Contact us for the entire toolkit

HSMS AUDIT CHECKLIST

ISO 45001:2018

- Objective evidence may represent documented information (procedures, manuals, records, drawings, standards, legislation,
authorizations, licences, etc.), but also information obtained during interviews or aspects observed by auditors during audits.
- Nonconformities are recorded in nonconformity forms.

4. Context of the organization Y N

4.1. The organization has determined external and internal issues that are relevant to its purpose and its
strategic direction and that affect its ability to achieve the intended results of its HSMS?
4.2. Interested parties relevant for the HSMS and their requirements have been identified?
Objective evidence (authorizations and licenses relevant for the HSMS, business plans, market research and studies,
SWOT analysis, diagrams, manuals; examples of interested parties)

4.3. Scope of the HSMS Y N

Is the scope available as documented information?
The scope includes activities, products and services within the organization’s control or influence that can
impact the organization’s OH&S performance?
Objective evidence (manual, policy, documented information with the HSMS scope, etc.)

5. Leadership and worker participation Y N

5.1. Top management demonstrates leadership and commitment with respect to the HSMS?
5.2. OH&S Policy Y N
An OH&S policy is established, implemented and maintained as documented information?
The OH&S policy fulfils applicable requirements?
(is appropriate to the purpose, size and context of the organization and the nature of its OH&S hazards and
risks, provides a framework for setting OH&S objectives, includes a commitment to provide safe and healthy
working conditions for the prevention of work-related accidents and ill health, includes a commitment to fulfil
legal and other requirements, includes a commitment to eliminate hazards and reduce OH&S risks, a
commitment for continual improvement and for the participation and consultation of workers)
The OH&S policy is available as documented information? Is communicated inside the organization and
available to interested parties as appropriate?
Objective evidence (OH&S policy - date, edition; evidence of communicating the policy internally, evidence of its
availability to interested parties - websites, posters, leaflets, etc.)

5.3. Organizational roles, responsibilities and authorities Y N

Responsibilities and authorities for the HSMS have been assigned within the organization?
Objective evidence (person/ persons having responsibility for the HSMS and associated documented information - job
description, decisions, organization chart)

5.4. Consultation and participation of workers Y N

The organization has established and implemented processes for the consultation and participation of
workers from different levels and functions in the actions to improve the OH&S management system?
The organization provides the mechanisms, the time, training and resources necessary for consultation and
participation?

Page 1 of 6
 Contact us for the entire toolkit
HSMS AUDIT CHECKLIST
ISO 45001:2018

The organization makes efforts to remove obstacles and barriers to participation and consultation (such
obstacles include: language, literacy, reprisals or threats or other practices to discourage participation and
consultation)?
Objective evidence(e.g. documented procedure, minutes of meetings, collective bargaining records, meetings with
workers, records of workers consultation and participation)

6. Planning
6.1. Actions to address risks and opportunities. General Y N
When planning the HSMS the organization has determined risks and opportunities that need to be
addressed?
The organization has established, implemented and maintains a process for the identification of OH&S
hazards?
The hazard identification process takes into consideration aspects like: how work is organized; social
factors; leadership and culture in the organization; routine and non-routine activities; past relevant incidents
and emergencies; people who have access to the workplace; people in the vicinity of the workplace that can
be affected; workers at locations not under the control of the organization; the design of work areas;
processes; installation; machinery; situations in the vicinity of the workplace that can lead to work related
accidents and ill health; proposed changes; changes in knowledge and information about hazards?
A process to assess OH&S risks from identified hazards as well as other risks related to the establishment,
implementation, operation and maintenance of the management system?
The risk assessment is based on a documented methodology that includes criteria for evaluating the risks?
The organization has established a process for the evaluation of OH&S opportunities and other opportunities
for improving the OH&S management system?
Objective evidence (e.g. documented information on the risk assessment – code, date, assessor, methodology for risk
assessment, examples of risks and opportunities, competence records for the risk assessors, etc.)

6.1.3. Determination of legal requirements and other requirements Y N

The organization has established and implemented a process to determine and have access to legal and
other requirements that are applicable to its OH&S hazards and risks?
Legal and other requirements applicable are taken into consideration in the OH&S management system?
Objective evidence (procedure, examples of legal/ other requirements; legal software subscription; responsibility for
updating legal requirements in the organization, etc.)

6.1.4. Planning action Y N

The organization plans actions to address risks and opportunities, legal and other requirements and to
prepare and respond to emergency situations?
6.2. OH&S objectives and planning to achieve them Y N
Has the organization established OH&S objectives at relevant functions and levels in order to maintain and
improve the OH&S management system?
OH&S objectives are: consistent with the OH&S policy, measurable if practicable, monitored, communicated
and updated when appropriate?
Documented information on the OH&S objectives is available?

Page 2 of 6
 Contact us for the entire toolkit
HSMS AUDIT CHECKLIST
ISO 45001:2018

Plans to achieve the OH&S objectives have been developed by the organization (including actions,
resources, responsibilities, timeframes and how the results are evaluated)?
Objective evidence (examples of objectives, management programs, plans, etc.)

7. Support
7.1. Resources Y N
The organization provides the resources needed for the establishment, implementation, maintenance and
continual improvement of its HSMS?
7.2. Competence Y N
The organization has determined the competence of workers that affects or can affect the OH&S
performance?
The organization ensures that workers are competent on the basis of training, education and experience?
The organization takes actions for workers to acquire and maintain necessary competence (e.g. training,
mentoring, changing of responsibilities to suit competence needs, recruiting competent personnel from
outside)?
Objective evidence (documented procedures, programs/ training plans, OH&S training records, personnel files, diplomas,
certificates, permits, authorizations, training evidence, etc.)

7.3. Awareness Y N
The organization ensures that personnel doing work under its control are aware of: the OH&S policy and
objectives, OH&S hazards and risks, their contribution to the effectiveness of the HSMS; OH&S incidents
and the outcomes of their investigation?
Workers are aware that they should remove themselves from work situations that they consider to present
an imminent and serious danger to their life and health as well as the arrangements for protecting them for
undue consequences for doing so?
7.4. Communication
Internal and external communication processes relevant to the HSMS are established, implemented and
maintained? (including on what, when, with whom, and how to communicate)
Information is communicated in a way that facilitates its understanding by all recipients?
The organization responds to relevant external communications on its HSMS?
Documented information as evidence of communication (internal and external) is retained?
7.5. Documented information Y N
The HSMS includes the documented information required by the standard and documented information
determined as necessary for the effectiveness of the management system?
When creating and updating documented information controls on identification and description, format,
review and approval are in place?
Documented information is controlled (distribution, access, retrieval, storage and preservation, control of
changes, retention and disposition)?
Objective evidence (documented procedures, documents lists, etc.)

8. Operation Y N
8.1. Operational planning and control

Page 3 of 6
 Contact us for the entire toolkit
HSMS AUDIT CHECKLIST
ISO 45001:2018

The organization plans, implements, controls and maintains the processes needed to meet the requirements
of the OH&S management system?
The organization has established, implemented and maintains effective control to eliminate OH&S hazards
and reduce OH&S risks?
Planned changes are reviewed and controlled to ensure that any negative impacts on the OH&S
performance are prevented?
Objective evidence (e.g. operating procedures, controls to address OH&S hazards and risks – engineering controls,
administrative controls, distribution of personal protective equipment records, etc.)

8.1.4. Procurement Y N
The organization has processes in place to control the procurement process in order to ensure their
conformity with the OH&S requirements?
The organization ensures that its OH&S contractors and their workers meet OH&S requirements?
The organization applies health and safety criteria for the selection of its contractors?
The organization ensures that outsourced processes and functions are controlled to fulfil OH&S
requirements?
Objective evidence (e.g. procedures, examples of contractors/ outsourcers, criteria for selecting contractors/ suppliers,
examples of contractors/ suppliers, agreements with suppliers/ contractors/ outsourcers that refer to OH&S aspects, etc.)

8.2. Emergency preparedness and response Y N

Processes needed to prepare for and respond to emergency situations are in place?
The organization provides training to its employees for the planned response in case of an emergency
situation?
The organization provides information to visitors, contractors, emergency services etc. with regards to their
responsibilities in case of an emergency?
The organization tests periodically its arrangements for emergency situations?
Documented information on the plans and response in case of emergency situations is maintained?
Objective evidence (procedures, emergency plans, testing reports, training records, contracts, emergency team,
responsibilities, etc.)

9. Performance evaluation
9.1. Monitoring, measurement, analysis and evaluation Y N
The organization monitors its OH&S performance?
Did the organization determine: what needs to be measured and monitored, the methods to measure and
monitor, criteria against which performance is monitored, when the measurement and monitoring is
performed, when the monitoring and measurement results shall be analysed and evaluated?
Any monitoring and measurement equipment used by the organization?
Is it calibrated or verified as appropriate? Documented information is available?
Documented information on the results of monitoring, measuring, analysis and evaluation is retained?
Objective evidence (procedures, equipment used for measurement and monitoring, reports, analysis and tests, KPIs used
to evaluate OH&S performance, calibration reports, etc.)

Page 4 of 6
 Contact us for the entire toolkit
HSMS AUDIT CHECKLIST
ISO 45001:2018

9.1.2. Evaluation of compliance Y N

The organization has a process to evaluate compliance with legal and other requirements applicable?
Documented information as evidence of compliance evaluation is retained?
Objective evidence (procedures, reports, checklists, examples of applicable legislation, responsibilities, frequency, etc.)

9.2.2. Internal audit Y N

The organization performs internal audits of the OH&S management system at planned intervals?
One or several audit programme(s) has been established, implemented and maintained?
The selection of auditors ensures the objectivity and impartiality of the audit process?
Documented information as evidence of internal audits is retained?
Objective evidence (documented procedures, audit programs, plans, checklists, reports, competence of auditors)

9.3. Management review Y N

Top management reviews the OH&S management system at planned intervals?
Relevant outputs from management review are communicated to workers and where they exist workers
representatives?
Documented information on the results of management review meetings is available?
Objective evidence (documented procedures, minutes, plans, decisions, actions, etc.)

10. Improvement
10.2. Incident, nonconformity and corrective actions Y N
The organization has established, implemented and maintains processes to manage incidents and
nonconformities?
When an incident or nonconformity occurs the organization reacts in time to control and correct the situation
and deal with the consequences?
The organization performs an investigation of incidents and a review of nonconformities in order to identify
the root cause and implement actions to avoid similar situation happening again?
The effectiveness of corrective actions implemented is reviewed?
The organization communicates to workers and worker representatives on the incidents and nonconformities
identified and actions taken?
Documented information on incidents, nonconformities and actions taken is available?
Objective evidence (documented procedures, records of OH&S accidents, OH&S incidents including near-misses,
investigation records, correspondence, reports, forms, corrective actions, etc.)

10.3. Continual improvement Y N

The organization improves continually the suitability, adequacy and effectiveness of its OH&S management
system?
Use of certification mark Y N
The requirements on the use of the certification mark are respected?

Page 5 of 6
 Contact us for the entire toolkit
HSMS AUDIT CHECKLIST
ISO 45001:2018

Page 6 of 6