Occupational safety and health management systems help save lives and keep organizations on track with their objectives. ISO 45001 is a unique safety management system standard that provides solutions applicable to companies with global supply chains. By consistently working to identify and mitigate risks, and participating in an ISO 45001 certification process that validates those efforts, businesses can better protect workers and improve their bottom line.
With several safety management system standards available, how can you decide whether ISO 45001 is right for you and your organization? We spoke with Elbert Sorrell, Ed.D., CSP, an ISO 45001 auditor and professor emeritus of environmental health and safety at the University of Wisconsin-Stout, to find out.
ASSP: What would you like people to know about you and your approach to your work?
Elbert: I consider myself a low-key individual — a team player. Some people in our profession aspire to or hold leadership roles, and that’s important, but you also need individuals who are able to support that leadership. I feel like that is one of my strong suits: Providing support to people who are working to move their ideas from concept to reality.
In part because I’m retired, I also prefer to only work on projects I’m passionate about. In 2006, I developed an interest in safety management systems and auditing because I was really intrigued by the systematic approach to protecting people and assets. I began traveling internationally — to Singapore, Peru, Germany — and gaining experience with safety management that solidified my interest in effective structures.
ASSP: What are voluntary consensus standards? Why do they matter, and how are they developed?
Elbert: When I think of voluntary consensus standards, I think of safety and health standards that are developed by people from all walks of life. They are useful because they provide researched-based, data-driven information that keeps businesses from having to continually reinvent the wheel on issues that affect individuals across many industries.
Due to the fact that you have people from different organizations and disciplines participating on standards development committees, a lot of compromise takes place leading up to a consensus vote. The compromise makes for an interesting and dynamic process. It also results in standards that give organizations an informed starting point for programs such as safety management, lockout/tagout and fall protection.
ASSP: What is ISO 45001, and how is it different from other safety management system standards?
Elbert: First and foremost, ISO 45001 is an international standard. People across the globe came together to reach consensus, which I think is quite an accomplishment. We worked on it for a long time, and I was honored to participate with the U.S. technical advisory group.
ISO 45001 focuses on occupational safety and health management systems and provides guidelines for their use. It also provides a process for identifying hazards and risks and reducing their impact with effective controls. It assigns responsibility and accountability to individuals who are closest to that process, with an emphasis on ensuring competent people are in a position to fully understand and correctly implement the standard.
ASSP: Which types of companies can benefit most from the ISO 45001 framework?
Elbert: That’s an interesting question because all organizations have safety concerns and can benefit from the systems outlined in ISO 45001. Obviously, we have to acknowledge that while some small organizations may have a safety management system in place, they don’t have the same resources that larger organizations have so the scale and scope are different.
General industry — manufacturing, transportation — is what people tend to imagine benefitting from a standard like this. Due to the rise of e-commerce and the challenges it brings, safety management systems have become uniquely important for some of those businesses. But I also think about healthcare, government and service-based industries.
I have audited government entities that do an excellent job implementing safety management systems. I’ve done audits on military installations, and I continue to be amazed by the level of commitment and detail they put into everything, as well as the quality of their safety leadership.
ASSP: Before organizations adopt and implement ISO 45001, they need to assess the safety systems they already have in place. Which questions should safety professionals be asking throughout the assessment process?
Elbert: First, organizations need to ask themselves whether they’re willing to commit the resources necessary to implement ISO 45001 and get certified by a third-party certification body. The answer to that question will establish a mind-set among senior leaders.
Then, there’s the question of organizational culture: Do we want to move from a system where it is me responsible for safety to a system where it is we who are responsible for safety? ISO 45001 makes safety and health a shared responsibility. Safety, operations, human resources and other professionals have to work together.
The safety professional’s perspective is especially valuable when it’s time to conduct a gap analysis and answer questions about where an organization should focus its ideas and attention. If a business understands its shortcomings, it’s better equipped to improve. The safety professional’s expertise is also needed for educating others about the requirements of the standard.
ASSP: ISO 45001 can prompt companies to make changes that significantly affect numerous stakeholders, often across multiple countries. How can safety professionals help facilitate clear communication and consensus-building?
Elbert: The primary role of safety professionals is to provide technical support. You have technical aspects of the standard and managerial aspects of the standard. Safety professionals work by collecting information, using evidence-based data and sharing what they know with people who are in the ultimate position to make decisions.
For that reason, it is incumbent upon safety professionals to make sure they have the evidence they need to show there will be costs associated with implementing a safety management system, but there will also be benefits. They have to be able to say this in the language of business because senior leaders are accountable for the money they spend.
The approach safety professionals take will depend on their organization’s culture, financial health and reporting structure. But at the end of the day, they should be able to interpret the standard and explain the ways it could impact occupational safety and health at their business.
ASSP: It’s important to set business performance goals associated with implementing a safety management system. Which goals do you see the most? Which do you think are particularly helpful or misguided?
Elbert: The whole concern of performance measurement is critical but often misunderstood. Organizations tend to focus on lagging indicators, which are basically consequences. In my opinion, those are simply ways of measuring failures. Lagging indicators are still useful, but only if considered in conjunction with activity measures — or leading indicators — which give management a better picture of how things are trending and functioning. You don’t want to manage your failures, you want to manage your activities. You want to be concerned with the upstream activity that has downstream implications.
When it comes to goal-setting, the first step is to consider what you’re trying to accomplish and how it aligns with corporate objectives. We cannot afford to operate in a vacuum, which is the problem safety and health professionals have been encountering for years. ISO 45001 tends to integrate safety and health into regular business operations.
ASSP: One of the most frequently cited benefits of organizations showing their commitment to safety in this way is that it gives them a competitive advantage in the market. Can you share a bit more about that? Why is a safe business likely to be a more successful business?
Elbert: Most people will agree that there are some standard benefits associated with the implementation of ISO 45001. Perhaps most importantly, you will have a systematic approach to managing occupational hazards and risk. You will be able to proactively adjust issues, both existing and potential, which is likely to improve your public image and organizational culture.
Potential hires and investors are also noticing what organizations are doing from a sustainability standpoint. If people have a choice in where they work, they tend to choose companies known for prioritizing worker safety and health. Hiring top talent, then taking care of the people you hire, is good for business, which is good for shareholders.
ASSP: What is the process of certifying to a safety management system standard like ISO 45001, and why is that a step worth taking?
Elbert: The aim of certification is to give stakeholders confidence that their safety management system is meeting requirements of the standard. There’s a value associated with that, as we’ve discussed. Leaders want certification to positively impact public image and sustainability metrics. Having an impartial, competent, third-party assessor can help build public confidence and trust.
The certification process is cyclical and happens every three years. You start with a pre-assessment audit. The pre-assessment is performed by the certification body, and they conduct a document review.
Then we move into what we call a phase one process. This is where the certification body conducts an audit of the organization that goes a little deeper than the pre-assessment activities. They could be looking at the entire organization or just one of its facilities, so determining the scope of the audit is important. Finally, during the phase one process, auditors look at whether a company is truly ready for phase two.
During the phase two process, we do a complete review of the management system to determine conformity to the requirements. That is accomplished through observations, the collection of information and interviews. Then, finally, auditors do what we call a management review where we discuss an organization’s proactive and preventive actions. The auditor makes a recommendation about whether the auditee should move toward certification, then the certification body or the registrar makes the decision.
ASSP: What didn’t we ask? Is there anything you’d like to add?
Elbert: I like to share information, particularly with organizations that are interested in the certification process, because I honestly believe it’s a logical step. If anybody is interested in voluntary consensus standards, ISO 45001 or ASSP’s Certification and Accreditation Institute, I’d be more than happy to discuss.
Choose the Right Safety Management System
We have the resources and expert support you need to make informed decisions and drive results at your organization.