ISO 45001 standard outlines requirements for Occupational Health and Safety (OH&S) Management Systems. The standard’s latest version, ISO 45001:2018, provides a framework for organisations to follow to provide a healthy and safe workplace.
Organisations are required to perform regular internal audits as outlined under clause 9.2 of ISO 45001:2018. They must also evaluate audit findings to identify OH&S opportunities, ways to improve health and safety, and non-conformities and areas of improvement within the organisation.
If you’re considering an ISO 45001 internal audit, you may wonder what the process entails. Here are the basic details of the ISO 45001 internal auditing process.
1. Plan the audit
The first thing to do is develop an audit plan that defines the objectives, resources needed, scope, and activities to be conducted during the audit. You should also choose the right candidate within your company to perform the internal audit.
The internal auditor you choose must be familiar with the ISO 45001 standard and have good evaluating skills as well as experience in risk management. The person must have a clear understanding of the organisational structures and procedures. The ability to think logically and generate internal reports is also essential.
2. Identify the audit team
Once you develop a solid audit plan, it’s time to identify the participants who will take part in the auditing process. Identify the necessary skills and resources, processes and activities that need to be audited, and assign roles and responsibilities.
You may also consider training if necessary. If you cannot find a qualified audit team within your organisation to conduct the audit, you can hire an outside company specialising in internal audits.
3. Use an ISO 45001 checklist
You are encouraged to use an ISO 45001 checklist during the audit to ensure the standard’s requirements are being met at every step of the audit. The purpose of internal audits is to maintain certification of the occupational health and safety standard, so it makes sense that the auditor uses this checklist, which covers the seven main standards of ISO 45001:
- Planning
- Support
- Improvement
- Operation
- Context of the organisation
- Leadership
- Performance evaluation
4. Report the audit results
After a successful audit, your auditor should prepare a report of the audit results detailing the findings and make it available to management. Reports are an essential part of an audit process as they provide written documentation of your company’s progress. They also provide an independent assessment of your company’s performance against the requirements of ISO 45001.
Through audit reports, you can conduct performance evaluations to see if you’re on the right track and identify areas that could need improvement.
5. Implement corrective actions
ISO 45001 internal audits are conducted to check the health and safety standards of your workplace. The reports are meant to provide insight into the conditions of your workplace, so you can take the necessary corrective action if you find areas that require correction.
Based on your audit results, identify the root cause of the highlighted problem, develop relevant corrective actions to address the cause, and monitor the actions to ensure they are effective. For example, if your auditor points out that workers are not using the right protective equipment at work, the corrective action can include having them use the proper protective equipment.