This post first appeared on Risk Management Magazine. Read the original article.
Until about a decade ago, the safety profession focused primarily on the use of lagging indicators to determine whether a company had a good safety program. Over time, however, the profession has significantly shifted its attention toward leading indicators, coupled with a strong examination of safety and health risks present within a company. This evolution of the safety profession to a risk-based prevention mode analysis has now culminated in the development of the ISO 45001 safety and health risk management standard. Risk managers should understand how implementing ISO 45001 can help their organizations achieve and maintain safety cultures that will help protect their employees, customers, vendors and business.
The Basics
Many are referring to ISO 45001 as the “gold standard” in safety and health risk management. Developed by safety and health experts from around the globe working collaboratively, ISO 45001 is an international consensus and certification standard for occupational safety and health that is also recognized by the American National Standards Institute.
Finalized in March 2018, the new standard provides a framework that can help organizations significantly enhance safety and health programs, reduce workplace injuries and illnesses, improve employee productivity and work quality, and increase profitability.
The standard increases the emphasis on business leadership participation from past standards, tasking management teams with creating, facilitating, maintaining, evaluating and promoting safety risk management systems. It also requires worker involvement in the decision-making and evaluation processes. Additionally, the standard requires businesses to consider the safety risks at the worksite that impact “other interested parties,” such as contractors, neighbors, passers-by, suppliers and vendors.
ISO 45001 offers specifications and guidance to help risk managers enhance the performance of their workplace safety program. The developers of the standard wanted it to be applicable to any organization regardless of size, type or industry, so the requirements were designed to ensure that they could be integrated into any business management process.
Compatibility with Other Certifications
Businesses that hold other ISO certifications have an advantage when it comes to implementing ISO 45001. The new standard uses the same template or Annex SL framework that is used in ISO 9001 and ISO 14001, so if your organization is already ISO certified, you are already familiar with the procedures related to implementing, documenting and auditing such a standard.
OSHAS 18001, the British safety management certification standard, is currently used in about 130 countries, but it expires in 2021 and authorities have determined that ISO 45001 will replace it.
Businesses that operate as an OSHA Voluntary Protection Program site also have an advantage when implementing ISO 45001. Being a VPP site indicates an established commitment to workplace health and safety by top management and indicates that the organization has likely created a workplace culture focused on minimizing employee injuries and illnesses. ISO 45001 will help such businesses become even more proactive regarding employee safety.
Major Changes with ISO 45001
Like all ISO standards, ISO 45001 is a continuous improvement methodology, which means companies remain in a state of perpetual planning, implementing, analyzing and adjusting. The standard utilizes a “plan–do–check–act” cycle and requires much more extensive participation by leadership and workers than previously seen in other safety and health management systems.
Everything flows in and out of the planning stage. Companies develop a plan specifically tailored to the organization’s facility, which means any size company can earn certification. When planning, companies must ensure that all departments—including safety, operations, maintenance and quality—work together to determine what safety and health hazards exist at the worksite that could impact those different departments. The standard also looks beyond safety and health risks that can affect the employees at the site, examining risks that impact vendors, suppliers, contractors, the general public and even other companies located near the facility. In addition, companies must anticipate risks from nearby operators. For example, if a train track runs right next to its operations, a company needs to be prepared in the event a train jumps the track and endangers the health and safety of its workers.
ISO 45001 requires the use of specific performance metrics that assess whether the company is meeting its safety goals as outlined at the start of implementation. For example, how many safety observations are you making? How are they handled and how quickly? How many open ones do you have? How often does the safety team meet, and how quickly do you act upon their recommendations?
The greater emphasis on top management’s involvement includes analyzing such results and making improvements. The responsibility applies across leadership, not just to a specific person such as a safety director. This accountability results in a continuous improvement model that should dramatically improve any company’s safety and health program.
Onward Toward Certification
Implemented correctly, the benefits of achieving ISO 45001 certification include improved corporate culture, cost savings, increased worker productivity and product quality, and enhanced reputation among clients and the community.
Obtaining the new safety certification helps transform a workplace culture from “correction mode” to “prevention mode” while also continuing to meet business goals. In addition to driving operational cooperation and internal process improvement, obtaining the certification could help to expand customer base and/or market share should the day come when businesses at the top of the supply chain require vendors and suppliers to become ISO 45001 certified in order to continue their business relationships.
For organizations that want to work toward certification, the first step for risk managers is to conduct a gap assessment audit. Then, they need to develop an action plan for improvement, eliminate the exposed gaps and provide the resources to successfully complete the ISO 45001 certification audit. By implementing these steps, your business will make strides towards meeting sustainability goals, improving productivity, increasing profitability, and enhancing corporate image in the minds of investors, clients and the public.