ISO:9001 is an international standard for health and safety at work developed by national and international standards committees independent of government.

Implementing ISO:9001 may help your organisation demonstrate compliance with health and safety law. But, in some respects, it goes beyond what the law requires, so consider carefully whether to adopt it.

If your organisation already has a developed health and safety management structure, or you’re familiar with other management standards, it may be straightforward for you to adopt ISO:9001. However, if your organisation is small, with less formal management processes, you may find it difficult to:

  • interpret what the standard asks for
  • gauge what proportionate implementation looks like

It is important to carefully consider:

  • the practical implementation of the standard, including audit and certification
  • whether it can be easily tailored to work effectively for for the size and complexity of your organisation in a way that’s in proportion to the risks you must control

Contracting bodies and customers should therefore ask themselves whether the supplier really needs certification to 45001, or whether they can demonstrate competence in managing health and safety using other means.

HSE inspectors will continue to rely on a wide range of evidence and observations when assessing an organisation’s compliance with health and safety law, not just whether they claim to meet the ISO 45001 standard or not.

Your organisation can apply the standard to your activities (in full, or in part) to help provide evidence of good health and safety management, and improvements made, without getting certification. However, you can only claim to conform to the standard if it’s implemented fully.


To implement ISO 45001 in a proportionate way, auditors or certifiers should understand that it needs to be:

  • tailored to an organisation’s size and level of complexity
  • in proportion to the risks

You should ensure that any auditor or certifier you use has evidence that they’re competent to a recognised standard, such as ISO 19011:2011 or the relevant parts of the ISO 17021:2011 series.

The certification body should be accredited by either the United Kingdom Accreditation Service (UKAS) for ISO 45001 or an equivalent body

Product standards

The advice on this page relates solely to the health and safety management systems standard ISO 45001.

HSE continues to recognise the valuable role that product standards can play in:

  • delivering consumer and worker protection
  • providing a level playing field for businesses
  • enabling trade with other countries

Help with ISO:9001 from outside your organisation

You can get external advice to help comply with the standard but your organisation will remain legally responsible for the day-to-day control of risk.

If you choose to use a third party (including auditors and certifiers) ask them for proof that they have experience of implementing the standard proportionately across a range of business sizes, types and sectors.

You can get help in finding a consultant with experience of your work by using the Occupational Safety and Health Consultants Register.