Understanding Interested Parties in ISO 45001: A Step-by-Step Approach 

Interested Parties

Interested parties refer to individuals, organisations, or stakeholders who can influence, be influenced by, or perceive themselves as affected by the decisions or actions of an organisation. These parties encompass a wide range, such as customers, local community groups, suppliers, third-party service providers, regulatory bodies, investors, employees, workers, and occupational or workplace health and safety representatives.

Understanding Interested Parties in ISO 45001 Clause 4.2 

ISO 55001 defines a stakeholder as a “Person or organisation that can affect, be affected by, or perceive itself to be affected by a decision or activity.” Other management system standards such as ISO 9001, ISO 14001, and ISO 45001 use the term ‘interested party,’ which is interchangeable with ‘stakeholder.’ Across these standards, understanding stakeholder/interested party needs and expectations is a common requirement (Clause 4.2).

This understanding is crucial for two reasons:

1) To start with, at a strategic level, external stakeholders’ needs and expectations are integral to an organization’s strategic planning. These needs shape the objectives and strategies adopted by the organisation. Meeting stakeholder needs is central to an organisation’s purpose, making it essential for the Asset Management System to support these efforts.

2) Furthermore, stakeholders’ needs and expectations play a tactical role in asset management decisions. As stakeholders can be affected by an organisation’s decisions and activities, failing to comprehend and manage their needs poses risks to delivering the required value.

Non-compliance with mandatory regulatory or statutory requirements can jeopardise an organisation’s legal and moral standing. Robust Environmental, Social, and Governance (ESG) practices, which go beyond legal obligations to meet moral and ethical expectations, are gaining significance.

Recent incidents, like Rio Tinto Iron Ore’s Juukan Gorge caves case, exemplify how stakeholders can influence an organisation’s reputation and industry operations.

When asked about their stakeholders, individuals often respond with broad categories like ‘customers’ or ‘State Government.’ However, within these categories, there are often sub-groups with unique needs and expectations. For instance, an organisation may need to comply with various regulations from different government departments. These stakeholders may be broadly mentioned in documents, but it’s crucial to specify their needs in detail.

Contracts with suppliers or contractors can also create specific needs and expectations. To ensure compliance, identifying key stakeholders is vital. Sometimes, contracts contain missing or unclear requirements, or both parties may not fully comply.

The process starts with brainstorming, but success lies in identifying stakeholders in detail, especially regarding regulatory or contractual needs.

The organisation should dedicate time to identify the interested parties and gain a comprehensive understanding of their needs and expectations.

Categorisation of ISO 45001 Stakeholders

We have encompassed below both internal and external parties, categorised by various factors to help organisations:

1) By Dependency:

• Customers
• Clients
• Suppliers (utilities/materials)
• Providers (contractors, subcontractors, agency staff, etc.)
• Employees (all levels)

2) By Responsibility:

• Owners
• Shareholders
• Investors
• Banks
• Insurers
• Landlord/Landowner

3) By Proximity:

• Neighbouring communities
• Neighbouring businesses
• General Public

4) By Authority:

• Legislative requirements
• Local/Public Authorities
• Governments
• Regulatory Bodies
• Statutory Agencies

5) By Influence:

• Non-governmental organisations
• Think tanks
• Community/pressure groups
• Media (Social, Newspaper, TV, Radio, etc.)
• Shareholder groups

6) By Representation:

• Industry membership associations
• Standard organisations

Steps to Conduct

Step 1

After identifying the relevant interested parties for a Workplace Health and Safety Management System (WH), it’s advisable to maintain a register.

Those individuals, businesses, or stakeholders who consider themselves affected by an organisation’s decisions or activities, should communicate this perception to the respective organisation before being formally recorded as an interested party.

Step 2

Precisely it is essential to articulate the needs and expectations of interested parties.

Collaborate with senior management to pinpoint those specific needs and expectations that an organisation is ready to commit to fulfilling. Incorporate these commitments into the ‘legal and other requirements.’ Document these identified needs and expectations within the register as part of an organisation’s legal and other requirements.

Step 3

Establish a regular schedule for reviewing the information contained in your register to maintain its relevance.

Additionally, be prepared for unscheduled reviews that may become necessary in response to internal or external developments impacting your organization and Safety Management System.

Recording Accurate Information in Interested Parties Register

Organisations should record relevant details within their Interested Parties Register.

At a minimum, we recommend including the following information:

1. Name of the interested party.
2. The nature of their interest in your organization.
3. Their specific needs and expectations.
4. Indication of whether the need or expectation is a ‘legal or other requirement.

Scope of Legal and Other Requirements

In accordance with Clause 6.1.3 of ISO 45001, the scope of legal and other requirements encompasses legal, contractual, internal, and voluntary commitments undertaken by the organization. This aligns with the concept of compliance obligations elucidated in ISO 14001, as expounded in a previous blog post.

The category of “legal requirements” encompasses various obligations stemming from legislation, licenses, contracts, guidelines, and standards stipulated in legislation. It also includes mandates issued by regulatory bodies and terms established in collective bargaining agreements.

On the other hand, “other requirements” encompass obligations arising from the organization’s internal corporate mandates, non-mandatory standards, and codes of practice, as well as the needs and expectations of interested parties, which the organisation has pledged to address.

To fulfil the requirements of Clause 6.1.3, it is imperative to maintain and retain documented information pertaining to both legal requirements and other requirements. It is advisable to establish a process whereby the needs and expectations categorized as “other requirements” are distinctly identified as such within an organisation’s Interested Parties Register.

Evaluating Information in the Interested Parties Register

Maintaining an updated Interested Parties Register is of paramount importance, given its integral role in various facets of the Safety Management System. Notably, evolving stakeholder requirements may shed light on novel interested parties or exert an influence on the needs and expectations of existing ones.

It is imperative to recognize that alterations to your Safety Management System, which may hold significance for or pique the interest of your interested parties, can encompass the broadening of the system’s scope or the incorporation of fresh organizational objectives and targets.

To ensure the register’s relevance and accuracy, it is advisable to institute a periodic review schedule. Industry best practices typically advocate a review cycle of every twelve months as a sound guideline.

Other Requirements Related to Interested Parties

While ISO 45001’s Clause 4.2 is dedicated to comprehending the requisites of workers and other interested parties, it’s essential to note that several other clauses within the Standard necessitate the contemplation of interested parties and their associated needs and expectations.

Clause 4.3 (Scope of the Environmental Management System)

Analysing the needs and expectations of pertinent interested parties can contribute significantly to the refinement of the scope of an organisation’s Safety Management System.

Clause 5.2 (OH&S policy)

Compliance with the ISO 45001 standard necessitates the dissemination of your OH&S policy throughout an organisation and its accessibility to relevant interested parties. If performance data originating from contractors, suppliers, services, or other stakeholders significantly influences an organisation’s management system’s performance and intended results, it may be advisable to collaboratively formulate the OH&S policy with their input.

Clause 5.4 (Consultation and Workers Participation) and 6.1.2 (Risks and Opportunities)

Hazard identification and risk control represent the cornerstone of ISO 45001. Organisations are obligated to recognise and manage workplace hazards with the capacity to inflict physical or psychological harm, as well as illnesses or fatalities, upon workers, employees, visitors, contractors, and the general public.

To carry out this process effectively, organizations are encouraged to engage with relevant interested parties.

Clause 6.1.3. (Legal and Other Requirements)

Ensure that references to the needs and expectations of interested parties, that an organisation has decided to incorporate as “other requirements,” are included in your register of legal and other requirements.

Clause 8.1.4 (Procurement)

When an organisation engages contractors or suppliers, it’s essential to assess any potential impacts on the needs and expectations of relevant interested parties.

Clause 9.3 (Management Review)

As part of the assessment of the ongoing suitability and effectiveness of the Safety Management System during Management Review Meetings, ensure that any significant issues related to the needs and expectations of relevant interested parties are incorporated.

Benefits of Knowing Stakeholders

Once you’ve identified and comprehended your stakeholders along with their unique needs and expectations, you gain the ability to make informed decisions, take effective actions, and establish objectives related to several critical aspects:

1) Asset Specifications: You can determine the types of assets required, their optimal locations, and the most suitable ownership models for these assets.

2) Asset Quantity: Understanding stakeholder demands enables you to ascertain the necessary quantity of each asset type, preventing overinvestment or underinvestment.

3) Internal Processes: You can establish and maintain internal processes and procedures within your organisation and in ISO integration. These processes are designed to fulfil stakeholder needs and expectations, including defining communication methods and frequency.

4) Roles and Responsibilities: Clear roles and responsibilities can be defined concerning meeting stakeholder needs and expectations. This ensures accountability and a well-organized approach.

Thus, a thorough understanding of your stakeholders empowers you to make strategic decisions, optimise asset management, streamline internal processes, and establish accountable roles for meeting stakeholder requirements effectively.

Anitech’s expert consultants can further assist organisations in identifying stakeholders with ISO 45001 as well as help them with strategising, implementing and auditing their management systems. We also assist with ISO 45001 Certification via third party auditors and provide continuous Compliance.