Search the Elsmar Cove!
**Search ALL of** with DuckDuckGo Especially for content not in the forum
Such as files in the Cove "Members" Directory

Document templates required for ISO ISO 45001 - Engineering Construction company

hello Friends ,

this is ahmed,I am going make a H&S management system based on iso 45001 Requirements,

I need to start it as soon as possible,
I have a Engineering Construction company with some employee around 50+on 3 different locations including head office.
before going for certification audit or gap analysis ,I want to have all the documents and procedure ready.

need support from you to make it from scratch.
  • Scope of the OH&S management system
  • Responsibilities and authorities within OH&SMS
  • OH&S process for addressing risks and opportunities
  • Methodology and criteria for assessment of OH&S risks
  • OH&S objectives and plans for achieving them
just need templates and i will make them as per my organization requirement or if possibly available with construction engineering companies background.

also need suggestion from your side from where to start.
Last edited by a moderator:


OSH Officer
Hello !

Sorry Iabozdar, but considering progress in OH&S management with the ISO 45001 standard model by copying OHSMS "documentation" from another company to pass a "certification audit" does not seem a good approach to me. Do not confuse "OHSMS" et its "documentation". On the contrary, I believe that the basis of such a project is to start from an analysis of the curent OH&S practices of the company regarding to the requirements of this OHSMS model. In fact it is an audit of the "native" management of OH&S of the company! Its "natural OHSMS...

To set up a Management System (whatever the "X" management domain and the target SM standard), here are the main lines to follow (validated by some personal experiences):
- See immediately the integration of the normative model of SMX in the company as a "project" of the company to lead by the management in "project management" mode (ie a small project team, a budget, a schedule of actions, comm, etc ... at the mesh of the company). This requires a decision and a follow-up on the part of the management ... especially since it will also have tasks to carry out during the project.
- Start with a discovery-understanding-appropriation of the requirements of the normative model of SMX by the project team by having at least a reading workshop, or even a training on the norm and the SM (and / or opportunistically through the next point).
- Anyway make an initial inventory of the current practices of the company in the field X in the form of a real "audit" by using the standard of SMX like "audit reference" ... (say that an audit of the company's "native" SMX, because the company is already managing the X domain in one way or another, even if it is an empirical way. relevant that a useless "blank check" at the end of the project ...
- This audit identifies what the company is already doing correct "without knowing it" (to be endorsed by the project), what it is already doing but not correctly (to be adjusted by the project) and what it does not do it yet but will have to do to be in line with the SMX standard (to be created by the project) ...
- This audit will feed the development of its roadmap (identification and planning of the tasks necessary for the structuring and implementation of the DM = planning tasks with managers and milestones), especially if the company has the means to achieve this audit by a competent SMX consultant by providing the specifications with the small project team (this will be a kind of minimum or complementary training mentioned above).
- Plan and carry out the tasks thus identified to build the SMX by associating actors with the main functions concerned by the X processes thus consolidated or created, and gradually launch the SMX with their initial participation and then maintained.
NB: Creating and launching an SMX takes a reasonable about one year.

And when you will have carried out this process and concretely implemented new OH&S management practices you will just to order and pay a certification audit to easily obtain the certification of your OHSMS if you wish. Do not confuse "OHSMS" and "certification".


John Broomfield

Staff member
Super Moderator

Another approach is to capture what your organization already does to manage health and safety with its business system.

That way you develop your OH&SMS* around what you already do right.

*avoid using this alienating terminology with your colleagues so it fits your org not with the standard.

You could trying naming your management system for your company.

Then study what your organization already does to provide a healthy and safe work environment. That way you’ll take your colleagues with you instead of starting with audit.

Audit your system against the standard when you’ve already captured it and trained your own audit team.

Best wishes,



OSH Officer
Hello !

John, how to determine what the company "already do right"* regarding occupational health and safety before to use a standard model ? Without a reference standard, the company will find that everything it does is good and sufficient (what the company is doing now is its personal vision of the best way to manage OH&S correctly ...).
* and do bad, or do not...

Our approaches are similar (I have a little more detailed mine). In reality it's to compare the present way to manage OH&S in the company to the ISO 45001 requirements. You can call this as you want, it's an "audit" (self-assessment, diagnostic, etc...).

"... when you have already captured" ISO 45001, as me... "and formed your own audit team", as me too in a way.

Then, as me, you certainly propose to determine and plan actions to improve the OH&S management in the company...

Last edited:

John Broomfield

Staff member
Super Moderator

Competence in management systems, the standard and audit is important when interviewing top management to determine how the organization plans, delivers and continually improves its system to deliver health and safety.

This is more a matter of studying and understanding how the organization actually works as a system than determining nonconformities with the standard.

The organization as system can then be developed in consultation with the process owners (as identified by top management) to focus on what is actually done (rather than what should be done). As-is depictions of the processes and their interactions are then reviewed by the process teams for accuracy.

Having establishing a strong framework based on reality it is then possible to introduce the new controls and processes deemed necessary by the organization and the standard. This also focuses the training needed to make the new controls and new processes a reality.

Finally, the internal audit team conducting its first audit and top management conducting its first review could be considered completion of the system development project.

I recommend completion of two or three cycles of system improvement before applying for certification.

My clients have successfully used and improved this methodology since 1986.

Last edited:


OSH Officer
"Finally, the internal audit team conducting its first audit and top management conducting its first review could be considered completion of the system development project" I agree 100% John. This (9.2, 9.3 and 10) is the end of the first big PDCA cycle of the newly structured SM according to the choised SM standard.

"I recommend completion of two or three cycles of system improvement before applying for certification" I agree 200% ! I hate "Q, E or OHS certification projects in 6 months", I prefer "Q, E or OHS performance improvement projects (via notion of management system)" even without certification ... (there no no certification requirement in ISO 9001, 14001 or 45001, for example).

Top Bottom