Part 1: Context of the Organisation
ISO 45001 has been in draft for several years now, but as of July 2017 the second draft has been approved and by November 27th, 2017, the Final Draft will be issued. Provided this is then accepted in the final vote in January, the standard is planned to be published in February 2018.
So, can you start to prepare for it already? In this series of blogs, I will explain in easy terms each of the clauses and give you some tips that will help you to prepare to migrate to, or implement, ISO 45001.
High level view of the standard
“Culture eats strategy for breakfast” Peter Drucker
You could probably spend much time debating this statement, however, in my opinion when it comes to safety this is too true. You may have volumes of procedures, forms, manuals, risk assessments and method statements but if you have a poor safety culture, your safety performance is unlikely to improve.
The ISO 45001 standard is quite different to the OHSAS 18001 standard in that it has a focus on many of the core elements that drive safety culture, such as leadership and participation, rather than on the requirement for a long list of procedures. It’s not that OHSAS 18001, did not incorporate this, but it was easy enough to be certified if you had all the right documents in place, and did not always lead to a better safety performance.
Will ISO 45001 result in better safety performance? Like any system the level of success will depend on the implementation, the ongoing management and how it is audited, but I think the framework it requires is a stronger starting point.
So, in this blog let’s look at one of the first clauses, Clause 4 Context of the organisation!!
Clause 4 Context of the organisation
Consider the expression “put that in context for me” This fundamentally is what this clause is asking. Every company is different, with different activities, processes, cultures etc and clause 4 is asking you to consider:
- Who you are, what do you want to achieve as a company and from your management system
- What are all the issues either in your company, or external to your company that could impact on you and how your management system works.
- Who are all the interested parties and what are their requirements. Which requirements are mandatory (so think about more than just legal requirements here). For example, do you have a customer who requires auditing or reporting at a certain schedule or adherence to their site safety rules; are you a member of a professional body with requirements for membership etc.
It is only when you consider and acknowledge all this that you can understand what needs to be considered and included in your OHS Management system and ensures you have a management system that is appropriate for your company.
Consider a quantity surveying company in Dublin compared to drug manufacturer in Northern Ireland. They have different risks, different interested parties, and different issues that can impact on them including legislation, policy, social factors all of which will impact on the OHS management system.
So, what can you do to prepare?
- Discuss the strategic direction of the company with management to understand the company’s direction, activities and plans. Are there plans to expand, new products or services. These need to be considered in your safety management system.
- Different tools can be used to identify internal and external factors that could impact you including SWOT (Strengths, Weaknesses, Opportunities & Threats) and or PESTLE (Political, Economic, Social, Technological, Legal or Environmental considerations). With these tools consider your company in a broad sense under each of these headings. For example:
- Strengths – what makes your company stand out, why do you succeed over your competitors. Maybe you have an excellent training and development programme that results in low staff turnover and highly competent staff, or an exclusivity agreement for certain products.
- Technological – Is there potentially new technology that will or could be introduced in your industry or company. Maybe a current manual task is going to be replaced. Maybe a new IT system is planned that will impact on communication in the company.
- Identify your interested parties including employees, suppliers, customers, public etc and their requirements. Which ones are mandatory for your company?
- Identify risks and opportunities based on the information you have gathered. For example, with the strength above, training and development, there is an opportunity to use this training system and structure to enhance your OHS training programme. New technology may impact on the hazards and risks of employees and need to be considered in risk assessments.
- Determine and document the scope of your management system considering all the factors above. What needs to be built into your management system.
- Identify what processes are needed to ensure you have an effective OHS management system.
Getting this clause right is important in ensuring that you have a Safety Management system that is designed to work and be effective specifically for your company.