Fanfare Over New International Health and Safety Standard
On March 12, 2018, ISO published the World’s first International Standard dealing with health and safety at work. This document “offers a single, clear framework for all organizations wishing to improve OH&S performance.”[i] ISO 45001:2018 is also the first health and safety standard to deal with risks and opportunities instead of focusing only on hazard risk.
What is perhaps even more exciting is the following announcement by ISO: “We predict that most organizations will use ISO 45001:2018 to establish an effective OH&S management system, and just a few will want the extra recognition that comes with certification.’ This may have a lot to do with the way ISO 45001:2018 concentrates on the interaction between an organization and the business environment while its processor (OHSAS 18001) was focused on managing OH&S hazards and other internal issues.
Integrating Work Practice into the Business
OH&S is no longer treated as a “stand alone” discipline. Instead, it is now being viewed within the perspective of operating a sustainable organization. Another recent ISO guidance document, ISO 9004:2018 (Quality Management – Quality of an Organization – Guidance to Achieve Sustained Success) is provided to enhance an organization’s ability to achieve sustained success. This document provides a self-assessment tool to review the extent to which the organization has adopted the organizational improvement concepts in the document.
ISO 14001:2015 (Environmental Management System) and ISO 9001:2015 (Quality Management System) have the following note as part of the clause – Leadership and Commitment: “Reference to ‘business’ in this document can be interpreted broadly to mean those activities that are core to the purposes of the organization’s existence.’
Embracing Risk into ISO Management System Standards
Since 2012, all the new and revised ISO management system standards are using a harmonized high-level structure that requires the organization to examine its internal and external context (Clause 4.1). In Clause 6.1, the organization shall plan actions to address risks and opportunities. ISO 14001:2015 defines ‘risks and opportunities’ as “potential adverse effects (threats) and potential beneficial effects (opportunities).” This allows us to use a PESTLE tool to determine the opportunities and threats that an organization experiences within its unique context. In the planning activity, we determine the intended outcomes that need to be addressed by taking into account these opportunities and threats. We can use ISO 31000 (Risk Management Guidance) to determine the most significant opportunities and threats. Organizations can embrace the opportunities to help offset the threats. This method of dealing with context risks was well-established by AS/NZS 4360:2004 before it became ISO 31000 in 2009. Using risk management is the perfect complement to the creation of sustained success.
Denials of the Need to Address Risk within ISO Management System Standards
In all the new and revised ISO management systems, risk is clearly defined as the “effects of uncertainty” and the fact that risk is expressed as opportunities and threats. Organizations are experiencing an unprecedented barrage of volatility, uncertainty, complexity and ambiguity (VUCA). The efforts to address VUCA are diverting the organization’s focus away from meeting its objectives. This is not a good thing! ISO 9001:2015 makes an argument that “there is no requirement for formal methods for risk management or a documented risk management process. Organizations can decide whether to develop a more extensive risks management methodology than is required by this International Standard.” Their companion document, ISO 9004:2018 makes a case for creating a sustainable organization. While one may not wish to delve in the ISO 31000 (risk management guidance) or its companion document (ISO 31010) with all of the risk assessment tools, context risk is clearly covered in all of the new and revised management systems and those organizations that use them can benefit, as ISO wishes, by improving business performance and to become a sustainable organization.
[i] As referenced in http://www.iso.org/news/ref2271.html
Bio:
Robert B. Pojasek, Ph.D.
Harvard University & Pojasek & Associates LLC
Risk Management & Organizational Sustainability
rpojasek@sprynet.com
(781) 777-1858 Office
(617) 401-5708 Mobile & Text
www.linkedin.com/in/bobpojasek
Organizational Risk Management and Sustainability:
A Practical Step-by-Step Guide
Now available as an e-book
http://tiny.cc/xz3fhy
Also available as an online action learning course
Expert as environment, health & safety, and sustainability professional with a record of providing leadership, training and operational support to all levels of the organization; Implements new and revised management systems to drive EHS/sustainability program conformance throughout the operation; Integrates organizational systems of management using the ISO harmonized high-level structure; Provides support for organizations implementing sustainability/risk management practices featured in my book.