ISO 45001 Certification – Occupational Health And Safety Consultancy (OHSMS)

• ISO 45001:2018 is the international occupational health and safety (OH&S) management system standard, which is applicable when an Organisation’s activities may pose a risk of injury/ illness to employees. The ISO 45001:2018 occupational safety and health management system, minimises the likelihood of harm by implementing and communicating safe policies, practices and procedures.  
  ‍
• ISO 45001 is like other ISO standards particularly Environmental 14001:2015, as it was designed with businesses in mind that integrate OH&S with Environmental sustainability. Due to this ISO 45001 is easy to incorporate into existing ISO management systems once technical gaps have been filled.  
  ‍
• ISO 45001 adopts the same high-level structure with identical terms and definitions, such as “Risks and Opportunities Register” and uses the same process led approach; except focuses on managing the risks with the potential to cause illness, injury and death.  
  ‍
• ISO 45001:2018 is the follow on from OHSAS 18001 certification. The new ISO is more standardized across countries, fills in some technical gaps and is more easily integrated with other ISO standards.

• The purpose of an Occupational Health and Safety Management system is to implement a structured framework to safeguard the health and safety of employees during work, improve internal processes and reduce events that damage equipment. It is internationally recognised, having been developed by experts across 70 countries and applicable to businesses of all sizes and sectors. An effective health and safety management system reduces workplace incidents, staff turnover, absenteeism, repair costs and compensation pay-outs. Additional benefits from ISO 45001:2018 certification include:

• Extra recognition by external parties as a responsible employer and improved reputation within the industry & community

• Reduced insurance costs by becoming known as a safe workplace

• Tender prequalification may require certification

• Compliance to industry standards, legal and regulatory obligations

• Develop a culture of OH&S ownership & cooperation. leading to improved employee well-being and engagement

• Occupational Health and Safety integrated into the central operation of the business rather than a side element

• Prices for ISO 45001 implementation vary depending on the size and complexity of your Organisation. However, we are in the process of developing an online cost calculator to be able to provide certification consultancy costs, including certification body costs. Please keep checking our LinkedIn and Facebook profiles for updates! 

• You can call 01892800476 or email info@avisoconsultancy.co.uk for further information

• Usually, between 3-6 months, but this depends on the size and complexity of the organisation, the resources available and the current management system in place.

• If your organisation has already implemented ISO management systems standards such as Quality or Environmental, then the knowledge and expertise already built up can be readily transferred to ISO 45001, reducing the time until certification.

• There are more similarities than differences, ISO 45001 utilities the same PDCA (Plan- Do- Check – Act) cycle except from the perspective of managing occupational health and safety risks.

• The Annex SL framework is the same, i.e. The context of the organisation must be defined, including the desired outcome of the management system, internal audits must be conducted to evaluate compliance, documentation must be updated and stored securely, the OH&S must be communicated where necessary, non-conformances must be recorded, and corrective actions implemented. 

• A major difference is Clause 5.4 (Consultation and Participation of workers). This requirement involves the engagement of workers from non-managerial roles in the definition of the OH&S management system and providing the needed time & resources. Activities include risk assessments, incident investigations, internal audits, training, and competence requirements. Through this, your organisation can establish mandatory safety and health requirements, and encourage ownership, this joint decision-making process your Organisation can establish mandatory safety and health requirements and encourage ownership and create a culture of health and safety at work.

• Clause 8.1 (Operation Planning and Control) is specific to ISO 45001:2018. Its implemenation ensures the OH&S management system, plans and controls processes by eliminating health and safety risks. For example, staff competence, procurement specifications for equipment and critical procedures. 

• Clause 8.1.2 (Eliminating Hazards and Reducing OH&S risks) applies a hierarchal approach to dealing with risk. Similar to ISO 14001’s reduce, reuse, recover, recycle system, OH&S risks are eliminated as priority, substituted (for instance hazardous chemicals), isolated (reduced access/ worker proximity to the risk) or protected (with PPE).

• Clause 8.1.3 (Management of Change) – Introduces the idea of the OH&S system as an inherent risk, as due to the ever-changing conditions and context of the business it may become outdated. To ensure the OH&S adapts through continual improvement the Organisation is required to set controls for any temporary or permanent changes, for example, new equipment, staff turnover etc.

• Clause 8.1.4 (Procurement) Contractors, outsourced processes and equipment purchased/ rented must be risk assessed. For instance, new machinery should have the technical specifications, contractors Health and Safety records should be checked, and outsourced activities must meet the organisations occupational health and safety standards.

• As with all ISO standards, senior management will have responsibilities under the HSMS and will need to sign off and approve the management system, especially where changes can impact business processes. They are also instrumental in helping to form a good health and safety working culture within the organisation.

• Our consultants are certified lead auditors, experienced in implementing and maintaining ISO management systems. Typically, our consultants specialise in 1-3 specific ISO standards and AvISO will assign our consultants with skillsets matching client requirements.

• First the Organisation will develop and implement a Health and Safety Management System, fully supported by top-management. Most businesses will already have elements in place as key parts of the system are also legislative requirements, such as risk assessments and safe working procedures. 

• Next step is the Stage 1 Audit. An independent UKAS accredited auditor assesses if your HSMS meets the requirements of ISO 45001:2018 standard by conducting a ‘gap analysis’, the report will highlight areas that require action to conform to the clauses of the standard.

• Final step is the Stage 2 Audit conducted by an external UKAS accredited auditor. Once all corrective actions have been put in place since the Stage 1 report and you are fully compliant; your certification will be awarded!

• Don’t stop there! A major component of ISO standards is continual improvement and to prevent stagnation/ deterioration of the management system, re-certification is required every three years. Maintenance of the management system through an annual audit programme will ensure continued compliance.

‍

• AvISO Consultancy provides Consultancy, Software & Training solutions with 100% UKAS accreditation success rate. AvISO is a trusted partner to national and international clients. Working with SMEs to Multinational Enterprise Organisations, assisting with ISO Standard Certification, ISO Management Systems & Compliance requirements.
  ‍
• We are certified to Quality (9001:2015) and Cyber Essentials Standards.
  ‍
• Our consultants are experts in their chosen specialisation, able to provide bespoke advice for your business.  By tailoring the standard to your business rather than the other way around, we maximise value for our clients throughout the certification and maintenance process
  ‍
• You can view our clients testimonials and case studies here.

• No, you don’t. However, it is worth considering the time and cost of a workforce required to set up an ISO standard versus an external management consultant providing guidance and support to ensure conformity and certification.

• We recommend that competent, experienced and qualified personnel work with our consultants. They can be from any area of the business but would require working knowledge of how the Organisation operates and be provided the time and resources to complete any necessary activities.

• Senior AvISO consultants have designed an online management tool to assist Compliance Managers / those individuals with bolt-on responsibilities for management systems. This system records your management system data, and its intuitive user interface is designed for intuitive navigation and includes a real-time dashboard for tracking KPIs, Objectives, Correctives Actions and Legal Obligations. 

• The Legal Register is a tool/ system for recording all the regulatory and compliance obligations that are required to be met for your specific industry.  
  ‍
• AvISO send out quarterly updates to ensure your business is kept up to date with relevant changes in legislation as part of the ISOvA service.

• The standard follows the same Annex SL structure as ISO 9001:2015 and ISO 14001:2015. Clauses 1-3 are normative and not assessed by certification body auditors, clauses 4-10 are checked for conformance to the standard.

• Most, if not all, of the necessary information, can be securely gathered and shared online through SharePoint. This is a secure method of safely sharing and updating documents online to maintain and support your management system. 

• However, for auditing purposes our consultants will visit your business site to ensure we help as much as possible.

• The certification process will require regular attention in order to smooth over any non-conformities, ensuring documentation is accurate and internal processes are followed by and communicated to employees.

• Once certified the internal audit programme and annual management reviews will highlight any further areas for continual improvement. However, this shouldn’t be particularly time-consuming if the OH&S Management System was implemented correctly.

‍

• Not necessarily. The most cost-effective way would be for your organisation to have an umbrella system whereby all the sites would have to prove that the management system is being followed. A presentation certificate for each site can be issued to ensure conformity to the standard across all your sites. If more than 5 sites, they will apply a sampling approach to the audits, they will need to see all the sites over the 3-year cycle of the audit.

• A certified Health and Safety management system (OH&S) is valid for three years. During this period, internal and external surveillance audits are necessary to maintain conformity during the three-year period before complete recertification.

• Our consultants are certified lead auditors, experienced in implementing and maintaining ISO management systems. Typically, our consultants specialise in 1-3 specific ISO standards and AvISO will assign our consultants with skillsets matching our client requirements.

Below is a list of the documents and records clause by clause required to be compliant with the ISO 45001:2018 standard: Bear in mind it would be beneficial to have procedures and processes documented as well.

• Scope of the OH&S management system (clause 4.3) – everything under the Organisation’s control that could impact the performance of its OH&S. A statement, available to interested parties to clarify the boundaries of the OH&S. For example, the whole organisation or specific sites and business procedures.

• OH&S policy (clause 5.2) – a brief statement to interested parties, signed by top-management, providing information on the Occupational Health and Safety standards maintained by the Organisation including continual improvement.

• Responsibilities and authorities within OH&SMS (clause 5.3) – clear, documented communication from top-management across all levels of the business assigning responsibility for OH&S compliance and progress reporting.

• OH&S process for addressing risks and opportunities (clause 6.1.1) – involves a collaborative effort to identify, manage and document all risks associated to OH&S. Hazards identified will have associated risks.

• Methodology and criteria for assessment of OH&S risks (clause 6.1.2.2) – risks should be ranked by severity (i.e. probability x impact). This document provides the methodology of this assessment and hazard identification.

• Legal and other requirements (clause 6.1.3) – A register of legal requirement applicable to the Organisation and stating compliance.

• OH&S objectives and plans for achieving them (clause 6.2.2) – SMART objectives, consistent with your OH&S policy. Specify how you plan to achieve them, who will be responsible and how you will monitor progress.

• Evidence of competence (clause 7.2) – defined skill, training and/or experience requirements for employees & contractors that could affect OH&S performance.

• Evidence of communications (clause 7.4.1) – Documented process for external and internal communication relevant to the OH&S Management System.

• Emergency preparedness and response process (clause 8.2) – documented process to address potential emergency situations which can affect the health and safety of employees. Evaluate performance through safety drills and identify responsible individuals.

• Results on monitoring, measurements, analysis and performance evaluation (clause 9.1.1)

• Maintenance, calibration or verification of monitoring equipment (clause 9.1.1) – An internal process of reviewing the OH&S. Are you legally compliant? Have the identified hazards been addressed and recorded in the risks and opportunities register? How effective are the controls put in place?

• Compliance evaluation results (clause 9.1.2) – included within the internal audit programme.

• Internal audit programme (clause 9.2.2) – documented results of the planned, independent OH&S audit schedule to check compliance with the ISO 45001 standard following ISO 19011 (Guidelines for auditing management systems).

• Results of management review (clause 9.3) – documented evaluation of the OH&SMS, conducted by top management. Should include: any changes to the OH&SMS, such as external or internal issues, associated risks and opportunities, legal obligations or needs of interested parties.

• Nature of incidents or nonconformities and any subsequent action taken (clause 10.2) – document or log recording the root causes of non-conformities and the corrective actions put in place to address them.

• Evidence of the results of continual improvement (clause 10.3) – evidence of action taken to continually improve the business, for example, opportunities recorded and achieved in the risks and opportunities register or changes in operational procedures to reduce waste, risk or resources used.

‍

ISO 45001 is an internationally recognised standard for occupational health and safety. It provides a framework to manage risks, reduce accidents, and ensure compliance with legal requirements.

Any organisation with employees, contractors, or visitors. It is especially relevant for businesses in higher-risk sectors such as construction, engineering, logistics, manufacturing, and waste.

Improved safety performance, legal compliance, reduced incidents, increased staff engagement, and stronger credentials for contracts or tenders.

Typically between 3 and 6 months, depending on your existing processes, resources, and level of management support.

A health and safety policy, risk assessments, training records, incident reports, objectives, monitoring and measurement plans, and evidence of consultation and leadership involvement.

Yes. ISO 45001 shares a common structure with other ISO standards like ISO 9001 and ISO 14001, making it easier to build an integrated management system.

Not necessarily. AvISO can help upskill internal staff or provide retained support where needed. Many smaller organisations manage their OHSMS within their existing teams.

An external auditor will review your documentation, observe activities, and interview your staff. They check for both compliance and effectiveness. AvISO prepares your team with mock audits and readiness reviews.

Yes, if you want us to. We can attend remotely or in person to help clarify documentation, answer questions, and support your team during the audit.

In many cases, yes. A well-implemented and certified health and safety system demonstrates control and diligence, which insurers may view positively.

That’s a good start. We will review your existing documentation and practices, identify any gaps, and help bring everything in line with ISO 45001.

Absolutely. ISO 45001 is often a prerequisite or strong differentiator in public and private sector procurement, especially in construction, transport, and infrastructure.

Whether you are starting from scratch or improving an existing health and safety system, we can help. AvISO delivers clear, practical ISO 45001 support backed by proven experience and powerful digital tools.