1-7. ISO 45001 Certification: The Path to Acquisition and Common Pitfalls

ISO 45001 is an international standard for occupational health and safety management systems (OHSMS) established by the International Organization for Standardization (ISO), with the aim of preventing occupational accidents and health damage and creating a safe and healthy working environment. Published in 2018 as an advanced replacement for the previous OHSAS 18001, it is being increasingly adopted, primarily by global companies. Obtaining certification goes beyond legal compliance and is directly linked to improving a company's credibility and ESG evaluation. Here we explain the process for obtaining certification and pitfalls to watch out for.

The process of obtaining certification can be roughly divided into five stages. The first is understanding the current situation and conducting a gap analysis. This involves investigating the extent to which the existing safety and health management system meets the requirements of ISO 45001 and identifying shortcomings. In many companies, even if they are able to comply with the law, it becomes clear that their risk assessment systems and worker participation processes are inadequate.

The second stage is policy formulation and planning. After management expresses their commitment and establishes a health and safety policy, they then formulate goals and action plans to reduce risks. At this stage, active involvement by top management is key to successful certification. ISO 45001 clearly requires leadership from management, and merely providing formal approval is likely to result in criticism during subsequent audits.

The third step is system construction and operation. This involves identifying hazards, conducting risk assessments, and creating mechanisms for corrective and preventive measures. It is also important to incorporate a system that allows workers to express their opinions and participate in improvements. Here, it is essential to provide education and training and keep records, and it is necessary to ensure that the system is understood and implemented by employees.

Fourth, there are internal audits and management reviews. The effectiveness of the system is checked through internal audits, and corrective measures are taken. After that, management conducts a management review. If effective improvements are not made here, there is a risk that the system will be found to be a mere formality during an external audit.

Fifth, external audits and certification are conducted. After a document review (Stage 1) and an on-site audit (Stage 2) by the certification body, certification is granted if compliance is confirmed. Even after certification is obtained, regular surveillance audits and renewal audits are conducted, and continuous improvement is required.

However, there are several pitfalls to obtaining certification. The first is "an excessive emphasis on document creation." Even if manuals and procedures are prepared, it is meaningless if they are not implemented on-site. The second is "insufficient involvement from management." ISO45001 places emphasis on leadership from the top, and it is difficult to maintain certification if it is left entirely to the field. Another major problem is "neglecting worker participation." If committees and systems for exchanging opinions are merely a formality, there is a risk that the company will be deemed non-compliant during the audit.

In summary, obtaining ISO 45001 certification is not simply a matter of complying with a system, but a process that embeds health and safety into a company's culture. Understanding the process and proceeding with preparations, as well as being careful not to fall into a document-centered or mere formality, will lead to the creation of a truly effective management system.