John Nolan
January 18, 2017
If you are familiar with working for an organization that has an ISO 45001:2018-certified OHSMS (Operational Health and Safety Management System), you will be aware of the value that such a system brings to the organization in terms of accident prevention and promotion of employee well-being. However, significant amounts of planning, resources, and time normally go into the establishment of such a system, and in my experience there can be many different opinions held when it comes to the question of how long it should take to implement ISO 45001. So, given that this is one of the natural questions for top management to ask when considering ISO 45001 for a business, what is the truth and what elements do we need to consider when planning for a certified OHSMS?
It is clear that any organization will have some key considerations when planning the establishment of an OHSMS that meets ISO 45001 requirements, as the amount of resources, knowledge, and expertise available to you will obviously have a huge impact on how quickly your implementation can be done. So, what questions should an organization be asking when embarking on such a project?
The above considerations come within the parameters of the “context of the organization” discussions that top management should consider, and which you may be familiar with if you have used the ISO 9001 and ISO 14001 standards for quality and environmental management in your organization. With an ISO 45001 implementation, management commitment and consultation with the workforce are critical factors, and these can not only increase your chances of success, but also limit the implementation period. Therefore, it quickly becomes clear that having top management commitment as an example to your workforce can be a critical factor in achieving a successful and timely ISO 45001 implementation. So, what is the next step?
In an organization of 20 people or fewer, an ISO 45001 implementation may be possible in around six months, depending on the focus, knowledge, expertise, and resources available. For larger organizations, a year may be required, although as mentioned above this can be dependent on other factors. It may be easier to implement an ISO 45001 OHSMS in a call center with 100 employees than an engineering plant with a headcount of 20, due to the nature of the business, for example. What is clear, however, is that your OHSMS will not be considered ready for audit without the following elements being in place:
So, while we can see that the ISO 45001-certified OHSMS is less based on external issues, such as customer feedback, than its ISO 9001 Quality Management equivalent, it is clear that some basic elements need to be completed and evidence must exist that this work has been undertaken before your OHSMS can be considered ready for audit.
This is almost certainly a question that top management will ask the project manager when it comes to a project like ISO 45001 implementation. Obviously, hiring extra resources and having more expertise can help your organization implement ISO 45001 more quickly, but as we have examined above there are no real shortcuts when it comes to implementing the basic processes that support ISO 45001. It is wise to remember that compromising the terms of the standard can also compromise the safety of your workforce, and that goes against the reason that the standard itself exists. Ensure your OHSMS meets the individual elements of the standard, and ensure that your documentation is sufficient to record the details that the standard requires.
Above all, ensure that your hazard identification and risk assessment processes are effective in identifying and mitigating risk, as this is the primary reason that ISO 45001 exists. All organizations want a quick implementation, but you will do well to ensure that this is not at the cost of the ultimate effectiveness of the OHSMS itself.
Why not use our free ISO 45001 Gap Analysis Tool to measure the gap between your current health & safety practices and the ISO 45001 standard?