ISO vs COR: The equivalency equation
Ontario’s decision to recognize ISO 45001 and the Certificate of Recognition (COR) as equivalent for public-sector procurement is stirring a fresh round of debate among Canada’s occupational health and safety (OHS) leaders. While some hail the move as overdue progress toward fairness and modernization, others warn that the policy—part of the province’s Working for Workers Seven Act—may sacrifice clarity and audit reliability in pursuit of expediency.
“It’s a political move,” says Ben Snyman, CEO of Calgary-based AuditSoft Inc. “It sounds like they want to open the bidding process and build faster, but they’re missing key differences between these two systems. This isn’t just about fairness. It’s about risk.”
Snyman knows both systems intimately. A longtime COR software provider and co-founder of an ANAB-accredited ISO certifying body, he straddles both standards. Yet he maintains that while the intent behind ISO 45001 and COR may align, the audit methodologies diverge dramatically, with serious implications for consistency and accountability.
“The standards are the same. It’s the way they’re audited—and the data you get—that’s different,” Snyman says. “With COR, the audit protocol is fixed and the data is measurable. With ISO, it’s loose, subjective. It all depends on the auditor”.
Beyond paperwork
Wayne Pardy, HSEQ Manager at Quality Plus Inc. in St. John’s, Newfoundland and Labrador, agrees the conversation goes deeper than compliance. A career auditor and author of multiple books on safety systems, Pardy views the equivalency as a well-intentioned but potentially misunderstood gesture.
“ISO is a strategic management system. COR is a compliance audit. They’re not the same,” he says. “But they don’t need to be mutually exclusive either.”
Pardy has used both systems and sees a place for each, especially in construction-heavy provinces like Ontario. In his previous role with a major contractor, he integrated ISO 45001 into the company’s management framework—while simultaneously maintaining COR certification to meet procurement requirements.
“They can coexist,” he says. “But that requires understanding what each system is for, and what it isn’t.”
Risk by policy
Ontario’s plan, first revealed by Canadian Occupational Safety, mandates that all public entities, including municipalities, must treat ISO 45001 and COR as equivalent for prequalification purposes. Labour Minister David Piccini argues the change removes barriers that prevent ISO-certified contractors from accessing public bids, thereby boosting competition and speeding up infrastructure timelines.
Snyman pushes back.
“This isn’t just a procurement issue—it’s a risk management issue,” he says. “Organizations should be able to set their own risk tolerance. The government shouldn’t force a municipality to accept a system if they don’t trust its audit process”.
He uses a blunt analogy: asking municipalities to accept an ISO certificate without standardized audit criteria is like asking a client to hire a lawyer who never passed the bar exam.
“You can’t compare audits that weren’t conducted the same way. That’s the problem,” he says. “If you want to make it fair, then everyone needs to write the same test.”
What’s in a standard?
ISO 45001, particularly in its Canadian adaptation (CSA Z45001), is designed as a high-level management framework. It focuses on continuous improvement, worker participation, and leadership accountability. The CSA version embeds Canadian principles such as the internal responsibility system, the right to refuse unsafe work, and formal roles for joint health and safety committees—features Pardy says reflect “real Canadian values” around workplace safety.
COR, by contrast, is a provincial certification program administered by safety associations like the IHSA in Ontario or Energy Safety Canada in Alberta. It’s most commonly used in the construction sector and follows a strictly defined audit protocol. Every question, every metric, is standardized.
“With COR, you can actually compare contractors based on consistent evidence,” Snyman says. “That’s powerful for decision-making. You don’t get that with ISO.”
Caution in the comments
Despite the technical distinctions, Pardy urges moderation. He cautions against framing the debate as ISO vs. COR, or choosing one over the other for ideological reasons.
“Any system can be a ‘check-the-box’ process if it’s applied without integrity,” he says. “The issue isn’t the standard—it’s how people use it, and whether auditors are trained and committed to doing the job properly”.
Both men express concern that the province’s decision is rooted more in politics than safety science. Snyman, particularly, fears a “race to the bottom”—where lower audit oversight leads to cost savings but also to increased risk, poorer data, and eventually, serious incidents.
Looking ahead
The Working for Workers Seven Act is still being implemented, industry associations have so far offered muted reactions, and the full scope of ISO-COR equivalency remains to be tested. Municipalities may welcome the clarity—or quietly worry about diluted oversight.
Meanwhile, Ontario outsiders like Snyman and Pardy continue to watch with interest—and a measure of concern.
“Data is the currency of risk,” says Snyman. “And if your audits aren’t generating comparable data, then you’re gambling with taxpayer dollars and worker lives.”
Original Article – The Safety Mag
Health Surveillance Compliance: HSE’s Landmark Warning to Employers
HSE issued its first Prohibition Notice against an occupational health provider. See what it means…
TÜV Building Report 2026: 35.9% Defect Rate Is a Warning for Facilities and Asset Managers
Germany’s TÜV Building Report 2026 found 35.9% of technical building systems have major defects, including…
Ireland and Northern Ireland Silica Dust Campaign 2026: Compliance Action Required for Construction Employers
The HSA and HSENI have launched a joint all-island silica dust inspection campaign for construction…
Esso £1M Fine: Why Asset Integrity and Inspection Management Cannot Wait
Esso was fined £1 million after corrosion identified in 2010 caused a catastrophic gas leak…
France PST 2026–2030: What Employers Need to Know About Workplace Safety Compliance
France has launched its National Occupational Health Plan 2026–2030, raising the bar on workplace safety…
Ontario’s JHSC Training Is Changing on 1 July 2026. Here Is What Employers Need to Know
Ontario’s JHSC certification training programme changes from 1 July 2026. Find out what is new…
Germany’s 2026 Workplace Safety Reforms: Is Your Risk Assessment Compliant?
Germany’s ArbSchG reforms from June 2026 formally integrate mental health into workplace risk assessments. Learn…
UK Compliance Failures Cost Millions: Three Cases Every Safety Manager Should Know
Canada’s 2026 Work Fatality Report recorded 1,042 deaths in 2024 and rising rates in seven…
Canada 2026 Workplace Fatality Report: Is Your Safety Programme Keeping Up?
Canada’s 2026 Work Fatality Report recorded 1,042 deaths in 2024 and rising rates in seven…
HSA Summer Inspection Campaign 2026: Contractor Safety Compliance in Ireland
The Ontario government is supporting a $125 million investment through the Workplace Safety and Insurance…
INTERSCHUTZ 2026: What Digital Emergency Services Compliance Looks Like Now
INTERSCHUTZ 2026 drew 140,000 visitors and put digital emergency services compliance at the heart of…
Why 36% of German Building Safety Systems Are Failing and What It Means for Asset Management
The Ontario government is supporting a $125 million investment through the Workplace Safety and Insurance…























