Build and audit safety management systems, investigate the root causes behind incidents, master process safety, lead cultural transformation, and plan your certification pathway from here to the CSP and beyond.
ISO 45001, ANSI Z10, and VPP — building a systematic framework that integrates safety into every level of the organisation, not just a compliance checklist.
Most organisations have safety programmes — rules, training, PPE requirements. A Safety Management System is fundamentally different: it is a proactive, self-correcting framework driven by data and embedded in organisational decision-making at every level.
Responds to incidents and regulatory requirements. Rules are written after accidents. Compliance-driven. Safety department owns "safety." Success measured by absence of injuries. Varies by supervisor.
Anticipates risk before incidents occur. Driven by hazard identification, risk assessment, and continual improvement. Leadership accountable. Success measured by leading indicators. Systematic and consistent.
ISO 45001:2018 Clause 4.1 requires organisations to understand their "context" — the internal and external factors that affect the organisation's ability to achieve intended OH&S outcomes. This systemic thinking is absent from traditional safety programmes. The standard requires organisations to identify interested parties (Clause 4.2), define the scope of their SMS (Clause 4.3), and integrate safety into the broader strategic direction of the organisation (Clause 5.1).
Understanding the complete clause structure is essential for implementing, auditing, or seeking certification to ISO 45001. Clauses 1–3 are introductory; Clauses 4–10 are requirements.
| Clause | Title | What It Requires | Key New in 2018 |
|---|---|---|---|
| 4 | Context of the Organisation | Understand internal/external issues; identify interested parties and their needs; define SMS scope; establish the OH&S management system. | New — strategic context analysis required |
| 5 | Leadership and Worker Participation | Top management must demonstrate visible leadership; establish OH&S policy; assign roles; consult and involve workers in all key decisions. | Worker participation (Clause 5.4) strengthened |
| 6 | Planning | Identify hazards; assess risks and opportunities; determine compliance obligations; set OH&S objectives with plans to achieve them. | Opportunities (not just risks) must be assessed |
| 7 | Support | Provide adequate resources; ensure competence and awareness; establish internal/external communication; control documented information. | More explicit on competence requirements |
| 8 | Operation | Implement operational controls; manage change (MOC); manage contractors and outsourced processes; emergency preparedness and response; hierarchy of controls applied. | Explicit hierarchy of controls (Clause 8.1.2) |
| 9 | Performance Evaluation | Monitor, measure and analyse performance; evaluate legal compliance; conduct internal audits; management review — all at planned intervals. | Compliance evaluation more explicit |
| 10 | Improvement | Investigate incidents, nonconformities and near misses; apply root cause analysis; take corrective action; continually improve the SMS. | Incident investigation requirements strengthened |
ANSI/AIHA/ASSE Z10.0 is the American national standard for Occupational Health and Safety Management Systems. While ISO 45001 is internationally dominant, Z10.0 is widely used within the US, particularly in industries with strong AIHA ties. It is conceptually aligned with ISO 45001 and OSHA's Recommended Practices.
OSHA Recommended Practices for Safety and Health Programs (2016) — OSHA's non-mandatory guidance describes a 7-element SMS framework: (1) Management Leadership, (2) Worker Participation, (3) Hazard Identification and Assessment, (4) Hazard Prevention and Control, (5) Education and Training, (6) Program Evaluation and Improvement, (7) Communication and Coordination for Host Employers, Contractors, and Staffing Agencies. While not legally required, OSHA compliance officers use this framework to evaluate the overall quality of an employer's safety programme. Ref: OSHA Recommended Practices 2016
OSHA's Voluntary Protection Programs (VPP) recognise employers and workers who have developed and implemented effective safety and health management systems. VPP sites are exempt from programmed OSHA inspections and serve as models for other worksites.
The highest recognition. Requires illness/injury rates below national average for the industry; comprehensive SMS; worker involvement; management commitment. Approximately 2,500 Star sites in the US.
Recognises worksites with good SMS but with some areas needing improvement to reach Star status. Annual progress reviews with OSHA. Path to achieving Star designation.
For groups of employers, employees, and unions working toward VPP-quality safety. More accessible entry point. Common in construction and multi-employer worksites.
VPP sites average 52% fewer total injury and illness cases than industry peers (OSHA data). VPP participation demonstrates to insurers, clients, and regulators that an organisation has an effective, mature SMS.
Investigating incidents to find system failures — not to blame individuals. Every incident is a gift: a window into system weaknesses before the next, potentially fatal, event.
The theory of how incidents occur has evolved significantly. Modern investigation methods reflect a systemic view of causation — incidents are not caused by single acts or conditions, but by failures across multiple barriers.
Incidents occur when a sequence of five "dominoes" fall: social environment → human fault → unsafe act/condition → accident → injury. Removing the middle domino (unsafe act) breaks the chain. Introduced the 1:29:300 ratio — for every major injury, there are 29 minor injuries and 300 near misses.
Each layer of defence (management systems, procedures, training, equipment) has "holes" — latent failures. An incident occurs when holes in multiple layers align, allowing a hazard to reach the worker. The model shifted focus from individuals to systems. Foundation of most modern SMS design.
Visualises both prevention barriers (left side — stopping the top event) and recovery barriers (right side — limiting consequences). Widely used in process safety and aviation to map controls against threats and consequences. Each barrier can be assigned to an owner.
Systems-Theoretic Accident Model and Process / Causal Analysis based on STAMP. Views accidents as control failures in complex sociotechnical systems. Particularly effective for complex system accidents (software, automation, multi-organisation). Used in aerospace and nuclear.
No single RCA method works for every incident. The complexity of the event determines the depth of analysis required. ISO 45001 Clause 10.2 requires RCA for nonconformities and incidents — but the standard does not prescribe the method.
Iteratively ask "Why?" until the root cause is reached — typically 5 levels deep. Best for simpler incidents with a clear causal chain. Risk: can lead to a single-cause conclusion when multiple causes exist, and can stop at a symptom rather than the system cause.
Ref: ISO 45001:2018 Clause 10.2 · Developed by Sakichi Toyoda (Toyota Production System)
Also called the Cause-and-Effect Diagram. Maps potential causes across categories (the "6Ms" in manufacturing: Man, Machine, Method, Material, Measurement, Mother Nature; or "4Ps" in services: Policies, Procedures, People, Plant). Effective for brainstorming sessions with multi-disciplinary teams.
Ref: Kaoru Ishikawa (1968) · ISO 9001 quality management applications · Widely used in Six Sigma (DMAIC Analyse phase)
A top-down deductive analysis using Boolean logic (AND/OR gates) to model the combinations of events that could lead to a specific undesired event. Quantitative FTA assigns probabilities to base events to calculate overall incident probability. Used in post-accident investigation for complex system failures.
Ref: IEC 61025:2006 · OSHA PSM investigations · NASA/DoD investigations
TapRooT® is a commercial RCA system that combines cause mapping with a hierarchical root cause tree addressing human factors (15 categories of root causes). Widely used in process industries, utilities, nuclear, and healthcare. Structured to find generic causes that affect multiple processes — not just the specific incident.
Ref: System Improvements Inc. (TapRooT® User's Manual) · Used at nuclear facilities (NRC requirements) and many Fortune 500 facilities
Based on the International Loss Control Institute (ILCI) Loss Causation Model. Analyses incidents through: Contact (the energy transfer), Immediate Causes (substandard acts and conditions), Basic Causes (personal and job factors), and Lack of Control (management system failures). The SCAT chart guides investigators through each level.
Ref: Frank Bird Jr. — Management Guide to Loss Control (1976) · DNV Loss Causation Model
ISO 45001 Clause 10.2 requires that incidents, near misses, and nonconformities be investigated in a timely manner. The investigation must identify root causes, determine corrective actions, and communicate results. Investigations must not be used to assign blame.
Immediately after the incident, secure the area, administer first aid, and ensure no further harm. Preserve physical evidence — do not move or clean up anything until documented. Photograph from multiple angles. Issue a scene preservation log. Evidence degrades rapidly — this step cannot be delayed. Ref: ISO 45001 §10.2
Notify OSHA within required timeframes (fatality: 8 hours; hospitalisation/amputation/eye loss: 24 hours per 29 CFR 1904.39). Notify management, HR, legal counsel as required. Preserve attorney-client privilege by routing certain communications through counsel. Activate investigation team.
Four categories: physical (equipment, materials, PPE, environmental conditions), documentary (procedures, training records, maintenance logs, permits), photographic/video (scene, equipment, CCTV), and testimonial (witness interviews). Interviews should be individual, non-leading, and conducted as soon as possible while memory is fresh.
Create a factual timeline of events leading to the incident. Identify what happened, when, who was involved, and what the conditions were. Use a causal factor chart or event and causal factor (ECF) analysis. Distinguish facts from assumptions — mark assumptions clearly and verify them.
Apply one or more RCA methods — 5-Why, fishbone, FTA, TapRooT, or SCAT. Identify direct causes (what caused the contact/release), contributing causes (conditions that enabled the direct cause), and root causes (management system failures that allowed conditions to exist). Avoid stopping at "human error" — that is a contributing cause, not a root cause.
For each root cause, identify one or more corrective actions using the Hierarchy of Controls (eliminate the cause first; administrative controls and retraining last). Assign each action an owner, a due date, and a verification method. Actions must address root causes — not just symptoms. "Retrain the worker" alone is almost never sufficient.
Share investigation findings across the organisation — similar hazards may exist elsewhere. Track corrective action completion. Verify effectiveness after implementation (not just that the action was done, but that it eliminated the root cause). Close the investigation only after verification is complete. Update risk assessments. Ref: ISO 45001 §10.2(g)
The "human error" trap: When an investigation concludes "root cause: worker error / inattention / complacency," it has failed. Human error is a symptom, not a cause. Ask: Why was the worker in a position to make this error? What system allowed this error to have such severe consequences? What barriers failed? The system designed the conditions that led to the error — the investigation must find those system failures. This principle is central to James Reason's work and embedded in ISO 45001 Clause 10.2's requirement to identify "whether similar incidents have occurred, whether corrective actions would be effective for other situations." Ref: ISO 45001 §10.2
Preventing catastrophic releases of highly hazardous chemicals — the 14 elements of OSHA PSM, Process Hazard Analysis, and the lessons of Bhopal and Texas City.
Bhopal, India (1984): A water ingress into a methyl isocyanate (MIC) storage tank at a Union Carbide pesticide plant caused a catastrophic runaway reaction, releasing ~40 tonnes of toxic gas into surrounding communities. Over 15,000 people died. The plant had disabled multiple safety systems due to cost-cutting. Bhopal directly triggered: OSHA PSM (29 CFR 1910.119), EPA RMP Rule (40 CFR Part 68), and EPCRA community right-to-know requirements. Texas City, Texas (2005): An explosion at a BP oil refinery killed 15 workers and injured 180. The Baker Panel investigation found systemic failure of safety culture and leadership — not just technical failures. Led to revised OSHA PSM enforcement and the API RP 755 fatigue risk management standard.
OSHA PSM applies to facilities with listed highly hazardous chemicals at or above threshold quantities (TQs). The standard has 14 elements — all mandatory. There is no prioritisation — a deficiency in any element is a PSM citation.
Chemical hazards, process technology, equipment design info — compiled before PHA. Foundation of entire PSM programme.
Systematic hazard review using HAZOP, What-If, FMEA, or Checklist. Revalidated every 5 years. The most resource-intensive PSM element.
Written procedures for each operating phase: normal startup/shutdown, emergency, temporary operations. Annually certified as current.
Initial and refresher training on operating procedures. Certification that employees understood training. Refresher at least every 3 years.
Evaluation and selection of contractors based on safety performance. Contractor safety training and recordkeeping. Periodic evaluation of safety performance.
Before initial startup of any new or modified covered process — confirm construction matches design, procedures in place, training complete, PHA recommendations resolved.
Written procedures; inspection/testing of process equipment; equipment deficiency correction; quality assurance for repairs. Critical for preventing containment loss.
Written permit for all hot work (welding, cutting, grinding) on or near covered processes. Fire watch, atmospheric testing, equipment isolation required.
Formal review and authorisation before any change to process chemistry, technology, equipment, procedures, or personnel that affects a covered process. MOC failures caused Bhopal and Texas City.
Investigate all catastrophic releases and near-miss events. Investigation team includes one person with process knowledge. Report within 48 hours. Retain records for 5 years.
Emergency response plan or coordination with community emergency response. Meets requirements of OSHA HAZWOPER (29 CFR 1910.120).
Certify compliance with all PSM requirements at least every 3 years. Retain 2 most recent audit reports. Respond promptly to audit findings.
Provide all necessary information to employees, contractors, and emergency responders even if it involves trade secrets — subject to confidentiality agreements.
Written plan of action for employee participation in PHAs and development of other PSM elements. Employees and their representatives must have access to all PSI.
Management of Change (MOC) — the most violated PSM element: OSHA defines "change" as anything except "replacement in kind." A change includes: different chemicals, different concentrations, different equipment specifications, different operating conditions, different procedures, and organisational changes (new supervisor for a covered process unit). Every PSM catastrophe investigation finds MOC failure — changes made without going through the formal review process. Ref: 29 CFR 1910.119(l)
Designing and conducting EHS audits, selecting the right metrics, and using data to drive decisions — not just report backward-looking statistics.
Conducted by the organisation's own personnel (or contracted auditors acting on behalf of the organisation). Required by ISO 45001 Clause 9.2. Auditors must be competent and impartial — cannot audit their own area. Programme must be planned and results must go to management review.
Conducted by parties with an interest in the organisation — clients, customers, or supply chain partners. Common in manufacturing: a customer audits a supplier's safety practices as a condition of the supply agreement. Results shared with the auditee.
Conducted by an independent, accredited certification body (e.g., BSI, Bureau Veritas, DNV, SGS) to issue or maintain ISO 45001 certification. Stage 1 (document review) and Stage 2 (on-site) for initial certification; annual surveillance audits; full recertification every 3 years.
A requirement of the standard (or legal requirement) is not being met. Must be corrected and root caused. Major NC can result in suspended certification. Minor NC requires correction within agreed timeframe.
A potential weakness identified that does not yet constitute a nonconformity — a trend or a situation that may develop into a problem. Not mandatory to correct, but auditor flags for attention. Good organisations act on observations proactively.
A suggestion from the auditor for how the system could be enhanced beyond the minimum requirements of the standard. No obligation to implement — but demonstrates auditor's experience. Useful input for continual improvement.
Recognition of particularly strong or innovative practice that exceeds requirements or represents industry best practice. Included in audit reports to balance the picture and acknowledge good work. Often underused by auditors.
Most organisations measure only lagging indicators — injury rates, fines, incidents. By the time these numbers appear, harm has already occurred. High-performing organisations use leading indicators — measures of the conditions and behaviours that predict future performance.
| Indicator Type | What It Measures | Examples | Limitation |
|---|---|---|---|
| Lagging (outcome) | What has already happened — past performance | TRIR, DART rate, LTIR, fatality count, environmental releases, regulatory citations, near-miss frequency | Tells you about yesterday — cannot prevent what already happened. Low rates can mask serious hazards (low-frequency, high-severity risks invisible until event occurs). |
| Leading (activity/input) | Current conditions and behaviours that predict future outcomes | % hazard assessments completed on schedule; safety observation completion rate; % overdue corrective actions; safety training completion %; management safety walk frequency; permit-to-work compliance rate | Require discipline to define and collect consistently. Can be gamed if not tied to outcomes. Must be validated that they actually correlate with reduced incidents. |
| Process (health of system) | Whether the management system is functioning as designed | Internal audit closure rate; % of ISO 45001 clauses in full conformity; corrective action average close-out time; employee hazard report submission rate; compliance calendar completion rate | System can look healthy on paper while cultural issues persist. Requires honest self-assessment. |
Key EHS Rates — Formulae:
TRIR (Total Recordable Incident Rate) = (Number of recordable incidents × 200,000) ÷ Total hours worked
DART Rate (Days Away, Restricted or Transferred) = (DART cases × 200,000) ÷ Total hours worked
LTIR (Lost Time Injury Rate) = (LTIs × 200,000) ÷ Total hours worked
The 200,000 figure represents 100 employees working 40 hours/week for 50 weeks — the normalisation base. These rates are required for OSHA 300A and are benchmarked against BLS industry averages. Ref: 29 CFR 1904 ISO 45001 §9.1
Culture is what happens when no one is watching. Building a sustainable safety culture is the hardest — and highest-leverage — thing an EHS professional can do.
The Safety Culture Maturity Model (originally developed by ACSNI, UK 1993; refined by Hudson and Shell's Hearts & Minds programme) describes five stages of cultural evolution. Most organisations exist between levels 2 and 3. Very few reach level 5. Knowing your level is the first step to moving up.
Safety is how we do business. Organisation actively seeks out failure signals before they become incidents. Leadership is genuinely informed about real risk. Workforce owns safety. Continuous learning is automatic. Examples: NASA post-Columbia, nuclear power operators (INPO model). Ref: Hudson, Hearts & Minds
Management genuinely cares and seeks to address problems before they cause harm. Leading indicators tracked. Near misses reported freely. Safety seen as a value, not a priority. Workers actively engaged. Improvement is systematic.
Systems in place — risk assessments, audits, procedures, metrics. Safety is managed by data and compliance. But culture is still driven by management pushing down — workers comply, not engaged. Many certified ISO 45001 organisations are at this level. Most large organisations sit here.
Safety is important — we do something every time someone is hurt. Focus on fixing the specific problem after the event. Near-miss reporting is low. Safety management is incident-driven. Compliance-focused. "We haven't had an incident so we must be safe." Most SMEs operate here.
Who cares about safety as long as we're not caught? Safety is seen as a hindrance to productivity. Incidents are concealed. Regulators are the enemy. Safety investment is minimal. High incident rates, poor morale. Legal liability is the primary (ineffective) motivator.
ISO 45001:2018 Clause 5.1 requires top management to demonstrate leadership and commitment by, among other things, "promoting a culture that supports the intended outcomes of the OH&S management system." Clause 5.4 requires worker consultation and participation. These clauses specifically address culture — not just processes. The standard recognises that the best management system fails without the right culture to sustain it. ISO 45001 auditors increasingly probe culture through worker interviews rather than just document checks. Ref: ISO 45001:2018 §5.1, §5.4
BBS applies behavioural psychology principles to workplace safety. It focuses on observable worker behaviours — not attitudes — as the target for intervention. BBS is controversial: used well, it is powerful; used poorly, it blames workers and masks systemic failures.
BBS is grounded in applied behaviour analysis (ABA). The ABC Model: Antecedents (conditions before the behaviour) → Behaviour (observable action) → Consequences (what follows the behaviour). Consequences drive behaviour: behaviours followed by positive consequences are repeated; behaviours followed by negative or no consequences decrease. Safety programmes often focus on antecedents (training, rules, signs) — which are weak behaviour drivers. BBS focuses on changing consequences.
Key principle: The best predictor of future behaviour is past behaviour reinforced by its consequences. — B.F. Skinner, applied by Dan Petersen and Damon Petersen to safety.
Key reference: DuPont STOP™ programme; Krause, Hidley & Hodson — The Behaviour-Based Safety Process (1996)
See also: Sidney Dekker — "The Field Guide to Understanding Human Error" (2006) for the case against individual-blame approaches
Visible Felt Leadership (VFL): Research consistently shows that visible commitment from senior leadership is the single strongest predictor of safety culture maturity. VFL is not safety inspections by managers — it is genuine engagement: leaders asking workers about hazards, listening without defensiveness, and following through on what they hear. OSHA's Voluntary Protection Program criteria explicitly require demonstrated management leadership. ISO 45001 Clause 5.1 mandates it. A manager who says safety is a priority but never visits the shop floor signals — loudly and clearly — that it is not. Ref: ISO 45001 §5.1 ILO C187 Art.3
Your complete certification pathway — from first day in EHS to senior specialist — with exam requirements, study resources, and the credentials that open doors globally.
The EHS profession has a structured credential pathway. Each step builds on the last. This roadmap covers US and international credentials — matched to where you are in your career.
No prerequisites. 10-hour for general workers; 30-hour for supervisors and safety-sensitive roles. Covers OSHA rights, hazard recognition, and basic standards. Required on most US construction sites. Not a professional credential — a training certificate. Issued by OSHA-Authorised Trainers.
The most widely held H&S qualification globally. No formal prerequisites. Two unit examinations (NG1: Management of H&S; NG2: Risk Assessment) plus a practical assessment (NG3: Health and Safety Practical Application). Recognised in 132+ countries. Gateway to IOSH membership (TechIOSH).
BCSP credential. Prerequisites: bachelor's degree (any field) + 1 year safety experience (or master's degree with no experience). 200-question computer-based exam covering the same domains as the CSP. Stepping stone to CSP. Widely recognised by US employers. Valid for 5 years — convert to CSP within that window.
Advanced NEBOSH qualification — degree-level understanding of OHS management. Three units: Unit A (managing health and safety), Unit B (hazardous agents), Unit C (workplace and work equipment safety). Required for IOSH Chartered Membership (CMIOSH). Highly respected across Europe, Middle East, and Asia.
The gold standard in occupational safety — globally recognised. Prerequisites: bachelor's degree + 4 years of professional safety experience (at least 50% safety duties). 200-question computer-based exam. 8 domains covering safety management, risk assessment, emergency management, environmental health, and more. 4-year recertification cycle with 48 continuing education points.
The premier credential in industrial hygiene. Prerequisites: bachelor's in science/engineering + 5 years professional IH experience (3 years with master's; 1 year with doctoral degree). Comprehensive examination covering anticipation, recognition, evaluation, and control of occupational health hazards. 6-year recertification cycle.
Integrates EHS, environmental compliance, and emergency management. Prerequisites: bachelor's degree + 3 years hazmat management experience (or master's + 1 year). Covers RCRA, CERCLA, DOT, emergency response, and pollution prevention. Recognised by EPA and DoD. 2-year recertification with continuing education.
The UK's premier professional safety designation. Routes: via NEBOSH Diploma + experience pathway, or graduate-entry with qualifying safety experience. Requires demonstration of competence through the IOSH CPD system. Recognised globally — particularly strong in UK, Middle East, Africa, and Asia-Pacific.
Qualifies you to lead third-party OH&S management system certification audits. 5-day accredited training course + examination + relevant experience. Issued by IRCA-registered training organisations. High demand from certification bodies (BSI, Bureau Veritas, Lloyd's) and large multinationals conducting supplier audits.
BCSP Process Safety Professional credential. Covers PSM elements, PHA facilitation, HAZOP, LOPA, Layer of Protection Analysis, MOC, and mechanical integrity. Requires 5 years of process safety experience and passing a comprehensive examination. Growing demand in refining, chemical, and petrochemical industries.
| Career Stage | Role Titles | Critical Competencies | Typical Credential |
|---|---|---|---|
| Entry (0–3 yrs) | EHS Coordinator, Safety Officer, Environmental Tech | Hazard recognition; OSHA recordkeeping; permit systems; inspection checklists; incident reporting; basic risk assessment; PPE selection; compliance basics | OSHA 30-hr; NEBOSH NGC; ASP (in progress) |
| Mid (3–8 yrs) | EHS Specialist, Safety Manager, IH Specialist | Risk assessment; JHA facilitation; training design; incident investigation; regulatory compliance management; contractor safety; written programmes; data analysis; stakeholder communication | ASP; NEBOSH Diploma; CSP (in progress); CIH (in progress) |
| Senior (8–15 yrs) | Senior EHS Manager, Site EHS Director, Regional EHS Lead | SMS design and implementation; audit programme management; leadership influencing; culture change; PSM (if applicable); ISO 45001/14001 implementation; capital project safety; budget management | CSP; CIH; CMIOSH; ISO Lead Auditor |
| Executive (15+ yrs) | VP EHS, Global EHS Director, Chief Safety Officer | Board-level communication; ESG/sustainability integration; enterprise risk management; M&A due diligence; organisational culture transformation; regulatory strategy; international operations | CSP + MBA or Engineering degree; peer networks (ASSP, IOSH, NSC) |
The fastest path to CSP from zero: (1) Complete OSHA 30-hour — 2 days. (2) Get a relevant bachelor's degree or any bachelor's degree + enrol in BCSP's safety degree equivalency programme. (3) Get your first EHS role — even EHS Coordinator or Assistant. (4) Sit for the ASP as soon as you meet prerequisites — most people pass within 1–2 years of starting their safety career. (5) Accumulate 4 years of experience while continuing education. (6) Sit for CSP. Total timeline from scratch: typically 5–7 years. The NEBOSH NGC is the fastest internationally recognised qualification for non-US professionals — achievable in 3–6 months with part-time study.
Largest US professional safety association. 38,000+ members. Publishes Safety Professional magazine. Hosts the Safety 2025 conference. Manages ANSI Z10 standard development. Local chapters in every US state. assp.org
UK-based but global — 49,000 members in 130 countries. Manages CMIOSH and FIIOSH credentials. Partners with NEBOSH and IOHA. The premier professional body for safety internationally outside the US. iosh.com
Premier IH professional body. 8,500 members. Co-publishes ANSI Z10 with ASSP. Hosts AIHce annual conference. Partners with ABIH on CIH credential. Publishes AIHA journal. aiha.org
Division of AICHE focused on process safety. Publishes the definitive process safety guidelines (30+ books). Develops and maintains the CCPS Body of Knowledge. Essential resource for anyone working in process industries. aiche.org/ccps
Focused on EHS and sustainability management. Strong network for corporate EHS and sustainability professionals. Publishes benchmarking surveys and best practices. naem.org
Non-profit focused on eliminating preventable deaths in the workplace and community. Manages the Defensive Driving Course and produces the Injury Facts annual report — the definitive source for US injury statistics. Runs NSC Safety Congress annually. nsc.org
1. ISO 45001:2018 Clause 5.1 requires top management to demonstrate "leadership and commitment." Which of the following is specifically listed as a top management responsibility under this clause?
2. James Reason's Swiss Cheese Model of incident causation describes incidents as occurring when:
3. OSHA PSM (29 CFR 1910.119) Element 9 — Management of Change (MOC) — requires formal review before changes to covered processes. Which of the following is specifically excluded from MOC requirements under OSHA PSM?
4. ISO 19011:2018 provides guidelines for auditing management systems. When a third-party auditor finds that a documented procedure exists but is not being followed, what category of finding is this?
5. The Total Recordable Incident Rate (TRIR) formula uses a base of 200,000 hours. What does this base represent?
6. In the Safety Culture Maturity Model (Hudson/Hearts & Minds), what characterises a "Calculative" (Level 3) organisation?
7. Under BCSP requirements, what are the prerequisites to sit for the Certified Safety Professional (CSP) examination?
From understanding what EHS is, to building and auditing safety management systems, investigating incidents, and understanding global environmental law — you have covered the complete EHS curriculum from beginner to advanced professional.
Your next step: choose your certification pathway. Most learners start with NEBOSH NGC or OSHA 30-hour, then pursue the ASP → CSP. Use the career roadmap in Module 6 to plan your path.