Learn the differences between OHSAS 18001 and ISO 45001

The mortality rate for work-related accidents is very high. There is a significant burden from occupational injuries and diseases for both employers and the economy in general, resulting in losses due to early retirement, employee absence and higher prices on insurance policies.

To combat this problem, the International Organization for Standardization (ISO) developed a new standard ISO 45001, which replaces OHSAS 18001 (Requirements for Occupational Health and Safety Management Systems – OHSMS).

When it comes to Occupational Health and Safety (OH&S) management, the OHSAS 18001 and ISO 45001 standards are inter-related, since both are aimed at providing organizations with a structure to manage activities and processes in an effort to identify and control the risks to which employees are exposed on a daily basis.

Yet what, after all, are the main differences between ISO 45001 and OHSAS 18001?

The OHSAS 18001

OHSAS (Occupational Health and Safety Assessment Series) 18001 was officially published in 1999 by the BSI – British Standards Institution and was widely used around the world after being created, playing an important role in improving regulations and requirements related to occupational health and safety.

Contrary to popular belief, OHSAS 18001 is not part of the International Standards issued by the ISO; yet it is similar in nature and effect to these standards, with the goal of providing better and safer working conditions.

The ISO 45001 standard

As the first international standard for Occupational Health and Safety Management Systems, the ISO 45001 is based on other ISO management standards (such as ISO 9001 – Quality Management and ISO 14001 – Environmental Management). It is also based on other health and safety standards, such as OHSAS 18001, International Labour Organization Guidelines, and labor standards and conventions.

ISO 45001 uses a simple PDCA model that gives companies a structure for planning what needs to be put in place to minimize risks and damage to health and safety. The standard is based on the ISO High Level Structure known as Annex SL, dividing the structure into chapters and sections.

The main differences between OHSAS 18001 and ISO 45001

OHSAS 18001	ISO 45001	Advantages
X	Structure based on Annex SL	Aligns different management system standards and applies a common language to all standards Facilitates implementation of an integrated management system Underscores the importance of considering the organization as a while, such as understanding that there are other direct impacts on OH&S beyond internal impacts
X	All clauses are dynamic	Makes implementation easy and efficient
X	Requires involvement from Senior Management	Greater commitment to leadership in the OH&S management system
X	Involvement of interested parties in the OH&S Management System: Workers Suppliers Third-Parties Unions Owners Community Customers	Increased identification and greater worker motivation and engagement, through involvement with OH&S management processes Greater understanding of the factors that need to be managed within the management system Everyone will become an agent of transformation in a new organizational culture Applicable to every type and size of organization, covering a variety of circumstances, from geographic to cultural and social
Procedure-based	Process-based	Provides a systemic view and allows for exploration of how processes are interrelated, while procedures are focused on executing a specific activity or process
Exclusively treats risk	Considers risks and opportunities	Greater focus on objectives as drivers for improvements and assessing performance
Reactive approach to risks (when undesired incidents occur)	Proactive approach to risks and hazards (before something actually happens)	Greater involvement between team and managers

Now that you know about the main differences between the two standards, see what is new in each clause of ISO 45001.

Clause 4: Context of the Organization

Incorporates the general requirements (clause 4.1) of OHSAS 18001.
Includes two new sub-sections:
- Understanding the organization and its context;
- Understanding the needs and expectations of interested parties.
Companies should understand the challenges the organization faces in relation to occupational health and safety and the risks inherent to this segment.
Comprehend the internal and external environment to determine relevant problems that can prevent successful implementation of the Health and Safety Management System.
Determine and analyze interested parties.

Clause 5: Leadership

The Policy, Organizational Roles, Responsibilities, Duties and Authorities are all transferred from OHSAS 18001.
New important requirement: Leadership and worker participation:
- Senior Management should show leadership and commitment by taking responsibility for and ensuring the efficacy of occupational health;
- “Workers” include senior management, managers and non-managerial staff;
- Everyone should be included in the decision-making process.

Clause 6: Planning

Requires that companies consider risks and opportunities associated with the issues identified in item 4.1.
Replaces preventive action and reduces the need for corrective actions.
Contains expanded requirements on risks and hazards, while also focusing on risks and opportunities related to interested parties who are relevant to the organization.
Some requirements in this clause can be implemented in the planning phase.
When planning the OH&S management system, companies should:
- Consider issues related to Organizational Context (4.1);
- Requirements regarding Interested Parties (4.2);
- Scope of the health and safety management system (4.3);
- Determine risks and opportunities that need to be addressed.

Note: ISO 45001 differentiates between “risks” and “OH&S risks” in its section on terms and definitions:

Risk: The effect of uncertainty.

This is a strategic term, aimed at the general results of the management system and company strategy.

OH&S Risk: Combination of the likelihood of occurrence of a hazardous event or exposure and the severity of injury and ill health that can be caused by the event or exposure.

This term is technical (formerly risk in OHSAS 18001). The same as the “risk” referenced in “risks and opportunities” in ISO 45001.

Clause 7: Support

The requirements of this clause consider the areas of:
- Resources;
- Competence;
- Awareness;
- Communication;
- Documented information.
The organization should maintain and manage documented information on health and safety objectives and plans.
All documented information should be available and appropriate for workers to have an overview of the hazards and risks of their job.

Note: “Document and record” have been replaced by “documented information.”

Clause 8: Operation

There are no significant changes; items are only made more specific and explicit compared to OHSAS 18001.
Includes requirements on:
- Operational Planning and Control;
- Management of Change;
- Outsourcing;
- Procurement;
- Emergency Preparedness and Response Plans.
Organizations must also guarantee that third-party processes affecting health and safety management systems are controlled.
Assurance must also be provided that goods and services are procured in compliance with the requirements of the OH&S management system.

Clause 9: Performance Evaluation

Considers requirements on:
- Monitoring
- Analysis and Evaluation
- Compliance Assessment
- Internal Audit
- Management Review
Determine what, how and when different issues need to be monitored, measured, analyzed and evaluated.
Establish, implement and maintain a process to monitor, measure and evaluate the performance of the OH&S management system.

Clause 10: Improvement

Considers requirements on:
- Incidents
- Nonconformities
- Corrective Actions
- Continual Improvement

Note: Preventive Actions are no longer a requirement of the standard.

Are you interested in learning more about ISO 45001 after reading this article? If so, please take a look at additional content that we have created on this topic!

SoftExpert Blog