Get a 20% discount on the first year of the Company Training Academy annual plan.

Limited-time offer – ends April 24, 2025

Use promo code:

CTA20

ISO 45001
Contact Us

Log in

Products
Products by framework:

ISO 27001

NIS 2

DORA

EU GDPR

ISO 9001

ISO 14001

ISO 45001

ISO 13485

EU MDR

ISO 20000

ISO 22301

ISO 17025

IATF 16949

AS9100

ISO 27001

Implementation, maintenance, training, and knowledge products for Information Security Management Systems (ISMS) according to the ISO 27001 standard.

Conformio ISO 27001 Software

Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.

ISO 27001 Documentation Toolkits

All required policies, procedures, and forms to implement an ISMS according to ISO 27001.

ISO 27001 Training & Awareness

Train your key people about ISO 27001 requirements and provide cybersecurity awareness training to all of your employees.

ISO 27001 Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

NIS 2

Compliance and training products for critical infrastructure organizations for the European Union’s Network and Information Systems cybersecurity directive.

NIS 2 Documentation Toolkit

All required policies, procedures, and forms to comply with the NIS 2 cybersecurity directive.

NIS 2 Cybersecurity Training & Awareness

Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.

DORA

Compliance and training products for financial entities for the European Union’s DORA regulation.

DORA Documentation Toolkit

All required policies, procedures, and forms to comply with the DORA regulation.

DORA Training & Awareness

Company-wide cybersecurity and resilience training program for all employees, to train them and raise awareness about ICT risk management.

DORA Online Courses

Accredited courses for individuals and DORA professionals who want the highest-quality training and certification.

EU GDPR

Compliance and training products for personal data protection according to the European Union’s General Data Protection Regulation.

EU GDPR Documentation Toolkits

All required policies, procedures, and forms to comply with the EU GDPR privacy regulation.

EU GDPR Training & Awareness

Train your key people about GDPR requirements to ensure awareness of data protection principles, privacy rights, and regulatory compliance.

EU GDPR Online Courses

Accredited courses for individuals and privacy professionals who want the highest-quality training and certification.

ISO 9001

Implementation, training, and knowledge products for Quality Management Systems (QMS) according to the ISO 9001 standard.

ISO 9001 Documentation Toolkits

All required policies, procedures, and forms to implement a QMS according to ISO 9001.

ISO 9001 Online Courses

Accredited courses for individuals and quality professionals who want the highest-quality training and certification.

Experta ISO 9001 Knowledge Base

Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.

ISO 14001

Implementation, training, and knowledge products for Environmental Management Systems (EMS) according to the ISO 14001 standard.

ISO 14001 Documentation Toolkits

All required policies, procedures, and forms to implement an EMS according to ISO 14001.

ISO 14001 Online Courses

Accredited courses for individuals and environmental professionals who want the highest-quality training and certification.

Experta ISO 14001 Knowledge Base

Get instant answers to any questions related to ISO 14001 and the EMS using Advisera’s proprietary AI-powered knowledge base.

ISO 45001

Implementation and training products for Occupational Health & Safety Management Systems (OHSMS) according to the ISO 45001 standard.

ISO 45001 Documentation Toolkits

All required policies, procedures, and forms to implement an OHSMS according to ISO 45001.

ISO 45001 Online Courses

Accredited courses for individuals and health & safety professionals who want the highest-quality training and certification.

ISO 13485

Implementation and training products for medical device Quality Management Systems (QMS) according to the ISO 13485 standard.

ISO 13485 Documentation Toolkits

All required policies, procedures, and forms to implement a medical device QMS according to ISO 13485.

ISO 13485 Online Courses

Accredited courses for individuals and medical device professionals who want the highest-quality training and certification.

EU MDR

Compliance products for the European Union’s Medical Device Regulation.

EU MDR Documentation Toolkits

All required policies, procedures, and forms to comply with the EU MDR.

ISO 20000

Implementation products for Information Technology Service Management Systems (ITSMS) according to the ISO 20000 standard.

ISO 20000 Documentation Toolkits

All required policies, procedures, and forms to implement an ITSMS according to ISO 20000.

ISO 22301

Implementation products for Business Continuity Management Systems (BCMS) according to the ISO 22301 standard.

ISO 22301 Documentation Toolkits

All required policies, procedures, and forms to implement a BCMS according to ISO 22301.

ISO 17025

Implementation products for testing and calibration laboratories according to the ISO 17025 standard.

ISO 17025 Documentation Toolkit

All required policies, procedures, and forms to implement ISO 17025 in a laboratory.

IATF 16949

Implementation products for automotive Quality Management Systems (QMS) according to the IATF 16949 standard.

IATF 16949 Documentation Toolkits

All required policies, procedures, and forms to implement an automotive QMS according to IATF 16949.

AS9100

Implementation products for aerospace Quality Management Systems (QMS) according to the AS9100 standard.

AS9100 Documentation Toolkits

All required policies, procedures, and forms to implement an aerospace QMS according to AS9100.
Free Resources
Resources

By Type

Articles

Webinars

Courses

White Papers

Templates & Tools

Podcast

View All

Where to Start

ISO 27001

NIS 2

ISO 22301

DORA

ISO 9001

EU GDPR

ISO 13485

EU MDR

ISO 14001

IATF 16949

ISO 45001

AS9100

ISO 20000

Compliance in general

ISO 17025

Other

Live Consultations

Consultant Directory

Community
Industries
Solutions for industries:

Consultants

IT & SaaS companies

Critical infrastructure

Manufacturing

Transportation & distribution

Education

Telecommunications

Banking & finance

Government

Health organizations

Medical device

Aerospace

Automotive

Laboratories

Consultants

Implementation, maintenance, training, and knowledge products for consultancies.

Conformio for Consultants

Handle multiple ISO 27001 projects by automating repetitive tasks during ISMS implementation.

Consultant Toolkits

All required policies, procedures, and forms to implement various standards and regulations for your clients.

Company Training Academy for Consultants

Grow your business by organizing cybersecurity and compliance training for your clients under your own brand using Advisera’s learning management system platform.

Lead Auditor and Lead Implementer Courses

Accredited DORA, ISO 27001, 9001, 14001, 45001, and 13485 courses for professionals who want the highest-quality training and recognized certification.

Experta ISO Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Consultant Directory

Find new clients, potential partners, and collaborators and meet a community of like-minded professionals locally and globally.

IT & SaaS companies

Implementation, maintenance, training, and knowledge products for the IT industry.

Conformio ISO 27001 Software

Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.

ISO 27001, 22301, 20000, GDPR, NIS 2 and DORA Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), NIS 2 (critical infrastructure cybersecurity), and DORA (cybersecurity for financial sector).

NIS 2, DORA, ISO 27001, GDPR, and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001, DORA and GDPR Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

Critical infrastructure

Compliance, training, and knowledge products for essential and important organizations.

NIS 2, GDPR, ISO 27001, and ISO 22301 Documentation Toolkits

Documentation to comply with NIS 2 (cybersecurity), GDPR (privacy), ISO 27001 (cybersecurity), and ISO 22301 (business continuity).

NIS 2, GDPR, and Cybersecurity Training & Awareness

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001 and GDPR Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

Manufacturing

Implementation, training, and knowledge products for manufacturing companies.

ISO 9001, 14001, 45001, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).

NIS 2 and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 9001, 14001, and 45001 Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 9001 and 14001 Knowledge Base

Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Transportation & distribution

Implementation, training, and knowledge products for transportation & distribution companies.

ISO 9001, 14001, 45001, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).

NIS 2 and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 9001, 14001, and 45001 Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 9001 and 14001 Knowledge Base

Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Education

Implementation, training, and knowledge products for schools, universities, and other educational organizations.

ISO 27001, 9001, and GDPR Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), and GDPR (privacy).

ISO 27001, GDPR, and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001, 9001, and GDPR Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 27001 and 9001 Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.

Telecommunications

Implementation, maintenance, training, and knowledge products for telecoms.

Conformio ISO 27001 Software

Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.

ISO 27001, 22301, 20000, GDPR, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).

NIS 2, GDPR, ISO 27001, and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001 and GDPR Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

Banking & finance

Implementation, maintenance, training, and knowledge products for banks, insurance companies, and other financial organizations.

Conformio ISO 27001 Software

Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.

DORA, ISO 27001, 22301 and GDPR Documentation Toolkits

Documentation to comply with DORA (cybersecurity for financial sector), ISO 27001 (cybersecurity), ISO 22301 (business continuity), and GDPR (privacy).

DORA, NIS 2, GDPR, ISO 27001, and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

DORA, ISO 27001 and GDPR Online Courses

Accredited courses for individuals and security professionals who want the highest-quality training and certification.

Experta ISO 27001 Knowledge Base

Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.

Government

Implementation, training, and knowledge products for local, regional, and national government entities.

ISO 27001, 9001, GDPR, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).

NIS 2, ISO 27001, GDPR, and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001, 9001, and GDPR Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 27001 and 9001 Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.

Health organizations

Implementation, training, and knowledge products for hospitals and other health organizations.

ISO 27001, 9001, 14001, 45001, NIS 2, and GDPR Documentation Toolkits

Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), NIS 2 (critical infrastructure cybersecurity) and GDPR (privacy).

NIS 2, GDPR, and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 27001, 9001, 14001, 45001, and GDPR Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 27001, 9001, and 14001 Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Medical device

Implementation, training, and knowledge products for the medical device industry.

ISO 13485, 27001, 9001, 14001, 45001, NIS 2, and GDPR Documentation Toolkits

Documentation to comply with MDR and ISO 13485 (medical device), ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), NIS 2 (critical infrastructure cybersecurity) and GDPR (privacy).

NIS 2, ISO 27001, GDPR, and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 13485, 27001, 9001, 14001, 45001, and GDPR Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 27001, 9001, and 14001 Knowledge Base

Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Aerospace

Implementation, training, and knowledge products for the aerospace industry.

AS9100, ISO 9001, 14001, 45001, and NIS 2 Documentation Toolkits

Documentation to comply with AS9100 (aerospace), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).

NIS 2 and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 9001, 14001, and 45001 Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 9001 and 14001 Knowledge Base

Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Automotive

Implementation, training, and knowledge products for the automotive industry.

IATF 16949, ISO 9001, 14001, 45001, and NIS 2 Documentation Toolkits

Documentation to comply with IATF 16949 (automotive), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).

NIS 2, ISO 27001, and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 9001, 14001, and 45001 Online Courses

Accredited courses for individuals and professionals who want the highest-quality training and certification.

Experta ISO 9001 and 14001 Knowledge Base

Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.

Laboratories

Implementation, training, and knowledge products for laboratories.

ISO 17025, 9001, and NIS 2 Documentation Toolkits

Documentation to comply with ISO 17025 (testing and calibration laboratories), ISO 9001 (quality), and NIS 2 (critical infrastructure cybersecurity).

NIS 2 and Security Awareness Training

Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.

ISO 9001 Online Courses

Accredited courses for individuals and quality professionals who want the highest-quality training and certification.

Experta ISO 9001 Knowledge Base

Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
About Us

ISO 45001 Expert

Mark Hammar

Lead ISO 45001 Expert
About Advisera
About Us
Contact Us

Get Started

Home
Resources
ISO 45001 Gap Analysis

ISO 45001 Gap Analysis [Free Tool]

Find out your level of compliance with ISO 45001

Instructions: The questions below cover all relevant ISO 45001 requirements - by filling out the answers, this tool will automatically calculate your company's level of compliance with ISO 45001.

When answering questions, the following scale needs to be used:

1 — Not implemented: No process or activity implemented, or little/no evidence of any systematic achievement
2 — Planned: Activity or process is planned but is not implemented, or the implementation just started
3 — In progress: Activity or process is partially implemented, so that its full effects cannot be expected
4 — Mostly implemented: Activity or process is fully or mostly implemented, documented, and relevant people are trained, but monitoring, measurement, and improvement are not systematic
5 — Optimized: Activity or process is fully implemented, documented, and is continuously supervised, measured, and improved; relevant people are trained

4 CONTEXT OF THE ORGANIZATION

4.1 UNDERSTANDING THE ORGANIZATION AND ITS CONTEXT

1) Have you determined the external and internal issues that are relevant to your organization?

1 — Not implemented 2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to determine the external and internal issues that are relevant to your organization.

Click here to see an example of Procedure for Determining the Context of the Organization and Interested Parties. See Preview

4.2 UNDERSTANDING THE NEEDS AND EXPECTATIONS OF INTERESTED PARTIES

2) Have you determined the interested parties for your OH&S management system and their relevant needs and expectations, and which of these become compliance obligations?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to determine the interested parties for your OH&S management system, their relevant needs requirements, and which of these become compliance obligations.

Click here to see an example of List of Interested Parties, Legal and Other Requirements. See Preview

4.3 DETERMINING THE SCOPE OF THE OH&S MANAGEMENT SYSTEM

3) Have you determined and documented the scope of your OH&S management system?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to determine and document the boundaries and applicability of your OH&S management system by considering external and internal issues, compliance obligations, physical boundaries, what you control and influence and your activities, products and services.

Click here to see an example of Scope of the OH&S Management System. See Preview

4.4 OH&S MANAGEMENT SYSTEM AND ITS PROCESSES

4) Have you established, implemented, maintained and continually improved a OH&S management system?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to establish, implement, maintain, and continually improve an OH&S management system including all processes needed; including interactions and sequences of processes and assigning resources.

5 LEADERSHIP AND WORKER PARTICIPATION

5.1 LEADERSHIP AND COMMITMENT

5) Does top management demonstrate leadership of the OH&S?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

Top management needs to demonstrate leadership of the OH&S by accounting for the efficiency of the OH&S, ensuring OH&S integration into business practices, promoting improvement, and ensuring resources are available.

5.2 OH&S POLICY

6) Has top management defined the OH&S policy within the scope of the OH&S management system?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

An OH&S policy must be established that is appropriate for the organization, provides a framework for OH&S objectives, and shows commitment to protecting the OH&S, meeting compliance obligations and continual improvement.

Click here to see an example of OH&S Policy. See Preview

7) Is the OH&S policy available, maintained, communicated, and understood by relevant interested parties?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

The OH&S policy needs to be available, maintained, communicated, and understood by relevant interested parties.

5.3 ORGANIZATIONAL ROLES, RESPONSIBILITIES AND AUTHORITIES

8) Has top management assigned responsibilities and relevant roles for the OH&S management system development, reporting and maintenance?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

Top management must assign responsibilities and relevant roles for the OH&S management system development, reporting, and maintenance so that it meets the intended goals and this documented information is maintained. Top management should communicate to all interested parties in the organization.

5.4 PARTICIPATION AND CONSULTATION

9) Has the organization established, implemented and maintained the process for consultation and the participation of nonmanagerial employees in OH&S management, including incident investigations, risk assessments, control and monitoring activities and internal auditing?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

The organization needs to establish a process for consultation and participation of employees that defines mechanisms, training, time, and resources necessary its effectiveness.

Click here to see an example of Procedure for Communication, Participation and Consultation. See Preview

6 PLANNING

6.1 ACTIONS TO ADDRESS RISKS AND OPPORTUNITIES

10) Has planning for the OH&S management system considered issues and requirements that determine the risks and opportunities to be addressed?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to plan for the OH&S management system and consider issues and requirements that determine the risks and opportunities to be addressed.

11) Has planning taken place to address the risks and opportunities identified and integrate these into the OH&S management system?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

Planning must take place to address the risks and opportunities identified and integrate these into the OH&S management system.

12) Did the organization establish, implement and maintain a process for hazard identification taking into account past relevant incidents, how work is organized, social factors, leadership and culture in the organization, emergency situations and actual or proposal changes and maintain documented information about these?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to establish, implement and maintain a process for hazard identification taking into account past relevant incidents, how work is organized, social factors, leadership and culture in the organization, emergency situations and actual or proposal changes, and maintain documented information about these.

Click here to see an example of Procedure for Addressing Risks and Opportunities and OH&S Hazards. See Preview

13) Is there a procedure to identify legal and other requirements related to OH&S?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to determine your compliance obligations, how they apply to your organization, and take these into account in the OH&S management system.

14) Have you planned to take action to address OH&S hazards, compliance obligations, and risks and opportunities and integrate these into your OH&S management system processes?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You must plan to take action to address OH&S hazards, compliance obligations, and risks and opportunities and integrate these into your OH&S management system processes.

6.2 OH&S OBJECTIVES AND PLANNING TO ACHIEVE THEM

15) Have you established OH&S objectives that are measurable, monitored, communicated, updated, and documented, and planned actions to achieve them?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to establish OH&S objectives for the OH&S management system that are measurable. You should monitor, communicate, update, and document, and plan actions to achieve them.

Click here to see an example of OH&S Objectives. See Preview

7 SUPPORT

7.1 RESOURCES

16) Have you determined the resources needed for the OH&S including those for implementation, maintenance, and continual improvement?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to determine the resources needed for the OH&S management system including those for implementation, maintenance, and continual improvement.

7.2 COMPETENCE

17) Is appropriate competence assessed, and training provided where needed, for personnel who will perform functions within the OH&S processes?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to determine the necessary competence required of persons who will perform functions within the OH&S management system processes and provide training where needed. You should retain documented information as an evidence of competence and of training provided.

Click here to see an example of Competence, Training and Awareness Procedure. See Preview

7.3 AWARENESS

18) Have you taken actions to ensure persons doing work within the OH&S management system know the OH&S policy, objectives, compliance obligations, hazards & risks relevant to them and their part in the OH&S performance, including results of relevant incident investigations?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to take actions to ensure persons doing work within the OH&S management system know the OH&S policy, objectives, compliance obligations, hazards & risks relevant to them and their part in the OH&S performance, including results of relevant incident investigations.

Click here to see an example of Record of Attendance. See Preview

7.4 COMMUNICATION

19) Is there a procedure to communicate internally and externally to the company, including if the OH&S hazards will be communicated outside of the company?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to determine the what, when, with whom, how, and who of the OH&S management system communication, for both internal and external communications relevant to the OH&S management system, taking into account its legal and other requirements, and retain documented information as evidence of OH&S management system communication.

Click here to see an example of Procedure for Communication, Participation and Consultation. See Preview

7.5 DOCUMENTED INFORMATION

20) Have you set up a process to control documented information of the OH&S management system including creating and updating, control of use, adequate protection, control of distribution, and changes?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to set up a process to control documented information of the OH&S management system. The procedure should specify approval, review and update, change identification, relevant version availability, document legibility, control of external documents and prevention of obsolete document use.

Click here to see an example of Procedure for Document and Record Control. See Preview

8 OPERATION

8.1 OPERATIONAL PLANNING AND CONTROL

21) Do you plan, implement, control and maintain the processes needed to meet requirements of the OH&S management system and implement the required actions to address risks and opportunities according to criteria for the processes and maintain and retain this documented information?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to plan, implement, control and maintain the processes needed to meet requirements of the OH&S management system and implement the required actions to address risks and opportunities according to criteria for the processes and maintain and retain this documented information.

Click here to see an example of Procedure for Operational Control. See Preview

22) Does the organization establish, implement and maintain processes for the elimination of hazards and reduction of OH&S risk using the hierarchy of controls?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to establish, implement and maintain processes for the elimination of hazards and reduction of OH&S risk using the hierarchy of controls.

23) Does the organization establish a process for the implementation and control of planned temporary and permanent changes that impact OH&S performance?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to establish a process for the implementation and control of planned temporary and permanent changes that impact OH&S performance.

Click here to see an example of Procedure for Change Management. See Preview

24) Does the organization establish, implement and maintain a process to control the procurement of product and services in order to ensure their conformance with its OH&S management system?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

The organization establishes, implements and maintains a process to control the procurement of product and services in order to ensure their conformance with its OH&S management system.

25) Does the organization establish and maintain a process to define and apply OH&S criteria for the selection of contractors?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

The organization needs to establish and maintain a process to define and apply OH&S criteria for the selection of contractors to ensure that the requirements of the organization’s OH&S management system are met by contractors and their workers.

8.2 EMERGENCY PREPAREDNESS AND RESPONSE

26) Have you established, implemented, and maintained processes to respond to any potential emergency situations to prevent OH&S impacts?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to establish, implement and maintain processes to respond to any potential emergency situations to prevent OH&S impacts.

Click here to see an example of Procedure for Emergency Preparedness and Response. See Preview

27) Are planned responses tested where practicable and reviewed and revised as necessary?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to test planned responses where practicable and review and revise as necessary.

Click here to see an example of Emergency Response Drill Record. See Preview

9 PERFORMANCE EVALUATION

9.1 MONITORING, MEASUREMENT, ANALYSIS AND EVALUATION

28) Have you determined the monitoring and measurement needs, how it will be done, and when it shall be performed for the processes of the OH&S management system? Are analysis and evaluation done on the data and information arising from monitoring and measurement?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to determine the monitoring and measurement needs, how it will be done, and when it shall be performed for the processes of the OH&S management system. You need to analyze and evaluate the data and information arising from monitoring and measurement.

Click here to see an example of Matrix of OH&S Performance. See Preview

29) Have you established, implemented and maintained a process to evaluate how you fulfill your compliance obligations?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to establish, implement and maintain a process to evaluate how you fulfill your compliance obligations.

Click here to see an example of Compliance Evaluation Record. See Preview

9.2 INTERNAL AUDIT

30) Are there audit procedures to evaluate the OH&S management system against the planned arrangements (including effectiveness and maintenance) at planned intervals? Are results reported to management?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to have audit procedures to evaluate the OH&S management system against the planned arrangements (including effectiveness and maintenance) at planned intervals and results must be reported to management.

Click here to see an example of Procedure for Internal Audit. See Preview

9.3 MANAGEMENT REVIEW

31) Does top management review the data from the OH&S management system to assess the need for change in the OH&S management system, resource adequacy, and the effectiveness of the OH&S management system?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

Top management must review the data from the OH&S management system at planned intervals to assess the need for change in the OH&S management system, resource adequacy, and the effectiveness of the OH&S management system. Records must be kept of the review.

Click here to see an example of Procedure for Management Review. See Preview

10 IMPROVEMENT

10.1 GENERAL

32) Do you identify opportunities for improvement and implement action to achieve the intended outcomes of the OH&S management system?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to identify opportunities for improvement and implement action to achieve the intended outcomes of the OH&S management system.

10.2 NONCONFORMITY AND CORRECTIVE ACTION

33) Does the organization establish, implement and maintain a process that includes reporting, investigating and taking actions, to determine and manage incidents and nonconformities and retain documented information about it?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to establish, implement and maintain the process that includes reporting, investigating and taking actions, to determine and manage incidents and nonconformities and retain documented information about it. You need to take records of corrective actions taken to overcome nonconformities.

Click here to see the examples of Procedure for the Management of Nonconformities and Corrective Actions and Procedure for Incident Investigation. See Preview

34) After action is taken, do you assess the effects and update the OH&S management system if necessary?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

After action is taken you need to asses the effects and update the OH&S management system if necessary. These actions need to be appropriate to the magnitude of the problem.

Click here to see an example of Registry and Status for Corrective Actions and Nonconformities. See Preview

10.3 CONTINUAL IMPROVEMENT

35) Do you continually improve the suitability, adequacy, and effectiveness of the OH&S management system?

1 — Not implemented2 — Planned3 — In progress4 — Mostly implemented5 — Optimized

Tip

You need to continually improve the suitability, adequacy, and effectiveness of the OH&S management system.

Click here to see an example of Procedure for Continual Improvement. See Preview

Here's the percentage of your compliance with ISO 45001:

%

Enter your e-mail address

[The results will be sent to entered e-mail address]

For more information on what personal data we collect, why we need it, what we do with it, how long we keep it, and what your rights are, see this Privacy Notice.

Implement ISO 45001 by yourself

Products

Conformio

Toolkits

Training

Experta

Company Training Academy
Resources

Articles

Webinars

Courses

Free Downloads

Tools

Live Consultations

Consultant Directory
Standards & Regulations

ISO 27001

ISO 22301

ISO 13485

ISO 9001

ISO 14001

ISO 45001

ISO 20000

ISO 17025

NIS 2

DORA

EU GDPR

EU MDR

IATF 16949

AS9100

Compliance in general
Advisera

About Us

For Consultants

Contact Sales

Terms of Use
Help

Help Center

Contact Support

Partnerships

Copyright ©2025 Advisera Expert Solutions Ltd