PDCA Cycle & OHSAS 18001

  • OHSAS 18001

Whilst OHSAS 18001 is not an official ISO standard (yet!), it does share many similarities with ISO’s suite of management standards, particularly ISO 14001 in terms of structure. As with ISO standards, OHSAS is a generic management standard, and as such is applicable to any organisation, regardless of type or size.

Having OHSAS 18001 in place means an organisation can ensure it complies with any local or national regulations relating to health and safety, thereby avoiding potential fines and prosecutions. The standard also provides the framework to help identify, control and improve health and safety at work so risks are as low as reasonably practicable. This shows your employees that you’re committed to keeping them safe, and OHSAS can help reduce absenteeism too.

Naturally then, certification to OHSAS 18001 has become popular in the same way as ISO standards because it is an effective way of buying authorities ensuring suppliers have the right health and safety credentials.

OHSAS’ certification process adopts the ‘Plan-Do-Check-Act’ (PDCA) principle and involves an initial Stage 1 audit to establish what an organisation has or hasn’t got in place already, followed by the formal Stage 2 audit in order to ensure compliance, and therefore certification. Below is an overview of the PDCA cycle with an explanation of how it is translated to the OHSAS 18001 standard.

The Plan-Do-Check-Act (PDCA) cycle

The PDCA cycle is not just applicable to OHSAS 18001, but is also suggested by the Health and Safety Executive. It is something you may need to go round more than once if you are first starting out in implementing a health and safety management system, delivering a new process/service, or implementing a change.


Top level management commitment is a requirement of the OHSAS 18001 standard for good reason; without it, implementation won’t be as successful and neither will the results. However, don’t overlook the importance of engaging the entire workforce. Whether it is reducing the chances of accidents in the workplace, the fact certification will help the company become more competitive in tenders, or will be a fresh challenge to get their teeth into, consider what would motivate your colleagues.

Consider where you are now compared to where you need to be, based on legal requirements and benchmarking. You will then need to decide what action will need to be taken to reach the point.

The entire planning process should be documented, with clarity on who will be responsible for what, how success will be measured and the expected timescales.

To compliment OHSAS 18001, there is the OHSAS 18002 standard which provides generic assistance for establishing, implementing or improving an occupational health and safety management system. There are also numerous guides and handbooks available.


Now is the time to assess the risks, identifying what could cause harm, who to and how. This is then followed by what you will do to manage the risks.
Ultimately, you must decide what the priorities are and identify the biggest risks. It’s worth noting that the standard is pragmatic – it uses the words ‘reasonably practicable,’ meaning action is not expected if it would be grossly disproportioned in terms of cost, time or trouble.

Simply walking around the workplace with a pen and clipboard isn’t an effective way of achieving engagement from colleagues. You should look to involve workers, communicate why you’re implementing OHSAS and openly discuss issues, inviting feedback with an aim to develop positive attitudes.
Especially within bigger companies, colleagues can help bring to light less obvious issues and easy ways of rectifying them. This could involve ensuring people have the right tools to do the job, keeping machines well maintained or holding refresher training to ensure people remain competent.


Plans are all very well, but it’s important that these plans are then implemented. How are you doing against your aims? Are those new ideas working? An internal audit is therefore necessary to ensure things are going well.

If accidents or ‘near misses’ are still happening, it’s important to find out why these were missed at the Plan and Do stages and – of course – a resolution needs to be found.


By now, you should know if your system is effective in managing risk and protecting staff. Learn from accidents and incidents, ill-health data, errors and relevant experience, including from other organisations similar to your own.

If you do find any issues, the next step is to take action – the reaction somewhat shows how effective engagement has been, as it’s likely you will need a response from management and colleagues alike. Plans, policy documents and risk assessments may need updating accordingly.

When it comes to achieving certification, internal audits are an ongoing requirement of the standard. It’s therefore wise to go over the more problematic issues more regularly to both reduce risk and ensure your annual audit by your chosen Certification Body goes well.

Next Steps

There are numerous guides and handbooks available to assist in the implementation of OHSAS 18001. As a Certification Body, we can provide generic templates to help you get started, together with unlimited access to a dedicated auditor to help demystify the process.

If you would like to discuss achieving certification to this internationally recognised occupational health and safety standard, call our award winning team free on 0800 404 7007 or use our online contact form.

UPDATE: It has been confirmed that a new standard called ISO 45001 is under development. It will supersede OHSAS 18001, but will not be published until late 2016. There will be a transition period for those organisations with OHSAS 18001 already in place.

profile image of Lee Styles
Written by Lee Styles

HSMS Scheme Manager - Company expert for 'Occupational Health and Safety' Standards; OHSAS 18001 and ISO 45001. Additional assessment expertise for the following standards; ISO 9001, ISO 14001 and ISO 27001.