Home > News > What is ISO 45001? (And Why Should It Matter to CEOs?)

What is ISO 45001? (And Why Should It Matter to CEOs?)

June 17, 2021

Reprinted from the Indiana Manufacturers’ Monthly Newsletter.

By: Ashly Insco, CHMM
Senior Vice President and Practice Leader – Health & Safety, T&M Associates

What is ISO 45001? (And why should it matter to CEOs?)

According to the Occupational Health and Safety Administration (OSHA), each year, while more than 4 million suffer from serious work-related injuries and illnesses. The International Standardization Organization, along with health and safety experts from dozens of countries, established ISO 45001 to help improve safety for workers and workplaces across the globe. ISO 45001 is a globally accepted standard and management framework designed to reduce workplace risks and enhance health and well-being at work.

ISO 45001’s introduction in 2018 substantially changed the landscape of the workplace. CEOs should stronglyconsider establishing a health and safety management system based on this new standard. CEOs should also strongly consider using third-party certification for the system to ensure its credibility, and more importantly, to have an objective party evaluate how effectively the system drives health and safety improvements.

Establishing an ISO 45001 management system is a means for creating and implementing best safety practices within businesses. This new standard can also greatly enhance a company’s brand and will likely become essential to companies engaged in business-to-business operations, as more entities around the world adopt the standard. CEOs considering implementing and becoming certified in ISO 45001 should take the following factors into account.


ISO 45001 builds and improves upon earlier safety standards

This new standard will supersede OSHAS 18001, a standard formerly accepted in 130 countries, by September 30, 2021. Like OSHAS 18001, ISO 45001 requires demonstration of process-based continual improvement in a company’s health and safety performance. If the system is certified, third-party surveillance audits must be completed to maintain certification.

Past safety standards typically only considered the risk of one portion of a work task. For example, if a worker were to paint a piece of equipment in a workplace, former safety standards or systems would examine whether the paint contained any compounds that could place the worker at risk from exposure. Conversely, the more wholistic, process-based approach of ISO 45001 considers every aspect of a work task to determine risks to workers. Are there risks associated with workers transporting the paint to the equipment? Are there risks associated with workers responsible for cleanup after the task? Are there risks associated with the equipment itself? ISO 45001 also examines other workplace factors outside a particular task, such as overall workload and work hours, as well as social factors like harassment or remote work, to assess risks to workers.

Whereas OSHAS 18001 primarily considered risks, ISO 45001 examines risks and opportunities to establish objectives to continually improve safety performance. A safety objective for the example task may be to eliminate paint with dangerous chemical compounds, or to establish a plan to automate transporting the paint. The ISO 45001 standard is based on a “Plan, Do, Check and Act” process. Companies first plan the system via deep dives into processes and establish action plans around objectives necessary to meet organizational safety goals. After implementing the plans, companies then monitor, check or audit performance compared to the plans. Finally, companies implement corrective and preventative plans to improve safety practices based on the data gathered.


ISO 45001 requires the leadership of CEOs and the collaboration of many other stakeholders

Safety practices often remain in the hands of a safety or human resource department; however, ISO 45001 requires chief executives and senior management to lead the improvement of a company’s safety practices, as well as to collaborate with all departments and internal stakeholders across a company. The standard may also involve critical external stakeholders, such as unions and company partners. ISO 45001 is designed to eliminate disassociation within a company and to integrate safety practices across all management levels and departments. Integration of ISO 45001 into current quality and/or environmental management systems will drive efficiencies, consistencies, and foster a more robust safety management system as the ISO framework is the same as the past standards of ISO 9001 and ISO 14001. This is especially critical for ISO 45001 recertification because third-party auditors will search for continuing improvements in a company’s safety practices once the company has adopted the standard. These continual improvements are only possible if an entire company, along with other critical stakeholders, are involved in the process.


ISO 45001 may be required to stay competitive in your field

Adopting and becoming certified in ISO 45001 is voluntary for companies; however, there are obvious safety benefits to the new standard. Continually improving safety practices will result in a company being better prepared for future health risks, whether these stem from workplace accidents, potential disasters, or even an evolving pandemic. Certification can also help expand a company’s market share, as these new safety benefits can greatly enhance a company’s brand.

ISO 45001 may be even more critical to retaining a company’s current customers. The standard has been widely implemented across Europe, but C-suite executives and upper managers of many U.S. businesses have not even heard of ISO 45001. Companies that are unaware of the standard are losing customers who now require the entities they do business with to be certified in ISO 45001. Adopting this standard has become more critical as the global economy becomes more integrated and interconnected.

Establishing a robust safety management system in conformance with the ISO 45001 standard that will obtain certification generally requires nine to fifteen months depending on a company’s resources, complexities, and its workload. Consultants with vast process experience that are certified as Lead Auditors can provide technical assistance needed to establish this system, as well as assist in obtaining third-party certification of the system.

Adopting the ISO 45001 safety standard requires a commitment of time, energy, resources, and the collaborative efforts of many stakeholders, and doing so will not only greatly improve a company’s safety practices, but also ensure a company remains competitive in an ever evolving global economy.