The publication of ISO 45001 in March 2018 marked a significant evolution in the landscape of occupational health and safety (OHS) management systems. It progressively replaces the OHSAS 18001 standard, which did not have ISO standard status and whose international coverage remained uneven. The transition period, extending until September 2021, saw the migration of virtually all certified organisations to the new standard.

ISO 45001 shares the Annex SL architecture common to all ISO management standards since 2015, which facilitates its integration with ISO 9001 (quality) and ISO 14001 (environment). For an infrastructure company wishing to structure an integrated HSEQ management system (health-safety-environment-quality), this architectural commonality is a major asset.

In terms of DFI requirements, ISO 45001 maintains a complementary relationship with IFC Performance Standard 2 on labour and working conditions. Neither is directly equivalent to the other, but their combination produces a coherent framework for infrastructure projects under international financing.

This article presents the architecture of the standard, the specificities of the construction site as a management environment, the relationship with IFC PS2 and equivalent frameworks, the opportunity of certification for construction companies, and pitfalls to avoid in implementation.

The architecture of the standard

ISO 45001 is organised according to the ten chapters of Annex SL, adapted to the specificities of occupational health and safety.

Chapters 1 to 3 set out the scope, normative references and definitions. These chapters are not certified as such but condition the reading of the rest.

Chapter 4 addresses the context of the organisation, relevant interested parties in relation to OHS, and the definition of the system's scope. The latter is particularly important: for a construction company operating on multiple sites, the scope may cover the entire organisation or be limited to certain activities, with implications for the scope of certification.

Chapter 5 requires leadership from top management, the OHS policy, and the involvement of workers and their representatives. This worker involvement, codified by ISO 45001 more strongly than by OHSAS 18001, is one of the major evolutions of the standard.

Chapter 6 covers planning: hazard identification, assessment of OHS risks, identification of opportunities for improvement, identification of compliance obligations, establishment of measurable OHS objectives.

Chapter 7 addresses support: resources, competence, awareness, communication, documented information.

Chapter 8 concerns operations: operational control, planning and control of outsourced processes, emergency preparedness and response.

Chapter 9 covers performance evaluation: monitoring and measurement, evaluation of compliance with legal requirements, internal audits, management review.

Chapter 10 focuses on continual improvement, including the management of incidents, non-conformities and corrective actions.

Hazard identification and risk assessment

Among the requirements of ISO 45001, the systematic identification of hazards and the assessment of associated risks (Chapter 6.1.2) is the element that most structures the depth of the system.

For a construction company, this identification must cover several exposure regimes.

Routine activities: standard site operations (work at height, manual handling, construction equipment, electricity, works near traffic), and their associated hazards.

Non-routine activities: one-off operations, maintenance, interventions in confined spaces, exceptional situations.

Emergency situations: fire, serious accident, natural disaster, spillage.

Organisational factors: work organisation, time pressure, deficient communication, fatigue, stress, interactions between teams.

Risk assessment is conducted according to a documented method, generally combining potential severity and likelihood of occurrence. Risks judged significant are subject to mitigation measures integrated into the system.

The standard also requires taking into account opportunities for improvement: equipment changes, technological developments, lessons learnt from other sites, suggestions from workers. This dimension, new compared to OHSAS 18001, drives a proactive rather than purely reactive approach.

Worker participation

ISO 45001 places strong emphasis on the participation of workers and their representatives in the management system. Chapter 5.4 formalises this requirement with several dimensions.

Consultation of workers on hazard identification and risk assessment. The people who perform the tasks are often best placed to identify hazards that escape theoretical analyses.

Participation in accident investigations and the implementation of corrective actions.

Access to information on system results: performance indicators, trends, incidents, corrective actions undertaken.

Representation in system steering bodies, where they exist (OHS committees).

This requirement does not stem from managerial goodwill, it is contractual in an ISO 45001 certification. An auditor systematically verifies the effectiveness of this participation, not merely its staging.

Specificities of the infrastructure construction site

The infrastructure construction site presents several characteristics that affect the application of ISO 45001.

The plurality of employers on a single site. Several organisations (project owner, project manager, main contractor, subcontractors of different tiers) coexist on the site, with their own systems and their own workers. The standard requires each organisation to cover its own workers and to articulate its system with those of other actors.

Short temporality. A construction site generally lasts from a few months to a few years, then moves. This limited duration complicates the establishment of a lasting safety culture, but it does not exempt from system requirements.

The presence of strong specific risks. Work at height, heavy equipment, electricity, hazardous materials, variable climatic conditions, presence of external stakeholders (local residents, users of adjacent roads), constitute a particularly dangerous environment.

Staff turnover. Workers succeed one another throughout the phases, with varying levels of training and experience. The induction of newcomers, rapid levelling-up, maintaining safety discipline in a context of permanent change, are constant operational challenges.

For an infrastructure operator wishing to apply ISO 45001, these specificities require adaptations: common policy that can be rolled out site by site, standard procedures applicable regardless of location, cross-audits between sites, systematic capitalisation of lessons learnt.

The relationship with IFC PS2

ISO 45001 and IFC Performance Standard 2 on labour and working conditions maintain a complementary relationship.

Common ground. Both frameworks require a formal policy, identification of hazards and risks, operational control procedures, emergency preparedness, performance monitoring, worker involvement. These points cover the essentials of a robust health and safety management system.

Differences. ISO 45001 is focused on the health and safety of workers directly employed by the organisation. PS2 covers a broader field: directly employed workers, workers contracted through an intermediary, and to some extent the primary supply chain. This extension of scope is a specific requirement of PS2 that ISO 45001 does not address as such.

Moreover, PS2 covers aspects that go beyond the strict health and safety field: freedom of association, non-discrimination, prohibition of forced labour and child labour, worker grievance mechanism. These dimensions relate rather to ILO fundamental conventions than to ISO 45001.

In practice, for a project under DFI financing, the application of ISO 45001 to the health and safety component for direct employees, combined with an extension to subcontractors according to PS2 logic, and a separate framework on other social components (freedom of association, non-discrimination, grievance mechanism), produces a complete and compliant system.

Whether to certify ISO 45001 or not

The decision to certify the OHS system through an accredited body depends on several factors.

In the market, ISO 45001 certification is expected in several segments: major public tenders, B2B industrial markets, certain international infrastructure contracts. Its absence can be a disqualifying factor on certain bids.

Operationally, certification provides a structuring framework and external recognition that facilitates dialogue with stakeholders, including internal teams. It also imposes a discipline of regular audit that maintains the quality of the system over time.

In terms of cost, certification mobilises internal resources (preparation, audits, continuous improvement) and external resources (certification bodies). This cost is proportionate to the size of the organisation and the certified scope.

The trajectory observed among major infrastructure operators generally combines certification at corporate headquarters level, progressively extended to significant sites, consistent with the ISO 14001 strategy.

Pitfalls in implementation

Five pitfalls recur in ISO 45001 initiatives within construction companies.

Excessive documentary formalism. Producing dozens of written procedures does not guarantee safety. It can even produce false security if the documents are disconnected from actual operational practice.

Exclusion of subcontractors. Limiting the scope to direct employees only, leaving subcontractors to their own regime, produces a system that works on paper but ignores the majority of workers actually present on site.

Underestimating worker participation. This requirement, central to ISO 45001, is sometimes reduced to formal consultations without real content. A serious auditor rapidly detects this superficiality.

Weak accident investigations. When an accident occurs, the investigation must be conducted methodically (analysis of root causes, not only immediate causes), with involvement of the persons concerned, with production of measurable corrective actions. Botched investigations herald further accidents to come.

Disconnection between OHS and operational decisions. If OHS considerations do not weigh in decisions on scheduling, budget and organisation, the system will not produce its expected effects. The integration of OHS into strategic and operational decision-making processes is the hallmark of a truly mature system.

What DFIs verify on the health and safety component.

  • The existence of a documented system, consistent with ISO 45001 or equivalent.
  • Hazard identification and risk assessment, covering routine, non-routine and emergency activities.
  • Effective extension of the system to subcontractors, according to PS2 logic.
  • Real participation of workers and their representatives.
  • OHS performance indicators (frequency rate, severity rate, significant incidents) and their evolution.
  • The quality of accident investigations and the effectiveness of corrective actions.
  • Worker accommodation conditions in base camps where applicable, compliant with IFC/EBRD guidelines.

ISO 45001 offers the infrastructure sector a solid framework for structuring its health and safety function at international level. Its adoption, combined with the application of IFC PS2 requirements for projects under DFI financing, builds a framework that genuinely protects workers, reduces accident costs and strengthens the company's operational credibility.

As with any management standard, the devil is in the implementation. A certified ISO 45001 system that is poorly experienced produces less safety than a less formal framework that is well anchored in the company's culture. Certification does not replace safety culture, it must structure and support it.

For an infrastructure operator structuring its approach, the investment in ISO 45001 pays off on several fronts: reduction in accidents, improved productivity, access to more demanding markets, strengthened credibility with lenders and clients. The cost-benefit ratio is rarely contested in organisations that have undertaken the process.

iso-45001sante-securitehseohsas-18001infrastructure