BM TRADA Client Area Consultants Logo Library
Get a quote

Health and Safety Management

ISO 45001

ISO 45001:2018 is one of the International Standards for Occupational Health and Safety.

ISO 45001: Occupational Health and Safety Standard

What is ISO 45001?

ISO 45001 is the world’s international standard for occupational health and safety, issued to protect employees and visitors from work-related accidents and diseases. ISO 45001 certification was developed to mitigate any factors that can cause employees and businesses irreparable harm. Its standards are the result of great effort by a committee of health and safety management experts who looked closely at a number of other approaches to system management including ISO 9001 and ISO 14001. In addition, ISO 45001 was designed to take other existing occupational health and safety standards, such as OHSAS 18001, into account  as well as the ILO’s labor standards, conventions and safety guidelines.

Especially geared toward senior management, ISO 45001 has the ultimate goal of helping businesses provide a healthy and safe working environment for their employees and everyone else who visits the workplace. This goal can be achieved by controlling factors that could potentially lead to injury, illness and in extreme situations even death. As a result, ISO 45001 is concerned with mitigating any factors that are harmful or that pose a danger to workers’ physical and/or mental well-being.

Sadly, thousands of workers lose their lives each day to preventable instances of adverse workplace conditions. In fact, according to the ISO and International Labour Organisation  or ILO more than 2.7 million deaths occur globally due to occupational accidents. And in addition to that there are 374 million non-fatal injuries each year, resulting in 4 or more days absences from work.

According to many health and safety experts including the professionals who worked on the ISO committee  ISO 45001 represents a landmark breakthrough. For the first time internationally, businesses of all sizes can now access a single framework that offers them a clear pathway to developing better and more robust occupational health and safety measures.

ISO 45001 is heavily informed by OHSAS 18001 not a simple revision or brief update. Read on to see what organizations of all types and sizes need to do to maintain compliance and achieve ISO 45001 certification.

ISO 45001 has seen a 97.3% increase in worldwide certificates in 2020, showing the growth and importance of UKAS accredited certification in recent times. Statistics straight from the most recent ISO Survey.

Looking to implement an ISO 45001 management system? Not sure where to start? Take a look at our ISO 45001 Implementation Guide here.

How To Get Certified To ISO 45001

Helps you with

  • Worker Safety
  • Risk Management
  • Risk Reduction
  • Injury Prevention
  • Enhanced Occupational Health Measures
  • Statutory Identification and Compliance Evaluation
  • Improve Productivity
  • Enhance Organizational Safety Culture

ISO 45001 — The Fundamentals

ISO 45001:2018 is the replacement to OHSAS 18001 and is the international ISO standard for Occupational Health and Safety Management Systems (OHSMS).

Not only has the standard superseded OHSAS 18001, it makes integration with other management systems simpler than ever before; because it shares the new common structure defined by Annex SL, it is directly aligned with the 2015 versions of ISO 9001 and ISO 14001. 

You can find more information about this standard and the differences to OHSAS 18001 in the NQA ISO 45001 Gap Guide below. Please note: Existing NQA OHSAS 18001 clients can get migration support and can download the gap analysis document that must be completed prior to a migration audit.

Benefits of Health & Safety Certification

Reduced operating costs icon

Reduced operating costs

Less down-time due to incidents and ill health and lower costs from legal fees and compensation means money saved.

Improved stakeholder relationships icon

Improved stakeholder relationships

Make the health and property of staff, customers and suppliers more of a priority and people will respond.

Legal compliance icon

Legal compliance

Understand how statutory and regulatory requirements impact your organisation and its customers.

Improved risk management icon

Improved risk management

Identify potential incidents and implement controls and measures to keep risk as low as possible, protecting employees and customers from harm.

Proven business credentials icon

Proven business credentials

Independent verification against a globally recognised industry standard speaks volumes.

Customer satisfaction and safety icon

Customer satisfaction and safety

Meet customer requirements consistently whilst safeguarding their health and property.

Win more business with SSIP icon

Win more business with SSIP

This occupational health and safety standard is recognized by Safety Schemes In Procurement (SSIP) within the construction industry.

Corporate Social Responsibility icon

Corporate Social Responsibility

Implementation of a structured management system can aid demonstration of CSR and organizational culture.

Is ISO 45001 certification right for me?

If you have certification to OHSAS 18001 you will need to migrate to ISO 45001 to maintain the validity of certification. There is the normal 3 year migration period so there is still time to plan your move over to ISO 45001 certification.

ISO 45001 is right if you and your organization need to demonstrate a commitment in managing the safety of workers and interested parties. If you have already implemented a quality or environmental management sytem aligned with the Annex SL structure ISO 45001 can be integrated smoothly. Organizations that implement ISO 45001 need:

  • a clear management structure with defined authority and responsibility

  • defined objectives for improvement, with measurable results

  • a structured approach to risk assessment and reduction

Health & safety management failures, performance and the review of policies and objectives should be regularly monitored to ensure improvements and business benefits are realised and prioritised accordingly.

ISO 45001 terminology and definitions

In ISO 45001 certain terms have been defined for clarification, these include ‘Risk’, ‘The Worker’, 'The Workplace' and ‘Hazard Identification’.

Risk. A universal definition of the term ‘Risk’ is clarified in ISO 45001 as the meaning of this varies in some countries. The issue of hazard identification is that it is currently very manufacturing, and hardware orientated, when more and more of us are working in services. 

The term ‘Hazard Identification’ is covered by the terms ‘risk identification and ‘risk control’ to ensure we encompass all potential hazards applicable to all industries and sectors.

The Worker. There are differences in the definition of this term and various legal constraints around this term in different countries – in the context of ISO 45001, ‘The Worker’ is defined as the person performing work or work-related activities that are under the control of the organization.

Workplace. This is now defined as the place under the control of the organization where a person needs to be or to go for work purposes.

Steps to Certification

  1. Step 1

    Complete a Quote Request Form so we can understand you and your business. We will then use this to personally prepare a proposal for your certification and define what is known as your 'scope of assessment'.

  2. Step 2

    We will then contact you to book your assessment with an NQA assessor. It consists of two mandatory visits that form the Initial Certification Audit. Please note that you must be able to demonstrate that your management system has been operational for a minimum of three months and has been subject to a management review and a full cycle of internal audits.

  3. Step 3

    Following a successful stage two audit, a decision is made. If positive, your certification will be issued by NQA, with both a hard and soft copy of the certificate awarded. Certification is valid for three years and maintained through surveillance audits (years one and two) and a recertification audit in year three.

See more details

H&S Toolkit

ISO 45001 FAQs

Integrated Quote Request Form

ISO 45001 Migration Timeline

ISO 45001:2018 Migration Video

ISO 45001 Migration Gap Guide

ISO 45001 Implementation Guide

Download Certification Logos

Annex SL Comparison Tool

Gap Analysis

GDS Technologies Case Study

Shredall Case Study

Is Your Management System Integrated?

Ready to start your journey?

We'll give you a clear indication of the costs of gaining and maintaining certification.
Not ready yet? Call us on 0800 052 2424 or request a callback to discuss your certification requirements.
  • What is ISO 45001? 

    ISO 45001:2018 is the international ISO standard for occupational health and safety management systems (OHSMS) that has replaced OHSAS 18001. Created by a committee of health and safety management experts, ISO 45001 was designed with the strengths and weaknesses of many other occupational health and safety standards in mind.  

    How does ISO 45001 differ from OHSAS 18001? 

    Although ISO 45001 has many similarities to its predecessor, it is distinct from OHSAS 18001. 

    ISO 45001 aims to help businesses protect workers and guests from work-related accidents and diseases. The standard provides guidance that senior management can use to create a safe working environment, control factors that cause illness and injury, preserve workers' physical and mental well-being, and reduce business risk. 

    Why is ISO 45001 important? 

    Workplace safety remains a serious concern for employees and employers alike. According to the International Organization for Standardization, 153 people experience workplace injuries every 15 seconds. In serious cases, unsafe working conditions can even lead to death. 

    ISO 45001 is important because it aims to prevent workplace accidents, illnesses and fatalities. The committee responsible for writing ISO 45001 identified gaps in OHSAS 18001 and aimed to address them in the new standard. ISO 45001 will also work to standardize occupational health and safety management across borders, which has been difficult with the multiple versions of OHSAS in place internationally. 

    What Are The Benefits Of ISO 45001 Certification? 

    ISO 45001 builds and expands on the foundation of OHSAS 18001 and is designed to integrate more easily with other revised ISO management standards, such as ISO 14001 and ISO 9001. When effectively implemented, ISO 45001 will integrate with operations naturally. ISO 45001 is flexible and capable of meeting the needs of the business while protecting workers and delivering improvement. 

    In addition to improved worker safety and reduced risk, benefits of ISO certification include: 
    • Improved relationships with employees, customers, suppliers and other stakeholders 
    • Reduced downtime and lower operating costs 
    • Better reputation and consumer trust 
    • Potential tax benefits 

    Who Should Get ISO 45001 Certification? 

    ISO 45001 certification is a good idea for any business that needs to mitigate safety risks and demonstrate a verifiable dedication to preventing work-related illnesses, injuries and deaths. This includes small and large businesses and businesses in various industries. Some examples of industries that should consider ISO 45001 certification include automotive, construction and healthcare. You should also consider ISO 45001 certification if you currently hold OHSAS 18001 certification. 

    At NQA, we provide ISO certification for businesses in a wide range of industries and sectors. 

    What Is The Difference Between Improvement and Continuous Improvement In ISO 45001? 

    The phrase used in the standard is continual improvement, which means stepped improvement over time, not continuous. A range of changes can contribute towards improvement, including training, revisions to processes, achievement of objectives and performance goals. 

    Is ISO 45001 Just A Watered-Down Version of OHSAS 18001? 

    No, ISO 45001 is not just a watered-down version of OHSAS 18001. ISO 45001 uses an established structure based on an effective management model. It is designed to be used as part of a business management system. ISO 45001 emphasizes workforce participation, expands focus on worker health and safety programs and implements other changes. 

    What Are The New Requirements In ISO 45001? 

    ISO 45001 does come with new and updated requirements. This is an important output of Clause 4.2, which is of interest to the parties and the reason for an effective evaluation of the compliance process. It would be prudent to have robust processes in place that include compliance obligations associated with identified interested parties within your context. For example, a new document, IAF MD22, was released in January 2018. This document directly affects your certification body and may likely affect your organization, too. Make sure that your communication process includes staying current with the compliance/obligation needs and expectations of your certification body. The next significant revision is underway, with publication of a new version expected in 2027.  

    Sign up to InTouch for updates as and when they're available.  
     
  • How Can You Earn ISO 45001 Certification?

    To get ISO 45001 certification, your organization will need to implement the standard and complete the auditing and certification process with an accredited third-party certification body like NQA. The initial certification process involves a two-stage audit, and maintaining certification requires yearly surveillance audits and recertification every three years.

    If you're transitioning to ISO 45001 from OHSAS 18001, the process may look slightly different and must be completed by the March 2021 deadline.

    How Much Does ISO 45001 Certification Cost?

    The cost of ISO certification depends on a range of factors, including audit duration, organization size, scope of risk, current level of compliance, and more. To get an accurate idea of direct certification costs, request a quote from your third-party certification body. At NQA, we offer competitive rates and never charge hidden fees.

    Get a quote

    How Much Notice Do You Need To Give NQA To Change A Standard OHSAS 18001 Surveillance Into A Transition Audit?

    Please give as much notice as possible — not only to allow NQA to make arrangements, but for clients to undertake the mandatory GAP analysis and implement the revisions and changes that may be necessary prior to the NQA migration assessment. The system should be mature enough to demonstrate it is effectively implemented and achieving the required outcomes at the point of assessment.

     

  • How has the definition of "worker" changed?

    In ISO 45001, "worker" is an all-inclusive phrase that includes workers of all levels within the organization as well as those who are not directly employed, such as contractors and outsourced service/product suppliers. As all organizations are unique, it's important to consider this change and respond as appropriate for the system and audit.

    What do "risk," "workplace," and "hazard identification" mean in ISO 45001?

    In ISO 45001, the terms "risk," "workplace," and "hazard identification" are precisely defined to support effective occupational health and safety management:
    • "Risk" in ISO 45001 refers to the combination of the likelihood of a work-related hazardous event or exposure and the severity of injury or ill health that can result from that event or exposure.
    • "Workplace" is broadly interpreted in ISO 45001. It includes any physical location where work-related activities are performed under the control of the organisation.
    • "Hazard identification" is the proactive and systematic process of recognising sources, situations, or acts within or related to the workplace that have the potential to cause injury or ill health. ISO 45001 requires organisations to consider routine and non-routine operations, emergency situations, people and processes involved, workplace design, changes in organisation, knowledge of hazards, and previous incidents when identifying hazards.

  • How should you determine risks and opportunities?

    When the organization understands the needs and expectations of interested parties and strategic corporate requirements, it can then use the knowledge to assess any risks and opportunities that may be present and then take action to address them.

    Is There A Minimum Requirement For What Legislation Registers and Aspects and Impacts Registers Must Contain?

    There is no minimum requirement for what these registers must contain. The contents are based on the business activity, geographical location and local/national enforcement requirements. Each organization is unique. If you have questions about what you should include, please contact us.

    How can local risks (e.g., earthquakes, tornadoes) be addressed within the emergency plan?

    If these are requirements of enforcement agencies or interested parties, then they will need to be considered and planned for. However, these plans may also be part of other emergency considerations and responses, such as business continuity plans and responses.

  • Does ISO 45001 replace other certifications (e.g., ISO 9001/14001)?

    No, ISO 45001 does not replace the need for other certifications such as ISO 14001 and ISO 9001. ISO 45001 is designed for OHS systems, and although they follow the same system structure, ISO 14001 and ISO 9001 focus on different disciplines — Environment and Quality.

    If ISO 45001 requirements are met, does that mean OHSAS 18001 is also met?

    ISO 45001 expands and builds on the foundations of OHSAS 18001. Therefore, meeting the requirements of 45001 is overall in place, but the way 18001 is written is different and requires documented procedures and other subtle changes. So, you may not automatically meet the requirements of both standards.

    Can you still get OHSAS 18001 certification after 45001's release?

    Although it was possible to be accredited to OHSAS 18001 up to September 2021, you can no longer apply for certification. NQA would advise looking at the migration timeline for key milestone dates that may help with making the decision, specifically regarding the ultimate migration that will be required to maintain certification.

    Should organisations keep management systems separate or integrate?

    It all depends on client needs, available resources and objectives. ISO 45001 adopted the annex SL framework and, therefore, is designed to efficiently integrate with other management systems by reducing redundancies.

     

  • How does the client application process work for Stage 2 audits?

    A stage two assessment to ISO 45001 will not need further applications, as it will already be against the requirements of ISO 45001. If you have questions about our process, please contact NQA online today.

    Do you need a management representative for ISO 45001?

    No, ISO 45001 does not require a designated "management representative" as was required by OHSAS 18001. ISO 45001 shifts accountability and leadership for the occupational health and safety management system directly to top management, rather than allowing delegation of this responsibility to a single person. While an organisation may still appoint a person or team for day-to-day coordination, top management must now be actively engaged and demonstrate leadership, commitment, and integration of health and safety into company-wide processes. This approach ensures broad ownership, better employee engagement, and more robust continual improvement.

    What about continual audit/recertification requirements?

    ISO 45001 requires ongoing internal audits and periodic third-party recertification audits to maintain certification. The management system must be reviewed regularly to ensure its suitability, adequacy, and effectiveness—typically through a “management review” process led by top management. Most certification bodies require a full recertification audit every three years, with annual surveillance audits in between. Results, findings, and improvements from these audits must be documented and appropriately shared with staff and, where relevant, worker representatives.