ohsas 18001 auditing tool

To use this implementation plan, you should score each section with a score of 0-3

0 = no progress 01 = work commenced 12 = nearing completion 23 = implemented 3

Example:

Clause Criteria Score

2

3

1

4.3.3 Objectives and program(s) of OHSAS 18001

The organization shall establish, implement and maintain documented OH&S objectives, at relevant functions and levels within the organization.

Has the organization established and maintained OSH objectives?

Is there a documented and maintained procedure for periodically reviewing objectives?

with the OH&S policy, including the commitments to the prevention of injury and ill health, to compliance with applicable legal requirements and with other requirements to

Are objectives reasonable and measurable?

Have the documented objectives considered legal and other requirements?

To use this implementation plan, you should score each section with a score of 0-3

Standards and Guidance Notes

Comments

Complete

Supporting information/links/documents

4.2 4.3.1 4.3.2 4.3.3 4.4.1 4.4.2 4.4.3 4.4.4 4.4.5 4.4.6 4.4.7 4.5.1 4.5.2 4.5.3 4.5.4 4.5.5 4.6

0

10

20

30

40

50

60

70

80

90

100

OHSAS 18001:2007 implementation plan

Clause

% Score

4.1 General requirements

The organization shall establish, document, implement, maintain and continually improve an OH&S management system in accordance with the requirements of this OHSAS Standard and determine how it will fulfill these requirements.

4.2 4.3.1 4.3.2 4.3.3 4.4.1 4.4.2 4.4.3 4.4.4 4.4.5 4.4.6 4.4.7 4.5.1 4.5.2 4.5.3 4.5.4 4.5.5 4.6

0

10

20

30

40

50

60

70

80

90

100

OHSAS 18001:2007 implementation plan

Clause

% Score

Optimised

Developing

Work required

Clause % Score4.2 0

4.3.1 04.3.2 04.3.3 04.4.1 04.4.2 04.4.3 04.4.4 04.4.5 04.4.6 04.4.7 04.5.1 04.5.2 04.5.3 04.5.4 04.5.5 04.6 0

BS OHSAS 18001:2007 Implementation plan

Action ClauseBS OHSAS 18001 clausesPolicy 4.2Risk Assessment 4.3.1Legislation 4.3.2Objectives and targets 4.3.3Roles and responsibilities 4.4.1Training 4.4.2

4.4.3Documentation 4.4.4Control of documents 4.4.5Operational control 4.4.6Emergency preparedness 4.4.7

4.5.1Compliance evaluation 4.5.2Nonconformity, incidents etc 4.5.3Control of records 4.5.4Audits 4.5.5Management Review 4.6

Communication and consultation

Performance measurement and monitoring

BS OHSAS 18001:2007 Implementation plan

Action required

Responsible person TargetOverall status (%)

4.2 OH&S Policy

Clause Criteria

e) is documented, implemented and maintained;

g) is available to interested parties; and Is the policy available to interested parties?

% complete:

Top management shall define and authorize the organization’s OH&S policy and ensure that within the defined scope of its OH&S management system it:

Is the policy defined and is it appropriate to the type, size, and OH&S impacts of the organization’s activities?

a) is appropriate to the nature and scale of the organization’s OH&S risks;

b) includes a commitment to prevention of injury and ill health and continual improvement in OH&S management and OH&S performance;

Does the policy include a commitment to continual improvement in the organization’s operations?

Does the policy include a commitment to prevention of injury and ill health?

c) includes a commitment to at least comply with applicable legal requirements and with other requirements to which the organization subscribes that relate to its OH&S hazards;

Does the policy include a commitment to comply with applicable legal & other requirements?

d) provides the framework for setting and reviewing OH&S objectives;

Is there reference to the businesses objectives?

Is the policy available in document form, communicated/displayed around the organisation, and also kept up to date?

f) is communicated to all persons working under the control of the organization with the intent that they are made aware of their individual OH&S obligations;

Is the policy documented, implemented, maintained (periodically reviewed) and communicated to all employees?

Are all persons aware of their individual OH&S responsibilities and obligations?

h) is reviewed periodically to ensure that it remains relevant and appropriate to the organization.

Has the policy been signed and dated by senior management to confirm review within the last year?

Score

0

Comments


4.3 Planning


a) routine and non-routine activities;

4.3.1 Hazard identification, risk assessment and determining controls

The organization shall establish, implement and maintain a procedure(s) for the ongoing hazard identification , risk assessment, and determination of necessary controls.

Are there documented and maintained procedures to establish and update hazards, risks and implementation of controls?

The procedure(s) for hazard identification and risk assessment shall take into account:

The procedure and documentation must cover:

Does the procedure cover routine and non routine activities?

b) activities of all persons having access to the workplace (including contractors and visitors);

Does the procedure cover all personnel and facilities?

c) human behavior, capabilities and other human factors;

Consideration must be given in the risk assessment document to human factors (human error etc)

d) identified hazards originating outside the workplace capable of adversely affecting the health and safety of persons under the control of the organization within the workplace;

Consideration must be given in the risk assessment document to risks from outside of the workplace

e) hazards created in the vicinity of the workplace by work-related activities under the control of the organization;

Are there any obvious hazards that should have been considered and were not? If not, why not?

f) infrastructure, equipment and materials at the workplace, whether provided by the organization or others;

Is the workplace infrastructure, equipment and materials included in the Risk Assessment documentation?

g) changes or proposed changes in the organization, its activities, or materials;

Does the procedure for RA cover review following changes?

Is there evidence that RA's are reviewed when changes occur?

h) modifications to the OH&S management system, including temporary changes, and their impacts on operations, processes, and activities;

Is there evidence that RA's are reviewed when changes occur?

i) any applicable legal obligations relating to risk assessment and implementation of necessary controls

Are legal requirements related to risk assessment/controls followed?

j) the design of work areas, processes, installations, machinery/equipment, operating procedures and work organisation, including their adaptation to human capabilities

Are these taken into account? Are human factors considered?

The organization’s methodology for hazard identification and risk assessment shall:

Does the criteria for the assessment of risk address both likelihood and consequence/severity?

a) elimination;

b) substitution;

c) engineering controls;

e) personal protective equipment.

% complete: 0

a) be defined with respect to its scope, nature and timing to ensure it is proactive rather than reactive; and

Are the assessments and measures proactive?

b) provide for the identification, prioritization and documentation of risks, and the application of controls, as appropriate.

Do they allow risks to be identified, prioritised and for controls to be allowed?

For the management of change, the organization shall identify the OH&S hazards and OH&S risks associated with changes in the organization, the OH&S management system, or its activities, prior to the introduction of such changes.

What mechanism is used to initiate hazard review/revision when operations change?

The organization shall ensure that the results of these assessments are considered when determining controls.

Are risk assessment results considered when determining controls?

When determining controls, or considering changes to existing controls, consideration shall be given to reducing the risks according to the following hierarchy:

The hierarchy must be used used when evaluating risks in the risk assessments. It should be referred to in the procedure and

demonstrated in the RA document.d) signage/warnings and/or administrative controls;

The organization shall document and keep the results of identification of hazards, risk assessments and determined controls up-to-date. The organization shall ensure that the OH&S risks and determined controls are taken into account when establishing, implementing and maintaining its OH&S management system.

Are there records to provide evidence of analysis of hazards, risks and controls?

CommentsSupporting information/links/documents

4.3 Planning


% complete: 0

4.3.2 Legal and other requirements of OHSAS 18001

The organization shall establish, implement and maintain a procedure(s) for identifying and accessing the legal and other OH&S requirements that are applicable to it.

Is there a procedure for identifying and accessing legal and other OH&S requirements applicable to the organisation?

Is there a register of applicable legal and other requirements, are they applicable to the organization and are they fully up to date and interpreted?

The organization shall ensure that these applicable legal requirements and other requirements to which the organization subscribes are taken into account in establishing, implementing and maintaining its OH&S management system.

Are these requirements considered through the OH&S management system?

The organization shall keep this information up-to-date. The organization shall communicate relevant information on legal and other requirements to persons working under the control of the organization, and other relevant interested parties.

Are all relevant functions kept up to date as regards their role in complying with legal and other requirements.

Is evidence available that a mechanism exists to keep the register of legislation up to date (WEKA/Haufe - DE, IOSH - UK etc)


% complete: 0

4.3.3 Objectives and program(s) of OHSAS 18001

The organization shall establish, implement and maintain documented OH&S objectives, at relevant functions and levels within the organization.

Has the organization established and maintained OSH objectives?

Is there a documented and maintained procedure for periodically reviewing objectives?

The objectives shall be measurable, where practicable, and consistent with the OH&S policy, including the commitments to the prevention of injury and ill health, to compliance with applicable legal requirements and with other requirements to which the organization subscribes, and to continual improvement.

Are objectives reasonable and measurable?

Have the documented objectives considered legal and other requirements?

When establishing and reviewing its objectives, an organization shall take into account the legal requirements and other requirements to which the organization subscribes, and its OH&S risks. It shall also consider its technological options, its financial, operational and business requirements, and the views of relevant interested parties.

Are results of risk assessments and effects of controls considered when setting OSH objectives and are they documented and up to date?

Is consideration given to technological options and financial, operational and business requirements, and the views of relevant interested parties?

The organization shall establish, implement and maintain a program(s) for achieving its objectives. Program(s) shall include as a minimum:

There should be a documented list of the objectives

a) designation of responsibility and authority for achieving objectives at relevant functions and levels of the organization; and

Does the list of objectives detail who is responsible for implementation?

b) the means and time-frame by which the objectives are to be achieved.

Is there a clear time frame/target date for the implementation?

The program(s) shall be reviewed at regular and planned intervals, and adjusted as necessary, to

ensure that the objectives are achieved.

Are the objectives reviewed as part of the management review?

Are they discussed in other forums (e.g. H&S consultation meetings)


% complete: 0

4.4.1 Resources, roles, responsibility, accountability and authority in OHSAS 18001

Top management shall take ultimate responsibility for OH&S and the OH&S management system. Top management shall demonstrate its commitment by:

a) ensuring the availability of resources essential to establish, implement, maintain and improve the OH&S management system;

Has management provided the necessary resources (people, technology, money) to establish, implement, maintain and improve this OH&S program?

b) defining roles, allocating responsibilities and accountabilities, and delegating authorities, to facilitate effective OH&S management; roles, responsibilities, accountabilities, and authorities shall be documented and communicated.

Are roles and responsibility, accountabilities and authorities defined, documented and communicated?

The organization shall appoint a member(s) of top management with specific responsibility for OH&S, irrespective of other responsibilities, and with defined roles and authority for:

Has the organization appointed an OSH management appointee from top management?

a) ensuring that the OH&S management system is established, implemented and maintained in accordance with this OHSAS Standard;

Is OHSAS 18001/OH&S Management system listed as part of the manager's responsiblities?

Are specialist functions with qualifications in place for OH&S?

b) ensuring that reports on the performance of the OH&S management system are presented to top management for review and used as a basis for improvement of the OH&S management system.

Is H&S discussed and reviewed at top level meetings?

The identity of the top management appointee shall be made available to all persons working under the control of the organization.

Has the top management appointee signed the OH&S policy?

Is the policy document displayed/communicated to all employees?

All those with management responsibility shall demonstrate their commitment to the continual improvement of OH&S performance.

All levels of management should show visible commitment to OH&S (evidence meeting minutes, training etc).

The organization shall ensure that persons in the workplace take responsibility for aspects of OH&S over which they have control, including adherence to the organization’s applicable OH&S requirements.

All levels of employee should show visible commitment to health & safety.

Clause Criteria

Documented procedure covering a)

Documented procedure covering b)

Documented procedure covering c)

a) responsibility, ability, language skills and literacy; and

b) risk.

% complete:

4.4.2 Competence, training and awareness in OHSAS 18001

The organization shall ensure that any person(s) under its control performing tasks that can impact on OH&S is (are) competent on the basis of appropriate education, training or experience, and shall retain associated records.

Does the organisation ensure personnel are competent to perform tasks that impact OHS?

Are only competent persons allowed to perform identified tasks (Fork Lift Trucks, Electrical Work, etc)

Are training records retained and easy to locate?

The organization shall identify training needs associated with its OH&S risks and its OH&S management system. It shall provide training or take other action to meet these needs, evaluate the effectiveness of the training or action taken, and retain associated records.

Does the methodology for Risk Assessment provide input into determination of training needs?

The organization shall establish, implement and maintain a procedure(s) to make persons working under its control aware of:

a) the OH&S consequences, actual or potential, of their work activities, their behavior, and the OH&S benefits of improved personal performance;

b) their roles and responsibilities and importance in achieving conformity to the OH&S policy and procedures and to the requirements of the OH&S management system, including emergency preparedness and response requirements (see 4.4.7);

c) the potential consequences of departure from specified procedures.

Training procedures shall take into account differing levels of:

Do the training procedures take into account the differing levels of responsibility, ability, literacy and risk?

Are there specific, documented minimum requirements for each person performing a task that can cause significant OHS impact?

Score Comments

0


Clause Criteria Score1. Communication

2 Participation and consultation

a) the participation of workers by their:

- appropriate involvement in incident investigation;

4.4.3 Communication, participation and consultation in OHSAS 18001

With regard to its OH&S hazards and OH&S management system, the organization shall establish, implement and maintain a procedure(s) for:

Are there procedure(s) that are maintained for communications to and from interested parties (including visitors, contractors, and external parties) regarding the organization’s pertinent OH&S information?

a) internal communication among the various levels and functions of the organization;

How are internal communications between different levels and different functions documented?

Does a mechanism exist for feedback to management?

b) communication with contractors and other visitors to the workplace;

Are contractors and visitors to the site given adequate OH&S information about the site?

Is there a list of site OH&S rules for contractors?

c) receiving, documenting and responding to relevant communications from external interested parties.

Is there a process for dealing with external communication from interested parties?

Is a record kept of all external communication from interested parties (e.g. insurance companies, enforcing authorities etc)

The organization shall establish, implement and maintain a procedure(s) for:

Is this covered in a documented procedure?

- appropriate involvement in hazard identification, risk assessments and determination of controls;

Is evidence available that workers are (where appropriate) involved in Risk Assessments for their work areas?

Is evidence available that workers are (where appropriate) involved in Incident Investigations?

- involvement in the development and review of OH&S policies and objectives;

Is there a Health and Safety committee which meets on a regular basis?Is there consultation with a union/employee body if required?

Does the committee cover this in their meetings?

- consultation where there are any changes that affect their OH&S;

Are employees consilted on any changes affecting their H&S? (either through committee or union)

- representation on OH&S matters.

% complete: 0

- consultation where there are any changes that affect their OH&S;

What mechanisms are used to communicate OHS concerns or information to all interested parties and employees; e.g., inspections, briefings, notice boards, OHS newsletter, OHS poster programs?

Are areas across the organisation represented in the meetings?

Workers shall be informed about their participation arrangements, including who is their representative(s) on OH&S matters.

Are there appointed employee representatives for H&S safety, and are their identities communicated clearly across the organisation?

b) consultation with contractors where there are changes that affect their OH&S.

Are changes which may affect H&S discussed with/communicated to contractors?

The organization shall ensure that, when appropriate, relevant external interested parties are consulted about pertinent OH&S matters.

Are changes which may affect H&S discussed with/communicated to external parties?


a) The OH&S policy and objectivesIs there a H&S policy?

% complete: 0

4.4.4 Documentation requirements in OHSAS 18001

The management system documentation shall include:

Are the organisations H&S objectives readily available?

b) description of the scope of the OH&S management system

Does the policy document or H&S manual should refer to the scope of the management system - this should include which to locations (i.e. people working on site/away from site), who (i.e. employees, visitors, contractors) the policy applies.

c) description of the main elements of the OH&S management system and their interaction, and reference to related documents

How has the organization documented the core elements of its OHSAS 18001 system?

d) documents, including records required by the OHSAS 18001 standard, and

Are all procedures, documents and records required in place?

e) documents, including records, determined by the organisation to be necessary to ensure the effective planning, operation and control of processes that relate to the management of its OH&S risks

Are all procedures, documents and records required easy to locate, and referred to in the OH&S policy and manual?

NOTE: It is important that documentation is proportional to the level of complexity,hazards and risks concerned and is kept to the minimum required for effectiveness and efficiency.

Is the documentation proportional to the level of complexity, hazards and risks?

4.4.5 Control of documents in OHSAS 18001


a) approve documents for adequacy prior to issue; Are documents approved?

% complete: 0

Documents required by the OH&S management system and by this OHSAS Standard shall be controlled. Records are a special type of document and shall be controlled in accordance with the requirements given in 4.5.4.The organization shall establish, implement and maintain a procedure(s) to:

Are there procedures for controlling and maintaining all documents (e.g., procedures and instructions) and/or data (e.g., engineering drawings and MSDS) required by this standard?

b) review and update as necessary and re-approve documents;

Is there evidence that documents are regularly reviewed/re-approved?

c) ensure that changes and the current revision status of documents are identified;

Do all documents have a list of updates/changes, and are they the current revision?

d) ensure that relevant versions of applicable documents are available at points of use;

Are required documents readily available to employees who require them?

Are the documents/data accessible during an emergency?

e) ensure that documents remain legible and readily identifiable;

Are documents legible, readily identifiable and easy to locate?

Are documents/data retained for a specified period?

f) ensure that documents of external origin determined by the organization to be necessary for the planning and operation of the OH&S management system are identified and their distribution controlled; and

Are any external documents etc identified, and their distribution controlled (e.g. workplace posters, guidance notes etc). Are they up to date, and relevant?

g) prevent the unintended use of obsolete documents and apply suitable identification to them if they are retained for any purpose.

Are obsolete documents/data removed from use and assured from unintended use? Are historical copies maintained & labeled?

Are those obsolete documents/data that are retained for legal or knowledge reasons clearly identified?

4.4.6 Operational control in OHSAS 18001


% complete: 0

The organization shall determine those operations and activities that are associated with the identified hazard(s) where the implementation of controls is necessary to manage the OH&S risk(s). This shall include the management of change (see 4.3.1).

Does the risk assessment methodology provide input into determination of facility requirements, training needs and operational controls?

For those operations and activities, the organization shall implement and maintain:

a) operational controls, as applicable to the organization and its activities; the organization shall integrate those operational controls into its overall OH&S management system;

Have the operations and activities, including maintenance, been identified that are associated with the identified OSH risks where control measures need to be applied?

b) controls related to purchased goods, equipment and services;

Are there procedures for purchasing and handling goods, materials, equipment and services used in the activities associated with identified risks where controls need to be applied?

c) controls related to contractors and other visitors to the workplace;

Are relevant procedures and requirements communicated to the appropriate suppliers and contractors (are operational controls in place and working as expected)?

d) documented procedures, to cover situations where their absence could lead to deviations from the OH&S policy and the objectives;

Have procedures been established and maintained for the above operations that, if they are not followed for these situations, could lead to deviations from the OSH policy and the objectives?

e) stipulated operating criteria where their absence could lead to deviations from the OH&S policy and objectives.

Have criteria been established to manage risk and monitor deviations from the OH&S policy and objectives.


a) to identify the potential for emergency situations;

b) to respond to such emergency situations.

% complete: 0

4.4.7 Emergency preparedness and response in OHSAS 18001

The organization shall establish, implement and maintain a procedure(s):

Are there maintained procedures to identify potential for accidents/emergency situations?

Are there maintained procedures to respond to accidents and emergency situations?

The organization shall respond to actual emergency situations and prevent or mitigate associated adverse OH&S consequences. In planning its emergency response the organization shall take account of the needs of relevant interested parties, e.g. emergency services and neighbours.

Are there maintained procedures to prevent and minimize the OSH risks that may be associated with the identified accidents and emergency situations?

The organization shall also periodically test its procedure(s) to respond to emergency situations, where practicable, involving relevant interested parties as appropriate.

Are there periodical tests of the above procedures?

The organization shall periodically review and, where necessary, revise its emergency preparedness and response procedure(s), in particular, after periodical testing and after the occurrence of emergency situations (see 4.5.3).

Are there reviews and revisions of the emergency preparedness and response procedures, particularly after an incident?


% complete: 0

4.5.1 Performance measurement and monitoring in OHSAS 18001

The organization shall establish, implement and maintain a procedure(s) to monitor and measure OH&S performance on a regular basis. This procedure(s) shall provide for:

Are procedures document/data and maintained to monitor and measure OH&S performance on a regular basis?

a) both qualitative and quantitative measures, appropriate to the needs of the organization;

Do the procedures address qualitative and quantitative measures?

b) monitoring of the extent to which the organization’s OH&S objectives are met;

Are monitoring of OH&S objectives performed?

c) monitoring the effectiveness of controls (for health as well as for safety);

Are OH&S performance indicators evaluated for corrective and preventative action?

d) proactive measures of performance that monitor conformance with the OH&S program(s), controls and operational criteria;

Does the OH&S management program include proactive measures to address operational criteria, legal requirements and regulatory standards?

e) reactive measures of performance that monitor ill health, incidents (including accidents, near-misses, etc.), and other historical evidence of deficient OH&S performance;

Are there reactive measures of performance to monitor accidents, ill health, incidents (including near-misses) and other historical evidence of deficient OH&S performance?

f) recording of data and results of monitoring and measurement sufficient to facilitate subsequent corrective action and preventive action analysis.

Are the results of monitoring/measurement adequate to ensure subsequent corrective action is taken?

If equipment is required to monitor or measure performance, the organization shall establish and maintain procedures for the calibration and maintenance of such equipment, as appropriate. Records of calibration and maintenance activities and results shall be retained.

Is OH&S monitoring equipment required for performance measurement and monitoring calibrated? If so, is there a documented calibration and maintenance procedure(s)?

Are the records for the calibrations and maintenance results retained?

4.5.2 Evaluation of compliance in OHSAS 18001


% complete: 0

4.5.2.1 Consistent with its commitment to compliance [see 4.2c)], the organization shall establish, implement and maintain a procedure(s) for periodically evaluating compliance with applicable legal requirements (see 4.3.2).

Is there a procedure for periodically evaluating compliance with legal requirements, and is it maintained?

The organization shall keep records of the results of the periodic evaluations.

Are results from these evaluations retained and available?

4.5.2.2 The organization shall evaluate compliance with other requirements to which it subscribes (see 4.3.2). The organization may wish to combine this evaluation with the evaluation of legal compliance referred to in 4.5.2.1 or to establish a separate procedure(s).

Is there a procedure for periodically evaluating compliance with other requirements (e.g. insurance/company), and is it maintained?

The organization shall keep records of the results of the periodic evaluations.

Are results from these evaluations retained and available?

Clause Criteria Score4.5.3.1 Incident investigation

b) identify the need for corrective action; Are corrective actions identified?

c) identify opportunities for preventive action; Are preventive actions identified?

d) identify opportunities for continual improvement;

e) communicate the results of such investigations.

Incident investigation, nonconformity, corrective action and preventive action

The organization shall establish, implement and maintain a procedure(s) to record, investigate and analyze incidents in order to:

Are procedures documented and maintained for defining responsibility and authority for handling and investigating of accidents, incidents and nonconformances?

a) determine underlying OH&S deficiencies and other factors that might be causing or contributing to the occurrence of incidents;

Are the root causes of incidents and accidents identified?

Are opportunities for continual improvement identified?

Are the significant findings of investigations communicated?

The investigations shall be performed in a timely manner.

Are the investigations carried out in a timely manner following incidents/accidents?

The results of incident investigations shall be documented and maintained.

Is all investigation documentation kept and maintained?

4.5.3.2 Nonconformity, corrective action and preventive action

The organization shall establish, implement and maintain a procedure(s) for dealing with actual and potential nonconformity(ies) and for taking corrective action and preventive action. The procedure(s) shall define requirements for:

Are procedures documented and maintained for initiating and completing corrective and preventive action? Is a risk assessment conducted for these actions?

a) identifying and correcting nonconformity(ies) and taking action(s) to mitigate their OH&S consequences;

Are non-conformities identified and actions taken to mitigate their consequences?

b) investigating nonconformity(ies), determining their cause(s) and taking actions in order to avoid their recurrence;

Are non-conformities investigated and actions taken to avoid their recurrence?

c) evaluating the need for action(s) to prevent nonconformity(ies) and implementing appropriate actions designed to avoid their occurrence;

Is the need for actions to prevent non-conformity evaluated?

Are appropriate actions implemented to avoid non-conformities?

d) recording and communicating the results of corrective action(s) and preventive action(s) taken; and

Are the results of the corrective and preventive actions implemented and recorded?

e) reviewing the effectiveness of corrective action(s) and preventive action(s) taken.

Is there reference to monitoring of required actions (from audits, risk assessments etc) to ensure timeliness and effectiveness of implementation?

Where the corrective action and preventive action identifies new or changed hazards or the need for new or changed controls, the procedure shall require that the proposed actions shall be taken through a risk assessment prior to implementation.

Is there reference in the risk assessment procedure to ensure an assessment is carried out when a new ar significantly changed hazard is identified??

% complete: 0

Where the corrective action and preventive action identifies new or changed hazards or the need for new or changed controls, the procedure shall require that the proposed actions shall be taken through a risk assessment prior to implementation.

Is there evidence available that a risk assessment is carried out when a new ar significantly changed hazard is identified??

Any corrective action or preventive action taken to eliminate the causes of actual and potential nonconformity(ies) shall be appropriate to the magnitude of problems and commensurate with the OH&S risk(s) encountered.

Is corrective/preventive action taken to eliminate actual/potential non-conformities appropriate to the magnitude of problem/risk?

The organization shall ensure that any necessary changes arising from corrective action and preventive action are made to the OH&S management system documentation.

Are necessary changes made to the OH&S management system following corrective and preventive action identification?

4.5.4 Control of records


% complete: 0

The organization shall establish and maintain records as necessary to demonstrate conformity to the requirements of its OH&S management system and of this OHSAS Standard, and the results achieved.

Are procedures documented and maintained for the identification, maintenance and disposition of OSH records?

Are the records maintained in a manner to demonstrate conformance with the standard and appropriate to the system and the organization?

The organisation shall establish, implement and maintain a procedure for(s) the identification, storage, protection, retreival, retention and disposal of records

Are the records stored and maintained such that they are readily retrievable and protected against damage, deterioration or loss?

Are there specified retention times for all of the records identified?

Is consideration given to confidentially?

Records shall be and remain legible, identifiable and traceable

Are the records legible, identifiable and traceable to the activities involved?

4.5.5 Internal audit of OHSAS 18001


Is there an audit plan in place?

a) determine whether the OH&S management system:

2) has been properly implemented and is maintained; and

Is the audit plan up to date?

% complete: 0

The organization shall ensure that internal audits of the OH&S management system are conducted at planned intervals to:

1) conforms to planned arrangements for OH&S management, including the requirements of this OHSAS Standard; and

Does the audit plan/criteria cover all areas of the organisation?

Does the audit plan/criteria cover all areas of the OHSAS 18001 standard?

Is the audit plan easy to find and communicated to all relevant persons?

3) is effective in meeting the organization’s policy and objectives;

Does the OSH audit schedule/plan determine whether their OH&S has been implemented and maintained and conforms to the OHSAS 18001 standard and the organization’s OH&S policy and objectives?

b) provide information on the results of audits to management. Audit program(s) shall be planned, established, implemented and maintained by the organization, based on the results of risk assessments of the organization’s activities, and the results of previous audits.

Is the audit program and schedule based on risk assessments and the results of previous audits?

Audit procedure(s) shall be established, implemented and maintained that address:

Are procedures documented and maintained for periodic OSH audits?

a) the responsibilities, competencies, and requirements for planning and conducting audits, reporting results and retaining associated records; and b) the determination of audit criteria, scope, frequency and methods. Selection of auditors and conduct of audits shall ensure objectivity and the impartiality of the audit process.

Does the procedure for OSH audits include the scope of the audit, frequency, methodologies used, responsibilities, requirements, and method of reporting results?

Does the procedure address the independence of auditors?

4.6 Management review of OHSAS 18001

Clause Criteria

Records of the management reviews shall be retained. Is it documented and retained?

Input to management reviews shall include:

b) the results of participation and consultation (see 4.4.3);

d) the OH&S performance of the organization;

e) the extent to which objectives have been met;

g) follow-up actions from previous management reviews;

i) recommendations for improvement.

a) OH&S performance;

b) OH&S policy and objectives;

c) resources; and

d) other elements of the OH&S management system.

% complete:

Top management shall review the organization’s OH&S management system, at planned intervals, to ensure its continuing suitability, adequacy and effectiveness. Reviews shall include assessing opportunities for improvement and the need for changes to the OH&S management system, including the OH&S policy and OH&S objectives.

Has top management performed a review of the OSH management system on a periodic basis?

Does the review address the system’s continued suitability, adequacy and effectiveness?

a) results of internal audits and evaluations of compliance with applicable legal requirements and with other requirements to which the organization subscribes;

All points a-i need to be included in Management review

c) relevant communication(s) from external interested parties, including complaints;

f) status of incident investigations, corrective actions and preventive actions;

h) changing circumstances, including developments in legal and other requirements related to OH&S; and

The outputs from management reviews shall be consistent with the organization’s commitment to continual improvement and shall include any decisions and actions related to possible changes to:

Does the review address possible need to change its policy, objectives and other elements of the OSH management system? Has this been conducted in light of OSH management system audit results, continual improvement and changing circumstances?

All points a-d need to be included in Management review

Relevant outputs from management review shall be made available for communication and consultation (see 4.4.3).

Is there a mechanism for ensuring the relevant outputs from the management review are made available for communication and consultation?

Score Comments

0
