AUDIT CHECKLIST : ISO 45001: 2018

Compliance
Clause Requirement Yes No Comments
No
4 Context of the organization

4.1 Understanding the organization and its context Yes External and internal issues are
1. Are the external issues of the organization determined? stated in clause 4.1 of the OHSMS
Manual. The determined issues are
2. Are the internal issues of the organization determined? to be verified (during Stage 2
audit).
4.2 Understanding the needs and expectations of workers and other interested Yes Clause 4.1 of the OHSMS Manual
parties refers; to be verified.
1. Who for the organization are interested parties that are relevant to the OH&S
Management System? Annexure I indicates applicable
2. What are the needs and expectations of workers? legal requirements.
3. What are the needs and expectations of other interested parties?
4. Are the needs and expectations related to a) legal requirements and b) other
requirements determined?

4.3 Determining the scope of the OH&S management system Yes Section 2 of the OHSMS Manual
Has the organization determined the boundaries and applicability of the OHSMS to refers
establish its scope?
Has the organization effectively considered the following prior to determining the
scope of the OHSMS?
The extent of organization’s control and influence, context, external and internal
issues, compliance obligations, physical and functional boundaries, activities,
products and services?
Has the organization made its scope available to all interested parties as
documented information?
4.4 OH&S management system Yes Clause 3 of the OHSMS Manual
Has the organization implemented and maintained an OHSMS, including all (partial) indicates the processes involved;
required processes and their interactions, in accordance with the requirements of interactions of the processes NOT
ISO 45001? evidenced.
 5 Leadership and worker participation

5.1 Leadership and commitment Yes Addressed in clause 8.3 of the Manual.
How is it evident that Top Management is committed to OHSMS and shows (partly) Policy and objectives are indicated in
leadership? clause 5 and clause 7 respectively.
a) Is top management demonstrating accountability for the effectiveness of Availability of resources is indicated in
the prevention of work-related injury and ill health as well as the provision clause 8.1 of the Manual.
of safe and healthy as well as the provision of safe and healthy workplaces Communication is addressed in clause
and activities; 8.3. Achieving intended outcomes is
b) Are the OH&S policy and objectives established, and compatible with the addressed in clauses 4.1, 9.4 and 9.5
strategic direction? of the Manual. Continual improvement
c) Does top management ensure that the OHSMS requirements are is addressed in 9.3. Top management
integrated into the organization’s business processes? accountability is addressed in clause
d) Does top management ensure the availability of resources needed for the 8.3. etc.
OHSMS?
e) Does top management communicate the importance of effective OH&S
management and of conforming to the OH&S requirements?
f) Does top management ensure that the OHSMS achieves its intended
outcome(s)?
g) Does top management direct and support persons to contribute to the
effectiveness of the OHSMS?
h) Does top management promote continual improvement?
i) Does top management support other relevant management roles to
demonstrate their leadership in their areas of responsibility, when
applicable?
j) Does top management develop, lead and promote a culture in the
organization that supports the intended outcomes of the OHSMS?
k) Does top management protect workers from reprisals when reporting
incidents, hazards, risks and opportunities?
l) How does top management establish and implement a process(es) for
consultation and participation of workers?
m) How does top management support the functioning of health and safety
committees?
5.2 OH&S Policy Clause 5 documents the OH&S policy
a) Does the policy include a commitment to provide safe and healthy working
conditions for the prevention of work-related injury and ill health and is No
appropriate to the purpose, size and context of the organization and to the
specific nature of its OH&S risks and OH&S opportunities?
b) Does the policy provide a framework for setting OH&S objectives? Yes
c) Does the policy include a commitment to fulfil legal requirements and other No
requirements?
d) Does the policy include a commitment to eliminate hazards and reduce No
OH&S risks?
e) Does the policy include a commitment to continual improvement of the No
OHSMS?
f) Does the policy includes a commitment to consultation and participation of No
workers, and, where they exist, workers’ representatives?
Is the OH&S policy-
- Documented? Yes
- Communicated? Yes
- Available to interested parties? Yes
- Relevant and appropriate? Yes
5.3 Organizational roles, responsibilities and authorities Yes Clauses 8.1.1 and 8.1.1 b) refer.
In order to facilitate effective OH&S management, does the top management
ensure that the roles and their relevant responsibilities and authorities are
assigned and communicated within the organization to ensure that;
a) OH&S conforms to the requirements of the ISO 45001:2017 standard?
b) Performance of the OHSMS is reported to top management?
5.4 Consultation and participation of workers Yes Clauses 8.3.3, 8.3, 9.4, 9.3, 6.1, 8.5
a. What mechanisms (format) are used for consultation and participation of and 9.3 refer.
workers?
b. How the relevant information is accessed and understood about the OH&S
management system?
c. How are the obstacles been determined and removed and how are the
obstacles minimized that cannot be removed?
d. How workers are consulted? [on each of the following issues]
1. determining the needs and expectations of interested parties
2. establishing the OH&S policy
 3.
assigning organizational roles, responsibilities and authorities as applicable
4.
determining how to fulfil legal requirements and other requirements
5.
establishing OH&S objectives and planning to achieve them
6.
determining applicable controls for outsourcing, procurement and
contractors
7. determining what needs to be monitored, measured and evaluated
8. planning, establishing, implementing and maintaining an audit program
9. establishing a continual improvement process
e. How to ensure the participation of workers? [in the following tasks]:
1. determining the mechanisms for their consultation and participation
2. hazard identification and assessment of risks and opportunities
3. actions to eliminate hazards and reduce OH&S risks
4. identification of competency requirements, training needs, training and
evaluation of training
5. determining what needs to be communicated and how this shall be done
6. determining control measures and their effective implementation and use
7. Investigating incidents and nonconformities and determining corrective
actions.
6 Planning

6.1 Actions to address risks and opportunities

6.1.1 General

What process has been developed to identify risks and opportunities? Yes Clauses 6.1 and 6.1.1 refer.
Is it evident that the organization has considered its context, relevant requirements
of their relevant interested parties and their defined scope when planning for the
OHSMS?
Does the organization maintain documented information on its risks and
opportunities, and are the processes needed, documented to the extent necessary
to be sure they are carried out as planned?
Has the organization determined the risks and opportunities that need to be
addressed to:
 give assurance that the OHSMS can achieve its intended outcome(s)?
 prevent, or reduce, undesired effects, including the potential for external
 conditions to affect the organization?
 achieve continual improvement?
6.1.2 Hazard identification and assessment of risks and opportunities Yes Clause 6.1.1 refers.
Has the organization established, implemented and maintain a process(es) for
hazard identification that is ongoing and proactive?
Processes shall consider each of the following:
a) Organization of work, social factors (including workload, work hours,
victimization, harassment and bullying), leadership and the culture in the
organization;
b) Routine and non-routine activities and situations, including hazards arising
from:
1) infrastructure, equipment, materials, substances and the physical
conditions of the workplace;
2) products and services design, research, development, testing, production,
assembly, construction, service delivery, maintenance and disposal;
3) human factors;
4) how the work is performed;
c) past relevant incidents, internal or external to the organization, including
emergencies, and their causes;
d) potential emergency situations;
e) people, including consideration of:
1) those with access to the workplace and their activities, including workers,
contractors, visitors and other persons;
2) those in the vicinity of the workplace who can be affected by the activities
of the organization;
3) workers at a location not under the direct control of the organization;
f) other issues, including consideration of:
1) the design of work areas, processes, installations, machinery/equipment,
operating procedures and work organization, including their adaption to
the needs and capabilities of the workers involved;
2) situations occurring in the vicinity of the workplace caused by work-
related activities under the control of the organization;
3) situations not controlled by the organization and occurring in the vicinity
of the workplace that can cause injury and ill health to persons in the
workplace;
 g) actual or proposed changes in organization, operations, processes, activities
and OH&S management system
h) changes in knowledge of, and information about, hazards.
6.1.2.2 Assessment of OH&S risks and other risks to the OH&S management system Yes Clause 6.1.1 refers
a. Is a process provided to assess OH&S risks from hazards and effectiveness
of controls;
b. Is a process provided to determine and assess the other risks related to
establishment, implementation, operation and maintenance of the OHSMS ?
c. Are methodology and criteria for assessment of OH&S risks defined ?
d. Is necessary documented information maintained/retained ?

6.1.2.3 Assessment of OH&S opportunities and other opportunities to the OH&S No Not evidenced.
management system
Does the organization establish, implement and maintain process(es) to assess:
a. OH&S opportunities to enhance OH&S performance, while taking into
account planned changes to the organization, its policies, processes or its
activities and:
1. Opportunities to adapt work, work organization and work
environment to workers;
2. Opportunities to eliminate hazards and reduce OH&S risks;
b. Other opportunities for improving the OH&S management system.
6.1.3 Determination of legal requirements and other requirements Yes Clause 6.2 and Annexure I
a. Does the organization determine and have access to the up-to-date legal refer.
requirements and other requirements that are applicable to its hazards,
OH&S risks and OH&S management system?
b. Does the organization determine how its legal and other requirements
apply to the organization? Is it been determined that what requirements are
required are to be communicated?
c. Does the organization take its legal and other requirements into account
when establishing, implementing, maintaining and continually improving its
OH&S management system?
Does the organization maintain documented information of its legal and other
requirements? How is it been ensured that the requirements are updated?
6.1.4 Planning action Yes Clauses 6, 6.2 and 8.6 refer.
Has the organization planned to:
 a) Take actions to address these?
 Risks and opportunities,
 Legal and other requirements,
 Emergency preparedness and response plans.
b-1) Integrate and implement the actions into its OH&S management system
processes or other business processes?
b-2) Evaluate the effectiveness of these actions?

When planning these actions, does the organization consider its technological
options and its financial, operational and business requirements?
6.2 OH&S objectives and planning to achieve them

6.2.1 OH&S objectives Yes Clause 7 of the Manual refers.

Has the organization established OH&S objectives at relevant functions and
levels?
a. Are the OH&S objectives consistent with the OH&S policy?
b. Are the OH&S objectives measurable or capable of performance
evaluation?
c. Has the organization taken into account below issues when establishing
OH&S objectives?
- applicable requirements
- the results of the assessment of risks and opportunities
- the results of consultation with workers and, where they exist, workers
representatives
d. Are the OH&S objectives measurable?
e. Are the objectives communicated?
f. Are the objectives updated as appropriate?
6.2.2 Planning actions to achieve OH&S objectives Clause 7 of the Manual refers.
Has the organization determined below information in its planning to achieve its Yes
OH&S objectives?
a) the activities that will be conducted
b) the required resources for those activities
c) the responsibilities of persons
d) the time frame for these activities to be completed
e) How the results will be evaluated? For those measurable OH&S objectives;
 what indicators will be used for monitoring progress?
f)
Does the organization consider how the actions to achieve OH&S
objectives can be integrated into the organization’s business processes?
Does the organization retain documented information on the OH&S objectives?
7 Support

7.1 Resources Yes Clause 8.1 refers

Has the organization determined and provided the resources needed for the
establishment, implementation, maintenance and continual improvement of the
OHSMS?
7.2 Competence Yes Clause 8.2 refers.
a) How does the organization determine the necessary competence of
workers doing work under its control that affect its OH&S performance?
b) How does the organization ensure that persons doing the job are
competent? What is the basis for their competency? (e.g. appropriate
education, training, or experience)
c) How does the organization take actions to acquire the necessary
competence, and evaluate the effectiveness of the actions taken (where
applicable)?
d) Has the organization retained appropriate documented information as
evidence of competence?
7.3 Awareness Yes Clause 8.2 refers.
Are the persons doing work under the organization’s control aware of the
- organization’s OH&S policy and OH&S objectivesthat are relevant to them
- how they are contributing to the effectiveness of the OHS management
system
- whatare the implications and potential consequences of not conforming to
OH&S management system requirements?
- incidents and the outcomes of investigations that are relevant to them
- hazards, OH&S risks and actions determined that are relevant to them
- the ability to remove themselves from work situations that they consider
present an imminent and serious danger for their life or health, as well as
the arrangements for protecting them from undue consequences for doing
so.
 7.4 Communication

7.4.1 General Yes Clause 8.3 refers.

Does the organization plan and implement a process for internal and external
communications relevant to the OHSMS, including:
- on what it will communicate,
- when it will communicate,
- with whom it will communicate and
- how it will communicate?
- Are diversity aspects considered in establishing the organization’s
communication needs?
How does the organization consider views of external interested parties when
establishing communication process(es)?
Are the following taken into consideration while establishment of communication
process(es):
- take into account its legal and other requirements
- ensure that OH&S information to be communicated is consistent with
information generated within the OH&S management system, and is
reliable.
7.4.2 Internal Communication Yes Clause 8.3.2 refers.
a) Is there any process to communicate OHSMS related information (including
updates and changes) to all functions and various levels of the
organization?
b) Are the persons doing work under organization’s control able to contribute
to the OHSMS and its continual improvement?
7.4.3 External Communication Yes Clause 8.3.2 refers.
Has the organization established a process to externally communicate information
relevant to the OHSMS?
7.5 Documented Information

7.5.1 General Yes Clause 8.4 of the Manual refers.

Does the organization’s OHSMS include:
- all documented information required by the ISO 45001:2018 standard,
- and the information determined by the organization itself as necessary for
the effectiveness of the OHSMS?
7.5.2 Creating and updating Yes Clause 8.4.1 refers.
When creating and updating documented information, does the organization
ensure that
- it is appropriately identified and described (e.g. title, date, author, reference
number),
- is in an appropriate format (e.g. language, software version, graphics) and
on appropriate media (e.g. paper, electronic)?
- the documented information is being reviewed and approved for suitability
and adequacy?
7.5.3 Control of documented information Yes Clause 8.4.1 refers.
Is the above mentioned documented information (please see 7.5.1.) controlled in
order to ensure that it is available where needed and that it is suitable for use?
Is it adequately protected against improper use, loss of integrity and loss of
confidentiality?
For the control of documented information;
- Does the organization address distribution, access, retrieval and use
of documented information?
- Is there a process for control of changes (version control), storage and
preservation (including preservation of legibility), retention and
disposition of documented information?
Has the organization identified and established controls for any documented
information of external origin that it considers necessary for the planning and
operation of the organizations’ OHSMS?
8 Operation

8.1 Operational Planning and control Yes Clause 8.5 refers.

In order to meet requirements of EMS and to address the issues determined in 6.1
and 6.2;
Does the organization plan, implement and control any processes?
- Any criteria are established for the processes?
- In accordance with the above criteria, are controls implemented on the
processes?
- Does the organization maintain and retain documented information to the
extent necessary to have confidence that the processes have been carries out
as planned?
 - Adapted work to workers?

How does the organization coordinate the relevant parts of the OH&S
management system with other organizations for multi-employer workplaces?
8.1.2 Eliminating hazards and reducing OH&S risks No Not addressed.
How does the organization establish, implement and maintain a process(es) for the
elimination of hazards and reduction of OH&S risks using the following ‘hierarchy
of control’:
a) eliminate the hazard;
b) substitute with less hazardous processes, operations, materials or equipment;
c) use engineering controls and reorganization of work;
d) use administrative controls, including training;
e) use adequate personal protective equipment.
8.1.3 Management of change No Not evidenced.
Does the established processes for implementation and control of planned
temporary and permanent changes (that can impact OH&S performance) include:
a) new products, services and processes, or changes to existing products,
services and processes, including:
- workplace locations and surroundings;
- work organization;
- working conditions;
- equipment;
- work force;
b) changes to legal requirements and other requirements;
c) changes in knowledge or information about hazards and OH&S risks;
d) developments in knowledge and technology.

Does the organization review the consequences of unintended changes?

8.1.4 Procurement

8.1.4.1 General No Not evidenced.

Are the processes been established, implemented and maintained to control the
procurement of products and services in order to ensure their conformity to its
OH&S management system?
8.1.4.2 Contractors No Not evidenced.
Does the organization coordinate its procurement process(es) with the contractors,
to identify hazards and to assess and control the OH&S risks, arising from the
following:
a) contractors’ activities and operations that impact the organization;
b) organization’s activities and operations that impact the contractors’ workers;
c) contractors’ activities and operations that impact other interested parties in the
workplace.
How does the organization ensure that the requirements of its OH&SMS are met
by contractors and their workers?
Does the procurement process define the occupational health and safety criteria
for the selection of contractors?
8.1.4.3 Outsourcing No Not evidenced.
1. Are the Outsourced processes in scope of the OH&S Management System?
If YES:
2. How Outsourced processes are controlled?
8.2 Emergency preparedness and response Yes Clause 8.6 refers.
Has the organization established, implemented and maintained any processes
specifying how it will respond to potential environmental emergency situations and
potential accidents?
a) Is the response plan prepared to emergency situation? Does it include
provision of first aid?
b) Does the organization provide training for planned response?
c) Are these planned response action being tested periodically (when
practicable)?
d) Are these processes being reviewed and revised periodically? How about
after emergency situations or tests?
e) Does the organization communicate and provide relevant information to all
workers on their duties and responsibilities?
f) Are the relevant information communicated to the contractors, visitors,
emergency response services, government authorities and the appropriate
local community?
g) Does the organization take into account the needs and capabilities of all
relevant interested parties and ensure their involvement in the development
of planned response as per their appropriateness?
 Does the organization maintain and retain documented information on the
processes and plans for responding to potential emergency situations?
9 Performance Evaluation

9.1 Monitoring, measurement, analysis and performance evaluation

9.1.1 General

Is the organization monitoring, measuring, analyzing, and evaluating its OHSMS Yes Clause 9.1 refers
performance?
a) Has the organization determined what to monitor and measure?
b) In order to ensure valid results; has the organization determined the
methods for its monitoring, measurement, analysis and evaluation, as
applicable?
c) Are there any criteria determined by organization against which, it will
evaluate its OH&S performance, using appropriate indicators?
d) Has the organization determined when monitoring and measuring shall be
performed?
e) Is it determined when the organization shall analyze and evaluate the
results from monitoring and measurement?
Does the organization ensure that the equipment used for its monitoring and
measurement are calibrated, verified and maintained as appropriate?
Does the organization evaluate its OH&S performance and the effectiveness of the
OHSMS?
Does the organization retain appropriate documented information as evidence of
the monitoring, measurement, analysis and evaluation results?
Is the information relevant to organization’s OH&S performance being
communicated both internally and externally, as determined by organization’s
communication process and as required by its legal and other requirements?
9.1.2 Evaluation of compliance Yes Clause 9.2 refers.
Has the organization established, implemented and maintained any processes for
evaluating compliance with legal requirements and other requirements?
a) Is the frequency and method determined for the evaluation of compliance?
b) Do you evaluate compliance and what actions are taken if required?
c) How does organization maintain its knowledge and understanding of its
compliance status with legal requirements and other requirements?
d) How does organization retain documented information of the compliance
evaluation result(s)?
9.2 Internal Audit

9.2.1 General Clause 9.4 refers.

Does the organization conduct internal audits at planned intervals to provide Yes
information on whether the OHSMS;
a) Conforms to the organization’s own requirements for its OHSMS and the
requirements of ISO 45001:2017?
b) Is effectively implemented and maintained?
9.2.2 Internal Audit Yes Clause 9.4 refers.
Has the organization planned, established, implemented and maintained audit
program(s), to include the frequency, methods, responsibilities, planning
requirements and reporting of the audits?
Does the organization’s internal audit program take into consideration the
environmental importance of processes concerned, changes affecting the
organization, and the results of previous audits?
a) Are the audit criteria and scope defined for each audit?
b) Are the objectivity and the impartiality of the audit process ensured during
the auditors’ selection and conducting audits?
c) Are the results of the audits reported to relevant management?
Are the audit results and other evidence of the implementation of the audit
program retained as documented information by organization?
9.3 Management Review Yes Clause 9.5 refers.
Has the top management reviewed the organization's OHSMS, at planned
intervals, to ensure its continuing suitability, adequacy and effectiveness?
a) Is the status of actions from previous management reviews considered
during management review?
 b) Does the management review consider the changes in:
- external and internal issues that are relevant to the OHSMS?
- legal and other requirements?
- risks and opportunities?
c) Does the management review consider the extent to which objectives have
been met?
d) Does the management review consider the information on the
organization’s environmental performance, including trends in:
- Incidents, nonconformities, corrective actions and continual
improvement?
- monitoring and measurement results?
- resultsof evaluation of compliance with legal requirements and other
requirements?
- audit results?
- consultation and participation of workers?
- risks and opportunities?
e) Is adequacy of resources considered in the management review?
f) Are the communications from interested parties considered in the
management review? Does it also include complaints?
g) Does the management review consider opportunities for continual
improvement?

Do the outputs of the management review include:

- conclusions on the continuing suitability, adequacy and effectiveness
of the OHSMS?
- decisions related to continual improvement opportunities?
- decisions on any need for changes to the OH&S management system,
including resource needs?
- actions if needed, when objectives have not been met?
- opportunities to improve integration of the OH&S management system
with other business processes, if needed
- any implications for the strategic direction of the organization?

Does the organization retain documented information as evidence of the results of

management reviews?
 10 Improvement

10.1 General Yes Clause 9.3 refers.

Has the organization identified the improvement opportunities and taken necessary
actions that will better enable the organization to achieve the intended outcome of
its OHSMS?
10.2 Incident, nonconformity and corrective action Clause 9.3 refers.
a) Does the organization react to any occurred nonconformity and, as Yes
applicable:
- take immediate action to control and correct it?
- deal with the consequences, mitigate adverse environmental
impacts?
b) In order that the nonconformity does not recur or occur elsewhere; has the
organization evaluated the need for any action to eliminate the causes of
the nonconformity by means of:
- reviewing the nonconformity?
- determining the causes of the nonconformity?
- determining if similar nonconformities exist, or could potentially
occur?
c) Are corrective actions determined and implemented as needed?
d) Does the organization review the effectiveness of any corrective action
taken?
e) Does the organization make changes to the environmental management
system, if necessary?
Are corrective actions appropriate to the significance of the effects of the
nonconformities encountered, including the environmental impact(s)?

Does the organization retain documented information as evidence of:

- the nature of the nonconformities and any subsequent actions taken
- the results of any corrective action?
10.3 Continual Improvement Yes Clause 9.3 refers.
Does the organization continually improve the suitability, adequacy and
effectiveness of the OHSMS to enhance OH&S performance?