ISO 45001 Occupational Health &          Safety Management Definitions in Plain English

We’ve translated ISO 45001 2018 occupational health and safety management
definitions
into plain English in order to make them easier to understand.

Acceptable risk - Audit - Competence - Conformity - Consultation
Context of the organization
  -  Continual improvement  -  Contractor
Corrective action
- Documented information - Effectiveness - Hazard
Hazard identification
- Injury or ill health - Incident - Interested party
Legal requirements and other requirements
- Management system
Measurement
  -   Monitoring   -   Nonconformity   -   Objective
Occupational health and safety management system (OHSMS)

OH&S objectives 
OH&S opportunity
  -  OH&S performance
OH&S policy
  -  OH&S risk   -   Organization   -   Outsource
Participation
- Performance - Policy - Procedure - Process
Requirement
- Risk - Risk assessment - Risk criteria
Top management
  -   Worker   -   Workplace

OTHER PLAIN ENGLISH MANAGEMENT DICTIONARIES
Service Management - Auditing - Information Security - Risk Management
Business Continuity Supply Chain Security -  Environmental Management

Acceptable risk

A risk is acceptable to a specific organization if it has been reduced
to a level that it can tolerate given its obligations, its policies, and
its basic purpose
.

Audit

An audit is a systematic evidence gathering process. Audits must be
independent and evidence must be evaluated objectively to determine
how well audit criteria are being met. There are three types of audits:
first-party, second-party, and third-party. First-party audits are internal
audits while second and third party audits are external audits.

Organizations use first party audits to audit themselves. First party
audits are used to provide input for management review and for other
internal purposes. They're also used to declare that an organization
meets specified requirements (this is called a self-declaration).

Second party audits are external audits. They’re usually done by
customers or by others on their behalf. However, they can also be
done by regulators or any other external party that has an interest
in an organization. Third party audits are external audits as well.
However, they’re performed by independent organizations such
as registrars (certification bodies) or regulators.

ISO also distinguishes between combined audits and joint audits.
When two or more management systems of different disciplines are
audited together at the same time, it's called a combined audit; and
when two or more auditing organizations cooperate to audit a
single auditee organization it's called a joint audit.

Competence

Competence means being able to apply knowledge and skill to
achieve intended results. Being competent means having the
knowledge and skill that you need and knowing how to apply
it. Being competent means that you’re qualified to do the job
.

Conformity

Conformity is the "fulfillment of a requirement". To conform means
to meet or comply with requirements and a requirement is a need,
expectation, or obligation. There are many types of requirements
including customer requirements, quality requirements, quality
management requirements, management requirements, product
requirements, service requirements, contractual requirements,
statutory requirements, and regulatory requirements
.

Consultation

When organizations engage in consultation it means that they seek
and receive the views and opinions of others before making decisions.
In the context of OH&S, organizations often consult managers, workers,
health and safety committees, and workers' representatives before they
make decisions that could affect the health & safety of these groups.

Consultation is not the same as participation. While consultation
means receiving the views and opinions of others before decisions
are make, participation means getting people involved in the actual
decision making process itself.

Context of the organization

An organization’s context is its business environment. It includes
all of the internal and external factors and conditions that affect its
products and services, have an influence on its OHSMS, and are
relevant to its purpose and strategic direction.

An organization’s external context includes all of the needs and
expectations of interested parties, as well as its social, cultural,
legal, technological, regulatory, and competitive environment.
An organization’s
internal context includes its values, culture,
knowledge, and performance.

Continual improvement

Continual improvement is a set of recurring activities that are carried
out in order to enhance OH&S performance. Continual improvements
can be achieved by carrying out internal audits, self-assessments, and
management reviews. Continual improvements can also be realized by
collecting data, analyzing information, setting objectives, and taking
corrective actions.

Contractor

A contractor is an organization that provides services to another
organization in accordance with an agreed set of terms, conditions,
and specifications
.

Corrective action

Corrective actions are steps that are taken to eliminate the causes of
existing nonconformities in order to prevent recurrence. The corrective
action process tries to make sure that existing nonconformities and
incidents don’t happen again.

Documented information

The term documented information refers to information that
must be controlled and maintained and its supporting medium.
Documented information can be in any format and on any medium
and can come from any source.

Documented information includes information about the management
system and related processes. It also includes all the information that
organizations need to operate and all the information that they use
to document the results that they achieve (aka records).

Effectiveness

Effectiveness refers to the degree to which a planned effect is achieved.
Planned activities are effective if these activities are actually carried out
and planned results are effective if these results are actually achieved
.

Hazard

A hazard is any situation, substance, activity, or event,
that could potentially cause human injury or ill health.

Hazardous situations can cause injury or ill health.
Examples of potentially hazardous situations include slippery
or uneven walking surfaces, cramped working conditions, badly
ventilated areas, high altitudes, noisy locations, poorly lit areas,
and confined spaces.

Hazardous substances can cause injury or ill health.
Examples of potentially hazardous substances include corrosive
and toxic chemicals, flammable and explosive materials, dangerous
gases and liquids, radioactive substances, particulates, poisons,
bacteria, and viruses.

Hazardous activities can cause injury or ill health.
Examples of potentially hazardous activities include dangerous
tasks, unnatural movements and postures, heavy lifting, repetitive
work, interpersonal conflicts, bullying, and intimidation.

Hazardous events can cause injury or ill health.
Examples of potentially hazardous events include explosions,
implosions, collisions, vibrations, fires, leaks, releases, chemical
reactions, electric shocks, falling objects, loud noises, structural
breakdowns, software failures, equipment malfunctions, and
unscheduled shutdowns.

Hazards can also be classified as follows:

  • Chemical hazards
  • Biological hazards
  • Thermal hazards
  • Electrical hazards
  • Structural hazards
  • Acoustical hazards
  • Mechanical hazards
  • Radiological hazards
  • Psychological hazards

Hazard identification

Hazard identification is a process that involves recognizing that
an OH&S hazard exists and then describing its characteristics.

Injury or ill health

An injury or ill health is an adverse effect on someone's physical, mental,
or cognitive condition. Adverse effects include disease, illness, and death
.

Incident

An incident is a work related occurrence or event during which injury,
ill health, or fatality actually occurs, or injury, ill health, or fatality could
have occurred.

An accident is a type of incident. It is a work-related event during which
injury, ill health, or fatality actually occurs. It is a type of incident.

A close call, near miss, or near hit is also a type of incident. It is a
work-related event during which injury, ill health, or fatality could
have occurred, but didn’t actually occur.n.

Interested party

An interested party is anyone who can affect, be affected by, or
believe that they are affected by a decision or activity. An interested
party
is a person, group, or organization that has an interest or a
stake in a decision or activity
.

Legal requirements and other requirements

In the context of this ISO 45001 2018 standard, a requirement is an
OHSMS need, expectation, or obligation. It can be stated or implied
by an organization, its customers, or other interested parties.

Legal requirements are compulsory. Organizations must comply
with them. Other requirements, may be compulsory or voluntary;
organizations may be forced to comply with them or they may
choose to comply with them
.

Management system

A management system is a set of interrelated or interacting elements
that organizations use to formulate policies and objectives and to
establish the processes that are needed to ensure that policies are
followed and objectives are achieved. These elements include
structures, programs, procedures, practices, plans, rules, roles,
responsibilities, relationships, contracts, agreements, documents,
records, methods, tools, techniques, technologies, and resources.

There are many types of management systems. Some of these include
quality management systems, environmental management systems,
financial management systems, information security management
systems, business continuity management systems, emergency
management systems, disaster management systems, food safety
management systems, risk management systems, and, of course,
occupational health and safety management systems.

The scope or focus of a management system could be restricted to
a specific function or section of an organization or it could include
the entire organization. It could even include a function that cuts
across several organizations.

Measurement

Measurement is a process that is used to determine
a value. In most cases this value will be a quantity.

Monitoring

To monitor means to determine the status of an activity, process,
or system at different stages or at different times. In order to determine
status, you need to supervise and to continually check and critically
observe the activity, process, or system that is being monitored
.

Nonconformity

Nonconformity is a nonfulfillment or failure to meet a requirement.
A requirement is a need, expectation, or obligation. It can be stated
or implied by an organization or interested parties.

Objective

An objective is a result you intend to achieve. Objectives can be
strategic, tactical, or operational and can apply to an organization
as a whole or to a system, process, project, product, or service.
Objectives may also be referred to as targets, aims, goals,
or intended outcomes.

OH&S objectives are generally based on or derived from an
organization’s OH&S policy and must be consistent with it.

Occupational health and safety management system (OHSMS)

OHSMS is either a standalone management system or one part of a larger
management system. It is a set of interrelated or interacting elements that
organizations use to implement their OH&S policies, to achieve their OH&S
objectives, and to manage their OH&S processes.

These elements include structures, programs, procedures, practices,
plans, rules, roles, regulations, responsibilities, relationships, contracts,
agreements, documents, records, methods, tools, techniques,
technologies, and resources.

Occupational health and safety objectives

OH&S objectives are specific OH&S results that organizations set for
themselves and wish to achieve. Your organization’s OH&S objectives
should be both measurable and consistent with its OH&S policy.

Occupational health and safety opportunity

An OH&S opportunity is a circumstance or a set of circumstances
that could lead to the improvement of OH&S performance.

Occupational health and safety performance

OH&S performance is all about results and effectiveness. Whenever
organizations prevent injury and ill health and provide safe and healthy
workplaces, they are achieving good results and being effective.

Occupational health and safety policy

An occupational health and safety (OH&S) policy statement should
express top management's commitment to the prevention of work-related
injury and ill-health and to the provision of a safe and healthy workplace.
It should also make a commitment to the implementation, maintenance,
and improvement of the occupational health & safety management
system (OHSMS). And it should allow workers to set OH&S
objectives and it should encourage action..

Occupational health and safety risk

ISO 45001 defines OH&S risk as the “combination of the likelihood of
occurrence of a work-related hazardous event(s) or exposure(s) and
the severity of injury or ill health that can be caused by the event(s)
or exposure(s).”

ISO 45001 accepts the more traditional definition of risk and rejects the
newer ISO 31000 definition (discussed below) when it defines OH&S risk.
The more traditional definition of risk combines three elements: it starts
with a potential event and then combines its probability with its potential
severity. A high risk event would have a high likelihood of occurring and
have a severe impact if it actually occurred.

Organization

An organization can be a single person or a group that achieves its
objectives by using its own functions, responsibilities, authorities,
and relationships. It can be a company, corporation, enterprise, firm,
partnership, charity, association, or institution and can be either
incorporated or unincorporated and be either privately or publicly
owned. It can also be an operating unit that is part of a larger entity
.

Outsource

When an organization makes an arrangement with an outside
organization to perform part of a function or process, it is referred
to as outsourcing. To outsource means to ask an external organization
to perform part of a function or process normally done inhouse. While
an outsourced organization is beyond the scope of your QMS, the
outsourced process or function itself falls within your scope
.

Participation

When people are involved in decision making, it's called participation.
Workers, workers' representatives, and health and safety committees
are often asked to participate in organizational decision making.

Participation is not the same as consultation. While consultation
means receiving the views and opinions of others before decisions
are make, participation means getting people involved in the actual
decision making process itself.

Performance

According to ISO, the term performance refers to a measurable result.
It refers to the measurable results that activities, processes, products,
services, systems and organizations are able to achieve. Whenever they
perform well it means that acceptable results are being achieved and
whenever they perform poorly, unacceptable results are achieved.

Policy

A policy is a general commitment, direction, or intention and is
formally stated by top management. A quality policy statement should
express top management's commitment to the implementation and
improvement of its quality management system and should allow
managers to set quality objectives
.

Procedure

A procedure is a way of carrying out a process or an activity.
Procedures may or may not be documented.

Process

A process is a set of activities that are interrelated or that interact
with one another. Processes use resources to transform inputs
into outputs. Processes are interconnected because the output
from one process often becomes the input for another process.

While processes usually transform inputs into outputs, this
is not always the case. Sometimes inputs become outputs
without transformation.

Organizational processes should be planned and carried
out under controlled conditions. An effective process is one
that realizes planned activities and achieves planned results.

Requirement

A requirement is a need, expectation, or obligation. It can be stated or
implied by an organization, its customers, or other interested parties.
A specified requirement is one that has been stated (in a document for
example), whereas an implied requirement is a need, expectation, or
obligation that is common practice or customary.

There are many types of requirements. Some of these include customer
requirements, quality requirements, quality management requirements,
management requirements, product requirements, service requirements,
contractual requirements, statutory requirements, and regulatory
requirements.

Risk

According to ISO 45001, “risk is the effect of uncertainty”. This cryptic
definition is based on a similar definition of risk found in the ISO 31000
risk management standard. According to ISO 31000, risk is the “effect
of uncertainty on objectives”
and an effect is a positive or negative
deviation from what is expected. Both definitions are essentially
the same. The following will explain what this definition means.

ISO 31000 recognizes that all of us operate in an uncertain world.
Whenever we try to achieve an objective, there’s always the chance
that things will not go according to plan. Every step has an element
of risk that needs to be managed and every outcome is uncertain.
Whenever we try to achieve an objective, we don't always get the
results we expect. Sometimes we get positive results and
sometimes we get negative results and occasionally
we get both.

The traditional definition of risk combines three elements: it
starts with a potential event and then combines its probability with
its potential severity. A high risk event would have a high likelihood
of occurring and a severe impact if it actually occurred.

While ISO 31000 defines risk in a new and unusual way, the old and
the new definitions are largely compatible. Both definitions talk about
the same phenomena but from two different perspectives. ISO thinks
of risk in goal-oriented terms while the traditional definition thinks of
risk in event-oriented terms. These two definitions can and do co-exist. They’re two different ways of talking about the same phenomena.

ISO provides a conceptual definition of risk while the traditional
formulation operationalizes this general definition: it explains how
to quantify risk. It argues that the amount or level of risk can be
calculated by combining probability and severity.

ISO 45001 actually rejects this ISO 31000 definition of risk when
it defines OH&S risk. Instead of accepting the ISO 31000 definition,
ISO 45001 defines OH&S risk as the “combination of the likelihood
of occurrence of a work-related hazardous event(s) or exposure(s)
and the severity of injury or ill health that can be caused by the
event(s) or exposure(s).

Risk assessment

Risk assessment is a process that is made up of three separate
processes: risk identification, risk analysis, and risk evaluation. Risk
identification
is a process that is used to find, recognize, and describe
the risks that could affect the achievement of objectives. Risk analysis
is a process that is used to understand the nature, sources, and causes
of the risks that you have identified and to estimate the level of risk. It
is also used to study impacts and consequences and to examine the
controls that exist. Risk evaluation is a process that is used to
compare risk analysis results with risk criteria in order to
determine whether or not a specified level of risk is
acceptable or tolerable
.

Risk criteria

Risk criteria are terms of reference and are used to evaluate the
significance or importance of your organization’s risks. They are
used to determine whether a specified level of risk is acceptable
or tolerable. Risk criteria should reflect your organization’s values,
policies, and objectives, should be based on its external and internal
context, should consider the views of stakeholders, and should be
derived from standards, laws, policies, and other requirements.

Top management

The term top management normally refers to the people at
the top of an organization. It refers to the people who provide
resources and delegate authority and who coordinate, direct,
and control organizations.

However, if the scope of a management system covers only part
of an organization, then the term top management refers, instead,
to the people who direct and control that part of the organization
.

Worker

The term worker is defined as anyone who performs work or
work-related activities that are under an organization's control.
Workers include both managers and nonmanagers and include
both employees and non-employees (i.e., contractors, agency
workers, and external product and service providers). They
could be permanent or part-time, regular or temporary, and
paid or unpaid; all of these people are defined as workers.

Workplace

A workplace is a place where an organization’s work is performed.
A place is an organization’s workplace only if it is under its control,
at least to some extent. How much responsibility an organization has
over OH&S depends on how much control it has over its workplace
.


MORE RESOURCES

Introduction to ISO 45001 2018 OH&S Standard

Overview of ISO 45001 OH&S Management Standard

ISO 45001 2018 Standard Translated into Plain English

OHSAS 18001 2007 OH&S Standard in Plain English

ISO 45001 2018 OH&S Management Audit Process

Plain English OH&S Management Checklist

Plain English OH&S Gap Analysis

Process Management Guide

Plain English Approach

RELATED RESOURCES

ISO 19011 Internal Auditing Guide

ISO 31000 Risk Management Guide

ISO 20000 Service Management Guide

ISO 22301 Business Continuity Guide

ISO 27000 Security Management Guide

ISO 28000 Supply Chain Security Guide

ISO 22000 Food Safety Management Guide

ISO 14001 Environmental Management Guide

Home Page

Our Library

A to Z Index

Our Customers

How to Order

Our Products

Our Prices

Our Guarantee

Praxiom Research Group Limited       help@praxiom.com       780-461-4514

 Updated on November 19, 2018. First published on November 19, 2018.

Legal Restrictions on the Use of this Page
Thank you for visiting this webpage. You are welcome to view our material as often as
you wish, free of charge. And as long as you keep intact all copyright notices, you are also
welcome to print or make one copy of this page for your own personal, noncommercial,
home use. But, you are not legally authorized to print or produce additional copies or to
copy and paste any of our material onto another web site or to republish it in any way.

Copyright © 2018 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited