ISO45001:2018-Occupational Health & Safety Management System
4 Context ofthe organization
4.1 Understanding the organization and its context
The organization shall determine external and internal issues that are relevant to its purpose and that affect its ability to achieve the intended outcome(s) of its OH&S management system.
4.2 Understanding the needs and expectations ofworkers and other interested parties
The organization shall determine:
- a) the other interested parties, in addition to workers, that are relevant to the OH&S management system;
- b) therelevantneedsandexpectations(i.e.requirements)ofworkersandotherinterestedparties;
- c) which of these needs and expectations are, or could become, legal requirements and otherrequirements.
4.3 Determining the scope ofthe OH&S management system
The organization shall determine the boundaries and applicability ofthe OH&S management system to establish its scope.
When determining this scope, the organization shall:
- a) consider the external and internal issues referred to in i l;
- b) take into account the requirements referred to in生占
。 take into account the planned or performed work-related activities.
The OH&S management system shall include the activities, products and services within the organization’s control or influence that can impact the organization’s OH&S performance.
The scope shall be available as documented information. 4.4 OH&S management system
The organization shall establish, implement, maintain and continually improve an OH&S management system, including the processes needed and their interactions, in accordance with the requirements of this document.
8 。 ISO 2018 – All rights reserved
5 Leadership and worker participation 5.1 Leadership and commitment
Top management shall demonstrate leadership and commitment with respect to the OH&S management system by:
a] taking overall responsibility and accountability for the prevention of work-related injury and ill health, as well as the provision of safe and healthy workplaces and activities;
b) ensuring that the OH&S policy and related OH&S objectives are established and are compatible with the strategic direction of the organization;
c] ensuring the integration of the OH&S management system requirements into the organization’s business processes;
d) ensuring that the resources needed to establish, implement, maintain and improve the OH&S management system are available;
e] communicating the importance of effective OH&S management and of conforming to the OH&S management system requirements;
- f) ensuring that the OH&S management system achieves its intended outcome(s];
- g) directingandsupportingpersonstocontributetotheeffectivenessoftheOH&Smanagementsystem;
- h) ensuring and promoting continual improvement;
- i) supporting other relevant management roles to demonstrate their leadership as it applies to their areas of responsibility;
- j) developing, leading and promoting a culture in the organization that supports the intended outcomes of the OH&S management system;
k] protecting workers from reprisals when reporting incidents, hazards, risks and opportunities;
I) ensuring the organization establishes and implements a process(es] for consultation and
participation of workers (see .5.,圭〕;
m) supporting the establishment and functioning of health and safety committees, [see .5.d e) 1]].
NOTE Reference t。“business” in this document can be interpreted broadly to mean those activities that are core to the purposes of the organization’s existence.
5.2 OH&S policy
Top management shall establish, implement and maintain an OH&S policy that:
- a] includes a commitment to provide safe and healthy working conditions for the prevention of work- related injury and ill health and is appropriate to the purpose, size and context of the organization and to the specific nature of its OH&S risks and OH&S opportunities;
- b] provides a framework for setting the OH&S objectives;
- c] includes a commitment to fulfil legal requirements and other requirements;
- d) includes a commitment to eliminate hazards and reduce OH&S risks 〔see ll主);
- e) includesacommitmenttocontinualimprovementoftheOH&Smanagementsystem;
- f) includes a commitment to consultation and participation of workers, and, where they exist, workers’ representatives.
。 ISO 2018 – All rights reserved 9
ISO 45001:2018
ISO 45001:2018
The OH&S policy shall:
be available as documented information;
be communicated within the organization;
be available to interested parties, as appropriate; be relevant and appropriate.
5.3 Organizational roles, responsibilities and authorities
Top management shall ensure that the responsibilities and authorities for relevant roles within the OH&S management system are assigned and communicated at all levels within the organization and maintained as documented information. Workers at each level of the organization shall assume responsibility for those aspects of the OH&S management system over which they have control.
NOTE While responsibility and authority can be assigned, ultimately top management is still accountable for the functioning of the OH&S management system.
Top management shall assign the responsibility and authority for:
a)
b)
5.4
ensuring that the OH&S management system conforms to the requirements of this document; reporting on the performance of the OH&S management system to top management.
Consultation and participation of workers
The organization shall establish, implement and maintain a process(es] for consultation and participation of workers at all applicable levels and functions, and, where they exist, workers’ representatives, in the development, planning, implementation, performance evaluation and actions for improvement of the OH&S management system.
The organization shall:
- a] provide mechanisms, time, training and resources necessary for consultation and participation;NOTE 1 Worker representation can be a mechanism for consultation and participation.
- b] provide timely access to clear, understandable and relevant information about the OH&Smanagement system;
。 determine and remove obstacles or barriers to participation and minimize those that
cannot be removed;
NOTE 2 Obstacles and barriers can include failure to respond to worker inputs or suggestions, language or literacy barriers, reprisals or threats of reprisals and policies or practices that discourage or penalize worker participation.
d) emphasize the consultation of non-managerial workers on the following:
10
1] 2] 3] 4] 5] 6]
determiningtheneedsandexpectationsofinterestedparties(see4且〕;
establishing the OH&S policy (see丘主〕; assigningorganizationalroles,responsibilitiesandauthorities,asapplicable〔see二三); determining how to fulfil legal requirements and other requirements (see ιLl); establishingOH&Sobjectivesandplanningtoachievethem(see丘2);
determining applicable controls for outsourcing, procurement and contractors (see .8..1.到;
。 ISO 2018 – All rights reserved
7] determining what needs to be monitored, measured and evaluated (see生l〕;
的 planning, establishing, implementing and maintaining an audit programme(s〕〔see且.2…2.);
9] ensuring continual improvement (see l且主〕;
e) emphasize the participation of non-managerial workers in the following:
1) 2] 3) 4]
5) 6)
7)
determining the mechanisms for their consultation and participation;
identifying hazards and assessing risks and opportunities (see ιll and 牛L2.);
determining actions to eliminate hazards and reduce OH&S risks 〔seeιL圭);
determining competence requirements, training needs, training and evaluating training (see 22.];
determining what needs to be communicated and how this will be done (see 2圭);
determining control measures and their effective implementation and use (see 豆L
丘牛二 and丘2〕;
investigating incidents and nonconformities and determining corrective actions (see且4〕.
NOTE 4 It is recognized that the provision of training at no cost to workers and the provision of training during working hours, where possible, can rernove significant barriers to worker participation.
6 Planning
6.1 Actions to address risks and opportunities
6.1.1 General
When planning for the OH&S management system, the organization shall consider the issues referred to in 生1 (context), the requirements referred to in 生三 〔interested parties) and 生主 (the scope of its OH&S management system) and determine the risks and opportunities that need to be addressed to:
- a) give assurance that the OH&S management system can achieve its intended outcome(s);
- b) prevent, or reduce, undesired effects;
- c) achieve continual improvement.
When determining the risks and opportunities for the OH&S management system and its intended outcomes that need to be addressed, the organization shall take into account:
hazards (seeι1..U);
OH&S risks and other risks (see丘牛牛二〕;
OH&S opportunities and other opportunities (seeιLld); legal requirements and other requirements (see ιLl.).
The organization, in its planning process(es), shall determine and assess the risks and opportunities that are relevant to the intended outcomes of the OH&S management system associated with changes in the organization, its processes or the OH&S management system. In the case of planned changes,
Emphasizing the consultation and participation of non-managerial workers is intended to apply to
NOTE 3
persons carrying out the work activities, but is not intended to exclude, for example, managers who are impacted by work activities or other factors in the organization.
。 ISO 2018 – All rights reserved 11
ISO 45001:2018
ISO 45001:2018
permanent or temporary, this assessment shall be undertaken before the change is implemented (see豆L主).
The organization shall maintain documented information on: risks and opportunities;
the process(es] and actions needed to determine and address its risks and opportunities (see丘12 to 阜J.A) to the extent necessary to have confidence that they are carried out as planned.
6.1.2 Hazard identification and assessment of risks and opportunities 6.1.2.1 Hazard identification
The organization shall establish, implement and maintain a process(es) for hazard identification that is ongoing and proactive. The process(es) shall take into account, but not be limited to:
- a) how work is organized, social factors [including workload, work hours, victimization, harassment and bullying], leadership and the culture in the organization;
- b) routine and non-routine activities and situations, including hazards arising from:
- 1) infrastructure, equipment, materials, substances and the physical conditions ofthe workplace;
- 2) product and service design, research, development, testing, production, assembly, construction, service delivery, maintenance and disposal;
3] human factors;
4) how the work is performed;
c] past relevant incidents, internal or external to the organization, including emergencies, and
their causes;
的 potential emergency situations;
e] people, including consideration of:
- 1) those with access to the workplace and their activities, including workers, contractors, visitors and other persons;
- 2) those in the vicinity of the workplace who can be affected by the activities of the organization;
3] workers at a location not under the direct control of the organization; ηother issues, including consideration of:
g)
h)
- 1) the design ofwork areas, processes, installations, machinery/equipment, operating procedures and work organization, including their adaptation to the needs and capabilities of theworkers involved;
- 2) situations occurring in the vicinity of the workplace caused by work-related activities underthe control of the organization;
3] situations not controlled by the organization and occurring in the vicinity of the workplace
that can cause injury and ill health to persons in the workplace;
actual or proposed changes in organization, operations, processes, activities and the OH&S
management system 〔see丘牛马〕;
changes in knowledge of, and information about, hazards.
12
。 ISO 2018 – All rights reserved
6.1.2.2 Assessment ofOH&S risks and other risks to the OH&S management system The organization shall establish, implement and maintain a process(es) to:
- a) assess OH&S risks from the identified hazards, while taking into account the effectiveness of existing controls;
- b) determine and assess the other risks related to the establishment, implementation, operation and maintenance ofthe OH&S management system.
The organization’s methodology(ies] and criteria for the assessment of OH&S risks shall be defined with respect to their scope, nature and timing to ensure they are proactive rather than reactive and are used in a systematic way. Documented information shall be maintained and retained on the methodology(ies) and criteria.
6.1.2.3 Assessment of OH&S opportunities and other opportunities for the OH&S management system
The organization shall establish, implement and maintain a process(es) to assess:
a) OH&S opportunities to enhance OH&S performance, while taking into account planned changes to
the organization, its policies, its processes or its activities and:
- 1] opportunities to adapt work, work organization and work environment to workers;
- 2] opportunities to eliminate hazards and reduce OH&S risks;
b) other opportunities for improving the OH&S management system.
NOTE OH&S risks and OH&S opportunities can result in other risks and other opportunities for the
organization.
6.1.3 Determination of legal requirements and other requirements
The organization shall establish, implement and maintain a process(es) to:
- a) determine and have access to up-to-date legal requirements and other requirements that areapplicable to its hazards, OH&S risks and OH&S management system;
- b) determine how these legal requirements and other requirements apply to the organization andwhat needs to be communicated;
- c) take these legal requirements and other requirements into account when establishing,implementing, maintaining and continually improving its OH&S management system.
The organization shall maintain and retain documented information on its legal requirements and
other requirements and shall ensure that it is updated to reflect any changes.
NOTE Legal requirements and other requirements can result in risks and opportunities for the organization.
6.1.4 Planning action The organization shall plan:
a] actions to:
- 1] address these risks and opportunities 〔S四 年1.2.豆andι1…2….主〕;
- 2] address legal requirements and other requirements (see丘1..3.);
。 ISO 2018 – All rights reserved 13
ISO 45001:2018
ISO 45001:2018
3] prepare for and respond to emergency situations (see皇岛; b) how to:
1) integrate and implement the actions into its OH&S management system processes or other business processes;
2] evaluate the effectiveness of these actions.
The organization shall take into account the hierarchy of controls [see .8….l..2.) and outputs from the
OH&S management system when planning to take action.
When planning its actions, the organization shall consider best practices, technological options and
financial, operational and business requirements.
6.2 OH&S objectives and planning to achieve them 6.2.1 OH&S objectives
The organization shall establish OH&S objectives at relevant functions and levels in order to maintain and continually improve the OH&S management system and OH&S performance (see lι3.).
The OH&S objectives shall:
- a) be consistent with the OH&S policy;
- b) bemeasurable(ifpracticable]orcapableofperformanceevaluation;
。 take into account:
1] applicable requirements;
2] theresultsoftheassessmentofrisksandopportunities(see阜牛品.2.and丘il立〕;
3) the results of consultation with workers 〔see 车到 and, where they exist, workers’ representatives;
d] be monitored;
e) be communicated;
ηbe updated as appropriate.
6.2.2 Planning to achieve OH&S objectives
When planning how to achieve its OH&S objectives, the organization shall determine: a] what will be done;
- b) what resources will be required;
- c) who will be responsible;
- d) when it will be completed;
e] how the results will be evaluated, including indicators for monitoring;
ηhow the actions to achieve OH&S objectives will be integrated into the organization’s business processes.
The organization shall maintain and retain documented information on the OH&S objectives and plans to achieve them.
14 。 ISO 2018 – All rights reserved
7 Support 7.1 Resources
The organization shall determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement ofthe OH&S management system.
7.2 Competence
The organization shall:
功 determine the necessary competence ofworkers that affects or can affect its OH&S performance;
- b) ensure that workers are competent (including the ability to identify hazards] on the basis of appropriate education, training or experience;
- c) where applicable, take actions to acquire and maintain the necessary competence, and evaluate the effectiveness of the actions taken;
- d) retain appropriate documented information as evidence of competence.
NOTE Applicable actions can include, for example, the provision of training to, the mentoring of, or the re-
assignment of currently employed persons, or the hiring or contracting of competent persons.
7.3 Awareness
Workers shall be made aware of:
- a) the OH&S policy and OH&S objectives;
- b) their contribution to the effectiveness of the OH&S n1anagement system, including the benefits of improved OH&S performance;
- c) the implications and potential consequences of not conforming to the OH&S management system requirements;
- d) incidents and the outcomes of investigations that are relevant to them;
- e) hazards, OH&S risks and actions determined that are relevant to them;
ηthe ability to remove themselves from work situations that they consider present an imminent and serious danger to their life or health, as well as the arrangements for protecting them from undue consequences for doing so.
7.4 Communication 7.4.1 General
The organization shall establish, implement and maintain the process[es] needed for the internal and external communications relevant to the OH&S management system, including determining:
- a) on what it will communicate;
- b) when to communicate;
叶 with whom to communicate:
- 1) internally among the various levels and functions ofthe organization;
- 2) among contractors and visitors to the workplace;
。 ISO 2018 – All rights reserved 15
ISO 45001:2018
ISO 45001:2018
3] among other interested parties; d) how to communicate.
The organization shall take into account diversity aspects (e.g. gender, language, culture, literacy, disability) when considering its communication needs.
The organization shall ensure that the views of external interested parties are considered 1n establishing its communication process[es].
When establishing its communication process(es], the organization shall: take into account its legal requirements and other requirements;
ensure that OH&S information to be communicated is consistent with information generated within the OH&S management system, and is reliable.
The organization shall respond to relevant communications on its OH&S management system.
The organization shall retain documented information as evidence of its communications, as
appropriate.
7.4.2 Internal communication The organization shall:
- a) internally communicate information relevant to the OH&S management system among the various levels and functions of the organization, including changes to the OH&S management system, as appropriate;
- b) ensure its communication process[es) enables workers to contribute to continual improvement.
7.4.3 External communication
The organization shall externally communicate information relevant to the OH&S management system, as established by the organization’s communication process(es) and taking into account its legal requirements and other requirements.
7.5 Documented information
7.5.1 General
The organization’s OH&S management system shall include:
- a] documented information required by this document;
- b] documented information determined by the organization as being necessary for the effectivenessof the OH&S management system.
NOTE The extent of documented information for an OH&S management system can differ from one
organization to another due to:
the size of organization and its type of activities, processes, products and services; the need to demonstrate fulfilment of legal requirements and other requirements; the complexity of processes and their interactions;
the competence of workers.
16
。 ISO 2018 – All rights reserved
7.5.2 Creating and updating
When creating and updating documented information, the organization shall ensure appropriate:
- a) identification and description (e.g. a title, date, author or reference number];
- b) format [e.g. language, software version, graphics] and media (e.g. pape瓦 electronic);
- c) review and approval for suitability and adequacy.
7.5.3 Control ofdocumented information
Documented information required by the OH&S management system and by this document shall be
controlled to ensure:
斗 itis available and suitable for use, where and when it is needed;
b) it is adequately protected (e.g. from loss of confidentiality, improper use or loss of integrity].
For the control of documented information, the organization shall address the following activities,
as applicable:
distribution, access, retrieval and use;
storage and preservation, including preservation of legibility; control of changes (e.g. version control];
retention and disposition.
Documented information of external origin determined by the organization to be necessary for the planning and operation of the OH&S management system shall be identified, as appropriate, and controlled.
NOTE 1 Access can imply a decision regarding the permission to view the docurnented information only, or the perrnission and authority to view and change the documented information.
NOTE 2 Access to relevant documented information includes access by workers, and, where they exist, workers’ representatives.
8 Operation
8.1 Operational planning and control
8.1.1 General
The organization shall plan, implement, control and maintain the processes needed to meet requirements
o f t h e OH&S m a n a g e m e n t s y s t e m , a n d t o i m p l e m e n t t h e a c t i o n s d e t e r m i n e d i n .C.且且豆豆豆, by: a] establishing criteria for the processes;
b) implementing control of the processes in accordance with the criteria;
。 maintaining and retaining documented information to the extent necessary to have confidence that the processes have been carried out as planned;
d] adapting work to workers.
At multi-employer workplaces, the organization shall coordinate the relevant parts of the OH&S
management system with the other organizations.
。 ISO 2018 – All rights reserved 17
ISO 45001:2018
ISO 45001:2018
8.1.2 Eliminating hazards and reducing OH&S risks
The organization shall establish, implement and maintain a process(es] for the elimination ofhazards
and reduction of OH&S risks using the following hierarchy of controls:
- a) eliminate the hazard;
- b) substitute with less hazardous processes, operations, materials or equipment;
- c) use engineering controls and reorganization of work;
d] use administrative controls, including training;
e) use adequate personal protective equipment.
NOTE In many countries, legal requirements and other requirements include the requirement that personal protective equipment [ PPE] is provided at no cost to workers.
8.1.3 Management of change
The organization shall establish a process(es) for the implementation and control of planned temporary
and permanent changes that impact OH&S performance, including:
a] new products, services and processes, or changes to existing products, services and
processes, including:
workplace locations and surroundings;
work organization; working conditions; equipment;
work force;
b) changes to legal requirements and other requirements;
c] changes in knowledge or information about hazards and OH&S risks;
d) developments in knowledge and technology.
The organization shall review the consequences of unintended changes, taking action to mitigate any adverse effects, as necessary.
NOTE Changes can result in risks and opportunities. 8.1.4 Procurement
8.1.4.1 General
The organization shall establish, implement and maintain a process[es) to control the procurement of
products and services in order to ensure their conformity to its OH&S management system. 8.1.4.2 Contractors
The organization shall coordinate its procurement process(es] with its contractors, in order to identify hazards and to assess and control the OH&S risks arising from:
a) b)
the contractors’ activities and operations that impact the organization;
the organization’s activities and operations that impact the contractors’ workers;
18
。 ISO 2018 – All rights reserved
。 the contractors’ activities and operations that impact other interested parties in the workplace.
The organization shall ensure that the requirements of its OH&S management system are met by contractors and their workers. The organization’s procurement process(es] shall define and apply occupational health and safety criteria for the selection of contractors.
NOTE It can be helpful to include the occupational health and safety criteria for the selection of contractors in the contractual documents.
8.1.4.3 Outsourcing
The organization shall ensure that outsourced functions and processes are controlled. The organization shall ensure that its outsourcing arrangements are consistent with legal requirements and other requirements and with achieving the intended outcomes of the OH&S management system. The type and degree of control to be applied to these functions and processes shall be defined within the OH&S management system.
NOTE Coordination with external providers can assist an organization to address any impact that outsourcing has on its OH&S performance.
8.2 Emergency preparedness and response
The organization shall establish, implement and maintain a process[es) needed to prepare for and
r e s p o n d t o p o t e n t i a l e m e r g e n c y s i t u a t i o n s , a s i d e n t i f i e d in 豆J..2.J., i n c l u d i n g :
- a) establishing a planned response to emergency situations, including the provision of first aid;
- b) providing training for the planned response;
- c) periodically testing and exercising the planned response capability;
- d) evaluating performance and, as necessar弘 revising the planned response, including after testing and, in particular, after the occurrence of emergency situations;
e) communicating and providing relevant information to all workers on their duties and
responsibilities;
f) communicating relevant information to contractors, visitors, emergency response services, government authorities and, as appropriate, the local community;
g) taking into account the needs and capabilities of all relevant interested parties and ensuring their involvement, as appropriate, in the development of the planned response.
The organization shall maintain and retain documented information on the process[es) and on the plans for responding to potential emergency situations.
9 Performance evaluation
9.1 Monitoring, measurement, analysis and performance evaluation
9.1.1 General
The organization shall establish, implement and maintain a process[es) for monitoring, measurement,
analysis and performance evaluation.
The organization shall determine:
a) what needs to be monitored and measured, including:
1] the extent to which legal requirements and other requirements are fulfilled;
。 ISO 2018 – All rights reserved 19
ISO 45001:2018
ISO 45001:2018
- 2] its activities and operations related to identified hazards, risks and opportunities;
- 3] progress towards achievement of the organization’s OH&S objectives;
4) effectiveness of operational and other controls;
b) the methods for monitoring, measurement, analysis and performance evaluation, as applicable, to ensure valid results;
c] the criteria against which the organization will evaluate its OH&S performance;
d) when the monitoring and measuring shall be performed;
功 when the results from monitoring and measurement shall be analysed, evaluated and communicated.
The organization shall evaluate the OH&S performance and determine the effectiveness of the OH&S management system.
The organization shall ensure that monitoring and measuring equipment is calibrated or verified as applicable, and is used and maintained as appropriate.
NOTE There can be legal requirements or other requirements (e.g. national or international standards] concerning the calibration or verification of monitoring and measuring equipment.
The organization shall retain appropriate documented information:
as evidence of the results of monitoring, measurement, analysis and performance evaluation; on the maintenance, calibration or verification of measuring equipment.
9.1.2 Evaluation ofcompliance
The organization shall establish, implement and maintain a process[es) for evaluating compliance with
legal requirements and other requirements 〔see丘牛二〕. The organization shall:
- a) determine the frequency and method[s) for the evaluation of compliance;
- b) evaluate compliance and take action ifneeded 〔see且主);
c] maintain knowledge and understanding of its compliance status with legal requirements and other
requirements;
d] retain documented information of the compliance evaluation result(s).
9.2 Internal audit 9.2.1 General
The organization shall conduct internal audits at planned intervals to provide information on whether the OH&S management system:
功
b)
conforms to:
1) the organization’s own requirements for its OH&S management system, including the OH&S
policy and OH&S objectives;
2] the requirements of this document;
is effectively implemented and maintained.
20
。 ISO2018 – All rights reserved
9.2.2 Internal audit programme
The organization shall:
a] plan, establish, implement and maintain an audit programme(s] including the frequency, methods, responsibilities, consultation, planning requirements and reporting, which shall take into
consideration the importance of the processes concerned and the results of previous audits;
- b) define the audit criteria and scope for each audit;
- c) select auditors and conduct audits to ensure objectivity and the impartiality of the audit process;
- d) ensure that the results of the audits are reported to relevant managers; ensure that relevant audit results are reported to workers, and, where they exist, workers’ representatives, and other relevant interested parties;
e] take action to address nonconformities and continually improve its OH&S performance [see .Cl.a!鉴豆_lil);
f) retain documented information as evidence ofthe implementation ofthe audit programme and the audit results.
NOTE For more information on auditing and the competence of auditors, see ISO 19011. 9.3 Management review
Top management shall review the organization’s OH&S management system, at planned intervals, to ensure its continuing suitability, adequacy and effectiveness.
The management review shall include consideration of:
a) the status of actions from previous management reviews;
b) changesinexternalandinternalissuesthatarerelevanttotheOH&Smanagementsystem,including:
1] the needs and expectations of interested parties; 2) legal requirements and other requirements;
3] risks and opportunities;
。 the extent to which the OH&S policy and the OH&S objectives have been met; d] information on the OH&S performance, including trends in:
- 1) incidents, nonconformities, corrective actions and continual improvement;
- 2) monitoring and measurement results;
- 3) results of evaluation of compliance with legal requirements and other requirements;
4] audit results;
5) consultation and participation of workers; 6] risks and opportunities;
e] adequacy of resources for maintaining an effective OH&S management system; ηrelevant communication(s) with interested parties;
g) opportunities for continual improvement.
。 ISO 2018 – All rights reserved 21
ISO 45001:2018
ISO 45001:2018
The outputs ofthe management review shall include decisions related to:
the continuing suitabilit弘 adequacyand effectiveness of the OH&S management system in achieving
its intended outcomes;
continual improvement opportunities;
any need for changes to the OH&S management system;
resources needed;
actions, if needed;
opportunities to improve integration ofthe OH&S managementsystem with other business processes; any implications for the strategic direction of the organization.
Top management shall communicate the relevant outputs of management reviews to workers, and, where they exist, workers’ representatives (see L到 .
The organization shall retain documented information as evidence ofthe results ofmanagement reviews.
10 Improvement 10.1 General
The organization shall determine opportunities for improvement (see .Clal且」) and implement necessary actions to achieve the intended outcomes of its OH&S management system.
10.2 Incident, nonconformity and corrective action
The organization shall establish, implement and maintain a process(es], including reporting,
investigating and taking action, to determine and manage incidents and nonconformities. When an incident or a nonconformity occurs, the organization shall:
a] react in a timely manner to the incident or nonconformity and, as applicable:
1] take action to control and correct it;
2) deal with the consequences;
b) evaluate, with the participation of workers (see 三A〕 and the involvement of other relevant interested parties, the need for corrective action to eliminate the root cause(s) of the incident or nonconformity, in order that it does not recur or occur elsewhere, by:
- 1) investigating the incident or reviewing the nonconformity;
- 2) determining the cause[s) of the incident or nonconformity;
3] determining if similar incidents have occurred, if nonconformities exist, or if they could potentially occur;
c] review existing assessments of OH&S risks and other risks, as appropriate (see 丘.1);
- d) determine and implement any action needed, including corrective action, in accordance with thehierarchy of controls (see丘12) and the management of change (see旦.Ll〕;
- e) assess OH&S risks that relate to new or changed hazards, prior to taking action;
ηreview the effectiveness ofany action taken, including corrective action;
22 ©ISO 2018 – All rights reserved
g) make changes to the OH&S management system, if necessary.
Corrective actions shall be appropriate to the effects or potential effects of the incidents or
nonconformities encountered.
The organization shall retain documented information as evidence of:
the nature ofthe incidents or nonconformities and any subsequent actions taken;
the results of any action and corrective action, including their effectiveness.
The organization shall communicate this documented information to relevant workers, and, where
they exist, workers’ representatives, and other relevant interested parties.
NOTE The reporting and investigation of incidents without undue delay can enable hazards to be e!i1ninated
and associated OH&S risks to be minimized as soon as possible.
10.3 Continual improvement
The organization shall continually improve the suitability, adequacy and effectiveness of the OH&S
management system, by:
a] enhancing OH&S performance;
b) promoting a culture that supports an OH&S management system;
。 promoting the participation of workers in implementing actions for the continual improvement of
the OH&S management system;
d] communicating the relevant results of continual improvement to workers, and, where they exist,
workers’ representatives;
的 maintaining and retaining documented information as evidence of continual improvement.