SEMINAR ON

OCCUPATIONAL HEALTH
AND SAFETY MANAGEMENT
SYSTEM
ISO 45001:2018

Shah Alam Convention Center

(SACC) 17 October 2019
 BACKGROUND
• An organization is responsible for ensuring safe and
healthy workplace
• >2.78 million deaths per year (ILO statistic 2017) as a result of
work activities
• ISO 45001 is developed to manage OH&S risks, improve
OH&S performance
• Important for organization to eliminate or minimize OH&S risks
by taking appropriate preventive measures
• Emphasizes the need for worker participation
Why Worry about OSH?

• Moving traffic vehicles

• Hit by falling/flying object
• Slip, trip, fall
• Fall from height
• Chemicals
• Machineries
• Confine space
• Weather condition
• etc…..
Why Worry about OSH?
• Laborer dies after being run over by a backing dump
truck during a night time paving project
• Traffic control supervisor dies when struck by an asphalt
dump truck while picking up cones on a roadway work
zone
• Highway construction supervisor dies after being backed
over by a water truck
 Why Worry about OSH?

• Laborer on roadway construction work site run over

and killed by a backing flat bed dump truck
• Flagman dies after being run over by a dump truck
• Soil compactor overturn kills operator
• Guardrail installers die after being struck by a
guardrail
 Why Worry about OSH?

• Why do you need to be concerned

about safety and health?

Loss
WC Pain!

SOCSO
$$$$

Lost
time Hurt DOSH
Why Worry: Common Reasons
1. Getting hurt isn’t fun!!!

Not All Pain is Gain

Nobody likes getting hurt

Healthy employees are more

productive employees
Why Worry: Common Reasons
1. Getting hurt isn’t fun!!!
2. Cost of Accidents
Cost of Accidents
• Direct Costs
– Medical Costs (including worker’s
compensation)
– Indemnity Payments
• Indirect Costs
– Time Lost
– Schedule delays
– Training new employees
– Cleanup time / equipment repairs
– Product / material damage
– Legal fees
 Why Worry: Common Reasons

1. Getting hurt isn’t fun!!!

2. Cost of Accidents
3. Legal Issues and Liability
Legal Issues and Liability
• As a result of OHS violations:
– You can be named in a lawsuit
– Criminal charges may be filed against you
– You can be cited by an enforcement agency
– You can be fined by an enforcement agency
– Your workplace can be shut down by an enforcement
agency
Legal Issues and Liability
• Because of personal liability, and you can be
named as a defendant in a lawsuit
– Wherever you work, it does not protect
you.
Legal Issues and Liability
• You can have criminal charges filed against
you.
– Negligent supervisors and employers have
been charged with manslaughter
Legal Issues and Liability
• You can be cited by an enforcement agency
– Jabatan Keselamatan dan Kesihatan
Pekerjaan (JKKP)
• They have been here before..
Legal Issues and Liability
• Cease and desist orders: if the violations are serious
enough, agencies such as JKKP can (and will) shut down the
workplace/site until the problems are corrected.
So how do you protect yourself?

…remember, OSH is everybody’s

business….
 OCCUPATIONAL
SAFETY AND HEALTH MANAGEMENT
Why We Need OSH Management?

• Many lives lost annually due to workplace

accidents, work related cancer, etc
• JKKP accident statistics 2018
–D : 260
– PD : 234
– NPD : 4537
• Thousands of injuries and diseases per annum
Statistics from JKKP

• ..\Penang_230819\Official Website Department of

Occupational Safety and Health - Sector.pdf

• ..\Penang_230819\Official Website Department of

Occupational Safety and Health - National
Occupational Accident & Fatality Rate.pdf
 Lost Time Injury

• Work injury other than permanent partial disability which

renders the injured person temporarily unable to perform a
regular job after the day on which the injury was received.
E.g.: 1 full day MC is already considered an LTI case
 Why We Need OSH Management?

• Planning to prevent accidents and ill health as

opposed to reacting after occurrence
• All activities in an organization have OSH
implications
• Control on OSH as important as financial, quality,
purchasing, etc
• Therefore, OSH is a management function
 OSHMS

• Standards
– OHSAS 18001:2007 (not valid after Mac 2021)
– MS 1722:2011 (not valid after Mac 2021)
– ISO 45001:2018
OHSAS 18001:2007 / ISO 45001:2018

• Organizations increasingly concerned with OHS

performance
• Increasingly stringent legislation
• Development of economic policies
• Increased concern by interested parties
• Over 50,000 organizations worldwide are certified
to OHSAS 18001:2007 / ISO 45001:2018
OHSAS 18001:2007 / ISO 45001:2018

• Enable organization to develop & implement

OHSMS
• Apply to all type and sizes of organization
• Basis of the approach – PDCA – risk based
OHSAS 18001:2007 / ISO 45001:2018

• Commitment from Top Management and employees is

paramount
• Enables performance improvement
• Overall aim – support and promote good OHS practice
Definitions

• Hazard
– Source, situation, or act with a potential for harm
in terms of human injury or ill health, or a
combination of both
• Hazard identification
– Process of recognizing that a hazard exist
and defining its characteristics
• Incident
Definitions
– Work-related events in which
an injury or ill health
(regardless of severity) or
fatality occurred, or could have
occurred
• NOTE 1 – an accident is an incident which
has given rise to injury, ill health or fatality
• NOTE 2 – an incident where no injury, ill health
or fatality occurs may also be referred to as a
“near miss”, “near hit”, “close call” or “dangerous
occurrence”
• NOTE 3 – an emergency situation
 WHAT IS ISO 45001?

• an international standard that specify requirements for an

OH&S management system
• a standard to enable organization to proactively improve its
OH&S performance in preventing injury and ill-health
• intended to be used by any organization
• all of its requirements are intended to be integrated into
an organization’s own management processes
 WHAT ISO 45001 IS NOT…

• Does not state specific criteria for OH&S performance

• Does not specifically address issues such as product safety,
property damage or environmental impact (unless they present a
risks to its workers)
• Is not intended to be a legally binding document, it is a
management tool for voluntary use
 WHAT WILL BE THE BENEFITS OF USING ISO 45001?

Enable organization to improve its OHS performance by;

–developing and implementing OHS policy and objectives
–establishing systematic processes which consider its “context” and
which take into account its risks and opportunities, and its legal
and other requirements
–determining the hazards and OHS risks associated with its
activities ; seeking to eliminate them, or putting in controls to
minimize their potential effects
–establishing operational controls to manage its OHS risks and its
legal and other requirements
–increasing awareness of its OHS risks
–evaluating its OHS performance and seeking to improve it,
through taking appropriate actions
–ensuring workers take an active role in OHS matters
 WHAT WILL BE THE BENEFITS OF USING ISO
45001?
More direct benefits e.g.;
–improving its ability to respond to regulatory compliance
issues
– reducing the overall costs of incidents
– reducing downtime and the costs of disruption to
operations
– reducing the cost of insurance premiums
– reducing absenteeism and employee turnover rates
–recognition for having achieved an international benchmark
(which may in turn influence customers who are concerned
about their social responsibilities)
 WHO ARE THE INTENDED USERS OF THE ISO
45001 STANDARD?

• the simple answer is all organizations.

• micro business, or a global conglomerate ; a non-profit
organization,
a charity, an academic institution, or a government department
• organization has people working on its behalf, or who may
be affected by its activities, then using a systematic
approach to managing health and safety will bring benefits to
it
• can be used by small low risk operations equally as well as by
high risk and large complex organizations
• consistent with the way organizations manage their other
“business” risks and hence encourages the integration of the
standard’s requirements into organizations’ overall management
processes.
 HOW DOES ISO 45001 RELATE TO OTHER STANDARD?

• follows the HLS approach that is being applied to other ISO

management system standards, such as ISO 9001 (quality) and
ISO 14001 (environment)
• consideration has been given to the content of other
international standards (such as OHSAS 18001 or ILO – OSH
Guidelines and national standards, as well as to the ILO’s
International Labour standards and conventions (ILSs).
• its requirements consistent with the other standards
• allow for a relatively easy migration from using an existing
OHS management system standard
• allow for the alignment and integration with the requirements of
other ISO management system standards into their organization’s
overall management processes
MS ISO 45001:2018
 AIM OF OH&S MS

Purpose of OHS MS = to provide a framework for managing OHS

risks.

Intended outcomes of OH&S MS

- to prevent injury and/or ill health to workers;
- to provide safe and healthy workplaces; and;
- to continually improve OH&S performance.
 SUCCESS FACTORS

• Key factors effecting success of OHS MS;

• top management leadership, commitment,
responsibilities and accountability;
• top management developing, leading and
promoting culture that supports the intended
outcomes of the OHS MS;
• communication;
• consultation and participation of workers;
• allocation of the necessary resources;
• OHS policies, which are compatible with the overall
strategic direction of the organization;
 SUCCESS FACTORS

• Key factors effecting success of OHS MS;

• top management leadership, commitment,
responsibilities and accountability;
• top management developing, leading and
promoting culture that supports the intended
outcomes of the OHS MS;
• communication;
• consultation and participation of workers;
• allocation of the necessary resources;
• OHS policies, which are compatible with the overall
strategic direction of the organization;
 For All Tasks, Jobs And Activities, Stand Sack 5
Paces
And Take S Minutes To Identify Potential Hatards

1hlsbook h uppltl:d bv TliFfA,. Prodoct aBd mu t asterttl,.d

•s sult.abk> for tlw ta11t bv a comp t"1 l l)trson
fUFfA... ProduCI ta no 'f\POM'btl•tv for ots
USf

TUFF'APROOUCTS.CO "'U l 6 1 2 bll'll'lo 3;J.&?

lifTF02
ANNEX SL: HIGH LEVEL STRUCTURE CLAUSES
1 Scope
2 Normative references
3 Terms and definitions
4 Context of the organization
5 Leadership
6 Planning
7 Support
8 Operation
9 Performance evaluation
10 Improvement
ANNEX SL HIGH LEVEL STRUCTURE MS ISO 45001

1 SCOPE 1 SCOPE
2 NORMATIVE REFERENCES 2 NORMATIVE REFERENCES
3 TERMS AND DEFINITIONS 3 TERMS AND DEFINITIONS
4 CONTEXT OF THE 4 CONTEXT OF THE
ORGANIZATION ORGANIZATION
5 LEADERSHIP 5 LEADERSHIP AND WORKER
PARTICIPATION
6 PLANNING 6 PLANNING
7 SUPPORT 7 SUPPORT
8 OPERATION 8 OPERATION
9 PERFORMANCE EVALUATION 9 PERFORMANCE EVALUATION
10 IMPROVEMENT 10 IMPROVEMENT
ANNEX SL HIGH LEVEL MS ISO 45001:2018 MS ISO 14001:2015
STRUCTURE
1 SCOPE 1 SCOPE 1 SCOPE

2 NORMATIVE REFERENCES 2 NORMATIVE REFERENCES 2 NORMATIVE REFERENCES

3 TERMS AND DEFINITIONS 3 TERMS AND DEFINITIONS 3 TERMS AND DEFINITIONS

4 CONTEXT OF THE 4 CONTEXT OF THE 4 CONTEXT OF THE

ORGANIZATION ORGANIZATION ORGANIZATION
5 LEADERSHIP 5 LEADERSHIP AND WORKER 5 LEADERSHIP
PARTICIPATION
6 PLANNING 6 PLANNING 6 PLANNING

7 SUPPORT 7 SUPPORT 7 SUPPORT

8 OPERATION 8 OPERATION 8 OPERATION

9 PERFORMANCE 9 PERFORMANCE 9 PERFORMANCE

EVALUATION EVALUATION EVALUATION
10 IMPROVEMENT 10 IMPROVEMENT 10 IMPROVEMENT
MANAGEMENT SYSTEM INTEGRATION

QMS

ISMS EMS

ABMS OHSM
S
DOCUMENTATION

OHS management system shall

include:
• documented information required
by MS ISO 45001:2018;
• documented information
determined by the organization as
being necessary for the
effectiveness of the OH&S
management system
 Documented information – processes needed
(Procedures)
1. Risks and opportunities
2. Hazard identification
3. Assessment of risks and opportunities
4. Risks control (and criteria) including elimination of hazard
and reduction of risks
5. Legal and other requirements
6. Consultation and participation of workers
7. Internal and external communication
8. Management of change
9. Procurement
10. Emergency preparedness and response
11. Monitoring, measurement, analysis and performance
evaluation
12. Incident and nonconformities
Documented information–to maintain, to retain (Records)

1. Scope of OH&S management system (4.3) Scope of

OHS.pptx
2. Policy (5.2)Policy.pptx
3. Objectives (6.2.2)HSE Objectives.ppt Objective.pptx
4. Responsibilities and authorities for relevant roles within
the OHS management system (5.3)Responsibility.doc
5. Competence (7.2)Job requirement.doc
6. Risks and opportunities (6.1)Risk Register.xlsx
7. Risk controls (8.1)
8. Legal and other requirements (6.1.3)
9. Evaluation of compliance on legal and other
requirements (9.1.2)
Documented information–to maintain, to
retain (Records)

10. Communication (7.4)

11. Emergency preparedness and response (8.2)
12. Results of monitoring, measurement, analysis
and performance evaluation (9.1)
13. Maintenance, calibration or verification
of measuring equipment (9.1)
14. Result of compliance evaluation (9.1.2)
15. Internal audit programme and the results
(9.2)
16. Management reviews (9.3)
17. Incidents or nonconformities (10.2)
18. Continual improvement (10.3)
Understanding the CLAUSE 4 Needs and
organization and Context of the expectations of
its context organization workers and
other interested
parties

Scope of the OH&S management system (4.3/4.4)

P

CLAUSE 6
Planning

CLAUSE 7
Support
CLAUSE 5
Leadership
A CLAUSE 10
and worker D PDCA CONCEPT
Improvement
participation
CLAUSE 8
Operation

CLAUSE 9
Performance
evaluation

Intended outcomes of the

OH&S management system
 Worker
TERMS AND DEFINITIONS
Person performing work or work-related activities that are under the control of the
organization

Note 1 : Persons perform work or work-related activities under various

arrangements, paid or unpaid, such as regularly or temporarily, intermittently or
seasonally, casually or non part-time basis.

Note 2 : Workers include top management (3.12), managerial and non-managerial

persons.

Note 3 : The work or work-related activities under the control of the organization
may be performed by workers employed by the organization, or other persons,
including workers from external providers, contractors, individuals, and agency
workers.
Scope ISO 45001:2018 CLAUSES
(Clause 1)
Normative references (Clause 2)
Terms and definition (Clause 3)
Context of the organization (Clause 4)
Leadership and worker participation (Clause 5)
Planning (Clause 6)
Support (Clause 7)
Operation (Clause 8)
Performance evaluation (Clause 9)
Improvement (Clause 10)
 Context of the organization (Clause 4)

Understanding the organization and its

context
Understanding the needs and
expectation of workers and other
interested parties
Determining the scope of OH&S
management system
OH&S management system
 4.1 Understanding the organization
and its context

The organization shall determine

external and internal issues that are
relevant to its purpose and that
affect its ability to achieve the
intended outcome(s) of its OHS
management system.
INTERNAL & EXTERNAL ISSUES

culture
 4.1 Understanding the organization
and its context
External issues (examples)
cultural, social, political, legal, key drivers and trends relevant to
financial, technological, economic the industry or sector having
and natural surroundings and impact on the organization;
market competition, whether
international, national, regional or
local;
introduction of new relationships with, as well
competitors, contractors, as perceptions and values
subcontractors, suppliers, of, its external interested
partners and providers, new parties.
technologies, new laws;
new knowledge on products and
their effect on health and safety;
4.1 Understanding the organization and its
context Internal issues
4.1 Understanding the organization and
its context
Internal issues (examples);
• governance, organizational structure, roles and accountabilities;
• policies, objectives and the strategies that are in place to achieve them;
• the capabilities, in terms of resources, knowledge and competence (e.g.
capital, time, human resources, processes, systems and technologies);
• information systems, information flows and decision-making
processes (both formal and informal);
• introduction of new products, materials, services, tools, software, premises and
equipment;
• relationships with, as well as perceptions and values of, workers;
• the culture in the organization;
• standards, guidelines and models adopted by the organization;
• the form and extent of contractual relationships, including, for example,
outsourced activities;
• working time arrangements;
• working conditions
4.2 Understanding the needs and expectation
of workers and other interested parties
The organization shall determine:

• the other interested parties, in addition to

workers, that are relevant to the OHS MS;
• the relevant needs and expectations (i.e.
requirements) of workers and other interested
parties;
• which of these needs and expectations
are or could become legal requirements
and other requirements.
4.2 Understanding the needs and expectations of
workers and other interested parties
Interested parties (in addition to workers) can include:
legal and regulatory authorities (local, regional, state/provincial, national or
international);
parent organizations;
suppliers, contractors and subcontractors;
workers’ representatives;
workers’ organizations (trade unions) and employers’ organizations;
owners, shareholders, clients, visitors,
local community and neighbours of the organization and the general public;
customers, medical and other community services, media,
academia, business associations and NGOs;
occupational health and safety organizations, occupational safety and health-
care professionals.
4.2 Understanding the needs and expectations
of workers and other interested parties

Relevant needs and expectations:

• Some needs and expectations are mandatory; e.g. laws and regulations.
• Organization may also decide to voluntarily agree to, or adopt, other needs and
expectations (e.g. subscribing to a voluntary initiative).
• Once the organization adopts them they are addressed when planning and
establishing the OH&S management system.
The organization shall determine the boundaries and applicability of the OHS
4.3 Determining the scope of OHS MS
MS to establish its scope.
When determining this scope, the organization shall:
– consider the external and internal issues;
– take into account the requirements of workers and other interested
parties;
– take into account the planned or performed work related activities.
The OHS MS shall include the activities, products and services within
the organization’s control or influence that can impact the organization’s OHS
performance.
The OHS MS shall include the activities, products and services within
the organization’s control or influence that can impact the organization’s OHS
performance.
The scope shall be available as documented information.
 4.4 OHS management system
The organization shall establish, implement, maintain and continually improve
an OH&S management system, including the processes needed and their
interactions, in accordance with the requirements of ISO 45001.
 Context of the organization (Clause 4)
 Understanding the organization and its context
 Understanding the needs and expectation of workers and other interested
parties
 Determining the scope of OHS management system
 OHS management system
 Leadership and worker participation (Clause 5)
Leadership and commitment
OHS policy
Organizational roles, responsibilities and authorities
Consultation and participation of workers
 Overall
responsibility
and
5.1 Leadership and commitment accountability
OH&S
Workers
Policy &
protection
objective
s

Integrate
Promote OH&SMS
good into
OH&S business
culture Top process
Management

Promote
continual Resources
improvement

Achieve Communication
intended
outcomes
Top management shall demonstrate and
5.1 Leadership leadership and commitment with respect
commitment
to the OH&S management system by:
• taking overall responsibility and accountability for the prevention of
work-related injury and ill health as well as the provision of safe and
healthy workplaces and activities;
• ensuring that the OHS policy and related OHS objectives are
established and are compatible with the strategic direction of the
organization;
• ensuring the integration of the OHS management system
requirements into theorganization’s business processes;
(cont): 5.1 Leadership and commitment
• ensuring that the resources needed to establish, implement, maintain and
improve the OHS management system are available;
• communicating the importance of effective OHS management and of
conforming to the OHS management system requirements;
• ensuring that the OHS management system achieves its intended
outcome(s);
• directing and supporting persons to contribute to the effectiveness of the
OHS management system;
• ensuring and promoting continual improvement;
(cont): 5.1 Leadership and commitment
• supporting other relevant management roles to demonstrate their leadership
as it applies to their areas of responsibility;
• developing, leading and promoting a culture in the organization that supports
the intended outcomes of the OHS MS;
• protecting workers from reprisals when reporting incidents, hazards,
risks and opportunities;
(cont): 5.1 Leadership and commitment
• ensuring the organization establishes and implements a process(es) for
consultation and participation of workers;
• supporting the establishment and functioning of health and safety
committees,
NOTE Reference to “business” in this document can be interpreted broadly
to mean those activities that are core to the purposes of the organization’s
existence.
 5.2 OHS
Top management shall establish, policy
implement and maintain an OHS policy that:
• includes a commitment to provide safe and healthy working conditions for the
prevention of work related injury and ill health and is appropriate to the
purpose, size and context of the organization and to the specific nature of its
OHS risks and OHS opportunities;
• provides a framework for setting the OHS objectives;
• includes a commitment to fulfil legal requirements and other requirements;
• includes a commitment to eliminate hazards and reduce OHS risks;
(contd): 5.2 OHS policy Policy.pptx
• includes a commitment to continual improvement of the OHS MS;
• includes a commitment to consultation and participation of
workers, and, where they exist, workers’
representatives.
• The OHS policy shall:
– be available as documented information;
– be communicated within the organization;
– be available to interested parties, as appropriate;
– be relevant and appropriate.
 5.3 Organizational roles, responsibilities and
Top management shall ensure authorities
that the responsibilities and authorities for
relevant roles within the OHS MS are assignedand
communicated at all levels within the organization and
maintained as documented information. Workers at each level of the
organization shall assume responsibility for those aspects of OHS MS over
which they have control.
NOTE While responsibility and authority can be assigned, ultimately top
management is still accountable for the functioning of the OHS management
system.
 5.3 Organizational roles, responsibilities and
Top management shall assign authorities
the responsibility and authority for:
• ensuring that the OHS MS conforms to the requirements of this document;
• reporting on the performance of the OHS MS to top management.
• Responsibility.doc
 5.4 Consultation
The organization and
shall establish, participation
implement of workers
and maintain a process(es) for
consultation and participation of workers at all applicable
levels and functions, and, where they exist,
workers’ representatives, in the development, planning, implementation,
performance evaluation and actions for improvement of the OHS MS.
 TERMS AND DEFINITIONS
Participation

Involvement in decision-making.

Consultation

Seeking views before making any decision.

Note : Consultation and participation includes engaging

health and safety committees and workers’ representatives,
where they exists.
 5.4 Consultation and participation of workers
The organization shall:
• provide mechanisms, time, training and resources necessary for
consultation and participation;
NOTE 1 Worker representation can be a mechanism for consultation and
participation.
• provide timely access to clear, understandable and
relevant information about the OHS MS;
• determine and remove obstacles or barriers to participation and minimize
those that cannot be removed;
NOTE 2 Obstacles and barriers can include failure to respond to worker inputs or
suggestions, language or literacy barriers, reprisals or threats of reprisals and policies
or practices that discourage or penalize worker participation.
 Leadership
Leadership and worker participation (Clause 5)
and commitment
OHS policy
Organizational roles, responsibilities and authorities
Consultation and participation of workers
Actions to address risks and opportunities
– General
Planning (Clause 6)
– Hazard identification and assessment of risk and opportunities
• Hazard identification
• Assessment of OHS risks and other risks to the OHS MS
• Assessment of OHS opportunities and other opportunities to the OHS MS
– Determination of legal requirements and other requirements
– Planning action
OHS objectives and planning to achieve them
– OH&S objectives
– Planning to achieve OH&S objectives
When planningActions
for theto address
OHS MS, therisks and opportunities
organization shall consider the issues
referred to in; (context), the requirements referred to in (interested parties) and
(the scope of its OHS MS) and determine the risks and opportunities that need
to be addressed to:
• give assurance that the OHS MS can achieve its intended outcome(s);
• prevent, or reduce, undesired effects;
• achieve continual improvement.
 TERMS AND DEFINITIONS

Risk
effect of uncertainty

Note : Risk is often expressed in terms of a combination of the consequences of an

event (including changes in circumstances) and the associated “likelihood” of
occurrence.

Note : In this document, where the term “risks and opportunities” is used this means
OH&S risks, OH&S opportunities and other risks
 6.1 Actions to address risks and opportunities
When determining the risks and opportunities to the OH&S MS and its
intended outcomes that need to be addressed, the organization shall take into
account:
• hazards;
• OHS risks and other risks;
• OHS opportunities and other opportunities;
• legal requirements and other requirements.
 TERMS AND DEFINITIONS
occupational health and safety risk
[OHS risk]
combination of the likelihood of occurrence of a work-related hazardous event or
exposure(s) and the severity of injury and ill health that can be caused by the event
or exposure(s)

occupational health and safety opportunity

[OHS opportunity]
circumstance or set of circumstances that can lead to improvement of OHS
performance
The organization, in its planning
6.1 Actions process(es),
to address risks andshallopportunities
determine and assess the
risks and opportunities that are relevant to the intended outcomes of the OHS
MS associated with changes in the organization, its processes or the OHS MS.

In the case of planned changes, permanent or temporary, this assessment shall

be undertaken before the change is implemented.
 6.1 Actions to address risks and opportunities
The organization shall maintain documented information on:
• risks and opportunities;
• the process(es) and actions needed to determine and address its risks and
opportunities to the extent necessary to have confidence that they are
carried out as planned.
Examples of ‘opportunities’;
6.1 Actions
– integrating to address risks and opportunities
OHS requirements at the earliest stage of planning for
facilities relocation, process re-design or replacement of machinery and
plant;
– using new technologies to improve OHS performance;
– improving the OHS culture, such as by extending competence related to
OHS beyond requirements or encouraging workers to report incidents
in a timely manner;
– improving the visibility of top management’s support for the OHS MS;
– enhancing the incident investigation process(es);
– improving the process(es) for worker consultation and participation;
– benchmarking, including consideration of both the organization’s own
past performance and that of other organizations;
– collaborating in forums that focus on topics dealing with OHS.
Risk Management – ISO 31000:2018
The organization shall establish, implement and maintain a process(es) for
6.1.2 Hazard identification
hazard identification that is ongoing and proactive. The process(es) shall take
into account but not be limited to:
• how work is organized, social factors (including workload, work hours,
victimization, harassment and bullying), leadership and the culture in the
organization;
• routine and non-routine activities and situations, including hazards arising
from:
– infrastructure, equipment, materials, substances and the physical
conditions of the workplace;
– product and service design, research, development, testing, production,
assembly, construction, service delivery, maintenance and disposal;
– human factors;
– how the work is performed;
(contd): 6.1.2 Hazard identification
• past relevant incidents, internal or external to the organization, including
emergencies, and their causes;
• potential emergency situations;
• people, including consideration of:
– those with access to the workplace and their activities, including
workers, contractors, visitors and other persons;
– those in the vicinity of the workplace who can be affected by the activities
of the organization;
– workers at a location not under the direct control of the organization;
(contd): 6.1.2 Hazard identification
• other issues, including consideration of:
– the design of work areas, processes, installations, machinery/equipment,
operating procedures and work organization, including their adaptation to
the needs and capabilities of the workers involved;
– situations occurring in the vicinity of the workplace caused by work-
related activities under the control of the organization;
– situations not controlled by the organization and occurring in the
vicinity of the workplace that can cause injury and ill health to
persons in the workplace;
• actual or proposed changes in organization, operations, processes, activities
and OH&S MS;
• changes in knowledge of, and information about, hazards.
 6.1.2.2 Assessment of risks and other risks to the OHS
• The organization shall establish, implement
MS and maintain a process(es) to:
– assess OHS risks from the identified hazards, while taking
into account the effectiveness of existing
controls;
– determine and assess the other risks related to the establishment,
implementation, operation and maintenance of the OH&S MS.
• The organization’s methodology(ies) and criteria for the assessment
of OHS risks shall be defined with respect to their scope, nature and
timing to ensure they are proactive rather than reactive and are used
in a systematic way.
• Documented information shall be maintained and retained on the
methodology(ies) and criteria.
6.1.2.3.Assessment of OHS opportunities and
other opportunities to the OHS MS

The organization shall establish, implement and maintain a process(es) to

assess:
• OHS opportunities to enhance OHS performance, while taking into account
planned changes to the organization, its policies, processes or its activities
and:
– opportunities to adapt work, work organization and work environment to
workers;
– opportunities to eliminate hazards and reduce OH&S risks;
•other opportunities for improving the OH&S management system.
NOTE OH&S risks and OH&S opportunities can result in other risks and other
opportunities to the organization.
 Risk
1 Rating Table
2 (example)
3 4 5
Consequence (Insignificant) (First aid (Minor injury/ ill (Major injury/ ill (Fatalities)
injury) health) health)
Likelihood

1 1 2 3 4 5
(Unlikely to occur but possible)

2 2 4 6 8 10
(unlikely but can reasonably
expected to occur)

3 3 6 9 12 15
(Will occur several times)

4 4 8 12 16 20
(Will occur frequently)

5 5 10 15 20 25
(Continually experienced)
Category RISK IDENTIFICATION RISK ASSESSMENT PLAN ACTIONS Business
& Issue / Medium & High Risk Process/
Requirem Risk Opportunit Likelihood Conseque Score Index i) Avoid Risk Responsib
ent y (A) nces (B) (AXB) ii)Transfer Risk ility/
iii) Mitigate Risk Timeline/
Low Risk Frequency
iv) Accept Risk
The organization shall establish,
6.1.3 Determination ofimplement
legal andand maintain
other a process(es) to:
requirements
• determine and have access to up to-date legal requirements and other
requirements that are applicable to its hazards, OHS risks and OHS MS;
• determine how these legal requirements and other requirements
apply to the organization and what needs to be communicated;
• take these legal requirements and other requirements into account when
establishing, implementing, maintaining and continually improving its OHS
MS.
The organization shall maintain and retain documented information on its legal
requirements and other requirements and shall ensure that it is updated to
reflect any changes.
NOTE Legal requirements and other requirements can result in risks and opportunities to
the organization.
The organization shall plan:
6.1.4 Planning action
• actions to:
– address these risks and opportunities;
– address legal requirements and other requirements;
– prepare for and respond to emergency situations;
• how to:
– integrate and implement the actions into its OH&S MS
processes or other business processes;
– evaluate the effectiveness of these actions;
The organization shall take into account the hierarchy
of controls and outputs from the OHS MS when planning to take action.
When planning its actions, the organization shall consider best practices,
technological options, and financial, operational and business requirements.
The organization shall establish OHS
6.2 OHS objectives at relevant functions and
objectives
levels in order to maintain and continually improve the OHS MS and OHS
performance:

The OHS objectives shall:

a) be consistent with the OHS
policy;
b) be measurable (if practicable) or capable of performance evaluation;
c) take into account:
• applicable requirements;
• the results of the assessment of risks and opportunities;
• the results of consultation with workers, and, where they exist,
workers’ representatives;
– be monitored;
– be communicated;
– be updated as appropriate.
When planning 6.2.2
howPlanning
to achieve to
its achieve OHS objectives
OHS objectives, the organization shall
determine:
• what will be done;
• what resources will be required;
• who will be responsible;
• when it will be completed;
• how the results will be evaluated, including indicators for monitoring;
• how the actions to achieve OHS objectives will be integrated into the
organization’s business processes.

The organization shall maintain and retain documented information on the

OHS objectives and plans to achieve them.
Actions to address risks Planning (Clause 6)
and opportunities
– General
– Hazard identification and assessment of risk and opportunities
• Hazard identification
• Assessment of OHS risks and other risks to the OHS MS
• Assessment of OHS opportunities and other opportunities to the OHS
MS
– Determination of legal requirements and other requirements
– Planning action
OHS objectives and planning to achieve them
– OH&S objectives
– Planning to achieve OH&S objectives
Resources Support (Clause 7)
Competence
Awareness
Communication
– General
– Internal communication
– External communication
Documented information
– General
– Creating and updating
– Control of documented information
The organization shall determine and provide the resources needed for the
7.1 Resources
establishment, implementation, maintenance and continual improvement of
the OHS MS.
The organization shall: 7.2 Competence
• determine the necessary competence of workers that affects or can affect its
OHS performance;
• ensure that workers are competent (including the ability to
identify hazards) on the basis of appropriate education,
training or experience;
• where applicable, take actions to acquire and maintain the necessary
competence, and evaluate the effectiveness of the actions taken;
•retain appropriate documented information as evidence of competence.
NOTE Applicable actions can include, for example, the provision of training to, the
mentoring of, or the reassignment of currently employed persons, or the hiring or
contracting of competent persons.
Workers shall be made aware7.2 of: Awareness
• the OHS policy and OHS objectives;
• their contribution to the effectiveness of the OHS MS, including the benefits of
improved OHS performance;
• the implications and potential consequences of not conforming to the OHS
MS requirements;
• incidents and the outcomes of investigations that are relevant to them;
• hazards, OHS risks and actions determined that are relevant to them;
• the ability to remove themselves from work situations that they consider
present an imminent and serious danger to their life or health, as well as the
arrangements for protecting them from undue consequences for doing so.
 7.4 Communication
The organization shall establish, implement and maintain the process(es)
needed for the internal and external communications relevant to the OHS
management system, including determining:
• on what it will
communicate;
• when to
communicate;
• with whom to
communicate:
– internally among the
various levels and
functions of the
organization;
– among contractors and
visitors to the workplace;
– among other interested
parties;
• how to communicate
 7.4.2 Internal communication
The organization shall:
• internally communicate information relevant to the OHS management
system among the various levels and functions of the organization,
including changes to the OHS management system, as appropriate;
• ensure its communication process(es) enables workers to contribute to
continual improvement.
 7.4.3
The organization shall External
externally communication
communicate information relevant to the
OHS management system, as established by the
organization’s communication process(es) and taking
into account its legal requirements and other requirements.
The organization’s OHS7.5 MS
Documented
shall include:information
• documented information required by this document;
• documented information determined by the organization as being necessary
for the effectiveness of the OHS MS;
NOTE The extent of documented information for an OH&S management system
can differ from one organization to another due to:
• the size of organization and its type of activities, processes, products and services;
• the need to demonstrate fulfilment of legal requirements and other requirements;
• the complexity of processes and their interactions;
• the competence of workers.
 7.5.2 Creating and updating
When creating and updating documented information the organization shall
ensure appropriate:
• identification and description (e.g. a title, date, author or reference
number);
• format (e.g. language, software version, graphics) and media (e.g. paper,
electronic);
• review and approval for suitability and adequacy.
Documented 7.5.3 Control
information of documented
required by the OHSinformation
MS and by this
document shall be controlled to ensure:
• it is available and suitable for use, where and when it is needed;
• it is adequately protected (e.g. from loss of confidentiality, improper use or
loss of integrity).
For the control of documented information, the organization shall address the
following activities, as applicable:
• distribution, access, retrieval and use;
• storage and preservation, including preservation of legibility;
• control of changes (e.g. version control);
• retention and disposition.
Documented 7.5.3 Control
information of of documented
external information
origin determined by the organization
to be necessary for the planning and operation of the OH&S MS shall
be identified, as appropriate, and controlled.
 Support (Clause 7)
Resources
Competence
Awareness
Communication
– General
– Internal communication
– External communication
Documented information
– General
– Creating and updating
– Control of documented information
 Operation (Clause 8)
Operational planning and control
– General
– Eliminating hazards and reducing OHS risks
– Management of change
– Procurement
• General
• Contractors
• Outsourcing
Emergency preparedness and response
The organization8.1 Operational
shall planning
plan, implement, controland
andcontrol
maintain the processes
needed to meet requirements of the OHS MS, and to implement the actions
determined in Clause 6, by:
– establishing criteria for the processes;
– implementing control of the processes in accordance with the criteria;
– maintaining and retaining documented information to the extent
necessary to have confidence that the processes have been
carried out as planned;
– adapting work to workers.
At multi-employer workplaces, the organization
shall coordinate the relevant parts of the
OHS MS with the other organizations.
 8.1.2 Eliminating hazards and reducing OHS risks
The organization shall establish, implement and maintain a process(es) for the
elimination of hazards and reduction of OHS risks using the following
“hierarchy of control”:
• eliminate the hazard;
• substitute with less hazardous processes, operations, materials or
equipment;
• use engineering controls and reorganization of work;
• use administrative controls, including training;
• use adequate personal protective equipment.
NOTE In many countries, legal requirements and other requirements include the
requirement that personal protective equipment (PPE) is provided at no cost to workers.
8.1.2 Eliminating hazards and reducing OHS risks
Hierarchy of control

Noise hazard (from piling activity)

Elimination  Eliminate the process (use
pad footing / raft footing)
Substitution  Substitute process with less noise
(micro pile / bore pile/ injection)
Engineering
controls  Isolate the noise (use of
silencer)
Admin
controls  Signage's, warning,
procedures
PPE  Ear plug, ear
muff
Hierarchy of control

Working at night

Elimination  Eliminate the process

(No working at night)
Substitution  Substitute (fully
automated)
Engineering
controls  Use flood light

Admin  All the workers trained to

controls
work night work / Work on
shift
PPE
 Use head light / reflector
Hierarchy of control

Riding motorbike to work

Elimination  Don’t go to work / Change

job

Substitution  Use Public transport /

car
Engineering  Modify the motorbike to be safe/ put shield /
controls warning lights / extra wheel
Admin  Get proper training on how to ride
controls motorbike.
Use motorbike lane. Go early to work, come
PPE back late.
 Use helmet / wear jacket
The organization shall establish
8.1.3 a process(es)
Management for the implementation and
of change
control of planned temporary and permanent changes that impact OHS
performance, including:
• new products, services and processes, or changes to existing products,
services and processes, including:
– workplace locations and surroundings;
– work organization;
– working conditions;
– equipment;
– work force;
• changes to legal requirements and other requirements;
(contd): 8.1.3 Management of change
• changes in knowledge or information about hazards and OHS risks;
• developments in knowledge and technology.

The organization shall review the consequences of unintended changes, taking

action to mitigate any adverse effects, as necessary.
NOTE: Changes can result in risks and opportunities.
8.1.4 Procurement -
Contractors
The organization shall coordinate its procurement process(es) with its
contractors, to identify hazards and to assess and control the OHS risks, arising
from the:
• contractors’ activities and operations that impact the organization;
• organization’s activities and operations that impact the contractors’ workers;
• contractors’ activities and operations that impact other interested parties in
the workplace.
The organization shall ensure that the requirements of its OHS MS
are met by contractors and their workers. The organization’s
procurement process(es) shall define
and apply OHS criteria for the selection of contractors.
• NOTE It can be helpful to include the occupational health and safety criteria for the
selection of contractors in the contractual documents
The organization shall ensure that Outsourcing
8.1.4.3 outsourced functions and processes are
controlled.
The organization shall ensure that its outsourcing arrangements are consistent
with legal requirements and other requirements and with achieving the
intended outcomes of the OHS management system.
The type and degree of control to be applied to these functions and processes
shall be defined within the OHS management system.
NOTE Coordination with external providers can assist an organization to address any
impact outsourcing has on its OH&S performance.
The organization shall establish,
8.2 Emergency implement andand
preparedness maintain a process(es)
response
needed to prepare for and respond to potential emergency situations, as
identified in 6.1.2.1, including:
• establishing a planned response to emergency situations, including the
provision of first aid;
• providing training for the planned response;
• periodically testing and exercising the planned response capability;
• evaluating performance and, as necessary, revising the planned
response, including after testing and in particular after the occurrence of
emergency situations;
• communicating and providing relevant information to all workers on
their duties and responsibilities;
(contd):
8.2 Emergency
• communicating preparedness
relevant information and response
to contractors, visitors,
emergency response services, government authorities and, as
appropriate, the local community;
• taking into account the needs and capabilities of all relevant interested
parties and ensuring their involvement, as appropriate, in the development
of the planned response.
The organization shall maintain and retain documented information on the
process(es) and on the plans for responding to potential emergency
situations.
 Operation
Operational planning and control (Clause 8)
– General
– Eliminating hazards and reducing OH&S risks
– Management of change
– Procurement
• General
• Contractors
• Outsourcing
Emergency preparedness and response
 Performance
Monitoring, measurement, evaluation
analysis (Clause evaluation
and performance 9)
– General
– Evaluation of compliance
Internal audit
– General
– Internal audit programme
Management review
9.1 Monitoring, management, analysis and
performance evaluation

The organization shall establish, implement and maintain a process(es) for

monitoring, measurement, analysis and performance evaluation.

The organization shall determine:

• what needs to be monitored and measured, including:
– the extent to which legal requirements and other requirements are
fulfilled;
– its activities and operations related to identified hazards, risks and
opportunities;
– progress towards achievement of the organization’s OHS
objectives;
– effectiveness of operational and other controls;
9.1 Monitoring, management, analysis and
performance evaluation

The organization shall determine (contd):

• the methods for monitoring, measurement, analysis and performance
evaluation, as applicable, to ensure valid results;
• the criteria against which the organization will evaluate its OHS
performance;
• when the monitoring and measuring shall be performed;
• when the results from monitoring and measurement shall be
analysed, evaluated and communicated.
9.1 Monitoring, management, analysis and
performance evaluation

The organization shall ensure that monitoring and measuring equipment

is calibrated or verified as applicable, and is used and maintained as
appropriate.
NOTE There can be legal requirements or other requirements (e.g. national or
international standards) concerning the calibration or verification of monitoring
and measuring equipment.

The organization shall retain appropriate documented information:

• as evidence of the results of monitoring, measurement, analysis and
performance evaluation;
• on the maintenance, calibration or verification of measuring
equipment.
ESH Management Program - Site.doc
ESH Management Program - Office.doc
 9.1.2
The organization shall Evaluation
establish, of compliance
implement and maintain a process(es) for
evaluating compliance with legal requirements and other requirements.

The organization shall:

• determine the frequency and method(s) for the evaluation of compliance;
• evaluate compliance and take action if needed;
• maintain knowledge and understanding of its compliance status with legal
requirements and other requirements;
• retain documented information of the compliance evaluation result(s).
• Evaluationof Compliance.docx
 9.2internal
The organization shall conduct Internal audit
audits at planned intervals to provide
information on whether the OHS MS:
• conforms to:
– the organization’s own requirements for its OHS MS, including
the OHS policy and OH&S objectives;
– the requirements of this document;
• is effectively implemented and maintained.
The organization, shall: 9.2 Internal audit
• plan, establish, implement and maintain an audit programme(s) including the
frequency, methods, responsibilities, consultation, planning requirements and
reporting, which shall take into consideration the importance of the processes
concerned and the results of previous audits;
• define the audit criteria and scope for each audit;
• select auditors and conduct audits to ensure objectivity and the impartiality of
the audit process;
(contd): 9.2 Internal audit
• ensure that the results of the audits are reported to relevant managers;
ensure that relevant audit results are reported to workers, and, where they
exist, workers’ representatives, and other relevant interested parties;
• take action to address nonconformities and continually improve
its OH&S performance ;
• retain documented information as evidence of the implementation of the audit
programme and the audit results.
NOTE For more information on auditing and the competence of auditors, see ISO 19011.
Top management shall review the organization’s
9.3 Management OH&S management
review
system, at planned intervals, to ensure its continuing suitability, adequacy
and effectiveness.
The management review9.3 Management
shall review of:
include consideration
• the status of actions from previous management reviews;
• changes in external and internal issues that are relevant to
the OH&S MS including:
– the needs and expectations of interested parties;
– legal requirements and other requirements;
– risks and opportunities;
• the extent to which the OH&S policy and the OH&S objectives have been
met;
The management review 9.3shall include consideration
Management review of (contd):
• information on the OHS performance, including trends in:
– incidents, nonconformities, corrective actions and continual improvement;
– monitoring and measurement results;
– results of evaluation of compliance with legal requirements and other
requirements;
– audit results;
– consultation and participation of workers;
– risks and opportunities;
• adequacy of resources for maintaining an effective OHS MS;
• relevant communication(s) with interested parties;
• opportunities for continual improvement.
 9.3 Management
The outputs of the management review shallreview
include decisions related to:
– continuing suitability, adequacy and effectiveness of the OHS MS in
achieving its intended outcomes;
– continual improvement opportunities;
– any need for changes to the OHS MS;
– resources needed;
– actions if needed;
– opportunities to improve integration of the OHS MS with
other business processes;
– any implications for the strategic direction of the organization.
 9.3 Management review
Top management shall communicate the relevant outputs of management
reviews to workers, and, where they exist, workers’ representatives.

The organization shall retain documented information as evidence of the

results of management reviews.
 Performance evaluation (Clause 9)
Monitoring, measurement, analysis and performance evaluation
– General
– Evaluation of compliance
Internal audit
– General
– Internal audit programme
Management review
Improvement (Clause 10)

General
Incident, nonconformity and corrective action
Continual improvement
 10. Improvement
The organization shall determine opportunities for improvement and implement
necessary actions to achieve the intended outcomes of its OHS MS.
• The organization should 10.consider
Improvement
– results from analysis and evaluation of OHS performance
– evaluation of compliance
– internal audits
– management review
when taking action to improve.
• include corrective action, continual improvement, breakthrough change,
innovation and reorganization.
 10.2 Incident, nonconformity and corrective action
The organization shall establish, implement and maintain a process(es),
including reporting, investigating and taking action, to determine and manage
incidents and nonconformities.
When an 10.2 Incident,
incident nonconformity
or a nonconformity andthecorrective
occurs, action
organization shall:
• react in a timely manner to the incident or nonconformity and, as applicable:
– take action to control and correct it;
– deal with the consequences;
• evaluate, with the participation of workers and the involvement of other
relevant interested parties, the need for corrective action to eliminate the root
cause(s) of the incident or nonconformity, in order that it does not recur or
occur elsewhere, by:
– investigating the incident or reviewing the nonconformity;
– determining the cause(s) of the incident or nonconformity;
– determining if similar incidents have occurred, nonconformities
exist, or if they could potentially occur;
(cont): 10.2 Incident, nonconformity and corrective action
• review existing assessments of OHS risks and other risks, as appropriate;
• determine and implement any action needed, including corrective action, in
accordance with the hierarchy of controls and the management of change;
• assess OHS risks that relate to new or changed hazards, prior to taking
action;
• review the effectiveness of any action taken, including corrective
action;
• make changes to the OHS MS, if necessary. Corrective actions shall be
appropriate to the effects or potential effects of the incidents or
nonconformities encountered.
 10.2 Incident,
The organization nonconformity
shall retain documented and corrective
information actionof:
as evidence
– the nature of the incidents or nonconformities and any subsequent actions
taken;
– the results of any action and corrective action, including their
effectiveness.

The organization shall communicate this documented information to relevant

workers, and, where they exist, workers’ representatives, and other relevant
interested parties.
NOTE The reporting and investigation of incidents without undue delay can enable
hazards to be eliminated and associated OH&S risks to be minimized as soon as
possible.
 10.2 Incident, nonconformity and corrective action
• Root cause analysis - practice of exploring all the possible factors associated
with an incident or nonconformity by asking what happened, how it happened
and why it happened, to provide the input for what can be done to prevent it
from happening again.
• should use methods appropriate to the nature of the incident
or nonconformity. The focus is prevention.
• identify multiple contributory failures, including factors related to
communication, competence, fatigue, equipment or procedures.
• Reviewing the effectiveness of corrective actions [see 10.2 f )] refers to
the extent to which
the implemented corrective actions adequately control the root cause(s).
The organization shall
10.3continually
Continual improve the suitability, adequacy
improvement
and effectiveness of the OHS MS, by:
• enhancing OHS performance;
• promoting a culture that supports an OHS MS;
• promoting the participation of workers in implementing actions for the
continual improvement of the OHS MS;
• communicating the relevant results of continual improvement to workers, and,
where they exist, workers’ representatives;
• maintaining and retaining documented information as evidence of continual
improvement.
Examples of continual 10.3 Continual improvement
improvement:
• new technology;
• good practices, both internal and external to the organization;
• suggestions and recommendations from interested parties;
• new knowledge and understanding of occupational health and safety-related
issues;
• new or improved materials;
• changes in worker capabilities or competence;
• achieving improved performance with fewer resources (i.e.
simplification, streamlining, etc.).
 SIRIM QAS International Sdn. Bhd
raman@sirim.my www
.sirim-qas.com.my
Mobile : 013-3333 880

Connect with SIRIM QAS international to get the latest development on

industry topics, news and events. Join us via our official social media platforms
as below:
• Facebook: https://www.facebook.com/SIRIMQASInter
• national
• Twitter: https://twitter.com/SIRIMQASIntl
• You Tube: https://www.youtube.com/SIRIMQASInter
- national
Linkedin: https://www.linkedin.com/SIRIMQASInter