Independent private certification and management-system review for quality, compliance and resilience.
info@veritystandards.co.uk · 020 3422 7346
Verity Certification
ISO 45001 · occupational health and safety management

Safer work starts when hazards become visible, owned and controlled.

ISO 45001 is the main management-system framework for occupational health and safety. It helps organisations show structured hazard identification, risk control, worker awareness, consultation, incident learning and management oversight of health and safety performance.

Verity’s private ISO 45001 route is designed for organisations that want a more organised, evidence-led way to show health and safety control. The focus is not simply having a policy; it is whether responsibilities, hazards, controls, competence, incidents, communication and review are connected into a working system.

Request a safety review All standards
Important clarity: ISO 45001 supports the management of occupational health and safety risks. It does not replace legal compliance duties, competent advice, site-specific risk assessment or statutory obligations. Its value is in making health and safety responsibilities, controls and review evidence clearer.
Page guide

This page treats health and safety as a live management system, not a static policy file.

A strong ISO 45001 approach connects leadership, hazard identification, risk assessment, operational controls, worker participation, competence, incident learning, audit and management review. The result is a clearer safety culture and a stronger evidence trail.

Purpose Control functions Hazard map Maturity route Review areas What you receive Questions
Purpose of the standard

ISO 45001 helps move safety from reaction to prevention.

ISO 45001 is designed to help organisations control occupational health and safety risks systematically rather than relying only on reactive or informal measures. It gives structure to hazard identification, risk assessment, safe working arrangements, competence, communication, consultation, monitoring and continual improvement.

For smaller organisations, the system should be proportionate. It does not need to create unnecessary paperwork, but it should make responsibilities clear and create evidence that hazards are understood, controls are in place and learning is used to improve.

  • Health and safety policy and leadership responsibilities.
  • Hazard identification and risk assessment methodology.
  • Operational controls and safe working arrangements.
  • Competence, awareness and communication.
  • Worker participation and consultation.
  • Incident reporting, corrective action and learning.
  • Monitoring, audit and management review.
Plain-English value

What a good ISO 45001 system says

“We know what can harm people. We assess the risks. We define controls. We communicate expectations. We involve workers. We learn from incidents. We review whether the system is working.”

That is much stronger than saying “we take health and safety seriously” without records, ownership or evidence.

Hazards Controls Worker voice Incident learning
Control functions

Eight functions a practical safety system should perform.

ISO 45001 is most useful when it shows how safety thinking moves through the organisation: from hazard recognition to control, communication, monitoring and improvement.

Identify hazards

Hazards should be identified from real work activities, premises, equipment, substances, people, contractors and changing conditions.

Assess risk

The organisation should decide who may be harmed, how severe the harm could be and how likely it is to occur.

Define controls

Controls should be practical, understood and proportionate, not just generic statements copied into a form.

👥

Involve workers

People doing the work often understand the hazards best. Consultation makes the system more realistic.

Train and brief

Competence, induction, toolbox talks and awareness records help show that controls have been communicated.

Respond to incidents

Near misses, accidents and unsafe conditions should trigger reporting, investigation and corrective action.

Review performance

Inspections, audits, incident trends and management review help check whether the system is working.

Improve controls

The best safety systems learn from change, incidents, audits, feedback and operational experience.

Illustrative hazard map

A simple way to show risk prioritisation.

A hazard matrix helps organisations apply consistent language when reviewing likelihood, severity and control priority. It should support judgement, not replace it.

Severity →
Minor
Moderate
Serious
Major
Very likely
M
H
C
C
Likely
M
M
H
C
Possible
L
M
H
H
Unlikely
L
L
M
H

Example only. Verity would tailor risk criteria to the organisation’s activities, workplace, sector and controls.

Review emphasis

Where safety systems often need strengthening

Many businesses have written risk assessments. Fewer have clear evidence that controls are owned, communicated, reviewed and improved.

Hazard review
High
Control evidence
High
Worker input
Core
Incident learning
High
Management review
High
Incremental maturity

Health and safety improves when control becomes routine.

ISO 45001 is strongest when the organisation moves from reactive safety paperwork to active prevention, worker involvement and management-level learning.

1

Basic compliance file

Policies and risk assessments exist, but review, ownership and evidence may be inconsistent.

  • Basic policy.
  • Initial risk assessments.
  • Some training evidence.
2

Controlled activity

Hazards are reviewed, controls are defined and responsibilities become clearer.

  • Named owners.
  • Safe systems of work.
  • Inspection records.
3

Worker-led learning

Workers contribute to hazard awareness, near-miss reporting and practical improvement.

  • Consultation records.
  • Near-miss learning.
  • Toolbox talks.
4

Managed safety culture

Leadership reviews performance, incidents, trends, controls and improvement actions.

  • Management review.
  • Trend analysis.
  • Continual improvement.
What Verity would examine

A serious review looks beyond the policy wording.

A health and safety policy is only the start. Verity would look at whether health and safety arrangements are actually understood, communicated, implemented and reviewed within the organisation’s real activities.

  • Health and safety policy, leadership commitment and responsibilities.
  • Scope, sites, work activities and outsourced-activity considerations.
  • Hazard identification and risk assessment methodology.
  • Operational planning and safe working arrangements.
  • Competence, induction, training and awareness records.
  • Worker consultation, participation and communication routes.
  • Incident reporting, near-miss handling and corrective action.
  • Monitoring, inspections, internal review and management review.
  • Emergency arrangements and response planning where relevant.
  • Evidence that actions are closed and lessons are retained.
Practical insight

The strongest safety evidence is often ordinary evidence.

Inspection records, maintenance logs, training records, induction sheets, toolbox talks, near-miss reports, corrective-action logs, site photographs, worker feedback and management meeting notes often say more about safety culture than a polished policy document.

ISO 45001-style review helps organise that evidence so the organisation can explain not only what its arrangements are, but how they work in practice.

How ISO 45001 connects with other standards

Health and safety becomes stronger when linked to quality, environment, risk and continuity.

Safety does not sit alone. It connects naturally with operational quality, environmental controls, risk management, business continuity, supplier control and responsible-business evidence.

Quality

ISO 9001

Supports process ownership, corrective action, training control, supplier review and management review.

Environment

ISO 14001

Links with site controls, substances, waste, incidents, emergency response and operational discipline.

Risk

ISO 31000

Health and safety is fundamentally risk-based: hazard, likelihood, severity, controls and escalation.

Continuity

ISO 22301

Emergency arrangements, staff safety and recovery planning often overlap with business continuity.

Responsibility

ISO 26000

Worker wellbeing, consultation, fairness and safe conditions support broader responsible-business evidence.

Evidence

Evidence Pack

Turns policies, risk assessments, training records and incident learning into a clearer customer-facing file.

What you receive from Verity

A practical health and safety evidence package.

The ISO 45001 route can be delivered as a readiness review, a private certification route or a fuller evidence pack for customer confidence and internal improvement.

Document 1

Safety framework review summary

A structured summary showing how health and safety responsibilities, hazards, controls and review processes are currently managed.

  • Scope and activity context.
  • Policy and responsibility review.
  • Control maturity observations.
Document 2

Findings and improvement report

A practical findings report covering strengths, observations, gaps, corrective actions and recommended improvement priorities.

  • Conformities and observations.
  • Corrective-action priorities.
  • Evidence gaps.
Document 3

Certificate and verification entry

Where evidence supports the decision, a private certificate can be issued with defined scope, status and verification details.

  • Certificate number.
  • Scope and validity period.
  • Verification reference.
Optional

Health and safety evidence pack

A buyer-facing pack that organises key policies, risk controls, training records, incident learning and review evidence.

  • Policy and scope summary.
  • Risk and control overview.
  • Evidence index.
Optional

Hazard and control improvement plan

A staged plan showing how the organisation can improve hazard identification, worker consultation and control review.

  • Priority hazards.
  • Owners and deadlines.
  • Review rhythm.
Optional

Leadership safety summary

A concise leadership-facing summary showing performance themes, incidents, near misses, improvements and review actions.

  • Safety themes.
  • Incident learning.
  • Management review input.
1

Understand activities and hazards

Verity reviews the organisation’s activities, people, sites, equipment, contractors and hazard profile.

2

Review controls and competence

Risk assessments, safe systems, training, communication and operational controls are reviewed.

3

Test evidence and learning

Incidents, near misses, inspections, corrective actions and management review evidence are examined.

4

Issue findings and decision

Findings are recorded and, where evidence supports the decision, certification or review outputs are issued.

Useful wording

How to describe the outcome professionally

A strong wording would be:

“Our occupational health and safety management arrangements have been independently reviewed through a private ISO 45001 route. The review considered leadership responsibilities, hazard identification, risk assessment, operational controls, worker awareness, incident learning and management review evidence.”

This wording is strong because it explains the substance behind the review rather than relying only on a certificate image.

Useful records to prepare

Evidence that makes the review stronger.

The best preparation is not necessarily polished paperwork. It is real, current evidence showing how safety is managed in practice.

  • Health and safety policy and responsibility matrix.
  • Risk assessments and method statements where relevant.
  • Safe systems of work and operational control records.
  • Training, competence, induction and toolbox-talk records.
  • Inspection, maintenance and workplace check records.
  • Incident, accident, near-miss and corrective-action logs.
  • Worker consultation, safety meeting or feedback records.
  • Emergency arrangements and drills where relevant.
  • Contractor, supplier or outsourced-activity safety controls.
  • Management review notes and improvement actions.
Important insight

Near misses are often more useful than accidents.

A near miss is a warning without the full cost of harm. Organisations that capture and learn from near misses often have a more mature safety culture because they are looking for weak signals before serious incidents occur.

ISO 45001-style review can help show whether the organisation treats near misses, unsafe conditions and worker observations as useful intelligence rather than inconvenient paperwork.

Common questions

Questions organisations often ask about ISO 45001 review.

Is ISO 45001 only for high-risk industries?

No. It is especially valuable in higher-risk settings, but the principles also help offices, service providers, facilities businesses, logistics firms, print operations and contractors organise safety responsibilities more clearly.

Does it replace legal compliance?

No. ISO 45001 supports a management framework, but it does not replace legal duties, competent advice, statutory requirements or site-specific compliance obligations.

What makes a health and safety system credible?

Credibility comes from current risk assessments, practical controls, competent people, worker involvement, incident learning, management review and evidence that actions are followed through.

Can a small business use ISO 45001 proportionately?

Yes. A smaller business does not need unnecessary bureaucracy, but it does need clear responsibilities, practical controls and records showing that hazards are reviewed and managed.

Why is worker participation important?

People doing the work often understand hazards in practical detail. Worker input helps the system reflect real conditions rather than assumptions made from a desk.

Can this be linked with an evidence pack?

Yes. A health and safety evidence pack can organise policy, risk assessments, training, incident learning, inspections and management review into a clearer file.

Health and safety evidence

Need to show health and safety is controlled, reviewed and improving?

Send your current policy, risk assessments, incident records, training evidence, inspection records and management review notes. Verity can provide an initial view of whether a private ISO 45001 review, certification route or evidence pack is the most suitable next step.

Request a safety review View pricing View evidence pack