TBSHE-CLS-037-SHE Internal Audit Checklist

SHE Internal Audit Checklist
ISO 45001 Compliance

Requirement of the standard Evidence Remarks
Clause Yes/No/NA
4.1-01 Did the organization determine external
and internal issues relevant to its purpose
and that affect its ability to achieve
intended results of SHEMS?
4.2-01 Did the organization determine interested
parties that are relevant to its SHEMS?
4.2-02 Did the organization determine relevant
needs and expectations of the interested
parties?
4.2-03 Do some expectations from the
organization become its compliance
obligations?
4.3-01 Has the organization determined
boundaries and applicability of its SHEMS?
4.3-02 When determining the scope, had the
organization considered external and
internal issues referred to in 4.1?
organization considered compliance
obligations referred to in 4.2?
organization considered its organizational
units, functions, and physical boundaries?
organization considered, planned or
performed work related activities?
organization considered its products,
activities, and services?
4.3-07 Does the organization maintain its scope as
documented information?
4.4 Has the organization established,
implemented, maintained, and continually
improved its Occupational Health and
Safety Management System (SHEMS)?
5.1-01 Did top management take accountability
for the effectiveness of the organization’s
SHEMS?
5.1-02 Does top management ensure that the SHE
Policy and SHE objectives are compatible
with the strategic direction and context of
the organization?
5.1-03 Does top management ensure integration
of SHEMS requirements in the
organization’s business processes?
TBSHE-CLS-037 Rev-00 Page 1 of 16

Clause Yes/No/NA
5.1-04 Does top management ensure availability
of the resources needed for the SHEMS?
5.1-05 Does top management communicate about
the importance of conforming to the
SHEMS requirements?
5.1-06 Does top management ensure that the
SHEMS achieves its intended outcomes?
5.1-07 Does top management direct and support
persons to contribute to the SHEMS?
5.1-08 Does top management promote continual
improvement?
5.1-09 Does top management support other
management roles to demonstrate
leadership in their fields?
5.1-10 Does top management develop, lead and
promote culture in the organization that
supports intended outcomes of SHEMS?
5.1-11 Does top management protect workers
from reprisals when reporting incidents,
hazards, risks and opportunities?
5.1-12 Does top management ensure the
organization establishes processes for
participation and consultation of workers?
5.1-13 Does top management consider the need
for establishing health and safety
committees together with providing
support for their functioning?
5.2-1 Did the organization establish, implement,
and maintain its SHE Policy within the
scope of the SHEMS?
5.2-2 Is the SHE Policy appropriate for the
purpose and context of the organization?
5.2-3 Does the SHE Policy provide the
organization with a framework for setting
SHE objectives?
5.2-4 Does the SHE Policy include a commitment
to the eliminate hazards and reduce SHE
risks?
5.2-5 Does the SHE Policy help the organization
to continually improve its SHEMS?
5.2-6 Does the SHE Policy include a commitment
to fulfill its compliance obligations?
5.2-7 Does the organization communicate its SHE
Policy within the organization and to
interested parties?
5.2-8 Has the organization documented its SHE
Policy?
5.3-1 Does the organization define its SHEMS
Clause Yes/No/NA
roles, responsibilities, and authorities?
5.3-2 Did top management assign responsibility
to a person or persons to ensure that the
SHEMS conforms to the requirements of
the standard?
5.3-3 Did top management assigned a person or
persons responsible to report on the
performance of the SHEMS?
5.4-01 Has the organization established,
implemented and maintained the process
for consultation and participation of
workers at all applicable levels and
functions, and, where they exist, workers
representatives in the development,
planning, implementation, performance
evaluation and actions to improve SHEMS?
5.4-02 Does the organization provide mechanisms,
time, training and resources necessary for
consultation and participation?
5.4-03 Does the organization provide timely access
to clear, understandable and relevant
information about the SHEMS?
5.4-04 Does the organization determine and
remove obstacles and barriers to
participation and minimize those that
cannot be removed?
5.4-05 Does the organization emphasize the
consultation of non-managerial works
regarding determining the needs and
expectations of interested parties?
regarding establishing the SHE Policy?
regarding assigning roles, responsibilities
and authorities as applicable?
regarding determining how to fulfil legal
and other requirements?
regarding establishing SHE objectives and
planning to achieve them?
regarding determining applicable controls
Clause Yes/No/NA
for outsourcing, procurement and
contractors?
regarding determining what needs to be
monitored, measured and evaluated?
regarding planning, establishing,
implementing and maintaining an audit
program?
regarding establishing a continual
improvement process?
regarding determining the mechanisms for
their consultation and participation?
regarding hazard identification and
assessment of risks and opportunities?
regarding actions to eliminate hazards and
reduce SHE risks?
regarding identification of competency
requirements, training needs, training and
evaluation of training?
regarding determining the needs to be
communicated and how this shall be done?
regarding determining control measures
and their effective implementation and
use?
regarding investigating incidents and
nonconformities and determining
corrective actions?
6.1.1-01 Has the organization considered the issues
referred to 4.1, 4.2 and 4.3 when planning
Clause Yes/No/NA
SHEMS?
6.1.1-02 Has the organization determined risks and
opportunities that need to be addressed to
give assurance that the SHEMS can achieve
intended results?
prevent or reduce undesired effects?
achieve continual improvement?
6.1.1-05 Did the organization take into account SHE
risks, opportunities when addressing risks
and opportunities?
6.1.1-06 When determining risks and opportunities
to be addressed, Has the organization took
into account hazards, risks and
opportunities?
6.1.1-07 When determining risks and opportunities
to be addressed, has the organization taken
into account legal and other requirements?
6.1.1-08 During its planning process, did the
organization assess the risks and determine
opportunities that are relevant to the
intended outcomes of SHEMS associated
with changes in organization, its processes
or the SHEMS?
6.1.1-09 Has the organization performed assessment
of risks and opportunities in case of
planning changes?
6.1.1-10 Does the organization maintain
documented information on SHE risks and
opportunities, processes and actions
needed to determine and address risks and
opportunities to the extent necessary to
provide confidence that they are carried
out as planned?
6.1.2.1-01 Did the organization establish, implement
and maintain a process for hazard
identification?
6.1.2.1-02 Did the process for hazard identification
take into account past relevant incidents,
internal and external to the organization,
including emergencies and their causes?
take into account how work is organized,
social factors, leadership and culture in the
organization?
Clause Yes/No/NA
take into account routine and non-routine
activities and situations?
take into account emergency situations?
take into account people and other issues?
take into account actual or proposed
changes in the organization, its operations,
processes, activities and SHEMS?
take into account changes in knowledge of,
and information about hazards?
6.1.2.2-01 Has the organization established,
implemented and maintained a process to
assess SHE risks from identified hazards,
while taking into account legal and other
requirements and effectiveness of existing
controls?
6.1.2.2-02 Has the organization established,
implemented and maintained a process to
identify and assess the risks related to
establishment, implementation, operation
and maintenance of SHEMS that can occur
from issues identified in 4.1 and needs and
expectations identified in 4.2?
6.1.2.2-03 Has the methodology and criteria for
assessment of SHE risks defined in respect
to their scope, nature and timing to ensure
they are proactive rather than reactive and
are used in a systematic way?
6.1.2.2-04 Does the organization maintain and retain
documented information on the
methodology and criteria?
6.1.2.3-01 Has the organization implemented,
established and maintained process to
assess opportunities to enhance SHE
performance and opportunities for
improvement of SHEMS?
6.1.3-01 Has the organization implemented,
determine and have access to legal
requirements and other requirements that
are applicable to its hazards, SHE risks and
SHEMS?
Clause Yes/No/NA
determine how these legal and other
requirements apply to the organization and
what needs to be communicated?
established and maintained a process to
take these legal and other requirements
into account when establishing,
implementing, maintaining and continually
improving SHEMS?
6.1.3-04 Does the organization maintain and retain
documented information on its legal and
other requirements and ensure that it is
updated to reflect any changes?
6.1.4-01 Does the organization plan actions to
address risks and opportunities?
address legal and other requirements?
prepare and respond to emergency
situations?
6.1.4-04 Does the organization plan how to
integrate and implement actions into its
SHEMS processes or other business
processes?
6.1.4-05 Does the organization plan how to evaluate
effectiveness of these actions?
6.1.4-06 Does the organization take into account
hierarchy of controls and outputs from the
SHEMS when planning actions?
6.1.4-07 Does the organization consider best
practices, technological options, financial,
operational and business requirements
when planning actions?
6.2.1-01 Did the organization establish SHE
objectives at relevant functions and levels?
6.2.1-02 Did the organization establish SHE, taking
into account the results of the assessment
of risks and opportunities?
6.2.1-03 Are SHE objectives consistent with the SHE
Policy?
6.2.1-04 Are SHE objectives measurable?
6.2.1-05 Does the organization monitor its SHE
objectives?
6.2.1-06 Does the organization communicate its SHE
objectives?
6.2.1-07 Does the organization update its SHE
objectives?
6.2.1-08 Does the organization maintain
Clause Yes/No/NA
documented information on its SHE
objectives?
6.2.2-01 Did the organization determine how to
achieve its SHE objectives?
6.2.2-02 Did the organization determine who will be
responsible for achieving SHE objectives?
6.2.2-03 Did the organization determine deadlines
for achieving SHE objectives?
6.2.2-04 Does the organization determine how it will
evaluate results of actions taken to achieve
SHE objectives?
6.2.2-05 Does the organization consider how to
integrate actions for achieving its SHE
objectives into its business processes?
7.1-01 Did the organization provide enough
resources to establish and fulfill all SHEMS
requirements?
7.2-01 Did the organization determine necessary
competence of personnel involved in the
SHEMS?
7.2-02 Does the organization employ SHEMS-
competent personnel?
7.2-03 Does the organization determine training
needs associated with its SHE hazards and
the SHEMS?
7.2-04 Does the organization retain documented
information as evidence of competence?
7.3-01 Are the workers aware of the SHE policy
and the objectives?
7.3-02 Are the workers aware of their contribution
to the effectiveness of SHEMS, including
the benefits of improved SHE performance?
7.3-03 Are the workers aware of the implications
and potential consequences of
nonconforming with SHEMS requirements?
7.3-04 Are the workers aware of incidents, and the
outcomes of their investigation, that are
relevant to them?
7.3-05 Are the workers aware of hazards, SHE risks
and actions determined, that are relevant
to them?
7.3-06 Are the workers aware of arrangements
which provide workers the ability to
remove themselves from work situations
that they believe present an imminent and
serious danger to their life and health, as
well as protecting them from undue
consequences for doing so?
Clause Yes/No/NA
7.4.1-01 Has the organization established,
implemented and maintained process
needed for the internal and external
communications relevant to the SHEMS?
7.4.1-02 Did the organization determine what it will
communicate?
7.4.1-03 Did the organization determined when to
communicate?
7.4.1-04 Did the organization determined with
whom to communicate?
7.4.1-05 Did the organization determined how to
communicate?
7.4.1-06 Did the organization take into account
diversity aspects when considering its
communication needs?
7.4.1-07 Did the organization ensure that the views
of external interested parties are
considered in establishing its
communication process?
7.4.1-08 When establishing its communication
process, did the organization take into
account its legal and other requirements?
7.4.1-09 When establishing its communication
process, did the organization ensure that
SHE information to be communicated is
consistent with information generated
within SHEMS, and is reliable?
7.4.1-10 Does the organization respond to relevant
communications on its SHEMS?
7.4.1-11 Does the organization retain documented
information as evidence of its
communication, as appropriate?
7.4.2-01 Does the organization internally
communicate information relevant of
SHEMS among the various levels and
functions of the organization, including
changes to the SHEMS, as appropriate?
7.4.2-02 Does the organization ensure its
communication process enables workers to
contribute to continual improvement?
7.4.3-01 Does the organization externally
communicate information relevant to the
SHEMS as established by the organizations
communication process and as required by
its legal and other requirements?
7.5.1-01 Does the organization’s SHEMS include
documented information required by ISO
45001?
Clause Yes/No/NA
documented information determinate by
the organization to be necessary?
documented information required by legal
and other requirements?
7.5.2-01 Does the organization’s documented
information have proper identification,
description, and format?
7.5.2-02 Does the organization ensure proper
review, approval, and adequacy of its
documented information?
7.5.3-01 Is the organization’s documented
information available and suitable for use,
where and when it’s needed?
7.5.3-02 Does the organization ensure that
protection of its documented information is
adequate?
7.5.3-03 Does control of the organization’s
documented information include
distribution, access, retrieval, and use?
7.5.3-04 Does the organization control storage and
preservation of its documented
information, including legibility?
7.5.4-05 Did the organization decide retention time
of documented information and
disposition, including control of changes?
7.5.4-06 Has the organization identified the
documented information of external origin,
and control it as appropriate?
8.1.1-01 Did the organization plan, implement,
control and maintain the processes needed
to meet requirements of the SHEMS and
the implement the actions determined in
clause 6?
8.1.1-02 Did the organization establish criteria for
the processes?
8.1.1-03 Did the organization implement control of
the processes in accordance with the
criteria?
8.1.1-04 Did the organization maintain and retain
documented information to the extent
necessary to have confidence that the
processes have been carried out as
planned?
8.1.1-05 At multi-employer workplaces, did the
organization coordinate the relevant parts
of the SHEMS with other organizations?
Clause Yes/No/NA
8.1.2-01 Did the organization establish, implement
and maintain processes for the elimination
of hazards and reduction of SHE risk using
the hierarchy of controls?
8.1.3-01 Did the organization establish a process for
the implementation and control of planned
temporary and permanent changes that
impact SHE performance?
8.1.3-02 Does the organization review the
consequences of unintended changes,
taking into account to mitigate adverse
effects, as necessary?
8.1.4-01 Did the organization ensure that
outsourced processes are controlled?
8.1.4-02 Did the organization define the type and
degree of control to be applied to these
processes within SHEMS?
and maintain a process to control the
procurement of product and services in
order to ensure their conformance with its
SHEMS?
and maintain the process, in coordination
with its contractors, for hazards
identification and to asses and control the
SHE risk, arising from the contractors’
activities and operations that impact the
organization?
with its contractors, for hazard
identification, and asses and control the
SHE risk arising from organizations’
activities and operations that impact
contractors’ workers?
with its contractors, for hazards
identification and to asses and control the
SHE risk, arising from contractors’ activities
and operations that impact other
interested parties in the workplace?
8.1.6-04 Did the organization establish and maintain
a process to ensure that the requirements
of the organization’s SHEMS are met by
contractors and their workers?
8.1.6-05 Does this process define and apply
Clause Yes/No/NA
occupational health and safety criteria for
the selection of contractors?
8.2-01 Has the organization established,
implemented, and maintained the
processes needed to prepare for and
respond to potential emergency situations?
8.2-02 Does the organization plan actions to
prevent or mitigate adverse SHE impacts
from emergency situations?
8.2-03 Does the organization periodically test the
planned response actions?
8.2-04 Does the organization provide relevant
information and training related to
emergency preparedness and response to
relevant interested parties?
8.2-05 Does the organization review and revise the
process(es) and planned response actions,
particularly after the occurrence of
emergency situations and tests?
8.2-06 Does the organization maintain
documented information about emergency
preparedness process(es)?
9.1.1-01 Does the organization monitor, measure,
analyze, and evaluate its SHE performance?
9.1.1-02 Has the organization determined what
needs to be monitored and measured, as
well as monitoring and measuring methods
to ensure valid results?
9.1.1-03 Has the organization determined the
criteria and indicators for evaluation of its
SHE performance?
9.1.1-04 Has the organization determined when the
monitoring and measurement will be
performed and when the results will be
analyzed and evaluated?
9.1.1-05 Has the organization ensured that
calibrated or verified monitoring and
measurement equipment is used and
maintained?
9.1.1-06 Has the organization evaluated its SHE
performance and the effectiveness of its
SHEMS?
9.1.1-07 Has the organization communicated
relevant SHE performance information
according to the communication process
and compliance obligations?
9.1.1-08 Has the organization retained appropriate
documented information as evidence of the
Clause Yes/No/NA
monitoring and measurement, analysis, and
evaluation results?
9.1.2-01 Has the organization established,
implemented, and maintained the
processes needed to evaluate fulfillment of
its compliance obligations?
9.1.2-02 Has the organization determined the
frequency of the compliance evaluation?
9.1.2-03 Has the organization evaluated the
compliance and taken actions needed?
9.1.2-04 Does the organization maintain knowledge
and understanding of its compliance
status?
9.1.2-05 Does the organization retain documented
information as evidence of the compliance
evaluation results?
9.2.1 Does the organization conduct internal
audits at planned intervals to provide
information on whether its SHEMS:
 conforms to its own requirements
for its SHE MS?
 conforms to requirements of ISO
45001?
 is effectively implemented and
maintained?
9.2.2-01 Does the organization establish,
implement, and maintain internal audit
program(s)?
9.2.2-02 Did the organization determine the
frequency, methods, responsibilities,
planning requirements, and reporting of its
internal audits?
9.2.2-03 When establishing the internal audit
program, did the organization take into
account the results of previous audits?
9.2.2-04 When establishing the internal audit
program, did the organization take into
account the importance of the processes
concerned?
9.2.2-05 Did the organization define the audit
criteria and scope of each audit?
9.2.2-06 Does the organization ensure objectivity of
the audit process?
9.2.2-07 Does the organization communicate audit
results to the relevant management?
9.2.2-08 Does the organization document
information about audits and audit results?
9.3-01 Does top management review the
Clause Yes/No/NA
organization’s SHEMS?
9.3-02 Does top management, during review,
consider the status of actions from previous
management reviews?
9.3-03 Does top management review include
consideration of external and internal
issues relevant to the organization’s
SHEMS?
consideration of the needs and
expectations of interested parties, including
compliance obligations?
consideration of its significant SHE hazards
and risks?
consideration of SHE risks and
opportunities?
consideration of the extent to which SHE
objectives have been achieved?
consideration of trends in nonconformities
and corrective actions?
consideration of trends in monitoring and
measurement results?
consideration of resource adequacy?
consideration of opportunities for continual
improvement?
conclusions about continual improvement
opportunities?
decisions related to continual
improvement?
needed actions when SHEMS goals have
not been achieved?
9.3-15 If needed, does top management review
include opportunities to improve
integration of the SHEMS with other
business processes?
9.3-16 Does top management review include any
implications for the strategic direction of
the organization?
Clause Yes/No/NA
information about management reviews?
10.1-01 Does the organization take actions to
improve its SHEMS?
10.2-01 Did the organization establish, implement
and maintain the process that includes
reporting, investigating and taking actions,
to determine and manage incidents and
nonconformities?
10.2-02 When an incident or a nonconformity
occurs, does the organization react in
timely manner to the incident or
nonconformity?
occurs, does the organization evaluate,
with participation of workers and
involvement of other interested parties, the
need for corrective actions to eliminate the
root cause of the incident or
nonconformity, in order that it does not
recur or occur elsewhere?
occurs, does the organization review
existing assessments of SHE risks and other
risks, as appropriate?
occurs, does the organization determine
and implement any action needed,
including corrective action, in accordance
with the hierarchy of controls and the
management of change?
occurs, does the organization assess SHE
risks prior to taking action that can result in
new or changed hazards?
occurs, does the organization review
effectiveness of any action taken, including
corrective action?
occurs, does the organization make
changes to the SHEMS, if necessary?
10.2-09 Are the corrective actions appropriate to
the effects of the incidents or
nonconformities encountered?
information as evidence of the nature of
the incidents or nonconformities and any
Clause Yes/No/NA
subsequent action taken?
information as evidence of the results of
any action and corrective action including
their effectiveness?
10.2-12 Does the organization communicate this
documented information to relevant
workers, and where they exist, workers’
representatives, and relevant interested
parties?
10.3-01 Does the organization continually improve
suitability, adequacy and effectiveness of
the SHEMS by enhancing SHE performance?
the SHEMS by promoting a culture that
supports SHEMS?
the SHEMS by communicating the relevant
results of continual improvement to
workers, and where they exist, workers’
representatives?
the SHEMS by maintaining and retaining
documented information as evidence of
results of continual improvement?

TBSHE-CLS-037-SHE Internal Audit Checklist

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

TBSHE-CLS-037-SHE Internal Audit Checklist

Uploaded by

Copyright:

Available Formats

SHE Internal Audit Checklist

ISO 45001 Compliance

TBSHE-CLS-037 Rev-00 Page 1 of 16

TBSHE-CLS-037 Rev-00 Page 16 of 16

You might also like