ISO 45001 Checklist
Why do you need an ISO 45001 checklist?
ISO 45001 is an occupational health and safety standard which has been 'the' standard in a number of countries for many years.
However, some of the biggest and most industrialised countries including the United States have only recently shifted to the ISO standard - transitioning from the OHSAS 18001.
Without a checklist, it's incredibly easy to overlook key elements of the ISO standard and fail an audit. With a few good checklists and a good understanding of what the ISO is about, you will be in a great position to gain and maintain your ISO certification.
We'll take a look at a couple of the most common ISO 45001 checklists below. You can find many different ISO 45001 checklists on the internet, or from certifiers and consultants. The exact contents and structure of the checklist may vary, but there are a number of common elements and threads which need to be thought about and covered.
At the moment, many companies are focused on shifting their management system and processes to the ISO, which makes the first 'ISO 45001 gap analysis checklist' very important for many of you.
Most companies also rely on an ISO 45001 internal checklist before setting up the formal audit, to ensure they are well prepared and don't waste time with easily rectifiable issues and multiple (failed) audits.
ISO 45001 gap analysis checklist
Gap analysis checklists serve a critical role in almost any transition. When moving from something to something else, it's important to take stock of what is, and draw a direct line to what needs to be.
This is the role of the ISO 45001 gap analysis checklist.
The ISO 45001 checklist below factors in most transitory elements, but the extent of the checklist and checklist items does of course depend on the current state of your occupational health and safety processes and procedures.
Some of the checklist items are new to the ISO standard while others will expand and supplement what you already have in place.
A company with clearly defined and extensive systems and processes in place will likely find it much easier to follow a gap analysis checklist like this.
|Checklist item||Ready||Not ready|
|Have the OH&S-related internal and external factors and conditions been identified that could affect, or be affected by, your organisation?||✅|
|Have the significant risks and opportunities been identified?||✅|
|Have you taken the OH & SMS needs into account of the people who might be affected by your activities and what their relevant and significant interests might be||✅|
|Is “top management” engaged & leading OH&S, rather than delegating to someone further down your organisation?||✅|
|Are workers being involved directly to protect, improve performance, and support the OH&S system?||✅|
|Does the written policy statement emphasise communication and participation of workers, across the organization; commit to “satisfy” legal and other requirements; commit to the hierarchy of controls to OH&S risks?||✅|
|Can you demonstrate the participation of nonmanagerial employees in OH&S management, including incident investigations, risk assessments, control and monitoring activities and internal auditing?||✅|
|Are objectives compatible with the policy statement, OH&S risks and opportunities, business context and adequately resourced? - Objectives and plans to achieve them must be documented. There should be a record of who is responsible, agreed timings, measures in place to establish progress and whether they have been achieved.||✅|
|Can you demonstrate documented evidence of competence. Documented evidence that the effectiveness of training has been checked?||✅|
|Are workers aware of policy requirements, hazards & risks relevant to them and their part in the OH&S performance, including results of relevant incident investigations?||✅|
|Have controls for hazards and risk controls been planned and included in operational controls and do these allow for capabilities of the workforce?||✅|
|Is the hierarchy of OH&S controls correctly applied?||✅|
|When changes to the operation are planned, is the effect on the O&HMS considered?||✅|
|Are OH&S implications controlled as part of the purchasing process? OH&S controls relevant to the purchase of goods and materials||✅|
|Do emergency plans take the needs of relevant third parties into account and are they tested periodically? Are emergency drills evaluated and learned from?|
|Can you demonstrate that there is a process in place? Monitoring, measurement, analysis and evaluation of OH&S metrics must take into account business context, relevant third parties, policy risks, opportunities and objectives||✅|
|Are workers included in the audit process?||✅|
|Is there an added emphasis on improvement and communications based on risks, opportunities and system effectiveness?||✅|
|When corrective action has been completed, your organisation considers whether further action is required to prevent a similar incident or nonconformity occurring in future?||✅|
ISO 45001 internal audit checklist
Once you are satisfied with your ISO 45001 gap analysis checklist, and have successfully covered your gaps, it's time to get in the head of the ISO auditors and certifiers and use an ISO 45001 internal audit checklist.
It's much better to fail your own internal audit, because that comes with very little cost. Internal audits are very common in H&S focused industries like construction, mining and oil and gas, because a few crosses on your own checklist mean a few less crosses on a formal audit.
Ideally, your ISO 45001 internal audit checklist is as similar to the auditors checklist and frameworks as possible. This obviously gives you the best chance of success. But it's also important to see your ISO 45001 as bigger than simply 'passing the test'.
The scope of your own checklist is ideally broader than the formal audit. A more extensive internal checklist results in an over-investment on your health and safety systems and processes.
A higher upfront investment and deeper commitment to really getting everything in order will not only enable you to pass and gain your certification but will also result in you outperforming the ISO norms from a health and safety perspective which will have a positive impact on many aspects of your organisation.
Let's take a look at a 'normal' ISO 45001 internal audit checklist below.
|Checklist item||Ready||Not ready|
|Context of the organisation|
|Have you outlined the Health and Safety issues, both internal and external, which are relevant to your organisation?||✅|
|Do you understand which parties have an impact on your system?||✅|
|Does your system address (i) needs and expectations of multiple parties, (ii) objectives and (iii) products & services?||✅|
|Have you outlined and integrated the steps required to implement the ISO 45001 Standard into your day-to-day practices and processes?||✅|
|Have you considered and hypotheised how you will need to change the ISO 45001 Management System over time - and how you will adapt to those changes?||✅|
|Have you clearly set out the processes you need to meet the requirements of the Standard?||✅|
|Have you coordinated your operations with contractors and 3rd parties so that you can manage any risks arising from their work?||✅|
|Will your top management play a leading role in moving the organisation towards achieving your ISO 45001 Management System?||✅|
|Is there a reliable framework in place for clearly communicating your objectives at all levels of the organisation?||✅|
|Support - Internal and external suppoort|
|Do you understand what resources you need to make implementation and maintenance of the system a success? Are these resources purely internal or are some attached to a specialist 3rd party?||✅|
|Is training and ongoing support in place for all individuals who may impact on the system?||✅|
|Performance evaluation and continuous improvement|
|Do you understand what you need to monitor and measure? Do you have the systems in place to do this effectively?||✅|
|Do you know when you need to analyse and evaluate any results?||✅|
|Have you identified the key areas for improvement or safety KPIs that focus on you meeting your OH&S goals?||✅|
|Do you have a reliable process in place for measuring and escalating any non-conformities?||✅|
Going beyond the checklist into implementation
As is clear by the contents of this article, as well as by the ubiquity of checklists, they are a very useful tool for preparing for and conducting activities.
But like all things, checklists also have their limitations.
A checklist guides you through a series of checks, it doesn't actually provide the systems and tools behind the checks.
There are two main elements to the safety management system which enables ISO 45001 certification:
- The procedures and documents in place to ensure that the processes a company and its workers follow are in-line with the health and safety standard
- The tools and systems behind the documents and procedures which enable these processes to be engaged with and followed (easily)
A great example of this is in hazard identification. Hazard identification is an important part of the shift from OHSAS to ISO because it speaks to the more proactive requirements of the new standard. It's not okay to simply report incidents well, it's important to reduce incidents through better hazard identification.
While a company may have a strict requirement for hazard identification, workers on site may find it impossible to report hazards in this way if they have to rely on pen and paper. A hazard or incident might need to be reported in a certain amount of time, but physical distances and work may get in the way of this.
Of course, this is where tools and systems become the key part of a safety management system. If the workers could access the entire safety management system from their mobile device, then they could report an incident or hazard right away, and it could notify management right away.
These new softwares and apps aren't just about digitising paper, they are about accessibility, speed, and enabling more effective procedures too.
Companies like Sitemate provide companies like yours with technologies capable of really streamlining and easing the transition to better systems and better ISO attainment.
They also have the context of how other companies have moved towards and maintained ISO accreditation, which means less time spent on ISO 45001 checklists, and more time spent on getting the most effective systems in place for your ISO endeavours and your normal operations as well.
Hopefully these ISO 45001 checklists are enough for you to assess your current management system and develop what is required to meet the new standard. If not, or if you want to expedite your ISO efforts ahead of the OHSAS 18001 deadline - then learn more about a transition service below.