When ISO 45001 was first published in March 2018, the three-year timeline to update your safety system seemed a long time away. Now, halfway through 2020, the March 2021 deadline looms.
What once allowed for a paced approach to ensuring your existing systems aligned to the new international standard is likely to feel decidedly frenetic in its application. And this is no overnight conversion job. You will need to ensure you’ve considered:
- the risk-based approach
- change in document system requirements
- process focus
- system integration into all business processes (yes, ALL business processes)
- human factors.
What’s more, this is no longer a responsibility that falls within the remit of management representatives alone. The legislation is unequivocal in its expectations, stating plainly, ‘Management shall…’
Perhaps part of the delay has been an understandable assumption that the majority of your business has operated along very much the same lines for years, and the migration will largely involve new requirements and deliverables, and how to integrate these into your current systems. If the last six months have taught us anything, it’s that we should always expect the unexpected.
The full scope of change
The following comparison briefly synopsises the precise differences between OHSAS 18001 and ISO 45001. Have you made all the necessary changes?
OHSAS 18001 |
ISO 45001 |
|---|---|
| 1 Scope | 1 Scope |
| 2 Reference publications | 2 Normative references |
| 3 Terms and definitions | 3 Terms and definitions |
| 4 Context of the organisation (title only) | |
| 4.1 Understanding the organisation and its context | |
| 4.2 Understanding the needs and expectations of workers and other interested parties | |
| 4 OH&S management system requirements (title only) | 4.3 Determining the scope of the OH&S management system |
| 4.1 General requirements | 4.4 OH&S management system |
| 5 Leadership and worker participation (title only) | |
| 5.1 Leadership and commitment | |
| 4.2 OH&S policy | 5.2 OH&S policy |
| 4.3 Planning (title only) | 6 Planning (title only) |
| 6.1 Actions to address risks and opportunities | |
| 6.1.1 General | |
| 4.3.1 Hazard identification, risk and determining controls | 6.1.2 Hazard identification and assessment of OH&S risks (title only)
6.1.2.1 Hazard identification 6.1.2.2 Assessment of OH&S risks and other risks to the OH&S management system 8.1.2 Hierarchy of controls 8.2 Management of change |
| 4.3.2 Legal and other requirements | 6.1.3 Determination of applicable legal requirements and other requirements |
| 6.1.4 Planning to take action | |
| 4.3.3 Objectives and programme(s) | 6.2.1 OH&S objectives
6.2.2 Planning to achieve OH&S objectives |
| 4.4 Implementation and operation (title only) | 8 Operation (title only) |
| 4.4.1 Resources, roles, responsibility, accountability and authority | 7.1 Resources
5.3 Organisational roles, responsibilities, accountabilities and authorities |
| 4.4.2 Competence, training and awareness | 7.2 Competence
7.3 Awareness |
| 4.4.3 Communication, participation and consultation (title only)
4.4.3.1 Communication 4.4.3.2 Participation and consultation |
7.4 Information and communication
5.4 Participation and consultation |
| 4.4.4 Documentation
4.4.5 Control of documents |
7.5 Documented information (title only)
7.5.1 General 7.5.2 Creating and updating 7.5.3 Control of documented information |
| 4.4.6 Operational control | 8.1 Operational planning and control
8.1.1 General 8.2 Management of change 8.3 Outsourcing 8.4 Procurement 8.5 Contractors |
| 4.4.7 Emergency preparedness and response | 8.6 Emergency preparedness and response |
| 4.5 Checking (title only)
4.5.1 Performance measurement and monitoring |
9 Performance evaluation (title only)
9.1 Monitoring, measurement, analysis and evaluation (title only) 9.1.1 General |
| 4.5.2 Evaluation of Compliance | 9.1.2 Evaluation of Compliance with legal requirements and other requirements |
| 4.5.3 Incident investigation, nonconformity, corrective action and preventive action (title only)
4.5.3.1 Incident investigation 4.5.3.2 Nonconformity, corrective action and preventive action |
10.1 Incident, nonconformity and corrective action |
| 4.5.4 Control of records | 7.5.1 General
7.5.2 Creating and updating 7.5.3 Control of documented information |
| 4.5.5 Internal audit | 9.2.1 Internal audit objectives
9.2.2 Internal audit process |
| 4.6 Management review | 9.3 Management review |
| 10 Improvement (title only) | |
| 10.2 Continual improvement | |
| 10.2.1 Continual improvement objectives | |
| 10.2.2 Continual improvement process | |
Perhaps the reason you’ve delayed is quite simple – sometimes, when you first read what you’re legally required to do, you don’t understand every single one of your obligations immediately.
But, it’s a stark reality: whether you employ one or 1 000 employees, you are obliged to comply with legislation. There is no negotiating the terms, and you cannot plead ignorance if (and when) something goes wrong.
Case study 1
A branch of a well-known reseller of liquid petroleum gas (LPG) cylinders to the public breached the municipal licence granted to it by also decanting LPG into smaller cylinders for its customers. This was at the urging of an employee by the name of Oosthuizen, who was motivated by both a desire to meet his sales targets and to avoid the looming threat of closure of the branch.
Generally, the decanting took place in the strong room, which was a terrible place for the activity, as there were no windows and zero ventilation – which meant gas was accumulating with nowhere to go. The result? There was an explosion, Oosthuizen sustained injuries, and he sued the company for damages.
During the case, evidence revealed that those decanting the gas had almost no idea of the dangers present as a result of the illegal gas decanting, and what’s worse, none of them – including Oosthuizen – had any training when it came to working with gas.
The law is clear, and so was the verdict against the reseller: ‘An employer who takes an employee into his service, and whose duties will involve working with a dangerous substance, has a duty to place that person on his guard against the dangers involved and should give such general safety instructions as a reasonably careful employer who has considered the problem presented by their work would give to his workmen.’ Pretty wordy, but the result is quite clear-cut – by failing to meet these requirements, the reseller was deemed negligent.
(Oosthuizen vs Homegas (Pty) Ltd 1992 (3) SA 463 (O))
Case study 2
A South African coastal tourist attraction suffered the hospitalisation of seven workers as the result of a chemical mix-up. Toxic chemical gases were released when a worker filling a drum mistakenly mixed hydrochloric acid with sodium hypo chloride (bleach), which released highly dangerous gases, resulting in the injuries. The Department of Labour (DoL) insisted the company provide proper training to ALL employees on how to handle hazardous chemical substances safely.
To avoid a situation like the ones above, let’s break down your essential obligations as an employer.
You must provide:
- a safe workplace and safe ways of working
- equipment, tools and machinery in a safe condition
- safe and hygienic facilities, including ablution facilities, eating areas and first aid services
- information, training and supervision to all workers
- a process for consultation with workers and to keep workers informed and involved in decisions affecting their health and safety
- processes for identifying hazards, and assessing and controlling risks.
Now another challenge arises: you know what you have to do; the question then becomes, how do you do it? The fact remains, when it comes to occupational health, safety and the environmental management, you cannot pick and choose what to comply with – if you fail to follow the law to the letter, there is no doubt that you – and your organisation – will be punished. Best-case scenario will see a suspension of company activities; worst case scenario? Prosecution, incarceration and/or severe financial penalties. Which means if you’re going to be successful – and compliant – your migration must take a phased, considered approach, from becoming aware of what has changed, to actually making the changes and implementation, and finally full conversion to the new system.
Four ways to ensure essential legal Compliance
- Identify minimum legal requirements with the assistance of an established risk management system
- Implement basic training on OHS and COID Acts, as well as specific legal liability training for management
- Establish legal registers
- Provide legal assistance during investigations, inquests, site visits from authorities in the event of legal action
Show me the money!
Aside from important legislative requirements, you also need to consider the requirements of your clients and partners – it is entirely likely that alignment to ISO 45001 will become a non-negotiable requirement of business, which will mean loss of income for those who aren’t aligned to the new system.
To help you comply and complete your migration, consider the following training options for you, your company, and its employees:
- ISO 45001: 2018 Introduction E-Learning
- ISO 45001: 2018 Implementation
- Combined ISO 45001: 2018 and 14001: 2015 Introduction
- Combined ISO 45001: 2018 and 14001: 2015 Implementation