What is a health and safety management system and why do you need one?

The importance of health and safety management in the workplace cannot be overlooked. A proactive approach to ensuring the safety of employees, customers and other stakeholders is essential if the risks of accidents are to be avoided. To do this, creating a workplace culture where health and safety are prioritised is crucial. One of the means by which this can be achieved is through a health and safety management system.

What is a health and safety management system?

A health and safety management system (HSMS) is a systematic approach to managing workplace health and safety. It involves developing and implementing policies, procedures, and practices to identify, assess, and control hazards and risks in the workplace.

The purpose of an HSMS is to prevent workplace injuries, illnesses, and fatalities by promoting a culture of safety and by ensuring that all employees are aware of the potential hazards and risks associated with their work activities. It also ensures that appropriate and effective measures are in place to prevent accidents, injuries and illnesses.

An effective HSMS should help businesses reduce workplace accidents and injuries, improve productivity, reduce the costs associated with accidents and injuries, and enhance the organisation’s reputation as a responsible employer.

Do all businesses require a health and safety management system?

The Health and Safety at Work Act 1974 places a legal duty on employers to ensure, so far as is reasonably practicable, the health, safety, and welfare at work of all their employees. This includes providing a safe working environment, carrying out risk assessments, providing training and information to employees, and having a system in place for managing health and safety. A key means of achieving this is a health and safety management system.

The specific requirements for a health and safety management system will depend on the size and nature of the business, but all businesses must have some form of system in place to manage health and safety risks. This may range from a simple checklist or policy statement for smaller businesses to a more comprehensive system involving risk assessments, monitoring, and continuous improvement for larger or higher-risk businesses.

What are the main components of a health and safety management system?

A health and safety management system typically includes several key components such as policy and commitment, planning, implementation, evaluation and review, and auditing and reporting.

  • Policy & Commitment

This will set out the organisation’s commitment to health and safety, as well as the goals and objectives of the system. It provides a clear direction for all employees to follow and sets the tone for the organisation’s approach to health and safety.

It will also include a policy statement that codifies the business commitment to ensuring a culture of health and safety across the organisation. It communicates the organisation’s values and principles and sets out its approach to managing health and safety in the workplace.

It will also set out the objectives of the health and safety management system. These might include reducing the number of workplace accidents, improving employee health and well-being or complying with relevant laws and regulations.

The role and responsibilities of all employees and stakeholders involved in the strategy will be set out. It clarifies who is responsible for implementing the system and ensures that all employees understand their role in promoting a safe and healthy workplace.

The document will detail the resources that will be made available for implementing the health and safety management system and how it will be spent. This might include funding for safety training, safety equipment, and other resources necessary to ensure the safety and well-being of employees.

Finally, it will detail how continuous improvement will be made to the system by regularly reviewing and updating the policy and commitment component. This will include conducting regular reviews of the HSMS, evaluating the effectiveness of the policies and procedures, and making any necessary changes to improve the system.


Planning is a detailed process through which hazards and risks are identified, assessed and prioritised. Strategies can then be developed to reduce and minimise these risks. This will form a key part of the health and safety management system and needs to be as thoroughgoing as possible.

Hazards can include anything that has the potential to cause harm to employees, such as machinery, chemicals, and work processes. A risk assessment can then be made of the likelihood and severity of harm associated with each identified hazard. This allows organisations to prioritise the hazards and determine which ones require the most attention.

Strategies and plans to control the identified hazards and reduce the associated risks can then be developed. This might include implementing safety procedures and protocols, providing safety equipment and training, and establishing emergency response plans.

Safety procedures and protocols to prevent accidents and injuries in the workplace should be developed. This might include procedures for working at heights, procedures for machinery, and protocols for responding to emergencies.

Proper training for the safe and effective use of any equipment that has been supplied should be provided. This might include providing personal protective equipment such as hard hats and safety glasses and providing training on how to use machinery safely.

Finally, an emergency response plan should be developed. This involves developing and implementing plans for responding to emergencies such as fires, natural disasters, and medical emergencies. This ensures that all employees are prepared to respond appropriately in the event of an emergency.


After detailed planning, the next stage is to begin the process of implementing the plans and strategies developed during the planning phase. It is a critical component of the health and safety management system as it ensures that safety measures are being followed and that employees are protected from hazards and risks in the workplace.

Implementation will usually have a number of elements that ensure that the system is efficiently rolled out and effective when it’s in place.

Firstly, effective communication of the plans ensures that employees are aware of the hazards and risks in the workplace and are equipped with the knowledge and skills to prevent accidents and injuries. It involves communicating the safety policies and procedures to all employees and ensuring that they understand the importance of following them.

Necessary training for employees should be provided to help them carry out their work safely.

This might include training on the use of machinery, handling hazardous substances, and emergency response procedures.

The safety policies and procedures will then need to be enforced, ensuring that employees are following them and addressing any non-compliance. This makes employees aware of the consequences of non-compliance and that safety standards are being upheld.

Effective monitoring of identified hazards and risks should also be put in place. The effectiveness of the safety measures should be assessed, and any risks and hazards identified and addressed promptly.

Clear guidelines need to be developed as to how accidents, near misses, and hazards in the workplace are to be reported. This ensures that the organisation is aware of any issues and can take steps to prevent them from occurring in the future.

By communicating, training, enforcing, monitoring, and reporting, organizations can create a culture of safety in which employees are aware of the risks and take steps to prevent accidents and injuries.

Evaluation & Review

Any health and safety management system will need to be continually monitored and evaluated to ensure its ongoing effectiveness. This evaluation process will be embedded into the system and will inform any changes that need to be made to enable continuous improvement. This component is important as it ensures that the HSMS remains relevant and effective in managing health and safety risks in the workplace.

The performance of the HSMS will be monitored and measured. This ensures that it is effective in managing the identified health and safety risks in the workplace. This might include conducting regular inspections, audits, and surveys to assess its ongoing effectiveness and relevance.

Data collected during the monitoring phase will then be analysed and interpreted. This helps organisations to identify any areas where the HSMS is not working effectively and to make improvements where necessary.

Corrective action can then be taken to address any issues identified during the evaluation and review process. This might involve making changes to policies, procedures, or training programs to improve the effectiveness of the health and safety management system.

The HSMS should be continuously improved to ensure that it remains effective in managing the identified risks effectively. This might involve implementing new technology, introducing new training programs, or making other improvements to achieve better results. This continuing evolution of the HSMS will be based on data gathered through the evaluation process, ensuring that the system continues to improve over time.

A management review should also assess the effectiveness of the HSMS at a management level to ensure that it is aligned with the organisation’s strategic objectives. This enables the HSMS to be fully integrated into the overall culture and processes of the organisation, and has continued relevance.

Auditing & Reporting

Health and safety audits form a key part of a health and safety management system. These should assess the system in line with its key aims and objectives, and reports should then be produced that can communicate this to senior management as well as other stakeholders.

Internal and external audits of the HSMS should be conducted and the findings reported to stakeholders. These are designed to ensure that the HSMS is proving effective in managing risks in the workplace while providing assurance to stakeholders that the organisation remains committed to workplace safety.

The audit process will involve a thorough review of the policies, procedures and practices of the HSMS, identifying any areas of non-compliance. It will look for opportunities for improvement and make recommendations to be implemented. While audits may be conducted internally or externally, an independent auditing process helps to build confidence in the measures that the organisation has taken to improve health and safety in the workplace.

The auditing component of auditing and reporting will usually have a number of components. During the planning stage, the scope of the audit will be set out and criteria established. Objectives for the audit will be defined and set out and will guide the process.

Conducting the audit will involve gathering evidence by a variety of methods. This will include observations, interviews, and documentation reviews that assess the effectiveness of the health and safety management system. The findings of the audit will be documented, including any areas where the standards set out in the HSMS are not being met.

The auditing process will be concluded with a follow-up report that verifies the corrective actions that have been taken and the impact they have had.

The reporting component of the auditing and reporting stage will communicate the findings of the audit to a range of different audiences. Internal reporting provides information to internal stakeholders such as senior management, employees and health and safety committees.

External reporting communicates the findings of the audit to bodies and individuals outside of the organisation such as regulatory agencies and suppliers.

Both the internal and external audit reports should be concise, clear and easy to understand. It should highlight both the strengths and weaknesses of the HSMS and outline any improvements planned to be made.

Health & Safety Management Systems and ISO 45001

ISO 45001 provides a framework for developing a Health and Safety Management System in line with international best practices. It provides a structured approach to the creation of the HSMS while ensuring regulatory compliance.

ISO 45001 provides a gold standard that ensures health and safety in your workplace while communicating your commitment to stakeholders and the wider public.

At Candy Management, our highly-experienced team of ISO 45001 consultants can help you achieve ISO in a step-by-step way.

Call us on 0161 470 7929 or send us your enquiry via email at info@candymc.co.uk to find out more.

Alternatively, you can always request a call back at a time and date that’s right for you by filling out our online contact form

Scroll to Top