ISO 45001 – Clause 4.3 Determining the Scope of the OH&S Management System
The Final Draft International Standard (FDIS) of ISO 45001, the Occupational Health and Safety Management System standard was published in late November with the final version to be published in February/March 2018. The final standard will be published with only very minor changes to the FDIS version. This is the third in a series of blogs, in which we will describe what the implementing company must do in order to meet the requirement of the draft standard. We will look at clause 4.3: Determining the scope of the OH&S management system.
Clause 4.3: Determining the scope of the OH&S management system
Clause 4.1 requires the organization to understand the internal and external issues that can impact in a positive or negative manner on its health and safety performance including, inter alia, organizational culture and structure, and the external environment including cultural, social, political, legal, financial, technological, economic, market competition and natural factors of significance to its performance.
Clause 4.2 requires the organization to identify relevant interested parties and their needs and expectations.
Once the organization has determined and assessed its internal and external issues and identified the needs and expectations of relevant interested parties, including its workforce, it should then define the boundaries and applicability of the OH&S management system. The scope of the OH&SMS can include the whole organization, or specific and identified functions or sections of the organization. Therefore, if the organization makes a statement that it conforms to ISO 45001, then it must make the scope of the management system available so that interested parties clearly understand what parts of the organization are covered.
The scope of the management system should include everything under the organization’s control or influence that could impact its OH&S performance. The credibility of the organization’s OH&S management system will largely depend on the extend of the defined boundaries. Under no circumstances should the scope be used to exclude activities, products or services that have or could have the potential to impact the organization’s OH&S performance, or to evade its legal and other requirements.
An inappropriately narrow or exclusive scope could undermine the credibility of the organization’s OH&S management system with its interested parties and reduce its ability to achieve the intended outcomes of the occupational health and safety management system.
The scope is a factual statement of the organization’s operations or business processes to be included within its OH&S management system boundaries.
Once the scope is defined, the concept of ‘organization’ is limited to what the scope covers, e.g. if the scope of the OH&S management system is limited to a particular function or section of the organization, the remainder of the organization is then considered to be an external provider or other interested party.
The organization should maintain the scope of OH&S management system as documented information and make it available to interested parties. There are several methods for so doing, e.g. using a written description, inclusion on a site map, an organizational diagram, a webpage, or posting a public statement of its conformity. When documenting its scope, the organization should consider using an approach that identifies the activities or processes involved, the products or services that ensue, and the location(s), where they occur.