ISO 45001 Certification Process: A Comprehensive Guide

Organisations in high-risk sectors such as oil, construction, and manufacturing or within global supply chains are under growing pressure to prioritise occupational health and safety. ISO 45001 certification provides a framework for organisations to implement an effective safety management system (SMS) from legal adherence to cultivating a culture of ongoing enhancement.

This blog will dive into the ISO 45001 certification process, from understanding the standard to implementation and maintenance.

What Is ISO 45001?

Countless lives are tragically lost every day as a result of work-related accidents or preventable fatal illnesses. ISO 45001 strives to help organisations prevent such occurrences. ISO 45001 is an international standard that sets the criteria for organisations' occupational health and safety (OH&S) management systems to reduce workplace risks, prevent work related injury and improve overall employee well-being. So, how does it help in preventing workplace fatalities?

This includes identifying potential hazards and risks in the workplace, implementing controls to eliminate or minimise these risks, and regularly evaluating and reviewing the system's effectiveness.

The International Organization for Standardization (ISO) developed and published this new standard in 2018. It replaced the previous OHSAS 18001 and AS 4801 standard and is designed to be compatible with other ISO management system standards.

The key focuses of ISO 45001, which differentiates it from the previous standards, include:

• Leadership Commitment: One of the differences with ISO 45001 is top management's increased involvement and accountability in the management system. This means that leadership plays a crucial role in creating a culture of health and safety within an organisation.
• Risk-Based Approach: ISO 45001 takes a proactive approach to managing occupational health and safety risks. It requires organisations to identify potential hazards, assess the level of risk, and implement controls to eliminate or reduce these risks.
• Worker Involvement: Workers participating in OHS management are more attentive to potential hazards and contribute to continuous improvement. ISO 45001 requires the involvement of workers at all levels of the organisation.
• Compliance and Continuous Improvement: ISO 45001 requires organisations to comply with all relevant laws and regulations related to occupational health and safety. It fosters a culture of continual improvement, motivating organisations to consistently assess and enhance their OH&S management systems.

Key Requirements of ISO 45001

The key essential requirements of ISO 45001 include:

• Development of OHS Policy and Objectives: Organisations must establish occupational health and safety policies and objectives to guide their OH&S management system
• Risk Analysis: Conducting risk assessments to identify occupational health and safety hazards and analyse associated risks within the organisation
• Worker Participation: Ensuring active involvement and consultation of workers and their safety representatives in the planning, implementation, evaluation, and improvement of the OH&S management system
• Compliance with Legal Requirements: Identifying and complying with applicable occupational health and safety regulations and other OH&S requirements
• Training and Awareness: Providing training to all workers on occupational health and safety, OH&S policies, objectives, and emergency procedures relevant to their work
• Emergency Preparedness: Developing preparedness plans for potential emergencies that may impact occupational health and safety within the organisation
• Performance Monitoring and Evaluation: Establishing systems for monitoring and evaluating OHS performance, compliance with legal requirements, and the effectiveness of the OH&S management system
• Internal Audits and Management Review: Internal audits are used to evaluate the OH&S management system's effectiveness and conduct management reviews for ongoing improvement.
• Incident Reporting and Corrective Actions: Developing procedures for reporting, investigating, and taking corrective actions to manage incidents, non-conformities, and improve the OH&S management system

Plan-Do-Check-Act (PDCA) Cycle

The Plan-Do-Check-Act (PDCA) cycle is a structured approach and cornerstone of the ISO 45001 standard. This method comprises four pivotal phases: Plan, Do, Check, and Act. It offers organisations a structured and iterative framework to strategise processes, execute them, evaluate results, and instigate enhancements.

1. PLAN: This phase, which is part of Clause 6 of ISO 45001, involves understanding the organisation's context, identifying health and safety hazards, assessing risks, and planning for risk control measures. This stage also includes setting objectives, establishing the OH&S policy, and allocating resources.
2. DO: In this phase, the organisation implements the plans developed in the previous stage to achieve its OH&S objectives.
3. CHECK: The check phase involves monitoring OH&S performance against established objectives, OHS policy, legal requirements, and audit results. Use OHS Performance Monitoring to get the most out of your OH&S performance with metrics and dashboards.
4. ACT: Based on the results of the check stage, actions are taken to improve processes or address any non-conformities identified.

ISO 45001 Certification

Like all other ISO standards, organisations can seek certification for ISO 45001 to demonstrate their commitment to improving OH&S performance. Certification involves thoroughly assessing the organisation's OHS management system by an accredited third-party certification body. This certification process assures that an organisation's OHS management system meets the requirements of ISO 45001 and is effectively implemented. Companies adopting ISO 45001 can decide whether to pursue certification.

ISO 45001 certification benefits organisations of all sizes and industries. It is essential for companies with high-risk work environments or those responsible for their employees' safety, physical and mental health, and well-being, such as those in the construction, manufacturing, healthcare, transportation, and mining industries.

Documented Information to Get ISO 45001 Certified

Documented information refers to documents and records organisations must manage and maintain, encompassing the data and its storage medium. These records and documents act as proof of compliance with ISO 45001.

• Scope, key operational processes, policies, and objectives of the OH&S management system
• Responsibilities, accountabilities, and authorities within the OH&S management system
• Methodologies and criteria for risk assessment
• OH&S process for addressing risks and opportunities
• OH&S objectives and plans
• Relevant OH&S communications
• Emergency preparedness and response plans
• Audit programs and results
• Records of incidents, actions taken, or non-conformities
• Evidence of the outcomes of continual improvement efforts

Step-by-Step Guide to Certification

To obtain ISO 45001 certification, the process typically involves the following key steps:

Learn About the Standard

Understand the requirements of ISO 45001 and any other relevant international standards if applicable. This includes familiarising yourself with the standard's terminology, principles, and structure.

Perform Gap Analysis & Initial Review

Conduct a thorough gap analysis to determine where your organisation currently stands with the requirements of ISO 45001. Gap analysis is a strategic planning tool to determine where a business is currently and where it aims to be. It involves comparing actual performance with potential or desired performance levels.

For instance, if a company seeks to reduce workplace injuries by 30% within a year, a gap analysis includes:

• Evaluating current injury rates and incident trends
• Identifying weaknesses in hazard identification or risk assessment procedures
• Assessing the effectiveness of incident reporting and investigation mechanisms
• Determining gaps in safety training and worker competency
• Outlining steps to address identified weaknesses (e.g., implement more robust hazard controls, improve safety training, strengthen incident investigation processes).

The gap analysis will help identify areas needing improvement or additional attention before pursuing certification. Reviewing your current occupational health and safety practices is essential to determine potential gaps or weaknesses. This can include reviewing policies and procedures, conducting employee interviews, and performing on-site inspections.

Planning Phase

Once the gap analysis and initial review have been completed, developing a plan for addressing any identified gaps is crucial. This could involve implementing new policies and procedures, training employees, or changing existing systems or processes. The goal is to ensure that your organisation meets the requirements to get ISO 45001 certified.

Implementation Phase

Documenting processes, training employees, operational controls, and monitoring performance are all crucial steps in the implementation phase. Like in the PDCA cycle, this phase is where you put your plan into action. This is also an excellent time to involve all employees in the process, as their input and cooperation will be essential for successful implementation.

Checking Phase

This phase involves regularly monitoring and evaluating the effectiveness of your OH&S management system. This could include internal audits, monitoring and measurement, performance evaluation and management review. Use a checklist or tracking system to promptly complete all necessary tasks and address issues.

Audit the OHS Performance

Choose a certification body and schedule an external audit to assess your OHS management system. Be sure to have all necessary documentation and evidence prepared for the auditor. This is also an excellent time to make final adjustments or improvements to your system and prepare for the Registration Audit by a Registrar.

Achieve Registration

To become registered, you'll need to select a Registrar for an external audit of your OH&S management processes. This audit verifies your compliance with ISO 45001 system requirements. The auditor may identify areas where improvements are needed, known as nonconformities. Addressing these nonconformities is a critical step towards achieving registration. After successful certification, you can expect regular surveillance audits (every 6 or 12 months) to ensure ongoing compliance. As an ISO 45001 certified organisation, you can then promote your commitment to occupational health and safety.

Tips for a Smooth Certification Process

Emphasise securing management buy-in

Secure a commitment from senior management to prioritise occupational health and safety. Management's leadership and support are crucial for implementing ISO 45001 across the organisation.

Allocate Sufficient Resources

Allocate adequate resources, including time, budget, and personnel, to facilitate the effective implementation of ISO 45001 requirements. Investing in resources upfront can prevent delays and ensure a smoother certification process.

Involve employees at all levels in the certification process

Encourage participation, solicit feedback, and empower employees to take ownership of occupational health and safety initiatives. Engaged employees are more likely to embrace the changes brought about by ISO 45001.

Establish robust document management processes

Establish a document management system to ensure the accurate creation, distribution, and maintenance of documentation required for ISO 45001 compliance. This includes identifying responsible parties for each document, implementing version control procedures, and regularly reviewing and updating records. Centralised document control helps prevent versioning errors and ensures accessibility to relevant stakeholders.

Choose a reputable and accredited certification body

Research potential certification bodies thoroughly and select one that aligns with the organisation's values and objectives. Verify their accreditation and experience with ISO 45001 to ensure they can provide a thorough and reliable assessment. Certification by an accredited body demonstrates the organisation's commitment to meeting international occupational health and safety management standards.

Benefits of Getting ISO 45001 Certified

While certification can be lengthy and not mandatory, the benefits far outweigh the investment. ISO 45001 certification shows that your organisation is dedicated to creating a safe and healthy work environment. Furthermore, you will benefit from:

Enhanced Reputation and Brand Image

ISO 45001 certification powerfully positions your organisation as a leader in health and safety excellence. This commitment has tangible business benefits:

• Enhanced Reputation & Trust: Demonstrates to customers, partners, and stakeholders that you prioritise workplace safety and well-being. This strengthens your reputation as a responsible and ethical business.
• Competitive Advantage: Sets you apart in the market, especially in industries where safety is paramount. Certification can be a deciding factor for potential clients and help you win lucrative contracts.
• Improved Employee Morale: Fosters a culture of safety where employees feel valued and protected, promoting positive engagement and lower turnover.
• Potential Outcome: A government contractor aims to increase compliance with safety regulations and improve their chances of winning tenders. ISO 45001 certification could give them a significant competitive edge. Many government tenders mandate or heavily favour contractors with proven safety management systems. Certification demonstrates their ability to meet and exceed regulatory requirements, enhancing their reputation in this competitive field.

Better Supplier and Partner Relationships

ISO 45001 certification sets a recognised standard for occupational health and safety. This can serve as a valuable criterion when selecting suppliers and business partners. Certified companies demonstrate a shared commitment to safety, potentially leading to:

• Increased Trust & Collaboration: Alignment on safety standards fosters greater trust and smoother collaboration within your supply chain.
• Reduced Risk: Minimise potential disruptions due to safety incidents at your suppliers' facilities.
• Enhanced Reputation: Your own commitment to safety extends throughout your network, boosting your reputation as a responsible business partner.

Potential Outcome: Imagine a logistics company with ISO 45001 certification seeking to expand its network of suppliers. They could prioritise certified partners, creating a more streamlined and reliable supply chain. This could lead to reduced delays, improved on-time delivery, and ultimately, increased customer satisfaction.

Opportunities for Innovation and Continual Improvement

ISO 45001 provides a structured framework to continually assess and improve your health and safety management system. This emphasis on continual improvement can generate:

• Proactive Problem-Solving: Fosters a culture where employees are encouraged to identify potential safety hazards and proactively suggest solutions.
• Data-Driven Decision Making: Promotes the use of data and metrics to track safety performance, driving informed improvements and targeted innovation efforts.
• Competitive Advantage: By continually enhancing safety systems and practices, you can gain operational efficiency and outpace competitors.

Potential Outcome: A mining company leveraging ISO 45001's focus on continual improvement to collaborate with employees on developing new hazard mitigation technologies. This could not only improve workplace safety but also result in patentable innovations that could be commercialised, creating a new revenue stream.

Streamlining Your Certification Journey

While ISO 45001 doesn't mandate a specific manual, having well-structured documentation provides several advantages:

• Clarity and Consistency: Organised documentation clarifies your safety policies, procedures, and responsibilities, ensuring consistent implementation across your organisation.
• Demonstrating Compliance: Clear documentation helps demonstrate your commitment to the standard’s requirements during audits.
• Knowledge Preservation: Documents capture your safety practices and processes, ensuring continuity even during personnel changes.
• Efficiency: Well-defined documents can streamline training, incident reporting, and overall safety management.

Ready to Simplify Your Documentation?

Let us support you in creating clear, effective documentation tailored to your organisation's needs. Our document solutions will help you navigate the ISO 45001 certification process with ease.

Look no further than SafetyDocs by SafetyCulture.

SafetyDocs is Australia's most trusted safety document provider, offering users a comprehensive library of customisable templates. These templates comply with ISO standards and are continually updated to reflect the latest industry best practices.

Explore our collections to help you comply with ISO 45001.

• AS/NZS ISO 45001:2018 Internal Audit Checklist
• Checklists, Forms & Registers
• Safety Management Systems
• Emergency Response Management Plans

Contact us for tailored product recommendations and take the first step towards getting ISO 45001 certified.

Our team of experts is dedicated to providing accurate and informative content. Craig Cruickshank, our senior HSEQ advisor at SafetyDocs by SafetyCulture has reviewed this blog post to ensure the highest level of quality.

Learn more about Craig's work on LinkedIn for more industry insights.

Available for instant download and supplied in fully editable MS Word format for use in your business.

Please note that the above information is provided as a comment only and should not be relied on as professional, legal or financial advice.