Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice


When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu

Guest blog written by Richard Clarke, of Cedrec. Richard Clarke, senior consultant at Cedrec Information Systems, uses his experience with ISO 14001 to shed some insight on the extended ISO 45001 migration deadline.

An EMS Manager’s Guide to ISO 45001

With the publication of the 2018 international standard for health and safety, accredited companies had up to three years to migrate from the existing OHSAS 18001 standard to ISO 45001. This was due to expire in March 2021, but has now been extended to September 2021, in light of the ongoing COVID-19 situation.

For those system managers who have already transitioned ISO 9001 and 14001, much of this process will be familiar, with the standard moving to the Annex SL higher level common structure.


A new structure for safety standards

By basing common elements on the Annex SL structure, greater ease of integration will be possible. With requirements such as understanding the context and scope of the organisation and needs and expectations of interested parties, it is likely that methods such as a PESTLE analysis will have already laid the groundwork for the necessary safety scoping. At the same time, senior management should already be familiar with the extended requirements of Annex SL in relation to demonstration of top-level commitment, with only minor changes needed to widen the scope to safety management.

Risks versus hazards

Where 14001 managers will now be familiar with the idea of risk and opportunity in the environmental standard, the situation is less clear in 45001. With risk defined in Annex SL as the effect of uncertainty, the ISO committee have had to juggle linguistically when dealing with safety risks (as understood through the risk assessment process). Within the standard, therefore, safety risks as identified through risk assessments are referred to as “hazards” to distinguish from risks to the fulfilment of the safety management system objectives. However, it is also logical that failure to manage a known safety hazard would in itself become a system risk in terms of the policy level commitments to eliminate hazards. Confusion with these terminologies is likely, so care will need to be taken with writing of procedures, and in communicating and training employees, particularly where they will be asked to participate in risk and hazard assessment activities.

Where the standard differs from OHSAS 18001, other than the requirements arising from Annex SL, the changes may well look familiar to safety managers.  These changes include many elements which are already present in UK law as core legal safety requirements, and therefore already being addressed to ensure legal compliance.

Worker participation

The biggest change in the standard in relation to worker participation is, predictably, one which caused significant debate and redrafting during its development.

For many organisations, worker participation is an intrinsic part of their safety management culture, yet such collaborative arrangements are likely to have developed organically with the development of the safety management system, rather than be led by specific requirements within the standard.

The new requirements set out a range of areas in which worker consultation and participation should be emphasised, including:

  • consultations on the establishment of policy and safety objectives;
  • determination of controls for outsourcing and contractors and planning and implementation of audit programmes;
  • participation in hazard assessment;
  • assessments of risks and opportunities;
  • identification of competency requirements;
  • designing control measures; and
  • investigations of incidents and nonconformities.

The prescriptive nature of these requirements are likely to mean that even the most inclusive management systems will need to adapt worker consultation and participation processes.

Engagement from senior management is vital

Whilst many safety professionals would agree that consultation and participation are key factors in the success of any safety management system, and a key part of the corporate safety culture, elements of these requirements will demand a more representative approach to safety assessment, planning and implementation than under 18001.  It is probable that without significant senior management engagement with these requirements, delivery to an auditable standard may prove difficult for many organisations.

Migration to the new standard will require some careful planning and thinking but represents an opportunity for organisations to move their safety culture to the next level, increasing participation across the organisation, delivering enhanced legal compliance, and setting the bar with top level management engagement.

About the author:

Richard Clarke is a Senior Environment & Safety Consultant at Cedrec Information Systems. He is an IEMA qualified Associate Environmental Auditor, Practitioner Member of IEMA, Graduate Member of IOSH, holds a Post Graduate Diploma in Environmental Decision Making, and a distinction in the NEBOSH National General Certificate in Occupational Health and Safety.

Find out more about cedrec

Image created by vectorjuice –

We’ve helped more than 4000 businesses with their compliance


The toolkit was perfect in delivering the correct process to our business, preventing thousands spent on consultants delivering the same toolkit. It also played a massive part in speeding up our compliance in GDPR.

G3 Comms Limited

View all Testimonials