Can I integrate ISO 45001 and ISO 9001 into one management system?

Yes, and it is a very practical approach for businesses that need both certifications. Because both standards follow the Harmonised Structure, they share common elements like leadership commitment, risk-based thinking, internal audits, management review, and corrective action. These shared elements can be managed through a single integrated system, while the specific requirements of each standard are addressed within their respective streams. This reduces duplication and makes the overall system easier to manage and audit.

Which standard should I get first, ISO 9001 or ISO 45001?

The answer depends on your specific situation. If your clients or tenders require a particular certification, start with that one. If you operate in a high-risk industry with significant physical hazards, ISO 45001 should be a priority. If your business is primarily focused on improving quality and customer satisfaction, ISO 9001 is the logical starting point. Regardless of which you pursue first, it is worth designing your management system with both standards in mind from the beginning to avoid rework later.

Do both ISO 45001 and ISO 9001 use the same structure?

Yes. Both standards follow the ISO Harmonised Structure, which provides a common framework of clauses covering context, leadership, planning, support, operation, performance evaluation, and improvement. This shared structure is what makes integration possible. However, the specific requirements within each clause differ significantly between the two standards, reflecting their different purposes. The structural similarity does not mean the standards are interchangeable.

Is ISO 45001 required by law in Australia?

ISO 45001 is not a legal requirement in Australia, but the legal obligations it helps you meet very much are. Work health and safety legislation in Australia requires employers to eliminate or minimise risks to workers so far as is reasonably practicable. ISO 45001 provides a structured framework for meeting those obligations. Many government contracts and industry bodies also require ISO 45001 certification as a condition of doing business, which effectively makes it a commercial necessity in certain sectors even if it is not mandated by law.

Will holding ISO 9001 give me a head start on ISO 45001?

Yes, in a meaningful way. If you already hold ISO 9001 certification, your organisation will have established processes for document control, internal auditing, management review, corrective action, and setting objectives. All of these elements exist in ISO 45001 as well. The additional work required is to build the safety-specific content: hazard identification, risk assessment, legal compliance obligations, worker consultation, and safety controls. Your existing system infrastructure gives you a genuine advantage and typically reduces the time and cost required to achieve ISO 45001 certification.

Does ISO 45001 Replace ISO 9001?

Q: Does ISO 45001 replace ISO 9001?

No. ISO 45001 and ISO 9001 are separate standards that address completely different subject matter. ISO 45001 covers occupational health and safety management, while ISO 9001 covers quality management. One does not replace or substitute for the other. Organisations that need both must implement and certify to both standards, though they can be integrated into a single management system to reduce duplication and administrative burden.

The Short Answer: No, ISO 45001 Does Not Replace ISO 9001

This question comes up more often than you might expect, and it is easy to understand why. Both ISO 45001 and ISO 9001 are internationally recognised management system standards. Both use the same high-level structure. Both require leadership commitment, risk-based thinking, documented information, and continual improvement. On the surface, they can look like variations of the same thing.

On this page

But they are not the same thing, and one does not replace the other. ISO 45001 is an occupational health and safety management system standard. ISO 9001 is a quality management system standard. They address completely different business objectives, and most organisations that need one will find genuine value in holding both.

If you have been told you only need one of these, or that getting ISO 45001 makes ISO 9001 redundant, that advice is incorrect. This article explains what each standard actually covers, why they exist alongside each other, and how to decide which one or which combination makes sense for your business.

What ISO 9001 Actually Covers

ISO 9001 is the world's most widely adopted management system standard. It focuses on quality, specifically on a business's ability to consistently deliver products and services that meet customer requirements and applicable regulatory requirements. If you want a deeper look at the foundations, our beginner's guide to ISO 9001:2015 covers the full structure in plain English.

At its core, ISO 9001 asks you to:

Understand your organisation's context and the needs of interested parties
Define and control your processes
Manage risks and opportunities that affect quality outcomes
Set quality objectives and measure performance against them
Handle customer complaints and nonconformities systematically
Continually improve your quality management system

ISO 9001 applies to any organisation, in any sector, of any size. A law firm, a food manufacturer, a logistics company, and a software developer can all hold ISO 9001 certification. The standard does not specify what your quality outcomes must look like. It specifies that you have a system for defining, controlling, and improving them.

Get 3 ISO Quotes. 24 Hours Response

Tell us what you need and compare vetted ISO consultants or certification bodies within 24 hours. Free, no obligation.

Trusted by 400+ businesses like yours

What ISO 45001 Actually Covers

ISO 45001 was published in 2018 and replaced OHSAS 18001 as the global benchmark for occupational health and safety management. For background on that transition, our article on what OHSAS 18001 was and why it changed to ISO 45001 explains the history clearly.

ISO 45001 focuses on preventing work-related injury and illness and creating safe, healthy workplaces. It asks you to:

Identify hazards and assess the risks they create for workers
Implement controls to eliminate or reduce those risks
Consult workers and involve them in safety decisions
Meet legal and regulatory obligations related to workplace health and safety
Investigate incidents and drive corrective action
Set health and safety objectives and measure performance

The scope is entirely different from ISO 9001. ISO 45001 is not concerned with whether your product meets customer specifications. It is concerned with whether your workers go home safe at the end of the day. For a practical overview of what implementation involves, our easy guide to implementing ISO 45001 is worth reading.

Why People Confuse the Two Standards

They Share the Same High-Level Structure

Since 2012, ISO has been publishing management system standards using a common framework called Annex SL, now updated to the Harmonised Structure. This means ISO 9001, ISO 45001, ISO 14001, ISO 27001, and many other standards all follow the same clause numbering and use consistent language around leadership, planning, support, operation, performance evaluation, and improvement.

The structural similarity is intentional. It makes it easier to integrate multiple standards into one management system. But it also means the standards can look almost identical at a glance, which creates confusion for businesses approaching them for the first time.

Both Use Risk-Based Thinking

ISO 9001 requires you to identify risks and opportunities that could affect your quality outcomes. ISO 45001 requires you to identify hazards and assess the risks they pose to workers. The word “risk” appears in both, but the context is completely different. Quality risk and safety risk are not the same thing, and managing one does not automatically address the other.

Both Require Management Commitment and Documentation

Another area of overlap that causes confusion is the leadership and documentation requirements. Both standards require top management to demonstrate commitment, set objectives, and review performance. Both require documented information to be maintained and retained. Again, this shared structure is a feature, not a sign that the standards cover the same ground.

The Key Differences Between ISO 45001 and ISO 9001

Different Purpose and Scope

ISO 9001 exists to improve the quality of your outputs. ISO 45001 exists to protect the health and safety of your workers. These are fundamentally different goals. A business can have outstanding quality outcomes and still have a dangerous workplace. Conversely, a business can have an excellent safety record and still deliver inconsistent, low-quality products or services.

Different Interested Parties

ISO 9001 is primarily focused on customers as the key interested party, though it also considers regulators, suppliers, and others. ISO 45001 places workers at the centre. It has specific requirements around worker participation and consultation that do not exist in ISO 9001. Workers must be actively involved in hazard identification, risk assessment, and safety decisions. This is a unique and non-negotiable element of ISO 45001.

Different Legal Obligations

In Australia, workplace health and safety is governed by the Work Health and Safety Act 2011 (and equivalent state legislation). ISO 45001 is directly aligned with these legal obligations. ISO 9001 does reference compliance with applicable legal and regulatory requirements, but it does not drill into safety legislation the way ISO 45001 does. ISO's official overview of ISO 45001 confirms that the standard was specifically designed to help organisations meet their legal obligations in this area.

Different Certification Outcomes

If a client or tender requires ISO 9001 certification, holding ISO 45001 will not satisfy that requirement. They are separate certifications, assessed by separate audits, and they demonstrate different things. A government tender requiring ISO 9001 is asking about your quality management capability. One requiring ISO 45001 is asking about your safety management capability. You cannot substitute one for the other.

Can You Hold Both ISO 45001 and ISO 9001?

Absolutely, and many organisations do. In fact, holding both is extremely common in industries like construction, manufacturing, engineering, mining, and utilities, where both quality and safety are non-negotiable requirements for winning contracts and operating responsibly.

Because both standards share the Harmonised Structure, it is possible to integrate them into a single Integrated Management System (IMS). This means you maintain one set of policies, one management review process, one internal audit programme, and one corrective action system that covers both standards simultaneously. Our auditor's guide to integrated management systems goes into detail on how this works in practice.

An integrated approach reduces duplication, saves time during audits, and makes the system easier for staff to understand and follow. Instead of two separate manuals, two separate sets of objectives, and two separate audit schedules, you bring everything under one roof.

What Integration Actually Looks Like

In a practical sense, integration means your organisation's context analysis considers both quality and safety risks. Your management review covers performance against both sets of objectives. Your internal audit programme covers both standards in a coordinated way. Your corrective action process handles nonconformities from both systems.

The differences are addressed within that shared framework. Your hazard register and risk controls sit within the safety stream. Your process controls, customer feedback, and product specifications sit within the quality stream. They share infrastructure but address different subject matter.

Which Standard Should You Get First?

This is a practical question that depends on your business situation, not a theoretical one. Here are the factors that should drive your decision.

Follow the Contract Requirements

If a client, tender, or industry body requires a specific certification, start there. Do not spend 12 months building an ISO 9001 system if every contract you want to win requires ISO 45001. Check your current and target contracts carefully and let the market tell you what is most urgent.

Consider Your Risk Profile

If you operate in a high-risk industry where workers face genuine physical hazards, ISO 45001 should be a priority regardless of contract requirements. Construction sites, warehouses, chemical plants, and manufacturing facilities all carry significant safety risk. The cost of a serious incident, financially, legally, and reputationally, far outweighs the cost of certification.

Consider Your Quality Maturity

If your business already has strong informal quality processes but lacks a formal system, ISO 9001 may be the easier starting point. It builds structure around what you already do and gives you a foundation that can later be expanded to include safety management.

Plan for Both From the Start

Even if you only pursue one certification initially, design your management system with both in mind. Use the Harmonised Structure from day one. Set up your document control, internal audit, and management review processes in a way that can accommodate a second standard later. This saves significant rework when you are ready to expand.

Common Scenarios Where This Question Arises

A Construction Company Winning Government Tenders

A mid-sized construction firm in Brisbane has ISO 9001 certification and wants to bid on state government infrastructure projects. The tender specification requires ISO 45001. The business owner asks whether their existing ISO 9001 covers this requirement. It does not. They need to implement a separate occupational health and safety management system and achieve ISO 45001 certification. The good news is that the two systems can be integrated, and their ISO 9001 foundation gives them a significant head start.

A Manufacturer Replacing OHSAS 18001

A manufacturing business in Victoria held OHSAS 18001 certification and transitioned to ISO 45001 when OHSAS 18001 was withdrawn. They now ask whether they still need ISO 9001 since ISO 45001 covers similar ground. The answer is the same. ISO 45001 does not cover quality. If their customers require ISO 9001, they need to maintain it separately, or integrate it with their ISO 45001 system.

A Small Business Starting From Scratch

A 15-person engineering consultancy is pursuing their first ISO certification. They work in a low-risk office environment but their clients require ISO 9001. Someone suggests they get ISO 45001 instead because it is “more comprehensive.” This is bad advice. ISO 45001 is not more comprehensive than ISO 9001. It covers a different subject. If clients require ISO 9001, that is what the business needs.

What the Benefits of Each Standard Look Like in Practice

ISO 9001 delivers measurable improvements in consistency, customer satisfaction, and process efficiency. Businesses that implement it properly see fewer customer complaints, reduced rework, and clearer accountability across their operations. For a breakdown of what this looks like in terms of return on investment, our article on ISO 9001 ROI for small manufacturers provides specific examples.

ISO 45001 delivers improvements in safety performance, legal compliance, and worker confidence. Businesses that implement it properly see reduced incident rates, lower workers compensation costs, and stronger engagement from their workforce. The top 10 benefits are covered in detail in our article on the benefits of ISO 45001.

Neither standard duplicates the other's outcomes. They are complementary, and together they give a business a much stronger management foundation than either one alone.

Getting Help With ISO 45001, ISO 9001, or Both

One of the most common mistakes businesses make when pursuing ISO certification is treating it as a documentation exercise rather than a genuine management system improvement. Whether you are implementing ISO 9001, ISO 45001, or both at the same time, the quality of the guidance you receive matters enormously.

If you are unsure where to start, or you want to compare quotes from consultants and certification bodies who specialise in these standards, CertBetter makes that process straightforward. You submit one form, and you receive up to three competing quotes from verified providers. The service is free for businesses, and it gives you a realistic picture of what certification will cost and how long it will take before you commit to anything.