I
ISOMIKE
Does anyone have ISO 45001 Audit questions? I am tasked with creating the Management Systems questions for the new 45001.... I am new to 18000 and 45001. Anyone created an audit I can view?
ISO 45001:2018 - Occupational Health and Safety Management Standard
- Thread starter Henria
- Start date
The Standard has not been released yet and it is expected to be published in March 2018.
Hello !
Auditing a management system is not only asking one by one a list of questions representative of the chosen management system standard... This « questions approach » is just a « checklist approach ». For a correct « audit approach » see the ISO 19011:2011 standard « Guidelines for auditing management systems ».
But if you want to create a checklist from a management system standard, it's simple: you analyze the active part of the standard to identify and highlight the requirements that you think are important. Then you turn each of these highlighted requirements into a question.
For example, ISO 45001 (DIS.2) has this following requirement (in 5.2 OH&S policy) : « Top management shall establish, implement and maintain an OHS policy that: a) includes a commitment to ... ; b) provides a framework for ... ; c) includes a commitment to ... ; d) includes a commitment to ... ; e) includes a commitment to… ; and f) includes a commitment to… ».
Il you want you can retain only the general requirement to establish an OHS policy and turn it into a question: « Did top management establish an OHS policy? ». To be a little more complete you can add these two other questions : « does top management implement its policy? » and « does maintain it? »
To be even more relevant about the content of the policy, and not only about its existence, you need still add to your checklist a question for each specific requirement a), b), c), etc ... You can also summarize them in only one question such as « Is the content of the policy adequate to 5.2 ISO 45001 ? », but it's not very significant if you don't have a perfect knowledge of this standard ...
By doing so for all ISO 45001 requirements you produce proudly your own checklist with the level of precision you want!
What do you think of my proposal IsoMike ?
Bye.
Auditing a management system is not only asking one by one a list of questions representative of the chosen management system standard... This « questions approach » is just a « checklist approach ». For a correct « audit approach » see the ISO 19011:2011 standard « Guidelines for auditing management systems ».
But if you want to create a checklist from a management system standard, it's simple: you analyze the active part of the standard to identify and highlight the requirements that you think are important. Then you turn each of these highlighted requirements into a question.
For example, ISO 45001 (DIS.2) has this following requirement (in 5.2 OH&S policy) : « Top management shall establish, implement and maintain an OHS policy that: a) includes a commitment to ... ; b) provides a framework for ... ; c) includes a commitment to ... ; d) includes a commitment to ... ; e) includes a commitment to… ; and f) includes a commitment to… ».
Il you want you can retain only the general requirement to establish an OHS policy and turn it into a question: « Did top management establish an OHS policy? ». To be a little more complete you can add these two other questions : « does top management implement its policy? » and « does maintain it? »
To be even more relevant about the content of the policy, and not only about its existence, you need still add to your checklist a question for each specific requirement a), b), c), etc ... You can also summarize them in only one question such as « Is the content of the policy adequate to 5.2 ISO 45001 ? », but it's not very significant if you don't have a perfect knowledge of this standard ...
By doing so for all ISO 45001 requirements you produce proudly your own checklist with the level of precision you want!
What do you think of my proposal IsoMike ?
Bye.
Last edited by a moderator:
(complement to my previous message)
I propose you IsoMike an even shorter method for establishing a ISO 45001 theoretical checklist : use the summary of the standard by symbolically adding a "question mark" at the end of each article title (see below). But obviously this checklist requires to know perfectly the target standard ... because it too much general, too much superficial. And if we perfectly know the standard (like a real auditor) then we don't need a checklist, we use the standard directly! This shows the reducing side of any checklist because it systematically and strongly degrades the standard : we can't audit a management system with a simple cheklist!
4 Context of the organization
4.1 Understanding the organization and its context ?
4.2 Understanding the needs and expectations of workers and other interested parties ?
4.3 Determining the scope of the OH&S management system ?
4.5 OH&S management system ?
5 Leadership and worker participation
5.1 Leadership and commitment ?
5.2 OH&S policy ?
5.3 Organizational roles, responsibilities and authorities ?
5.4 Consultation and participation of workers ?
6 Planning
6.1 Actions to address risks and opportunities
6.1.1 General ?
6.1.2 Hazard identification and assessment of risks and opportunities ?
6.1.3 Determination of legal requirements and other requirements ?
6.1.4 Planning action ?
6.2 OH&S objectives and planning to achieve them
6.2.1 OH&S objectives ?
6.2.2 Planning to achieve OH&S objectives ?
7 Support
7.1 Resources ?
7.2 Competence ?
7.3 Awareness ?
7.4 Communication ?
7.5 Documented information
7.5.1 General ?
7.5.2 Creating and updating ?
7.5.3 Control of documented Information ?
8 Operation
8.1 Operational planning and control
8.1.1 General ?
8.1.2 Eliminating hazards and reducing OH&S risks ?
8.1.3 Management of change ?
8.1.4 Outsourcing ?
8.1.5 Procurement ?
8.1.6 Contractors ?
8.2 Emergency preparedness and response ?
9 Performance evaluation
9.1 Monitoring, measurement, analysis and performance evaluation
9.1.1 General ?
9.1.2 Evaluation of compliance ?
9.2 Internal audit
9.2.1 General ?
9.2.2 Internal audit programme ?
9.3 Management review ?
10 Improvement
10.1 General ?
10.2 Incident, nonconformity and corrective action ?
10.3 Continual improvement ?
I propose you IsoMike an even shorter method for establishing a ISO 45001 theoretical checklist : use the summary of the standard by symbolically adding a "question mark" at the end of each article title (see below). But obviously this checklist requires to know perfectly the target standard ... because it too much general, too much superficial. And if we perfectly know the standard (like a real auditor) then we don't need a checklist, we use the standard directly! This shows the reducing side of any checklist because it systematically and strongly degrades the standard : we can't audit a management system with a simple cheklist!
4 Context of the organization
4.1 Understanding the organization and its context ?
4.2 Understanding the needs and expectations of workers and other interested parties ?
4.3 Determining the scope of the OH&S management system ?
4.5 OH&S management system ?
5 Leadership and worker participation
5.1 Leadership and commitment ?
5.2 OH&S policy ?
5.3 Organizational roles, responsibilities and authorities ?
5.4 Consultation and participation of workers ?
6 Planning
6.1 Actions to address risks and opportunities
6.1.1 General ?
6.1.2 Hazard identification and assessment of risks and opportunities ?
6.1.3 Determination of legal requirements and other requirements ?
6.1.4 Planning action ?
6.2 OH&S objectives and planning to achieve them
6.2.1 OH&S objectives ?
6.2.2 Planning to achieve OH&S objectives ?
7 Support
7.1 Resources ?
7.2 Competence ?
7.3 Awareness ?
7.4 Communication ?
7.5 Documented information
7.5.1 General ?
7.5.2 Creating and updating ?
7.5.3 Control of documented Information ?
8 Operation
8.1 Operational planning and control
8.1.1 General ?
8.1.2 Eliminating hazards and reducing OH&S risks ?
8.1.3 Management of change ?
8.1.4 Outsourcing ?
8.1.5 Procurement ?
8.1.6 Contractors ?
8.2 Emergency preparedness and response ?
9 Performance evaluation
9.1 Monitoring, measurement, analysis and performance evaluation
9.1.1 General ?
9.1.2 Evaluation of compliance ?
9.2 Internal audit
9.2.1 General ?
9.2.2 Internal audit programme ?
9.3 Management review ?
10 Improvement
10.1 General ?
10.2 Incident, nonconformity and corrective action ?
10.3 Continual improvement ?
Last edited:
(new complement to my previous messages)
IsoMike, to avoid distorting the target standard I propose you another way to create your "checklist": you copy the active part of the standard in the cells of column A of an Excel sheet and in the corresponding cells of column B you will note your appreciations on the satisfaction of the standard requirements by the company you visit ... But for me it is still not a way to realize a management system audit according to ISO 19011. A "questions list approach" even based on ISO 45001 does not bring auditing techniques and in particular does not provide the OSH knowledge and skills needed for an occupational safety and health management system auditor...
IsoMike, to avoid distorting the target standard I propose you another way to create your "checklist": you copy the active part of the standard in the cells of column A of an Excel sheet and in the corresponding cells of column B you will note your appreciations on the satisfaction of the standard requirements by the company you visit ... But for me it is still not a way to realize a management system audit according to ISO 19011. A "questions list approach" even based on ISO 45001 does not bring auditing techniques and in particular does not provide the OSH knowledge and skills needed for an occupational safety and health management system auditor...
Last edited:
Randy
Super Moderator
Oh fiddle sticks, I can't believe I'm in agreement with Henria!
ISOMIKE the only absolute guarantee with audit questions is the 1st question mainly because your 2nd question, regardless of how well you made your list, will always be based upon the answer to your 1st which can be 180 degrees from what you expected, after that you're going to be shooting from the hip.
The IAF released a Mandatory Document for the transition from OHSAS 18001 to ISO 45001:2018.
In that document, they mentioned
I am not sure why they have to spin the fact that, twice, the ISO TMB, under pressure by corporations decided to vote down the establishment of an ISO OHSMS. Just like ISO had to cave in to the corporate push back on the development of a Social Responsibility document, which became ISO 26000, only after a compromise was reached that the document would not be a certifiable standard, all of that documented here at The Elsmar Cove.
As I previously mentioned, when it became clear that the adoption of OHSAS 18001 was a large scale movement, with hundreds of thousands deploying it and becoming certified, it became very hard for ISO not to monetize OHSMS. And, there is nothing wrong with that. But to spin the previous down votes as a decision to wait, timing was not appropriate, etc. is just that: a spin.
In that document, they mentioned
I am not sure why they have to spin the fact that, twice, the ISO TMB, under pressure by corporations decided to vote down the establishment of an ISO OHSMS. Just like ISO had to cave in to the corporate push back on the development of a Social Responsibility document, which became ISO 26000, only after a compromise was reached that the document would not be a certifiable standard, all of that documented here at The Elsmar Cove.
As I previously mentioned, when it became clear that the adoption of OHSAS 18001 was a large scale movement, with hundreds of thousands deploying it and becoming certified, it became very hard for ISO not to monetize OHSMS. And, there is nothing wrong with that. But to spin the previous down votes as a decision to wait, timing was not appropriate, etc. is just that: a spin.
In the ISO PC 283 website, a document titled Implementation Guidance for migrating from OHSAS 18001:2007 to ISO 45001:2018 is available.
.
.
J
josephjohn
The standard is currently being developed by a committee of occupational health and safety experts, and will follow other generic management system approaches such as ISO 14001 and ISO 9001.
Similar threads
- Sticky
- Roland Kelly
- Occupational Health & Safety Management Standards
