iso 45001 risk assessment methodology

ISO 45001 Clause 6.1.2.2 Assessment of OH&S risks

In this article, I’m going to cover ISO 45001 clause 6.1.2.2 Assessment of OH&S risks and other risks to the OH&S management system which falls under the overarching clause 6 Planning . I’m going to break this clause down and turn it into something you can all understand. You’ll then be able to apply this to your own organization's system and understand what the requirements will look like for you. No more guessing!

Before I move on too much further though, I do want to point out that the title of this clause refers to OH&S risks AND other risks to the OH&S management system . It’s pretty clear that the OH&S risks come from the hazard identification process covered in clause 6.1.2.1 (be sure to check that video out on ATOL.tv ) but what are the other risks to the OH&S management system ?

The other risks would have been identified earlier on in the standard more than likely when working through Clause 4.1 understanding the organization and its context and Clause 4.2 understanding the needs and expectations of workers and interested parties .

Other sections in the standard where other risks are identified would be Clause 6.1.3 Determination of legal requirements and other requirements and even possibly Clause 8.1 Operational planning and control. The point to take away here is that this assessment requirement is NOT just a result of hazards identified. It is a holistic assessment approach for all risks associated with the OH&S management system.

Ok, let’s get started with the nitty gritty of the clause requirements! I’m actually going to work backward for this clause and start off with the final paragraph as I think this will help us to understand points a) and b) a lot better.

So, the final paragraph of this clause states:

The organization’s methodology(ies) and criteria for the assessment of OH&S risks shall be defined with respect to their scope, nature and timing to ensure they are proactive rather than reactive and are used in a systematic way. Documented information shall be maintained and retained on the methodology(ies) and criteria.

First off when I read the words methodology and criteria I think of a risk matrix.

A risk matrix is a standard method I see out there when I’m auditing. Criteria can be aligned to the Likelihood and Consequence. The different levels in these parameters will differ based on each organization's hazards. Setting criteria for each will help to achieve ‘some sort of’ consistency. It will never be perfect and can still be subjective, however, it’s certainly a start.

So, to me, a methodology is to use a risk matrix that includes the criteria set by the organization. ISO 45001 guidance also states that methodologies can include ongoing consultation of workers (refer to our video on clause 5.4 for a refresher on this clause), and other methodologies including monitoring and communication of changed or new legal requirements as well as other requirements (refer to our video on Clause 6.1.3 to learn more about this clause). So it’s not only a ‘tool’ such as a risk matrix, it's also activities that you conduct within your OH&S management system.

And don’t forget that this methodology and criteria are required to be maintained and retained. So, we are looking for a procedure that tells us HOW we assess OH&S risks and what methodology and criteria are used. THEN we are also required to retain evidence of its use. This means we should expect to see an output such as a risk or hazard register – you can call it what you like really! It’s more about demonstrating that you have:

Identified hazards or other OH&S risks
Used the documented methodology and criteria to assess the risks
Documented what the risk rating is (which is essentially a demonstration of the assessment).

Now that we understand what methodology, criteria and documented information is required let’s go back to the beginning and see what the requirements are.

This clause kicks off with stating that

The organization shall establish, implement and maintain a process(es) to: a) assess OH&S risks from the identified hazards, while taking into account the effectiveness of existing controls. AND b) determine and assess the other risks related to the establishment, implementation, operation and maintenance of the OH&S management system .

Ok – so point a) we’ve already really covered – assess the OH&S risks from the hazards identified – and then it wants us to consider what controls are already in place when we do assess the risk. When we use our risk matrix, for example, our assessment of the Likelihood and Consequence should take into consideration any controls that are already in place.

So, if we’ve identified the hazard of power tools and when the power tools are used existing controls include:

a risk assessment on the tool itself
training and competence sign off

The risk assessment needs to consider how these existing controls will influence the Likelihood and Consequence of an incident or injury occurring. Make sense?

And then point b) is exactly what I explained way at the beginning of this video, it’s not just about assessing risks as a result of hazards identified. Assessment of risks is also required for all of the OH&S management system commencing with establishing the system, then implementing, the operational aspects, and of course ongoing maintenance. Assessment isn’t something we do once, it is an ongoing activity to ensure that the OH&S management system remains current and relevant to all activities.

Now that you have a better understanding of these requirements, it's time to take action and implement them in your own organization and ISO 45001 OH&S management systems.

If you'd like to learn more about ISO 45001, why not take a look at our other articles on the topic, starting with What is ISO 45001 and OHS Management Systems ?

If you prefer watching over reading, head to our ATOLTV ISO 45001 playlist on YouTube, either way, be sure to check out our range of ISO 45001 courses and qualifications today.

Understanding ISO 9001 Clause 7.5.1 General (Documented information)

Understanding iso 45001 clause 6.1.3 determination of legal requirements and other requirements, similar blog posts.

Defining ISO 45001 Clause 6.1.2.3

ISO 45001 Clause 8.1.2 Eliminating hazards and reducing OH&S risks

Understanding ISO 45001:2018 Clause 5.3 Organizational roles, responsibilities and authorities

ISO 45001 Clause 6.1.2 Hazard Identification and Assessment of Risks and Opportunities

Introduction.

The introduction of Clause 6.1.2 of ISO 45001, focusing on hazard identification and assessment of risks and opportunities, is a crucial aspect of occupational health and safety management systems. This clause plays a key role in helping organizations identify potential hazards and risks in the workplace, as well as opportunities for improvement. By effectively implementing this clause, businesses can create a safer work environment for their employees and enhance their overall performance. Let's delve deeper into the importance of Clause 6.1.2 of ISO 45001 and how it can benefit organizations striving for excellence in occupational health and safety.

ISO 45001 Clause 6.1.2 Hazard Identification and Assessment of Risks and Opportunities

Importance of Hazard Identification and Assessment of Risks and Opportunities

Hazard identification and assessment of risks and opportunities is a crucial aspect of occupational health and safety management, as outlined in ISO 45001 Clause 6.1.2. This process involves identifying potential hazards within the workplace that could cause harm to employees, visitors, or the environment, as well as assessing the level of risk associated with these hazards.

By conducting thorough hazard identification and risk assessments, organizations can proactively identify and mitigate potential risks before they escalate into incidents or accidents. This helps to create a safer work environment for employees and reduce the likelihood of injuries, illnesses, or damage to property.

Furthermore, by identifying opportunities for improvement through this process, organizations can enhance their overall health and safety performance, increase efficiency, and reduce costs. This proactive approach to risk management also helps organizations comply with legal and regulatory requirements related to occupational health and safety.

Overall, hazard identification and assessment of risks and opportunities is a fundamental component of a successful occupational health and safety management system, contributing to the well-being of employees, the reputation of the organization, and its long-term sustainability.

Steps to Effectively Identify Hazards and Assess Risks and Opportunities

Establish a Systematic Process for Identifying Hazards: Develop a structured approach to identify potential hazards in the workplace. This could include conducting regular workplace inspections, reviewing incident reports, and consulting with employees.
Identify all Potential Hazards: Consider both internal and external factors that could pose a risk to the health and safety of employees. This may include physical hazards, chemical hazards, ergonomic hazards, and psychological hazards.
Assess the Risks Associated with Each Hazard: Evaluate the likelihood and potential consequences of each hazard occurring. This will help prioritize which hazards require immediate attention and which can be addressed at a later time.
Determine the Opportunities for Improvement: As part of the risk assessment process, also consider any opportunities for improvement that could enhance the health and safety of employees. This could include implementing new technologies, training programs, or work practices.
Document the Hazard Identification and Risk Assessment Process: Keep detailed records of the hazards identified, the risks assessed, and the opportunities for improvement identified. This documentation will help inform decision-making and track progress over time.
Review and Update the Hazard Identification and Risk Assessment Process Regularly: Hazards and risks in the workplace can change over time, so it is important to regularly review and update the hazard identification and risk assessment process to ensure it remains relevant and effective.

Tools and Techniques for Assessing Risks and Opportunities

One of the primary tools for assessing risks and opportunities in the context of ISO 45001 Clause 6.1.2 is hazard identification. This involves identifying potential sources of harm or danger in the workplace that could result in injury, illness, or other negative consequences. To effectively identify hazards, organizations can use a variety of techniques, such as:

Workplace Inspections: Regular inspections of the workplace can help to identify potential hazards, such as unsafe working conditions, faulty equipment, or hazardous materials.
Job hazard analysis: This involves breaking down each job or task into individual steps and identifying potential hazards associated with each step.
Safety Data Sheets: Reviewing safety data sheets for hazardous chemicals or materials used in the workplace can help to identify potential risks and ensure that appropriate safety measures are in place.
Incident Reporting: Encouraging employees to report any incidents or near misses can help to identify hazards and prevent future accidents.
Risk Assessment Tools: Using tools such as risk matrices or risk registers can help organizations to systematically assess and prioritize risks based on their likelihood and potential impact.

Once hazards have been identified, organizations can then assess the associated risks and opportunities. This may involve considering factors such as the likelihood of harm occurring, the potential severity of the harm, and the effectiveness of existing controls in place.

By effectively identifying and assessing risks and opportunities, organizations can develop proactive strategies to manage and minimize risks, as well as capitalize on potential opportunities for improvement within the workplace.

Integrating Hazard Identification and Risk Assessment into Your Organization's Processes

Clause 6.1.2 of ISO 45001 outlines the importance of integrating hazard identification and risk assessment into an organization's processes. This involves systematically identifying hazards in the workplace, assessing the associated risks, and identifying opportunities for improvement.

To effectively implement this clause, organizations should establish a process for hazard identification, which may include conducting regular workplace inspections, reviewing incident reports, and consulting with employees. Once hazards are identified, organizations should assess the risks associated with each hazard, taking into account factors such as the likelihood of occurrence and potential consequences.

In addition to identifying and assessing risks, organizations should also consider opportunities for improvement. This may involve identifying areas where existing processes can be strengthened or implementing new measures to prevent or mitigate risks.

By integrating hazard identification and risk assessment into their processes, organizations can proactively manage workplace risks and create a safer and healthier work environment for their employees. Additionally, by identifying opportunities for improvement, organizations can enhance their overall performance and achieve their health and safety objectives.

Clause 6.1.2 of ISO 45001, which focuses on hazard identification and assessment of risks and opportunities, plays a crucial role in the overall occupational health and safety management system of an organization. By effectively identifying hazards and assessing risks, companies can prevent workplace accidents and illnesses, ultimately creating a safer and healthier work environment for employees. In this blog post, we will delve into the conclusion of Clause 6.1.2 of ISO 45001, discussing its importance and impact on organizational safety practices. Stay tuned to learn more about how this clause can help your company prioritize safety and mitigate potential risks in the workplace.

Safety Officer
Safety Quiz
Interview Q/A
Online Exam
Download PPT
Get Certificate Online
HSE Web Story
NEBOSH IDIP
Fire Engineering
Basic Safety
Construction Safety
Workplace Safety
Fire Safety
Crane Safety
Work At Height
Excavation Safety
Electrical Safety
Confined Space
Noise Safety
Vibration Safety
Scaffolding
Radiography
HSE Calculations & Formulas
Safety Slogan
Tool Box Talk
HSE Documentation
HSE Training
Risk Assessment
Safety Audit
Accident Investigation
Privacy Policy
Terms and Conditions

ISO 45001 Risk Assessment

Table of Contents

ISO 45001 Risk Assessment : Occupational health and safety is a top priority for organizations worldwide. Ensuring a safe and secure working environment for employees is not only a legal requirement but also a moral responsibility. One of the essential elements in this regard is the risk assessment process. This article will delve into the ISO 45001 risk assessment, providing a comprehensive example and guidance on how to perform it effectively.

The Importance of Risk Assessment in Occupational Health and Safety

Before we explore ISO 45001 risk assessment in detail, it’s crucial to understand why it’s of utmost importance in the realm of occupational health and safety. Risk assessment is the foundation upon which safety measures are built. By identifying potential hazards and evaluating associated risks, organizations can proactively prevent accidents and create a safer workplace.

Key Components of ISO 45001

ISO 45001 is an international standard for occupational health and safety management systems. To effectively conduct a risk assessment, you need to be familiar with the key components of this standard. ISO 45001 emphasizes a proactive approach to health and safety management, making it an essential tool for risk assessment.

ISO 45001 Risk Assessment: A Brief Overview

ISO 45001 risk assessment is a systematic and organized approach to identifying, evaluating, and mitigating risks in the workplace. It’s designed to protect the well-being of employees and ensure compliance with legal and regulatory requirements. This assessment allows organizations to tailor safety measures to their specific needs.

Understanding the Risk Assessment Process

The risk assessment process involves several critical steps. To get started, you need to identify hazards in the workplace. These can range from physical hazards like machinery to chemical hazards such as exposure to toxic substances.

Identifying Hazards in the Workplace

One of the primary tasks in ISO 45001 risk assessment is identifying hazards in the workplace. This step involves a thorough examination of the environment, processes, and materials used. By identifying potential hazards, organizations can effectively target their risk assessment efforts.

Evaluating Risks and Consequences

Once hazards are identified, the next step is evaluating the risks and potential consequences associated with them. This evaluation helps prioritize risks based on their severity and likelihood of occurrence.

Risk Assessment Tools and Techniques

There are various tools and techniques available to assist in the risk assessment process. These may include risk matrices, fault tree analysis, and failure mode and effects analysis (FMEA). Utilizing the right tool for your specific situation is crucial in ensuring a thorough risk assessment.

Creating a Risk Assessment Plan

To ensure a systematic and structured approach, it’s vital to create a risk assessment plan. This plan should outline the scope of the assessment, responsibilities of team members, and a timeline for completion.

Implementing Control Measures

Once risks are identified and evaluated, control measures need to be put in place. These measures can include implementing new safety protocols, providing training to employees, or altering work processes to reduce risk.

Monitoring and Reviewing Risk Assessments

Risk assessment is not a one-time process; it’s an ongoing commitment to safety. Monitoring and reviewing assessments regularly is essential to adapt to changes in the workplace and ensure continuous improvement in health and safety measures.

Case Study: ISO 45001 Risk Assessment Example

To illustrate the ISO 45001 risk assessment process, let’s consider a hypothetical case study. Imagine a manufacturing facility with heavy machinery. The risk assessment would involve identifying potential hazards associated with the machinery and evaluating the risks. Control measures might include regular maintenance, safety training, and machine guarding.

Benefits of ISO 45001 Risk Assessment

ISO 45001 risk assessment offers numerous benefits, including reduced workplace accidents, legal compliance, improved employee morale, and enhanced company reputation. It’s a proactive approach that ultimately saves organizations time and resources.

Common Mistakes to Avoid

In the world of risk assessment, there are some common pitfalls to avoid. These include overlooking certain hazards, not updating assessments regularly, and failing to involve employees in the process. Awareness of these mistakes can help organizations conduct more effective risk assessments.

In conclusion, ISO 45001 risk assessment is a fundamental process for ensuring occupational health and safety. By following the systematic approach outlined in the standard, organizations can create a safer and more secure work environment, protecting both employees and their reputation.

ISO 45001 SWOT Analysis

SWOT Analysis for Health and Safety Department

Safety SWOT Analysis

SWOT Analysis for Safety Officer

SWOT Analysis for HSE Management System

1. What is ISO 45001 risk assessment? ISO 45001 risk assessment is a systematic approach to identifying, evaluating, and mitigating risks in the workplace to ensure occupational health and safety.

2. Why is risk assessment important for organizations? Risk assessment is essential for preventing workplace accidents, ensuring legal compliance, and enhancing employee morale and company reputation.

3. What are the key components of ISO 45001? ISO 45001 emphasizes a proactive approach to health and safety management, making it a valuable tool for risk assessment.

4. How often should risk assessments be updated? Risk assessments should be updated regularly to adapt to changes in the workplace and ensure ongoing safety improvements.

5. What are some common mistakes to avoid in risk assessment? Common mistakes include overlooking hazards, not updating assessments regularly, and not involving employees in the process.

6.1.2 Hazard Identification and Assessment of Risks & Opportunities [ISO 45001 Procedure]

6.1.2.1 hazard identification.

Clause 6.1.2.1 of ISO 45001:2018 is identical to the hazard identification and risk evaluation in OHSAS 18001. The cornerstone of the OHMS is the hazard identification and risk assessment process. The importance of this section of the health and safety management system cannot be overstated.

Contents 6.1.2.1 Hazard Identification 6.1.2.2 Assessment of OH&S Risks 6.1.2.3 Assessment of OH&S Opportunities Hazard Identification & Risk Assessmen Procedure [Template download]

Use a Template for hazard identification, risk assessment and risk control to start the risk assessment process.

Before you begin, make a list of all the areas, activities, jobs, tasks that need to be risk assessed. For each of these areas and activities, use the Hazard Identification Register to identify if a hazard is present or not.

For each of the hazards identified in the checklist, complete the information required in the hazard identification register and Safety Risk Assessment forms , as appropriate.

Why Reinvent the Wheel?

Our Hazard Identification & Risk Assessment Procedure is proven to work.

Remember that the risk assessment part is just the prioritization mechanism to decide what actions to do first, and very careful attention needs to be placed on the hazard identification and risk control sections.

Ensure your organization’s hazard identification process considers:

Results of the context analyses (see 4.1 and 4.2 )
Overview of documented information
Routine and non-routine activities and situations
Human factors
New or changed hazards
Potential emergency situations
Changes in knowledge of, and information about, hazards

In Clause 6.1.1 , there is a new requirement to identify opportunities, as well as:

Consideration of workers at a location not under the direct control of the organization
Consideration of those in the vicinity of the workplace who can be affected by the activities of the organization;
Other issues including situations not controlled by the organization and occurring in the vicinity of the workplace that can cause ‘work-related’ injury or ill health

List the potential hazards or incidents that could happen while doing this process or job. A hazard is something with the potential to cause harm or injury. All hazards rated as 'Moderate' and 'Major' scores are considered significant and are prioritized for risk assessment in order to determine appropriate controls.

Consideration will have to be taken when developing your company specific road map (policy statement) to the avoidance and elimination of such hazards. In order to plan for hazard identification, risk assessment and control; the organization must identify and control risks associated with identified hazards associated with routine and non-routine activities.

Hazard identification and risk assessment form the core of the health and safety management system’s drive for control and improvement. What is important at this stage; is to understand the terms hazard and risk; these terms are commonly used, interchangeably in everyday conversation.

ISO 45001:2018 defines hazards as those things which have the potential to cause harm, and risks as those things which relate to the potential for harm to actually arise. A simple example might be to consider the electrical supply in a building. Electricity itself represents a hazard and provided the supply is live, the risk of electric shock remains.

These hazards and risks are best identified by understanding your business processes, identifying the tasks and activities where they arise and listing the inputs and outputs from each activity.

The key features of this clause are:

A procedure for identifying occupational hazards appropriate to a task
Evaluating the consequent risks and deciding which are significant
Identifying a level of risk which the organisation considers to be tolerable
Using this as a basis for setting objectives for improvement
Keeping the risk assessments and any improvement objectives up to date

This means that you need to document a procedure in sufficient detail to ensure a repeatable and consistent process.

There is also a need to keep sufficient records to show that the procedure has been effectively applied. It must cover the following situations:

Normal, i.e., current operations, planned maintenance activities (what happens most of the time)
Abnormal, e.g.; breakdown maintenance, out-of-control processes (planned but less frequent)
Potential emergency, e.g.; fire, explosion, spillages etc. (the things that could go wrong)
Planned changes (the ‘maintaining’ part of the requirement)

These can represent a wide range of issues, but it is essential they are all considered because your whole OH&S Management System will be focused on the output of this identification process and ranking for significance.

Auditors will test the process and its outputs for content, repeatability, accuracy, records, and later on, for the use of its outputs in focusing the direction and delivery of the health and safety management system.

Step 1: Look for Hazards

Walk around the work area, paying attention to activities and materials that have the potential to cause harm. Identify materials and substances; as well as equipment and tools.

Observe activities in the workplace as well as how people perform the activities.

Ask employees or representatives what they think and review applicable manufacturers’ health and safety data sheets.

Step 2: Decide Who Might Be Harmed and How

Groups of people that may be affected include operators, cleaners, contractors, maintenance personnel, members of the public, people sharing your workplace etc. Pay particular attention to young workers, inexperienced operators, disabled people, visitors and lone workers

Step 3: Evaluate The Risks and Decide Whether Current Controls Are Adequate

Consider how likely it is that each hazard could cause harm by using risk ratings to prioritize risk.

Determine whether or not you need to do more to reduce the risk and implement control measures (actions list) if the risks are not adequately controlled

Step 4: Record your Findings

Keep written records for future reference in order to demonstrate compliance to legal requirements (e.g.; manual handling, working in confined spaces).

Step 5: Review risk assessments and revise where necessary

Review and revise the risk assessment when there is any significant change (e.g.; new hazards arise due to new machines, substances and processes).

Regularly review the risk assessment to check that the precautions for each hazard still adequately control the risk and, if necessary, reassess the risk.

Don't Try To Manage It All Alone!

6.1.2.2 assessment of oh&s risks.

Processes for the assessment of risk to the OH&S management system must be available as documented information and must consider day-to-day operations and decisions (e.g.; peaks in work flow, restructuring) as well as external issues (e.g.; economic change).

Methodologies can include ongoing consultation of workers affected by day-to-day activities (e.g.; changes in work load), monitoring and communication of new legal requirements and other requirements (e.g.; regulatory reform, revisions to collective agreements regarding occupational health and safety), and ensuring resources meet existing and changing needs (e.g.; training on, or procurement of, new improved equipment or supplies).

The risk assessment should involve consultation with, and participation by, workers and take into account legal and other requirements. Risk assessment should be conducted by personnel with competence in risk assessment methodologies and techniques and appropriate knowledge of the organization’s work activities.

Having identified all hazards and associated risks which could impact on occupational health and safety, the process of rating the risks for significance can be carried out. This crucial process, together with a thorough knowledge of legal and other similar requirements, provide the foundations of the health and safety management system.

This assessment process is vital in determining the need for controls aimed at either reducing risk to levels deemed to be tolerable or meeting the requirements of legislation. The significance level (or risk rating) should then be used to prioritise actions. Remember that the importance of this process cannot be overestimated. If you get this process wrong, the whole system will be suspect.

The assessment of the severity of a health and safety risk drives management attention and supports planning for mitigation. Using a Health & Safety Risk Assessment form , a qualitative risk assessment scheme consisting of qualitative probability and impact scales is undertaken to ensure detailed understanding of the effects of each hazard and risk.

Risk Level (S1)

Likelihood (s2), severity (s3), significance score (s4), start with expert templates, then make them yours, 6.1.2.3 assessment of oh&s opportunities.

The process for assessment should consider the OH&S opportunities and any other opportunities determined, their benefits and potential to improve OH&S performance .

Opportunities to Improve OH&S Performance

Consideration of hazards and risks when planning and designing facilities, processes, plant and equipment, and materials
Modification of working processes including the alleviation of monotonous and repetitive work
Introduction of new technology to ameliorate high-risk activities
Collaborating in forums that focus on issues relating to occupational health and safety
Introduction of job safety analysis and task-related assessments
Implementation of permit-to-work processes
Implementation of ergonomic and other injury prevention-related assessments
Improvement of the occupational health and safety culture of the organization

Opportunities to Improve the Health and Safety Management System

Enhancing the visibility of Top management’s support for the OH&S management system
Improving worker consultation and participation in OH&S decision making
Enhancing the incident investigation process
Improving two-way communication on OH&S issues and promoting health and safety in the work place
Expediting corrective actions to address health and safety nonconformities
Implementing OH&S objectives with the same passion as other business objectives
Improving competency in identifying hazards, dealing with health and safety risks and implementing appropriate controls
Adopting a risk assessment approach to conducting health and safety audits and inspections
Viewing workers at all levels as a key resource of the organization
Ensuring that the management review promotes a strategic and critical evaluation of the health and safety management system

Related Information You Might Find Useful

Hazard Identification & Risk Assessment Procedure Explained (ISO 45001)
Video — ISO 45001 Clause 6.1.2 Hazard identification and assessment of risks and opportunities

Next ISO 45001 Clause

6.1.3 Legal and Other Requirements

Each ISO 45001 Clause Explained

Learn more about ISO 45001

Updated: 6th April 2022 Author: Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development. But most importantly he is ISO's biggest fanboy and a true evangelist of the standards. Learn more about Richard

Don’t Try to Manage It All Alone!

Our ISO Auditors and OH&S Trainers have been in this industry for years, and since 2002 we’ve been providing thousands of small businesses and large corporations with the tools they need to get certified.

Instead of trying to create everything you need to follow this process from scratch, use ours. We have procedures, templates, checklists, process maps, forms and gap analysis tools to help you control your documented information without missing a single input or output.

Before you invest all the hours reinventing the wheel, before you spend countless dollars outsourcing the task — try our templates.

Supplied as fully-editable MS Word or Excel files
All the templates use styles – making reformatting and rebranding a breeze
Immediate download

Are The Templates Suitable For You?

Bought by Small Businesses and Large Corporations our templates have been sold online and CD since 2002.

Small Businesses – dentists, accountants, engineers
Large organizations – hospitals, power plants, aircraft manufacturers

The Templates are used by first-timers following our step-by-step, clause-by-clause guidance documents; and experienced Quality Managers wishing to streamline and improve their existing documentation.

The application of our templates and OH&S manuals is scalable and generic ; regardless of the size and type of organization. The elements that form the Health and Safety Management System Template are the same.

Five Reasons To Choose Our Templates

1. Our customizable templates save you time and money by offering a streamlined process to create your quality documentation

2. They’ve got everything you need in one simple template

3. Proven to work our templates have helped thousands of businesses big and small achieve certification

4. Documents use styles to make reformatting and rebranding a breeze

5. Our templates are generalizable for any industry or sector . The application of our templates is scalable and generic ; regardless of the size and type of organization.

FAQs About Our Templates

Top 10 FAQs
Payment and Billing
Downloading and Delivery
Systems Requirements
License and Updates

Ask Us a Question

Enquiries [email protected]
Support [email protected]
Call 0845 054 2886 (UK only)

More Information

Client list

This website uses cookies to ensure you get the best experience on our website. Learn More Got it!

FREE Quality, Health and Safety, and HR Business Software Click < HERE > to Learn More and Download

THIS SITE CONTAINS NO GOOGLE OR SIMILAR TYPE ADS and NO CLICK BAIT LINKS

QHSE Support >( Site Map ) Health & Safety Guidance > ISO 45001:2018 Clauses > ISO 45001:2018 clause 6 >

ISO 45001:2018 Clause 6.1 Actions to address risks and opportunities

Clause 6.1 Breakdown

6.1 Actions to address risks and opportunities

6.1.1 General

6.1.2 Hazard identification and assessment of risks and opportunities

6.1.3 Determination of legal requirements and other requirements

6.1.4 Planning action

First thing to note about clause 6 is it includes additional sub-clauses not included in the documents main index!!!

The mind-map below includes the missing sub-clauses.

ISO 45001-2018 6.1 Actions to address risks and opportunities mind map, with missing clauses

The three new sub-clauses are all listed under clause 6.1.2 and include.

6.1.2 Hazard identification and assessment of risks and opportunities

6.1.2.1 Hazard identification

6.1.2.2 Assessment of OH&S risks and other risks of the OH&S management system

6.1.2.3 Assessment of OH&S opportunities and other opportunities for the OH&S management system

6.1.1 General

The mind-map below attempts to more clearly show the different areas of the standard that clause 6.1.1 makes direct or implied reference to.

Clause 6.1 Actions to address risk and opportunities is divided into 4 main sub-clauses, with 6.1.1 giving an overview of the planning requirements. Planning should be proportionate to the level of risk and the objectives of the organization. When determining the organization's risks and opportunities, the standard is looking to see that clause 4 context of the organization has been understood and used when taking into account;

• hazards

• OH&S risks and other risks

• OH&S opportunities and other opportunities

• legal requirements and other requirements

When considering hazards, it should not just be those probable to transpire, but also those with the most impact, i.e., those which can lead to the most significant risks to the organization.

This is about understanding the organization's internal and external OH&S issues, identifying interested parties and how they affect or are affected by the OH&S management system, knowing that the requirements only apply to the scope of your OH&S management system. Note: While your OH&S management system scope may limit requirements of the standard, it does not distract from legal responsibilities placed upon an organization by country-specific OH&S and other legislative documents.

In general, the clause is looking to assess the risks to the OH&S management system and to provide assurance that risks are managed and where realistic or essential opportunities for improvements are identified, they are implemented.

At the most basic;

• We are doing something.

• Have we identified and then eliminated, prevented or reduced risks.

• Did we take advantage of any opportunities.

This basic approach should be used where it is considered proportionate to the level of risk for the introduction or occurrence of:

• new or modified equipment, tools, processes, activities or staff

• new technologies

• changes to interested parties

• changes to work demands

• changes to suppliers

• infrequent and unscheduled work activities

• emergency situations

6.1.2 Hazard identification and assessment of risks and opportunities

6.1.2.1 Hazard identification

6.1.2.2 Assessment of OH&S risks and other risks of the OH&S management system

6.1.2.3 Assessment of OH&S opportunities and other opportunities for the OH&S management system

As is can be seen clause 6.1.2 is broken down into three parts which look at hazards and the risks and opportunities these hazards present.

ISO 45001:2018 6.1.2 Hazard identification and assessment of risks and opportunities

6.1.2.1 Hazard identification

The standard requires that an organization shall (i.e. mandatory) establish, implement and maintain a process(es) for hazard identification that is ongoing and proactive. Clause 3.19 defines a hazard as a 'source with a potential to cause injury and ill health. Clause 3.18 defines injury and ill health as; "adverse effects on the physical, mental or cognitive condition of a person". Where adverse effects include occupational disease, illness and death. We can therefore reliably conclude that a hazard is; "a source with a potential to cause adverse effect on the physical, mental or cognitive condition of a person".

We can also reliably conclude that hazard identification will be widespread across almost all of an organization's processes and activities. Typically these can include, but not be limited to:

• physical activities (e.g. manual handling, working at height)

• chemical, biological (e.g. oils, dusts, viruses, bacteria, harmful plants)

• psychosocial (e.g. stress, pressure, harassment, bullying, victimization, work-related violence, work conflicts)

• physiological (e.g. extreme temperatures, unpleasant or hazardous conditions)

• mechanical / electrical

ISO 45001:2018 6.1.2.1 Hazard identification typical areas

Hazard identification will need to cover normal and non-normal daily activities, e.g., holiday and absenteeism cover, or events that cause additional pressures on work schedules. It should also cover routine and non-routine activities, e.g., maintenance and breakdowns, including what happens when things don't go to plan, e.g., staff accidents or incidents, emergency protocols being implemented. The very nature of these non-normal events can lead to hazards in themself. For example, fire evacuations; If not managed in a controlled manner, could lead to risks to employees and the responding emergency services.

6.1.2.2 Assessment of OH&S risks and other risks of the OH&S management system

All organizations are free to manage their OH&S and other risks in a way that suits their own and possibly unique criteria. This, providing they also meet their statutory and regulatory requirements, which would in itself be a requirement of meeting ISO 45001:2018 accreditation. So organizations are free to choose their own appropriate way to assess risk (see clause 3.20 ), taking into account the activities they undertake and the latitude afforded them.

Many organizations will have generic risk assessments drawn up by OH&S specialists, hopefully with occupational knowledge of the industry sector. These generic risk assessments will normally have a degree of customization, not only for site details but also site-specific activities and hazards (see clause 3.19 ). This approach can provide consistency in the process (see clause 3.25 ) and paperwork across the organization, and possibly a proportion of cost-efficiency. This approach also needs to have an element of careful deliberation to ensure it fully considers the varying site activities.

As listed in 6.1.2.1 , risks can be associated with many different criteria, and the manner and methodology for recognising these risks will vary greatly. This is an area that generic risk assessments can sometimes fall short in meeting the necessary prerequisites.

Not all risks can be accessed using a standard severity verses likelihood health and safety risk assessment . These types of risk could include but not be limited to.

• failure to address the needs and expectations of relevant interested parties ;

• inadequate planning or allocation of resources;

• an ineffective audit programme ;

• poor succession planning for key roles; and

• poor engagement by top management .

risks of these kind, if not managed effectively may well cause more than just accreditation issues.

6.1.2.2 Assessment of OH&S risks and other risks of the OH&S management system non direct health and safety risks

However, the organizations' choices to implement risk management need to be in a systematic and proactive way, not a 'fire fighting' reactive based system. The approach to risk management adopted will need to be maintained as documented information with methodologies and criteria laid out.

6.1.2.3 Assessment of OH&S opportunities and other opportunities for the OH&S management system

The two main areas where opportunities for improvement can come from, OH&S performance and OH&S management. One hopes if you get the latter right, the rest follows...

Opportunities for OH&S performance are probably recognised more simply from day to day activities, which may not be directly referenced by the standard, but may well come from clause 5.4 Consultation .

OH&S performance opportunities can come from many areas; below are a few places to look:

• eliminating hazards (see Clause 3.19 ) and risks (see clause 3.20 )

• work processes, work site layout, environmental conditions

• procurement of goods and services

• introduction of new technologies

• introduction of automated machinery

• maintaining workers engagement in their activities

• eliminating worker fatigue

OH&S management performance, listed below are a few places to look:

• making top management’s support for the OH&S management system more visible, e.g. through communications such as social media or highlighting OH&S performance in strategic business plans;

• improving the organizational culture related to safety and training;

• enhancing incident investigation processes;

• increasing worker participation in OH&S decision-making; and

• collaborating with other organizations in forums which focus on OH&S.

6.1.2.3 Assessment of OH&S opportunities and other opportunities for the OH&S management system OH&S management performance opportunities

6.1.3 Determination of legal requirements and other requirements

Each organization will have to determine not only health and safety but also other legal requirements such as building, environmental etc. The extent of these legal requirements should cover the organization's hazards (see clause 3.19 ), OH&S risks (see clause 3.20 ) and OH&S management system (see clause 4.4 ), and will be partly based on the context of the organization (see clause 4.1 ) and any specific enforceable legislation of the country.

This example mind map shows some typical areas, however, each organization will have its own requirements to be met.

6.1.3 Determination of legal requirements and other requirements example area

The organizational will need to maintain as documented information its legal and other requirements and have processes in-place to ensure they remain compliant to these and any new requirements.

6.1.4 Planning action

This cause is about confirming you have plans in place to eliminate hazards (see clause 6.1.2.1 ), reduce OH&S risks (see clause 6.1.2.2 ), manage legal requirements and other requirements (see clause 6.1.3 ), and assess OH&S opportunities (see clause 6.1.2.3 ). When planning the management of hazards, the requirements of clause 8 need to be considered, and clause 8.2 for emergency preparations.

The clause also seeks to ensure that the effectiveness of hazard planning is evaluated, and although not directly referenced, we are probably looking at clause 9 .

ISO 45001:2018 6.1.4 Planning action clause mind map

Useful integrated management system cross references

• ISO 9001-2015 6 Planning

• ISO 9001-2015 6.1 Risks and opportunities

• ISO 14001-2015 6 Planning

• ISO 14001-2015 6.1 Risks and opportunities

(800) 649-5289

Your guide to implementing iso 45001, benefits of implementation.

With or without a formal OH&S management system, organizations have a moral and legal duty to protect workers from accidents and ill health. This next section provides an overview of a selection of positive benefits from implementation of ISO 45001. These positive benefits are not exhaustive. Adoption of the high-level structure of ‘Annex SL’ enables organizations to integrate ISO 45001 with existing ISO 9001 Quality and ISO14001 Environmental management systems. This approach has reduced the complexity of multiple clause requirements across different standards applications, saving time and resources. The standard provides a systematic approach for senior leadership to assess OH&S risk and opportunities, monitor and review safety performance and set objectives for continual improvement within the ‘context’ of organizational activities. This may include, for example, worker health promotion campaigns or the monitoring of the OH&S effects of products and services provided. Implementation is a demonstration and commitment from senior leadership to internal and external stakeholders (interested parties) of the intent to protect workers from accidents including short and long term ill health effects. Of course, this may in-turn reduce downtime, lead to reduction or prevention of worker loss time hours and potential prosecution. This commitment also provides assurances to the Board of Directors, Trustees or owners that management controls regarding OH&S risks inherent within the organization. The standard promotes worker participation when identifying hazards, elimination or reducing risk by implementation of controls integrated with other business process. This approach can improve safety culture, minimize risk and embed best practice resulting in increased productivity. In addition to internal process controls, the standard has provided requirements to assess procurement of products and services which may have influences on OH&S. For example, risk based structured management of contractors. Such a process can in-turn provide controls to reduce both OH&S risk, promote positive safety culture and protect business. The standard provides a structure to monitor and review compliance obligations to ensure the organization is legally compliant including products and services. It is important for an organization to understand what it is to achieve, why it needs to achieve and if it has achieved – this should be demonstrated within the system. Both internal and external audit programs provide scrutiny and effectiveness of the OH&S management system including processes. The program promotes communication and participation of workers with identification of gaps leading to continuous improvement. With an emphasis on workers taking an active role in OH&S matters, this can have positive benefits on an organization’s reputation as a safe place to work leading to staff retention, motivation and greater productivity. Implementation is also recognition for having achieved an international standard benchmark which may have positive influence on existing and potential customers in fulfilling their own social responsibility commitments. For further information on positive benefits of ISO 45001 standard implementation and its intended outcome refer to section 1 ‘Scope’.

Risk Based Thinking/Audits

Any company that operates an OH&S management system must ensure there are effective measures to evaluate performance which enables continual improvement internally. This section outlines the different methodologies of auditing in relation to the OH&S system to ensure it is effective at all levels of the organization and meets the requirements of the standard. RISK BASED THINKING

Risk Based Thinking (RBT) is a central tenet of ISO 45001. RBT requires the Management Team to continually assess the issues that affect OH&S aspects of an organization and ensure that appropriate targets, resources and controls are in place. RBT empowers organizations to make dynamic changes to their objectives and focus, whilst at the same time ensuring that resources are in place to control changes and unforeseen circumstances. In relation to OH&S, risk-based thinking extends to areas outside of the organization which may influence safety. For example, procurement of products and services (including contractors) and the impact of supplied products and services. The organization must determine the methodology for risk-based thinking with consideration of compliance obligations and the participation of workers. For operational aspects the standard clearly defines the hierarchy of control for hazard identification and the reduction of risks with the involvement of workers. This methodology requires the organization to reduce risks associated with hazards to a reasonably practicable level.

1ST PARTY - INTERNAL AUDIT

Internal audits are taken at a moment in time to determine if policies and practices are effective and achieving the intended aim. The internal audit is an opportunity to engage with workers and to capture a true reflection of processes. Audits may identify positive evidence of conformity including compliance obligations, however through inspection and observation they may identify improvement opportunities and non-compliance in breach of the management standard. AUDIT PLANNING

Developing an audit plan does not have to be a complicated process. Through risk based thinking a series of audits can be scheduled to focus areas of higher risk and to engage with identified groups of workers. It’s up to the organization to determine the frequency provided it is defined. In addition to operational aspects the plan will cover core processes including compliance obligations, management review and documented information. WALK THROUGH AUDITS

A less formal approach maybe adopted in addition to the audit plan by conducting ‘walk through’ audits. This may be conducted by senior leadership or at operational level to inspect areas of the organization to pre-determined questions. This is a further opportunity to engage with workers, promote communication and build a positive safety culture within the organization. 2ND PARTY - EXTERNAL AUDITS

Second party audits are usually conducted by customers or organizations on their behalf, however they may be conducted by regulators to ensure the organization complies with legal requirements. External audits are a useful way to substantiate an organization OH&S claim and to gather first-hand information and contact with workers prior to commitment to a formal business relationship. Second party audits may be planned; however, notice may not be provided from regulators emphasizing the requirement to ensure OH&S organizational requirements are being met. 3RD PARTY - CERTIFICATION AUDITS

Third party audits are conducted by certification bodies such as NQA, assessing compliance to the ISO 45001 OH&S standard. Depending on the number of employees, sites, risk and complexity of the organization, the certification body will determine the number of audit days required to cover the full scope of the standard. Prior to certification, the organization may consider a gap analysis conducted by either consultant or certification body to identify gaps against the OH&S standard.

Certification is a demonstration to interested parties including workers, customers and regulators that there is:

A mechanism for regular assessment to monitor and implement compliance obligations

Regular assessment to monitor and improve OH&S processes

Identification of hazards and reduce OH&S risk

Regular review and assessment of OH&S risk and opportunities

Worker participation in the decision-making process to ensure a safe working environment, continuous improvement and safety culture

Section 1: Scope

For registration all clause requirements must be applied. This section sets the intent and parameters within which the ISO 45001 OH&S management standard can be used to attain its intended outcome.

The intended outcome of the OH&S management system is for the organization to:

Provide a safe and healthy workplace(s)

Prevent work related injury and / or ill health

Proactively monitor and improve OH&S performance

Eliminate hazards and minimise OH&S risks (including system deficiencies)

Take advantage of OH&S opportunities and address management system non-conformities associated with its activities

Fulfil legal and other requirements

Achieve OH&S objectives

Integrate other aspects of health and safety including worker wellness / wellbeing

This section makes it clear that the standard does not address issues such as product safety, property damage or environmental impacts beyond the risks they present to workers and other relevant interested parties.

Section 2: Normative References

Reference to ‘normative references’ are common across all management system standards however in the case of ISO 45001 there are no normative references. If applicable to a standard, normative references are essential documents used for the application of the document. In other words, the reference document is considered essential for the application of the referenced standard. ISO 45001 provides a bibliography with further information including associated ISO management standards.

Section 3: Terms and Definitions

ISO standards are written in such a way that their meaning can be open to interpretation. As with all standards, this interpretation can lead to confusion. To assist the user section 3 of the standard provides prescriptive terms of definition to prevent the wrong interpretation. It is highly recommended that persons responsible for implementation of the standard clarify and have a clear understanding of words described in this section.For example, ‘worker’ may be interpreted without guidance as an operator who works in a factory, when in reality a worker covers many different occupational aspects including agency, contractors, all employees including Top Management and external provider staff. Each term is listed in accordance with the hierarchy of concepts reflecting the sequencing of the introduction of the standard. In addition to the term or definition, notes provide further information and clarity. If an electronic version of the standard has been purchased the definitions are hyperlinked to other definitions so that their interrelationships can be seen.

ANNEX GUIDANCE

‘Annex A’ of the standard provides useful clarification of selected concepts in relation to OH&S to avoid misunderstanding. Concepts including:

Interested party

Documented information

If the organization requires the use of specific industry related terms and their meanings relative to the OH&S system, these terms can be used, however they must still conform to the ISO 45001 document.

Section 4: Context of the Organization

The rationale of this clause is that the system focuses on the processes and requirements needed to achieve the OH&S policy objectives. This can be achieved by understanding the organization and the ‘context’ in which it operates. Clause 4 also sets out the requirements for the ‘Scope’ and the system to be defined, and the subsequent high-level planning of the system to achieve the objectives. Understanding the context of the organization is usually conducted by senior leadership with information about the business and activities gathered at every level of the organization. Discussion points focus on internal and external issues which have an impact on the OH&S system. Clause 4 has four sub-clauses that each set out an element of what is needed to define the Context of the Organization, and to design the OH&S management system. These four requirements follow a sequence:

In 4.1: Clarification of the strategic aims of the organization and determine any issues that could affect these aims being achieved.

In 4.2: Consideration of the interested parties (Stakeholders) including workers to the organization and how they can affect how the organization operates.

In 4.3: Setting the scope of the OH&S Management System from the information discussed and considered in 4.1 and 4.2

In 4.4: Laying out a design for the OH&S management system and the high-level planning around it

Internal and external issues are circumstances, characteristics and changes which can positively or negatively influence the OH&S management system. ‘Annex A’ of the standard has been developed to provide examples of internal and external issues. Below are typical examples, however each issue will be focused on the individual organization:

External issues

Cultural, social, political, legal, financial, technological, economic and natural surroundings including the environment in which the organization operates

Who the competitors are and any contractors, subcontractors, suppliers, partners and providers

National and international law

Industry drivers and trends which have influence on the organization

The organization products and services and their influence on occupational health and safety

Internal issues

Governance, organizational structure, roles and accountabilities

Policies, objectives and the strategies in place to achieve them

Resources (including human), knowledge and competence

OH&S culture within the organization and the relationship with workers

Process for the introduction of new products, materials, services, tools, software, premises and equipment

Working conditions

With the information that is gathered during discussions at all levels of the organization to determine context, it is recommended this information is placed into a report. The benefit of this is it provides a cohesive explanation and a good reference to support present and future business strategy. (For review of context refer to section 9). 4.2 UNDERSTANDING THE NEEDS AND EXPECTATION OF WORKERS AND OTHER INTERESTED PARTIES

From the information gathered in 4.1, 4.2 and 4.3 the standard requires the design and integration of processes within the management system to satisfy the requirements of ISO 45001. This may include such processes as design and development, procurement, marketing and manufacturing.

Section 5: Leadership

Critical to the success of the OH&S management system is leadership and commitment from ‘Top Management’. The expectation on leaders within an organization is to become champions of the system and provide the necessary resources to protect workers from harm.

This section provides the tone and expectation on senior leadership to take an active part in the OH&S system and generation of a positive health and safety culture within the organization. The following are examples of how leadership can be demonstrated within the OH&S management system:

Take overall responsibility and accountability for the prevention of work related injury / ill health, as well as the provision of a safe and healthy work environment

Facilitating positive culture and continual improvement

Ensure the OH&S system is integrated within business processes

Promote communication internally and externally and at all levels (cascading from the top)

Protect workers from reprisal when reporting incidents, hazards, risk and opportunities

Provision and support for safety committees

For an external audit the expectation is for senior leadership to be at the heart of the OH&S management system with a clear demonstration of understanding the system. OH&S POLICY

An OH&S Policy is a ‘Statement of Intent’ or ‘Mission Statement’ which sets out the framework to manage the Occupational Health and Safety Management System. The OH&S policy is approved by senior leadership and will drive the controls that are in place and the actions that are carried out to improve it. The standard specifically requires that the OH&S policy should include commitments to:

Provide a framework for setting objectives

Provide safe and healthy working conditions for the prevention of work related injury and / or ill health

Eliminate hazards and reduce OH&S risks

Continual improvement of the OH&S system

Consultation and participation of workers and where they exist worker representatives

Fulfilment of legal and other requirements

Once the OH&S policy has been approved it must be communicated to stakeholders including workers. The policy must be available to interested parties, which will include customers and external providers on request. In addition, periodically the OH&S policy must be reviewed by senior leadership to ensure it remains applicable to the context of your organization. ORGANIZATIONAL ROLES, RESPONSIBILITIES AND AUTHORITIES

This section requires the organization to define clear roles, responsibilities and authorities throughout the organization. It is recognised that overall responsibility for the OH&S management system falls to ‘Top Management’ however individuals must take account of their own health and safety and that of others. Consider documenting roles, responsibilities and authorities within high-level and localized organizational charts. Individual policies and work instructions may also include responsibility and authority however competence must be considered.

A key factor for the success of an OH&S system is to ensure there are clear lines of communication, consultation and participation of workers with sufficient allocation of time and resources. This section requires the development of processes to ensure information that has an impact on OH&S is communicated at all levels of the organization. This can be achieved in many different ways depending on the scope and scale of your organization. Here is a selection of suggested methods of promoting consultation and participation of workers:

Periodic meetings with senior leadership to discuss processes including OH&S issues

Safety committee with worker representatives (where required)

Identification and elimination of hazards (risk assessments)

Development of training Tool Box Talks and presentations (This may include training tools for workers outside of your organization such as visiting contractors)

Development of Safe Systems of Work and Work Instructions

Cross communication between sites within the organization

Near miss reporting schemes with follow up actions including root cause analysis

Open door policy to talk to a safety or HR representative

OH&S suggestion boxes

Communication – Notice boards, newsletters, email, blogs, health promotion campaigns

Once a selection of methods of consultation and participation of workers has been chosen, consider documenting the methodologies within a process. This will enable the organization to periodically check the process within your audit program to ensure any identified requirements have been fulfilled.

Section 6: Planning

Planning is one of the key components of any management system. ISO 45001 is based on the ‘Plan-Do-Check-Act’ cycle, where planning is used to set the actions in motion for how the system will work. Planning occurs at several points in the framework for OH&S management system. In order to set out the management system planning is required using information gathered in clause 4. At various points in time there will be the need to ‘plan’ again; this includes the periodic planning for achieving objectives that are set and reviewed, and also in the event of a ‘change’ which could arise from a planned or unplanned event. The requirements are to:

Plan the actions based on risk assessment to manage risks and opportunities in the prevention of undesired effects including work related injury or ill health

Manage events and continually determine risk and opportunities for both workers and the OH&S system

Establish and manage objectives

Plan and manage changes to the system and re-evaluate once change has been made

Consider relationships and interactions between activities

Define a methodology for hazard identification

Define the methodology for identification and management of legal and other requirements

Understand the knowledge within the organization to manage activities safely

HAZARD IDENTIFICATION

Hazard identification is fundamental in the planning process to prioritize actions to address risks and opportunities. Using the ‘Hierarchy of Controls’ (see illustration opposite) the standard requires the organization to conduct risk assessment based on internal and external activities. Hazard identification will enable the organization to recognize and understand hazards in the workplace. It will also allow workers to assess, prioritize and eliminate hazards or to reduce OH&S risks. Hazards can appear in many different circumstances and conditions including physical, chemical, biological, psychosocial, physiological, mechanical, electrical, or those based on movement and energy. Consideration must also be given to the types of activity including the following:

Groups of workers exposed to the hazard

Shift work, hours of activity, lone working, supervision

Human factors including demanding physical activities

Design of the workplace, for example segregation of traffic and pedestrian routes

Changes in work pattern including increase or decrease in productivity

Noise, cold, heat

Legal requirements and mechanism to adapt to changes in legal requirements

How the risk assessment will be communicated and subsequent worker training of control measures

Emergency situations such as unplanned events including fire and loss of power

Availability of resources to ensure hierarchy of controls can be applied to risk assessment findings

The organization needs to be confident that during the risk assessment process it is adhering to the latest applicable legal and other requirements. The legal and other requirements process of assessment will vary depending on the complexity of the business. Sources of information may be gathered in many ways including:

Subscription to publisher legal update newsletters

Membership of trade associations

Research via reputable government websites

Use of competent consultants

Competent employee membership of occupational health and safety institutes

Employee attendance of occupational health and safety training courses

Following the initial assessment of compliance obligations, the organization may consider placing the relevant information in a document. A spreadsheet may be useful for this purpose. A live document may include the following information and be referenced within individual risk assessments:

Name and reference number of regulation / requirement

Revision status

Date the regulation was last reviewed

Competent person responsible for reviewing the requirement

Area of the organization the requirement impacts including a short description of activity and associated documented information

A hyperlink or description of the source of information

Name and customer / external provider contact details if relevant to ‘other requirement’

Next review date

PLANNING ACTION

Following the hazard identification process, the organization should plan actions in order of priority to reduce risk. These should consider the consequences of these actions before the actions are introduced. Planning actions and including the introduction of control measures must be within the framework of the OH&S management system. Control measures may be either integrated into existing quality system work instructions or based on risk and developed into a dedicated Safe Systems of Work. Tasks may be delegated by senior leadership individually or as a collective group. Tasks will be allocated to persons based on competency with consideration as to how any training will be delivered to different groups of workers. OBJECTIVES

It is a requirement of the standard to set achievable OH&S objectives with the means to periodically measure progress, demonstrating continuous improvement. Often objectives are set and reviewed at management review (see clause 9.3) or locally at departmental or committee meetings. Once set, there must be the means to communicate objectives throughout the organization to support and generate a positive OH&S culture. If many requirements have been identified the organization may consider developing a documented Occupational Health and Safety Strategic Plan. The plan should be agreed by senior leadership and include risk rating tasks, in order of priority, and the alignment with senior leadership responsible for overseeing the task. A strategic OH&S plan is a live document and periodically should be reviewed to monitor progress to achieving objectives and continuous improvement. The document may include:

Strategic prioritized topic

Action, this could be conducting assessments according to compliance obligations such as a noise assessment

Method in which the action can be achieved

Resources required to achieve the action. For example human, equipment, financial and external provider expertise

The key performance indicator to demonstrate achievement of the action

General responsibility

Top Management responsibility

Risk rating (order of priority)

Section 7: Support

This section looks at the requirements which underpin the OH&S management system to ensure it runs effectively. RESOURCES

Resources will be required to fulfil the requirements identified during the planning stages of the system to maintain continuous improvement. These include human, natural, infrastructure (buildings, plant, equipment, utilities, emergency containment systems) technological and financial resources. It is essential that allocation of resources has the full support from Top Management, under the requirements of Clause 5, to drive the maintenance of a safe and healthy work environment. As part of identifying resources, the organization needs to look at the information produced in Section 6 to acknowledge the risk, opportunities and resulting objectives. They then need to allocate sufficient resources to mitigate or manage them. COMPETENCE

An organization working effectively and efficiently must have competent workers. In terms of OH&S it is essential that workers have access to information and have been suitably trained to prevent accidents or ill health to themselves and others. Competence can include consideration for:

Capability to fulfil the task based on defined job roles and clear understanding of the required OH&S aspects

Defined methods of recruitment with consideration for temporary or agency workers

Awareness of hazards associated with the environment and processes

Legal requirements

Individual capabilities including experience, language skills, literacy and diversity

The diversity of activities within the organization will determine the level of training required to fulfil competence. Training gaps are usually identified with the development of new processes, for example the introduction of new machinery or in achieving compliance with regulatory requirements. No matter how big or small the organization is, training records are essential as reference and evidence of the fulfilment of competence. Consider an overview training matrix identifying fulfilled training gaps including refresher training dates. In addition, consider individual training records with signatory evidence from the worker to acknowledge completion and understanding of training including hazard awareness. The organization must also consider the competence of external providers including the procurement of contractors conducting tasks on site. The organization’s procurement process may provide the structure for management of external providers; including evidence of capability, competence and on site, this may be supported with site induction training. Either internally or externally, the organization’s Top Management must be confident that mechanisms are in place to provide workers with suitable and sufficient competency based OH&S training. AWARENESS

Awareness of the requirements of the OH&S system is critical to both internal and external workers. There must be a clear understanding of the organization’s H&S Policy including the requirement for individuals to protect themselves and others from exposure to hazards. Awareness training starts before work commencement for both internal and external workers and may include:

OH&S Policy and requirements

Hazards associated with the environment and processes

Means to report incidents and receive information following investigation

Means to report near misses or safety critical defects

Structure of supervision

Provision of information including Safe Systems of Work or Work Instructions

Clear understanding that there are no recriminations for reporting hazards or precautionary removal of individuals from exposure to harm which is life threatening. This must be actively encouraged as part of a positive safety culture

It is recommended there is evidence of awareness training. This is outlined within the ‘competence’ section of Section 7. COMMUNICATION - INTERNAL AND EXTERNAL

Defined channels of communication is key for the success of the OH&S management system. It is recommended that there is clear policy on communication endorsed by Top Management identifying the process of communication. The organization will need to determine:

As with all management systems the extent of documented information will vary depending on the size, scope and complexity of processes within the organization. A practical approach to development and control of documented information will assist in business protection as well as providing sources of information for workers relating to hazard identification. Consider a risk-based approach to the level of documented information required including consideration for literacy and language. Documented information is not restricted to hard copy and will appear in a variety of media including electronic format, emails and web based. Below is a selection of the variety of documented information:

METHODS OF CONTROLLING DOCUMENTED INFORMATION

It’s essential to have a robust but simple system of control for documented information. This will ensure workers are always aware of the latest requirements relating to OH&S. In support of the latest revision of documented information there must be the means to communicate the latest policies, practices and work instructions. As previously indicated documented information will come from internal and external sources. Below are suggested means of controlling both internal and external documented information:

Develop a document reference system within the header or footer e.g. Maintenance Procedure No. 1 – MP01, Maintenance Form 01 – MF01 etc

Identify the revision status, revision date and author within the document footer

Use the same document control methodology for electronic documents and data

Develop a spread sheet identifying the reasons why previous revisions have been updated

Determine the method of issue for documented information with consideration for recovery of pre-modified documented information and communication

Archive in electronic format previous revisions of documents based on risk ensuring there is a means of backing up and recovering data

Determine and identify in the spread sheet the intended document retention timescale. This may be based on legal requirements such as insurance documentation

Determine what should be communicated and retained based on risk

Consider scanning to reduce reliance on paper

Maintain the integrity of archived documentation

Remember to create a simple system to use for all to understand and access accordingly. Consider supporting the chosen method with an instructional procedure with applicable training.

Section 8: Operation

Once processes within the organization have been identified (see clause 4.4) and planned, the method in which the business will operate (see Clause 6.0), the company needs to plan and control each process within the OH&S management system.

Operational Planning and Control is the method in which the organization determines what is required for each process and the method in which requirements are controlled to ensure workers are protected from harm. Operational Planning and Control is achieved by identifying the criteria for each process which may include:

The boundaries of each process and how they interact

What resources are required to manage the process including leadership, equipment, time, human (competency and training aspects) and financial

What documented information is required to aid management of the process including procedures and safe systems of work

The method in which changes to the process are planned and controlled including unintended events

Application of legal and other requirements or manufacturer’s instructions for equipment

Engineering controls, for example interlocked guards and exhaust systems

The organization must also consider the adaptation of the work environment to ensure it is suitable and sufficient for all workers. Adaptation in broad terms may be induction of new workers or ergonomically changed processes to protect workers from harm and improve process efficiency.

ELIMINATING HAZARDS AND REDUCING OH&S RISKS

MANAGEMENT OF CHANGE

It is recognized that accidents can occur when processes deviate from defined established control measures. This may include changes in competent supervision and workers or the introduction of new materials, machinery and processes. The organization must define and implement a process which considers change throughout the business. This may be a written policy which accounts for different scenarios based on risk and opportunity. The change process may be supported by a documented system to acknowledge issue and receipt of the notification to ensure it is communicated and understood. Notification of change may be supported by training and competence requirements. Change process could incorporate a mechanism to assess and prevent the introduction of new hazards. Examples of events where management of change might be necessary include but this is not exhaustive:

The purchase of goods and services is a requirement for any business to function. The standard requires the organization to put controls in place to ensure those purchased goods and services do not introduce hazards and expose workers to harm including contractors.

PROCUREMENT

A robust procurement process is essential to control product and services inputs into an organization. Inputs may include raw materials for products, equipment including machinery, consumables such as cleaning products and workers conducting maintenance as part of a service agreement. The organization is required to develop a process which should include an assessment of the impact on safety of products and services prior to purchase. This may include obtaining product or material safety data from an external provider or by conducting a risk assessment. Risk assessment with an external provider may be considered during activities such as the purchase and installation of machinery. The assessment would identify potential hazards and suitable control measures to protect both organizational workers and contractors. Within the process, consider the delivery of products to ensure they are inspected against specified requirements prior to release. Consideration must also be made to ensure those products and services are legally compliant. This may be through the assessment of material safety data sheets, declarations of conformity or business registration with trade associations. Personnel who are responsible for procurement must ensure they utilize competent workers to assist with assessments and to communicate safety information relating to product or service. Health and safety information may include material safety data sheets, training, competence requirements and instructions for use. CONTRACTORS AND OUTSOURCING

Many businesses use the services of contractors (external providers) to fulfil gaps in processes and to complete tasks requiring specialist knowledge. The standard requires the organization to conduct an assessment on those contractors including due diligence competency checks. The organization may consider the use of contractor selection criteria to ensure services are within scope of the task. The organization must be satisfied there is a process to protect contractors (workers) and other workers who may be exposed to hazards due to their activities. During the procurement process written agreements may be established between the organization and contractor specifying the organization's rules. This may be supported by risk assessments and method statements conducted by both parties with communication of results. It is key that necessary checks have been made to ensure contractors are competent and may, in some circumstances, require confirmation of compliance to legal requirements. For example, certification to work on electrical switch gear or to work on a gas boiler. Once the procurement process has been completed it is good practice to support site activities with an induction program. This will provide contractor workers with an understanding of the rules including any specific requirements, for example, site hazards, authorized areas, near miss reporting processes, safe walking routes, emergency action plans, supervision and required permits to work. DOCUMENTED INFORMATION

The standard requires the organization to maintain documented information relating to the procurement of products and services including contractor arrangements. Below is a list of examples of documented information considered for retention:

Risk assessment and method statements between the organization and contractor

Material safety data sheets

Email exchanges relating to safety aspects

Certificates of conformity – Harnesses, guarding, emergency stops, PPE

Contractor permits and licenses

Completed external provider questionnaires

Worker training records

EMERGENCY PREPAREDNESS AND RESPONSE

Planning for unexpected events is a good all-round organizational discipline. The risk assessment process, for ISO 45001 identification of hazards, may have highlighted potential emergency situations with possible catastrophic consequences. Therefore, it is necessary to put control measures in place to mitigate for these potential events. Once emergency situations have been identified, which may involve workers at every level of the organization, a plan needs to be formulated and tested. Check that emergency preparedness and response have been tested within the internal audit plan. Testing emergency response plans are critical to raise awareness of potential events and ensure control measures function including supervision, individual responsibilities, suitability of training and communication. Below are some examples of when emergency plans will be required:

Once the plan has been tested it is important to provide workers with feedback to learn from experience. Again, there is a requirement to have suitable information and records as documented information.

Section 9: Performance Evaluation

Performance evaluation is a constructive process that aims to improve an organization’s operation and is crucial to the ‘Plan, Do, Check and Act’ model prescribed by ISO 45001. These processes should help achieve and support organizational strategy and goals.

MONITORING, MEASUREMENT, ANALYSIS AND EVALUATION

An organization should check, review, inspect and observe its planned activities to ensure they are occurring as intended. An organization must make sure they have determined the appropriate processes, so they can evaluate how well they are performing based on risk and opportunities. Monitoring generally indicates processes that can check whether something is occurring as intended or planned. The tables below provide examples of monitoring and specific control measures:

Any equipment used to determine the measurement ‘indicator’ should be calibrated and maintained so that a high degree of confidence is gained in the credibility of data. The standard also requires the organization to implement a process to evaluate legal and other compliance including:

The frequency and method of evaluation

If action is needed, the process in which it will be evaluated and implemented

Maintain knowledge and understanding of its compliance status

Retain documented information to support the evaluation of legal and other requirements

In practice you may consider putting a list of compliance obligations within a spreadsheet as outlined under section 6 of this document. Periodically this process should be audited within the internal audit program to ensure all compliance obligations have been fulfilled. Audit results including compliance status should be communicated to senior leadership within the organization. Any outstanding or pending requirements can be actioned by the leadership team. This will ensure compliance to obligations and reduction in risk including potential prosecution.

INTERNAL AUDIT An internal audit is a systematic method to check organizational processes and requirements, as well as those detailed in the ISO 45001 standard. This will ensure the processes in place are effective and the procedures are being adhered to. The internal audit program will aid the organization to achieve the OH&S objectives and targets. It helps:

Monitor compliance to policy and objectives

Provide evidence that all necessary checks are carried out

Ensure all current legislative and other requirements are met

Assess the effectiveness of risk management

Worker engagement leading to a positive safety culture

Identify improvement using ‘fresh eyes’ to review a process

Aid continual improvement

Internal audits must be conducted by competent staff with a degree of impartiality to the area being audited. A risk-based approach can be applied to areas being audited with an increased focus on higher risk activities. Internal audits must be planned with an expectation of each process being audited in regular intervals. In addition to planned audits, unplanned audits may be conducted in reaction to problematic areas, near miss reports or incident data with focus on accident prevention. It is beneficial to communicate audit results to applicable interested parties including workers and set realistic completion timescales for identified ‘opportunities for improvement’ or ‘non- conformities’. Top Management must be aware of deficiencies within the system to ensure necessary resources can be allocated to mitigate the findings. Audit results will be reviewed as part of the management review process.

MANAGEMENT REVIEW Management Review is an essential element of the Occupational Health and Safety Management System. The aim of the review Bis for Top Management to assess the performance of the management system to ensure it has been effective and suitable for the needs of the business, ultimately preventing injury or harm to workers. The management review is also a planned activity to review objectives including compliance and to set new objectives. Usually management review meetings are conducted annually, however many organizations conduct management reviews every six months or quarterly to track the performance of the system. If more frequent meetings are conducted, often the meeting agenda is reduced with the full agenda occurring annually. The table on the following page provides an overview of prescribed management review agenda requirements:

On completion of the management review meeting the organization must decide with senior leadership and support, what is needed to continuously improve OH&S and satisfy the standard. The following points outline the Management Review Meeting output requirements:

Provide a wide-ranging conclusion to the continuing stability, adequacy and effectiveness in achieving its intended outcomes

Identify continual improvement opportunities

Identify any required changes to the OH&S management system

Identify required resources

Identify any actions needed

Identify any integration improvements with other business processes. This may be further harmonization with ISO 9001 or ISO 14001 management systems

Any implications to the strategic direction of the business. This is a broad scope requirement to capture any topic to improve the OH&S management system

The organization is required to record the meeting minutes within documented information. This information must be communicated to the relevant interested parties and where applicable worker representatives. It is good practice to transfer management review objectives into a separate document with identified key performance indicators, expected completed timescales and delegated responsibilities. These objectives may be communicated via the organizations email or placed on notice boards.

Section 10: Improvement

From the results discussed in section 9 Management Review including the analysis and evaluation of OH&S performance, internal auditing and feedback from worker engagement

Non-conformity and corrective action

Incident investigation and corrective action

Accident investigation and corrective action

Compliance obligations including output from the introduction of new regulation

Several different methods of capturing improvement opportunities may be designed in the system based on the structure, activities and risk within the business discussed in section 4 and 6. The chosen methods must consider the following:

Means of reporting including incidents to the right groups of workers and interested parties

The timescale of reporting

How the information is going to be recorded as documented information for example near miss report cards, accident reports, defect reports, reports to senior leadership

Using workers to participate in investigations to determine root cause analysis

A structured system to prevent reoccurrence

Hierarchy of control measures to reduce risk as far as is reasonably practicable

Assessment of OH&S risks prior to the introduction of a corrective action to prevent the introduction of new hazards

Training and competence for workers and interested parties on the means of reporting OH&S hazards, incidents and opportunities for improvement

INCIDENT Unlike ISO 9001 Quality and ISO 14001 Environmental management systems, ISO 45001 introduces ‘Incident’ alongside non- conformity and corrective action. Clause 3 ‘Terms of Definition’ within the standard provides the parameters in which ‘incident’ can be interpreted and reported. An ‘incident’ is an occurrence that does not result in an injury and / or ill health. Therefore, the organization must implement a system of reporting that captures events which have not necessarily been foreseen within processes of the management system. Often these are referred to as ‘near misses’, ‘near-hit’ or a ‘close call’. When a near miss is reported there may be a process in which during the investigation the findings are recorded within a non-conformance report. Basic example process of reporting an incident leading to non-conformance, corrective action and continuous improvement:

Get the Most From Your Management System

Top tips to get the most out of your health and safety management system:

To have an effective OH&S management system the organization must have commitment from ‘Top Management’ to implement and continually improve

Develop the management system as a tool to protect workers and business interests and not just to satisfy the standard

Use ‘context’ to understand how the organization can internally and externally impact on OH&S including workers

Inform interested parties and workers of their objectives when implementing the standard to gain ‘buy in’ and generate a positive safety culture

When designing processes ensure that they are relevant to the environment they are intended to be used. In other words, do not overcomplicate the system

Build the requirements of the standard into existing processes and control – OHS is not an add-on

Consider integrating this standard into existing management systems such as ISO 9001 Quality and ISO 14001 Environmental. This will help embed OH&S into the thinking of both Top Management and Workers leading to a safe workplace

Implementation of this standard is not a burden on your organization. Risk-based thinking with the participation of workers should improve safety culture and productivity

H&S Toolkit

ISO 45001 FAQs

Integrated Quote Request Form

ISO 45001 Gap Guide

ISO 45001 Implementation Guide

Download Certification Logos

Annex SL Comparison Tool

Gap Analysis

Advisera Home
ISO in General

Partner Panel

ISO 45001 Documentation Toolkits

Iso 45001 training.

Documentation Toolkits
White Papers
Templates & Tools

Where to Start

New ai tool.

Live Consultations
Consultant Directory
For Consultants

Mark Hammar

Get Started

What are the new requirements for risks and opportunities according to ISO 45001?

With the release of ISO 45001:2018 , there are new requirements for assessing risks and opportunities in the Occupational Health & Safety Management System (OH&SMS). So, how does this differ from the previous requirements for assessing hazards and risks in OHSAS 18001 , and are these requirements still in the standard? In short, these requirements in ISO 45001 cover two different types of risk for the individual processes and for the overall OH&SMS, and both assessments are needed for a good OH&SMS.

What is required for hazards and risks?

The previously existing requirements in the OHSAS 18001:2007 standard were quite simply written, even though the task was rather large. In brief, for all of your activities, processes and work areas, you must identify what hazards exist for the occupational health and safety of all involved (including contractors and visitors). Once these hazards were identified, you would then identify what risks exist for the hazards and what controls you needed to put in place to mitigate the risks present.

For example, if you had a large machine, you might identify that there is a pinch point hazard when the machine was running. The risk of this pinch point could be injury to any worker, contractor or visitor who put their hand in the way of the machine while it was running. To mitigate this risk, you could put a guard in place to prevent hands from entering the pinch point and have a lock-out/tag-out procedure to ensure that the machine could not run without the guard in place during maintenance.

The requirements to assess risks of the processes are still part of the planning for the OH&SMS. Controlling the risk from your processes is an important part of ensuring the health and safety of people within your facilities. As the backbone of the OH&SMS, this assessment of the hazards and risks posed by the organization’s activities is still a critical part of what is needed to improve occupational health & safety performance.

For a better understanding about hazards and risks in the OH&SMS see this article: How to identify and classify OH&S hazards and How to perform risk assessment in OHSAS 18001 .

What do you need to consider with new conditions for assessing the risks and opportunities?

Along with the above requirements, there are new conditions for assessing the risks and opportunities of the overall Occupational Health & Safety Management System. These new requirements come from the standard ISO format for all management systems, called Annex SL. This format includes the assessment of the context of the organization with respect to the purpose of the management system, including the internal and external issues that affect it. The next step in the standard is to identify all of the interested parties for your management system, and what their needs and expectations are.

Finally, taking these issues, interested parties and expectations into account, the company must assess what risks and opportunities exist for the company with respect to the management system. For the OH&SMS this means the risks and opportunities that could affect the company’s ability to enhance OH&S performance, fulfill compliance obligations and achieve OH&S objectives. Many companies have a strategic planning function which addresses these requirements of the standard. If you have more than one management system in place (such as a quality management system or environmental management system), this same process can be used for all of them.

ISO 45001 risks & opportunities - The new requirements

For instance, as part of your ongoing assessment of legal requirements, you may have learned that there is an upcoming change in the law that will make it illegal to use a certain cancer-causing chemical that is needed for creating your product. As this is the case, you have an opportunity to make changes to your product that allow you to find a replacement chemical that is less hazardous to the occupational health & safety of your workforce. There is also a risk that the replacement chemical is actually more hazardous to the people who need to use it. It is these risks and opportunities that you will need to address.

Likewise, if you identify that a company is introducing a new type of machine guard that will make it much easier to prevent accidents you may start investigating how this could be incorporated into your machinery ahead of the government approval for the product. You would not install the new guard, but instead start the process so that it could be more quickly implemented once the approval for the guard was granted.

Risk and Opportunity assessment: An important part of OH&SMS

Any company that has implemented an Occupational Health & Safety Management System knows that the assessment of risk, and the management of the controls to address risk, is critical for managing occupational health & safety. Assessment of risks and determining what needs to be done about them has always been a part of the OH&SMS, and this has not changed. The only real change is to include an additional focus for the important task of risk assessment, and the assessment of opportunities that can be pursued to benefit your company, which can help you with OH&S improvement.

For a better understanding where risks and opportunities fit into the implementation process, see this Diagram of ISO 45001 Implementation Process .

Diagram of the ISO 45001 Implementation Process

Free diagram that outlines the steps for your ISO 45001 implementation

ISO 45001 Documentation Toolkit

Integrated iso 9001/14001/45001 toolkit.

ISO 45001 Foundations Course

You may unsubscribe at any time. For more information, please see our privacy notice .

IMAGES

ISO 45001 Risk Assessment Matrix
6.1 Actions to Address Risks and Opportunities [ISO 45001]
Diagram of the ISO 45001 Risk Management Process
ISO 45001 Update
Diagram of ISO 45001 Risk Management Process (adapted from Hammar, [11
What You Need To Know About ISO 45001

VIDEO

Benefícios da ISO 45001
By Priya choudhary -Advanced Risk management in servicenow
Dúvidas frequentes na ISO 45001
Filling in the template
Risk and ISO 45001:2018
ISO 21434 TARA terminology and concepts

COMMENTS

ISO 45001 risk management methodology: What to include?
What is the methodology to manage risk according to ISO 45001? Once both types of risks are assessed, there is a common requirement in the standard to plan actions to address the risk (clause 6.1.4 Planning actions). During the assessment of each risk above, there is a decision on the necessity to take action to reduce or eliminate the risk and ...
Explanation of ISO 45001 hazards, risks, and opportunities
ISO 45001 starts with some general information in clause 6.1.1 on considering your internal and external issues, relevant interested parties, and the scope of your OH&S management system during this risk assessment process. Next, clause 6.1.2.1 requires the identification of hazards in the management system.
ISO 45001:2018
Key elements include leadership commitment, worker participation, hazard identification and risk assessment, legal and regulatory compliance, emergency planning, incident investigation and continual improvement. ISO 45001 utilizes the Plan-Do-Check-Act methodology to systematically manage health and safety risks.
Hazard Identification & Risk Assessment Procedure Explained [ISO 45001
ISO 45001. Hazard Identification & Risk Assessment Procedure. The purpose of this procedure is to outline your organization's ongoing and proactive methodology for the identification of operational hazards and the assessment of perceived risks to evaluate both existing and potential workplace hazards, and to determine the methods required to ...
ISO 45001:2018(en), Occupational health and safety management systems
ISO 45001:2018(en) ×. ISO 45001:2018(en) ... Results can be determined and evaluated by qualitative or quantitative methods. Note 2 to entry: Performance can relate to the management of activities, processes (3.25) ... IEC 31010, Risk management — Risk assessment techniques [12] ILO. Guidelines on occupational safety and health management ...
ISO 45001 Certification Process: A Comprehensive Guide
Risk-Based Approach: ISO 45001 takes a proactive approach to managing occupational health and safety risks. It requires organisations to identify potential hazards, assess the level of risk, and implement controls to eliminate or reduce these risks. ... Methodologies and criteria for risk assessment; OH&S process for addressing risks and ...
PDF Iso 45001:2018
8 ISO 45001:2018 OCCUPATIONAL HEALTH & SAFETY IMPLEMENTATION GUIDE RISK BASED THINKING/AUDITS Risk Based Thinking Risk Based Thinking (RBT) is a central tenet of ISO 45001. RBT requires the Management Team to continually assess the issues that affect OH&S aspects of an organization and ensure that appropriate targets, resources and controls are ...
PDF Iso 45001
objective setting but the HLS requirements of risk and opportunities introduced a challenge for the expert committee that developed ISO 45001. In order to incorporate the HLS and the aim of the OH&S management system, risk and opportunities has been broken into two elements: • Assessment of OH&S risks and other risks to the management system
ISO 45001 Hazard Identification, Risk Assessment, and Control Plan Tem
Introduction Hazard identification, risk assessment, and control plans are crucial components of a successful health and safety management system, especially when aiming to meet the requirements of ISO 45001. This template provides a structured approach to identifying hazards, assessing risks, and implementing controls to mitigate risks in the workplace. By utilizing this template ...
ISO 45001 Clause 6.1.2.2 Assessment of OH&S risks
Learn about ISO 45001 Clause 6.1.2.2 and understand the assessment of OH&S risks and other risks to the management system. ... First off when I read the words methodology and criteria I think of a risk matrix. ... The risk assessment needs to consider how these existing controls will influence the Likelihood and Consequence of an incident or ...
ISO 45001 Clause 6.1.2 Hazard Identification and Assessment of Risks a
Introduction The introduction of Clause 6.1.2 of ISO 45001, focusing on hazard identification and assessment of risks and opportunities, is a crucial aspect of occupational health and safety management systems. This clause plays a key role in helping organizations identify potential hazards and risks in the workplace, as well as opportunities for improvement. By effectively implementing this ...
PDF BSI0108
BSI0108 - 1805_ISO 45001 Guide Page 5 of 32 ISO 45001:2015 OHSAS 18001:2007 AS/NZS 4801:2001 Key Differences Risk: effect of uncertainty. OH&S risk: combination of the likelihood of occurrence of a work-related hazardous event or exposure and the severity of injury and ill health that can be caused by the event or exposure.
ISO 45001 risk assessment: How to do it and why
One of the most important components of any ISO 45001:2018 system is that of hazard identification and risk assessment. Given that this process has a direct bearing on the overall performance and effectiveness of the OHSMS, and the welfare of your staff through reduction of workplace accidents and incidents, it is clear that this is a process ...
PDF ISO 45001:2018
ISO 45001:2018 is the world's first international standard on occupational health and safety (OH&S) management, containing agreed good practices from across the world. The primary focus of implementing an OH&S management system is to prevent any kind of work-related injuries, illness or loss of life.
ISO 45001 Risk Assessment
Conclusion. In conclusion, ISO 45001 risk assessment is a fundamental process for ensuring occupational health and safety. By following the systematic approach outlined in the standard, organizations can create a safer and more secure work environment, protecting both employees and their reputation. ISO 45001 SWOT Analysis.
6.1.2 Hazard Identification and Assessment of Risks ...
6.1.2.1 Hazard Identification. Clause 6.1.2.1 of ISO 45001:2018 is identical to the hazard identification and risk evaluation in OHSAS 18001. The cornerstone of the OHMS is the hazard identification and risk assessment process. The importance of this section of the health and safety management system cannot be overstated.
ISO 45001-2018 6.1 Risks and opportunities
6.1.2.1 Hazard identification. The standard requires that an organization shall (i.e. mandatory) establish, implement and maintain a process (es) for hazard identification that is ongoing and proactive. Clause 3.19 defines a hazard as a 'source with a potential to cause injury and ill health. Clause 3.18 defines injury and ill health as ...
How to Implement the ISO 45001 Standard
Having chosen the methodology for risk assessment determined in clause 6.0, the organization will use the 'Hierarchy of Controls' outlined in section 6 to eliminate or reduce hazards to the lowest practicable risk. ... The risk assessment process, for ISO 45001 identification of hazards, may have highlighted potential emergency situations ...
PDF ISO 45001 Readiness Assessment
Using Marsh's ISO 45001 readiness assessment tool, we perform a guided self-assessment of the organisation's current management system design against the new standard, and facilitate action planning to achieve the organisation's desired standard. This can be executed in a two staged approach: Optional - Desktop review of documentation.
ISO 45001
Abstract. The new standard ISO 45001 is expected to give a significant boost to the growth of the number of companies that have adopted and certified an occupational health and safety (OHS) management system. The structure of the new standard reflects the Annex SL, thus facilitating the organizations in aligning and integrating their management ...
Iso 45001:2018
Key elements include leadership commitment, worker participation, hazard identification and risk assessment, legal and regulatory compliance, emergency planning, incident investigation and continual improvement. ... ISO 45001 utilizes the Plan-Do-Check-Act methodology to systematically manage health and safety risks. ... organizations can get ...
ISO 45001 risks & opportunities
In short, these requirements in ISO 45001 cover two different types of risk for the individual processes and for the overall OH&SMS, and both assessments are needed for a good OH&SMS. ... The only real change is to include an additional focus for the important task of risk assessment, and the assessment of opportunities that can be pursued to ...
ISO 45001: A Model for Managing Workplace Ergonomics
Safety management systems focus on reducing the risk of occupational injuries, illnesses and fatalities. This means that to improve workplace ergonomics, one must control the cause of MSDs. Using the proposed content of ISO 45001 (Table 1) as a systematic process, we present the key elements and activities in an ergonomics management system.

ISO 45001 Clause 6.1.2.2 Assessment of OH&S risks

Understanding ISO 9001 Clause 7.5.1 General (Documented information)

Defining ISO 45001 Clause 6.1.2.3

ISO 45001 Clause 8.1.2 Eliminating hazards and reducing OH&S risks

ISO 45001 Clause 6.1.2 Hazard Identification and Assessment of Risks and Opportunities

Importance of Hazard Identification and Assessment of Risks and Opportunities

Steps to Effectively Identify Hazards and Assess Risks and Opportunities

Tools and Techniques for Assessing Risks and Opportunities

Integrating Hazard Identification and Risk Assessment into Your Organization's Processes

ISO 45001 Risk Assessment

Share this:

RELATED ARTICLES MORE FROM AUTHOR

LEAVE A REPLY Cancel reply

Popular Posts

6.1.2 Hazard Identification and Assessment of Risks & Opportunities [ISO 45001 Procedure]

Why Reinvent the Wheel?

Step 1: Look for Hazards

Step 2: Decide Who Might Be Harmed and How

Step 3: Evaluate The Risks and Decide Whether Current Controls Are Adequate

Step 4: Record your Findings

Step 5: Review risk assessments and revise where necessary

Don't Try To Manage It All Alone!

Risk Level (S1)

Opportunities to Improve OH&S Performance

Opportunities to Improve the Health and Safety Management System

Related Information You Might Find Useful

Next ISO 45001 Clause

Each ISO 45001 Clause Explained

Richard Keen

Are The Templates Suitable For You?

Five Reasons To Choose Our Templates

FAQs About Our Templates

Ask Us a Question

More Information

ISO 45001:2018 Clause 6.1 Actions to address risks and opportunities

(800) 649-5289

Risk Based Thinking/Audits

Section 1: Scope

Section 2: Normative References

Section 3: Terms and Definitions

Section 4: Context of the Organization

Section 5: Leadership

Section 6: Planning

Section 7: Support

Section 8: Operation

Section 9: Performance Evaluation

Section 10: Improvement

Get the Most From Your Management System

H&S Toolkit

ISO 45001 Documentation Toolkits

Where to Start

Mark Hammar

What are the new requirements for risks and opportunities according to ISO 45001?

What is required for hazards and risks?

What do you need to consider with new conditions for assessing the risks and opportunities?

Risk and Opportunity assessment: An important part of OH&SMS

Suggested reading

ISO 45001 Documentation Toolkit

ISO 45001 Foundations Course

IMAGES

VIDEO

COMMENTS