Why This Transition Still Matters in 2026
If your business is still operating under OHSAS 18001, or you recently acquired a business that was certified to it, you need to understand something clearly: OHSAS 18001 was officially withdrawn in 2021. It no longer exists as a valid certification standard. Any organisation still claiming OHSAS 18001 certification is holding a piece of paper that carries no weight with clients, insurers, or regulators.
On this page
The transition to ISO 45001, the international standard for occupational health and safety management systems, is not optional. It is the only credible path forward for businesses that take workplace safety seriously. This guide walks you through exactly how to make that transition, what has changed, what you can carry over, and where most organisations trip up along the way.
To understand the background of why this change happened in the first place, it helps to read about what OHSAS 18001 was and why it was replaced by ISO 45001. But for now, let us focus on the practical steps of getting your system across the line.
What Actually Changed Between OHSAS 18001 and ISO 45001
Before you can plan a transition, you need to understand what you are transitioning to. ISO 45001 is not simply a rebranded version of OHSAS 18001. It is a fundamentally different document in structure, philosophy, and requirements.
The High Level Structure
ISO 45001 follows the High Level Structure (HLS), also known as Annex SL, which is the same framework used by ISO 9001 and ISO 14001. This makes it much easier to integrate with other management systems. OHSAS 18001 had its own structure that did not align neatly with other ISO standards.
If your organisation already holds ISO 9001 or ISO 14001, this is genuinely good news. The clause structure, terminology, and approach to risk are now consistent across all three standards, which means your existing documentation and processes can often be adapted rather than rebuilt.
Context of the Organisation
ISO 45001 introduces a formal requirement to understand the context of your organisation (Clause 4). This means identifying internal and external factors that affect your ability to achieve your OHS objectives, as well as understanding the needs and expectations of workers and other interested parties. OHSAS 18001 had nothing equivalent to this.
In practice, this requires you to document the issues that influence your OHS management system, not just the hazards on the floor, but things like regulatory changes, workforce composition, contractor arrangements, and even cultural factors.
Worker Participation and Consultation
This is one of the most significant philosophical shifts. ISO 45001 places far greater emphasis on worker participation than OHSAS 18001 ever did. Clause 5.4 specifically requires organisations to establish processes for worker consultation and participation in OHS decisions. Workers must be involved in hazard identification, risk assessment, incident investigation, and the development of OHS objectives.
This is not a tick-box exercise. Auditors will look for genuine evidence that workers have been consulted and that their input has influenced decisions. A safety committee that meets once a year and produces minutes nobody reads will not satisfy this requirement.
Leadership and Commitment
ISO 45001 places accountability for the OHS management system squarely on top management, not just the safety officer. Clause 5.1 requires senior leaders to demonstrate active commitment, not just sign off on a policy. This includes ensuring the OHS system is integrated into business processes, that resources are provided, and that the system is reviewed at the leadership level.
Risk and Opportunity
OHSAS 18001 focused primarily on hazard identification and risk control. ISO 45001 takes a broader view by requiring organisations to also identify and act on opportunities, not just threats. This includes opportunities to improve OHS performance, reduce incidents, and enhance worker wellbeing. The risk-based thinking that underpins ISO 9001 is now embedded in ISO 45001 as well.
Step-by-Step Transition Process
Here is a practical, sequenced approach to transitioning from OHSAS 18001 to ISO 45001. The timeline will vary depending on your organisation's size, complexity, and how well your existing system is documented, but most businesses can complete this process within three to nine months.
Step 1: Conduct a Gap Analysis
Start by mapping your existing OHSAS 18001 system against the requirements of ISO 45001. A proper gap analysis will tell you what you already have, what needs to be updated, and what needs to be created from scratch.
Pay particular attention to the new requirements around context of the organisation, worker participation, and leadership commitment. These are the areas where most OHSAS 18001 systems fall short. You should also check whether your hazard identification and risk assessment processes meet the broader scope of ISO 45001, which includes legal and other requirements in a more integrated way than OHSAS 18001 did.
Document your findings clearly. A gap analysis is not just a planning tool. It also becomes evidence for your auditor that you approached the transition systematically.
Step 2: Update Your OHS Policy
Your existing OHS policy will likely need updating. ISO 45001 requires the policy to include specific commitments to provide safe and healthy working conditions, eliminate hazards, reduce OHS risks, consult and participate with workers, and continually improve the OHS management system. Review your current policy against Clause 5.2 and revise accordingly. For practical guidance on drafting this document, see our article on how to write an ISO 45001 OHS policy that passes audit.
Step 3: Address the Context Requirements
This is where many organisations spend the most time during transition. You need to document the internal and external issues that are relevant to your OHS management system, and identify the interested parties whose needs and expectations you must consider.
Internal issues might include things like workforce size and composition, existing safety culture, equipment condition, and management structure. External issues might include legislative requirements, industry standards, supply chain arrangements, and community expectations. Interested parties go beyond employees to include contractors, visitors, unions, regulators, and even local communities in some industries.
This does not need to be a lengthy document. A well-structured register or matrix that captures the key issues and links them to your OHS objectives is perfectly adequate.
Step 4: Strengthen Worker Participation Processes
Review how you currently consult with workers on OHS matters and be honest about whether it is genuinely participatory or just procedural. ISO 45001 requires workers to be involved in decisions that affect them, including hazard identification, incident investigation, and the setting of OHS objectives.
Practical ways to demonstrate this include toolbox talks with recorded attendance and outcomes, safety committee minutes that show worker input influencing decisions, documented feedback mechanisms, and evidence that workers have been involved in reviewing risk assessments for their own work areas.
For construction and high-risk industries, getting genuine worker participation in ISO 45001 implementation is particularly important, and we have a dedicated guide on how to get worker participation in ISO 45001 implementation that covers this in detail.
Step 5: Review and Update Risk Assessment Processes
Your existing hazard identification and risk assessment processes from OHSAS 18001 will form a solid foundation, but they need to be reviewed against ISO 45001's broader requirements. Specifically, you need to ensure your processes capture hazards related to emergency situations, changes in work arrangements, and the activities of contractors and visitors.
You also need to document how you determine legal and other requirements (Clause 6.1.3) and how these are integrated into your risk controls. Many OHSAS 18001 systems treated legal compliance as a separate register rather than integrating it into the risk management process. ISO 45001 expects a more connected approach.
Step 6: Update Objectives and Performance Monitoring
ISO 45001 requires OHS objectives to be consistent with the OHS policy, measurable, monitored, communicated, updated as appropriate, and documented. Review your existing objectives and check whether they meet these criteria. Vague objectives like “improve safety culture” without any measurable indicators will not satisfy an auditor.
Also review your performance monitoring arrangements. ISO 45001 requires both proactive and reactive monitoring. Proactive monitoring includes things like inspection frequencies, training completion rates, and near-miss reporting rates. Reactive monitoring covers incident rates, injury statistics, and corrective action closure times.
Step 7: Conduct Internal Audits Against ISO 45001
Before your transition audit with your certification body, run at least one full internal audit against ISO 45001. This is not the same as auditing against OHSAS 18001. Your internal auditors need to be familiar with the new standard's requirements, particularly the new clauses around context, leadership, and worker participation.
If your internal auditors have not been trained on ISO 45001, this is the time to address that. An internal audit that misses the new requirements gives you a false sense of readiness. For guidance on running internal audits that actually find problems, see our article on how to run ISO internal audits that actually find problems.
Step 8: Management Review
Conduct a formal management review that covers ISO 45001 requirements. This must include inputs such as the results of internal audits, worker participation outcomes, incident trends, OHS objectives performance, and any changes to the context of the organisation. The outputs must include decisions on continual improvement opportunities and any resource needs.
Document this review thoroughly. It is one of the key pieces of evidence your certification body auditor will look for during the transition audit.
Step 9: Engage Your Certification Body
Contact your existing certification body early in the transition process. Most accredited certification bodies will conduct a transition audit rather than a full initial certification audit, which reduces cost and time. The transition audit will typically assess your system against ISO 45001 requirements and verify that the gaps identified in your gap analysis have been addressed.
Ask your certification body specifically what their transition audit process involves, how many audit days they estimate, and what documentation they will expect to see. Different certification bodies handle transitions slightly differently, so clarity upfront avoids surprises.
Common Mistakes During the OHSAS 18001 to ISO 45001 Transition
Treating It as a Documentation Exercise
The most common mistake is updating documents without changing how the system actually operates. ISO 45001 is designed to be a living system that drives real OHS outcomes, not a folder of policies that sits on a shelf. Auditors are trained to look for evidence of implementation, not just documentation.
Ignoring the Leadership Requirements
Many organisations delegate the transition entirely to the safety officer or quality manager and assume top management just needs to sign off on the updated policy. That is not enough. ISO 45001 requires visible, active leadership commitment. If your CEO cannot speak to the OHS objectives or explain how the management system supports the business strategy, that will be noted during the audit.
Underestimating the Worker Participation Requirements
This catches a lot of organisations off guard. Simply having a safety committee is not sufficient evidence of worker participation under ISO 45001. You need to demonstrate that workers are genuinely involved in OHS decisions and that their input makes a difference. Build this into your processes from the start of the transition, not as an afterthought before the audit.
Not Updating the Scope
Review your certification scope as part of the transition. The scope of your ISO 45001 certification should accurately reflect the boundaries of your OHS management system. If your business has changed since your OHSAS 18001 certification, this is the right time to update the scope to reflect current operations.
How Long Does the Transition Take?
For a small to medium business with a reasonably well-documented OHSAS 18001 system, the transition typically takes three to six months of preparation followed by a transition audit. Larger organisations with multiple sites or complex contractor arrangements may need six to twelve months.
The key variables are how current your existing documentation is, how engaged your leadership team is, and how quickly you can implement the new requirements around context and worker participation. Organisations that try to rush the transition by treating it as a paperwork update tend to face non-conformances during the audit that extend the timeline anyway.
If you are also considering the broader benefits of ISO 45001 certification as part of your business case for investment in the transition, that article covers the commercial and operational advantages in detail.
What Does the Transition Audit Involve?
A transition audit is conducted by your certification body and typically follows a similar structure to a Stage 2 certification audit. The auditor will review your documented system, interview relevant staff including workers and managers, and observe operations where relevant.
The auditor will specifically focus on the new requirements of ISO 45001 that were not present in OHSAS 18001, particularly context, leadership, worker participation, and the integration of risk-based thinking. They will also verify that your gap analysis was thorough and that identified gaps have been addressed.
If non-conformances are raised, you will typically have a defined period to provide evidence of corrective action before the certificate is issued. Major non-conformances may require a follow-up audit visit.
To understand what ISO 45001 certification costs in Australia, including transition audit fees, that guide covers real pricing data from providers across the country.
Getting Support for Your Transition
Whether you handle the transition internally or bring in external help depends on the capability of your team and the complexity of your system. Organisations with experienced OHS professionals who understand ISO standards can often manage the transition with minimal external support. Smaller businesses or those without dedicated safety resources will generally benefit from working with an ISO consultant who has specific ISO 45001 experience.
If you do engage a consultant, make sure they have direct experience with ISO 45001 transitions, not just general ISO consulting experience. The nuances of the worker participation requirements and the context analysis are areas where inexperienced consultants often provide generic advice that does not hold up under audit scrutiny.
If you are looking for verified ISO consultants and certification bodies to support your ISO 45001 transition, CertBetter makes it straightforward. Submit one form and receive up to three competing quotes from vetted providers. The service is completely free for businesses, and every provider on the platform has been reviewed for credibility and relevant experience. It is a practical way to compare your options without spending hours on research.




