Are you interested in becoming ISO 45001 certified?

ISO 45001 is the most well established and widely recognised of all standards for health and safety management. Becoming ISO 45001 certified is a significant accolade and can open doors to new business opportunities. Many organisations have heard of the ISO 45001 standard or its precurser OHSAS 18001 but still only a minority have actually achieved approval. Would you like to add UKAS accredited ISO 45001 certification to your business credentials? This page is all about about the ISO process, including ISO 45001 audits and ISO 45001 consultancy.  For help with ISO 45001 or to speak with an ISO 45001 consultant, use the enquiry button at the bottom of the page. 

What is ISO 45001 and why is it important?

ISO 45001 is an internationally recognised standard for the design, development and implementation of an occupational health and safety management system (HSMS). It can be applied to any type or size of organization in any business sector. Its clauses define the baseline requirements for an HSMS in functional terms, i.e. it describes what you need to control without telling you how to run your business. The importance of ISO 45001 derives from its universal recognition as a badge of commitment to health and safety, coupled with a declared intent to continual improvement of health and safety performance. Of all the health and safety programmes available, ISO 45001 is the most suitable for SMEs taking their first step to establish the structures and processes necessary for sustainable growth.

Already certified but need to simplify or modernise?

If you are one of those more mature businesses for whom ISO 45001 has long been a fact of life, we invite you to consider if your current health and safety management system has evolved with your business and taken advantage of the changes in the ISO 45001 standard that allow a more dynamic and flexible approach. QFactorial is adept at modernising and simplifying legacy health and safety management systems to meet the changing needs of organizations as their business context evolves and stakeholders and other interested parties become more demanding. 

Benefits of ISO 45001, health and safety management systems and certification

Most business leaders answer this in terms of customer and market demand. “I need ISO 45001 to prequalify for a tender process” or “In this market we are up against competitors who already have ISO 45001, and this seems to give them an edge.” Even if neither are true, you may have an opportunity to get ahead of the competition by being the first to be awarded an ISO 45001 certificate. But the certificate is only half the story. The real value is in having a health and safety management system that brings control, compliance, governance, assurance and continual improvement to the way you look after your staff and others affected by your activities. With or without certification, ISO 45001 is a great starting point for developing a mature HSMS to support your business strategy and objectives.

Key features and requirements of the ISO 45001 standard

ISO 45001 is fully aligned with ISO 9001. This means that the basic structure and overarching management controls are the same, so you can integrate your ISO 45001 solution with your ISO 9001 solution.  There are of course some specific technical additions focused on health and safety concerns, however the overlaps in management areas are worth exploiting to minimise the administrative burden. Some of the key features of ISO 45001 include: leadership, policy, objectives, planning, worker participation, resources, competence, communication, documentation, operations, emergency preparedness, legal (and other) compliance, nonconformance, hazards and risks, incidents, management of change, performance evaluation, internal audit, management review and improvement.

Certification and accreditation

The first thing you need to know about certification and accreditation is that ISO certificates are not all created equal. The world is not a perfect place and there are good and bad ISO certificates. The bad ones are those that cost a few pounds/dollars and require virtually no work to gain and retain. Obviously, these have no real value and carry the risk of embarrassment or loss of a contract if anyone checks the credentials of the “certification body”. To avoid this minefield, make sure you get a UKAS-accredited certificate. The UKAS accreditation mark is an important indicator of the validity of any ISO 45001 certificate issued in the UK. It demonstrates that the certification body awarding the certificate is approved (accredited) by UKAS to carry out audits and issue certificates. Other international accreditations may be valid by multi-national agreement, but only UKAS has this authority granted directly by the UK Government.

Choosing an ISO 45001 consultant

There are many good reasons for partnering with an experienced and knowledgeable consultant when implementing ISO 45001. The first is that it is very easy to over-egg the ISO pudding if you try to implement the standard clause by clause instead of using a risk-based approach. You must also avoid consultants who clone solutions from templates or impose standard documentation that doesn’t look or feel like the way you want the business to run. A good consultant will translate and interpret the jargon of ISO 45001 into business language in the most cost-effective and pragmatic way for your business. A good consultant will give you the tools to make your HSMS work and show you how to use them. Finally, a good consultant will challenge you during internal audits and be your advocate in external audits. 

Choosing an ISO 45001 auditor (certification body)

An important task for any ISO consultant is to advise you on the selection and appointment of a suitable UKAS-accredited certification body. This should be done with due diligence, just like any other critical purchase. One of the founding fathers of quality management, W Edwards Deming, said we should end the practice of awarding business on price alone. This rule should apply equally when selecting auditors – and indeed consultants! Other factors include sector experience, resource availability, peer recognition, geographical coverage and scope of accreditation.

Working with your ISO 45001 consultant - the QFactorial approach

At QFactorial we have a very simple approach to ISO projects, regardless of the size or type of client, the maturity of your HSMS or the complexity of your systems and processes. We use our unique Q!Diagnostic method to generate a detailed and specific Health and Safety Roadmap. We start by carrying out a gap assessment from which we create an action plan. During this process we gather information to write your health and safety manual and lead you through the ISO certification project in the most pragmatic way. This work will feed into the next phase: the collaborative design, development and implementation of your new or revised health and safety management system (HSMS). Where appropriate we can combine this with your environmental management system (EMS) to create an HSEMS. If you are looking for an experienced ISO45001 consultant in Basingstoke, Hampshire, London, the South of England or UK generally, look no further than QFactorial. 

Stage 1 ISO certification – passing the desktop audit

All certification bodies follow a two-stage model, starting with the Stage 1 documentation audit. This is often known as a desktop audit as it mainly consists of the auditor visiting your premises to read and review the documents that describe and demonstrate your policies, objectives, metrics (KPIs), processes, procedures, instructions, plans, decisions, check points and other HSMS controls. The general approach during the ISO 45001 Stage 1 audit is “explain how you have implemented each element of the standard and where you have documented it in your HSMS”. Questions will be asked at this stage, but detailed investigation and evidence of the HSMS in action is reserved for Stage 2.

Stage 2 ISO certification – passing the physical audit

Having established the theoretical compliance of the HSMS with ISO 45001 during the Stage 1 audit, Stage 2 is more about checking that the HSMS is fully and consistently implemented in practice. Typically, this will involve interviews with members of your team at all levels of the organisation, sampling from a range of processes and functions. The general approach during the ISO 45001 Stage 2 audit is “tell me how this works, take me to where it happens, introduce me to the people, show me the evidence”.

Remote ISO consultancy and remote audit under Covid-19 restrictions

During the coronavirus pandemic the ISO audit process has moved online with both stages taking place via MS Teams, Zoom or other video conferencing tools. These have become widely known as remote audits and are considered just as valid as the site visits previously undertaken. Now that remote auditing has been proven to work, it is expected to remain as part of the audit toolbox, especially for Stage 1 and perhaps Stage 2 where there is only office activity and no production, construction or service delivery to be witnessed.

Next steps

To learn more about gaining ISO 45001 certification or upgrading your health and safety management system, simply click the enquiry button and a QFactorial consultant will contact you to discuss your specific needs.