ISO has released ISO 45001 standard in March, 2018. Organizations who were implementing OHSAS 18001:2007 or are OHSAS 18001 certified are given a period of 3 years for migration after the date of publication. The certification process is discussed in detail.
The Certification Program of ISO 45001
Gap Analysis: The certification process of ISO 45001 for organizations is some what the same as of other management system standards. An organization has to perform a gap analysis against the standard requirements. With the help of gap analysis an organization can identify areas to work on. Organizations already compliant with OHSAS 18001 can adopt ISO 45001 with more ease compared with organization going for the occupational health and safety management system from scratch.
Learn mandatory document requirements when you are migrating from OHSAS 18001 to ISO 45001 or working on ISO 45001 from scratch.
Documentation: Once the organization has documented their context of organization, hazard identification and risk assessment, operational controls, action plans against the gap analysis. They can conduct internal audits and based on internal audits and other performance measuring areas, top management can conduct management reviews.
Stage 1 Audit: Once management reviews are conducted and the outputs are finalized, the organization can request a certification body to conduct a Stage 1 audit which is a readiness check audit and the main purpose of Stage 1 audit is readiness check for the actual certification i.e. stage 2 audit. Stage 1 Audit is more focused to verify the documentation of the organization so that they can implement their systems accordingly.
Stage 2 Audit: Normally organizations are provided with 3 months for implementation of documentation developed before Stage 1 audit. After 3 months, certification body conducts Stage 2 audit and verifies the implementation of the developed procedures and other operational controls in Stage 2 audit.
Certification: Certification process can proceed in two different dimensions depending upon the preparation of the organization and the samples withdrawn in the audit. The two possible outcomes of an audit are discussed below:
Audit goes successful and organization is conforming: If the audit goes successful, organization is recommended for certification by the certification body and the audit report is forwarded for review and approval to the accreditation body. After their approval from accreditation body, certification body issues a certificate which confirms that organization has been audited against the requirements ISO 45001 and are found to be compliant with the standard requirements.
In-case of non-conformity: If there is a non-conformity highlighted in Stage 2 Audit, organization is provided with a defined period for example 15 days to close the non-conformity. Normally non-conformity is closed by a written response from the organization which includes root cause analysis on the non-conformity, correction of the non-conformity and corrective action. In some special cases a follow-up audit is planned to verify the effectiveness of corrective actions. Once the certification body auditors are satisfied with the response non-conformity closure along with the audit report is sent to the accreditation body for approval of certification of ISO 45001 certificate. Once approved certification body will issue the certification to organization.
ISO 45001 is offering value for your organization. Work for the real value!
As the certification process is a voluntary process and is not a regulatory requirement on its own, therefore it is the organization’s will to go for this process. It is purely on voluntary basis but once it is opted organizations should work on the implementation of the system in its true sense so it will be beneficial for the business and the workforce. Fix-works and “working for certification only” is not the objective of certification or the standard. Therefore organizations should work to gain the real value from the standard rather than just a piece of paper which is obtained through fix works and is not really embedded within organization’s systems and culture.