List of mandatory documents according to ISO 45001

ISO 45001 is finally published, so the experts and the companies that are planning the transition or implementation are looking into the requirements for documented information. The new standard introduces a new approach to document and record control, which replaces the OHSAS 18001 requirements for records and procedures with new requirements for documented information. For more information, see the article New approach to ISO 45001 documentation.

There are two phrases that indicate what kind of document is required by the standard. The phrase “retain documented information as evidence of …” means the record needs to be produced, while the phrase “maintain as documented information” means that the document needs to be developed, including the procedures.

Here is the list of mandatory documented information required by ISO 45001, along with the documents most commonly used in the implementation of Occupational Health and Safety Management System (OH&SMS).

Mandatory documents and records required by ISO 45001:2018

Here are the documents you need to produce if you want to be compliant with ISO 45001:

ISO 45001 documents: List of required policies & procedures

  • Scope of the OH&S management system (clause 4.3)
  • OH&S policy (clause 5.2)
  • Responsibilities and authorities within OH&SMS (clause 5.3)
  • OH&S process for addressing risks and opportunities (clause 6.1.1)
  • Methodology and criteria for assessment of OH&S risks (clause
  • OH&S objectives and plans for achieving them (clause 6.2.2)
  • Emergency preparedness and response process (clause 8.2)

And, here are the mandatory records:

  • OH&S risks and opportunities and actions for addressing them (clause 6.1.1)
  • Legal and other requirements (clause 6.1.3)
  • Evidence of competence (clause 7.2)
  • Evidence of communications (clause 7.4.1)
  • Plans for responding to potential emergency situations (clause 8.2)
  • Results on monitoring, measurements, analysis and performance evaluation (clause 9.1.1)
  • Maintenance, calibration or verification of monitoring equipment (clause 9.1.1)
  • Compliance evaluation results (clause 9.1.2)
  • Internal audit program (clause 9.2.2)
  • Internal audit report (clause 9.2.2)
  • Results of management review (clause 9.3)
  • Nature of incidents or nonconformities and any subsequent action taken (clause 10.2)
  • Results of any action and corrective action, including their effectiveness (clause 10.2)
  • Evidence of the results of continual improvement (clause 10.3)

Non-mandatory documents

There are numerous non-mandatory documents that can be used for ISO 45001 implementation. However, these are the non-mandatory documents that are most commonly used:

  • Procedure for Determining Context of the Organization and Interested Parties (clause 4.1)
  • OH&S Manual (clause 4)
  • Procedure for Consultation and Participation of Workers (clause 5.4)
  • Procedure for Hazard Identification and Assessment (clause
  • Procedure for Identification of Legal Requirements (clause 6.1.3)
  • Procedure for Communication (clause 7.4.1)
  • Procedure for Document and Record Control (clause 7.5)
  • Procedure for Operational Planning and Control (clause 8.1)
  • Procedure for Change Management (clause 8.1.3)
  • Procedure for Monitoring, Measuring and Analysis (clause 9.1.1)
  • Procedure for Compliance Evaluation (clause 9.1.2)
  • Procedure for Internal Audit (clause 9.2)
  • Procedure for Management Review (clause 9.3)
  • Procedure for Incident Investigation (clause 10.1)
  • Procedure for Management of Nonconformities and Corrective Actions (clause 10.1)
  • Procedure for Continual Improvement (clause 10.3)

By taking a look at the requirements for documented information in ISO 45001, you can easily come to the conclusion that the same approach is applied as for other management system standards that went through the revision process in the last several years. The main objective of the documentation requirements is to ensure consistency of the processes and provide evidence that procedures are applied; and, by meeting the requirements of the standard regarding the documentation, the organization will most certainly achieve this objective.

Click here to download a white paper: Checklist of Mandatory Documentation Required by ISO 45001 with more detailed information on the most common ways for structuring and implementing mandatory documents and records.

Advisera Strahinja Stojanovic
Strahinja Stojanovic

Strahinja Stojanovic is certified as a lead auditor for the ISO 13485, ISO 9001, ISO 14001, and OHSAS 18001 standards by RABQSA. He participated in the implementation of these standards in more than 100 SMEs, through the creation of documentation and performing in-house training for maintaining management systems, internal audits, and management reviews.