Leveraging Safety Management System Standards to Support Compliance with the CSRD

Quite often, businesses and organisations feel overwhelmed with the depth and breadth of data that must be reported and disclosed under the Corporate Sustainability Reporting Directive (CSRD). There is a sense that the demands of the Directive are entirely new and that it places additional burdens on management teams to collect reams of new data. However, if we take a closer look at some of the European Sustainability Reporting Standards (ESRS), we see that many data points are already being collected, analysed and reported on as part of corporate policies, compliance with existing legislation and ISO management system standards. These existing efforts can be used to support compliance with the CSRD.

In this article, we focus on the data points, disclosures and requirements of ESRS S1 (“Own Workforce”) and how businesses and organisations can use ISO 45001 (Occupational Health & Safety Management System Standard) and ISO 45003 (Guidelines for Managing Psychosocial Risks) to support compliance with the CSRD.

First of all, what is ESRS 1?

ESRS S1 “own workforce” refers to a specific aspect of the European Sustainability Reporting Standard (ESRS) that focuses on the reporting obligations regarding a company’s internal workforce. Under ESRS S1, listed companies in the European Union are required to provide disclosures related to their own workforce in their annual financial reports.

This requirement encompasses various aspects of workforce-related information, including the composition, structure, and management of the company’s employees. It may include details such as the total number of employees, breakdown by employment type (e.g., full-time, part-time, temporary), geographical distribution, and workforce diversity metrics (e.g., gender, age, ethnicity).

ESRS S1 also mandates the disclosure of information regarding employment policies, practices, and initiatives aimed at promoting employee well-being, health and safety, training and development, and diversity and inclusion within the workforce. Additionally, companies are expected to provide insights into their labour relations, including any significant changes in workforce composition or employment contracts, as well as any material issues or disputes related to employee relations.

How can ISO 45001 support compliance with the CSRD?

While ISO 45001 primarily focuses on occupational health and safety management systems, it can indirectly support compliance with the CSRD and ESRS S1, particularly in areas related to health and safety reporting. Here’s how you can use ISO 45001 to support compliance with the CSRD ESRS S1:

1. Occupational Health and Safety Reporting: ESRS S1 requires companies to disclose information related to occupational health and safety in their annual reports. ISO 45001 provides a framework for managing occupational health and safety risks and improving performance. By implementing and leveraging ISO 45001, companies can systematically collect and report on relevant health and safety data, ensuring compliance with the CSRD and ESRS S1 requirements.
2. Structured Data Collection and Management: ISO 45001 encourages companies to establish structured processes for collecting and managing health and safety data. Many companies are already recording data on workplace fatalities, work-related accidents and injuries, ill-health, dangerous occurrences, lost time, etc. These data points are specific disclosures under ESRS S1, so companies with safety management systems are well equipped to report on this information. Companies can use the requirements of ISO 45001 to develop robust systems for collecting relevant health and safety information in a structured format suitable for inclusion in their annual reports prepared in accordance with ESRS S1.
3. Performance Indicators and Metrics: ISO 45001 requires companies to establish performance indicators and metrics to measure and improve their occupational health and safety performance. These performance indicators can provide valuable data for inclusion in annual reports prepared in accordance with ESRS S1, demonstrating the company’s commitment to ensuring a safe and healthy work environment for its employees.
4. Risk Assessment and Disclosure: ISO 45001 mandates companies to conduct risk assessments and disclose significant occupational health and safety risks and opportunities. Companies can use the information collected through ISO 45001 processes to include relevant disclosures in their annual reports, ensuring transparency and compliance with the CSRD and ESRS S1 requirements.
5. Stakeholder Engagement: ISO 45001 emphasises stakeholder engagement in occupational health and safety management processes, particularly in the context of contractors and outsourcing. Engaging stakeholders can help companies understand their information needs for health and safety disclosures in annual reports prepared in accordance with ESRS S1, ensuring that their disclosures are relevant and meet stakeholder expectations.
6. Internal Controls and Assurance: ISO 45001 encourages companies to establish internal controls and assurance mechanisms to ensure the effectiveness of their occupational health and safety management systems. These controls and assurance processes can provide confidence in the accuracy and reliability of health and safety information disclosed in annual reports prepared in accordance with ESRS S1, enhancing transparency and credibility.
7. Continuous Improvement: ISO 45001 promotes a culture of continuous improvement in occupational health and safety performance. Companies can use ISO 45001 as a framework to identify areas for improvement and implement corrective actions to address any deficiencies in health and safety performance disclosed in annual reports prepared in accordance with ESRS S1.

How can ISO 45003 support compliance with the CSRD?

ISO 45003 is a standard that provides guidance on managing psychological health and safety in the workplace. While it doesn’t directly address compliance with the CSRD and ESRS S1, it can indirectly support such compliance as follows:

1. Enhanced Health and Safety Management: ISO 45003 offers guidance on managing psychological health and safety in the workplace, complementing the requirements of ISO 45001 for occupational health and safety management. By implementing ISO 45003, companies can enhance their overall health and safety management systems, which can contribute to compliance with the CSRD and ESRS S1 requirements related to health and safety reporting.
2. Addressing Psychological Hazards: ESRS S1 requires companies to disclose information on psychological health and safety hazards in their annual reports. ISO 45003 provides guidance on identifying and addressing psychological hazards in the workplace, enabling companies to systematically manage and report on these hazards as part of their health and safety disclosures in accordance with ESRS S1.
3. Employee Well-being: ISO 45003 emphasises the importance of promoting employee well-being and resilience. Companies that implement ISO 45003 can demonstrate their commitment to employee well-being in their annual reports, aligning with ESRS S1 requirements to disclose information on measures taken to protect employees’ health and safety, including psychological health.
4. Risk Assessment and Management: ISO 45003 guides companies in conducting risk assessments and managing psychological health and safety risks. By following the principles outlined in ISO 45003, companies can identify and assess psychological health and safety risks, ensuring that they are adequately managed and disclosed in their annual reports as required by ESRS S1.
5. Stakeholder Engagement: ISO 45003 encourages stakeholder engagement in the management of psychological health and safety. Engaging stakeholders can help companies understand their information needs for health and safety disclosures in annual reports, ensuring that their disclosures meet stakeholder expectations and support compliance with the CSRD and ESRS S1 requirements.
6. Internal Controls and Assurance: ISO 45003 promotes the establishment of internal controls and assurance mechanisms to ensure the effectiveness of psychological health and safety management systems. These controls and assurance processes can provide confidence in the accuracy and reliability of health and safety information disclosed in annual reports prepared in accordance with ESRS S1, enhancing transparency and credibility.
7. Continuous Improvement: ISO 45003 fosters a culture of continuous improvement in psychological health and safety performance. Companies can use ISO 45003 as a framework to identify areas for improvement and implement corrective actions to address any deficiencies in psychological health and safety performance disclosed in annual reports prepared in accordance with ESRS S1.

While ISO 45001 and 45003 do not directly address compliance with the CSRD and ESRS S1, their principles and guidance can support companies in enhancing their health and safety management systems and reporting practices, thereby indirectly contributing to compliance with ESRS S1 requirements related to health and safety disclosures in annual reports.

Table 1: some of the key disclosure items as prescribed in ESRS S1

Source: ESRS S1: Download (efrag.org)

Antaris is supporting many companies with compliance to the CSRD by leveraging the requirements of existing management system standards, such as ISO 14001, ISO 50001 and ISO 9001.