Every year, more than 2.78 million deaths and nearly 374 million non-fatal incidents occur globally due to occupation-related diseases or accidents. While the human cost is beyond calculation, the financial burden is enormous. The new standard developed by the International Organization of Standardization, ISO 45001, is intended to help businesses worldwide reduce this burden and create safer workplace conditions.
As a follow-up to a recent EHS Today webinar on ISO 45001 (“What is ISO 45001? And What Impact Will It Have on Your Business?”), our experts Travis W. Vance and Tom Cecich address some questions participants submitted during the webinar that couldn’t be answered within the hour.
Vance is a partner in Fisher Phillips’ Charlotte office and co-chair of the legal firm’s Workplace Safety and Catastrophe Management Practice Group (www.fisherphillips.com). Cecich is president of TFC & Associates, an EHS management consulting firm, as well as a strategic advisor for Avetta. He served as the 102nd president of the American Society of Safety Engineers (ASSE) from 2016-17.
THE GLOBAL PURVIEW OF ISO 45001
Once ISO 45001 is adopted by a country, is there a phase-in period or is compliance required right away?
Cecich: ISO 45001 is a global consensus standard with which companies can voluntarily choose to comply. It’s not designed to be adopted by a country as a legal requirement. In theory, a country could do that, but that’s not what the standard is designed for and I’m not aware of any countries that are doing that or are planning to do that.
Now a country could encourage compliance, and European countries tend to look favorably on organizations that adopt the ISO standards, but to my knowledge, there is no country that has formally required the adoption.
Is this certification mainly beneficial for international trade? How does it affect a company that doesn’t work outside of the United States?
Vance: It’s going to be very beneficial for purposes of international trade because in continents like Europe, there’s an acknowledgement that ISO 45001 is sort of the gold standard when it comes to trade. You know who your business partner is with respect to how they value safety.
There is tremendous benefit outside of that context as well, especially in the United States. It’s similar to being a member of the Occupational Safety and Health Administration’s (OSHA’s) Voluntary Protection Program.
It’s not necessarily directly related to trade, but it shows your customers and the public that you value employee safety. That in itself improves your public perception, and thereby increases your business opportunities.
Do you think ISO 45001 will have some traction in Canada soon?
Cecich: A lot depends on how companies view the value of third-party certification and if they desire third-party certification to a global consensus standard. Travis just mentioned some of the reasons why a company might be interested in that.
I don’t see the Canadian government adopting the standard or forcing companies to adopt it. As far as international trade goes, Canadian companies might find benefits in adopting it based on their supply chains. The primary reason why most companies need to take a hard look at this is it’s a global standard that demonstrates both internally and externally how a company is working to improve your health and safety performance.
THE DETAILS OF CERTIFICATION
What is the approximate cost of ISO 45001 certification?
Cecich: That is going to vary widely. An organization that is certified to ISO 9000 or ISO 14001 already has the management system structure in place, since there are key high-level management system components that are common to all the ISO management standards. So if the organization is certified to, say, environmental national standard ISO 14001, they are probably 50% down the road and their compliance costs would be considerably less. They would still have to ensure that they meet the safety and health requirements of the standards.
I’m a little hesitant to put a number on this because it will be different for every organization. I can only speak for my personal experience in trying to get facilities certified to both OHSAS 18001 and ISO 14001 at the same time, recognizing OHSAS 18001 was not a global consensus standard. So it was quite similar. We budgeted $200,000 per facility for outside consultants to come in and give us a third-party assessment of our gap analysis. There’s also the actual cost of the certification itself. Then there will certainly be time involved and, of course, time is money.
And those certifications were a few years ago, so maybe $250,000 for a site is not an unreasonable estimate because there will be management time, and there might be training time. I do remember a facility that became VPP-certified; they budgeted for $200,000 since there was a lot of necessary staff training done on overtime; these are all facilities of, say, 250 to 500 people.
That number of $200,000 to $250,000 with no prior certification experience is the number that I would put forward. It will vary widely but if you make the decision to do third-party assessments, then it’s very important to invest in it to get it right. Otherwise, if you have to keep coming back for different inspections, the price continues to rise.
Is certification achieved per company, or per location, for multi-location companies?
Cecich: Generally, it’s per location at a company. However, I do know that there are some certification groups that will consider a corporate certification by sampling a number of facilities and then certifying the corporate process.
Does OSHA provide the same protection with a 45001 certification as they do with VPP?
Vance: No, they do not. OSHA’s not bound by ISO 45001 certification. If you are ISO 45001 certified, it’s a lot less likely that you will be cited by OSHA because you have a great safety program. However, you don’t receive the same protections as a VPP.
VPPs largely give you immunity from emphasis programs or program inspections. ISO 45001 in itself does not provide that immunity.
Cecich: Travis, a question: How do you think OSHA will view a facility that is ISO 45001 certified? They won’t waive the program inspection but say, in the event of an incident, they sit down for a settlement conference or an informal conference. Do you think there would ever be a settlement agreement wherein OSHA would agree to lower penalties if an organization agreed to get ISO 45001 certification?
Vance: Well, I should be thrilled to death. Most of the time if you’re ISO 45001 certified or you’re going to be, the penalties should be all vacated because that’s a tremendous investment in your workplace safety program. But certainly, I think it helps. It doesn’t hurt you for sure. And if you agreed to do that, then you would be in a very good position with respect to negotiating this settlement for citations.
ALTERNATIVES TO CERTIFICATION
You’ve alluded to the costs of certification. As noticed in the policy of some firms, they are committed to “developing and administering EHS standards that are substantially in accordance with ISO XXXXX” but not pursuing actual certification (presumably to save on the certification costs). Could you provide your professional opinion regarding that approach?
Cecich: I am familiar with a number of companies that have chosen to develop their own safety and health management systems. Generally they use, as a template, any existing management systems analysis before ISO 45001.
But I would strongly recommend using the global consensus standard as a framework, for a company that wants to make a commitment to have a robust occupational safety and health (OSH) management system. Then if there is a need for external validation they can take that next step and bring in a third-party to certify that they truly have met all the requirements versus a self-certification.
There are many good health and safety management systems in existence where a third-party accreditation was not a goal of the organization. But it would be an evolutionary next step if more and more suppliers or large businesses that have long supply chains say this is what we want. Then certification becomes mandatory to be able to do business in the global marketplace.