What are the ISO 45001 Requirements?

The ISO 45001 requirements are structured across ten clauses, with seven containing auditable requirements for an Occupational Health and Safety Management System (OH&SMS). Clauses 1-3 provide introductory information, while clauses 4-10 contain the requirements organisations must fulfil. A key distinction of ISO 45001 is the emphasis on worker participation throughout all ISO 45001 policy requirements.

The standard follows the Plan-Do-Check-Act (PDCA) cycle. Below is a complete checklist covering all ten clauses:

1. Scope – Defines the boundaries and applicability of the standard to occupational health and safety management.

2. Normative References – States there are no normative references for ISO 45001.

3. Terms and Definitions – Provides OH&S-specific vocabulary and definitions.

4. Context of the Organisation

This clause requires organisations to understand internal and external factors affecting their OH&S MS, including worker needs and expectations.

• 4.1 Understanding the organisation and its context
• 4.2 Understanding the needs and expectations of workers and other interested parties
• 4.3 Determining the scope of the OH&S management system
• 4.4 OH&S management system

5. Leadership and Worker Participation

Top management must demonstrate commitment while ensuring workers actively participate in OH&S decision-making. This clause addresses ISO 45001 policy requirements.

• 5.1 Leadership and commitment
• 5.2 OH&S policy
• 5.3 Organisational roles, responsibilities and authorities
• 5.4 Consultation and participation of workers

6. Planning

Organisations must identify hazards, assess risks and opportunities, determine ISO 45001 legal requirements, and establish objectives.

• 6.1 Actions to address risks and opportunities
• 6.1.1 General
• 6.1.2 Hazard identification and assessment of risks and opportunities
• 6.1.3 Determination of legal requirements and other requirements
• 6.1.4 Planning action
• 6.2 OH&S objectives and planning to achieve them
• 6.2.1 OH&S objectives
• 6.2.2 Planning to achieve OH&S objectives

7. Support

This clause addresses resources, competence, awareness, communication, and documented information.

• 7.1 Resources
• 7.2 Competence
• 7.3 Awareness
• 7.4 Communication
• 7.4.1 General
• 7.4.2 Internal communication
• 7.4.3 External communication
• 7.5 Documented information
• 7.5.1 General
• 7.5.2 Creating and updating
• 7.5.3 Control of documented information

8. Operation

Operational requirements focus on eliminating hazards, managing change, procurement, contractors, and emergency preparedness.

• 8.1 Operational planning and control
• 8.1.1 General
• 8.1.2 Eliminating hazards and reducing OH&S risks
• 8.1.3 Management of change
• 8.1.4 Procurement
• 8.2 Emergency preparedness and response

9. Performance Evaluation

Organisations must monitor OH&S performance, evaluate compliance, conduct internal audits, and hold management reviews.

• 9.1 Monitoring, measurement, analysis and performance evaluation
• 9.1.1 General
• 9.1.2 Evaluation of compliance
• 9.2 Internal audit
• 9.2.1 General
• 9.2.2 Internal audit programme
• 9.3 Management review

10. Improvement

The final clause addresses incident investigation, nonconformities, corrective actions, and continual improvement.

• 10.1 General
• 10.2 Incident, nonconformity and corrective action
• 10.3 Continual improvement

ISO 45001 requires all clause requirements (4-10) to be addressed within the defined scope. Unlike some standards, there is limited flexibility for exclusions. Any requirements deemed not applicable must be justified and cannot compromise the organisation’s ability to ensure worker health and safety or achieve the intended outcomes of the OH&S management system.

The scope statement must clearly identify boundaries, including physical locations, activities, and processes covered. Organisations cannot exclude requirements simply because they are difficult to implement.