The Ultimate Guide to ISO 45001

Using the ISO 45001 standard for your organisation can help to provide a suitable framework for managing your occupational health and safety (OH&S) and help to meet any legal requirements that you may have for workplace health and safety in your specific sector or industry.

You are not required by law to implement ISO 45001 or any other similar OH&S Management System. However, using the framework can lead to many benefits for your business, and understanding what ISO 45001 is and how it is implemented can help unlock these benefits – here’s why.

ISO 45001 helps organisations improve workplace safety and minimise employee injuries. It provides a comprehensive framework for building an effective Occupational Health and Safety Management System (OHSMS). This framework helps to identify and mitigate risks and to monitor workplace health and safety.

ISO 45001 follows the ten-clause format commonly used by Annex SL. It is designed to give organisations a clear and defined set of requirements for implementing the OH&S standard into their management system.

The clauses of ISO 45001 are:

1. Scope
2. Normative references
3. Terms and definitions
4. Context of the organisation
5. Leadership and worker participation
6. Planning
7. Support
8. Operation
9. Performance evaluation
10. Improvement

Clauses 1-3 provide the necessary information to help a user understand the standard, and clauses 4-10 contain the requirements that must be applied to the OH&S Management System to meet the standard and become ISO 45001 certified.

ISO 45001 replaced OHSAS 18001 in 2018 as the international standard for Occupational Health and Safety Management Systems. It’s a more comprehensive framework with a more proactive approach and aligns with other standards such as ISO 9001 and ISO 14001.

A Health and Safety Management System is the same as an OH&S Management System. It’s a structured framework designed to manage and mitigate safety risks while fostering employee well-being in the workplace.

It outlines processes to identify hazards, assess risks and implement measures to prevent accidents and illnesses. A Health and Safety Management System includes processes for:

• Setting health and safety policies
• Planning and implementing safety initiatives
• Monitoring performance
• Continually improving safety practices

By following ISO 45001 requirements, organisations can systematically improve their health and safety performance, comply with legal requirements and reduce workplace incidents.

ISO 45001 certification is appropriate for all organisations, regardless of size, industry or risk type.

If your organisation requires a clear OH&S Management System, a proactive approach to evaluating and improving OH&S performance and a structured risk assessment and reduction process, ISO 45001 is likely to be suitable for you.

Equally, if your organisation already implements many of the approaches above to OH&S, it’s possible to achieve ISO 45001 certification and integrate it into your pre-existing workplace OH&S Management System.

It is compulsory to follow government legislation, such as Health and Safety at Work etc. Act 1974. However, while ISO 45001 certification isn’t mandatory, many businesses choose to achieve certification for the many benefits it brings.

Health and safety-related incidents cost UK businesses millions every year in medical and legal costs. Between 2022 and 2023, 35.2 million working days were lost due to work-related illness and workplace injury.

By understanding what ISO 45001 is and implementing it, organisations can proactively establish measures to help prevent incidents, reduce costs and improve workplace safety. The standard could also help you to meet any legal requirements that you may have in your specific sector or industry, from construction to manufacturing and transportation.

There are many benefits to becoming ISO 45001-certified and implementing a certified Occupational Health and Safety Management System in your organisation.

Improve the OH&S performance of your organisation

The most obvious benefit of ISO 45001 is that you could reduce the risk of accidents and injuries with a structured framework for identifying and mitigating workplace hazards.

Demonstrate a clear commitment to health and safety

Another key benefit of ISO 45001 certification is demonstrating a clear commitment to workplace safety. This can enhance stakeholder and client trust and improve your chances of winning new business.

Promote clearer communication

Implementing ISO 45001 promotes internal communication across all organisational levels, encouraging collaboration to pursue safer and healthier working conditions. This approach benefits everyone involved and can facilitate acceptance of your safety initiatives.

Increased employee engagement

Another benefit is increased employee engagement. As your employees are most likely to be directly affected by health and safety policies, involving them in creating OH&S policies can make them feel more valued. In turn, they could be more engaged and more productive.

Lower costs

Improving OH&S performance can help lower costs such as insurance premiums, as well as costs associated with the disruption and downtime that workplace hazards can bring.

Comply with health and safety regulations

ISO 45001 helps organisations comply with government and industry-specific health and safety regulations. This can reduce legal risks and help organisations avoid costly non-compliance penalties or legal costs from potential lawsuits if an incident occurs.

Align with other ISO systems

ISO 45001 aligns with other OH&S Management Systems, such as ISO 9001 and ISO 14001. This allows organisations to build an effective, efficient workplace health and safety management system relevant to their risk type and specific organisational needs.

ISO 45001 signifies a strong commitment to health and safety, both internally and externally. It does so by providing a comprehensive framework for managing occupational risks.

Implementing this standard demonstrates that an organisation prioritises employee well-being and safety through systematic risk identification, assessment and mitigation.

Understanding what ISO 45001 is from a compliance perspective shows dedication to meeting legal requirements and maintaining a safe work environment. The standard encourages continual improvement and employee participation, fostering a proactive, ever-evolving safety culture.

Achieving certification can also enhance an organisation’s reputation. It signals to stakeholders, clients, and employees that health and safety are priorities, building trust and credibility within the industry.

The process for becoming ISO 45001 certified involves two assessments.

The first assessment evaluates your Occupational Health and Safety Management System and all processes. It can highlight areas that require improvement or non-compliance with ISO 45001 requirements.

The second assessment will take place later to determine whether your OH&S Management System meets the certification requirements. This is the final step in successfully achieving certification.

Because ISO 45001 aligns with other standards, such as ISO 9001, ISO 14001 and ISO 27001, your OH&S Management System can be implemented alongside them simultaneously. This can be included as part of our certification process.

Find out more about what ISO 45001 is and how to become certified.

1. Get ready for certification

As a first step, it is important to become familiar with ISO 45001 requirements. These are essential for structuring your OH&S Management System efficiently.

You will need to conduct a gap analysis to identify areas of non-compliance and opportunities for improvement in your current OH&S Management System when compared with ISO 45001 standards. As a starting point, you may want to download our free ISO 45001 checklist and evaluate where the gaps might be.

After this, you can develop an implementation plan, train employees on health and safety practices, and establish documentation to meet the standard’s requirements. We have a range of ISO 45001 training courses designed to support all levels of expertise.

Get the official ISO 45001 standard documentation from the International Organisation for Standardization (ISO).

2. Gather documentation

Proper documentation is essential for an effective and ISO-compliant OH&S Management System. This documentation acts as a record of your organisation’s occupational health and safety goals, processes, steps towards certification and direct results.

Key documents include:

• Your OH&S scope
• Occupational health and safety policies
• Risk reports and mitigation plans
• Roles and responsibilities
• OH&S objectives

All documentation must be accessible and available to read when any relevant person requires it.

3. Put your OH&S Management System into action

You can now begin rolling out your compliant, documented OH&S Management System. As you do so, it’s key to communicate all changes clearly so that employees understand their responsibilities and follow the new processes.

Any employee challenges should be addressed promptly throughout the rollout, and resources should be provided freely.

4. Undergo an internal audit

An internal audit is essential for the success of an integrated OH&S Management System, and this must be undertaken before your Stage 2 assessment.

A qualified in-house or external auditor can conduct this internal audit of your OH&S Management System to identify areas that do not comply with ISO 45001 requirements.

You should consider the internal audit’s findings and make necessary improvements and adjustments before your Stage 2 assessment to ensure your management system meets ISO 45001’s requirements.

Top tip: Developing an audit schedule and checklist can support you in maintaining your system’s effectiveness and comprehensiveness.

5. Complete the certification process

The certification process begins with a Stage 1 assessment, where an independent certification body will conduct an assessment of your management system and provide you with an audit report that highlights any gaps between what you have in place and what the standard requires – this is often referred to as a gap analysis report.

Once you have addressed any gaps identified in the Stage 1 assessment, you can schedule the certification audit, called the Stage 2 assessment, with your chosen certification body. This involves thoroughly evaluating your OH&S Management System against ISO 45001 requirements.

Successfully passing this audit demonstrates your organisation’s commitment to risk management and maintaining a secure, safe working environment. As a result, you will enhance your organisation’s reputation among stakeholders and new clients.

Once you have achieved ISO 45001 certification, continual improvement is key. To maintain your certification, we’ll arrange an annual assessment to ensure it remains current.

The time it takes to achieve ISO 45001 certification depends on several factors, including:

• The size and complexity of your organisation
• How much you already have in place
• The resources you have available to work on your management system

The average timeframe for the certification process is 3-6 months, but some clients complete the entire process within a few weeks and others closer to a year – every organisation is unique!

To speed up the certification process, consider appointing a designated representative within your organisation responsible for overseeing it and preparing for assessments well in advance.

Your organisation must undergo a recertification audit every three years to maintain your ISO 45001 certification.

However, our expert auditors will also conduct an annual assessment to ensure your Occupational Health and Safety Management System continues to comply with the requirements of the ISO 45001 standard.

The cost of becoming ISO 45001-certified depends on a variety of factors, including:

• The size of your organisation
• The resources you already have in place
• How many members of staff there are in your business
• Any relevant industry requirements
• The certification body you choose to work with

When selecting the right ISO certification body to work with, look for hidden costs that impact your budget.

To help you avoid the common pitfalls that businesses often experience we have developed a free “ISO Buyer’s Guide” for you to download.

For a more accurate estimate of what your organisation should budget for in order to achieve ISO 45001 certification, contact us for a quote.

Choosing the right certification body for ISO 45001 certification involves several key considerations.

First, ensure the body is accredited by a recognised accreditation body, confirming that it meets global standards. For example, British Assessment Bureau is accredited by UKAS – the UK’s only government-endorsed body for ISO certification.

Assess their experience and reputation in your industry to ensure they understand your organisation’s specific sector challenges.

Consider the costs involved, including initial certification and ongoing surveillance audits, to ensure they fit your budget. Be cautious of quotes with very low fees, as they may indicate a short or inflexible contract.

You may also want to investigate what the certification body’s previous clients say, reading their reviews regarding customer service and support, communication methods, reliability and client satisfaction levels.

Read more about the importance of UKAS accreditation for certification bodies.

5-star Feefo customer satisfaction

Our customers are so happy with our service that 97% have given us 4- or 5-star reviews. We are proud to hold an ‘Exceptional’ Feefo rating – awarded to businesses with a rating of at least 4.5 out of 5 stars. You can read the independent reviews here.

Undergoing the ISO 45001 certification process can be a complex journey. But with the right support, it’s achievable for organisations of all shapes and sizes.

British Assessment Bureau has supported businesses in achieving certification for over twenty years. During this time, we’ve identified the areas clients most commonly struggle with. As part of our certification services, we have developed a wide range of resources to make the process less daunting.

Training

Our experienced auditing team has developed a wide range of training programmes that can be delivered online or in person. They cover all levels of support, from beginner to ISO expert.

Find out more about our training programmes.

Third-party consultant support

While we have certified thousands of organisations without the need for a consultant, we understand that some may not have the resources or timescales to build a management system themselves. That’s where ISO consultants can prove valuable.

As a UKAS-accredited certification body, we cannot offer consultancy, but we can connect you with some of the consultants our clients work with.

Find an ISO consultant for your certification journey.

British Assessment Bureau can provide your business with expert support throughout the ISO 45001 certification process. Our auditors are with you from the initial audit to your recertification audit three years later.

We promise no hidden costs and transparent pricing at each step. We also offer the option to pay by Direct Debit over 6 months (established businesses only).

Get started on your journey to ISO 45001 certification – get a quote today or contact our team to discuss your needs.