0 2605
7 Quality Management Principles

This document, originally posted on introduces the 7 quality management principles that ISO 9000, ISO 9001 and other related quality management standards are based on. We have summarized the key points for you to digest. View the full document on

The 7 Quality Management Principles

“Quality Management Principles are a set of fundamental beliefs, norms, rules, and values that are accepted as true and can be used as a basis for quality management”.  ISO Standards use these rules or principles as a foundation to lead an organization to improvement of their processes. These principles were “developed and updated by international experts of ISO/TC 176, which is responsible for developing and maintaining ISO quality management standards”.

1. Customer Focus

“The primary focus of quality management is to meet customer requirements and to strive to exceed customer expectation”

This principle considers the organizations end goal of meeting, and exceed customer expectation with regards to confidence in their product or service. Sustained success is achieved by understanding the consumer and their needs; current and future; adding value at every interaction, and doing business with their needs in mind – this principle considers the companies focus is on their customer.

2. Leadership

“Leaders are all levels establish unity of purpose and direction and create conditions in which people are engaged in achieving the organization’s quality objectives”.

Leadership creates alignment. Alignment in strategies, company policies, vision and direction, processes, allocation of resources, etc. Standard within leadership are created with the purpose of achieving and succeeding company objectives.

3. Engagement of People

“Competent, empowered, and engaged people at all levels throughout the organization are essential to enhance its capability to create and deliver value”.

Simply put, organizations with engaged and empowered employees thrive.  It is essential for organizations or work effectively and efficiently, to lead and delegate by trusting their employees with the task ahead. Give recognition, empower your people and promote positivity. Facilitate the engagement of people in achieving the organization’s quality objectives.

4. Process Approach

“Consistent and predictable results are achieved more effectively and efficiently when activities are understood and managed as interrelated processes that function as a coherent system”.

By understanding how a process achieves results, an organization can optimize their systems and improve performance. One key benefit to this is achieving “consistent and predictable outcomes through a system of aligned processes”.

5. Improvement

“Successful organizations have an ongoing focus on improvement”

As the saying goes “change is the only constant”. For organizations to remain competitive and current, constant improvement is needed. Reacting to changes internally and externally; be it shift in leadership, consumer habits, or economic shifts; can create new and positive opportunities.

6. Evidence-Based Decision Making

“Decisions based on the analysis and evaluation of data and information are more likely to produce desired results”.

Correlation between variables, does not necessarily mean that a change in one variable is the cause of the change of the other variable. Ensure you are using sound and accurate measurements when you are making decisions to avoid subjective decisions that are not based on real data. “Facts, evidence, and data analysis lead to greater objectivity and confidence in decision making”.

7. Relationship Management

“For sustained success, and organization manages its relationships with interested parties, such as suppliers”.

Much like how engaging employees contributes to success, maintaining good relations with suppliers can influence the performance of an organization.  Suppliers and interested parties have an impact on your business and its success, whether you admit it or not. Maintaining relationships with such parties can contribute to sustained success by optimizing their impact on performance.

Next Steps

We’ve provided you with a general overview on the 7 quality management principles that are the baseline for ISO quality management standards, and how they can form a basis for performance improvement and organizational excellence.

Every organization is different, and how you apply these principles will be different, as the nature of your organization and the specific challenges you face differs. However, understanding the underlying principles is important to effectively implement standards.

Further Information

Download the PDF to dive further into each of the 7 principles. It will walk you through the Key Benefits of each of the 7 principles, and give you tangible ways to implement them in your organization. Download the PDF here.

Learn about the difference between Quality Management and Quality Improvement.

0 1719

An organization faces many health and safety related issues despite planning and establishing various systems in place to ensure that all health and safety related requirements are addressed. Issues like more than expected health complaints, incidents resulting in serious injuries, absenteeism impacting work and deliveries to customers and many other such problems are a cause of concern to the organization at some point of time. These issues result in low worker satisfaction or motivation and may impact deliveries to customers resulting in lower customer satisfaction. It is important for an organization to keep a track of all such cases. To do this an organization needs to monitor, measure, analyze and evaluate processes to ensure that these are effective, adequate and suitable. ISO 45001 talks about this in the clause on Performance Evaluation.

Measurement and Monitoring Requirements

Measurement and monitoring requirements should be decided on the basis of risk and criticality of the process. The measurements should be in line with OH&S objectives established for the organization. The measurement and monitoring requirements should consider requirements of the standard, legal requirements and other requirements. Some examples can be:

  • observation of health of employees, work environment monitoring;
  • progress on policy declarations, objective achievement, and continual improvement;
  • competence levels of the workers
  • gaps in compliance with legal requirements, if any
  • Standards and Codes;
  • Insurance Requirements

Once you have identified your measurement and monitoring requirements, you need to establish systems to collect and consolidate these measures. To do this, you need to define criteria to compare these measurements. These criteria could be against industry benchmarks or organization’s own codes and objectives. Establish measurement devices or tools that would be required to take these measurements. Along with methods to collect and consolidation, establish methods to check that the results of measurements are valid.

Analysis and Evaluation

Analysis is the process of investigating data to determine relationships and trends. You may use various statistical tools like Pareto analysis, fish-bone analysis, 5-why analysis, etc. to draw a conclusion from data.

Evaluation is done to ensure adequacy, suitability and effectiveness of health and safety requirements. This activity is most often related to monitoring activities. Occupational health complaints, work environment monitoring and health surveillance of workers are some of the elements that need to be monitored in an organization.

The results of analysis and evaluation shall be used to take actions to eliminate root causes which are the reason for negative feedback or measurement going beyond the targets established.

Present the trend analysis in Management review meetings and Identify the need for improvements within the OH&S management system through evaluation of these processes.

Analysis and Evaluation of data may specify a number of areas of concerns or risks. Adequate actions should be taken pro-actively to ensure these risks or problems are adequately addressed before they reach severe levels and are difficult to con


0 2689
ISO 45001 will focus on fundamental concepts like “risk”, “worker”, and “workplace”.

Organizations are faced with numerous incidents and non-conformities at different point of time. Incidents could be as simple as a worker’s ill-health or serious such as high exposure to hazardous material or a vehicle accident. Similarly, Non-conformities may arise when a procedure is not met, a protective equipment starts mal-functioning or damage to property which may cause health or safety related risk to workers or other interested parties. ISO 45001 requires that all such events shall be identified and adequate actions shall be planned to address these incidents and non-conformities.

ISO 45001 requires organizations to plan, establish, and maintain a process to handle Incidents and Non-Conformities, whenever they are encountered. The process must include the following steps:

  • Report all incidents and non-conformities, whenever these are encountered.
  • Take immediate action to correct the Incident or Non-conformity in order to control the incident / non-conformity and deal with any consequences.
  • Identify all possible root cause that caused the problem. There are various tools that may be used to identify the root cause such as 5-Why analysis, Fish-bone Analysis, etc. Workers and other interested parties need to be involved when identifying root causes for an incident or non-conformity.
  • Undertake corrective action to eliminate the root cause. The intent of this exercise is to ensure that the incident or non-conformity will not occur again due to the root cause and will eventually improve the process.
  • Monitor the effectiveness of corrective actions to ensure that the non-conformity or incident has been completely eliminated.
  • The corrective action records and a summary of corrective action results need to be presented in management reviews.

Addressing all non-conformities and incidents in a holistic manner using root cause analysis helps an organization to further improve its processes and reduces any organizational health and safety related risks related to incident or non-conformity. This reduces the number of incidents and non-conformities over a period of time and organization can yield the benefits of reduced cost due to these incidents or non-conformities. Therefore, it is important for any organization to address all incidents and non-conformities and take appropriate corrective actions.

0 1370

A Guest Post from Glacier Consulting.

We knew it was coming! And on March 12, 2018, ISO 45001 was published. On March 13, ISO hosted a livestream video to answer all of your questions about this new standard.

Although we’ve been learning more about ISO 45001, and even wrote a blog a few months ago about the differences between ISO 45001 and OHSAS 18001, we wanted to summarize the main points made by the experts that created the standard.

The conversation was hosted by Maria Lazarte from the ISO General Secretariat with guests Richard Jones, Charles Corrie, David Smith and Jan Toft Rasmussen.

Richard Jones was actively involved in the development of OHSAS 18001 and its guidance and the development of ISO 45001. Charles Corrie is Secretary of the committee (ISO/PC 283) that developed ISO 45001. David Smith is the committee chair of ISO PC 283 responsible for the development of ISO 45001 and a variety of BSI management standard committees. Jan Toft Rasmussen is an experienced consultant on health and safety with a history of working in trade union federations and confederations.

We have summarized the main points addressed into the What, When, Why, How and Who’s below


What Is ISO 45001?

ISO 45001 is an International Standard that specifies requirements for an occupational health and safety (OH&S) management system, with guidance for its use, to enable an organization to proactively improve its OH&S performance in preventing injury and ill-health.

ISO 45001 is intended to be applicable to any organization regardless of its size, type and nature. All of its requirements are intended to be integrated into an organization’s own management processes. ISO 45001 enables an organization, through its OH&S management system, to integrate other aspects of health and safety, such as worker wellness/wellbeing; however, it should be noted that an organization can be required by applicable legal requirements to also address such issues

What Happens to OHSAS 18001?

OHSAS 18001 has been withdrawn effective March 12, 2018. Companies who are currently using OHSAS 18001 will need to migrate to ISO 45001 within three years.

What is Different Between ISO 45001 and OHSAS 18001?

They are very similar in that they both use a Plan, Do, Check, Act model. ISO 45001 encompasses most of the areas of OHSAS 18001 for occupational health and safety.

ISO 45001 Speaks To Leadership

The differences are that 45001 follows the structure of other international standards. There is a much larger focus on the responsibility of leadership in ISO 45001. It also speaks to the need for worker participation. The standard aims to have worker health and safety be a central tenant in the way a company operates, integrated into overall business processes. Health and safety isn’t a stand alone process or the responsibility of one person or department.

From the delegates on the committee representing workers, they sought to participate in making their workplace safer but they really wanted language in the standard to make sure their top management was clear that they hold ultimate responsibility for setting this into place in their organization

ISO 45001 is More Comprehensive

ISO 45001 is designed to take into account many more factors than 18001. For instance, ISO 45001 recognizes other formats for data collection and storage – such as digital formats to reduce paperwork. Beyond just health and safety, ISO 45001 gives management a tool to strengthen their entire business if they follow it.

ISO 45001 is More Proactive

ISO 45001 focuses on continually assessing opportunity to reduce risks.

ISO uses terms across all of their standards that users will be familiar with – for example, the term “legal requirements” is used instead of “compliance obligations” because they wanted to make it clear that some countries have a legal requirement to do certain things.

The standard pursues the idea that every employee has a role to play in thinking about health and safety. For example, the purchasing manager should think about risks before they place every order for equipment that workers will use.

What about small businesses?
Small businesses (SMEs) can absolutely adopt 45001 even if they don’t currently have 18001.
ISO 45001 makes it clear that all top management have a role to play in health and safety.


ISO 45001 was published on March 12, 2018. On that day, OHSAS 18001 was withdrawn. Companies who are currently using OHSAS 18001 will need to migrate to ISO 45001 within three years. Transition period started 3-12-18 and by 3-12-21 all OHSAS 18001 certifications must be migrated to ISO 45001.


Why Was The ISO 45001 Standard Created?

Too Many Work-Related Injuries, Illnesses and Deaths

Over 7,600 people die each day from work-related accidents or diseases. The video mentioned the fact that every 12 seconds a worker dies in the world on the job. The burden of occupational injuries and diseases is significant, both for employers and the wider economy, resulting in losses from early retirements, staff absence and rising insurance premiums.

International Standard Makes it Accessible

Clearly this a problem across the world that having an international standard was almost overdue. Although there are health and safety standards locally and even nationally, there needed to be an official standard that transcends borders to create a safe and healthy working environment everywhere. Hopefully, with the new international standard in place, it will create a more popular and accessible standard worldwide and the number of injured workers will decrease over time.


How Does ISO 45001 Help Workers?

The ISO 45001 standard provides a systematic, comprehensive approach to health and safety on the job. It answers many specific questions on how to prevent injury and illness, rather than just dealing with them as they arise.

Health and Safety is Everyone’s Job

All levels of the organization are addressed in this standard. It’s not just applicable to one employee or department, rather, it offers guidelines for the entire organization, especially decision makers and leadership.

Using PPE As Last Resort

Rather than offering PPE (personal protective equipment) and hanging safety signs, this standard aims to be “in front” of issues before they happen.

An example was shared in the video regarding excess noise. While many recommendations may be to simply offer PPE to workers near the noise, this standard illustrates how to work to pinpoint the noise, measure it, and how to mitigate it instead of simply handing out ear protection.

PPE is not the foundation of the safety standard. The standard helps organizations create an environment that doesn’t require PE in the first place. In other words, PPE is a last resort.

How can we convince top management to adopt ISO 45001?

There are many benefits to following or certifying to ISO 45001. These include overall improved performance, better cooperation amongst employees and managers, better respect amongst ranks of workers and management, insurance costs reduced, and less worker turnover.

In some countries, this standard helps ensure legal requirements are met. It may reduce the pressure organization’s face from labor or government inspectors. And finally, it fulfills customer request or demand that their vendor partners have a system in place to protect employees.

How is ISO 45001 Connected to other ISO Standards?

In developing ISO 45001, the committee made sure it’s compatible with Annex SL – which is the framework used by ISO 9001, 14001 and 27001. Common terminology is used between all standards so it is easier to align 45001 with 9001. For companies that use both of these standards, it will be a stronger, better, higher quality and safer company.


Who Developed ISO 45001?

ISO 45001 was developed by ISO/PC 283, a technical committee made up of experts from around the world. The ISO 45001 committee ensured they had feedback from all parties that would be affected by ISO 45001. They sought to achieve balance between government, employers and workers, so they requested and received recommendations on who should be involved in the process of developing the standard from those three major group.

Delegates from these three areas nominated to represent their interests in the development of the standard. The delegates represented 85 countries.

The committee also had external liaison representation from: International Labor Organization, International Trades Union Congress, International Organization of Employers and others.

Who Needs ISO 45001?

ISO 45001 is designed for any company, in any industry, of any size, in any location around the world. Any company that cares for their employees can use this standard, even if they are not seeking to be certified to it.

Whether Seeking Certification or Not

Companies are able to use this standard to confirm their organizations are safe by benchmarking themselves against it. It was designed to be used as a tool regardless if the company is seeking the certification or not.

Existing OHSAS 18001 Certification Holders

OHSAS 18001 has been withdrawn effective March 12, 2018. Companies who are currently using OHSAS 18001 will need to migrate to ISO 45001 within three years. Three years is the standard period of time that ISO uses to give standard holders to upgrade to newly published standards. All new certifications will be to the ISO 45001 standard.

Who Does ISO 45001 Impact?

Employees and Subcontractors/Vendors

Organizations must also consider what their suppliers and subcontractors are doing. They don’t need detailed knowledge, but the organization should put the interaction into place for personnel for suppliers within the organization’s system.

Glacier Consulting offers full consulting, auditing, and training services along with ongoing maintenance packages for all of your quality, environmental, health and safety, energy and sustainability needs.

This article was originally posted on Glacier Consulting’s website and is published here with permission.

0 738
What are the differences between ISO 14001:2015 and ISO 14001:2004 -

The latest version of ISO 14001 was released in September 2015, and the three year period given for transitioning from the 2004 version to this one is approaching its deadline. Many organizations have already started their transition process and some have successfully completed it. However, because there is less than 6 months for the deadline for transitioning to this standard, we would like to mention the main points regarding this transition process.

  • After mid-September 2018, ISO 14001:2004 certifications will not be valid, which means that by this time all organizations holding an ISO 14001:2004 certificate should have completed their transition.
  • Only those organizations currently holding an ISO 14001:2004 certification can take a transition audit to seek certification to the new version. The transition audit can take place at any time; however, it is recommended that it follows the organization’s audit schedule so that it can take place at the time a surveillance or recertification audit is planned.
  • If the transition audit is conducted at the time a surveillance or recertification audit is scheduled, organizations must ensure compliance with both the existing and the new standard. Organizations need to understand that while the transition process is not completed, they should maintain compliance with the last version of the standard.

All requirements of the standard must be met, however, there are some aspects that need to be carefully checked to ensure that they have been correctly understood and implemented. These are:

  • Context: Organizations need to determine their context as this is the basis of the environmental management system (EMS).
  • Interested parties: Organizations must have a list of all relevant stakeholders along with their needs and requirements. These needs and requirements are now considered as part of the organization´s compliance obligations.
  • Scope: The scope of the EMS must be revised. Organizations need to make sure that no activities, products or services that could have significant environmental impact are excluded from the boundaries of the EMS.
  • Strategy: The EMS needs to be incorporated into the organization´s business strategy. This alignment with the strategy should be reflected in the EMS´s policy and, most importantly, its objectives.
  • Risks and opportunities: There needs to be evidence of the assessment of risks and opportunities concerning the EMS. The purpose of this assessment is the development of an action plan to address them (mitigate risks and exploit opportunities).
  • Life cycle perspective: When identifying and evaluating impacts of the environmental aspects, the organization must do it considering a life cycle perspective. It is not required to do a life cycle assessment but it will be necessary to consider impacts in activities such as procurement, designed, transportation and disposal.
  • Communication: There are more detailed requirements for internal and external communications. Among other things, a strategy for internal and external communication must be developed which must include mechanisms to consider suggestions from anyone working for the organization regarding improvements of the EMS.
  • Documented information: there are less requirements regarding documents (procedures and records), thus, organizations need to carefully examine their existing documents and make sure that these ensure effective process control and the effectiveness of the EMS.
  • Performance: it is important to demonstrate that the EMS is improving environmental performance and that this is being measured and monitored using quantitative data.

0 1651

Context of the organization is a new requirement in ISO 9001:2015 standard. Context of the organization is the business environment determined by external factors like legal, financial, social, regulatory and cultural, etc. and organization’s internal environment determined by internal factors like internal structures, governance, resource capabilities. Context of the organization also depends on the requirements of the Interested Parties.

Both internal and external context can influence strategic plans of an organization. Business environments is change quickly. Organizations who captures these changing business needs quickly are more able to survive in a highly competitive environment. In today’s business environment, a single customer compliant on a social media platform can spoil a company’s reputation.   Customer pressures can force organizations to change various policies on product returns, customer support and much more. Similarly, internal context like organizational structures or skills of employees can result in procedural changes within organizations. When developing a Quality Management system, it is important organizations understand these contexts when determining the scope of the Quality Management System.

Capturing Internal and External Issues

Internal Issues relate to the internal environment in which the organization operates. This will determine your company’s approach towards governance and its relationship with various stakeholders. Internal issues need to be understood in terms of:

  • Products or service offered
  • Organizational structures, roles and responsibilities and governance
  • Regulatory requirements
  • Objectives, policies and strategies
  • Resource capabilities and knowledge
  • Standards or models adopted by the organization

External Issues include social, technological, ethical, legal, political, and economic environment in which the organization operates. External context need to be understood in terms of:

  • The social and cultural issues
  • Legal and regulatory requirements
  • Technological or economic scenario
  • Natural and competitive environment, be it international, national, regional or local
  • Key market drivers and trends
  • Relationships with external stakeholders

While determining the Context of an organization, various methods like SWOT (strengths, weaknesses, opportunities and threats), PEST (political, economic, social and technological) analysis may be used. Brainstorming needs to be done with Management to determine context of the organization. Issues may be captured using an issue log and actions may be planned against each issue to adequately address them. These should determine the strategic direction of the organization and scope of the Quality Management System.

Capturing Requirements of Interested Parties

Relevant Interested Parties in a business scenario are all stakeholders, internal or external, who impact or could potentially impact an organization’s capability to supply products and services, which meat customer and legal requirements, consistently. Once all stakeholders have been identified, you need to understand their requirements and address them adequately. A customer requirement could be to produce quality deliveries on time or provide value for money. Management may be looking for good financial performance and Government Agencies may have statutory and regulatory requirements which organization need to address. An organization needs to identify all such requirements and plan strategies to address them.

Monitor and review the context

Once the context, issues and Interested Parties are determined, mechanisms should be built in the organization to monitor and review these requirements on regular intervals. This can be done through Management reviews. Context and requirement of interested parties may change with time, which is why it is important to keep these up-to-date with the market trends and changing internal environment of the organization.

Define the scope of QMS based on the context

Scope of the Quality Management System should be defined based on

  • The external and internal issues determined
  • The requirements of relevant interested parties
  • Products and services of the organization

The scope of Quality Management System  should clearly indicate nature of product / service being offered, context in which the organization operates and shall address requirements of all interested parties.

0 1822

What makes your company stand out from the crowd? What is your key to success, that wins over clients and keeps you ahead of the competition? Chances are, it’s your Organization Knowledge. So how can the ISO9001:2015 standard help protect your Organizational Knowledge?

How Can You Protect Your Organizational Knowledge?

Knowledge is one of the most important asset an organization has. Knowledge is irreplaceable, and how this knowledge is generated, shared and used by its people strongly determines the productivity and success of an organization.

Until recently, organizations had little or no processes for managing their knowledge; increasing potential lose and doing little to encourage efforts to generate and share new knowledge.

Due to the importance of managing knowledge within organizations, ISO 9001:2015 introduced a series of requirements regarding this matter.

On its clause 7.1.6, the standard states that:

  • The organization shall determine the knowledge necessary for the operation of its processes and to achieve conformity of products and services.
  • This knowledge shall be maintained and be made available to the extent necessary.
  • When addressing changing needs and trends, the organization shall consider its current knowledge and determine how to acquire or access any necessary additional knowledge and required updates.

According to ISO 9001:2015 Organizational Knowledge is the necessary information that is used and shared to achieve organizational goals and to make the organization more effective.

Because this is a new subject introduced in ISO 9001:2015, it is important to understand the different types of knowledge there are, these can be.

Types of Knowledge


Explicity is the knowledge that is referred to as the Know-what. This knowledge is usually documented or it can be easily documented and shared. It can be found in documents, memos, databases, etc.


Tacit is referred as the Know-how and it is knowledge that is personal in nature. It is based on experienced and it depends on context. This type of knowledge is harder to document and articulate because it is found in the minds of the different stakeholders. There are ways to retrieve and share this knowledge (at least some of it), however, the size of the organization and complexity of the structures within the organization will determine the difficulty of this task.


Embedded is the knowledge that is found in processes, culture, routine, etc. Embedded is usually the most difficult knowledge to understand and change.

What are the Benefits of Implementing Organizational Knowledge Management Processes?

It is important for organizations to implement processes to manage this knowledge and use it to benefit and achieve organizational success. Implementing Knowledge Management processes can assist organization in:

  • Benefiting from lessons learned. Accidents and near misses can hold numerous lessons learned. This knowledge should be retrieved, documented (if possible), but especially, it should be shared to avoid future accidents, nonconformities, etc.
  • Identifying the experts on any particular area/subject. These experts can be anywhere in the organization, for example, over the years, a machinist can acquire knowledge of equipment that will not be found on manuals
  • Implementing programs to conduct on the job training sessions and tutorials
  • Retrieving and documenting knowledge for the efficiency and effectiveness of processes
  • Developing competency matrixes to improve selection processes, training and competency programs
  • Planning succession activities in a way that personal and tacit knowledge can be retained

0 2013

OHSAS 18001 required the organization to have a Procedure to monitor and measure Occupational Health & Safety (OH&S) performance on a regular basis (Section 4.5.1) and retain records of this activity. ISO 45001 on requires the organization to establish, implement and maintain a Process for monitoring, measurement, analysis and performance evaluations and retain records of this process and related activities (Section 9.1.1).

Within ISO 45001 the organization is required to determine:

• What needs to be monitored and measured
• The methods for monitoring, measurement, analysis and performance evaluation
• The criteria against which the organization will evaluate its OH&S performance,
• When the monitoring and evaluation will take place
• When the results from monitoring and measurement shall be analyzed, evaluated and communicated.

The organization will then be required to:

• Evaluate the performance of OH&S management system and determine its effectiveness
• Ensure the monitoring and measurement equipment is calibrated and records of calibration are retained

Examples of what could be monitored are occupational health complaints, work environment, work related incidents, injuries, effectiveness of operational controls and emergency exercises and competence.

Process vs Procedure

OHSAS 18001 required the organization to have a Procedure for periodically evaluating compliance with legal requirements and other requirements (Section 4.5.2). The organization is also required to retain records of the activities falling under this Procedures.

ISO 45001 requires the organization to establish, implement and maintain a Process for evaluating compliance with legal requirements and other requirements (Section 9.1.2) and retain records of compliance evaluation results.

Within ISO 45001 the organization is required to determine the frequency and methods for the evaluation of compliance. If there are nonconformities the organization is required to take corrective actions and remove their causes and prevent them from occurring again. The organization is also required to maintain knowledge and understanding of its compliance status with respect to legal and other requirements.

Examples of monitoring of fulfillment of legal requirements can be determination that all legal requirements have been identified and whether its documented information is kept up to date. Collective agreements when they are legally binding and status of gaps in compliance that have been identified.


Examples of other requirement fulfillments can be collective agreements when they are not legally binding, codes and standards, corporate and other rules and regulations and policies as well as insurance requirements.

Criteria is what the organization can compare its performance with. Examples can be performance of other organizations, codes and standards, the organization’s own codes and objectives and OH&S statistics.

Indicators of measurement of criteria can be comparison of incidents and their determined rate such as frequency, type, severity or number.

Or if the Criteria is defined as a comparison of successful completion of corrective actions then the indicator of that could be percentage of corrective actions completed on time.

Monitoring can be of observation of work being performed, review of documented information such as records, the use of interviews and can include determining the status so that change from performance level can be detected.

Measurement is the assigning numbers to events or objects. It is associated with performance evaluation and can be derived from use of calibrated equipment or level of exposure or calculation of safe distance from a hazard.

Analysis is comprised of examination of data to find relationships, trends and patterns. It is associated with measurement activities.

Performance Evaluation is determining the suitability, adequacy and effectiveness of performance to meet the requirements and objectives of OH&S management system.

If your organization is looking to obtain ISO 45001 certification visit the Registrar Directory on ISO Update to find the right Registrar for you.

Learn more about ISO 45001

0 840
Engaging the Entire Workforce in ISO 45001 -

Engaging the entire workforce is critical to the success of any ISO standard, this is especially true for ISO 45001. In developing an occupational health and safety management system, an organization must consider the needs and expectations of all interested parties. Workers, across all levels of an organization represent interested parties. Interested Parties, who have a real and significant stake the Health and Safety performance of the organization.


In March 2018, The International Labour Organization (ILO) estimated 2.78 million people are killed annually because of work related accidents and diseases. There are also an additional 374 non-fatal work-related injuries and illnesses annually*


To develop an effective Occupational Health & Safety (OH&S) management system, an organization need to involve their workers or employee representatives in the development, planning, implementation, performance evaluation and improvement actions of the management system. Processes should be established, implemented and maintained for consultation and participation of workers at all levels and functions.


To ensure workers participate in the process, organizations must provide the mechanisms, time, training and resources required for their involvement and consultation.  Additionally, it is important organizations find and remove impediments or barriers to the participation of its workers and minimize other barriers which cannot be removed. Examples of barriers can be failure to respond to employees’ inputs or suggestions, reprisals/retaliation or their threat, practices which discourage or penalize participation of employees.  Organization also need to provide timely access to information to all workers about the OH&S management system which is clear, understandable and relevant.


Placing an emphasize the participation of workers to identify hazards, determine the risks and opportunities and create the actions is needed to eliminate and reduce OH&S risks and engage workers in the process. Engaging workers in the development of an OH&S management system has many positive effects such as;


  • Preventing, or reduce undesired effects and ensuring workers are prepare for and can respond to emergency situations.
  • Determining the competence requirements of employees, therefore understanding their training needs
  • Worker perspective in investigating incidents and nonconformities and determining corrective actions to remove their root cause and deal with the consequences.


Find out more about the release of ISO 45001 in this ISO Update article:  What is ISO 45001:2018?


0 1115

The standard ISO 45001:2018 Occupational health and safety management systems – Requirements with guidance for use was published on Monday March 12th. This standard has been carefully developed for more than 4 years and it has been designed to provide organizations all around the world with a set of processes that will allow them to effectively improve work safety and reduce work related deaths, injuries and illnesses.

The requirements specified in this standard will help organizations develop and provide a safe and healthy workplace for everyone within the organization and across its supply chain. Because the standard has been developed with the participation of many stakeholders in over 70 countries it can be easily applied anywhere in the world and in all types of organizations such as captive and partner factories and production facilities.

ISO 45001 is a simple and clear document that avoids redundancies. Terms and definitions have been revised to make the standard easy to use. It also has brought some significant changes to Occupational health and Safety (OHS) management when compared with its predecessor OHSAS 18001. Some of the most relevant updates are:

  • ISO 45001 has the high level (HL) structure of the new ISO standards such as ISO 9001 and ISO 14001, which will facilitate integration with other ISO management systems.
  • The ISO 45001 standard goes beyond work health and safety and it also considers the well-being of workers.
  • Organizational context has great importance when it comes to planning and implementing the OHS management system.
  • There is a greater focus on the needs and expectations of workers and the participation of workers at all levels has an increased importance.
  • The concepts of risks and opportunities have been incorporated. Organizations will have to identify, assess and take action to address any factors that could influence its ability to achieve the proposed goals.
  • The system´s foundation lies on leadership, management commitment and the involvement of all workers.
  • There is a greater emphasis on improvement and on the development of indicators. These should provide evidence of improvement and demonstrate the accomplishment of goals.
  • Operational control goes deeper into the requirements for controls, change management, procurement, outsourced processes, and contractors.

ISO 45001 will replace OHSAS 18001:2007, and even though certification of conformity is not a requirement of the new standard, organizations can now begin the process of implementing an OHS management systems that will assist them in the improvement of their OHS performance.

Those organizations holding an OHSAS 18001 certification will have a 3 year transition period to implement and comply with ISO 45001:2018.


Overall, there are many things organizations will need to consider with the release of this new standard but the most important point to keep in mind is that for ISO 45001, achieving a better, safer and healthier workplace will come with the involvement of everyone within an organization. Thus, any organization wishing to succeed in the implementation of this standard will have to give special attention in leadership and management commitment, and an adequate consultation, communication and participation of all workers on all levels.