belongs to everyone in the organization.
Risk Versus Hazard ISO 45001 follows a preventative process, which requires hazard risks to be evaluated and remedied, as opposed to hazard control, under OHSAS 18001. Think of the new standard as proactive, rather than reactive. In adopting ISO 45001, your organization will find and identify potential hazard risks before they cause accidents and injuries. Audits, job safety analyses and monitoring of workplace conditions will be vital to ensure the proactive approach prescribed by ISO 45001.
Structure One obvious and important difference between ISO 45001 and OHSAS 18001 is the structure. The new standard is based on Annex SL, which replaced ISO Guide 83, and applies a universal structure, terminology and definitions. You’re probably well familiar with this structure if you also use other systems such as ISO 9001 and ISO 14001. Through using the same structure, multiple management systems are easier to implement in a more streamlined and efficient way. Ultimately, ISO 45001 can be best summarized as a whole-company, proactive approach to incorporating a safety culture. It is a framework that can take your organization to the next level in safety and health.
Mahesh – 8940630864
The release of the ISO 45001 Standard is arguably the most significant event for EHS managers in a generation. This new standard, which will replace OHSAS 18001, follows the approach of other management systems such as ISO 14001 and ISO 90001 and has an increased emphasis on management commitment, worker involvement, and risk control. Adoption of the standard over the next three years will, no doubt, lead to many questions as organizations evaluate their current health and safety processes. Understanding the key differences between ISO 45001 and OHSAS 18001 is an important first step. Below is an overview of ISO 45001 and a list of the key similarities and differences in the two standards. What is ISO 45001?
ISO 45001 was published on March 12,2018and is the new international standard for occupational health and safety (OH&S) management
ISO 45001 specifies requirements for an occupational health and safety (OH&S) management system and gives guidance for its use to enable organizations to provide safe and healthy workplaces by preventing work-related injuries, illnesses, and fatalities and by proactively improving OH&S performance
ISO 45001 is applicable to any organization worldwide regardless of its size, type, or nature
ISO 45001 replaces OHSAS 18001, the world’s former reference for OH&S management (organizations currently certified under OHSAS 18001 will have until March 12,2021to migrate to ISO 45001)
How is ISO 45001 similar to OHSAS 18001?
Intent: The overall intent to create a framework for managing the prevention of employee injuries, illnesses, and fatalities is the same for both standards Plan-Do-Check-Act: The PDCA cycle remains the fundamental operating principle in both standards Other Similarities: Many of the requirements covered in OHSAS 18001, although consolidated, relocated, or expanded on, are found in ISO 45001, including policy requirements; identification of legal and other requirements; improvement objectives; awareness requirements; competency requirements; resources needed to support the system; and requirements for monitoring, measuring, and analyzing OH&S performance and improvement
What are some of the main differences between ISO 45001 and OHSAS 18001?
Structure: The structure of ISO 45001 is based on Annex SL, which is the framework used in other ISO management system standards, making implementation easier and more efficient Management Commitment: ISO 45001 requires the incorporation of health and safety into the overall management system of the organization, requiring management to take a stronger leadership role in OH&S Worker Involvement: ISO 45001 requires employee training and education to identify risks and help create a successful safety program, allowing broader employee participation Risk v. Hazard: ISO 45001 follows a preventative process, requiring hazard risks to be evaluated and remedied before they cause accidents and injuries, unlike OHSAS 18001, which focused only on hazard control
Mandatory documents and records required by ISO 45001:2018 Here are the documents you need to produce if you want to be compliant with ISO 45001:
Scope of the OH&S management system (clause 4.3)
OH&S policy (clause 5.2)
Responsibilities and authorities within OH&SMS (clause 5.3)
OH&S process for addressing risks and opportunities (clause 6.1.1)
Methodology and criteria for assessment of OH&S risks (clause 6.1.2.2)
OH&S objectives and plans for achieving them (clause 6.2.2)
Emergency preparedness and response process (clause 8.2)
And, here are the mandatory records:
OH&S risks and opportunities and actions for addressing them (clause 6.1.1)
Legal and other requirements (clause 6.1.3)
Evidence of competence (clause 7.2)
Evidence of communications (clause 7.4.1)
Plans for responding to potential emergency situations (clause 8.2)
Results on monitoring, measurements, analysis and performance evaluation (clause 9.1.1)
Maintenance, calibration or verification of monitoring equipment (clause 9.1.1)
Compliance evaluation results (clause 9.1.2)
Internal audit program (clause 9.2.2)
Internal audit report (clause 9.2.2)
Results of management review (clause 9.3)
Nature of incidents or nonconformities and any subsequent action taken (clause 10.2)
Results of any action and corrective action, including their effectiveness (clause 10.2)
Evidence of the results of continual improvement (clause 10.3)
Non-mandatory documents There are numerous non-mandatory documents that can be used for ISO 45001 implementation. However, these are the non-mandatory documents that are most commonly used:
Procedure for Determining Context of the Organization and Interested Parties (clause 4.1)
OH&S Manual (clause 4)
Procedure for Consultation and Participation of Workers (clause 5.4)
Procedure for Hazard Identification and Assessment (clause 6.1.2.1)
Procedure for Identification of Legal Requirements (clause 6.1.3)
Procedure for Communication (clause 7.4.1)
Procedure for Document and Record Control (clause 7.5)
Procedure for Operational Planning and Control (clause 8.1)
Procedure for Change Management (clause 8.1.3)
Procedure for Monitoring, Measuring and Analysis (clause 9.1.1)
Procedure for Compliance Evaluation (clause 9.1.2)
Procedure for Internal Audit (clause 9.2)
Procedure for Management Review (clause 9.3)
Procedure for Incident Investigation (clause 10.1)
Procedure for Management of Nonconformities and Corrective Actions (clause 10.1)
Procedure for Continual Improvement (clause 10.3)
Mandatory documents and records required by ISO 9001:2015 Here are the documents you need to produce if you want to be compliant with ISO 9001:2015. (Please note that some of the documents will not be mandatory if the company does not perform relevant processes.):
Scope of the QMS (clause 4.3)
Quality policy (clause 5.2)
Quality objectives (clause 6.2)
Criteria for evaluation and selection of suppliers (clause 8.4.1)
And, here are the mandatory records (note that records marked with * are only mandatory in cases when the relevant clause is not excluded):
Monitoring and measuring equipment calibration records* (clause 7.1.5.1)
Records of training, skills, experience and qualifications (clause 7.2)
Product/service requirements review records (clause 8.2.3.2)
Record about design and development outputs review* (clause 8.3.2)
Records about design and development inputs* (clause 8.3.3)
Records of design and development controls* (clause 8.3.4)
Records of design and development outputs *(clause 8.3.5)
Design and development changes records* (clause 8.3.6)
Characteristics of product to be produced and service to be provided (clause 8.5.1)
Records about customer property (clause 8.5.3)
Production/service provision change control records (clause 8.5.6)
Record of conformity of product/service with acceptance criteria (clause 8.6)
Record of nonconforming outputs (clause 8.7.2)
Monitoring and measurement results (clause 9.1.1)
Internal audit program (clause 9.2)
Results of internal audits (clause 9.2)
Results of the management review (clause 9.3)
Results of corrective actions (clause 10.1)
Non-mandatory documents There are numerous non-mandatory documents that can be used for ISO 9001 implementation. However, I find these non-mandatory documents to be most commonly used:
Procedure for determining context of the organization and interested parties (clauses 4.1 and 4.2)
Procedure for addressing risks and opportunities (clause 6.1)
Procedure for competence, training and awareness (clauses 7.1.2, 7.2 and 7.3)
Procedure for equipment maintenance and measuring equipment (clause 7.1.5)
Procedure for document and record control (clause 7.5)
Sales procedure (clause 8.2)
Procedure for design and development (clause 8.3)
Procedure for production and service provision (clause 8.5)
Warehousing procedure (clause 8.5.4)
Procedure for management of nonconformities and corrective actions (clauses 8.7 and 10.2)
Procedure for monitoring customer satisfaction (clause 9.1.2)
Procedure for internal audit (clause 9.2)
Procedure for management review (clause 9.3)
What are the 4 main differences between ISO 9001:2008 and ISO 9001:2015? ISO 9001:2015 HAS TEN CLAUSES INSTEAD OF EIGHT The following table shows the relationship of the ISO 9001:2008 clauses to those in the new ISO 9001:2015. ISO 9001:2008 0. Introduction 1. Scope 2. Normative reference 3. Terms and definitions 4. Quality management system 5. Management responsibility 6. Resource management 7. Product realization 8. Measurement, analysis and improvement
ISO 9001:2015 0. Introduction 1. Scope 2. Normative reference 3. Terms and definitions 4. Context of the organization 5. Leadership 6. Planning 7. Support 8. Operation 9. Performance evaluation 10. Improvement
The first three clauses in ISO 9001:2015 are largely the same as those in ISO 9001:2008, but there are considerable differences between ISO 9001:2008 and ISO 9001:2015 from the fourth clause onwards. The last seven clauses are now arranged according to the PDCA cycle (Plan, Do, Check, Act). The following figure shows this.
The PDCA cycle is a four-step management method used to achieve and maintain control and continual improvement for process and products.
Plan- Establish the objectives and processes necessary to deliver results in accordance with the target or goal. Do- Implement the plan, execute the process, make the product. Check- Study the actual results and compare against the expected results. Act- If the CHECK shows that the PLAN implemented in DO is an improvement, then that becomes the new standard. If not, then adjustments are made to insure consistent improvement.
By diligently using the PDCA cycle, we can insure that complacency never occurs, and that Cubbison is consistently raising and maintaining our standards.
Clauses 4, 5, 6 and 7 of ISO 9001:2015 come under PLAN, clause 8 comes under DO, clause 9 comes under CHECK and clause 10 is covered by ACT. With this new arrangement, the new ISO 9001:2015 strives to give additional momentum to the continuous and systematic improvement of processes within organizations and businesses, such as the Cubbison Company.
ISO 9001:2015 PUTS MORE FOCUS ON INPUT AND OUTPUT There is more emphasis in ISO 9001:2015 on measuring and properly assessing the input and output of processes. According to ISO 9001:2015, We closely monitor which articles, information and specifications are involved in the production process. We also clearly check whether good articles come out of the production process.
RISK-BASED THINKING IS AT THE CORE OF ISO 9001:2015 Risk-based thinking has a very important place in ISO 9001:2015. We use risk analysis in order to decide for ourselves which challenges we see in the management of our business processes. Formal risk analysis, familiar to many organizations via FMEA or HACCP techniques, is now standard for everyone. To emphasize their dominance, the concept of ’risk’ occurs forty-eight times in ISO 9001:2015, compared with only three times in ISO 9001:2008. The addition of risk-based thinking has made the ‘preventive measures’ of ISO 9001:2008 redundant. These preventive measures no longer appear in ISO 9001:2015. The transition from ‘Preemptive measures’ to ‘Risk-based Thinking’ is a smart one, as it acts to analyze situations, and solve potential problems long before they begin to develop.
LEADERSHIP AND COMMITMENT IN ISO 9001:2015 ISO 9001:2015 also places more emphasis on leadership and management commitment. It requires greater involvement by top managers and business leaders in controlling the quality management system. This way, ISO 9001:2015 is intended to encourage integration and harmonization with business processes and business strategies. This helps emphasize top management responsibility to ensure the effectiveness of the quality management system. Because ISO 9001:2015 pays more attention to risk management, interested parties and the context of the organization, the quality management system also fits in better with the needs of the top management.
The quality management system is now more than ever a means for being strategically successful by addressing the needs of interested parties and by managing opportunities and threats. The ‘management representative’ of ISO 9001:2008 was a member of the management committee who had the responsibility and authority for steering the quality management system along the right lines. ISO 9001:2015 does not mention this aspect any more. The idea behind the change is that quality is a matter for everyone and for all levels within the organization. We, at the Cubbison Company, are proud to be recognized as one of the few companies to achieve this level of certification to date. To us, our ISO 9001:2015 registration is verification of our ingenuity, leadership, progressiveness, and our attention to detail, efficiency, quality, safety and care for our customers in the printed electronics and product identification industries.