Download this checklist

ISO 45001 Audit Checklist

ISO 45001 gap analysis checklist to   prioritize focus areas in preparation of an ISO 45001 certification audit. ISO 45001 standard specifies requirements for an OH&S management system to prevent work-related injuries to workers.

Digitalize this paper form now

Register for free on lumiformapp.com and conduct inspections via our mobile app

  • Cut inspection time by 50%
  • Uncover more issues and solve them 4x faster
  • Select from over 4000 expert-proofed templates
Rated 4.8/5 stars on Capterra
App StorePlay Store

ISO 45001 Audit Checklist

4 Context of the organization

4.1 Understanding the organization and its context

Determine external and internal issues that affect ability to achieve intended outcome of OH&S management system

4.2 Understanding the needs and expectations of workers and other interested parties

Determine relevant interested parties to OH&S management system

Determine relevant needs and expectations of interested parties

Determine which of these needs and expectations are added to applicable legal and other requirements

4.3 Determining the scope of the environmental management system

The OH&S management system scope considers the following:

Physical boundaries and applicability

External and internal issues relevant to its purpose and objectives

Relevant needs and expectations of interested parties

Work related activities

OH&S MS scope is documented and available to interested parties

4.4 OH&S management system

Establish, implement, maintain and continually improve your OH&S management system

5 Leadership

5.1 Leadership and commitment

Top management is identified

Top management demonstrates leadership and commitment

Taking accountability for OH&S management system effectiveness

Ensures OH&S nonconformities and opportunities are identified and action is taken

Ensures work related hazards and opportunities are systematically identified, OH&S risks and opportunities are evaluated and prioritized and action is taken to achieve risk reduction

Ensures OH&S management policy and objectives are established and are compatible with strategic direction and context of organization

Ensures OH&S management is integrated into organization's business processes

Ensures resources are available

Ensures that processes are established for the consultation and active participation of workers (and, as applicable, their representatives) in the establishment, implementation, maintenance and continual improvement of the OH&S MS, identifying and removing obstacles or barriers to participation

Communicates importance of effective OH&S management and of conforming to its requirements

Ensures intended outcomes

Directing and supporting persons to contribute to the effectiveness of the OH&S management system

Promotes continuous improvement

Supports other relevant management roles to demonstrate their leadership as it applies to their areas of respsonsibility

Promotes and leads a positive culture with regard to the OH&S management system

5.2 Policy

Establish, implement and maintain an OH&S management system policy

Appropriate to the purpose and context of the organization, including the nature of its OH&S risk and opportunities.

Provides a framework for setting OH&S objectives

Includes a commitment to satisfy applicable legal and other requirements

Includes a commitment to the control of OH&S risks through hierarchy of control

Includes a commitment to continual improvement of the OH&S management system

Includes a commitment to worker participation and consultation

OH&S Policy shall be maintained as documented information

OH&S Policy shall be communicated within organization

OH&S Policy is available to interested parties

OH&S Policy shall be reviewed periodically to ensure that it remains relevant and appropriate

5.3 Organizational roles, responsibilities, accountabilities and authorities

Responsibilities and authorities for relevant roles are assigned and communicated within the organization

Assign responsibility and authority to ensure OH&S MS conforms to the ISO 45001:2017 standard

Assign responsibility and authority for reporting to top management the performance of the OH&S

5.4 Participation, consultation and representation

Process has been established to ensure effective participation and consultation by workers at all levels and functions of the organization

With the mechanisms, time and resources to participate in, at a minimum, the processes of the OH&S MS

With the mechanisms, time, training and resources necessary to be consulted in, at a minimum, the process of developing policy

With timely access to clear, understandable and relevant information about the OH&S management system

Identifying and removing obstacles or barriers to participation and minimizing those that cannot be removed

Encouraging timely reporting and response to work-related hazards, OH&S risks, OH&S opportunities, incidents and nonconformities

Ensure that relevant external interested parties are consulted, when appropriate, about matters pertinent to the OH&S management system

6 Planning

6.1 Actions to address risks and opportunities

6.1.1 General

Determine if organization has established, implemented and maintains a process and that its OH&S management system can achieve its intended outcomes, prevent (or reduce) undesired effects and achieve continual improvement

Has the organization determined risks related to hazards and opportunities

Has the organization determined risks and opportunities related to applicable legal and other requirements

Has the organization determined and assessed risk and opportunities related to the operation of the OH&S management system that can affect the achievement of the intended outcomes

Verify documented information

6.1.2 Hazard identification and assessment of OH&S risks

Verify process to determine and assess hazards and opportunities in the workplace and to workers that takes into account

Routine and non-routine activities and situations

Emergency situations

People (workers, contractors and visitors) who have access to or are in the vicinity of the workplace and their activities and for workers who perform work-related activities at a location not under direct control of the organization

Organization's operations and activities including the design of work areas, processes, etc., changes in knowledge of hazards, situations occurring in the vicinity of the workplace or not controlled by the organization

Actual or proposed changes in the organization, its operations, processes, activities and OH&S management system

Past incidents, internal or external to the organization, including emergencies, and their causes

Applicable legal and other requirements

Effectiveness of existing controls

Consideration of the hierarchy of controls

Opportunities to eliminate or reduce OH&S risks and to adapt work to workers

Verify documented information

6.1.3 Determination of legal and other requirements

Verify process to identify and have access to up-to-date legal and other requirements that are applicable to its OH&S risks and management system

Determine how to apply and meet these requirements

Verify maintained and retained documented information

Applicable legal and other requirements, ensuring this documented information is updated to reflect changes

To show how compliance with its applicable legal and other requirements is achieved

6.1.5 Planning to take action

Organization shall plan actions to address its risks and opportunities

Organization shall plan actions to address applicable legal and other requirements

Organization shall plan actions to prepare for, and respond to, emergency situations, how to integrate and implement the relevant actions, including the determination and application of controls, into the OH&S management system

Organization shall plan how to evaluate the effectiveness of these actions and respond accordingly

6.2 OH&S objectives and planning to achieve them

6.2.1 OH&S objectives

OH&S objectives determined at appropriate levels and take into account the organization's significant environmental aspects and associated compliance obligations

OH&S objectives shall be:

Consistent with the OH&S policy

Measurable (if practicable)

Take into account applicable legal and other requirements

Take into account the result of any consultation with workers

Monitored

Communicated

Updated as appropriate

Verify the organization considered best practices, technological options, financial, operational and business requirements

Verify the organization arranged for the participation of workers

Verify documented information

6.2.2 Planning actions to achieve OH&S objectives

Organization shall determine:

What will be done

What resources will be required

Who will be responsible

When it will be completed

How the results will be evaluated

How the actions to achieve OH&S objectives will be integrated into the organization's business processes

Verify retained documented information on the OH&S objectives and plans to achieve them

7 Support

7.1 Resources

Organization determined and provide needed resources

7.2 Competence

Organization shall determine necessary competence of person(s) doing work under its control that affects its OH&S performance

Organization shall ensure that person(s) are competent on the basis of education, training, qualification or experience

Organization shall, where applicable, take actions necessary to acquire the necessary competence, and evaluate the effectiveness of the actions taken

Verify organization retains appropriate documented information as evidence of competence

7.3 Awareness

People doing work under the organization's control are aware of

the OH&S policy

their contribution to the effectiveness of the OH&S management system, including the benefits of improved OH&S performance

the implications of not conforming with the OH&S management system requirements, including the consequences, actual or potential, of their work activities

information and lessons learned concerning relevant incidents

7.4 Information and communication

Verify internal and external communication process (what, when, with whom and how to communicate)

Verify how organization defines the intent to be achieved by informing and communicating, and shall evaluate whether the objectives have been met

Verify how the organization takes into account diversity (i.e language, culture, literacy, disability), where they exist, when considering its information and communication needs

Verify how it receives, maintains documented information on and responds to relevant communications

7.5 Documented information

Verify documented information is identified and described

Verify appropriate format (i.e language, software version, graphics) and media (i.e. paper, electronic)

Verify documented information is reviewed and approved

Verify documented information is available, suitable for use and is adequately protected

Verify documented information's distribution, access, retrieval and use

Verify documented information's storage and preservation

Verify retention and disposition

Verify access for workers

Verify control of changes

Verify documented information of external origin is identified and controlled

8 Operation

8.1 Operational planning and control

Determine organization has established operating criteria for the process(es)

Determine process controls that have been implemented

Verify processes to verify effective implementation of controls

Verify documented information about controls to have confidence that the processes have been carried out as planned

Verify covering situations where the absence of documented information could lead to deviations from the OH&S policy and the OH&S objectives

8.2 Management of change

Plan and manage temporary or permanent changes to the OH&S management system do not have a negative impact by

Verify process for implementation and control of planned changes.

Verify responsibilities and authorities for managing changes and their associated OH&S risks are identified

Verify the organization reviews the consequences of unintended changes and takes action to mitigate any adverse effects, if necessary

8.3 Outsourcing

Verify outsourced processes affecting its OH&S management system are controlled

8.4 Procurement

Verify controls for procurement, i.e. products, hazardous materials or substances, raw materials, equipment or services, conform to its OH&S management system

8.5 Contractors

Verify the organization's process to identify and communicate on the hazards, and to evaluate and control the OH&S risks, arising from the:

Verify process where the requirements of the OH&S management system, or at least the equivalent, are met by the contractors and their workers (including criteria for selection of contractors)

Verify process for coordinating relevant portions of the OH&S management system with other organizations for multi-employer workplaces

8.6 Emergency preparedness and response

Verify the organization has established, implemented and maintained a process(es) for potential emergency situations

Organization shall take into account at all stages of the process the needs and capabilities of relevant interested parties and ensure their involvement

Verify documented information

9 Performance evaluation

9.1 Monitoring, measurement, analysis and evaluation

Verify organization is monitoring and measuring its operations with identified hazards and OH&S risks and opportunities, operational controls and progress towards meeting OH&S objectives

Verify that calibrated or verified monitoring and measurement equipment is used and maintained, as appropriate

Determine what criteria against which the organization evaluates its OH&S performance

Verify how the organization analyzes, evaluates and communicates results

Verify when the monitoring and measuring shall be performed

Verify workers participate in these activities

Verify organization evaluates OH&S performance, determines the effectiveness of the OH&S management system and uses information during its evaluations

Verify process for evaluating compliance with applicable legal requirements and other requirements to which the organization subscribes

Verify how the organization determines frequency and method(s) by which compliance will be evaluated, evaluates compliance and takes action, if necessary, and how it maintains knowledge and understanding of its status of conforming with legal and other requirements

Review retained appropriate documented information

9.2 Internal audit

Verify audits are conducted at planned intervals

Verify organization has established, implemented, and maintains an internal audit program

Verify the importance of the environmental process, changes affecting the organization and the results of previous audits are considered

Verify audit criteria and scope are created for each audit

Auditors are objective and impartial

Audit results reported to relevant management

Review retained documented information

9.3 Management review

Verify management reviews EMS at planned intervals

Verify management review includes:

status of actions from previous management reviews

changes in external and internal issues relevant to the OH&S management system

changes in applicable legal and other requirements

changes in the organization's OH&S risks, risks and opportunities

the extent to which OH&S policy and objectives have been met

information on the organization's OH&S performance, including trends in

incidents, nonconformities, continual improvement and corrective actions

worker participation and consultation

monitoring and measurement results

audit results

results of evaluation of compliance

OH&S risks, risks and opportunities

relevant communication(s) from interested parties

opportunities for continual improvement

adequacy of resources

Outputs of management review shall include:

conclusions on the continuing suitability, adequacy and effectiveness of the OH&S management system

decisions related to continual improvement opportunities

decisions related to any need for changes to the OH&S management system, including resources needs

actions, if needed, when OH&S objectives have not been achieved

any implications for the strategic direction of the organization

Verify outputs of management review are communicated to its workers

Verify retained documented information

10 Improvement

10.1 Incident, nonconformity and corrective action

Verify how organization reacts to and incident or nonconformity by evaluating actions taken to control and correct it and how the organization deals with the consequences

Determine what actions are taken to prevent nonconformity from recurring

Verify participation of workers in the determination of root causes

Verify implemented actions and their effectiveness

Verify retained documented information that provides evidence of the nature of the nonconformity and any subsequent actions taken and the results of any corrective actions

Verify documented information communicated to relevant workers and relevant interested parties

10.2 Continual improvement

Verify process of how the organization continually improves

Verify workers are consulted in continual improvement process

Verify results of continual improvement is communicated to its workers

Verify retained documented information