Frequently Asked Questions 

What is ISO 45001?

ISO 45001 is the first internationally released ISO standard for Occupational Health & Safety systems. It is a relatively new standard, released in March 2018. ISO 45001:2018 outlines the requirements for your organization to develop efficient safety systems. It shows interested parties and stakeholders your organization is committed to the safety of workers and providing a safe work environment. It is an important sign of your business' capability to reduce costs through preventing workplace injury and illness. AS 4801 is the most widely recognized OH&S standard in Australia. It is applicable to organisations of all sizes, industries or products and services it offers. Find out more on what AS/NZS 4801 is with our Trade Secrets here.

How to create an ISO 45001 system?

Your system has to meet the minimum requirements before you can be certified. Here, we outline the steps to creating your quality management system for certification. 1. Understand the intent of ISO 45001. Read through the standard and familiarise yourself with the terminology. 2. Understand the requirements set out in ISO 45001. Develop your management system according to the standard. For more information on this, have a look at our Trade Secrets. 3. Perform a gap analysis to identify how ready you are to become certified. This will highlight any areas that need further development. Have a look at our ISO 45001 PDF Gap Analysis Checklist here. 4. Undergo the process of Certification. We will need to evaluate your organization to ensure you are compliant to ISO 45001 with a Best Practice Assessment. Find more information on the process here.

What is the latest version of ISO 45001?

ISO 45001 is the new internationally recognized Occupational Health & Safety standard. ISO 45001 is newly released and will replace AS/NZS 4801 and OHSAS 18001, as these standards will be withdrawn over the next three years. ISO 45001 outlines the requirements of an OH&S management system to ensure worker safety and provide a safe work environment. They are influential indicators that an organization has measures in place to reduce workplace injury and illness.

What does it mean to be ISO 45001 certified?

When you are certified to ISO 45001, you are able to get external certification of your system. This helps show interested parties, stakeholders and customers that you have met the requirements set out in ISO 45001:2018, and that you have systems in place to mitigate risks and build confidence. ISO 45001 shows you are actively working to reduce risks that exist in the workplace, and therefore reduce workplace related injury and illness. This can provide significant cost savings as you can reduce employee sick leave, compensation and insurance.

What are the requirements of ISO 45001?

ISO 45001:2018 is the standard that outlines the OH&S requirements that need to be met to become certified. These requirements are broken down into clauses that provide the framework for your management system. The clauses are Context of the Organization (clause 4), Leadership (clause 5), Planning (clause 6), Support (clause 7), Operation (clause 8), Performance Evaluation (clause 9) and Improvement (clause 10). ISO 45001:2018 follows the new structure of ISO standards, Annex SL. The requirements of ISO 45001 are to identify the risks and have a business plan for occupational health and safety. Have a look at the video below to find out more.

How to get certified to ISO 45001?

1. Gap Analysis (optional): The process begins with an optional gap analysis to evaluate your OH&S system against each clause of ISO 45001. 2. Stage One: The mandatory first step is an assessment of your management system documentation to evaluate it against the standard, including policies, processes, management review records, scope and context. It sets the basis for Stage Two. 3. Stage Two: The stage two assessment is the final step of the initial certification process. To achieve certification, we need to check that the documented requirements of the standard are implemented across the business. We visit your offices and sites, as well discuss your system with relevant people in your business. 4. Certification: Once your stage two assessment is verified and the process is complete, a 'Statement of Certification' is issued, confirming compliance with the relevant standard.​ This certification is valid for a three-year period from the date of issue. Surveillance assessments will need to be performed on a regular basis to maintain your certification. Contact Us with any questions you may have, or to find out more about the certification process.

Why is ISO 45001 required?

ISO 45001 is required to show customers, suppliers and stakeholders that you have idenitified, mitigated and controlled safety risks, and you are committed to providing a safe workplace. To become certified to ISO 45001, companies need to undergo evaluation against the standard, and need to have ongoing surveillance audits to ensure ongoing compliance. Find out more about the certification process here.

What is ISO 45001 training?

ISO 45001 training can be used to understand the underlying meaning of the standard, so you can develop a safety management system that can then be audited and assessed against ISO 45001. For more information on AS/NZS 4801 training, visit our Training Academy here.

What are the benefits of being ISO 45001 certified?

Being certified to ISO 45001 shows your customers that you have been externally verified as having a system that meets the minimum requirements of ISO 45001. It allows your stakeholders to trust your organization and its ability to manage occupational health and safety, and reduce OH&S risks, and therefore reduce workplace related injury or illness. ISO 45001 provides numerous benefits and opportunities, including:

• Tender for work - Declare conformance with the standard and tender for work, including government contracts​ and large corp orate jobs.
• Provide evidence for stakeholders - Enhance your reputation by providing formal recognition of your management processes to customers and interested stakeholders.
• Legal compliance - Provide evidence your organisation meets regulatory requirements, as AS/NZS 4801 instructs that your organisation must meet legal obligations.
• Reduce workplace related injury or illness - By managing OH&S hazards and risks you can reduce workplace related injuries and illnesses, creating cost savings in worker sick leave and sometimes insurance premiums.
• Create evidence of due diligence if an incident occurs - Minimise the risk of legal action from worker's compensation, liability​ claims and provide evidence should an incident occur.
• Create your marketing advantage - Create a competitive advantage and marketing opportunity as certification can be a key differentiator in today's challenging marketplace.

---

How can I transfer my existing ISO 45001 certification?

You can transfer your current ISO 45001 certification to Best Practice seamlessly. We will continue your current certification schedule, contact us for an obligation free quote. Why Best Practice?

• We work to understand your business
  We provide meaningful observations. It's more than just compliance or non-conformance for us.
• We provide you with support services
  We help grow and continually improve your business with training, webinars, YouTube videos and our industry magazine, Certified.
• We have no hidden fees
  Our rates are all inclusive and transparent. We don't have any hidden reporting, travel or preparation fees.

How long does it take to implement ISO 45001?

The durations for implementing ISO 45001 will vary from company to company based on the variability of the appetite for change, the level of buy-in and the positive culture. However, company size is a big influence. Some standard practices are:

• Small organizatons - up to 150 staff - 3-6 months
• Medium organizations - up to 1000 staff - 8-12 months
• Large organizations - more than 1000 staff - 12-18 months

Have a look at our video below for more information on how long it takes to implement ISO 45001.

---

What is ISO 45001?

ISO 45001 is the first internationally released ISO standard for Occupational Health & Safety systems. It is a relatively new standard, released in March 2018. ISO 45001:2018 outlines the requirements for your organization to develop efficient safety systems. It shows interested parties and stakeholders your organization is committed to the safety of workers and providing a safe work environment. It is an important sign of your business' capability to reduce costs through preventing workplace injury and illness. AS 4801 is the most widely recognized OH&S standard in Australia. It is applicable to organisations of all sizes, industries or products and services it offers. Find out more on what AS/NZS 4801 is with our Trade Secrets here.

How to create an ISO 45001 system?

Your system has to meet the minimum requirements before you can be certified. Here, we outline the steps to creating your quality management system for certification. 1. Understand the intent of ISO 45001. Read through the standard and familiarise yourself with the terminology. 2. Understand the requirements set out in ISO 45001. Develop your management system according to the standard. For more information on this, have a look at our Trade Secrets. 3. Perform a gap analysis to identify how ready you are to become certified. This will highlight any areas that need further development. Have a look at our ISO 45001 PDF Gap Analysis Checklist here. 4. Undergo the process of Certification. We will need to evaluate your organization to ensure you are compliant to ISO 45001 with a Best Practice Assessment. Find more information on the process here.

What is the latest version of ISO 45001?

ISO 45001 is the new internationally recognized Occupational Health & Safety standard. ISO 45001 is newly released and will replace AS/NZS 4801 and OHSAS 18001, as these standards will be withdrawn over the next three years. ISO 45001 outlines the requirements of an OH&S management system to ensure worker safety and provide a safe work environment. They are influential indicators that an organization has measures in place to reduce workplace injury and illness.

What does it mean to be ISO 45001 certified?

When you are certified to ISO 45001, you are able to get external certification of your system. This helps show interested parties, stakeholders and customers that you have met the requirements set out in ISO 45001:2018, and that you have systems in place to mitigate risks and build confidence. ISO 45001 shows you are actively working to reduce risks that exist in the workplace, and therefore reduce workplace related injury and illness. This can provide significant cost savings as you can reduce employee sick leave, compensation and insurance.

What are the requirements of ISO 45001?

ISO 45001:2018 is the standard that outlines the OH&S requirements that need to be met to become certified. These requirements are broken down into clauses that provide the framework for your management system. The clauses are Context of the Organization (clause 4), Leadership (clause 5), Planning (clause 6), Support (clause 7), Operation (clause 8), Performance Evaluation (clause 9) and Improvement (clause 10). ISO 45001:2018 follows the new structure of ISO standards, Annex SL. The requirements of ISO 45001 are to identify the risks and have a business plan for occupational health and safety. Have a look at the video below to find out more.

How to get certified to ISO 45001?

1. Gap Analysis (optional): The process begins with an optional gap analysis to evaluate your OH&S system against each clause of ISO 45001. 2. Stage One: The mandatory first step is an assessment of your management system documentation to evaluate it against the standard, including policies, processes, management review records, scope and context. It sets the basis for Stage Two. 3. Stage Two: The stage two assessment is the final step of the initial certification process. To achieve certification, we need to check that the documented requirements of the standard are implemented across the business. We visit your offices and sites, as well discuss your system with relevant people in your business. 4. Certification: Once your stage two assessment is verified and the process is complete, a 'Statement of Certification' is issued, confirming compliance with the relevant standard.​ This certification is valid for a three-year period from the date of issue. Surveillance assessments will need to be performed on a regular basis to maintain your certification. Contact Us with any questions you may have, or to find out more about the certification process.

Why is ISO 45001 required?

ISO 45001 is required to show customers, suppliers and stakeholders that you have idenitified, mitigated and controlled safety risks, and you are committed to providing a safe workplace. To become certified to ISO 45001, companies need to undergo evaluation against the standard, and need to have ongoing surveillance audits to ensure ongoing compliance. Find out more about the certification process here.

What is ISO 45001 training?

ISO 45001 training can be used to understand the underlying meaning of the standard, so you can develop a safety management system that can then be audited and assessed against ISO 45001. For more information on AS/NZS 4801 training, visit our Training Academy here.

What are the benefits of being ISO 45001 certified?

Being certified to ISO 45001 shows your customers that you have been externally verified as having a system that meets the minimum requirements of ISO 45001. It allows your stakeholders to trust your organization and its ability to manage occupational health and safety, and reduce OH&S risks, and therefore reduce workplace related injury or illness. ISO 45001 provides numerous benefits and opportunities, including:

• Tender for work - Declare conformance with the standard and tender for work, including government contracts​ and large corp orate jobs.
• Provide evidence for stakeholders - Enhance your reputation by providing formal recognition of your management processes to customers and interested stakeholders.
• Legal compliance - Provide evidence your organisation meets regulatory requirements, as AS/NZS 4801 instructs that your organisation must meet legal obligations.
• Reduce workplace related injury or illness - By managing OH&S hazards and risks you can reduce workplace related injuries and illnesses, creating cost savings in worker sick leave and sometimes insurance premiums.
• Create evidence of due diligence if an incident occurs - Minimise the risk of legal action from worker's compensation, liability​ claims and provide evidence should an incident occur.
• Create your marketing advantage - Create a competitive advantage and marketing opportunity as certification can be a key differentiator in today's challenging marketplace.

---

How can I transfer my existing ISO 45001 certification?

You can transfer your current ISO 45001 certification to Best Practice seamlessly. We will continue your current certification schedule, contact us for an obligation free quote. Why Best Practice?

• We work to understand your business
  We provide meaningful observations. It's more than just compliance or non-conformance for us.
• We provide you with support services
  We help grow and continually improve your business with training, webinars, YouTube videos and our industry magazine, Certified.
• We have no hidden fees
  Our rates are all inclusive and transparent. We don't have any hidden reporting, travel or preparation fees.

How long does it take to implement ISO 45001?

The durations for implementing ISO 45001 will vary from company to company based on the variability of the appetite for change, the level of buy-in and the positive culture. However, company size is a big influence. Some standard practices are:

• Small organizatons - up to 150 staff - 3-6 months
• Medium organizations - up to 1000 staff - 8-12 months
• Large organizations - more than 1000 staff - 12-18 months

Have a look at our video below for more information on how long it takes to implement ISO 45001.

---

What is ISO 45001?

ISO 45001 is the first internationally released ISO standard for Occupational Health & Safety systems. It is a relatively new standard, released in March 2018. ISO 45001:2018 outlines the requirements for your organization to develop efficient safety systems. It shows interested parties and stakeholders your organization is committed to the safety of workers and providing a safe work environment. It is an important sign of your business' capability to reduce costs through preventing workplace injury and illness. AS 4801 is the most widely recognized OH&S standard in Australia. It is applicable to organisations of all sizes, industries or products and services it offers. Find out more on what AS/NZS 4801 is with our Trade Secrets here.

How to create an ISO 45001 system?

Your system has to meet the minimum requirements before you can be certified. Here, we outline the steps to creating your quality management system for certification. 1. Understand the intent of ISO 45001. Read through the standard and familiarise yourself with the terminology. 2. Understand the requirements set out in ISO 45001. Develop your management system according to the standard. For more information on this, have a look at our Trade Secrets. 3. Perform a gap analysis to identify how ready you are to become certified. This will highlight any areas that need further development. Have a look at our ISO 45001 PDF Gap Analysis Checklist here. 4. Undergo the process of Certification. We will need to evaluate your organization to ensure you are compliant to ISO 45001 with a Best Practice Assessment. Find more information on the process here.

What is the latest version of ISO 45001?

ISO 45001 is the new internationally recognized Occupational Health & Safety standard. ISO 45001 is newly released and will replace AS/NZS 4801 and OHSAS 18001, as these standards will be withdrawn over the next three years. ISO 45001 outlines the requirements of an OH&S management system to ensure worker safety and provide a safe work environment. They are influential indicators that an organization has measures in place to reduce workplace injury and illness.

What does it mean to be ISO 45001 certified?

When you are certified to ISO 45001, you are able to get external certification of your system. This helps show interested parties, stakeholders and customers that you have met the requirements set out in ISO 45001:2018, and that you have systems in place to mitigate risks and build confidence. ISO 45001 shows you are actively working to reduce risks that exist in the workplace, and therefore reduce workplace related injury and illness. This can provide significant cost savings as you can reduce employee sick leave, compensation and insurance.

What are the requirements of ISO 45001?

ISO 45001:2018 is the standard that outlines the OH&S requirements that need to be met to become certified. These requirements are broken down into clauses that provide the framework for your management system. The clauses are Context of the Organization (clause 4), Leadership (clause 5), Planning (clause 6), Support (clause 7), Operation (clause 8), Performance Evaluation (clause 9) and Improvement (clause 10). ISO 45001:2018 follows the new structure of ISO standards, Annex SL. The requirements of ISO 45001 are to identify the risks and have a business plan for occupational health and safety. Have a look at the video below to find out more.

How to get certified to ISO 45001?

1. Gap Analysis (optional): The process begins with an optional gap analysis to evaluate your OH&S system against each clause of ISO 45001. 2. Stage One: The mandatory first step is an assessment of your management system documentation to evaluate it against the standard, including policies, processes, management review records, scope and context. It sets the basis for Stage Two. 3. Stage Two: The stage two assessment is the final step of the initial certification process. To achieve certification, we need to check that the documented requirements of the standard are implemented across the business. We visit your offices and sites, as well discuss your system with relevant people in your business. 4. Certification: Once your stage two assessment is verified and the process is complete, a 'Statement of Certification' is issued, confirming compliance with the relevant standard.​ This certification is valid for a three-year period from the date of issue. Surveillance assessments will need to be performed on a regular basis to maintain your certification. Contact Us with any questions you may have, or to find out more about the certification process.

Why is ISO 45001 required?

ISO 45001 is required to show customers, suppliers and stakeholders that you have idenitified, mitigated and controlled safety risks, and you are committed to providing a safe workplace. To become certified to ISO 45001, companies need to undergo evaluation against the standard, and need to have ongoing surveillance audits to ensure ongoing compliance. Find out more about the certification process here.

What is ISO 45001 training?

ISO 45001 training can be used to understand the underlying meaning of the standard, so you can develop a safety management system that can then be audited and assessed against ISO 45001. For more information on AS/NZS 4801 training, visit our Training Academy here.

What are the benefits of being ISO 45001 certified?

Being certified to ISO 45001 shows your customers that you have been externally verified as having a system that meets the minimum requirements of ISO 45001. It allows your stakeholders to trust your organization and its ability to manage occupational health and safety, and reduce OH&S risks, and therefore reduce workplace related injury or illness. ISO 45001 provides numerous benefits and opportunities, including:

• Tender for work - Declare conformance with the standard and tender for work, including government contracts​ and large corp orate jobs.
• Provide evidence for stakeholders - Enhance your reputation by providing formal recognition of your management processes to customers and interested stakeholders.
• Legal compliance - Provide evidence your organisation meets regulatory requirements, as AS/NZS 4801 instructs that your organisation must meet legal obligations.
• Reduce workplace related injury or illness - By managing OH&S hazards and risks you can reduce workplace related injuries and illnesses, creating cost savings in worker sick leave and sometimes insurance premiums.
• Create evidence of due diligence if an incident occurs - Minimise the risk of legal action from worker's compensation, liability​ claims and provide evidence should an incident occur.
• Create your marketing advantage - Create a competitive advantage and marketing opportunity as certification can be a key differentiator in today's challenging marketplace.

---

How can I transfer my existing ISO 45001 certification?

You can transfer your current ISO 45001 certification to Best Practice seamlessly. We will continue your current certification schedule, contact us for an obligation free quote. Why Best Practice?

• We work to understand your business
  We provide meaningful observations. It's more than just compliance or non-conformance for us.
• We provide you with support services
  We help grow and continually improve your business with training, webinars, YouTube videos and our industry magazine, Certified.
• We have no hidden fees
  Our rates are all inclusive and transparent. We don't have any hidden reporting, travel or preparation fees.

How long does it take to implement ISO 45001?

The durations for implementing ISO 45001 will vary from company to company based on the variability of the appetite for change, the level of buy-in and the positive culture. However, company size is a big influence. Some standard practices are:

• Small organizatons - up to 150 staff - 3-6 months
• Medium organizations - up to 1000 staff - 8-12 months
• Large organizations - more than 1000 staff - 12-18 months

Have a look at our video below for more information on how long it takes to implement ISO 45001.

---

What is ISO 27001?

ISO IEC 27001:2013 is an internationally recognized Information Security Management System (ISMS) standard. ISO 27001 is the framework for the requirements to manage your organization's information security risks. ISO IEC 27001:2013 Information Security Management standard, when implemented, is a strategic activity that preserves the confidentiality, integrity and availability of information by applying risk management processes to adequately manage threats. It is the most recognized information security standard in the world. It is applicable to organizations of all sizes and industries, regardless of the products and services it offers. We are JAS-ANZ accredited to provide certification to this standard. Find out more on what ISO 27001 is with our Trade Secrets here.

How to create an ISO 27001 system?

Your system has to meet the minimum requirements before you can be certified. Here, we outline the steps to creating your management system for certification. 1. Understand the intent of ISO 27001. Read through the standard and familiarise yourself with the terminology. 2. Understand the requirements set out in ISO 27001. Develop your management system according to the standard. For more information on this, have a look at our Trade Secrets. 3. Perform a gap analysis to identify how ready you are to become certified. This will highlight any areas that need further development. Have a look at our ISO 27001 PDF Gap Analysis Checklist here. 4. Undergo the process of Certification. We will need to evaluate your organization to ensure you are compliant to ISO 9001:2015 with a Best Practice Assessment. Find more information on the process here.

What is the latest version of ISO 27001?

ISO IEC 27001:2013 is the latest version of ISO 27001, replacing ISO/IEC 27001:2005. The standard was updated in 2013 to meet the requirements of today's rapidly growing information security risks. It provides a framework to preserve the confidentiality, integrity and availability of information by applying risk management processes. It is an emerging standard, as information risks and threats become more prevalent.

What does it mean to be ISO 27001 certified?

When you are certified to ISO 27001, you are able to show interested parties, stakeholders and customers that you have met the requirements set out in the ISO/IEC 27001:2013 standard. ISO 27001 gives confidence that your organization adequately manages risks, and that your information retains its integrity, and is confidential.

How to get certified to ISO 27001?

The certification process has four steps. 1. Gap Analysis (optional): The process begins with an optional gap analysis to evaluate your management system against each clause of ISO IEC 27001:2013. 2. Stage One: The mandatory first step is a desktop assessment to evaluate your management system documentation, including policies, processes, management review records, scope and context as well as system implementation. It sets the foundation for the stage two assessment. 3. Stage Two: The stage two assessment is the final step of the initial certification process. To achieve certification against your systems, we need to verify that the documented requirements of the standard are implemented across the business. We visit your offices and premises as well as partake in discussions with relevant people in your business. 4. Certification: Once your stage two assessment is verified and the process is complete, a 'Statement of Certification' is issued, confirming compliance with the relevant standard.​ This certification is valid for a three-year period from the date of issue. Surveillance assessments will need to be performed on a regular basis to maintain your certification. Contact Us with any questions you may have, or to find out more about the certification process.

Why is ISO 27001 required?

ISO 27001 is required to show customers, suppliers and stakeholders that you are able to keep information and data safe and secure. To become certified to ISO 27001, companies need to undergo evaluation against the standard, and need to have ongoing surveillance audits to ensure ongoing compliance. ISO 27001 evaluates how well a company can manage its information security risks.

What are the benefits of being ISO 27001 certified?

The main benefit of the ISO 27001 Information Security Management System is that your organisation is asked to look for areas of improvement in terms of its data protection. In the modern context, organisations are hosting vast amounts of data, and they have an obligation to keep it secure; ISO 27001 is one of the most effective ways of meeting this obligation.
Benefits include:

• Improved customer confidence
• Increased reliability and security of systems and information
• Alignment with customer requirements
• Improved processes and strategies

What is ISO 27001 Australia?

ISO/IEC 27001:2013 is the most internationally recognized Information Security Management System (ISMS). It is an international standard, and is the same standard as ISO/IEC AS/NZS 27001:2015. The difference is only the time at which the standard was released in Australia, compared to the rest of the world. ISO 27001 belongs to the ISO 27000 'family' of standards for quality, known as the 'ISMS Family of Standards'. Information Security Management Standards provide the frameworks to ensure the confidentiality, integrity and availability of the organization's information.

How can I transfer my existing ISO 27001 certification?

You can transfer your ISO 27001 certification to Best Practice seamlessly. We will continue your current certification schedule, contact us for an obligation free quote. Why Best Practice?

• We work to understand your business
  We provide meaningful observations. It's more than just compliance or non-conformance for us.
• We provide you with support services
  We help grow and continually improve your business with training, webinars, YouTube videos and our industry magazine, Certified.
• We have no hidden fees
  Our rates are all inclusive and transparent. We don't have any hidden reporting, travel or preparation fees.

How long does ISO 27001 certification last for?

Once you are ISO 27001 certified, your certification expires three years after your certification has been approved. For ISO 27001 certification you will need regular audits to maintain your certification and keep it valid, known as surveillance audits. This is only applicable to IAF (International Accreditation Forum) certifications.

What is ISO 45001?

ISO 45001 is the first internationally released ISO standard for Occupational Health & Safety systems. It is a relatively new standard, released in March 2018. ISO 45001:2018 outlines the requirements for your organization to develop efficient safety systems. It shows interested parties and stakeholders your organization is committed to the safety of workers and providing a safe work environment. It is an important sign of your business' capability to reduce costs through preventing workplace injury and illness. AS 4801 is the most widely recognized OH&S standard in Australia. It is applicable to organisations of all sizes, industries or products and services it offers. Find out more on what AS/NZS 4801 is with our Trade Secrets here.

How to create an ISO 45001 system?

Your system has to meet the minimum requirements before you can be certified. Here, we outline the steps to creating your quality management system for certification. 1. Understand the intent of ISO 45001. Read through the standard and familiarise yourself with the terminology. 2. Understand the requirements set out in ISO 45001. Develop your management system according to the standard. For more information on this, have a look at our Trade Secrets. 3. Perform a gap analysis to identify how ready you are to become certified. This will highlight any areas that need further development. Have a look at our ISO 45001 PDF Gap Analysis Checklist here. 4. Undergo the process of Certification. We will need to evaluate your organization to ensure you are compliant to ISO 45001 with a Best Practice Assessment. Find more information on the process here.

What is the latest version of ISO 45001?

ISO 45001 is the new internationally recognized Occupational Health & Safety standard. ISO 45001 is newly released and will replace AS/NZS 4801 and OHSAS 18001, as these standards will be withdrawn over the next three years. ISO 45001 outlines the requirements of an OH&S management system to ensure worker safety and provide a safe work environment. They are influential indicators that an organization has measures in place to reduce workplace injury and illness.

What does it mean to be ISO 45001 certified?

When you are certified to ISO 45001, you are able to get external certification of your system. This helps show interested parties, stakeholders and customers that you have met the requirements set out in ISO 45001:2018, and that you have systems in place to mitigate risks and build confidence. ISO 45001 shows you are actively working to reduce risks that exist in the workplace, and therefore reduce workplace related injury and illness. This can provide significant cost savings as you can reduce employee sick leave, compensation and insurance.

What are the requirements of ISO 45001?

ISO 45001:2018 is the standard that outlines the OH&S requirements that need to be met to become certified. These requirements are broken down into clauses that provide the framework for your management system. The clauses are Context of the Organization (clause 4), Leadership (clause 5), Planning (clause 6), Support (clause 7), Operation (clause 8), Performance Evaluation (clause 9) and Improvement (clause 10). ISO 45001:2018 follows the new structure of ISO standards, Annex SL. The requirements of ISO 45001 are to identify the risks and have a business plan for occupational health and safety. Have a look at the video below to find out more.

How to get certified to ISO 45001?

1. Gap Analysis (optional): The process begins with an optional gap analysis to evaluate your OH&S system against each clause of ISO 45001. 2. Stage One: The mandatory first step is an assessment of your management system documentation to evaluate it against the standard, including policies, processes, management review records, scope and context. It sets the basis for Stage Two. 3. Stage Two: The stage two assessment is the final step of the initial certification process. To achieve certification, we need to check that the documented requirements of the standard are implemented across the business. We visit your offices and sites, as well discuss your system with relevant people in your business. 4. Certification: Once your stage two assessment is verified and the process is complete, a 'Statement of Certification' is issued, confirming compliance with the relevant standard.​ This certification is valid for a three-year period from the date of issue. Surveillance assessments will need to be performed on a regular basis to maintain your certification. Contact Us with any questions you may have, or to find out more about the certification process.

Why is ISO 45001 required?

ISO 45001 is required to show customers, suppliers and stakeholders that you have idenitified, mitigated and controlled safety risks, and you are committed to providing a safe workplace. To become certified to ISO 45001, companies need to undergo evaluation against the standard, and need to have ongoing surveillance audits to ensure ongoing compliance. Find out more about the certification process here.

What is ISO 45001 training?

ISO 45001 training can be used to understand the underlying meaning of the standard, so you can develop a safety management system that can then be audited and assessed against ISO 45001. For more information on AS/NZS 4801 training, visit our Training Academy here.

What are the benefits of being ISO 45001 certified?

Being certified to ISO 45001 shows your customers that you have been externally verified as having a system that meets the minimum requirements of ISO 45001. It allows your stakeholders to trust your organization and its ability to manage occupational health and safety, and reduce OH&S risks, and therefore reduce workplace related injury or illness. ISO 45001 provides numerous benefits and opportunities, including:

• Tender for work - Declare conformance with the standard and tender for work, including government contracts​ and large corp orate jobs.
• Provide evidence for stakeholders - Enhance your reputation by providing formal recognition of your management processes to customers and interested stakeholders.
• Legal compliance - Provide evidence your organisation meets regulatory requirements, as AS/NZS 4801 instructs that your organisation must meet legal obligations.
• Reduce workplace related injury or illness - By managing OH&S hazards and risks you can reduce workplace related injuries and illnesses, creating cost savings in worker sick leave and sometimes insurance premiums.
• Create evidence of due diligence if an incident occurs - Minimise the risk of legal action from worker's compensation, liability​ claims and provide evidence should an incident occur.
• Create your marketing advantage - Create a competitive advantage and marketing opportunity as certification can be a key differentiator in today's challenging marketplace.

---

How can I transfer my existing ISO 45001 certification?

You can transfer your current ISO 45001 certification to Best Practice seamlessly. We will continue your current certification schedule, contact us for an obligation free quote. Why Best Practice?

• We work to understand your business
  We provide meaningful observations. It's more than just compliance or non-conformance for us.
• We provide you with support services
  We help grow and continually improve your business with training, webinars, YouTube videos and our industry magazine, Certified.
• We have no hidden fees
  Our rates are all inclusive and transparent. We don't have any hidden reporting, travel or preparation fees.

How long does it take to implement ISO 45001?

The durations for implementing ISO 45001 will vary from company to company based on the variability of the appetite for change, the level of buy-in and the positive culture. However, company size is a big influence. Some standard practices are:

• Small organizatons - up to 150 staff - 3-6 months
• Medium organizations - up to 1000 staff - 8-12 months
• Large organizations - more than 1000 staff - 12-18 months

Have a look at our video below for more information on how long it takes to implement ISO 45001.

---

What is ISO 27001?

ISO IEC 27001:2013 is an internationally recognized Information Security Management System (ISMS) standard. ISO 27001 is the framework for the requirements to manage your organization's information security risks. ISO IEC 27001:2013 Information Security Management standard, when implemented, is a strategic activity that preserves the confidentiality, integrity and availability of information by applying risk management processes to adequately manage threats. It is the most recognized information security standard in the world. It is applicable to organizations of all sizes and industries, regardless of the products and services it offers. We are JAS-ANZ accredited to provide certification to this standard. Find out more on what ISO 27001 is with our Trade Secrets here.

How to create an ISO 27001 system?

Your system has to meet the minimum requirements before you can be certified. Here, we outline the steps to creating your management system for certification. 1. Understand the intent of ISO 27001. Read through the standard and familiarise yourself with the terminology. 2. Understand the requirements set out in ISO 27001. Develop your management system according to the standard. For more information on this, have a look at our Trade Secrets. 3. Perform a gap analysis to identify how ready you are to become certified. This will highlight any areas that need further development. Have a look at our ISO 27001 PDF Gap Analysis Checklist here. 4. Undergo the process of Certification. We will need to evaluate your organization to ensure you are compliant to ISO 9001:2015 with a Best Practice Assessment. Find more information on the process here.

What is the latest version of ISO 27001?

ISO IEC 27001:2013 is the latest version of ISO 27001, replacing ISO/IEC 27001:2005. The standard was updated in 2013 to meet the requirements of today's rapidly growing information security risks. It provides a framework to preserve the confidentiality, integrity and availability of information by applying risk management processes. It is an emerging standard, as information risks and threats become more prevalent.

What does it mean to be ISO 27001 certified?

When you are certified to ISO 27001, you are able to show interested parties, stakeholders and customers that you have met the requirements set out in the ISO/IEC 27001:2013 standard. ISO 27001 gives confidence that your organization adequately manages risks, and that your information retains its integrity, and is confidential.

How to get certified to ISO 27001?

The certification process has four steps. 1. Gap Analysis (optional): The process begins with an optional gap analysis to evaluate your management system against each clause of ISO IEC 27001:2013. 2. Stage One: The mandatory first step is a desktop assessment to evaluate your management system documentation, including policies, processes, management review records, scope and context as well as system implementation. It sets the foundation for the stage two assessment. 3. Stage Two: The stage two assessment is the final step of the initial certification process. To achieve certification against your systems, we need to verify that the documented requirements of the standard are implemented across the business. We visit your offices and premises as well as partake in discussions with relevant people in your business. 4. Certification: Once your stage two assessment is verified and the process is complete, a 'Statement of Certification' is issued, confirming compliance with the relevant standard.​ This certification is valid for a three-year period from the date of issue. Surveillance assessments will need to be performed on a regular basis to maintain your certification. Contact Us with any questions you may have, or to find out more about the certification process.

Why is ISO 27001 required?

ISO 27001 is required to show customers, suppliers and stakeholders that you are able to keep information and data safe and secure. To become certified to ISO 27001, companies need to undergo evaluation against the standard, and need to have ongoing surveillance audits to ensure ongoing compliance. ISO 27001 evaluates how well a company can manage its information security risks.

What are the benefits of being ISO 27001 certified?

The main benefit of the ISO 27001 Information Security Management System is that your organisation is asked to look for areas of improvement in terms of its data protection. In the modern context, organisations are hosting vast amounts of data, and they have an obligation to keep it secure; ISO 27001 is one of the most effective ways of meeting this obligation.
Benefits include:

• Improved customer confidence
• Increased reliability and security of systems and information
• Alignment with customer requirements
• Improved processes and strategies

What is ISO 27001 Australia?

ISO/IEC 27001:2013 is the most internationally recognized Information Security Management System (ISMS). It is an international standard, and is the same standard as ISO/IEC AS/NZS 27001:2015. The difference is only the time at which the standard was released in Australia, compared to the rest of the world. ISO 27001 belongs to the ISO 27000 'family' of standards for quality, known as the 'ISMS Family of Standards'. Information Security Management Standards provide the frameworks to ensure the confidentiality, integrity and availability of the organization's information.

How can I transfer my existing ISO 27001 certification?

You can transfer your ISO 27001 certification to Best Practice seamlessly. We will continue your current certification schedule, contact us for an obligation free quote. Why Best Practice?

• We work to understand your business
  We provide meaningful observations. It's more than just compliance or non-conformance for us.
• We provide you with support services
  We help grow and continually improve your business with training, webinars, YouTube videos and our industry magazine, Certified.
• We have no hidden fees
  Our rates are all inclusive and transparent. We don't have any hidden reporting, travel or preparation fees.

How long does ISO 27001 certification last for?

Once you are ISO 27001 certified, your certification expires three years after your certification has been approved. For ISO 27001 certification you will need regular audits to maintain your certification and keep it valid, known as surveillance audits. This is only applicable to IAF (International Accreditation Forum) certifications.