The new ISO 45001 has replaced the OHSAS 18001. Just like most other ISO standards, the ISO 45001 adopted the High Level Structure (HLS). This is a great step forward because it now allows for consistent management systems. A lot of companies have multiple certificates and with this newly adopted HLS it is much easier to integrate the different standards.
In previous posts we touched upon the importance of risk management in the HLS: Risk Management ISO9001:2015 , Handle risk management and Practical guide. We even wrote an e-book about it. With the ISO 45001 the way of managing risks can be the same as with other standards, but the type of risks will be different. We will touch upon a couple of topics to take in consideration while identifying your risks.
The most important aspects of the risks is the law. In many countries the laws are pretty clear when it comes to employees and everything surrounding it. This can be all kinds of laws from how to handle PPE to working hours or number of leave days. Not obeying the law will not only lead to fines but can also lead to a bad reputation and possible problems with unions. In order to make sure these risks are identified, just note down the laws and take appropriate action.
The daily activities of certain people can inhabit serious risks. These might not always be clear on the outside but will reach the surface when you talk to people. The employees are a key source of information when it comes to identifying the risks involved in their day to day activities. It is always wise to plan a couple of hours with people in the field and identify the risks they face.
Then there are the company wide risks and opportunities, more on a strategic level. These can be big macroeconomic challenges such as economic downturn or rapid economic growth, tight labor market or the rights of robots. All these topics and many more can have an impact on the risks and opportunities the company has to manage. Make sure you include these in the risk overview because they will be important to the organization.
When the risks are identified it is important to start managing them. Some risks can be accepted due to the low impact or low likelihood, others can be transferred by for example getting insurance. However quite a few require a certain type of action on how to mitigate them. Make sure you assign responsible people to specific tasks. It is key to only make one person responsible for each task. This forces the person to take responsibility. Great automation solutions can help a lot in this case. Qooling users make use of the following flow to mitigate the risk.
In the end it is really important that the company has a good overview of all the risks involved, not just only for OH&S and how it can mitigate them. Make sure you have a good system in place on how to identify them. Also ensure you include the employees, as they are key in getting the right information.