verified_user
Standardful
Homechevron_rightStandardschevron_rightISO 45001:2018
ActiveInternational Standardupdate Standard Updated: March 2018fact_check Fact checked: Jun 28, 2026

ISO 45001:2018

Occupational health and safety management systems — Requirements

apartmentPublishing Organization:International Organization for Standardization (ISO)

Standard Introduction

ISO 45001:2018 is the world's first international standard for occupational health and safety (OH&S) management systems, published in March 2018 to replace OHSAS 18001:2007. Developed by ISO with input from 70+ countries, ISO 45001 provides a framework for organizations to proactively improve OH&S performance, prevent work-related injury and ill health, and provide safe and healthy workplaces. The standard follows the ISO High Level Structure (HLS), enabling seamless integration with ISO 9001 (quality) and ISO 14001 (environmental) management systems. ISO 45001 applies to any organization regardless of size, type, or industry, from small businesses to multinational corporations across manufacturing, construction, healthcare, and service sectors.

ISO 45001 introduces key concepts including 'context of the organization' requiring analysis of internal and external OH&S issues, enhanced 'leadership and worker participation' emphasizing top management commitment and worker consultation, and a strengthened 'risk-based approach' covering both risks and opportunities. The standard requires organizations to establish OH&S objectives, implement operational controls, prepare for emergencies, and monitor performance through audits and management reviews. Migration from OHSAS 18001 was required by March 2021. Certification involves Stage 1 (documentation review) and Stage 2 (implementation audit) assessments by accredited certification bodies. According to ISO Survey data, over 400,000 certificates have been issued worldwide. Implementation benefits include reduced workplace incidents (studies show 20-40% reduction), lower insurance premiums, improved regulatory compliance, enhanced employee morale, and competitive advantage in tenders requiring OH&S certification.

health_and_safety

Worker Participation

Places strong emphasis on worker consultation and participation in all aspects of OH&S management — from hazard identification to policy development.

account_tree

High-Level Structure

Uses the ISO Annex SL framework, making it easy to integrate with ISO 9001, ISO 14001, and other management system standards.

warning

Hierarchy of Controls

Requires application of the hierarchy of controls: elimination, substitution, engineering controls, administrative controls, and PPE — in that order of preference.

list_alt Core Clauses (4-10)

  • Context and interested parties (workers, regulators, unions)
  • Leadership, worker participation, and OH&S policy
  • Hazard identification and risk/opportunity assessment
  • OH&S objectives and planning to achieve them
  • Competence, awareness, and communication
  • Operational planning and control
  • Emergency preparedness and response
  • Performance evaluation, internal audit, and management review

Who Needs to Comply?

groups

Any organization seeking to improve worker safety, reduce workplace injuries, and demonstrate commitment to occupational health and safety. Especially relevant for construction, manufacturing, mining, oil & gas, and logistics.

Key Requirements

1

Hazard Identification & Risk Assessment

Proactively identify hazards arising from work activities, work environment, equipment, and human factors. Assess OH&S risks and determine controls using the hierarchy of controls.

2

Worker Consultation & Participation

Establish mechanisms for worker consultation on OH&S policy, objectives, and changes. Non-managerial workers must participate in hazard identification, incident investigation, and control determination.

3

Operational Controls

Establish processes to eliminate hazards and reduce OH&S risks. Manage change including new products, processes, and work conditions. Control outsourced and contractor activities.

4

Incident Investigation

Investigate incidents, near-misses, and nonconformities to identify root causes, determine corrective actions, and share lessons learned across the organization.

Implementation Roadmap

1
Phase 1schedule Duration: 2-4 weeks

Prepare scope, leadership and objectives

Define the occupational health and safety management system scope across workers, contractors, workplaces, legal obligations, hazards, and operational activities. Confirm leadership accountability, interested parties, legal and contractual obligations, policy commitments, and measurable objectives before detailed control work begins.

2
Phase 2schedule Duration: 4-8 weeks

Gap analysis and risk assessment

Assess current practices against ISO 45001 requirements and the organization's risk context. Review hazard identification, worker consultation, legal compliance, hierarchy of controls, incident investigation, and OH&S performance improvement, then prioritize gaps by compliance exposure, customer impact, operational risk, and audit readiness.

3
Phase 3schedule Duration: 8-16 weeks

Implement processes, controls and records

Deploy or improve the required processes, operating controls, responsibilities, training, monitoring, documented information, and corrective-action workflows. Build evidence around hazard registers, legal registers, consultation records, risk assessments, incident reports, training records, inspections, and management reviews.

4
Phase 4schedule Duration: Ongoing

Audit, review and continually improve

Run internal audits, management reviews, performance monitoring, and corrective actions before the certification audit. Keep the system current after incidents, process changes, customer feedback, regulatory changes, or audit findings.

Compliance Checklist

0 / 12

checklist Scope and governance

checklist Operational controls and evidence

checklist Performance and improvement

Penalties & Enforcement

warning

No direct legal penalties — ISO 45001 is voluntary. However, certification demonstrates due diligence which can reduce legal liability. Underlying OH&S laws carry their own penalties including criminal prosecution for serious safety failures.

Frequently Asked Questions

Who needs ISO 45001?

expand_more

ISO 45001 is relevant for organizations that need a disciplined occupational health and safety management system covering workers, contractors, workplaces, legal obligations, hazards, and operational activities. It is often adopted because customers, regulators, procurement teams, or market expectations require demonstrable controls and repeatable performance.

Is ISO 45001 certifiable or auditable?

expand_more

Yes, organizations can normally pursue a certification audit against ISO 45001 where certification or accreditation infrastructure exists. Even when certification is not the immediate goal, the standard can be used as an internal operating and assurance framework.

How long does implementation take?

expand_more

A focused implementation often takes several months, depending on scope, maturity, number of sites, process complexity, and evidence quality. Organizations with mature processes can move faster, while multi-site or regulated environments usually need more time.

What is the most important first step?

expand_more

Start with clear scope, leadership accountability, and an honest gap assessment. Without a stable scope and process ownership, teams usually create documents that do not match how work is actually performed.

What evidence do auditors expect?

expand_more

Auditors look for operating evidence, not just policy documents. Useful evidence includes hazard registers, legal registers, consultation records, risk assessments, incident reports, training records, inspections, and management reviews, plus proof that findings are reviewed and improved over time.

How often are internal audits needed?

expand_more

Internal audits should be performed at planned intervals based on risk, process importance, prior findings, and changes. Many organizations audit the full system annually and use targeted audits after incidents or major changes.

How does continual improvement work?

expand_more

Continual improvement uses performance data, audit findings, incidents, customer feedback, management review decisions, and corrective actions to strengthen the system. Improvement should be visible in objectives, controls, and measurable outcomes.

Can it be integrated with other standards?

expand_more

Yes. ISO 45001 can usually be integrated with other management-system standards by sharing governance, document control, internal audit, corrective action, risk management, and management review processes.

Official Documentation

View All

Implementation Timeline

check_circle
March 2018
ISO 45001 project initiated - ISO/PC 283 project committee established to develop international OH&S standard
event
March 2021
Draft published for comment - ISO/DIS 45001 released for public consultation and national body voting
trending_up
2023
ISO 45001:2018 published - First international OH&S management system standard officially released by ISO
fact_check
2024
OHSAS 18001 transition deadline - Organizations certified to OHSAS 18001 required to migrate to ISO 45001
health_and_safety
2025
ISO 45001 adoption milestone - Over 300,000 certificates issued worldwide according to ISO Survey data
update
2026
Next ISO 45001 systematic review cycle begins to evaluate need for revision

Related Categories