In the new standard, an organization will not only focus on its immediate health and safety issues, but will take into account the larger societal expectations. Organizations need to consider how their subcontractors and suppliers, and for example, their own work will have an impact on their neighbours around them. This would be broader than just focusing on conditions with in-house employees, meaning that organizations cannot simply "graft" their risk out through outsourcing.

ISO 45001 emphasizes that these occupational health and safety factors are embodied in an organization's entire management system and require a higher level of acceptance from management and leadership. This will be a big change for those users who are currently used to delegating responsibility to a security manager rather than being fully integrated into the organization's operations. ISO 45001 requires occupational health and safety factors to be an integral part of an organization's complete management system, not just an additional part.

The standard requires an organization to determine the risks and opportunities that the organization needs to address when planning an occupational health and safety system. Risks and opportunities exist in an organization's hazards, compliance, and environment and stakeholder needs and expectations. The standard requires the organization to take measures to deal with risks and opportunities to ensure that the system can achieve the expected results of the organization and achieve the continuous improvement of the organization in occupational health and safety.