[Insert Your Company Name]

ISO 45001:2018 Clause-Wise Audit Questionnaire

ISO
45001:2018 Requirements
Clause

4. Context of the Organization

4.1 Understanding the organization and its context
Have you determined external and internal issues in the OH&S management
1)
system (OH&S)?
Are these issues relevant to its purpose and ability to achieve intended outcome
2)
of OH&S?
Have you considered the context of the organization’s overall business activities
3)
and issues, and OH&S conditions affected by your activities?
Understanding the needs and expectations of workers and other interested
4.2
parties
How many interested parties are identified by you? Are they relevant to your
1.
OH&S management system?
What are the needs and expectations of interested parties from OH&S
2. management system? What procedure or process is followed to understand
interested parties’ requirements?
Have you defined which of these needs and expectations include compliance
3.
obligations?
4.3 Determining the scope of the OH&S management system
Have you determined the boundaries and applicability of the OH&S management
system?
How have you defined the scope of OH&S management system?
Have you determined and documented the scope of the organization considering below
details?
a) External and internal issues.
b) Compliance obligations.
c) Organizational unit, function and physical boundaries.
d) Activities, product and services, authority and ability to exercise control.
e) Authority an ability to exercise control and influence.
Have you covered all your activities, products and services of the scope in your OH&S
management system? Have you identified hazard-risk and risk for all such areas?
4.4 OH&S management system
Have you established and implemented OH&S in accordance with ISO 45001:2018?
How do you establish the OH&S?
How do you maintain OH&S in your organization? What kind of documentation structure
is made by you?
How do you bring continual improvement in OH&S management system in accordance
with this international standard?

Page 1 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

5. Leadership and workers’ participation

5.1 Leadership and Commitment
How does the Top Management demonstrate leadership and commitment for OH&S?
Does the Top Management has signed and established an OH&S policy and objectives?
Is he active in formulation of OH&S policy and objectives? Are the OH&S objectives in
line with strategic direction of the organization?
How do you ensure the integration of the OH&S management system requirements with
the organization processes?
How do you ensure that the resources related to OH&S management system (OH&S)
are available? If any resources are lacking then whom do you contact? What is a formal
process for getting approval of resources? How do you carry out capacity planning and
budget approval to get management approval for resources related to OH&S
management system?
How do you communicate the importance of effective OH&S management system
implementation and its benefits? What is the method followed for communication? Is it
documented?
How do you ensure OH&S achieves its intended outcome?
How many people are directing and supporting to contribute to the effectiveness of
OH&S system? Have you defined related OH&S Supporting Team?
How do you promote continual improvement?
What are the roles of the other areas of management? How do you support and
demonstrate leadership for OH&S? How do you demonstrate your leadership and
commitment for ISO 45001:2018 OH&S system?
5.2 OH&S Policy
Have you established an OH&S policy?
Is OH&S policy appropriate to the purpose and context of organization?
Who has defined the organization's OH&S policy?

Does OH&S policy include the framework for setting up the OH&S objectives? Where
have you documented OH&S objectives?

Have you included the commitment for protection of the OH&S, including prevention of
pollution, compliance obligation and other specific commitment in the OH&S policy?

How do you track the continual improvements? What benefits are achieved by you by
implementing this ISO 45001:2018 standards?
How do you communicate OH&S policy within the organization? (Interview few persons
to ensure it is understood and applied.)
Have you prepared OH&S policy and kept it on notice board? Is it available as
documented information for all the employees and interested parties? How is it made

Page 2 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

available?
How do you provide the OH&S policy to the interested parties?
5.3 Organizational roles, responsibilities and authorities
Have you assigned and communicated job description, including responsibilities and
authorities for roles relevant to OH&S? How?
In the job description, have you clearly defined the authorities and responsibilities of all
concerned persons for how they contribute to meet the requirements of ISO
45001:2018- standard? Is the clarity of roles are defined in job description to avoid
conflict?
Have you defined responsibilities and authorities for reporting performance of the OH&S
within organization? Do you report the performance of the OH&S management system
to the top management? How it is reported and who is responsible?
Who has to ensure provision of resources for implementation of OH&S management
system? Which resources are required to include?
Who is appointed as a Management Appointee? What are the defined roles,
responsibilities and authority for the Management Appointee?
5.4 Consultation and participation of workers
Have you established, implemented and maintained a process for consultation and
participation of workers at all applicable levels in the organization?
What are the methods for consultation and participation of workers?
In which area you emphasize the workers for consultation?
In which area you emphasize the workers for participation?
6. Planning
6.1 Action to address risks and opportunities
6.1.1 General
Have you established, implemented and maintained process for OH&S planning? Can
you explain how it is followed?
During planning for OH&S, have you considered issues and scope defined by you in
OH&S? Show us how it had been considered.
Has the organization determined the risks and opportunities related to OH&S issues,
OH&S hazards and compliance obligations?
Has the organization determined potential OH&S situation?
Show us documented information of risks and opportunities, OH&S hazards, criteria
defined for significance, list of significant hazards and action taken.
6.1.2 Hazard identification and assessment of risks and opportunities
6.1.2.1 Hazard identification
Have you determined the OH&S hazards of all your activities, products and services?
How it is identified and who was involved for the same?

Page 3 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

At the time of determining OH&S hazards, have you taken into account:
a) Routine and non–routine activities and situations?
b) Past relevant incidents, internal or external to the organization?
c) Potential emergency situations?
Are you maintaining the documented information of OH&S hazards and associated
OH&S risk?
Are you maintaining the documented information of criteria used to determine significant
OH&S hazards? Where have you documented it?
Who has to identify the OH&S hazards for activities, products and services?
Where have you found the need to determine significant OH&S hazards?
Assessment of OH&S risks and other risks to the OH&S management
6.1.2.2
system
Have you defined methodology for OH&S hazards and risk assessment?
Are you maintaining the documented information of significant OH&S hazards?
At the time of assessment of OH&S risks, was it defined with respect to the scope,
nature and time of the Company? Was it proactive rather than reactive?
How do you communicate significant OH&S hazards among the various levels and
functions of organization?
Has the organization determined the OH&S risk according to hazards, considering a life
cycle perspective?
Assessment of OH&S opportunities and other opportunities to the OH&S
6.1.2.3
management system
Have you established, implemented and maintained the process to access OH&S
opportunities and other opportunities for improving the OH&S management system?
Can HOD access the opportunities to eliminate hazards and reduce OH&S risks, to
enhance OH&S performance?
6.1.3 Determination of legal requirements and other requirements
Have you determined the compliance obligation related to OH&S hazards?
Have you determined how these compliance obligations apply to organization?
Are you maintaining the documented information of organization’s compliance
obligations?
Is there any system followed to get updated information on regular basis to get
amendments in such compliance obligations? Who is responsible for the same? How
actions are taken to include it in your OH&S system?
Is there any system followed to include OH&S compliance obligations for establishing,
implementing, maintaining and continually improving the OH&S?
Who is responsible to ensure that the legal and other requirements are taken into
account in establishing, implementing and maintaining OH&S management system?
6.1.4 Planning action

Page 4 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

How do you ensure the OH&S management system can achieve its intended outcome?
How do you plan to take actions for significant OH&S hazards, compliance obligation?
How do you plan actions to address these risks and opportunities? How do you integrate
and implement these actions into OH&S management system processes?
How do you evaluate actions for the effectiveness of actions taken?
What do you evaluate to ensure the effectiveness of action?
How do you define an OH&S risk assessment process?
What are the various options considered in planning activity, considering technological
and financial obligations?
6.2 OH&S objectives and Planning to achieve them
How do you establish OH&S objectives at relevant functions and levels? Where are they
documented? Who monitors them?
a) Are these OH&S objectives consistent with the OH&S policy?
b) Is your OH&S objective measurable? Show me. Are there any objectives not
measurable?
c) How do you communicate the OH&S objectives?
d) At what frequency do you update the OH&S objectives?

How do you establish, implement and maintain documented OH&S objectives? Have
you considered significant OH&S hazards, compliance obligations and risk and
opportunities in framing these objectives?
Which types of objectives are defined? What parameters need to be taken into account
while establishing and reviewing objectives?
When we have to prepare OH&S management program considering the defined
objectives and targets?
Have you done any planning for how to achieve the OH&S objectives? Does this plan
cover what will be done, resource details and responsibilities, target date? How the
results are evaluated, including indicators for achievement of these objectives?
Where are the objectives documented? Who monitors it?
How do you retain documented information on the OH&S objectives?
7. Supports
7.1 Resources
Have you determined and provided resources needed for:
 Establishment
 Implementation
 Maintenance and
 Continual improvement?
Who is responsible for providing resources?

Page 5 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

Who has to ensure provision of resources for implementation of OH&S management

system? Which resources are required in OH&S?
Who has appointed the Management Appointee? What are the defined roles,
responsibilities and authority for Management Appointee?

7.2 Competence
Does the organization determine necessary competence for personnel
performing activities affecting OH&S? How do you determine competency? Do
a) you prepare the competency matrix related to OH&S activity?
Have you ensured that the necessary competence has been achieved? If in any
areas, the competency is not achieved then what action is taken?
Do you provide training or take other actions to achieve the necessary
competence? Have you defined what are the appropriate education, training and
b)
experience for different category of persons? Where do you maintain such
documented information?
Have you ensured that the necessary competence has been achieved? What
actions are taken to acquire the necessary competence? How do you evaluate
c) the effectiveness of action taken, for example, written test, mock trail, review of
effectiveness of training, etc? What action was taken to upgrade the competence
of people?
Are you maintaining appropriate information and documented information of
d)
education, training, skills and experience as an evidence of competence?
What are the parameters covered under competence? How are you maintaining training
records of all employees?
What is the mechanism of identification of training needs and providing training to all
employees?
Are all employees trained for ISO 45001:2018 OH&S requirements?
Which kind of training is provided by you to all employees? Show me your training
records?
How do you plan and impart training? Are you having list of in-house trainer?
Are all employees trained for the Hazard/Risk register of their functions?
What is the mechanism of providing induction training to new employees?
What is your training plan for the next six months?
7.3 Awareness
Are your employees aware of OH&S policy and significant OH&S hazards and
 a) related risk? How do you contribute your work to implement the OH&S policy in
your work area?
 b) How do you contribute to OH&S management system? What benefits are

Page 6 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

achieved by implementing the OH&S? What is your improved OH&S

performance and how it has benefited the company?
Are the employees aware of the implication of not conforming to OH&S
 c) requirements and not fulfilling OH&S obligations? How do you provide such
awareness to all concerned persons?

7.4 Communication
7.4.1 General
How do you establish, implement and maintain processes needed for internal and
external communication relevant to OH&S?
a) What do you communicate?

 b) When do you communicate?

c) Whom do you communicate?
d) How do you communicate?
e) Who will communicate?
Does the organization respond to relevant communication on its OH&S management

system? Is there any documented information of this communication?
Do you internally communicate information relevant to OH&S at various levels and

functions? How?
Do you ensure such communication enables persons to contribute for continual

improvement? How?
Have you externally communicated information relevant to OH&S? Show us what kind of
 communication is done by you externally? Does it cover all information required by all
applicable compliance obligations?
How do you ensure that OH&S information communicated is consistent with information
generated within OH&S and it is reliable?
Is there any requirements related to documenting the decision of communicating the
significant OH&S hazards and compliance obligations?
7.4.2 Internal communication
Have you established any method for internal communication?
How do you ensure that communication process is open and an environment is created
in the company to bring the ideas for OH&S improvement?
7.4.3 External communication
Does the company externally communicate information relevant to the OH&S
management system?

Page 7 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

Have you established communication process for the same?

7.5 Documented Information
7.5.1 General
Have you established documented information as per ISO 45001:2018
a)
requirements?
How do you decide the need for documentation information for effectiveness of
b)
OH&S?
c) Do you keep documented information as paper/hard copy or electronic copy?

7.5.2 Creating and Updating

Have you created and updated documented information covering proper
a)
identification and description of the title, date, author, and reference number?
Have you made format for documented information, including its identification,
b) language, software version, and graphics and media like paper copy and
electronic copy?
c) Who reviews and updates and re-approves documented information?
Have you approved information for adequacy and suitability prior to issue? Who
is authorized to approve and review the documented information? How do you
d) ensure that the documented information is adequate and suitable for the
purpose? Where have you defined such authority for approval and review of
documented information?
7.5.3 Control of documented information
Have you defined any control mechanism for documented information? How do
a) you ensure that the documented information is available for use when it is
required?
How do you protect documented information? How do you adopt systems like
b)
confidentiality, protection from improper use, or loss of integrity?
Are the documents required by the OH&S is protected and controlled? How?
Who is authorized to control OH&S documents? How do you distribute the
c) documented information? Have you prepared authorized copyholder list to
understand who is having access of information? How do you retrieve
documented information and use it?
Are documented information established and maintained to provide evidence of
conformity to requirements and the effective operation of the OH&S? How do you
d)
store and preserve the documented information? How do you ensure it is
legible?
Is it protected and controlled? How do you change the documented information?
How do you establish version control for your documented information? Are you
e)
using any automated tool for such version control and configuration
management?

Page 8 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

Is there a documented information defining the controls needed for the

identification, storage, protection, retrieval, retention time and disposition of
f) documented information? Have you defined the retention period for various types
of documented information? How do you dispose of such documented
information in hard copy as well as soft copy?
Is the master list for documented information with revision no. made and updated? Show
us the latest revision of OH&S Manual and other documented information? How do you
maintain master list of page-wise amendment? How do you inform all the persons for
changes in any documented information? Who is responsible for approval and control of
different types of documents? Do you change the whole document or make page-wise
amendment? How do you get information for changes in the documented information?
How do you inform to all the concerned persons?
How is documented information identified for controlled / uncontrolled and obsolete?
Do you preserve obsolete documents? Where do you preserve it?
8.0 Operation
8.1 Operational Planning and control
8.1.1 General
Have you planned, implemented processes as per ISO 45001:2018 OH&S system
Standard?
How are you implementing control of the process, in accordance with the operating
criteria?
How do you maintain documented information to have confidence that processes have
been carried out as planned? Where do you keep such information?
How can you ensure that the implemented control of the processes is as per defined
criteria?
What is to be considered as operational control? Which operations need to be covered
under operational control plan?
Have you prepared and defined operational control parameters for the identified
process? Which processes are covered?
8.1.2 Eliminating hazards and reducing OH&S risks
Are all the controls like Elimination, Substitution, Engineering control, Administrative
controls and PPE identified and documented in the Significant OH&S Hazards List?
Is the Significant OH&S Hazards List readily available to all employees?
Are the significant OHS Hazards taken into account in establishing, implementing and
maintaining Occupational health and safety management system?
8.1.3 Management of change
How do you control the planned changes and review the consequences of unintended
changes? Who is responsible for the same?

Page 9 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

Which points does the company consider at the time of control of planned temporary
and permanent changes that impact OH&S performance?
8.1.4 Procurement
8.1.4.1 General
Have you established, implemented and maintained a process to control the
procurement of products and services?
8.1.4.2 Contractors
Have you ensured that the requirements of OH&S management system are met by
contractors and their workers?
Have you established system for selection of contractor and how do you communicate
such controls to them?

8.1.4.3 Outsourcing
How do you ensure that outsourced process is controlled or influenced? What type and
extent of control or influence is applied to the process defined within the OH&S for such
outsourced process?
How do you communicate information about potential significant OH&S risk
associated with transportation?
8.2 Emergency preparedness and response
Is there any process established by organization for and respond to potential emergency
situation?
How do you respond by planning actions to prevent or mitigate adverse OH&S risk from
emergency situations? How do you respond to actual emergency situations? Who is
responsible for the same? What action is taken to prevent the consequences of
emergency situation?
Are you doing any mock drills to test the planned response action? How and When?
Have you reviewed and revised the process, based on such mock drills?
How do you train your team related to emergency preparedness and response? Can you
show us some evidences? Can I interview few persons for the same?
Have you established, implemented and maintained a process for potential emergency
situations and potential accidents?
Which situations need to be covered under the major emergency preparedness plan?
How will you review emergency preparedness?
9.0 Performance evaluation
9.1 Monitoring, measurement, analysis and performance evaluation
9.1.1 General
a) How do you monitor and measure OH&S processes?

Page 10 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

Do you have any documented information for control and evaluation of processes? Who
is authorized to control process? What is monitored and measured?
How do you monitor, measure, analyze data and evaluate it? How do you ensure to get
valid result? When is the monitoring and measurement performed?
What methods for monitoring, measurement, analysis and evaluation are followed to
ensure valid results?
How do you maintain evidence of monitoring and measurement of results?
When are the results from M & M analyzed and evaluated? Who does it?
What are the parameters covered under the monitoring and measurements? When?
Which equipment needs to be calibrated under the monitoring and measurement? Show
us the evidence that instrument is calibrated?
9.1.2 Evaluation of compliance
Have you established the process to evaluate fulfilment of organization’s compliance
obligations?
At what frequency do you evaluate the compliance of organization?
Do you take an action after evaluation of compliance, if needed?
Do you have competent person for monitoring and understanding of compliance status?
How do you retain documented information of compliance evaluation results? Show us
evidences that you fulfil such requirements against your obligations.
What is evaluated for your compliance obligations? What records are maintained for
evaluation of compliance?
How do you fulfill requirements for evaluation of compliance?
9.2 Internal Audits
Have you conducted Internal audit? What is the frequency to carry out internal audit?
How do you perform audit to ensure that organization’s requirements for OH&S
management system are maintained? When and how?
How do you ensure during internal audit that ISO 45001:2018 requirements as well as
international standards’ requirements are implemented by the organization?
How do you ensure during the audit that OH&S is implemented and maintained
effectively?
Have you established any audit plan? Have you implemented and maintained audit
program? Who is the authorized person reporting for audit and to whom it is reported?
How do you ensure that Processes & Audit result mentioned in Internal audit is
implemented effectively?
How do you define audit criteria and scope of internal audit?
How do you select auditors and conduct audits to ensure objectivity and impartiality of
the audit process? Are identified employees/ functional heads trained for internal
auditor? Are you having list of trained Auditor?

Page 11 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

Who is the authorized person to review results of the audits?

How do you maintain evidence of the audit program and the audit results? Where? Who
has access to such documented information?
Do you have list of trained auditors? Who has given training to them as per ISO
45001:2018 OH&S and for how many days? Have you made audit plan? During
auditing, does the auditor check and monitor results of objectives reported by the
functional heads? Are all the NCRs communicated to respective function heads? Are
they closed? Have you prepared plan for internal audit for the whole year? How do
auditors carry out internal audit? Explain us how do you use audit checklist? Have you
made any audit summary for department-wise / clause-wise audit findings? How do you
close NCR?
Do you maintain records of the actual audit carried out against audit planned, as well as
summary of audit done? Where do you maintain such records?
How do you ensure that all departments are covered for all the clauses applicable to that
department are audited in internal audit? How do you see effectiveness of action taken
on audit NCR? Where is it recorded?

9.3 Management Review

How does Top management review the organization’s OH&S management system?
What is the frequency of review to ensure its continuing suitability and adequacy? When
do you conduct such OH&S reviews?
Does this review include assessing opportunities for improvement and the need for
changes to the OH&S, including OH&S policy and objectives?
Do you have documented information of actions emerged from the OH&S management
review meetings?
What action is taken after previous management reviews? Have you any status
 a)
of action monitoring of previous management reviews?
Have there been any changes in external and internal issue? Do you know any
 b)
changes in external and internal issues relevant to OH&S system?
How do you maintain result of feedback on the quality? Who is performing it? Do
you have any feedback on purpose of improvement like nonconformities and
 c) corrective action, monitoring and measurement of results, results of OH&S audits
and reviews, fulfillment of quality objectives, etc in the management review
meetings? Does it cover nonconformity and corrective action?
Have you defined adequacy resources and discussed it in MRM? How do you
 f)
measure opportunities for continual improvement?
Which techniques are applied on products or procedures for the purpose of
 h)
improvement of OH&S system?
Have you identified any changes in existing OH&S system or resource requirements in
the management review meetings?

Page 12 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

How do you ensure continual improvement in the system?

Do you report to Top Management for effectiveness of OH&S management system?
How do you measure effectiveness of system for working of your organization? How do
you collect necessary information for the same? Are you getting information for
corrective action taken on the identified non–compliances and its effectiveness for
discussion in the management review meeting?
How do you plan for management review meeting, and who are committee members?
Do you circulate the agenda of management review meeting in advance? Do you
prepare minutes of management review meeting with the actions decided in
management review meeting? How do you monitor effectiveness of the system? Are you
reviewing objectives and targets in the management review? When do you review it?

10.0 Improvement
10.1 General
Have you defined any improvement in OH&S?
How do you determine opportunities for improvement and implement necessary actions
to achieve the intended outcomes of OH&S management system?

10.2 Incident, nonconformity and corrective action

How do you control incident / non-conformity and what documented information
a) are maintained? Have any action been taken on incident / nonconformity?
How do you deal with the consequences of incident or nonconformity?
Who is the authorized person for reviewing incident / nonconformity? Are you
doing route cause analysis for such incident or nonconformity? How do you
b) determine that nonconformities exist? Do you determine the causes of incident or
nonconformities, and review NCR and correction of NCR, and evaluate non-
conformities?
c) How do you implement action needed to meet documented information?
How do you monitor effectiveness of corrective action? Who is the authorized
d)
person for reviewing it?
Have you updated risks based on such investigation and determined the
opportunities during planning? How do you ensure that the corrective action
e)
taken is appropriate to the effects of the nonconformities encountered including
OH&S risk?
What is the base for taking corrective actions? Does the organization need to
take corrective action for all the nonconformities?
What is the mechanism to take corrective action?
Are you taking corrective action for process, product, system and interested
parties’ complaints? When do you take corrective actions? Who reviews the

Page 13 of 14
 [Insert Your Company Name]
ISO 45001:2018 Clause-Wise Audit Questionnaire
ISO
45001:2018 Requirements
Clause

effectiveness of corrective action taken by concerned department? How do you

monitor it?
How do you maintain documented information for nature of the nonconformity
and subsequent actions taken as well as result of corrective action? Who
maintains it?
10.3 Continual improvement
How do you ensure that organization has continually improved the adequacy, suitability
and effectiveness of OH&S?
How do you improve the suitability, adequacy, and effectiveness of the OH&S to
enhance OH&S performance? Have you determined is there any needs or opportunities
that are addressed as a part of continual improvement?

Page 14 of 14