ISO 45001:2018 Occupational health

and safety management system

Instructor: Ahmed Alrumaih
 Day 1:
•Chapter 1: OHS Management Concept & Terminology
•Chapter 2: Occupational Health & Safety Management System
•Chapter 3: The Audit Process
•Chapter 4: Contexts of the Organization & leadership

Course
•Chapter 5: Planning
Day 2:
•Chapter 6: Support & Operation
•Chapter 7: Performance Evaluation & Improvement

Outcome
Day 3:
•Chapter 8: Audit Program and Management of Audit
•Chapter 9: Audit Planning and Preparation as Per ISO 17021-
1:2015
Day 4:
•Chapter 10: Preforming the Audit & Reporting Audit Outcome
Day 5:
•Final Exam
Chapter 1: OH&S
Management Concept
& Terminology
Chapter 1: OH&S Management
Concept & Terminology

•What is health and safety?

•Types of Occupational Hazard
•Occupational Health and safety
•Key Concepts of OH&S
•Key Definition of OH&S
What is Health and
Safety?

•“Regulations and procedures intended to prevent

accident or injury in workplace or public
environment

•Health and safety in the workplace are the Humber

one concern, yet still deaths and injuries
occur:ISO45001 Set the minimum standard of
practice to protect employees worldwide
Type Of occupational
hazard

•Physical Hazards
•Chemical Hazards
•Biological Hazards
•Radiological Hazards
•Ergonomic Hazards
•Behavioral Hazards
Occupational health &
safety Management
system

• An OH&S is a coordinated and systematic

approach to managing health and safety
risk

• It help organization to continually improve

their safety performance and compliance to
health and safety legislation and standards.

• It protect people at work by eliminating, or

better managing, health and safety hazards.
•OHSAS 18001:2007 (initial version OHSAS
18001:1999) is the predecessor to the
recently released ISO standard ISO
45001:2018
Fundamental key-
concepts of OH&S
•There are some basic grounds and norms for
establishing an Occupational health and safety
management system in any industry:

•Applying Plan Do Check Act (PDCA) Cycle

•Applying Risk Based Thinking
Plan Do Check Act
(PDCA) Cycle
•It demonstrate the following clauses of ISO Standards :

•PLAN – Clauses 4,5,6 and 7

•Determine and assess OH&S risk, OH&S opportunities and other risk other opportunities, establish OH&S objective and
processes necessary to deliver results in accordance with the organization OH&S policy

•DO - Clause 8
•Implement the processes as planed

•Check - Clauses 9
•Monitor and measure activities and processes with regard to the OH&S policy and OH&S objectives, and report the results

•Act - Clauses 10
•Take actions continually improve the OH&S performance to achieve the intended outcomes
 Risk Based
Thinking
•Risk- Based thinking is something we all do automatically and often sub-consciously.

•The Plan-Do-Check-Act (PDCA) cycle for process improvement, as described above, corresponds to proven risk
monument approached. Many organization have the process of risk management as a fundamental process
particularly around information technology, finance and occupational health and safety

•Risk Based Thinking (RBT) is a central tenet of ISO 45001.

•Risk Based Thinking makes preventive action part of the routine.

•Risk is often thought of only in the negative sense. Risk Based thinking can also help to identify opportunities.
This can be considered to be the positive side of risk.
Risk and opportunities is defined as “ potential adverse effects ( threats) and potential beneficial
effects (opportunities).

Severity:
If the risk occurs, how serious is it?
Risk:
effect of uncertainty.An effect is positive or
negative deviation form the expected.
Addressing a risk could mean pursuing new
opportunity. there are two parameters of
defining risk:
Probability:
What is the probability of the risk occurring?

Opportunities can include the adoption of new customers, product

 Key Definitions of OH&S
Basic Terms Definition
1- Organization Person or group of people that has its own functions with responsibilities,
authorities and relationships to achieve its objectives

2- Interested Party Person or organization that can affect, be affected by, or perceive itself to be
affected by decision or activity

3- Worker Person performing work- or work-related activities that are under the control of
the organization

4- Participation Involvement in decision-making

5- Consultation Seek views before making a decision
6- Workplace Place under the control of the organization where a person needs to be or to go
for work purposes
 Key Definitions of OH&S
Basic Terms Definition
7- Management system Set interrelated or interacting elements of an organization to establish policies and
objective and processes to achieve those objectives
8- Occupational health and Management system or party of a management system used to achieve the OH&S
safety Management System policy
OH&S Management System
9- Top management Person or group of people who directs and control an organization at the highest
level.
10- Occupational health Objective set by the organization to achieve specific results consistent with the
and safety objective OH&S policy
11- Injury and ill health Adverse effect on the physical, mental or cognitive condition of a person
12- Hazard Source with potential to cause injury and ill health
 Key Definitions of OH&S
Basic Terms Definition

13- Occupational health Combination of the likelihood of occurrence of a work-related hazardous

and safety risk-OH&S risk event(s) or exposure(s) and the severity of injury and ill health can be
caused by the event(s) or exposure(s)
14- Occupational health Circumstance or set of circumstances that can lead to improvement of
and safety opportunity OH&S performance
15- Occupational health Performance related to the effectiveness of the prevention of injury and ill
and safety performance health to workers and the provision of safe and safety workplace
 Key Definitions of OH&S

Basic Terms Definition

16- Outsource, verb Make an arrangement where an external organization preforms part of an
organizations function or process
17- Incident Occurrence arising out of, or in the course of, work that could or does
result in injury and ill health
18- Corrective action Action to eliminate the course(s) of a nonconformity or an incident and to
prevent recurrence
19- Continual Recurring activity to enhance performance
improvement
Chapter 2: Occupational
Health & Safety
Management System
Chapter 2: Occupational
Health & Safety Management
System
•Introduction
•Purpose of OH&S
•Scope of the occupational health
and safety management system
•Overview of ISO Standard
45001:2018
•Structuring of ISO Standard
45001:2018
•Benefits of ISO Standard
45001:2018
 Introduction
Occupational health and safety management system.
The implementation of an OH&S provides an overview of selection of positive benefits from
implementation of ISO 45001. There positive benefits are not exhaustive.

• Systematic approach for senior leadership to assess OH&S risk and opportunities, monitor
and review
• Reduce downtime, lead to reduction or prevention of worker loss time hours and potential
prosecution.
• Promotes worker participation when identifying hazards, elimination or reducing risk
• provided requirements to assess procurement of products and services.
• Provide scrutiny and effectiveness of the OH&S management system.
Purpose of OH&S
What is the purpose of OH&S management system?
The purpose of an OH&S management system is to provide

• Framework for managing OH&S risks and opportunities

• Protecting the workers safety by preventing or mitigating adverse hazards impacts
• Mitigating the potential adverse effect of work conditions on the organization
• Assisting the organization in the fulfillment of compliance obligations
• Enhancing OH&S performance
Purpose of OH&S
•What is the purpose of OH&S management system?

•Controlling or influencing the way the organization products and services are
designed, manufactured, distributed, consumed and disposed by using a life cycle
perspective that can prevent work hazard impacts from being unintentionally shifted
elsewhere within the life cycle
•Achieving financial and operational benefits that can results from implementing
environmentally sound alternative that strengthen the organization market position.
•communicating OH&S information to relevant interested parties.
SCOPE of the OH&S

•What is a SCOPE?
•A scope is a sets the intent and parameters within which the ISO
45001:2018 management standard can be used to attain its intended
outcome.

• Provide a safe and healthy workplace

• Prevent work related injury and/ or ill health
• Proactively monitor and improve OH&S performance
• Eliminate hazard and minimalize OH&S risks
• Take advantage of OH&S opportunities and address management system
non-conformities associated with its activities
• Fulfill legal and other requirements
• Achieve OH&S objectives
• Integrate other aspects of health and safety including worker wellness/
wellbeing
 Overview: ISO Standard
45001:2018

What is ISO
• Before starting with ISO standard 45001:2018, lets understand some basic terms:
• ISO stands for International Organization For Standardization based in Geneva, Switzerland. They develop
and publish international

What is Standard
• ISO creates denouements that provide requirements, specifications, guidelines or characteristics that can
be used consistently to ensure that material, products, processes and services are fit for their purpose which
is called standards.

What is ISO 45001

• ISO 45001 series: OHSAS 18001:2017 (initial version OHSAS 18001:1999) is the predecessor to the recently
released ISO standard ISO 45001:2018 is an ISO standard and has been designed to have greater
compatibility with existing ISO standard management system revisions including ISO 9001:2015 & ISO
14001:2015
ISO 45001 Occupational health and safety
management standard structure
Clause 1 • Scope

Clause 2 • Normative references

Clause 3 • Terms and definition

Clause 4 • Context of the organization

Clause 5 • Support

Clause 6 • Planning

Clause 7 • Leadership & workers Participation

Clause 8 • Operation

Clause 9 • Performance evaluation

Clause 10 • Improvement
 Benefits of occupational
health and safety management
system

• Demonstrate compliance with current and future statutory and regulation requirement
• Increase leadership involvement and engagement of employees and participation of
workers
• Improve company reputation and the confidence of stakeholders through strategic
communication
• Achieve strategic business aims by incorporating health and safety issues into business
management
• Provide a competitive and financial advantage though improved efficiencies and
reduced costs
• Encourage better OH&S performance of supplier by integrating them into the
organization business systems
Chapter 3: The Audit
Process
Chapter 3: The Audit
Process
•What is AUDIT?
•Types of the Audit
•Audit Steps
•Audit Plan
•Overview: Audit Process (OOH&S)
•Audit Framework
What is Audit?

•Audit is defined as systematic, independent

and documentation process for obtaining
objective evidence and evaluating it objectively
to determine the extent to which the audit
criteria are fulfilled
 Type of Audit
Internal Audit

First party Audit

(with-in organization audit)

External Audit

Second party Audit

(external provider audit or other external interested party audit)

External Audit

Third party Audit

(Certification/ Accreditation Audit or Statutory regulatory and similar audit)
 Audit Steps
1- Planning
• Audit Plan & Work Documents

2- Performing
• Opening Meeting, Collect Evidence, Closing Meeting

3- Reporting
• Audit Report

4- Following- UP
Corrective Action, Follow up Audit
 Audit Plan
•What is Audit Plan and its purpose?

•An Audit plan description of the activates and arrangements for an audit, is the specific
guideline to be followed by the auditor for conducting an audit. It helps the auditor to
obtain sufficient appropriate evidence for the circumstances, helps keep audit costs at a
reasonable level, and helps avoid misunderstandings with the client/Auditee
Agenda of audit plan
Check knowledge of
clints business

Development to audit
strategies or overall
Agenda of audit plan
plan(who, when and
where)

Preparation of audit
programme
Overview: Audit
Process (OH&S)
•Basic Principles of Auditing:

•Integrity: the foundation of professionalism

•Fair presentation: the obligation to report truthfully and accurately.
•Due professional care: the application of diligence and judgment in auditing
•Independence: the basis for the impartiality of the audit and objectivity of the audit
conclusion.
•Evidence-based approach: the rational method for reaching reliable and reproducible
audit conclusions in systematic audit process.
•Risk-based approach: an audit approach that considers risks and opportunities.
ISO 45001: OH&S
standard Structure
•ISO 45001:2018 is made up of a number of different sections, each concentrating on requirements
involved in different of OH&S management system.

•Clause 0-3 – Introduction and scope of the standard

•Clause 4 – Context of the organization
•Clause 5 – Leadership & worker Participation
•Clause 6 – Planning
•Clause 7 – Support
•Clause 8 – Operation
•Clause 9 – performance evaluation
•Clause 10 – Improvement
Audit Framework
•Audit Scope: extent boundaries of an audit.
•Audit Objective: results to be achieved by the audit.
•Audit Criteria: set requirements used as a reference against which objective evidence is
compared.

1. Audit 2. Audit 3. Audit

Scope Objective Criteria
Chapter 4: Contexts of
the Organization &
leadership

•ISO 45001:2018 Structure.

•Audit if the Organization Context.
•OH&S Policy Framework.
•Leadership
•Competency
•Consultation and participation of workers
 ISO 45001:2018 Structure
ISO 45001:2018 Structure

PLAN DO CHECK ACT

4. Context of the 5. Leadership and 9. Performance
6. Planning 7. Support 8. Operation 10. Improvement
organization worker participation evaluation

Monitoring,
understand the
Leadership and Action to address risk Operational planning measurement, analysis
organization and it Resources General
commitment and opportunities and control and performance
context
evaluation

understanding the needs

OH&S objectives and Emergency Incident,
and expectation of
OH&S Policy planning to achieve Competence preparedness and Internal audit nonconformities and
workers and other
them response corrective action
interested parties

Determining the scope Organization

of the OH&S responsibilities and Awareness Management review Continual improvement
management system authorities

OH&S management Consultation and

Communication
system participation of workers

documented
4. Context of
the
organization
4. Context of the
organization
•4.1 Understand the organization and its context

•Determine the issue that impact the organization to achieve the intended outcome, i.e.
Internal Issue / External Issue
 4.1 Understand the
organization and its context

•Internal Issue:

• Governance, organizational structure, roles and responsibilities.

• Policies, objective and the strategies are in the place to achieve them
• Capabilities understood in terms of resources, knowledge and competence
• Information system, information flows and decision- making process
• Introduction of new products, material, services, tools, software, premises and equipment.
• Relationship with, as well we perceptions and values of workers
• Culture in the organization working time arrangements and working conditions
• Standard, guidelines, and models adopted by the organization
• The form and extent of contractual relationships, including for example: outsourced activities.
 4.1 Understand the
organization and its context

•External Issue:

• The cultural, social, political, legal, financial, technological, economic and natural
surrounding and market competition, whether international, national, regional or local.
• Introduction of new competitors, contractors, subcontractors, suppliers, partners and
providers, new technologies, new laws and the emergency of new occupations
• Key drivers and trends relevant to the industry or sector having impact on the orgnazation.
• Relationship with, as well as perceptions values of, its external interested parties.
• Changes in relation to any of the above
 4.2 Understand the needs &
expectations of the interested
parties

Organization shall determine:

Interested parties (internal and external) and their needs and expectations relevant to the OH&S.

•Relevant needs and expectations (i.e., requirements) of workers and other interested parties.
•Meeting the relevant needs and expectations (i.e., requirements) of workers and other interested
parties.
•Which of these needs and expectations are, or could become, legal requirements and other
requirements.

Interested parties can be:

Customers, owners, share holders, employees, workers, suppliers and partners, society regulation …
etc.
 4.3 Determining the scope of the
environmental management system

Organization shall determine:

Boundaries & applicability of the OH&S management system to establish its scope. It should
consider:
• External & internal Issues.
• The requirements referred to in4.2
• The planned or performed work related activities.
• Including the activities, products and services within the organization control OH&S
performance.
 4.4 OH&S management system

• Organization shall establish, implement, maintain and continually improve an OH&S

management system, including the processes needs and their interactions, in accordance
with the requirements of this document.

• Organization shall consider the knowledge gained in 4.1 (internal/ External) as well as 4.2
(needs and expectations of interested parties) & 4.3
5. Leadership
& workers
5.1 Leadership and
commitment
• Take overall responsibility and accountability for the prevention of work-related
injury / ill health, as well as the provision of a safe and healthy work environment.
• Facilitating positive culture and continual improvement.
• Ensure the OH&S system is integrated within business processes.
• Promote communication internally and externally and at all levels.
• Protect workers from reprisal when reporting incidents, hazards, risks and
opportunities.
• Provision and support for safety committees.
5.2 OH&S Policy
• Commitment to provide safe and health working condition for the prevention of work-related injury and ill
health and its appropriate to the specific nature of its OH&S risks and OH&S opportunities
• Provides a framework for setting the OH&S objectives.
• Including a commitment to fulfill legal requirements and other requirements.
• Including a commitment to eliminate hazards and reduce OH&S risks.
• Including a commitment to continual improvement of OH&S management system.
• Including a commitment to consultation and participation of workers

Environment policy shall:

• Available and maintained as documented information.
• Communicated, understood and applied within the organization
• Available to relevant interested parties as required
5.3 Organization responsibilities
and authorities

• Ensure that the responsibilities and authorities for relevant roles within the OH&S
management system are assigned and communicated with all level.
• Ensure that OH&S management system conforms to the requirement of this
document.
• Reporting on the performance of the OH&S management system to top management
 5.4 Consultation and
participation of workers
Organization shall establish, implement and maintain a process for consultation and participation of
workers at all application levels and functions, where they exist workers representative, in the
development of the OH&S management system.

• Provide mechanisms, time, training and resources necessary for consultation and participation.
• Provide timely access to clear, understandable and relevant information about the OH&S
management system.
• Determine and remove obstacles or barriers to participation and minimize those that cannot be
removed.
• Emphasize the consultation of non-managerial workers.
• Emphasize the participation of non-managerial workers.
 Competency
“Ability to apply knowledge and skills to achieve intended results.”

Organization management selects, Leader to assign resposiblities and authorotiey across

several roles in the organization, or to one individual role with the appropriate level of
seniority, educational qualification, knowledge, skills and experience relevant to the work
and teamwork
Chapter 5: Planning

•Actions to address Risk &

opportunities
•Hazard identification and
assessment of risk and opportunities
•OH&S objectives & planning to
achieve them
 Planning
•“Planning is one of the key components of any management system. ISO 45001 is based
on the PLAN-DO-CHECK-ACT cycle, where planning is used to set the action in motion for
how the system will work”
Risk and Opportunities
Risk & opportunities is “effect uncertainty”

A Risk is a positive or negative deviation from

the expected. Addressing a risk could mean
pursuing a new opportunity.

An Opportunities can include the adoption

of new customers, product, practices,
markets, partnership etc.
 6.1 Action to address
risk and opportunities
At various point in time there will be need to ‘plan’ again; this includes the periodic planning for
achieving objectives that are set and reviewed, and also in the event of a ‘change’ which could arise
from a planned or unplanned event

• Plan the actions based on risk assessment to mange risk and opportunities in the prevention of undesired
effects including work related injury or ill health.
• Manage events and continually determine risk and opportunities for both workers and the OH&S system.
• Establish and manage objectives.
• Plan and manage changes to the system and re-evaluate once has bee made.
• Consider relationships and interactions between activities.
• Define a methodology for hazard identification.
• Define the methodology for indentation and management of legal and other requirements
 6.1.2 Hazard Identification
and Assessment of Risk and
Opportunities

Hazard identification will enable the organization to recognize and understand hazards in the
workplace.

It will also allow workers to assess, priorities and eliminate hazards or to reduce OH&S risk.
Hazard can appear in many different circumstances and condition.

• Groups of workers exposed to the hazard or Nosie, cold or heat

• Shift work, hours of activity, lone working, supervision
• Human factors including demanding physical activities
• Design of the workplace, for example segregation of traffic and pedestrian
• Changes in work pattern including increase or decrease in productivity
• Legal requirements and mechanism to adopt changes in legal requirements
 6.1.2 Hazard Identification
and Assessment of Risk and
Opportunities

•How the risk assessment will be communicated subsequent worker training of control
measure
•Emergency situations such as unplanned events including fire and los of power
•Availability of resources to ensure hierarchy of control can be applied to risk assessment
findings
6.1.3 Determination of legal
requirements and other
requirements

Organization shall establish, implement and maintain a process to:

• Determine and have access to up-to-date legal requirements and other requirements
that are applicable to its hazards, OH&S risks and OH&S management system
• Determine how these legal requirements and other apply to the organization and
what needs to be communicated
• Take these legal requirements and other requirements into account when establishing,
implementing, maintaining and continually improving its OH&S management system
 6.1.4 Planning
action
Ensure organization has planned actions to:

•Address their risk and opportunities

•Address legal requirements and other requirements
•Prepare for and respond to emergency situations
•How integrate and implement the actions into its OH&S management system processes
or other business processes
•Evaluate the effectiveness of those actions
•The organization shall consider the hierarchy of control and outputs from the OH&S
management system when planning to act.
6.2 OH&S Objectives and
Planning to achieve them

OH&S objectives shall:

•Be consistent with the OH&S policy

•Be measurable (if practicable) or capable of performance evaluation
•Take into account applicable requirements & results of the assessment of risks and
opportunities.
•Results of consultation with workers and, where they exist, workers representatives
•Be monitored
•Be communicated
•Be undated as appropriate
6.2 OH&S Objectives and
Planning to achieve them

•When planning how to achieve its OH&S objective, the organization shall determine:

What How the

When it will
What will be resources Who will be results will
be
done? will be responsible? be
completed?
required? evaluated?

•How the actions to achieve OH&S objectives will be integrated into the organization
business processes.
•The organization shall maintain and retain documented information on the OH&S
objective and plans to achieve them
Chapter 6: Support
and Operation

•Resources & Competence

•Awareness & communication
•Documented information
•Operational planning and control
•Control of non-confirming outputs
•Emergency preparedness and
response
Support
 Support
•Purpose:
•“ talks about appropriate and adequate requirements to establish, implement and
continual improvement of a OH&S management system in the organization

What kind of support is required for iso

45011:2018?

7.4 7.5
7.1 Resources 7.2 Competence 7.3 Awareness
Communication Documentation
Recourses
It focuses on human resources, infrastructure, process environment,
monitoring and measuring resource, organizational knowledge
People

• For the operation & control of its processes and effective implementation of its OH&S management system, necessary and
competent people are required

infrastructure

• Facilities, equipment and services needed to consistently provide conforming products and services to its customers

Process environment

• Provides the necessary environment for the operation of its processes, to facilitate provision of conforming products and services
and their environments changes as per product nature

Monitoring & measuring

• Provide suitable resources to ensure valid reliable monitoring and measuring results, when evaluation the conformity of the
organization products and services.

Organizational knowledge

• Maintain knowledge determined by the organization as necessary for the operation of its processes and to achieve conformity of
products and services, as well as to encourage the acquisition of necessary knowledge based on changing needs and trends.
 Competence
It focuses on appropriate education, training or experience and other additional skill or
professional experience

In order to evaluate necessary competence of workers that affects or can affect its OH&S
performance. Organization must consider:

•Appropriate education qualification or experience

•Other training relevant to work
•Work experience in appropriate field
•Take actions to acquire the necessary competence, evaluate the effectiveness of the action
taken.
•Retain appropriate documented information that provides evidence of competence.
 Awareness
It includes the awareness regarding the OH&S policy and relevant OH&S objective and individual roles and
responsibilities within the organization

•Workers shall be made aware of:

•OH&S policy and OH&S objectives
•Their contribution to the effectiveness of the OH&S management system, including the benefits of improved
OH&S performance
•The implications and potential consequences of not conforming to the OH&S management system
requirements
•Incidents and the outcomes of investigations that are relevant to them
•Hazard, OH&S risk and actions determined that are relevant to them
•Ability to remove themselves from work situation that they consider present an imminent and danger to
their life and health, as well as the arrangements for protecting them from undue consequences for doing so.
 communication
It includes mode of communication, when, how ,who, whom to communicate including
internal and external parties, worker

•Establishes the internal and external communication that are needed, and which are
relevant to the OH&S management system.
•Ensure its communication process enables workers to contribute to continual
improvement
•Determine on what it needs to communicate, with whom, when and who and how it is
communicated including contractors and visitors to the workplace. This might be
different for internal and external parties
 Documented
information
•The organization control the documented information needed for conformity to ISO
45001,as well as the documented information that has determined is needed for the
effectiveness of its OH&S management system.
•Ensure that information is Kept-up-to-date.
•Ensuring that information that is used to provide evidence about whether or not a
requirement has been fulfilled is protected against any deterioration or unauthorized
change.
Operation
Operation
•To plan, implement and control the
processes needed to meet the
requirements for the provision of
product and services
 Operational
planning & control
The boundaries of each process and how they interact
• What resources are required to manage the process including leadership, equipment,
time, human and financial.
• What documented information is required to aid management of process including
procedures and safe system of work
• The method in which changes to the process are planned and controlled including
unintended events
• Application of legal and other requirements or manufacturer instruction for
equipment.
• Engineering control, for example interlocked guards and exhaust system
 Eliminating hazard
and reduce O&S risk
Ensure organization elimination of hazard and reduction of OH&S risk using the following
hierarchy of control:

•Eliminate the hazard

•Substitute with less hazardous processes, operations, materials or equipment
•Use engineering controls and reorganization of work
•Use administrative controls, including training
•Use adequate personal protective equipment.
 Management of
change
Ensure that organization shall establish a process for the implementation and control of
planned temporary and permanent changes that impact OH&S performance

•Change in competent supervision and workers

•Introduction of new materials, machinery and processes
•Incorporate a mechanism to assess and prevent the introduction of new hazards
•Notification of change may be supported by training and commence requirement
•Changes are reviewed and controlled.
 Procurement
Establish control to ensure that procurement of goods (for example products, hazardous materials or
substances, raw materials or equipment) and services conform

Prior to procuring goods and services, the organization should identify procurement control that:
• Identify and evaluated potential OH&S risk associated with products, materials, equipment's and
services
• Require products, material equipment and services to conform to OH&S objectives
• Define needs for information, participation and communication

Prior to use in workplace

•Verify that any procured equipment, installation and materials are adequate before being commissioned
to ensure they function as designated
•ensure goods are delivered to specifications and are tested to ensure they work as interned and specified.
•Communicate and make available usage requirements, precautions or other protective measures
 Outsourcing
Ensure that organization has outsourced functions and processes are controlled.
•Ensure that its outsourcing arrangements are consistent with legal requirements and other requirements
•Achieving the intended outcomes of the OH&S management system
•The type and degree of control to be applied to these functions and processes are defined within the OH&S management
system

Documented information
•Example of documented information considered for retention in procurement of products and services:
•Risk assessment and methods statements between the organization and contactor
•Material safety date sheets
•Email exchanges relating to safety aspects
•Certificates of conformity- harnesses, guarding, emergency stops and PPE
•Contractor permits and licenses
•Completed external provider questionnaires
•Worker training records
Emergency preparedness
and response
Ensure that the organization shall establish, implement and maintain a process needed to prepare for
and respond to potential emergency situations as identified in 6.1.2 Hazard Identification and
Assessment of Risk and Opportunities

•Establishing training for response to emergency situations, including the provision of first aid
•Providing training for planned response
•parodically testing and exercising the planned response capability
•Evaluating performance and as necessary revising the planned response, including after testing and
after the occurrence of the emergency situations.
•Communicating and providing relevant information to all workers on their duties and responsibilities.
•Communicating relevant information to contractors ,visitor, emergency response services,
government authorities.
•Considering the needs and capabilities of all relevant interested parties and ensuring their
involvement
Chapter 7: Performance
Evaluation &
Improvement

•Introduction
•Monitoring, measurement, Analyses and
evaluation
•Internal audit
•Management review improvement
 introduction
Performance Evaluation purpose
To ensure that there is adequate and suitable processes established in the organization
to keep a track on the performance of the processes, products and services

For that 3 main factors are necessary:

• Monitoring, measurement, analysis and evaluation
• Internal audit
• Management review
Monitoring, measurement,
analysis and evaluation

Organization should decide:

• What needs to be monitored and measured
• Methods for monitoring, measurement , analysis and performance evaluation
• Criteria against which the organization will evaluate its OH&S performance
• When to be performed
• When the results shall be analyzed, evaluated and communicated
• Equipment is calibrated or verified and maintained as appropriate
Monitoring, measurement,
analysis and evaluation

By analysis the results we can evaluate:

• Conformity of products
• Degree of customer satisfaction
• Effectiveness of OH&S performance & management system
• Successful of risk management
• Performance of external providers
• Need for improvements
• Retain appropriate documented information
 Evaluation of
compliance
Ensure that organization establish, implement and maintain a process for evaluating
compliance with legal requirements and other requirements by:

• Determining frequency and method for the evaluation of compliance

• Evaluating compliance and take action if needed
• Maintain knowledge and understanding of its compliance statue with legal
requirements and other requirements
• Retain documented information of the compliance evaluation results
 Internal audit
Audit will be conducted or planned intervals with personal who are qualified and in an
objective manner:

•Monitor compliance to policy and objectives

•Provide evidence that all necessary check are carried out
•Ensure all current legislative and other requirements are met
•Assess the effectiveness of risk management
•Worker engagement leading to positive safety culture
•Identify improvement using ‘fresh eyes’ to review a process
•Aid continual improvement
Management review
•After internal audit completed, the result
of the audit is being reviewed in a meeting
•Conducted by top management on
regular basis
•Monitoring, measurement and audit
outcomes are reviewed
•The outcome are used for
improvement ,changes required and
resource need
10 improvement
Purpose:
•After in the internal audit and
management review, the most important
step is IMPROVEMENT. It is necessary to
ensure that changes implemented to the
OH&S management system improve
efficiency of the organization to meet
customers and enhance work safety
satisfaction
10.1 General
•Determine opportunities for
improvement and implement necessary
actions to achieve the intended outcomes
of its OH&S management system
10.2 incident, non-conformity
and corrective action
When am incident or a non-conformity occurs,
organization shall ensure:
• React in a timely manner to the incident or non-
conformity, take action to control and correct it and
deal with the consequences.
• Evaluate, with the participation of workers and the
involvement of other relevant interested parties,
eliminate the root cause of the incident or non-
conformity to avoid re-occurrence
• Review existing assessments of OH&S risk
• Determine and implement any action needed in
accordance with the hierarchy of control & the
management of change
10.2 incident, non-conformity
and corrective action
When am incident or a non-conformity occurs, organization
shall ensure:
• Assess OH&S risks that relate to new or changed hazard,
prior to take action
• Review the effectiveness of any action taken, including
corrective action
• Make change to the OH&S management system, if
needed
• Corrective actions shall be appropriate to the effects of
the incident or non-conformity encountered
• The organization shall communicate this documented
information to relevant workers and where they exist,
workers representative and other relevant interested
parties
 10.3 continual
improvement
•Enhancing OH&S performance
•Promoting a culture that supports an OH&S management system
•Promoting the participation of workers in implementing actions for the continual
improvement of the OH&S management system
•Communication the relevant results of continual improvement to workers
•Maintaining and retaining documented information as evidence of continual
improvement
Task to do in audit
• Collect objective Evidence for the corrective actions taken against the non-conformity
of processes, product and service
• Check organization has demonstrated that the system is suitable, adequately
implemented, maintained and evaluated to meet the planned intended outcomes
against the OH&S policy, objective and specified requirement
• The rate, extent and timescale of actions that support continual improvement are
determined timely.
• The intended out of planned actions and other system changes is an enhancement in
the OH&S performance of the organization
Chapter 8: Audit
Programme me and
Management of Audit

• Structuring Of ISO Standard 19011 : 2018

• Terminology & Principles of Auditing
• Specific Roles and Responsibilities
• Establishing the Audit Programme & Its
Objective
• Implementing the Audit Programme
• Auditor Competencies & Evaluation
• Monitoring and Recording the Audit
Programme
 ISO 19011 : 2018
( Guidelines for the auditing
management systems ) 
Clause 1 • SCOPE 

Clause 2 • NORMATIVE REFERENCES 

Clause 3 • TERMS & DEFINITIONS

Clause 4 • PRINCIPLE OF AUDITING

Clause 5 • MANAGING AN AUDIT PROGRAMME

Clause 6 • PERFORMING AN AUDIT

Clause 7 • COMPETENCE AND EVALUATION OF AUDITORS

Clause 8 • ANNEX A ( INFORMATIVE )

PRINCIPLES OF
AUDITING 
•Integrity : foundation of professionalism
•Fair Presentation : obligation to report truthfully and accurately . 
•Due Professional Care : application of diligence and judgment in auditing . 
•Confidentiality : security of information . 
•Independence : basis for impartiality of audit and objectivity of audit conclusions . 
•Evidence - Based Approach : rational method for reaching reliable and reproducible
audit conclusions in a systematic audit process . 
•Risk - based approach : an audit approach that considers risks and opportunities
 ESTABLISHING THE
AUDIT PROGRAMME
OBJECTIVE

Purpose :
1. The audit client should ensure that :
• The audit programme objectives are established to direct the planning and
conducting of audits.
• The audit programme is implemented effectively .

2. Objectives should be consistent with the audit client's strategic direction and
support management system policy and objectives .
IMPLEMENTING THE
AUDIT PROGRAMME
• Communicate the relevant parts of the audit programme .
• Define objectives , scope and criteria for each individual audit .
• Select audit methods and coordinate and schedule audits .
• Select competent audit teams .
• Provide resources to the audit teams .
• Ensure the conduct of audits .
• Define and implement the operational controls .
• Review the audit programme .
• Identify opportunities for its improvement
 SCHEDULING AUDIT & ITS
FREQUENCY
Audit scheduling should be on the basis of risk to the organization's operations . Considerations for the audit
schedule include :

1. Any contractual requirement to audit 

2. Changes in the organization . Example : ownership , management , staff , plant or processes 

3. Conformity with customer requirements and possible business for the future 

4. Records that indicates actual or potential problems 

5. Is an audit cost - effective ? Example : Travel and associated accommodation costs . 

6. Follow - up actions involving both the auditor and auditee . 

7. Updates on the phase of the contract or project and the completion or delivery date . 

8. Information of existing work programme and contracts . 

 AUDITOR
COMPETENCIES &
EVALUATION

Before conducting the audit for an organization , it is necessary to confirm that the
auditor have is competent enough to conduct an audit in the organization . For that , we
consider the following to make sure that the auditor is a good fit for the audit . 
•Personal Attributes 
•Knowledge and skills
 AUDITOR
COMPETENCIES

Discipline and sector Generic knowledge and

specific knowledge and skills
skills

Education Work Experience Auditor Training Auditor Experience

 AUDITOR
EVALUATION 
The auditor evaluation process should include four main steps , as follows :

• Determine the required competence to fulfill the needs of the audit programme 
• Establish the evaluation criteria
• Select the appropriate evaluation method 
• Conduct the evaluation
SELECTING THE
AUDIT TEAM
• Competence needed to achieve audit objective 
• Type of management system 
• Audit objective , scope and criteria 
• Industry & auditing experience 
• Auditee specific requirements
 MONITORING AND
REVIEWING THE AUDIT
PROGRAMME 

• Monitoring of audit programme gives a better understanding of audit finding ,

effectiveness and maturity of the system with other relevant requirement . 

• Reviews can lead to corrective actions and the improvement of the audit programme . 

• Proper feedback is provided by the audit team leader to all auditors on the overall
audit , opportunities for team members to improve their auditing , the success or
otherwise in meeting the audit objectives
 RECORDS
Records should be maintained to demonstrate the implementation of the audit programme : 

• Audit plans 
• Audit reports 
• Nonconformity reports 
• Corrective and preventive action reports 
• Follow - up records 
• Results of programme review 
• Auditor competencies and performance evaluation 
• Audit team selection 
• Maintenance and improvement of competence