Understand how ISO 45001:2018 works and why the “8 operation” requirement is so important in this standard
When implementing an Operational Health and Safety Management System for the first time, it is common to have difficulties in understanding this standard. After all, the functioning of ISO 45001:2018 corresponds to a complex and vital system for the company.
If the professional has never worked with ISO standards, the doubts can be even greater. However, those who have experience in studying or implementing another management system (such as ISO 9001) already understand better how SSO works. Mainly due to the high level structure of Annex SL.
However, this standard differs somewhat from 9001 regarding the structure of requirements related to the operation. This is because ISO 45001 details the requirements present in annex A more than in the standard itself.
And it’s worth understanding this relationship better. So, in today’s article, I want to explain how SSO management patterns work.
ISO 45001:2018: A standard about risks
It is true that every standard is based on risks, but it is important to understand the Operation of ISO 45001:2018. It talks about safety, and it has a much clearer structure regarding the treatment of risks than ISO 9001, for example.
While ISO 9001 talks about risks in the “6 Planning” requirement (and then touches on this subject at some other times, in the midst of several other good practices); ISO 45001 talks about risks in item “6 Planning” and in item “8 Operation”, determining that the good practice established by the standard as a whole is, in fact, to address these risks. This is because the purpose of the standard is to establish a more secure environment for employees.
“Security”, by dictionary definition, is the set of actions and resources used to protect something or someone. From there, it is easy to understand why requirement 8 talks about the treatment of risks. In other words, in ISO 45001 the operation requirement is about promoting safety within the company.
Eliminating the hazards to address the risks
In ISO 45001, we find two nomenclatures present in risk management:
- the risk itself, which is the probability and consequence of an employee being unsafe in your company;
- and the danger, which is the condition that puts the employee in insecurity.
In requirement “6 Planning”, we find good practices to address risks; in the requirement “8 Operation” we find the best practices to eliminate hazards.
That’s because the implementation of the standard starts with defining the scope, analyzing the processes that will enter the Occupational Health and Safety system and defining the objectives that the system needs to achieve.
From there, we need to understand which risks affect these objectives within the defined scope, within the functioning of ISO 45001:2018, while we are still planning the system. After all, during the operation, we are going to implement controls to eliminate or replace the dangers that place employees at these risks.
The leadership, resources, awareness and competence requirements are all to ensure that these controls are correctly implemented and maintained. The assessment, monitoring and improvement requirements are to understand whether these controls are taking place in practice and what can be improved.
Implementing in your company
Now that you understand how ISO 45001:2018 works, it’s time to analyze the risks and eliminate the dangers that affect your employee’s health and safety. And this is something that will make all the difference in the results your company will achieve.