How To Guide (ISO 45003) (2024)

How to Guide:

1. Understand the requirements of ISO 45003: Familiarize yourself with the requirements of the standard. This will help you understand what is expected of your organisation and how to implement the standard effectively.
2. Develop a plan: Identify the scope of your psychological health and safety management system and develop a plan for implementing ISO 45003. This should include the resources required, timelines, and roles and responsibilities of everyone involved in the implementation process.
3. Establish leadership commitment: Ensure that senior management is committed to the implementation of the psychological health and safety management system and allocate the necessary resources to support it. It is important that everyone in the organization understands the importance of psychological health and safety and is committed to implementing the standard.
4. Identify hazards and assess risks: Conduct a thorough hazard identification and risk assessment of your organisation's activities, products, and services. This will help you identify potential psychological hazards and assess the risks associated with them.
5. Establish objectives and targets: Based on the results of your risk assessment, establish psychological health and safety objectives and targets that are specific, measurable, achievable, relevant, and time-bound (SMART).
6. Develop policies and procedures: Develop and implement policies and procedures to manage psychological health and safety risks. This should include policies for preventing workplace bullying and harassment, managing work-related stress, and promoting work-life balance.
7. Train employees: Ensure that all employees are trained on the requirements of the psychological health and safety management system and how to comply with the policies and procedures. This should include training on hazard identification, risk assessment, and incident reporting.
8. Implement the psychological health and safety management system: Implement the psychological health and safety management system and ensure that it is integrated into your organization's operations. This should include regular monitoring and evaluation to ensure that the psychological health and safety management system is effective, and that objectives and targets are being met.
9. Continual improvement: Continually monitor and improve the psychological health and safety management system. This should include regular audits to ensure that the psychological health and safety management system is being followed, and that corrective actions are being taken when necessary.
10. Seek certification: Consider seeking certification to ISO 45003 to demonstrate your organization's commitment to psychological health and safety. This can be done through a third-party certification body.

In summary, implementing ISO 45003 requires a systematic approach to managing psychological health and safety risks. By following these steps, you can establish an effective psychological health and safety management system that will help to prevent work-related psychological harm and foster a positive workplace culture.
‍

Terms and Definitions:

Psychological Health & Safety Performance: performance related to the effectiveness of the prevention of injury and ill health to workers from exposure to psychosocial hazards and risks and the provision of safe and healthy workplace.

Certification body: An independent auditing bodies that provide testing, inspection, and certification services for ISO standards.

Objectives: Objectives set by the organisation to achieve specific results consistent with the H&S policy. Typically, SMART (Specific, Measurable, Achievable, Relevant & Time-based) targets with the aim to improve processes and how to achieve them.

Interested parties: Any person or organisation that can affect, be affected by, or perceive itself to be affected by a decision or activity.

Needs & expectations: A requirement that is stated, generally implied or obligatory. Such as the needs and expectations of the organisations interested parties.

Legal and Other Requirments: Legal requirments that an organisation has to comply with in order to be legislative compliant and other requirments that the organisation needs or choses to comply with, such as client contracts, Service Level Agreements, or ISO Standards.

Consultation and Participation of Workers: The involvement of persons preforming work or work-related activities that are under the control of the organisation to provide their views and inputs relating to the activities and to assist in decision-making.

Psychosocial Risk: The combination of the likelihood of exposure to a work-related hazard(s) of a psychosocial nature and the severity of injury or ill health that can be caused by these hazards.

Well-being at work: Fulfilment of physical, mental, social and cognitive needs and expectations of worker related to their work.

Non-conformity: The failure or refusal to conform to a prevailing rule or practice. Such as the failure to meet a requirement standard an agreed process within the organisation.

Corrective action = What the organisation changes to prevent the reoccurrence of non-conformities.
‍

Explanation of ISO 45001 Clauses

Clauses 1 to 3.

These clauses are not a requirement of the standard and a such are not assessed against by the certification body but provide a useful reference when determining how to apply the requirements of ISO 45001 to your organisation.

(Clause 1) Scope:

This is the scope of the standard and refers to the requirements the Health & Safety Management System (HSMS) must meet in order to fulfil the criteria (Clauses 4-10) of the ISO 45003 Occupational Health & Safety Management – Psychological Health & Safety at Work guidelines. By implementing the requirments of the guidelines, this will assist the organisation in improving psychological health & safety, eliminant hazards and minimise the health & safety risks, and take advantage of health & safety opportunities.

The standard requirments are designed to assist the organisation in being consistent with the established Health & Safety Policy, the intended outcomes of the HSMS include:

• The continual improvement of Health and Safety Performance;
• The fulfilment of the organisations Legal and Other Requirments; and
• The achievement of organisations Health and Safety Objectives.

The ISO 45003 Guidelines can be applied to any organisation regardless of its size, type or activities carried out.

(Clause 2) Normative references.

Simply all critical documents/ material needed to fulfil requirements of the Standard.

ISO 45003 makes normative reference to ISO 45001:2018 Occupational Health & Safety Management Systems – Requirments with guidance for use.

(Clause 3) Terms and definitions

ISO standards and guidelines have been written using a standardised terminology. This is so the ISO standards and guidelines such as ISO 45003 can be applied to any business or sector effectively.

Additionally, each ISO standards and guidelines have terminology specific to the topic being covered, these terms and their definitions are detailed in clause 3 of the guidelines.

(Clause 4) Context of the Organisation

The context of the organisation is the foundation of the HSMS. It provides and outline of the organisation that allows the organisation to:

• Determine internal and external issues relevant to the organisation and how they might affect the HSMS and it’s intended outcomes.
• Identify the organisations interested parties and their needs and expectations.
• Determine the Scope of the HSMS.
• Determine and implement a HSMS.

(Clause 4.1) Understanding the organisation and its context

These are the internal and external issues which influence the Organisation’s ability to achieve its mission and the Objectives of the HSMS.

Internal issues may include:

• How the organisation is governed and managed;
• The organisations level of commitment to Health & Safety
• How other management systems interact with the management of psychosocial risks;
• The size and nature of the of the organisations workforce;
• Characteristics of workers and the workforce;
• Worker competence to recognise a manage psychosocial hazards and risks;
• The location of works;
• Workers’ terms and conditions; and
• The availability and adequacy of resources.

External issues may include:

• The supply chain in which the organisation operates;
• Relationships with interested parties, such as contractors, subcontractors, and suppliers;
• The sharing of workplaces, resources and/or equipment;
• The customer/client requirments for service/product provision;
• Economic conditions that may affect availability, duration and location of work;
• The nature of work contracts, renumeration, employment conditions and industrial relations;
• The demographics of workers who are available for work;
• Rapid technology changes;
• Labour force mobility and diversity; and
• Context of the organisation, such as geographic location, economic and public health issues.

(Clause 4.2) Understanding the needs and expectations of interested parties

Once the context of the organisation has been established, we must consider the psychosocial need and expectations of workers and/or organisation that could be affect, be affected by, or perceive themselves to be affected by a decision or activity of the organisation. For instance, this could include Customers; Employees; Certification bodies; Regulators, Government, Suppliers, Landlords and Families of employees. The organisation will need to assess the needs and expectations of its identified interested parties and establish how they will meet their needs and expectations.

Workers and other interested parties can have a range of needs and expectations that can be affected by psychosocial risks at work, such as: financial security; social interaction and support; inclusion, recognition, reward and accomplishment; and the equal opportunity and fair treatment at work.

(Clause 4.3) Scope

This clause relates to the scope of the HSMS. This is an all-encompassing summary of the activities carried out by the organisation with respect to the management of psychosocial risks and how the will be managed by the HSMS.

When establishing the scope of the HSMS the organisation needs to consider:

• What are you trying to achieve through the HSMS?
• How many locations will be covered?
• How will psychosocial risks be managed?

It should be short and concise, but this may vary depending on the size and complexity of your Organisation.

(Clause 5) Leadership and worker participation

(Clause 5.1) Leadership and commitment

Top management will need to take responsibility for the effectiveness of the HSMS, ensuring that it delivers it’s intended results. Top management need to ensure the Health & Safety Policy and Objectives are relevant to the Organisation, realistic and achievable. Top management should act as an advocate for the HSMS with the system being implemented and managed by the wider team.

Top management must provide adequate resources to support the HSMS and Psychological Health & Safety in the workplace.

Top management need to ensure the continual improvement of the HSMS by evaluating the performance of the HSMS against the objectives this is typically carried out as part of the HSMS management review with corrective actions being set as applicable.

(Clause 5.2) Health & Safety Policy

The Health & Safety policy is a public statement made to stakeholders on the Organisation’s health & safety commitment and aim of the HSMS. It should:

• include commitment for the fulfilment of Legal and Other Compliance obligations relating to health, safety and well-being at work;
• include a commitment to manage psychosocial risks;
• provide a framework for setting the HSMS Objectives for the management of psychosocial risks;
• promote and enhance the working environment consistent with the principles of dignity, mutual respect, confidentiality, cooperation and trust in the HSMS;

The Health & Safety Policy must available as documented information, be communicated to employees and be available to all interested parties.

(Clause 5.3) Organisational roles, responsibilities and authorities

Although Top Management are accountable for the HSMS, the responsibilities for implementation, management, monitoring and over all compliance with the standard extends to all levels of the organisation.

All employees should have their roles defined and communicated through the HSMS and be encouraged to participate in the establishment of the HSMS and to report on the effectiveness of the HSMS.

(Clause 5.4) Consultation and participation of workers

As part of the HSMS the organisation will need to establish, implement, and maintain processes for the consultation and participation of workers and/or worker representatives. These process need to include all levels of the organisation in the development, planning, implementation, performance evaluation and continual improvement of the HSMS. The processes must meet the general requirments of ISO 45001:2018 clause 5.4.

As detailed in the ISO 45001:2018 clause 5.4, process will need to:

• provide the mechanisms, time, training and resources needed for consultation and participation;
• provide clear, understandable and relevant information about the HSMS in a timely manner; and
• emphasise the consultation of non-managerial employees with regards to:

• the needs and expectation of interested parties;
• establishing the Health & Safety Policy;
• the organisations roles and responsibilities;
• how to fulfil the Legal and Other Compliance Obligations;
• the planning and setting of Objectives;
• the establishment of Supplier controls;
• establishing the HSMS performance evaluation requirments; and
• planning and maintaining an audit programme.

• emphasise the participation of non-managerial employees with regards to:

• determining the level and mechanisms of their consultation and participation;
• the identification of hazards and the assessment of risk/opportunities;
• determining the actions required to eliminate hazards and reduce risks;
• determination of competency requirments and evaluation of training;
• determining communication requirments and how this will be achieved;
• determine the requirement of control measures and the evaluation of their effectiveness; and
• assist with the investigation of incidents and non-conformities, as well as assist with the implementation of corrective action.

In addition to the general requirments of ISO 45001:2018 clause 5.4 as listed above, the organisation should:

• provide feedback opportunities to workers. This will help the organisation to determine the effectiveness of the management of psychosocial risks; and
• encourage the participation and engagement of workers, such as health & safety committees or peer-to-peer support networks.

(Clause 6) Planning

(Clause 6.1) Planning – Actions to address risks and opportunities.

When planning the HSMS the organisation needs to consider its internal and external issues, legal requirements, and interested parties in order to identify and determine the relevant psychosocial risks and opportunities of the management system. Controls will need to be established, documented and followed by employees to ensure the intended outcome of the HSMS is achieved. The actions to address these psychosocial risks and opportunities must be monitored and reviewed to ensure continual improvement – a major part of the ISO Management System’s Plan, Do, Check, Act cyclical approach.

(Clause 6.2) – H&S objectives and planning to achieve them

Objectives will include all relevant Compliance obligations, consider the Organisations H&S Policy and significant H&S Psychosocial Risks and Opportunities. The objectives set need be realistic, measurable, monitored, time-based and reviewed. The objectives document must be communicated and understood by all levels of your Organisation. Planned changes will consider potential consequences, resources, and the integrity of the management system.

(Clause 7) Support

Top management must ensure the availability of resources for the successful implementation, maintenance and continual improvement of the HSMS to meet the objectives with respect to the management of psychosocial risks. Additionally, the organisation should establish the competence requirments for:

• top management and line management;
• workers preforming risk assessment;
• workers implementing control measures and other interventions; and
• workers performing evaluation and reviews of process and their outcomes.

Employees at all levels, with an impact on the HSMS must receive suitable training to ensure their competency within their roles and a understanding of how their actions affect and relate to the HSMS. The organisation should inform workers and other interested parties of factors in the workplace that can:

• affect health, safety and well-being at work;
• potentially create or increase stigma and/or discrimination;
• reduce psychosocial risks; and
• support their roles and responsibilities to promote health & safety and enhance well-being at work.

The organisation should communicate to workers and other relevant interested parties information on psychosocial risk that can be assessed, understood and used. The information should be accessible and adapted to the needs of the workers, such as in different languages or using different forms of media like video and audio files. Additionally, the H&S Policy must be accessible to all employees via shared drives, intranet, notice boards etc. This is to raise awareness of the HSMS and the benefits associated with conforming with the HSMS requirements.

The organisation must establish and implement processes related to psychosocial risks that ensure the confidentiality of personal information particularly where there is a legal or other complinace obligation identified.

(Clause 8) Operation

The purpose of this clause is to ensure that psychosocial hazards and risks associated with the organisation's activities are identified, assessed, and controlled effectively.

The main requirement of this clause is to establish and maintain procedures for psychosocial hazard identification, risk assessment, and determining controls. This includes identifying psychosocial hazards associated with the organisation's activities, assessing the risks associated with those hazards, and determining appropriate controls to mitigate those risks.

Additionally, this clause requires the organisation to establish and maintain procedures for operational controls. This includes implementing controls to manage identified psychosocial hazards and risks, including emergency preparedness and response procedures and the management of the associated psychosocial risks in the event of an emergency.

The clause also requires the organisation establishes and implements rehabilitation and return to work programmes with an aim to provide appropriate support to workers experiencing negative impact of exposure to psychosocial hazards, including where this has resulted in absence from work.

(Clause 9) Performance Evaluation

The key concept of ISO Management systems is continual improvement, this clause outlines the requirements for evaluating the performance of an organisation's HSMS to manage psychosocial risks. The clause requires organisations to establish and maintain procedures for monitoring, measuring, analysing, and evaluating the effectiveness of the HSMS, evaluating compliance with legal and other requirements, conducting internal audits, and conducting management reviews. The goal of Clause 9 is to ensure that the HSMS is effective in managing psychosocial hazards and risks and continually improving its performance over time.

(Clause 10) Improvement

This clause of the guidelines outlines the requirements for continual improvement of an occupational HSMS. The purpose of this clause is to ensure that an organisation continually improves its HSMS to enhance its performance in psychosocial managing hazards and risks.

The main requirement of this clause is to establish and maintain procedures for incident, nonconformity and corrective action. This includes identifying nonconformities and taking corrective action to eliminate the root cause of the nonconformity.

Additionally, the organisation is required to establish and maintain procedures for continual improvement. This includes identifying opportunities for improvement and implementing actions to enhance the effectiveness of the HSMS.

The organisation must also establish and maintain procedures for the evaluation of HSMS's performance against the organisation's objectives, targets, and other requirements. This includes reviewing the HSMS's performance, identifying opportunities for improvement, and implementing actions to enhance its performance.

Overall, the clause emphasises the importance of continually improving an organisation's HSMS to enhance its effectiveness in managing hazards and risks. It requires organisations to establish and maintain procedures for nonconformity and corrective action, continual improvement, and the evaluation of HSMS's performance against objectives, targets, and other requirements.