.png)
If you've been researching health and safety management systems, you've likely come across ISO 45001. Perhaps your clients are asking if you are certified or maybe you're wondering whether your organisation should pursue certification.
What Exactly Is ISO 45001?
ISO 45001:2018 is the international standard for Occupational Health and Safety Management Systems (OHSMS). Published by the International Organization for Standardization, it provides a framework for organisations to manage health and safety risks proactively.
Think of it as a structured approach to keeping your workforce safe and healthy. Rather than reacting to incidents after they happen, ISO 45001 helps you identify potential hazards, assess risks and put controls in place before anyone gets hurt.
The standard replaced OHSAS 18001 in March 2021, bringing health and safety management in line with other ISO management system standards like ISO 9001 (quality) and ISO 14001 (environmental). This alignment makes it easier for organisations managing multiple management systems to integrate their processes.
How Did We Get Here? The Evolution from OHSAS 18001
Before ISO 45001, many organisations followed OHSAS 18001, which served the health and safety community well for nearly two decades. However, OHSAS 18001 wasn't an ISO standard, which created challenges for businesses trying to integrate it with other management systems.
ISO 45001 brought several improvements:
The standard uses the same high-level structure as other ISO management systems, making integration much simpler. It places greater emphasis on leadership commitment, safety can no longer be delegated to a single person while management focuses elsewhere. Worker consultation and participation became stronger requirements, recognising that the people doing the work often have the best insights into potential hazards.
ISO 45001 takes a risk-based approach throughout. Rather than focusing just on compliance, it asks organisations to consider their context, identify interested parties and manage risks in a way that suits their specific circumstances.
Who Would Benefit from ISO 45001?
You might benefit from ISO 45001 if your organisation works in high-risk sectors like construction, manufacturing or logistics. Many large contractors require their supply chain partners to hold ISO 45001 certification. You're experiencing health and safety challenges that traditional approaches haven't solved. Your organisation is growing and you need a structured approach to maintain safety standards across different sites or teams. You already hold other ISO certifications and want to integrate your management systems.
The Health and Safety Executive (HSE) doesn't mandate ISO 45001, but they do require employers to manage health and safety effectively. For many organisations, ISO 45001 provides the structure to meet these legal obligations consistently.
What Does ISO 45001 Actually Require?
The standard follows a Plan-Do-Check-Act (PDCA) cycle which is very logical and effective. A simple summary is as follows:
Understanding Your Context
You'll need to identify internal and external issues that affect your health and safety management system. This might include your workforce demographics, the nature of your work, regulatory requirements or stakeholder expectations. You're building a complete picture of your operational environment.
Leadership and Worker Participation
Top management must demonstrate commitment to health and safety, not by appointing someone else to handle it, but by actively leading the system. Workers must have mechanisms to participate in health and safety decisions and their input needs to influence actual outcomes.
Planning and Risk Management
The standard requires systematic hazard identification and risk assessment. You'll need processes to identify what could cause harm, evaluate the risks, and determine appropriate controls. Just as with manual handling, the goal is eliminating hazards where possible or reducing risks to acceptable levels where elimination isn't feasible.
Operational Controls
Your organisation must implement controls to manage identified risks. This includes everything from procurement processes to contractor management, emergency preparedness to management of change. The standard provides clear guidance on applying the hierarchy of controls: elimination, substitution, engineering controls, administrative controls and PPE.
Performance Monitoring and Improvement
You'll need to monitor your health and safety performance, conduct internal audits and hold management reviews. When things go wrong there must be processes for investigation, corrective action and continual improvement.
Is ISO 45001 Mandatory?
While the HSE doesn't require ISO 45001 specifically, UK employers have legal duties under the Health and Safety at Work Act 1974 and associated regulations. ISO 45001 provides a very good framework for meeting these obligations, but it's the legal requirements themselves that are mandatory not the standard.
Some sectors or clients may require ISO 45001 as a condition of contract. If you work in construction for example, principal contractors might require certification from their supply chain. Similarly, public sector tenders often include ISO 45001 as a scoring criterion.
Implementation: Time and Cost Considerations
One of the most common questions we hear is: "How long will this take and what will it cost?" ➡️ The honest answer is: it depends on where you're starting from and the commitment towards it.
If you already have a structured health and safety management system, you might implement ISO 45001 within 3-6 months. For organisations starting from scratch, plan for 12-24 months or in some cases even longer to develop, implement and embed the system before seeking certification.
Costs vary widely based on organisation size, complexity and whether you use external support. You'll need to consider:
· Gap analysis to identify what you already have versus what's required.
· Documentation development or revision.
· Training for management and staff.
· Internal audit programmes.
· External certification body fees (initial audit and ongoing surveillance).
However, these costs should be weighed against potential savings from reduced incidents and competitive advantages in winning new work.
Making Your Decision
Consider certification if: Your clients require it or would view it favourably. You operate in high-risk sectors where good safety management is critical. Your organisation is large or complex enough that structured systems are necessary. You want the external validation and competitive advantage certification brings. You struggle to maintain consistent safety standards and need a framework to improve.
You might not need certification if: Your operations are low-risk and simple to manage. You have effective health and safety arrangements in place that work for your organisation. You're a small business where informal processes are adequate. The cost of certification outweighs the benefits for your specific circumstances.
Remember you can implement the principles of ISO 45001 without seeking formal certification. The standard's approach to risk management, worker participation and continual improvement can benefit any organisation, regardless of whether you pursue the certificate.
Getting Started with ISO 45001
If you've decided ISO 45001 might be right for your organisation, where do you begin?
Start with a gap analysis to understand your current position against the standard's requirements. This provides a realistic picture of what work lies ahead and helps build your implementation plan. Review the ISO 45001 standard itself or ISO 45002, the guidance document, to understand what's required.
Commitment from top management, ISO 45001 won't succeed as a safety manager's solo project. You'll need resources, authority and visible leadership support. Involve your workforce early. Their knowledge of operational risks and buy-in to new processes will be needed for successful implementation.
Develop a realistic implementation plan that takes into consideration your organisation's capacity to absorb change. Trying to implement everything all at once usually leads to a paper system that doesn't reflect reality. Better to phase the work and drive in each element properly.
How We Can Help at DuoDynamic Safety Solutions
DuoDynamic Safety Solutions supports organisations throughout their ISO 45001 journey from initial gap analysis through to successful certification and beyond. Whether you need full implementation support or targeted assistance with specific requirements, we can help with ISO 45001 implementation, gap analysis and audit preparation, health and safety management systems development and other health and safety queries.
Want to discuss whether ISO 45001 is right for your organisation? Get in touch with our team at DuoDynamic Safety Solutions for a no-obligation conversation about your health and safety management needs.
