ISO 45001 Consultation. What to Know Before You Start.

If you've been looking into ISO 45001 certification for your business, you've probably already realised it can feel like a lot to take in. The standard itself is detailed, the language is technical and knowing where to start or whether you even need outside help can be confusing.

That's where an ISO 45001 consultant comes in.

In our previous blog, we covered what ISO 45001 actually is, what it replaced (OHSAS 18001) and why it matters. This time, we're going deeper into the practical side of things: what an ISO 45001 consultant does, what the process looks like and how to decide if it's the right move for your organisation.

What Does an ISO 45001 Consultant Do?

An ISO 45001 consultant helps your business build, implement and maintain an occupational health and safety management system that meets the requirements of BS EN ISO 45001:2018. They act as a guide, translating the standard's requirements into practical steps that work for your specific business.

It's worth pointing out that an ISO consultant is not the same as a certification body. The consultant helps you get ready, the certification body (which must be UKAS-accredited in the UK) carries out the independent audit that leads to your certificate. These two roles need to be kept separate, a consultant cannot audit you for certification and vice versa.

A good consultant will typically help with:

• Carrying out an initial gap analysis to see what you've already got in place and what's missing.

• Developing policies, procedures and documented information that meet the standard's requirements.

• Identifying your organisation's hazards, risks and legal obligations under the clauses.

• Setting up processes for worker consultation and participation (a key feature of ISO 45001, covered under Clause 5.4).

• Preparing you for internal audits and the Stage 1 and Stage 2 certification audits.

• Providing ongoing support after certification to help with surveillance audits and continual improvement.

The idea is that you're not left trying to interpret 40+ pages of standards language on your own.

What Does the ISO 45001 Certification Process Look Like?

Understanding the steps involved can take a lot of the mystery out of the process. Here's a breakdown of what typically happens:

1. Gap analysis — The consultant reviews your current health and safety arrangements against the requirements of ISO 45001. This highlights where you're already doing well and where the gaps are. It gives both you and the consultant a clear starting point.

2. System development — Based on the gap analysis, the consultant works with you to build or adapt your OH&S management system. This includes things like your health and safety policy, risk assessment processes, emergency procedures, objectives and how you manage documented information.

3. Implementation — Your management system gets rolled out across the business. Workers at all levels need to understand their roles and processes like hazard identification, incident reporting and internal communication need to be up and running.

4. Internal audit — Before the certification body visits, you'll need to conduct an internal audit to check your system is working as intended. A consultant can either carry this out for you or train your team to do it.

5. Stage 1 audit — The certification body reviews your documentation and readiness. It's a desk-based review and the output is a report highlighting any areas that need attention before Stage 2.

6. Stage 2 audit — This is the full on-site audit. The auditor will talk to your team, look at your evidence and check that your system is actually working in practice. If everything stacks up, you get your certificate.

7. Surveillance audits — After certification, you'll have annual surveillance audits (and a full recertification audit every three years) to confirm you're maintaining compliance and continually improving.

The whole process typically takes between 6 and 12 months depending on the size and complexity of your organisation and how much you already have in place. Smaller businesses with solid existing H&S arrangements can often move through it faster.

Can You Implement ISO 45001 Without a Consultant?

Yes, it's absolutely possible. If you've got someone in-house with the right knowledge, particularly experience with ISO management systems and occupational health and safety legislation, you can do it yourself.

That said, most businesses find it a challenge for a few reasons. The person leading the project usually has a full-time role already and ISO implementation has a tendency to slip down the priority list when day-to-day pressures take over. There's also the risk of over-complicating things. Without experience of what auditors actually look for, it's easy to produce mountains of documentation that nobody uses.

A consultant brings objectivity, pace and practical experience. They've seen what works (and what doesn't) across different industries and can keep you on track without reinventing the wheel.

How Much Does ISO 45001 Certification Cost?

This is one of the most common questions and there's no single answer. The cost depends on several factors, including the size of your organisation, the number of sites, how mature your existing H&S arrangements are and whether you need a consultant's help.

As a rough guide, costs generally fall into three areas:

• Consultancy fees — These vary depending on the scope of work. Some consultants charge a fixed project fee, others work on a day-rate basis.

• Certification body fees — The UKAS-accredited body that audits you will charge for Stage 1 and Stage 2 audits, plus annual surveillance audits. These fees are based on the size and risk profile of your organisation. It's a good idea to get quotes from at least two or three certification bodies.

• Internal costs — Staff time, any new equipment or systems, training and document preparation all have a cost, even if they don't show up as a line item on an invoice.

  
  

For small to medium-sized businesses, the total investment is often more manageable than people expect, especially when weighed against the benefits of fewer accidents, stronger tender performance and better legal compliance.

Common Questions About ISO 45001 Consultancy

Is ISO 45001 a legal requirement? No. ISO 45001 is a voluntary international standard. However, UK businesses are still legally required to manage health and safety under the Health and Safety at Work etc. Act 1974 and supporting regulations. ISO 45001 provides a structured framework that helps you meet those obligations more effectively.

What's the difference between ISO 45001 and general H&S compliance? General compliance means meeting your legal duties, things like risk assessments, COSHH, fire safety and training. ISO 45001 takes that further by requiring a formal management system with clear objectives, leadership commitment, worker participation, performance evaluation and a cycle of continual improvement (the Plan-Do-Check-Act model). You can read more about related topics on our blog.

How do I choose the right ISO 45001 consultant? Look for someone with relevant qualifications (such as a BSI Lead Auditor certification), practical industry experience and a track record of helping organisations through to certification. Ask whether they have experience in your sector, the hazards in construction, for example, are very different from those in an office environment. A good consultant will tailor the system to your business rather than handing you a stack of generic templates.

What happens if we fail the certification audit? It's rare for a well-prepared organisation to fail outright. If the auditor finds nonconformities, you'll be given time to address them before the certificate is issued. Your consultant should be helping you avoid surprises by conducting thorough internal audits beforehand.

How DuoDynamic Safety Solutions Can Help

At DuoDynamic Safety Solutions, we provide hands-on ISO 45001 consultancy for businesses across Yorkshire, London and the wider UK. Whether you're starting from scratch or already have elements in place and need a gap analysis to get you over the line, we can help. Our lead assessors hold BSI Lead Auditor qualifications and works across construction, manufacturing and corporate sectors.

We also support businesses with risk assessments, fire safety, CDM consultancy, COSHH assessments, H&S policy development and ongoing retainer packages. If you'd like to talk through your options, get in touch for a no-obligation conversation.