By Phil Chambers
Health & Safety, Environmental and QA Services and Systems


So, you want OHSAS 18001?

Many companies want to “do the right thing regards health and safety”, but you don’t have to be certified to OHSAS 18001 for this.  Guidance in publications like “The Printers Guide to Health and Safety ” lead the way.  However, having third-party assessment of your health & safety practices, which is what you get with certification to OHSAS 18001, gives you a status which is recognised by many clients and other interested parties such as insurance companies.

Available from HSE Books

So what is OHSAS 18001 and how do we go about getting certification?

OHSAS 18001 is a health & safety management standard.  Note that it is management standard, not a performance standard.  So it is not a just matter of doing the right thing; it is also how you approach that in an auditable, sustainable and improving way.
Essentially there are two steps to gaining certification:

Note that 18001 is not quite like 9001 and 14001 where UKAS controls certifying bodies, though it is moving that way. 

So how do I go about setting up and implementing management systems?

Before we go any further, I’d just like to recommend that your documentation should be implementation-based.  What I mean by this is that it should be written from the perspective of the users of the different systems and not look like semi-legal documents.  I recommend the following:

OHSAS 18001 shows the structure to the right. Note that you'll probably write your policy out of this sequence; if you haven't identified the concerns, how can you write a policy to cover them?

Initial Status Review and Planning

These two overlap, because both enable you to identify the actual or potential health & safety impacts and to plan how you will control them.

Initial Status Review

Whilst risk assessments are really part of the planning stage, unless you have carried out some initial assessments, you cannot know what to put in your policy.


All your risk assessments come under planning.  These need to include general risks, fire risks, CoSHH, manual handling, etc.  Risk assessments must be suitable and sufficient and must have action plans arising as a result of the assessments.  In my opinion, the action plans should include: