Breakout Session 1 SME Practitioners

Transition from OHSAS to ISO – what are the significant changes? Colin Bracewell Alcumus ISOQAR Lead Auditor

3 Agenda Welcome & Introduction Significant changes Potential impacts as a result of the changes Integrating ISO with other management systems

4 ► ‘Annex SL’ - Ten clauses contained in a new concept, which revises the clause sequence into ‘common elements’ of ISO standards such as 9001, and for example ► Context of the organisation (internal & external Issues) ► Risk based focus throughout the system, not simply based on hazards – with no mandated procedures ► Interested parties (stakeholders) and ► Leadership and worker participation ISO is intended to link the system to the organisation's business environment (‘Context’) and its strategies for the OH & S performance to give greater focus to management Significant Changes

5 Organisation: Person or group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives Context of the Organisation: External & internal issues that relate to the business environment in which the organisation seeks to achieve its objectives Interested Party: Person or organisation that can affect, be affected by, or perceive itself to be affected by a decision or activity related to the OH & S Management System Worker: Person performing work or work related activities, regularly or temporarily, under the direct or indirect control of the organisation inside and outside of the workplace Clause 3: Terms and Definitions

6 A new common format has been developed by ISO for use in all its management system standards, and is being used by ISO This is often referred to as “Annex SL”, and gives: ► a common top level clause structure (or sequence) ► standardised core text ► standardised core definitions to achieve easier implementation and better integration of multiple management systems (e.g. quality) The high level structure and common text is public information and can be found in Annex SL of the ISO Supplement to the ISO/IEC Directives Part 1, see: mental, information security) High Level Structure - NEW

7 ► The aim of the (Annex SL) change: To create ISO management system standards with enhanced consistency where the alignment of the standards are the same. This means that the common elements between standards will be numbered the same ► The objective: This common approach to new management system standards will make it easier for an organisation to create a single management system known as an Integrated Management System (IMS) and align 1SO with other systems already or intended to be followed Aims & Objectives

8 A guidance document that explains the new high level structure/format that all new standards have (ISO already uses this format) The structure of the standards will change by creating standards that have: # Identical sub-clause titles 1 – 10 as follows: ‘Scope, Normative references, Terms and definitions, Context of the organization, Leadership, Planning, Support, Operation, Performance / Evaluation & Improvement’ # Identical text and common terms and common core definitions Annex SL - NEW

9 ► The organisation is required to consider any foreseeable internal and external risks that could affect its OHS performance ► The standard expects that the organisation looks beyond its immediate health & safety issues and takes into account what the wider society expects of it and introduces the concept of risk (To be addressed later in the presentation) Potential impacts: ► For example the organisation’s contractors, suppliers and how their work might affect their neighbours and the surrounding area as well as direct employees ► In effect ISO is much wider in its scope than BS OHSAS and considers internal & external issues and means organisations cannot simply contract out risk Clause 4: Context of the Organisation (New )

10 What you need to consider: ► 4.1 Understanding the organisation and its context ► The organisation shall determine external and internal issues that are relevant to its purpose and its strategic direction ► No mandatory requirement for documentation but it needs to be auditable How this might affect your business: A review of the business situation and any foreseeable problems or opportunities needs to be carried out. The depth of this review will vary depending on the type, size and complexity of your business activities Clause 4.1 Context of the Organisation

11 What you need to consider: The organisation shall monitor and review the information about external and internal issues in whatever way it decides External issues The business market, existing/new technology, legal requirements, the economy and cultural/social issues How this might affect your business: Companies may need to demonstrate that they are aware of: Current sales trends, market share, new equipment – software, forthcoming changes to legislation, effects to job costs – materials/services, customer requirements/feedback, supplier performance/availability and neighbours/community issues Clause 4.1 Context of the Organisation (External)

12 What you need to consider: The organisation shall monitor and review the information about external and internal issues in whatever way it decides Internal issues Awareness of company culture/environment, performance analysis, job knowledge/information and management structure How this might effect your business: Companies may need to demonstrate that they are aware of: Current trends – new products, employee morale, staff turnover, absenteeism, employee Illness, employee & contractor training needs, any additional staff requirements, past problems, poor equipment, inadequate methods and production/service delivery data Clause 4.1 Context of the Organisation (Internal)

13 ► OH&S management traditionally uses a risk-based approach to evaluate and address the risk of harm ► ISO’s (Annex SL) format for management system standards now requires organisations to also consider the risk that the OH&S management system itself may not be effective, and to look for opportunities for improvement ► The requirements for “risks and opportunities” in clause 6.1 have been adapted in ISO for both OH&S hazards and for the OH&S management system itself ► ISO/CD uses the terms: - “OH&S risk” and “OH&S opportunities” when it is referring specifically to the control of hazards - “risk” and “opportunities” when referring to the OH&S management system Risk-based thinking (within Clause 6: Planning)

14 ► The concept of ‘Risk’ has been made explicit in the standard and is directly connected to clause 4 ‘Context of the Organisation’ and addresses the risks and opportunities an organisation faces ► Definition of ‘Risk’ and ISO = The consequences of an event and the associated likelihood of occurrence and how to avoid, eliminate, minimise or mitigate it ► For example how will an organisation prevent or reduce undesirable effects and how will an organisation ensure that it can achieve its intended outcomes and continual improvement? ► Potential impacts = Understanding the context of the organisation and understanding the needs and expectations of interested parties The Risk Approach & Potential Impacts?

15 (c 6.1 / – Actions to address risks and opportunities) Consideration of the following is required: ► Risk regarding clauses 4.1 & 4.2 ► ‘Prevention’ measures = The whole system is now considered ‘Prevention’ ► Planning of implementation ► Evaluation of effectiveness How might this affect your business? ► Risks/opportunities to the business and meeting customer requirements need to be assessed (see clauses 4.1 & 4.2) ► No documented, formal risk assessment process is required ► However, this a fundamental requirement of the standard and it needs to be auditable The Risk Approach & Potential Impacts?

16 What you need to consider: ► Customers: Goods, services, specifications ► Suppliers: Supply to correct specification ► Employees (Workers) and Contractors: adequate job information, instructions, environment and equipment ► Regulators: evidence, records of compliance and monitoring ► Neighbours: consideration as to the effect of activity & processes ► Owners & Shareholders: parent organisations for example How might this affect your business? ► The company will have to demonstrate that they have identified all interested parties and that they are aware of their requirements ► These requirements may change, so a periodic review of them may be needed Stakeholders – c 4.2: ‘Interested Parties’ & Potential Impacts

17 ISO requires that OHS aspects are embodied in the overall management system of the organisation for example: Worker participation ► It is logical that those working closest to an OH&S risk will be knowledgeable about it. As such, the participation of workers in the establishment, implementation and maintenance of an OH&S management system can play an important role in ensuring that the risks are managed effectively ► ISO emphasises the need for worker participation in the functioning of an OH&S management system, as well as requiring that an organisation ensures that its workers are competent to do their assigned tasks safely Clause 5: Leadership / Worker Participation & Potential Impacts NEW

18 Potential impacts ► This represents a major change for organisations that currently delegate responsibility to a Health & Safety Manager as the standard requires that there is far greater involvement in the OHS system expected from top management and employees / workers c 5 (a – k) of the ISO/DIS has further information regards leadership such as: ► Top management take overall responsibility and accountability, and ► Active participation of workers and where they exist worker rep’s, and ► Developing, leading and promoting a culture in the organisation that supports the OH & S system Leadership / Worker Participation & Potential Impacts

19 What you need to consider: ► No requirement for any mandatory documentation in this section; but top management need to demonstrate their methods and commitment regarding, communication of OH & S requirements and their methods for providing resources and support for relevant roles and responsibilities How might this affect your business? ► Top management involvement regarding the support of the processes and personnel will need to be demonstrated i.e. auditable ► This may require verification by the external auditor through interviews of members of top management in topics such as context, objectives, strategy and risk Leadership / Worker Participation & Potential Impacts

20 The documentation requirements for OHSAS have been revised in ISO within clause 7.5; the significant change is that of ‘documented information’ not ‘documents and records’ Potential impacts Documented information can include processed information such as that held on smartphones and tablets for example The need for documented information required by the organisation as being necessary for the effectiveness of the OH & S management system (See c Note – size, complexity and competence within the organisation) Clause 7: Support ‘Documentation’ (Revised)

21 ► The existing OHSAS Manual and Procedures can still be retained as these will meet the most of the requirements of the new standard ► Records, documents and procedures have been replaced by ‘Documented Information’ ► The clause and need for a Preventive Action Procedure has been removed, however as part of ‘Planning’, risks to the processes should be identified and preventive measures adopted throughout the system General

22 Annex SL is key: To create ISO management system standards with enhanced consistency where the alignment of the standards are the same; this means that the 10 common elements between standards will be numbered the same as follows: ‘Scope, Normative references, Terms and definitions, Context of the organization, Leadership, Planning, Support, Operation, Performance / Evaluation & Improvement’ The objective: This common approach to new management system standards will make it easier for an organisation to create a single management system known as an Integrated Management System (IMS) and align ISO with other systems already or intended to be followed Integrating ISO with other Management Systems

23 ► There is no need to make any changes to system/documentation just yet ► Study the significant changes and consider actions or methods to meet compliance ► Identify minor changes and / or improvements ► Options – introduce now ? – wait until the FDIS is ratified and is to be implemented which given the latest information / update may mean that the standard may not be ready for Q and may well be early 2017 ► Consider training requirements for transition – various courses will be offered by Alcumus ISOQAR for transition & lead auditors Next Steps

24 ► Publication of the long-awaited new international standard for occupational health and safety – ISO – is likely to be delayed after participating members of the ISO committee ‘disapproved’ its first draft ► Participating members – i.e. those national standards bodies elected to work on the development of the draft international standard (DIS) – were balloted between 12 February and 12 May on whether to approve it ► Seventy-one per cent voted in favour, with 28 per cent against (one per cent abstained). For the DIS to have passed, two-thirds had to be in favour with less than a quarter against, taking into account abstentions ► Members of the ISO work group – a worldwide collaboration of organisations involved in OHS, including IOSH – were notified that the DIS had failed to gain approval Understanding the transition path from BS OHSAS to ISO 45001

25 ► Regardless of the outcome, the consultation that took place during the period of the ballot resulted in more than 3,000 comments – a scale of feedback likely to delay publication of the standard anyway, until February 2017, while it is considered ► IOSH head of policy and public affairs Richard Jones said: “While we cannot go into detail, there are a variety of reasons why participating members have voted against this, and these will need to be resolved at a meeting next month ► “Once concerns about the standard have been addressed, a revised version (DIS2) will be produced for further consultation and ballot ► “IOSH will keep its members abreast of developments. We would ask them to log into MyIOSH and check the ISO section of our website to keep up to date, or keep an eye on news in IOSH Magazine”MyIOSHIOSH Magazine Understanding the transition path from BS OHSAS to ISO 45001

26 1 Understand the requirements of the revised standard 2 Identify any gaps which need to be addressed to meet the new risk–based requirements 3 Prepare a transition plan 4 Provide appropriate training & awareness for relevant parties 5 Revise OHS documentation (e.g. Manual, procedures etc where appropriate) 6 Update the internal audit programme & identify areas for continual improvement 7 Talk to us regarding further transition arrangements ISO introductory workshop We can keep you continually updated on specific transition arrangements ISO IRCA transition lead auditor course How to prepare for ISO 45001:2016

Tel: