ISO 45001 Annex 6 – Response to Comments

My draft was meant to be for the Annex only.  It was not intended to be included, or as a supplement to, the normative part of the standard.  I offered the draft of the Annex more to stimulate discussion than expecting it to be incorporated in its entirety.  As I have said from the beginning.  I believe that the HLS should remain largely intact without significant discipline specific additions.  Most discipline specific language for clarification of intent should be introduced in the Annex.

I like the idea of working the development process of this and other standards like ISO 14001 from back to front.  In other words, let’s work on the Annex (informative part of the standard) first, agree on what we want it to achieve and what the Annex should contain, and then decide what needs to be changed in the normative part of standard to meet the discipline specific outcome we want.

I also understand the desire to use much of Z10 to form the basis for ISO 45001.  However, I believe that we can improve upon the ideas presented in Z10 as we develop 45001, especially appendix F and the example risk matrix it contains.

Regarding the question of how opportunities should be addressed in the standard, I believe it matters little where opportunities are addresses.  It may be appropriate to address them in both 8 and 10 and maybe a little bit in 6.  I do however believe that we need to have a better idea about what we mean by opportunities before we add discipline specific language to the HLS in any or all of those clauses.

I believe there are at least two types of opportunities that can be identified, those being opportunities to reduce risk, and those opportunities that can result in other value enhancement.  Sometimes exploiting one type of opportunity comes at the expense of the other. ice3 Ice diving is a good example.  Personally I think you need to be out of your mind to do it, but some folks find great pleasure in scuba diving below the ice and take every opportunity they can to enjoy it.  One of the hazards of ice diving is getting lost under the ice and not being able to return to  the hole before your air supply is exhausted.  The bigger the hole, the easier it is to find when you want out of the water.  But cutting a big hole through 3 foot thick ice is hard and there comes a point where the discomfort in cutting the hole out weights the fun the divers expect to have on their adventure.  So the divers manage the likelihood of becoming trapped beneath the ice in other ways, like roping up and having folks at the surface holding the other end of the rope.  Managing the risks and enjoyment of an ice dive becomes an optimization problem.

The ISO 45001 standard Annex (either 6, 8 or 10) should include information to help users understand the relationship between risks and opportunities and that there are different types of opportunities they can exploit.  Once we have the right language in the annex, we can then think about what changes might be need in the standard itself to make the HLS work for the OH&S discipline.  Again this is the back to front approach to standard development I prefer.

First ISO 45001 US Technical Advisory Group Meeting In DC

ECSI is currently attending day one of the 2-day ISO 45001 US Technical Advisory Group (TAG) meeting in Washington DC January 15-16, 2014.  We will be reviewing comments on the first working draft of the standard and then breaking into several working groups to revise specific sections of the standard.  One of the key issues  to be discussed will be how much additional discipline specific text should be added to the required High Level Structure (HSL) language.  As a voting member of the US TAG I intend to advocate for a less-is-more approach.  In other words, I believe that most of the discipline specific text (occupational health and safety in this case) should reside in the annex of the standard.

The HLS is designed to facilitate seamless integration of discipline specific management systems into an organizations overall business management system.  In the past ISO standards had significantly different structures which made integration of the standards difficult.  An example is ISO 14001 Environmental Management Systems (EMS) which has only 4 sections and ISO 9001 Quality Management Systems (QMS) which has 8 sections.   The difference in the way the standards were organized lead to considerable confusion among many standard users who wondered why the structure of an EMS needed to be so different than a QMS.

In response to those concerns ISO created the HSL to standardize the way it writes standards which is a really good idea for a standards writing body.  ISO requires that all new and revised standards follow the HLS with little deviation.  My experience with the ongoing revision of ISO 14001 has been that trying to incorporate significant additional discipline specific language into the standard is not always value added and can sometimes diminish the clarity and usability of the standard.  Because of the significant additional language in the ISO 14001 standard it seems overweight or bloated at 19 pages versus 9 pages for ISO 14001:2004.  As we hash over this important issue I hope that both the US TAG and the international project committee PC 283 recognize this potential pitfall and endeavor to limit the amount of additional discipline specific language in the new ISO 45001.


Should ISO 45001 Require Multi-Step Hierarchy of Control?

The first face-to-face meeting of the United States Technical Advisory Group (US TAG) will be taking place in Washington DC late next week, January 15-16, 2014.  The purpose of this meeting is to review the recently released first working draft (WD1) of the ISO 45001 Occupational Health and Safety Standard and attempt to find consensus among the members of the US TAG regarding the US position on important technical issues.  One of the important issues to be discussed is what  the ISO 45001 standard should include as requirements and what information should be presented in the Annex A as guidance.

The WD of ISO 45001 currently requires a hierarchy of control in clause 8.1.2 of the standard.  Most occupational health and safety (OH&S) professionals are familiar with this hierarchy of control, which prefers elimination of the hazard as the best choice for controlling an OH&S risk. The hierarchy of control requirement is a good example of what one might consider to be an “overreach” of the standard, in that it prescribes a specific risk control process that may be more appropriate as guidance in the Annex of the standard.  As currently drafted, the WD1 states the following:

When determining prevention and control measures, or considering changes to existing controls, consideration shall be given to reducing the risks according to the following hierarchy:

a) eliminate the hazard;

b) substitution with less hazardous materials, processes, operations or equipment;

c) use engineering controls;

d) signage/warnings;

e) administrative controls;

f) personal protective equipment.

These six steps are almost identical to those listed in the American National Standards Institute, ANSI Z10, clause 5.1.2.  The Occupational Health and Safety Assessment Series standard, OHSAS 18001, clause 4.3.1, has similar requirements, but only lists 5 steps; and  the USA OSHA’s required hierarchy of control lists only 4 steps.

With a quick search of the internet, many other examples of hierarchy of control sequences and steps can be found.  Some national regulatory agencies around the world have other required processes for determining appropriate controls.  Given this apparent lack of national and international consensus for the optimal number and sequence of control steps, is it appropriate for the new ISO 45001 OH&S standard to prescribe either a requirement to use a hierarchy of control process or to specify the number and sequence of the steps in the required process?

Based on our experience on the US TAG working on revision to ISO 14001, we believe that, when making additions to the ISO Annex SL High Level Structure (HLS) required text (see related post), adding less in the requirements sections helps to maintain the integrity of the HLS.  ECSI believes that the elegant simplicity of the HLS is diminished when significant amounts of discipline-specific text (OH&S in the case of ISO 45001) are added to the standard itself.  We believe that most of the additional discipline-specific text in the WD1, especially in clauses 6, 7 and 8, should be moved to the Annex A and treated as guidance.  By doing so, the ISO 45001 Project Committee (PC) will be able to avoid protracted discussions and negotiations over the content of the requirement section of the standard, which in turn will help the PC meet the tight deadlines (3 years) for publication of the standard.

Scope Change for ISO 45001 Set for Vote by ISO TBM

When the idea to create an ISO standard for Occupational Health and Safety Management Systems (OHSMS) was recently resurrected the scope of the project was limited to preparing requirements only.  Guidance on use of the new standard was excluded from the scoped of the project.

At its inaugural meeting in October 2013 ISO/PC 283 reviewed its scope and the PC agreed that it was essential to provide guidelines on the use of the OH&S requirements that it is mandated to develop.  The form of the guidelines is expected to be an annex to the requirements standard similar to what was done with ISO 14001.

This scope change needs to be 652px-Logo-ISO[1]approved by something called the ISO TBM (Technical Management Board).  A ballot is being circulated with the TBM to modify the title of ISO/PC 238 by eliminating the word “requirements”.  The voting period will close on December 28, 2013.  The TBM will also be voting on whether to change the scope of PC 283 to the following:

Development of a standard on occupational health and safety management systems “Requirements with guidance for use”.

Although this may seem like a subtle change the impact on the OH&S standard development will be large and will improve the value of the standard for users.  My guess is that the greatest area of impact in the guidance portion of the standard will be in the front end work to set up a conforming OHSMS.  Specifically the part of the standard the addressed hazard identification and risk assessment.

I am interested in this groups opinion of what other areas of the new standard will benefit from guidance such as, employee participation or value/supply chain management , and how explicit should that guidance be?  Please don’t be afraid to post a comment here  or at the linked In at the  ISO 45001 group with you opinion or comment.

OHSAS 18001 and ISO 45001 – ISO Health and Safety Management Systems

In late October 2013 ISO (International Organization for Standardization) decided to move forward with the development of an ISO standard that will replace OHSAS 18001 Occupational health and safety management systems – Requirements (British Standard Institute) within the next three years.  The ISO Occupational Health and Safety Management System Standard (OHSMS) is expected to be issued under the number ISO 45001.   The exact title is still up in the air but will be similar to something like Occupational health and safety management systems – Requirements with guidance for use.   The first Working Draft of the new OHSMS standard is expected to be circulated to the US Technical Advisory Group (U.S. TAG) members within the next few weeks. 

Important issues that will be discussed early in the standard development process are:

Defining the term “persons under the control of the organization”. 

There will be discussion about how much flexibility organizations will have when defining the scope of its OHSMS under the ISO 45001 requirements.  This issue will have a significant impact on organizations who have chosen to shift OH&S risks to onsite contractors’ through contracts that require the contractors to assume some or all responsibly for their employees health and safety and for compliance with all regulatory requirements.   The questions will likely boil down to will the standard allow a complicated scope statement that excludes substantial portions of the facility’s physical location thereby excluding many contractors from the scope of the OHSMS,  or will the standard discourage this type of scoping in favor of a more inclusive approach to the scope of the OHSMS. 

Questions about acceptable levels of risk shifting or sharing will need to be discussed  and answered.

Hazard Identification, Risk Assessment and Risk Control

This will be an important topic of discussion and deliberation with the U.S. TAG to reach consensus on what the standard will require of organizations to develop, implement and maintain a process for performing hazard identification and risk assessment.   There are many approaches to risk assessment and it will be interesting to see how detailed the requirements will be regarding this important area of an OHSMS.  Appendix F of ANSI Z10 will be a starting point for the U.S. TAG for developing the guidance on this important OHSMS topic.

The new structure required by ISO (Annex SL) places emphasis on the concept of risk management.   OHSAS 18001 emphasized this aspect of an OHSMS but you can expect more in the way of guidance in ISO 45001 describing appropriate methods for assessing OH&S risks.   The guidance will be in the annex of the ISO 45001 standard with examples of how to perform an OH&S risk assessment and there will likely be a figure that looks something like the figure below where risk is estimated based on multiplying the likelihood value by the consequence value to arrive at the risk score.

 risk score 112113





Time Frame for ISO 45001 Development

Here is the current schedule for required 3 year development of the standard that was provide to TAG members on November 15, 2013.

  • Dec 2013 –Working Draft 1 (WD1) circulated Working Group 1 (WG1)
  • Jan 2014 – Submit Comments on WD1
  • Jan 2014 – US TAG Face to Face Meeting (to develop US positions/concerns on WD1) – ECSI will attend this meeting.
  • March 2014 – PC Meeting – Development of Committee Draft 1 (CD1)
  • November 2014 – PC Meeting – Development of Draft International Standard (DIS)
  • November 2015 –PC Meeting – Development of Final Draft International Standard (FDIS)
  • October 2016 – Publish ISO 45001

ECSI is a voting member of the U.S. Technical Advisory Group to ISO 45001 and will be directly involved in developing the US position on the content of this important standard.  We will be publishing updates on the progress of ISO 45001 and are happy to discuss any ideas, issues or concerns you have with the development of this new standard or any other OH&S issues you would like to discuss.  Don’t be shy.  You can either post a comment / question here or contact us directly at 920-648-4134 or email us