In This Section

News and Articles



Update on ISO Management Systems Standards

May 07, 2024

ISO Technical Committee (TC) 283 is the committee responsible for the ISO 45001 standard on occupational health and safety management systems (OHSMS). ANSI is the voting representative for the U.S. at ISO, and ASSP is the technical advisory group (TAG) administrator to ANSI for TC 283. In that capacity, ASSP works with TAG members to establish voting positions and technical comments on the different standards and guidelines created at the global level.

The TAG shared two recent developments related to ISO management system standards globally and ISO 45001 in the U.S.:

  1. ISO is amending its management system standards to require organizations certified to ISO 9001, 14001 and/or 45001 to consider the effects of climate change.
  2. The TAG published a letter or interpretation related to the U.S. adoption of ISO 45001.

Climate Change as a Relevant Issue

“During your next certification audit, you can expect to be asked, ‘Has your organization determined whether climate change is a relevant issue?’” says Kevin Lehner, vice chair of the U.S. TAG for ISO TC 283 and president of Environmental Compliance Systems Inc. According to Lehner, the change is the result of a revision to ISO’s Harmonized Structure (Appendix 2 of the Annex SL).

Lehner says most organizations certified to ISO 14001 will be able to answer climate change questions but believes “other organizations with current certification to ISO 9001 and/or 45001 might find it more difficult to avoid a nonconformity to these new requirements if they don’t act soon.” He adds that organizational context “will influence how they address climate change in their management systems.”

This change raises several questions that we shared with Lehner and Ken Clayman, chair of the U.S. TAG to ANSI for ISO TC 283.

ASSP: Does this mean ISO TC 283 will write standards specifically addressing climate change?

Lehner/Clayman: TC 283 will not develop standards specifically regarding climate change and its immediate impacts on the environment as that is not included in its remit. However, TC 283 has approved the development of a publicly available standard (PAS) regarding climate change and its potential impacts on individuals in their workplace and as they perform work activities. A PAS is an informational document and does not include specifications or requirements that are required for inclusion in a management system.

TC 283 also believes that ISO 45001, when implemented effectively, encourages organizations to identify climate change hazards and risks, particularly through its requirements to identify hazards and risks related to emergencies, as well as other considerations (Clause 6.1.1 in ISO 45001). These new entries to the standard can be helpful to organizations as they’re determining their context not to overlook those external issues that may not seem to be related to occupational safety and health management.

ASSP: What’s the anticipated impact on ISO 45001? Will climate change be included in the current version of ISO 45001, making it part of any audit?

Lehner/Clayman: As noted, the answer is a partial “yes.” These additional statements (one being a requirement) impact all the management systems standards, including ISO 45001. ISO has taken a position on the London Declaration indicating that climate change will be addressed in management system standards as appropriate.

Regarding ISO 45001, and particularly considering the pending revision expected to begin later this year, climate change considerations will likely be included in discussions, but we don’t know the extent to which the topic will be explicitly included in ISO 45001 requirements.

ASSP: Does this impact existing audits and certifications against ISO 45001 and/or other management systems standards?

Lehner/Clayman: These changes should not affect current audits and existing certifications. However, near-future audits will be impacted. If your organization wishes to pursue certification against a management systems standard, be sure to ask this specific question to your prospective certification body.

Letter of Interpretation Related to U.S. Adoption of ISO 45001

In March 2024, the U.S. TAG to ANSI for ISO TC 283 released a letter of interpretation (LOI) that applies to the U.S. adoption of ISO 45001; the document does not apply to ISO 45001 being implemented on a global basis. The LOI addresses four specific questions.

Question 1: Does Clause 5.1(m) require an organization to have a health and safety committee to comply with ISO 45001:2018?

Lehner/Clayman: No. Clause 5.1(m) is not a strict requirement to establish health and safety committees. Rather, 5.1(m) requires top management to demonstrate its support for health and safety committees to promote non-managerial worker participation in the OHSMS and related activities per Clause 5.4(e)(1). A health and safety committee can be used to satisfy this requirement. An organization might also take a path other than a formal health and safety committee as long as it is equivalent in purpose, promoting workers (nonmanagerial, especially) participation, with demonstrated support from top management.

ISO 45002 provides guidance for implementation of ISO 45001 and gives examples that include ideas of how top management can demonstrate commitment to nonmanagerial participation through formal safety and health committees, as well as other methods. One example (ISO 45002 Section 5.1, Example 5) includes a small business seeking to reduce near misses and incidents through a systems approach; the owner held meetings where the workers were presented the ISO 45001 standard. This information helped them realize how their consultation and participation were key to achieving established OSH management goals. Another example (ISO 45002 Section 5.4, Example 3) describes regular meetings to ensure that knowledge and ideas are exchanged, and that information is not lost as part of a brainstorming meeting with workers.

Question 2: Referencing Clause 10.2, must an organization have all actions identified to address a nonconformity closed within a specific time frame to be in conformance with ISO 45001:2018?

Lehner/Clayman: No. Clause 10.2 of ISO 45001:2018 does not define a specific time frame for reacting “in a timely manner and taking action to deal with the consequences.” There are practical reasons for this. Incidents and nonconformities vary in the complexity of their causes, development of solutions and the subsequent time it takes for implementation. Accordingly, the standard doesn’t specify time frames, only that actions are completed in a timely manner, because it depends on the situation of the incident or nonconformity.

The reaction to and control of any incident requires prompt action, particularly where the consequence has a significant potential for life-threatening or life-altering injuries. That is something an organization needs to determine. The Annex to ISO 45001:2018, Section A.10.2, which provides additional interpretation of requirements, is also silent regarding specific time frames, but emphasizes the effectiveness of corrective actions.

What the standard requires in clause 10.2 relative to timeliness is taking action to control and correct the immediate identified issue or incident that occurred. This means that an organization must determine the time frame for correction relative to the potential consequences that must be addressed. Think of this as a sound plan for preventing further injury and illness that can include temporary mitigation measures.

To help define what timeliness means, it may be helpful to refer to U.S. OSHA’s guidance to its field inspectors. The term “timeliness” is used in assessing compliance with process hazard analysis action completion under the process safety management standard.

Question 3: It’s noted this applies only to the U.S. adoption of ISO 45001. Does that mean we cannot use this insight in other countries?

Lehner/Clayman: That is up to you and your respective leadership team. We are not saying this insight cannot be used in other countries. What we are noting is that this interpretation relates only to the American adoption of ISO 45001. TC 283 has not adopted these interpretations nor taken an official position on them. If you want to use this in other countries, you should maintain documentation and document the rationale for implementation.

Question 4: Does this impact existing audits and certifications against ISO 45001 and/or other management systems standards?

Lehner/Clayman: This should not affect current audits and existing certifications. However, it could impact future audits for organizations within the U.S. If your organization wishes to pursue certification against a management systems standard, be sure to ask your prospective certification body this specific question.

Choose the Right Safety Management System

We have the resources and expert support you need to make informed decisions and drive results at your organization.

    Learn more


    Are You Passionate About Safety?

    Volunteer with ASSP today.

    Get involved


    Jumpstart Your Learning

    Access our latest free webinars, articles and more.

    Advance Your Career

    Earning an ASSP certificate can enhance your career.

    Get Insight & Analysis

    Learn about the latest trends in safety management, government affairs and more.

    Connect With ASSP