ISO 45001: how is it structured?

ISO 45001, published in 2018, replaces OHSAS 18001. It focuses on risk prevention, well-being at work, and worker participation.

Marie Faucon
EHS Consultant
Update : 
12.09.2025
Publication: 
10.04.2018
Contents
Example H2
Request a demo

In 2018, after five years' work, the ISO 45001 standard was published. It is structured according to the following 10 chapters imposed by the HLS structure.

ISO 45001: Scope of application

The expected results of an OHS (Occupational Health and Safety) management system are specified: the aim is to provide safe and healthy workplaces, by preventing work-related injuries and illnesses.

What's more, ISO 45001 now enables an organization to integrate other aspects of health and safety, such as well-being and quality of life at work, into its OHS management system.

Normative references

This chapter, imposed by the HLS structure of ISO standards, makes no reference to this ISO 45001 standard.

Terms and definitions

The key term worker is defined as "a person performing work or work-related activities under the control of the organization". Three notes* specify that "the work or work-related activities carried out under the organization's control may be carried out by workers employed by the organization, external service providers, external contributors, private individuals, temporary workers, etc.".

The definition of "workplace" is rewritten: "a place under the control of the organization where a person must be or go to work".

Organizational context

This chapter 4 brings together new requirements requiring the organization to identify its contextual elements (economic, social, political, technological, legal...), as well as the relevant needs and expectations of its workers and other interested parties, in order to determine those that could become legal and other requirements.

Leadership and employee participation

Management's leadership and commitment to the management system are strengthened: it must demonstrate this in particular by :

  • Assuming full responsibility and accountability for the prevention of work-related injuries and illnesses and the provision of safe and healthy workplaces,
  • Developing, supporting and promoting a culture within the organization conducive to the expected results of the OHS management system,
  • Protecting workers who report adverse events, hazards, risks and opportunities from reprisals,
  • Ensuring that the organization establishes and implements a process(es) for worker consultation and participation,
  • Supporting the establishment and operation of health and safety committees.

Requirement 5.4 is devoted to the consultation and participation of workers, which becomes a commitment of the OHS policy. The emphasis is on consultation and participation of all workers:

  • Consultation on identifying stakeholder needs and expectations, determining what needs to be monitored, measured and evaluated...
  • Participation in determining requirements in terms of skills, training needs, training and training evaluation, choosing what to communicate and how to do it...

To achieve this, the organization must provide the necessary procedures, time, training and resources. It must also provide timely access to clear, understandable and relevant information on the OHS management system.

Planning

Chapter 6 brings together the provisions relating to actions to be taken in response to risks and opportunities, identification of hazards and assessment of risks and opportunities, determination of legal and other requirements, OHS objectives and planning of actions to achieve them. For this planning phase, and in particular with a view to defining OHS objectives, ISO 45001: 2018 requires the organization to:

  • to take greater account of its global challenges and the expectations of its employees and other stakeholders,
  • determine the "risks and opportunities " that may arise from its hazards, OHS risks, and legal and other requirements.

This approach means that OHS policy and objectives are more closely aligned with the company's overall strategy.

Support

Chapter 7 groups together requirements concerning the provision of the resources needed to operate the management system, worker competence and awareness, communication and documented information. From now on, workers must also be made aware of their ability to exercise their right to withdraw from work situations which they consider to present a serious and imminent danger to their life or health, and of the provisions protecting them from undue consequences when they do so.

When it comes to communication, the organization must put in place a process that enables it to determine what information is relevant to communicate, taking into account its legal and other requirements.

Operational activities

Chapter 8 contains provisions for operational control and emergency preparedness and response. Detailed requirements appear for :

  • Workplaces with several employers, where the organization must coordinate the relevant parts of the OHS management system with other organizations,
  • Elimination of hazards and reduction of OHS risks: to achieve this, the organization must use the hierarchy of preventive measures imposed by the French Labor Code, i.e. first eliminate the hazard, and lastly use appropriate personal protective equipment (PPE). In many countries, legal requirements include the provision of PPE free of charge. It should be noted that the hierarchy of preventive measures is set out in requirement 4.3.1 of OHSAS 18001 for the determination of means of control,
  • Change management, which is the subject of requirement 8.1.3: the organization must establish processes to control changes which have an impact on OHS performance, such as new products, changes in workforce or working conditions, developments in knowledge about OHS hazards and risks...

Performance assessment with ISO 45001

Chapter 9 contains requirements for performance monitoring, measurement, analysis and evaluation, conformity assessment, internal audits and management reviews.

With regard to monitoring and measurement obligations, it is up to the organization to determine what needs to be monitored and measured, including the effectiveness and efficiency of operational and other preventive measures. In terms of conformity assessment, ISO 45001 2018 requires the organization to maintain knowledge and understanding of its compliance with legal and other requirements.

ISO 45001: Improvement

Chapter 10 brings together requirements relating to undesirable events, non-conformities, corrective actions andcontinuous improvement. Preventive actions are now replaced by the risk approach.