ISO 9001, ISO 14001 & OHSAS 18001 Integrated Management Systems

Introduction

Running three separate management systems simultaneously is a real operational burden. Quality managers tracking ISO 9001 nonconformances, EHS teams managing ISO 14001 environmental registers, and safety officers maintaining OHSAS 18001 hazard logs often find themselves maintaining parallel documentation, scheduling overlapping audits, and conducting redundant management reviews — for systems that share the same underlying structure.

That structure overlap isn't a coincidence. It's the problem.

The outcome: audit fatigue, duplicated paperwork, and organizational silos between quality, environmental, and safety functions.

According to the ISO Survey 2022, there are over 1.26 million ISO 9001 certificates, 529,853 ISO 14001 certificates, and 397,339 ISO 45001 certificates worldwide. A significant portion of those certificate holders manage two or more standards. For organizations running parallel systems, that shared architecture is an integration opportunity most haven't fully acted on.

What follows is a practical breakdown of what each standard covers, where they overlap, and how to combine them into a single Integrated Management System (IMS) that's easier to maintain — and more effective in practice.

TL;DR

  • ISO 9001 (quality), ISO 14001 (environment), and OHSAS 18001/ISO 45001 (safety) share the same High Level Structure, simplifying integration across all three standards
  • OHSAS 18001 was replaced by ISO 45001 in 2018; the transition period ended September 2021
  • An IMS combines all three into a single policy, audit program, and management review cycle
  • Integrating ISO 14001 into an existing ISO 9001 system typically cuts implementation costs by 40–60% versus a standalone build
  • Oil and gas, construction, and manufacturing organizations frequently need multi-standard certification to qualify for contracts

What Are ISO 9001, ISO 14001, and OHSAS 18001?

All three are internationally recognized management system standards. They share common structural elements—specifically the Harmonized Structure (also called Annex SL or High Level Structure). That shared architecture is what makes them candidates for integration rather than parallel operation. Here's what each standard covers.

ISO 9001: The Quality Management Standard

ISO 9001 defines requirements for a Quality Management System (QMS). Its focus is on consistently meeting customer requirements, improving processes, and demonstrating an organization's ability to deliver conforming products and services.

It applies across industries, organization types, and sizes. That universality explains why ISO 9001 is the most widely adopted ISO management standard worldwide, and why every other management standard is built on top of it.

ISO 14001: The Environmental Management Standard

ISO 14001 establishes requirements for an Environmental Management System (EMS). It gives organizations a structured way to identify and control their environmental footprint, stay current with applicable regulations, and improve environmental performance over time.

In practice, this means managing:

  • Waste generation and disposal
  • Energy and water consumption
  • Air emissions and discharge
  • Environmental regulatory compliance

OHSAS 18001: The Occupational Health and Safety Standard

OHSAS 18001 provided a framework for managing occupational health and safety (OH&S) risks—covering hazard identification, risk assessment, incident prevention, and compliance requirements to protect workers, contractors, and anyone on site.

Important: OHSAS 18001 has been superseded by ISO 45001, published in March 2018. The transition period ended in September 2021, and any new OH&S certification must now be to ISO 45001.

ISO 45001 follows the same High Level Structure as ISO 9001 and ISO 14001, making it the cleanest fit in a modern IMS build. Organizations that built their IMS on OHSAS 18001 will find the core health and safety requirements largely consistent—but the old standard is no longer valid for new or renewed certification.

Key Differences: ISO 14001 vs. OHSAS 18001

The most common source of confusion is treating ISO 14001 and OHSAS 18001 as interchangeable "risk management" standards. They address different subjects entirely — one focuses outward, the other inward.

  • ISO 14001 addresses an organization's impact on the external environment—waste, emissions, resource use, and regulatory compliance with bodies like the EPA or local environmental agencies
  • OHSAS 18001/ISO 45001 addresses risks to people inside the workplace—injury prevention, hazard control, and employee well-being
Dimension ISO 14001 OHSAS 18001 / ISO 45001
Primary objective Manage environmental impacts and legal obligations Protect worker health and safety
Scope of risk External environment (waste, emissions, resources) Workplace hazards and OH&S incidents
Key documents Environmental aspects register, legal register, EMS objectives Hazard log, risk assessment, incident reports, OH&S objectives
Affected interested parties Environmental regulators, communities, neighbors Employees, contractors, visitors

ISO 14001 versus OHSAS 18001 side-by-side comparison of key differences infographic

The distinction matters — but so does the overlap. Both standards share the same management-system mechanics:

  • Legal compliance tracking
  • Emergency preparedness and response procedures
  • Internal audits
  • Nonconformity and corrective action processes
  • Continual improvement

That overlap is not a problem—it's an opportunity. When an organization runs both standards, those shared processes don't need to exist twice. One corrective action procedure, one emergency preparedness plan structure, one internal audit process. This is what makes an Integrated Management System practical rather than theoretical — fewer redundant documents, fewer parallel processes, and one unified system your team actually uses.

What Is an Integrated Management System (IMS)?

An Integrated Management System is a single, unified framework that combines the requirements of two or more management system standards—ISO 9001, ISO 14001, and ISO 45001 in the most common configuration—into one coordinated set of policies, procedures, objectives, and processes.

The structural basis for integration comes from ISO's Harmonized Structure, which aligns key clauses across all three standards:

Clause Topic
4 Context of the organization
5 Leadership
6 Planning
7 Support
8 Operation
9 Performance evaluation
10 Improvement

Because all three standards map to the same clause structure, a single procedure can satisfy requirements in two or three standards simultaneously—eliminating redundant documentation without sacrificing compliance with any individual standard.

What an IMS Looks Like in Practice

  • One unified policy addressing quality, environmental, and safety commitments
  • A single internal audit program covering all three standards in one audit cycle
  • Consolidated procedures for shared processes: document control, corrective action, management review, training, and communication
  • Standard-specific procedures only where requirements genuinely diverge (for example, environmental aspects identification versus hazard identification)
  • One management review meeting addressing performance across quality, environment, and safety simultaneously

Integrated Management System structure showing five unified components across three ISO standards

An IMS does not replace the individual standards—each retains its own certification. The organization simply manages the overlapping and distinct requirements within one efficient system rather than three separate ones.

That efficiency multiplies for organizations with multiple sites. A well-designed IMS lets every location operate from the same controlled document set, the same audit structure, and the same records platform—rather than maintaining separate, inconsistent systems per site.

Benefits of Integrating ISO 9001, ISO 14001, and OHSAS 18001

Reduced Duplication and Lower Implementation Costs

Running three separate systems means three sets of documentation, three training programs, and three audit cycles. Integration consolidates these into shared processes.

Synergistic Systems' experience across hundreds of IMS implementations shows that adding ISO 14001 as an integrated module to an existing ISO 9001 system typically cuts ISO 14001 implementation costs by 40–60% versus a standalone EMS build. The same savings logic applies when ISO 45001 is added as the next module.

Combined Audit Cycles

An IMS allows organizations to conduct combined internal audits that simultaneously address quality, environmental, and safety requirements.

IAF MD 11:2023 formally governs accredited audits of integrated management systems, confirming that combined audits against two or more standards are recognized and structured. Major registrars including DNV, Bureau Veritas, LRQA, Intertek, SGS, and BSI all offer combined certification audits for organizations holding multiple standards.

External certification audits can also be coordinated across all three standards in the same audit cycle, reducing disruption to operations.

Stronger Risk Management

A unified approach to risk surfaces connections that siloed systems miss. A chemical spill, for example, simultaneously represents an environmental incident (ISO 14001), a worker safety event (ISO 45001), and a potential process nonconformance (ISO 9001). With an integrated system, one root cause investigation and one corrective action addresses all three dimensions at once.

Without integration, that same event generates three separate CAPAs pointing to the same root cause — wasted effort that an IMS eliminates by design.

Improved Organizational Culture

Three separate compliance silos create three separate accountability structures. An IMS replaces that fragmentation with a single performance improvement culture where quality, environmental, and safety objectives are understood as connected priorities.

That integration has practical day-to-day effects:

  • Leadership drives improvement initiatives across all three standards in coordinated cycles
  • Cross-functional teams understand their roles without jurisdictional hand-offs
  • Management reviews cover quality, environmental, and safety performance in a single session — typically cutting review preparation time in half

Competitive and Reputational Advantages

In oil and gas, construction, and heavy manufacturing, multi-standard certification is routinely evaluated during supplier qualification — not as a differentiator, but as a baseline requirement.

Shell's supplier requirements, for example, reference ISO 45001 or equivalent as part of their supplier review process. A 2025 procurement document from National Fertilizers Limited called specifically for recertification services covering ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 as a combined scope — demonstrating that industrial buyers are increasingly procuring tri-standard certification as a single package rather than evaluating each standard separately.

How to Build an Integrated Management System

Step 1: Gap Analysis Across All Three Standards

Start by assessing your current compliance status against each standard independently. Identify:

  • What's already in place from your ISO 9001 system that satisfies requirements in ISO 14001 or ISO 45001
  • Where standard-specific gaps exist (for example, no environmental aspects register, no formal hazard log)
  • Which processes can be shared versus which must remain standard-specific

Three-step IMS gap analysis process identifying shared and standard-specific requirements

Step 2: Build an Integrated Documentation Structure

The documentation architecture is where integration either works or collapses. A well-built IMS uses:

  • One unified policy — a single statement covering quality, environmental, and safety commitments
  • Consolidated shared procedures — covering document control, internal audit, corrective action, management review, training, and communication (these satisfy requirements in all three standards simultaneously)
  • Standard-specific procedures — only where the standards diverge, such as environmental aspects and impacts identification, or hazard identification and risk assessment

A modular documentation approach keeps this structured and repeatable. Synergistic Systems hosts every controlled document, record, audit, corrective action, and risk register in a single cloud-based intranet — no client hardware or software purchase required — which works particularly well for organizations managing multiple sites or complex operations.

Step 3: Embed Leadership, Training, and Ongoing Maintenance

Integration succeeds when top management actively owns the IMS, not just the quality department. Practical requirements:

  • Management review conducted as one meeting covering quality, environmental, and safety performance together
  • Cross-functional training so teams understand their responsibilities across all three standards, not just their functional area
  • A unified internal audit schedule covering all three standards in coordinated audit cycles
  • A single corrective action process for addressing nonconformances, environmental incidents, and safety events consistently

The maintenance rhythm applies to the IMS as a whole: one internal audit schedule, one corrective action process, and one annual management review covering all three standards.

Frequently Asked Questions

What are ISO 9001, ISO 14001, and OHSAS 18001 standards?

ISO 9001 is the international standard for Quality Management Systems, ISO 14001 covers Environmental Management Systems, and OHSAS 18001 was the standard for Occupational Health and Safety Management Systems—now replaced by ISO 45001. All three provide frameworks for managing performance, risk, and legal compliance in their respective domains.

What is the difference between ISO 14001 and OHSAS 18001?

ISO 14001 focuses on managing an organization's impact on the external environment (waste, emissions, resource use), while OHSAS 18001 focused on protecting the health and safety of workers within the organization. Both require risk assessment, legal compliance, and continual improvement—but they address entirely different categories of risk.

Is OHSAS 18001 still valid?

No. ISO 45001 officially replaced OHSAS 18001 in March 2018, and the migration period ended in September 2021. Organizations previously certified to OHSAS 18001 were required to transition to ISO 45001. New certifications for occupational health and safety management must now be to ISO 45001.

What does an Integrated Management System include?

An IMS combines multiple ISO standards—typically ISO 9001, ISO 14001, and ISO 45001—into one coordinated system covering documentation, policies, procedures, objectives, audit programs, and management reviews. It eliminates redundancy while maintaining full compliance with each standard's requirements.

Can an organization get certified to ISO 9001, ISO 14001, and ISO 45001 at the same time?

Yes. Many certification bodies offer combined or integrated audits, and IAF MD 11:2023 formally governs accredited audits of integrated management systems. Working with an experienced ISO consultant helps organizations align their IMS development to prepare for multi-standard certification efficiently.

What types of organizations benefit most from an Integrated Management System?

Any organization managing obligations across quality, environmental compliance, and worker safety can benefit. IMS is especially valuable for manufacturers, construction firms, oil and gas service companies, chemical processors, and multi-site operations—where running separate audit programs and documentation sets for three standards creates real resource burdens.