ISO 45001 An Auditors Perspective

In the third and final blog, Head of Audit Resources, Kieron Rafferty, looks at the audit process for the ISO 45001 health and safety management standard. When it comes to the certification process, there are certain things that the auditors are looking for, here Kieron gives his top tips for making the process as straight-forward as possible.

Leadership buy-in

One of the most important things for ISO 45001 is leadership buy-in. I look for top management involvement and how they endorse the FRMS. Without endorsement, staff working under these managers will be unlikely to take the process seriously. I specifically look for examples of leadership involvement, such as how they explain the benefits to staff, and how they ensure the appropriate resources are available.

Culture change

What I look for on an audit, is how successfully ISO 45001 and its procedures have been ingrained into the culture and everyday life within an organization. As part of this, I will talk to staff - often at random - and expect them to know the basic strategy; the rationale behind why they’re being audited, and how it applies to them. I don’t expect staff to know about every policy, but they should understand why best practice is important and why it is being certified. A sign of a weak system is when people don’t know why they’re doing something, and they just see it as an extra level of bureaucracy.

Allocate appropriate resource

The process can be a time-intensive one, but ideally everyone in the business should play a part. Some organizations will bring in consultants to support which can be a great benefit, but it can be managed internally which is often beneficial, as it allows everyone to get involved in a standard that will impact them and aids understanding of the rationale.

I would recommend that businesses ensure sufficient resource is available, but that the load is spread throughout - a mixture of backgrounds and personalities can add significant value. Ideally it should be a diverse team with appropriate skill sets and the authority to influence and make change.

Create a good perception of audits within the business  

Make sure that the audit is seen as an opportunity for enhancement of process, and that any actions raised are taken as learning opportunities. If the audit is perceived by the team as a chore and a negative task, you won’t get the same level of involvement or success. If the team sees that it’s a way to drive positive change in the business and really buys into it, it can make the process much easier.

Take findings seriously and act on them quickly

It is worth ensuring the correct personnel are involved to direct and update information and communicate out to the wider business as soon as possible. Don’t let all the hard work go to waste - it undermines the process and demotivates the team, which in turn reinforces the negative perception of audits for the next time. Ensure that those working on the findings close out are given as much team assistance as possible - look to work collectively and collaboratively.

Share best practice and positive outcomes  

Seeing the results and change borne from the process is the best way to motivate staff to keep it up and to appreciate the value. It’s also the reason why the work is done in the first place, so don’t forget to complete the circle and share the rewards.

Creating a safe, healthy environment in which employees can work should be seen as more than just a legal requirement - it should be viewed as a way to unlock further potential from the business. By implementing an OH&S management system that is certified to ISO 45001, not only are employees safeguarded, but the organization also benefits in multiple ways, from the tangible such as financial gains to streamlined operations, to the intangible, such as morale and reputation.

All organizations should be deploying a health and safety system across their business at some level - but vitally, these systems must not be left to stagnate. Those that do will quickly find that employees are being exposed to unnecessary and avoidable risks. By following the ISO 45001 approach and attaining certification, not only can a system be developed to that look after employees’ wellbeing, but it can enable true culture change across the entirety of business operations.