OHSAS 18001 & ISO’s Risk Management Standards

June 19, 2008

As discussed in previous posts, OHSAS 18001:2007 has a foundation based on risk management principles.

To meet the OHSAS 18001 requirements, an organization must:

  • Identify its OH&S hazards
  • Assess the risks associated with the OH&S hazards that are identified
  • Determine the controls that are necessary to reduce OH&S risks to an acceptable level

Identification of OH&S hazards and assessment of the associated risks is one of the primary inputs for setting objectives for continual improvement, identifying training needs and establishing operational controls.

The risk management foundation of OHSAS 18001 is not explicitly found in either ISO 9001 or ISO 14001.   ISO 9001 focuses on identifying customer requirements and achieving customer satisfaction; ISO 14001 focuses on identifying environmental aspects and prevention of pollution.  Although risk management is important to quality and environmental management, neither ISO management system standard explicitly addresses this.

Interestingly, ISO is currently in the process of developing several risk management standards.  According to ISO, these standards are intended to provide guidance to assist organizations in managing risk - including safety and environmental risk.  In addition, according to its Scope statement, ISO 31000 is intended to “harmonize risk management processes and definitions in existing and future standards.”

The ISO risk management standards currently under development include the following:

  • Substantial changes to the definition of risk in Guide 73 - Risk management - Vocabulary - Guidelines for use in standards
  • Drafting of a new “strategic-level” risk management standard - ISO 31000 - Risk management - Principles and guidelines on implementation
  • Adoption of an IEC standard outlining risk assessment methods as an ISO standard - ISO 31010 - Risk Management - Risk Assessment Techniques
  • Drafting of a new standard on risk assessment of structures - ISO 13824 - General principles on risk assessment of systems involving structures

This ISO standard-setting activity raises a couple of interesting questions –

  1. Will future revisions of ISO 9001 and ISO 14001 include a risk management focus as well?
  2. Might risk management become the unifying foundation for an integrated management system standard?

© ENLAR® Compliance Services, Inc. (2008)

Category Posted in Risk Management, Standards & Certification

2 Responses to “OHSAS 18001 & ISO’s Risk Management Standards”

  1. Waqas said:

    July 16th, 2008 at 6:36 am

    HI,

    I m being doing risk assessments under ohs-18001 system and the method of calculating risk is L(likelihood) mulitply (A,Assets+Health,H). My question is now considering the new standard 18001:2007 thats cancle out property (assets) which equation is best to calculate the risk.

    Please respond, thanks

  2. Henry said:

    August 8th, 2008 at 4:23 pm

    I surly hope this is the case. Why otherwise would we want to ensure that Processes are controlled to reduce the potential for non conforming product and a potential disatisfied customer?

    Henry

 Trackback This Post

Leave a Reply