With the recently published version of ISO 45001, the internationally acclaimed standard that succeeds OHSAS 18001, we now have more certainty about what the specifications for documented information will be. One of the common aspects in the new Occupational Health & Safety Management System (OH&SMS) is the requirements section, which is addressed in the same manner in all ISO management system standards, including ISO 9001, ISO 14001, ISO 27001, and many more.
What is Happening to the ISO 45001 Standard’s Documents and Records?
There are several specifications for documents and records within the standard in the most recent iteration of OHSAS 18001, the current standard for an OH&SMS. Under clause 4.4.5, which establishes procedures for approval, review & update, modifications, legibility, and relevance of available documents for usage in the processes, documents are managed. Contrarily, clause 4.5.4 governs records, which must follow certain guidelines for identification, storage, protection, retrieval, and disposal after a predetermined retention time. These are the rules that are already in place for the documents if you presently have an OH&SMS in place and are utilising OHSAS 18001.
A new phrase has taken the place of “documents and records” in the ISO 45001 standard. Today, these items are referred to as “documented information.” All records and processes that have been documented and are currently mentioned in OHSAS 18001 are included in this notion. Where OHSAS 18001 would need a written procedure or record for a particular requirement, ISO 45001 specifies that you must preserve documented information for this requirement. Additionally, all documented information must meet the criteria of ISO 45001 clause 7.5 (Documented information). These include the production, maintenance, and management of documented information. The actions needed consist of:
- Ensuring the identification of the document or record
- Confirming that the record or document has been approved before use
- Keeping the file or record under control so that it is accessible when needed
- preserving the record or document adequately from degradation or inadvertent modification
- Keeping data and documents safe, with a focus on disposal
How Does This Affect You?
Essentially nothing has changed in terms of what needs to be documented. This implies that you still need certain recorded information to comply with the standard, in addition to whatever additional documented information you feel is required for your management system. The rules for what you must do with recorded information are essentially the same as those that have always applied to documents and records. In a nutshell, these prerequisites are:
- Can you identify the content and determine whether it has been authorised?
- Are you getting the right information when and when you need it?
- Do you effectively manage the information and properly dispose of it after it is no longer required?
The specifications for managing records and procedures that are documented do not change considerably with ISO 45001. For both documents and records, businesses can keep using their current practices. Although certification auditors will abide by the standards, the term “documented information” is optional. Check your procedures to make sure everything is covered, if necessary. Make the adjustment if necessary; updates and ISO 45001 certified internal auditor training will probably be provided to facilitate communication.
Use the System to Your Advantage
It is crucial to always keep in mind the primary purpose for developing an OH&SMS. You have a management system in place to better manage and enhance your OH&SMS, not to appease the ISO or even the auditors. Make sure the ISO 45001 procedures you employ serve you in achieving this improvement objective rather than just being there to fulfil the requirements of the standard. Your OH&SMS should assist you, not burden you.
ISO 45001 Certification Requirements 