Professional Documents
Culture Documents
Section 3.2 - Auditing Against BS OHSAS 18001:2007 Clause 4.2 Policy
Section 3.2 - Auditing Against BS OHSAS 18001:2007 Clause 4.2 Policy
Every organization must be committed to protecting the health and safety of its employees and
all others that might be affected by its work activities.
BS OHSAS 18001 has 8 important requirements, together with an overall assurance that the
policy has been authorized. These can be found in clause 4.2 which requires top management
to:
There is a legal obligation in the UK for every organization with five or more employees to prepare
a written statement of general policy on occupational health and safety, and similar requirements
exist in many other countries.
BS OHSAS 18001 specifies eight important requirements for the OH&S policy:
The policy should be realistic and relevant to the nature of risks faced by the organisation.
2. “includes a commitment to prevention of injury and ill health and continual Improvement in
OH&S management and OH&S performance”
It is impossible to make every workplace totally safe, but management are expected to commit to
preventing injury and ill health. In the case of ill health, this includes stress as well as other
disabling effects.
Organizations need to achieve not only a high level of OH&S performance but also to seek a
continual improvement in that performance as well as meeting legal requirements.
3. “includes a commitment to at least comply with applicable legal requirements and with other
requirements to which the organization subscribes that relate to its OH&S hazards”
Naturally, there is a requirement to comply with legal requirements. However, there might be
other codes of practice, industry standards, voluntary agreements etc to which the organization
subscribes and in this context “other requirements” covers all of these areas.
The organization’s top management should set in place procedures to define, document and
endorse its OH&S policy.
6. “is communicated to all persons working under the control of the organization with the intent
that they are made aware of their individual OH&S obligations”
8. “is reviewed periodically to ensure that it remains relevant and appropriate to the organization”
The policy should be reviewed periodically to ensure that it remains relevant and appropriate to
the organization.
"Person or group of people who direct and control an organization at the highest level"
Top management – ISO 9000:2005
Internal auditors need to assure themselves that the policy is currently relevant and is reviewed
regularly at management review meetings for its continuing suitability. Only a policy that has
objectives with tangible outcomes that can be measured and audited can be shown to be
working. Some points that the internal auditor might wish to consider would be: