Delegate Book

i
DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

ii
Important Note
This manual and any related documentation including forms, contents or procedures (with the
exception of any reference documents e.g. ISO 19011/ ISO 17021/ ISO 45001:2018 DFIS etc.) is
confidential and proprietary of Proftech Leading Institute. This information may not be
retained, used, copied and or promulgated without the prior written consent of Proftech
Leading Institute. Extreme care has been taken to comply with the copy rights and references
have been quoted where applicable. However, we appreciate feedback from any one if there is
any material which is similar to the one which has copy rights from any other organization and
has been un-intentionally included. We aim to continually improve our training materials to
cope with the latest industry practices and we shall appreciate your feedback
(Copyright) 2018 an unpublished work by Proftech Leading Institute – All rights reserved.
Occupational Health & Safety Management Systems Lead Auditor Training Course Delegate
Manual based on ISO 45001:2018 requirements

iii

iv
About this book

This book has been designed and written to incorporate students’ notes into this book for their
understanding in future. The course is mainly based on acquiring skills through case studies,
exercises and mock audits after gaining specific knowledge through discussion in the class.
COURSE INTRODUCTION
The aim of this course is to provide delegates with the knowledge and skills required to perform
first, second and third-party audits of OH&S management systems against ISO 45001:2018
requirements, in accordance with ISO 19011 and ISO/IEC 17021, as applicable. All references to
ISO standards in this document are to the current versions, unless stated otherwise.
Delegates who complete this CQI and IRCA Certified ISO 45001:2018 Lead Auditor (OH&SMS)
Training course successfully (within the three years prior to making an application to become a
certificated auditor) will satisfy the training requirements for initial certification as an IRCA
OH&S MS auditor.

v
Table of Contents
Recommend prior knowledge: FD127 ISO 45001:2018 Foundation (OHSMS) .............................. 1
Management systems ............................................................................................................................. 1
ISO 45001 .................................................................................................................................................. 1
LEARNING OBJECTIVES .......................................................................................................................... 2
Knowledge ............................................................................................................................................... 2
Skills .......................................................................................................................................................... 2
Continual Assessment ............................................................................................................................ 2
Final Examination ................................................................................................................................... 3
What is Safety? ............................................................................................................................................. 4
What is Health?............................................................................................................................................ 4
Quiz 1 ........................................................................................................................................................ 4
What is Audit ........................................................................................................................................... 4
Quiz 2 ........................................................................................................................................................ 4
Occupational Health & Safety Management System ............................................................................. 5
What is a System...................................................................................................................................... 5
Difference between a procedure and process ..................................................................................... 5
The Process Approach in OH&S MS .................................................................................................... 5
Management System ............................................................................................................................... 6
Occupational Health & Safety Management system ......................................................................... 6
Quiz 3 ........................................................................................................................................................ 6
Exercise 1 .................................................................................................................................................. 7
PDCA Cycle ................................................................................................................................................. 8
What is PDCA Cycle ............................................................................................................................... 8
How PDCA Cycle can be applied ......................................................................................................... 8
Why PDCA Cycle .................................................................................................................................... 8
PDCA Cycle & ISO 45001:2018 .................................................................................................................. 9
Processes involved in Improving OH&S MS Performance ................................................................... 9
1- Establishing OH&S MS .................................................................................................................... 10

vi
2- Implementing & Operating OH&S MS.......................................................................................... 10

3- Processes involved in Monitoring & Measuring OH&S MS ...................................................... 11
4- Analyzing and Evaluating OH&S MS ........................................................................................... 11
5- Reviewing, Maintaining and Improving OH&S MS ................................................................... 12
Quiz 4 ...................................................................................................................................................... 13
Exercise 2 ................................................................................................................................................ 13
Exercise 3 ................................................................................................................................................ 13
Audit Terminologies (Flip Chart Game) ................................................................................................ 14
Write the definitions of following in your own wording ......................................................................... 14
Organization .......................................................................................................................................... 14
Interested party...................................................................................................................................... 14
Stakeholder ............................................................................................................................................. 14
Worker .................................................................................................................................................... 14
Participation ........................................................................................................................................... 14
Consultation ........................................................................................................................................... 14
Workplace............................................................................................................................................... 15
Contractor ............................................................................................................................................... 15
Requirement ........................................................................................................................................... 15
Legal requirements and other requirements ..................................................................................... 15
Management system ............................................................................................................................. 15
Occupational health and safety management system ..................................................................... 15
OH&S management system ................................................................................................................. 16
Top management ................................................................................................................................... 16
Policy ....................................................................................................................................................... 16
Occupational health and safety policy ............................................................................................... 16
OH&S policy .......................................................................................................................................... 16
Objective ................................................................................................................................................. 16
Occupational health and safety objective .......................................................................................... 17
Injury and ill health ............................................................................................................................... 17
Hazard .................................................................................................................................................... 17
Risk .......................................................................................................................................................... 17
OH&S risk ..................................................................................................

vii
Occupational health and safety opportunity .................................................................................... 17

Competence ............................................................................................................................................ 18
Documented information ..................................................................................................................... 18
Process..................................................................................................................................................... 18
Procedure................................................................................................................................................ 18
Performance ........................................................................................................................................... 18
Occupational health and safety performance ................................................................................... 18
Outsource ............................................................................................................................................... 19
Monitoring.............................................................................................................................................. 19
Measurement ......................................................................................................................................... 19
Audit ....................................................................................................................................................... 19
Conformity ............................................................................................................................................. 19
Nonconformity ...................................................................................................................................... 19
Incident ................................................................................................................................................... 20
Corrective action.................................................................................................................................... 20
Continual improvement ....................................................................................................................... 20
Benefits of Documented Information for OH&S MS ........................................................................... 21
Requirements for OH&S MS Documented Information ..................................................................... 22
Quiz 5 ...................................................................................................................................................... 23
Sources for Hazard Identifications ......................................................................................................... 24
Hierarchy of Risk Control ........................................................................................................................ 25
Exercise 3 ................................................................................................................................................ 25
Quiz 6 ...................................................................................................................................................... 26
Exercise 4 ................................................................................................................................................ 27
Risk Assessment Process .......................................................................................................................... 28
Exercise 5 ................................................................................................................................................ 28
Types of Audits ......................................................................................................................................... 30
Difference amongst Types of Audits .................................................................................................. 30
Benefits of 3rd Party Accredited Certification........................................................................................ 31
The Audit Process: 3rd Party .................................................................................................................... 31
Audit Request by Auditee........................................................................................................................ 33
Review of Request by CB .........................................................................

viii
Outcome of Review ................................................................................................................................... 33

Audit Man-Days requirement: IAF Guideline ...................................................................................... 34
Exercise 6 ................................................................................................................................................ 35
Onsite Visit before Desktop Audit ...................................................................................................... 36
Desktop Review of OH&S MS ............................................................................................................. 36
Reasons for Document Review ........................................................................................................... 36
Document Review Process ................................................................................................................... 36
Docment Review Outcome ...................................................................................................................... 37
Desktop Audit Report........................................................................................................................... 38
Sampling ..................................................................................................................................................... 40
Why Sampling ....................................................................................................................................... 40
Risk of Sampling .................................................................................................................................... 40
How Sampling is carried out ............................................................................................................... 40
Exercise 7 ................................................................................................................................................ 41
Disadvantages of Checklist ...................................................................................................................... 42
Guidelines for Preparing Checklists ....................................................................................................... 42
Exercise 8 ................................................................................................................................................ 43
Audit Programme ..................................................................................................................................... 44
Audit Plan .................................................................................................................................................. 44
Why Audit Plan ......................................................................................................................................... 45
Audit Schedule .......................................................................................................................................... 45
Exercise 9 ................................................................................................................................................ 46
Audit Roles ................................................................................................................................................. 47
Audit Team Composition & Other roles............................................................................................ 47
Audit Team Competence ..................................................................................................................... 47
Audit Principles (Ref ISO 19011:2011) .................................................................................................... 48
Integrity ...................................................................................................................................................... 48
Fair presentation .................................................................................................................................... 48
Due professional care ........................................................................................................................... 49
Confidentiality ....................................................................................................................................... 49
Independence ......................................................................................................................................... 49
Evidence-based approach ........................................................................

ix
Auditor Personal Attributes .................................................................................................................... 51

Auditor Skills ............................................................................................................................................. 52
Management system and reference documents................................................................................ 53
Organizational context: ........................................................................................................................ 53
Audit Method ............................................................................................................................................ 54
Planning for Stage 2 Audit ....................................................................................................................... 55
Planning for visiting the auditee’s location ........................................................................................... 55
Audit Responsibilities............................................................................................................................... 55
Audit Client & Auditee ........................................................................................................................ 55
Quiz 7 ...................................................................................................................................................... 56
Role & Responsibilities of Auditee ......................................................................................................... 57
Role & Responsibilities of Auditor ......................................................................................................... 57
Role & Responsibilities of Lead Auditor ............................................................................................... 57
Role & Responsibilities of Observer ....................................................................................................... 58
Role & Responsibilities of Guide ............................................................................................................ 58
Auditor Confidentiality ............................................................................................................................ 59
What is confidentiality.......................................................................................................................... 59
Significance of Auditor Confidentiality ............................................................................................. 59
Role of Auditor for maintaining confidentiality ............................................................................... 59
Outcome if Confidentiality is breached ............................................................................................. 59
• Certification Body .......................................................................................................................... 59
• Auditor............................................................................................................................................. 59
• Client/ Auditee .............................................................................................................................. 60
Conduct of Auditors during onsite visit ................................................................................................ 60
Opening Meetings ..................................................................................................................................... 62
Who should attend? .................................................................................................................................. 62
Agenda of Opening Meetings ................................................................................................................. 62
Exercise 10 .............................................................................................................................................. 63
Objective Evidence Collection ................................................................................................................. 63
What is Objective Evidence ..................................................................................................................... 63
Evidence Verification ................................................................................................................................ 63
Evidence Collection Approach ...............................................

x
Onsite Documented Information Review .............................................................................................. 64

Mock Onsite audit ..................................................................................................................................... 65
Interviewing ............................................................................................................................................... 66
Why Interviewing? .................................................................................................................................... 66
Effective Interviewing Tips ...................................................................................................................... 67
Interview Considerations ......................................................................................................................... 67
Exercise 11 .............................................................................................................................................. 68
Observations .......................................................................................................................................... 69
Exercise 12 .............................................................................................................................................. 70
Audit Trail .................................................................................................................................................. 71
Exercise 13 .............................................................................................................................................. 72
Communication During the audit .......................................................................................................... 73
Between Lead Auditor and Auditee ....................................................................................................... 73
Between Lead Auditor and team ............................................................................................................ 73
Quiz 8 ...................................................................................................................................................... 73
Audit Findings ........................................................................................................................................... 75
Non- Conformity ................................................................................................................................... 76
Grading Non-Conformities ...................................................................................................................... 76
Major Non- Conformity........................................................................................................................ 76
Minor Non- Conformity ....................................................................................................................... 76
Observation/ Improvement Opportunity ............................................................................................. 77
Non-Conformity Statement Features ................................................................................................. 77
Exercise 14 .............................................................................................................................................. 78
Audit Report Preparation ........................................................................................................................ 79
Audit Report Distribution ........................................................................................................................ 80
Exercise 15 .............................................................................................................................................. 81
Closing Meeting......................................................................................................................................... 82
Who should attend? .................................................................................................................................. 82
Agenda of Closing Meeting ..................................................................................................................... 82
Exercise 16 .............................................................................................................................................. 83
Corrective Action Programme & Follow up ......................................................................................... 84
Exercise 17 ..................................................................................................

xi
Outcome of Stage 2 Audit ........................................................................................................................ 85

Occupational Health & Safety Management System Manual .......................................................... 101
4 Context of the organization ................................................................................................................ 101
4.1 Understanding the organization and its context .......................................................................... 101
4.2 Understanding the needs and expectations of workers and other interested parties ............. 101
4.3 Determining the scope of the OH&S management system......................................................... 102
4.4 OH&S management system ............................................................................................................. 102
5 Leadership and worker participation................................................................................................ 103
5.1 Leadership and commitment........................................................................................................... 103
5.2 OH&S policy ...................................................................................................................................... 103
5.3 Organizational roles, responsibilities and authorities ................................................................. 103
5.4 Consultation and participation of workers ................................................................................... 104
6 Planning ................................................................................................................................................. 105
6.1 Actions to address risks and opportunities ................................................................................... 105
6.1.1 General ......................................................................................................................................... 105
6.1.2 Hazard identification and assessment of risks and opportunities ...................................... 106
6.1.2.1 Hazard identification .............................................................................................................. 106
6.1.3 Determination of legal requirements and other requirements ............................................ 106
6.1.4 Planning action ........................................................................................................................... 106
6.2 OH&S objectives and planning to achieve them .......................................................................... 107
6.2.1 OH&S objectives ......................................................................................................................... 107
7 Support .................................................................................................................................................. 107
7.1 Resources ............................................................................................................................................ 107
7.2 Competence ........................................................................................................................................ 108
7.3 Awareness .......................................................................................................................................... 108
7.4 Communication ................................................................................................................................. 108
7.4.1 General ......................................................................................................................................... 108
7.5 Documented information ................................................................................................................. 108
7.5.1 General ......................................................................................................................................... 108
8 Operation ............................................................................................................................................... 109
8.1 Operational planning and control .................................................................................................. 109
8.1.1 General ...............................................................................................

xii
8.2 Emergency preparedness and response......................................................................................... 109

9 Performance evaluation....................................................................................................................... 110
9.1 Monitoring, measurement, analysis and performance evaluation ............................................ 110
9.1.1 General ......................................................................................................................................... 110
9.1.2 Evaluation of compliance .......................................................................................................... 110
9.2 Internal audit...................................................................................................................................... 110
9.2.1 General ......................................................................................................................................... 110
9.3 Management review ......................................................................................................................... 110
10 Improvement....................................................................................................................................... 111
10.1 General .............................................................................................................................................. 111
10.2 Incident, nonconformity and corrective action ........................................................................... 111
10.3 Continual improvement ................................................................................................................. 111

1
Recommend prior knowledge: FD127 ISO 45001:2018 Foundation (OHSMS)
Management systems
The Plan, Do, Check, Act (PDCA) cycle

The core elements of a management
system and the interrelationship between
top management
responsibility, policy, objectives, planning,
implementation, measurement, review and
continual
improvement.
• Occupational health and safety management
• The concepts of managing occupational health and safety through hazard
identification, risk assessment and risk control and compliance with legal requirements
and other requirements.
• The relationship between occupational health and safety management and the provision
• of safe and healthy workplaces, the prevention of work-related injury and ill health, and
the proactive improvement of health and safety performance.
• Common examples of relevant national and local OH&S legislation and requirements
ISO 45001
Knowledge of the requirements of ISO 45001 and the commonly used occupational health and
safety management terms and definitions, as given in ISO 45001, which may be gained by
completing a CQI and IRCA Certified ISO 45001:2018 Foundation OHSMS training course or the
equivalent.

2
LEARNING OBJECTIVES
1.1 Briefly describe what delegates will know and be able to do by the end of the course. On
completion, successful delegates will have the knowledge and skills to:
Knowledge
1.1.1 Explain the purpose of an occupational

health and safety management system, of
occupational health and safety management
system standards, of management system audit, of
third-party certification, and the business benefits
of improved performance of the occupational
health and safety management system (see 2.1).
1.1.2 Explain the role of an auditor to plan, conduct, report and follow up an occupational health
and safety management system audit in accordance with ISO 19011 and ISO/IEC 17021, as
appropriate – (see 2.2).
Skills
1.1.3 Plan, conduct, report and follow-up an audit of an occupational health and safety
management system to establish conformity (or otherwise) with ISO 45001, and in accordance
with ISO 19011 and ISO/IEC 17021 where appropriate – (see 2.3).
Continual Assessment
Delegates will be assessed by the trainer(s)

throughout the course. The outputs from the
exercises, interaction and involvement during
discussions and lectures, punctuality and
discipline in the class will be the inputs for
trainer. The trainer may give feedback to the
students for the exercises, class activities, mock
audits and role plays. The overall pass marks for the continuous assessment are 60%. The
student who may not achieve this score will re-attempt the exercises to achieve overall 60%
marks.

3
Final Examination
Delegates will have to appear in a closed book written examination on last day of the course.
There are 4 sections to the exam:
Section 1 (10 marks)
The delegate must score 50% in each section and overall 70% in the written exam.
Delegates who could not achieve the above mentioned score in written exam (but have
otherwise successfully completed the course) shall be allowed to retake the exam (but with
different question paper) within 12 months of the initial exam. The delegates will be provided
with “Certificate of Successful Completion” if they pass both continuous assessment and written
exam. The delegates may apply for CQI and IRCA membership within 3 years after the issuance
date of certificate.
The delegates will be provided with “Certificate of Attendance” if they have failed any of the
assessment component i.e. continuous assessment or written exam.

4
What is Safety?
The absence of risk of personal injury, disease or health problem
What is Health?
Being well at the workplace without the risk of disease or ill health
Quiz 1
Do you think that 100% safety can be achieved at the workplaces? If not, then comment
why?
What is Audit
A systematic, independent and documented process for obtaining audit evidence and
evaluating it objectively to determine the extent to which the audit criteria are fulfilled
Quiz 2
What is difference between an OH&S Management System and ISO 45001:2018 Standard?

5
Occupational Health & Safety Management System
What is a System
A system is a set of processes interlinked with each other to achieve a common goal/
objective. An example will be a courier system of a company. The process is further divided
into activities e.g. process of fee submission may include filling a form, depositing the form
to the bank, taking receipt from the bank and submitting back to the company to complete
one single process
• Activity
• Process
• System
Difference between a procedure and process
Process is defined as the function with a single or more steps to achieve the result. It has
specific inputs and outputs e.g. production of plastic products.
Procedure is the path of the process which is followed to achieve intended results. For same
process results, there can be various procedures. These procedures define the effectiveness
of the process. More complicated and lengthy procedures make same process ineffective.
The Process Approach in OH&S MS
The Process approach in implementation and auditing a management system is used

because a process has a certain inputs and outputs. Thus the efficiency and effectiveness of
the process can be measured, controlled and improved.
(Output/Input)X100= %age efficiency of Process

6
Management System
The arrangements and organizations for managing a system is called Management system
Occupational Health & Safety Management system
Occupational Health and safety management system is a set of inter-related processes

governed by certain documented procedures and managed by professionally competent
people to achieve the OH&S goals as laid down in OH&S policy of the organization. These
OH&S Management systems must be established and measured against criteria.
Quiz 3
Why can’t we have a one fit for all OH&S Management system applicable to all
organizations?

7
Exercise 1
Identify which is NOT the purpose of OH&S Management System from the following list:-
• To reduce the direct and indirect costs associated with accidents

• To reduce the property damage at the workplace
• To record and investigate accidents to keep employees morale high
• To reduce the cost of operational controls by providing PPE’s
• To safeguard the organizations from civil and criminal prosecution
• To improve the business performance of the organization
• To improve the competence regarding OH&S
• To identify the OH&S performance indicators of the organization
• To measure and improve OH&S performance
• To attract competent professionals to join the organization
• To provide full hospital services at the workplace
• To provide compensation to the victim/ family
• To increase the produced products safety

PDCA Cycle
What is PDCA Cycle
PDCA stands for Plan, Do, Check and Act. It is highly effective tool for improving OH&S
MS performance.
How PDCA Cycle can be applied
A process or activity is planned. Once it is

implemented, data is collected if it went as
planned. If there has been lesser efficiency than
planned, then the reasons are identified and
reviewed to be addressed. Similarly, once this
PDCA cycle is repeated over and over again then
the waste from activity/ process is eliminated and
they become highly effective
Why PDCA Cycle
PDCA cycle, if implemented in true spirit, will eliminate the waste (efforts, motion, time,
resources etc.) from the activity or process. This will result into an effective and efficient
activity or processes. Once all activities and processes are applied with PDCA cycle then the
whole system becomes efficient. And it is never ending process. The system gets on
improving continuously. The basic theme of this model is learning lessons from mistakes
and taking measures not to repeat those mistakes.
9
PDCA Cycle & ISO 45001:2018
Processes involved in Improving OH&S MS Performance

10
There are certain processes involved in improving the OH&S MS performance for an
organization. It is noteworthy that PDCA model can be applied on any or all of these
processes separately to improve its performance which subsequently will increase the
overall performance of OH&S MS of the organization. However, for effectiveness of OH&S
MS, all these processes should be incorporated in OH&S MS in the order they have been
mentioned below:-
1- Establishing OH&S MS
• Criteria against which OH&S MS is established e.g. ISO 45001:2018 etc.

• Scope for which the OH&S MS will be implemented e.g. a site or a product etc.
• OH&S Policy (to show the organizations’ commitment towards OH&S )
• Nature & Scale of the Organization (To ensure resources accordingly)
• Infrastructure available for planned OH&S MS
• Competence of Managers & Directors regarding OH&S MS deliverables
• Involvement and Participation of Employees/ Stake holders
• Top Management Commitment & Resource Provision
2- Implementing & Operating OH&S MS
• Involvement & Participation of employees in implementation of OH&S MS e.g.

understanding their role in overall OH&S MS
• Training need assessment to establish the required training for the workforce to
achieve desired objectives of OH&S MS
• Imparting necessary training so that employees at all level could contribute towards
OH&S MS performance
• Competence of Managers and Directors to ensure the resources are not wasted and
optimum use of resources to achieve maximum OH&S MS performance
• Top Management Commitment in terms of resource provisioning for OH&S MS
• Consistency in efforts by employees at all level
• Arrangements in terms of effective procedures and their understanding by all

11
3- Processes involved in Monitoring & Measuring OH&S MS
• Key processes identified in the organization which could affect the performance of
OH&S MS
• Performance indicators for these processes have been established
• Monitoring and/or Measuring Criteria have been defined for these key processes
• Inspection & Internal Audit system in place to ensure the monitoring and measuring
system is performing its intended function and overall OH&S MS performance is
going as planned
• Competency of personnel involved in monitoring measuring and auditing to ensure
effectiveness of whole process
• Resources in terms of measuring and monitoring equipment have been provided
along with necessary competent human resources
• Risks assessed for all the key processes and effective control measures are in place to
deal with the risks
4- Analyzing and Evaluating OH&S MS
Monitoring and measuring results are input for analyzing and evaluation process.
Analyzing is carried out to identify any trends and patterns in a specific measurement or
monitoring results. On the basis of analysis of data, evaluation is carried out to ensure if the
trends and patterns (e.g. complaints against a single product or services, or non-
conformities in a process etc.) are worth taking corrective measures or a change in OH&S
MS. Analyzing and evaluating involves-
• Feedback and complaints are available in sufficient quantity for analysis
• Feedback from interested parties
• Compliance with legal and other requirements
• Output from monitoring and measuring of OH&S MS processes
• Performance of external audits
• Processes identified with Opportunity for Improvement

12
5- Reviewing, Maintaining and Improving OH&S MS
Analysis and evaluation serves as input for reviewing maintaining and/ or improving a
OH&S MS. The processes involved are:-
• Reviewing authorities assigned at each functional level
• Reviewing authority at organizational level
• Quantity and Quality of inputs available for Review decision
• Involvement and participation of employees and stakeholders
• Cost implications of the changes
• Organizational readiness for prospective improvements/ changes

13
Quiz 4
Why do organizations need to review their OH&S management system once the
measuring/ checking and corrective actions are already being taken?
Exercise 2
Outline the various indicators through which the organizations can assess their OH&S
Performance?
Exercise 3
Decrease in number of OH&S related incident in an organization does not guaranty the
improvement of OH&S Management system. Discuss why?

14
Audit Terminologies (Flip Chart Game)

Write the definitions of following in your own wording
Organization
Interested party
Stakeholder
Worker
Participation
Consultation

15
Workplace
Contractor
Requirement
Legal requirements and other requirements
Management system
Occupational health and safety management system

16
OH&S management system
Top management
Policy
Occupational health and safety policy
OH&S policy
Objective

17
Occupational health and safety objective
Injury and ill health
Hazard
Risk
OH&S risk
Occupational health and safety opportunity

18
Competence
Documented information
Process
Procedure
Performance
Occupational health and safety performance

19
Outsource
Monitoring
Measurement
Audit
Conformity
Nonconformity

20
Incident
Corrective action
Continual improvement

21
Benefits of Documented Information for OH&S MS

• Consistency across the organization
• No duplication of efforts
• Lesser documentation work
• Records for future data analysis purpose
• Less reliance on experience
• Increase organizational knowledge
• Traceability of products and services
• Ease of identification and retrieval

22
Requirements for OH&S MS Documented Information
• Required Documented information for OH&S MS against the criteria

requirements
• Adequacy and sufficiency of documented information
• Identification and traceability of documented information
• Protection, Security, Storage and retrieval
• Access to authorized persons only
• External Documents identified and maintained as documented information
• Provision for issue, update, review and/or revise and responsibilities assigned
• Retention period for each type of record
• Legible

23
Quiz 5
Can an ISO 45001:2018 certified organization mention its certification on the products?
If not, explain why?

24
Sources for Hazard Identifications
• Manufacturer Safety Data Sheet (MSDS) of the product provided by the

manufacturer
• Previous knowledge about the hazard and the risk
• Working experience in a similar environment and have managed risk
• Accident history
• Ill health records
• Equipment/ Machines’ Manuals
• Regulatory Bodies website for updated information about hazards and the level
of their severity etc.
• Industry Journals
• Benchmarking other industries; how they identify and manage the risks
• Research Articles

25
Hierarchy of Risk Control

1. Eliminate the hazard
2. Substitute/ reduce the hazard
3. Apply Engineering Controls
4. Apply administrative controls
5. Personal Protective Equipment (PPE’s)
Exercise 3
Think of any workplace and identify any significant hazard. Apply principle of risk
assessment and identify suitable measures accordingly. Also discuss the repercussions
with the suggested changes

26
Quiz 6
Outline why PPE’s are the last resort in controlling the risk?

27
Exercise 4
In a number of hazards explained below, suggest suitable control measure against each
Hazard Control Measure

A construction worker standing at 50 ft height on
a platform without a guard rail
A worker is moving cement bags (50Kg each) from
1st floor to 3rd floor placing them on his back
A worker is demolishing a concrete structure with

hammer
An organization is involved in overhead welding

projects
Nursing staff taking blood samples from the

patients
Movement of forklift truck in a warehouse where

workers are also performing storage and retrieval

28
Risk Assessment Process
• Identify the hazards

• Identify the people who might be harmed
• Evaluate the risk and suggest suitable control measures
• Record the findings and implement changes
• Review Risk assessment as necessary

29
Exercise 5
Identify a range of hazards you see at your workplaces and around your daily life. Also briefly
explain the risk associated with each hazard

30
Types of Audits
• First Party (Internal Audits) 1P

• Second Party (External Audits) 2P
• Third Party (External Audits) 3P
Difference amongst Types of Audits
Type of Suggestion /
Purpose Influence Effectiveness
Audit Consultancy
To measure effectiveness of Depends on Top Yes Effective if
1st Party QMS and to improve the Management Commitment backed by Top
competence in-house Management
To gain business / certification Least Influence on Depends On Highly Effective
2nd Party
from a client Auditors Client
Auditors are independent
3rd Party
To gain 3rd party certification in their decision makings Not Allowed Effective

31
Benefits of 3rd Party Accredited Certification
• Marketing Advantage
• Capturing overseas markets
• Gains customers trust and loyalty
• Value addition in the OH&S MS
• Legal & Other requirements are fulfilled
• 2nd Party audits may be exempted from clients
The Audit Process: 3rd Party
• Audit Request by Auditee

• CB seeks Scope, criteria, profile from auditee
• Feasibility for audit is assessed by CB
• Agreement between Auditee and CB
• Planning for Audit by CB i.e. Selection of Auditors team etc.
• Optional onsite visit by the Lead Auditor
• OH&S MS Documented Information sought for Document review
• Seek Corrective Actions from the Auditee
• Is Desktop Audit Successful?
• Onsite Audit Plan
• Onsite Audit
• Audit Findings
• Audit Report
• Closing Meeting
• Corrective Action Program and Follow up
• Lead Auditor’s recommendation to CB

32

33
Audit Request by Auditee
• Reason for getting audited

• Choice of Certification body
Review of Request by CB
• Scope of Audit
• Criteria for Audit e.g. ISO 45001:2018
• Audit objectives
• Geographical Spread
• Location/s
• Number of personnel in the organization
• Complexity of Processes
• Applicable Legal requirements
• Security Issues
• Audit Language
• Customer worth in terms of Marketing benefits
• Returning customer e.g. re-certification audit
• Financial Benefits
• Previous experience of working with same client (if applicable)
• Availability of Auditors/ technical experts
Outcome of Review
• Price proposal provided by CB and on acceptance of price proposal, an agreement
between client and CB is documented
• Number of Auditors estimated
• Addition of relevant technical experts is looked into
• Inclusion of Language translators (If required)
• Competencies of Auditors for relevant industry is ensured
• Planning for Onsite visit (Optional)
• Planning for document review
• Planning for onsite audit

34
Audit Man-Days requirement: IAF Guideline

35
Exercise 6
The profile of Proftech Machining Services (PMS) PMS-Profile-1 and PMS Audit
Programme Form F-9.2-OA have been given as at page (88 and 166 to the book). Please
review both documents and assess the requirements for audit in terms of selection of
auditors and their competencies, technical experts, number of audit man-days.

36
Onsite Visit before Desktop Audit
• Optional (Depends on Client Auditee requirement or Lead Auditor may ask for
an optional onsite visit)
• To assess the overall organizational OH&S culture
• To estimate the complexity of processes
• Organizations readiness for the audit
• To have an idea about the way processes are being carried out
• To estimate the extent of documented information
Desktop Review of OH&S MS
Reasons for Document Review
• To ensure the OH&S MS has been established and documented

• To as per the nature, scale and complexity of the processes of the organization
• To establish the onsite audit sampling plan on the basis of document review
• To prepare the checklists on the basis of document review
• To prepare an audit plan for onsite audit
Document Review Process
• What to look for?

• Compliance with the criteria in terms of adequacy and sufficiency
• Provisions for review and continual improvements
• Documents identification and traceability

37
Docment Review Outcome

38
Desktop Audit Report
• Non-Conformities (Require corrective actions by auditee organization before

proceeding to next step)
• Observations / Improvement Opportunities (Not non-conformity but an
alarming situation i.e. a potential non-conformity. Not a binding on the auditee to
take corrective actions but will be helpful for them if addressed)
• Some issues highlighted in desktop audit may be verified by onsite documented
information review/ interview and only then it can be concluded if the issue is a
non-conformity or else
• Now you have to carry out a desktop Audit for Proftech Machining Services
(PMS) to assess its OH&S MS and prepare desktop audit report
• Ref Doc: PMS OH&S MS Documents for Desktop Audit (Pg 88-172 of delegate
book), ISO 45001:2018 Standard

39

40
Sampling
Why Sampling
The sampling is carried out in objective

evidence collection because 100% audit
may not be practically possible due to
limitation of time.
Risk of Sampling
As 100% audit has not been carried out

therefore, there is a risk of uncertainty in
audit findings. The risk is inherent with sampling. However, the risk can be minimized with
efficient sampling selection but it cannot be completely eliminated
How Sampling is carried out
o Key processes of the organizations are selected as sample for audits

o Observations raised during desktop audit
o Corrective actions of NCR raised during desktop audit
o Indicators of continual improvement for OH&S MS of an organization
o Legal and customers’ requirements
o Random selection based on Auditors’ experience

41
Exercise 7
You have performed desktop Audit of PMS. Prepare the sampling data for onsite audit on
Audit Sampling Selection Form SD-001 placed at Pg 171 of this book.

42
• Not necessary but very important tool for auditors

• Ensures auditors stick to plan and due time given to each area
• Ensure sample is balanced to achieve audit objectives
• Saves time
• Clarity of purpose in evidence collection
• Records for future audits
Disadvantages of Checklist
• Requires expertise to develop & use the checklists
• The auditor must be sure/ clear as to what evidence is sought and why?
• Narrows potential observations with limited out the box approach
• Requires situational awareness to use checklist
• Separate checklists needed for each function
• Require analysis and evaluation of results to reach to some conclusion
Guidelines for Preparing Checklists

• Criteria requirements e.g. to confirm ISO 9001:2015 specific clauses
• Organizations’ Documented system
• Benchmarking
• Experience
• Cross referenced with criteria/ OH&S MS clause
• Specific to the process or function
• Result oriented i.e. the output of checklists must be providing clear indication of
conformity or otherwise.

43
Exercise 8
You have performed desktop Audit of PMS and prepared a sampling plan. Now Prepare the
Checklists for onsite Audit of PMS on Checklist Form CL-001 placed at Pg 172 of this book

44
Audit Programme
Arrangements for a set of one or more audits planned for a specific time frame and directed
towards a specific purpose i.e. Audit Objectives
It includes:
o Documented Procedure
o Objectives/ Purpose
o Financial Requirements
o Human Resource Requirements
o Competency Requirements
o Number of inspections, internal and
external audits to be carried out for a specific time frame
Audit Plan
Description of the activities and arrangements for an audit
o It includes:
o Audit Schedule
o Scope
o Criteria
o Audit Method
o Sample Size
o Reporting
method
o Suggestions/ recommendations (if agreed) 1P & 2P
Note: in 3rd Party Auditing, the auditor cannot suggest/ provide consultancy

45
Why Audit Plan
• Pace of the audit activities

• Time frame for the audit
• Depth and breadth of audit
• Work distribution amongst audit team members
• Ensures proper coverage of the organization
• Inculcates lesser risk in audit findings
• Ease of administration/ preparation for auditee
Note: The schedule is part of the audit plan, even if it is a separate document.
Audit Schedule
The allocation of time, date and a name of auditor for each process to be audited is called an
audit schedule.

46
Exercise 9
You have performed desktop Audit of PMS. Prepare the onsite audit plan and schedule on
Audit Plan & schedule Form F.9.2-OB placed at Pg 167-168 of this book

47
Audit Roles
Audit Team Composition & Other roles
• Lead Auditors
• Auditors
• Technical experts
• Translators (If audit language is other than English)
• Observers
• Company Guide
• Top Management of the Auditee Organization
• Client / Client rep
Audit Team Competence
• Management System Knowledge and experience

• Industry specific knowledge e.g. Technical
• Industry specific Legal requirements evaluation skills
• Latest innovations and up-to date knowledge about the industry to be audited
• Personal Attributes and Audit specific skills
• Experience & Expertise to achieve Audit Objectives

48
Audit Principles (Ref ISO 19011:2011)
Integrity
Auditors and the person managing an audit programme should:
• perform their work with honesty, diligence, and responsibility;
• observe and comply with any applicable legal requirements;
• demonstrate their competence while performing their work;
• perform their work in an impartial manner, i.e. remain fair and unbiased in all their
dealings;
• be sensitive to any influences that may be exerted on their judgement while carrying
out an audit.
Fair presentation
It is the obligation to report truthfully and accurately.

Audit findings, audit conclusions and audit reports should reflect truthfully and accurately
the audit activities. Significant obstacles encountered

49
during the audit and unresolved diverging opinions between the audit team and the auditee
should be reported. The communication should be truthful, accurate, objective, timely, clear
and complete.
Due professional care
It is the application of diligence

and judgment in auditing
Auditors should exercise due care
in accordance with the importance
of the task they perform and the
confidence placed in them by the
audit client and other interested
parties. An important factor in
carrying out their work with due professional care is having the ability to make reasoned
judgments in all audit situations.
Confidentiality
It is security of information.
Auditors should exercise discretion in the use and protection of information acquired in the
course of their duties. Audit information should not be used inappropriately for personal gain
by the auditor or the audit client, or in a manner detrimental to the legitimate interests of the
auditee. This concept includes the proper handling of sensitive or
confidential information.
Independence
It is the basis for the

impartiality of the
audit and objectivity of
the audit conclusions.
Auditors should be
independent of the
activity being audited wherever practicable, and should in all
cases act in a manner that is free from bias and conflict of interest. For
internal audits, auditors should be independent from

50
the operating managers of the function being audited.
Auditors should maintain objectivity throughout the audit process to ensure that the audit
findings and conclusions are based only on the audit evidence.
For small organizations, it may not be possible for internal auditors to be fully independent of
the activity being audited, but every effort should be made to remove bias and encourage
objectivity.
Evidence-based approach
It is the rational method for reaching reliable and reproducible audit conclusions in a
systematic audit process.
Audit evidence should be verifiable. It will in general be based on samples of the information
available, since an audit is conducted during a finite period of time and with finite resources.
An appropriate use of sampling should be applied, since this is closely related to the
confidence that can be placed in the audit conclusions.

51
Auditor Personal Attributes

Ref ISO 19011:2011
Auditors should possess the necessary qualities to enable them to act in accordance with the
principles of auditing as described in Clause 4. Auditors should exhibit professional behavior
during the performance of audit activities, including being:
• Ethical, i.e. fair, truthful, sincere, honest and discreet;
• Open-minded, i.e. willing to consider alternative ideas or points of view;
• Diplomatic, i.e. tactful in dealing with people;
• Observant, i.e. actively observing physical surroundings and activities;
• Perceptive, i.e. aware of and able to understand situations;
• Versatile, i.e. able to readily adapt to different situations;
• Tenacious, i.e. persistent and focused on achieving objectives;
• Decisive, i.e. able to reach timely conclusions based on logical reasoning and analysis;
• Self-reliant, i.e. able to act and function independently whilst interacting effectively
with others;
• Acting with fortitude, i.e. able to act responsibly and ethically, even though these
actions may not always be popular and may sometimes result in disagreement or
confrontation;
• open to improvement, i.e. willing to learn from situations, and striving for better audit
results;
• Culturally sensitive, i.e. observant and respectful to the culture of the auditee;
• Collaborative, i.e. effectively interacting with others, including audit team members
and the auditee’s personnel.

52
Auditor Skills
Ref ISO 19011:2011
Audit principles, procedures and methods: knowledge and skills in this area enable the
auditor to apply the appropriate principles, procedures and methods to different audits, and
to ensure that audits are conducted in a consistent and systematic manner. An auditor should
be able to do the following:
• apply audit principles, procedures, and methods;
• plan and organize the work effectively;
• conduct the audit within the agreed time schedule;
• prioritize and focus on matters of significance;
• collect information through effective interviewing, listening, observing and reviewing
documents, records and data;
• understand and consider the experts’ opinions;
• understand the appropriateness and consequences of using sampling techniques for
auditing;
• verify the relevance and accuracy of collected information;
• confirm the sufficiency and appropriateness of audit evidence to support audit findings
and conclusions;
• assess those factors that may affect the reliability of the audit findings and conclusions;
• Use work documents to record audit activities;
• document audit findings and prepare appropriate audit reports;
• maintain the confidentiality and security of information, data, documents and records;
• communicate effectively, orally and in writing (either personally, or through the use of
interpreters and translators);
• understand the types of risks associated with auditing.

53
Management system and reference documents
Knowledge and skills in this area enable the auditor to comprehend the audit scope
and apply audit criteria, and should cover the following:
• Management system standards or other documents used as audit criteria;
• The application of management system standards by the auditee and other
organizations, as appropriate;
• Interaction between the components of the management system;
• recognizing the hierarchy of reference documents;
• Application of the reference documents to different audit situations.
Organizational context:
Knowledge and skills in this area enable the auditor to comprehend the auditee’s
structure, business and management practices, and should cover the following:
• Organizational types, governance, size, structure, functions and relationships;
• General business and management concepts, processes and related terminology,
including planning, budgeting and management of personnel;
• Cultural and social aspects of the auditee.
Applicable legal and contractual requirements and other requirements that apply to
the auditee:
Knowledge and skills in this area enable the auditor to be aware of, and work within,
the organization’s legal and contractual requirements. Knowledge and skills specific to
the jurisdiction or to the auditee’s activities and products should cover the following:
• Laws and regulations and their governing agencies;
• Basic legal terminology;
• Contracting and liability.

54
Audit Method
EXTENT OF INVOLVEMENT LOCATION OF THE AUDITOR
BETWEEN THE
AUDITOR
AND THE AUDITEE
ON-SITE REMOTE
Conducting interviews. Via interactive communication

Completing checklists and means:
questionnaires — conducting interviews;
HUMAN INTERACTION with auditee participation. — completing checklists and
Conducting document review questionnaires;
with auditee participation. — conducting document review
Sampling. With auditee participation.
Conducting document review Conducting document review (e.g.

(e.g. records, data analysis). records, data analysis).
Observation of work performed. Observing work performed via
NO HUMAN INTERACTION Conducting on-site visit. surveillance means, considering
Completing checklists. social and legal
Sampling (e.g. products). requirements.
Analyzing data.

55
Planning for Stage 2 Audit

• Need to plan for stage 2 i.e. onsite audit
• Number and names of auditors decided for onsite audit
• Technical assessors included
• Audit plan prepared and communicated to the auditee and confirmation
received from auditee/ client
• Legal requirements for the organization have been assessed
• History of the organization and public image to ensure their inclusion in
sampling
• Competency of auditors ensured
• Initial contact with auditee by lead auditor to arrange for administrative and
logistic support
• Necessary logistic arrangements
• Health, safety and security arrangements
Planning for visiting the auditee’s location

• Ensure permission and access into any specific area of the organization which is
under audit scope
• Occupational health and safety issues with the processes of the organizations
• Security issues with the location
• Cultural norms
• Emergency Procedures for evacuation
Audit Responsibilities
Audit Client & Auditee
• Not necessary to be the same (e.g. 2nd Party)

• Client is the organization requesting the audit
• Auditee is the organization being audited

56
Quiz 7
Under which circumstances, the client and auditee may be different in a 3rd party
auditing?

57
Role & Responsibilities of Auditee

• Make resources available for the audit programme
• Agreement on Audit Plan & Audit Schedule
• Provide necessary information to Auditors
• Health, Safety and Security issues
• Logistic support
• Administrative support
• Communication within organization of audit plan
• Timely and effective corrective action
Role & Responsibilities of Auditor

• Timely completion of audit as per plan
• Fact based evidence collection
• Efficient sample selection
• Identify NCR having significance
• Professional conduct
• Communication with lead Auditor
• Assist Lead Auditor in Report formulation
Role & Responsibilities of Lead Auditor

• Assist CB in team selection
• Effective desktop audit
• Audit Plan
• Time management

58
• Manage the Audit team

• Ensure OH&S work of other team members
• Professional conduct in diverging opinions
• Communication with the team members & auditee
• Concluding audit
• Grading NCRs
• Formulating Audit report in consultation with team
• Ensure value added auditing
• Closing Meeting
• CA Programme and follow up
Role & Responsibilities of Observer

• Does not take part in conducting audit
• Observe all audit activities with due professionalism
• Be present in opening/ closing and any interim meetings
Role & Responsibilities of Guide

• Guides, appointed by the auditee
• Their responsibilities should include the following:
o Assist the auditors in identifying particular process owners
o Arranging access to specific locations of the auditee
o Ensuring location safety and security procedures
o Witnessing the audit on behalf of the auditee
o Assist Audit team in collecting information

59
Auditor Confidentiality
What is confidentiality
The auditee organization may have

certain confidential processes which
they do not wish to reveal. The
security of such information is the
responsibility of Certification Body
and mainly the responsibility lies
with Lead Auditor who signs an
agreement with the CB as well as
with the Auditee about the confidentiality of information which has been either
provided in form of a document or observed by the auditors during onsite visit.
Significance of Auditor Confidentiality
It nurtures confidence and trust of clients/ auditee on the certification process
Role of Auditor for maintaining confidentiality
Auditors sign agreement with CB and auditee about the confidentiality of information
and are legally bound not to disclose any information to the non-concerned person or
organization.
Outcome if Confidentiality is breached
• Certification Body
If confidentiality is breached, the auditee/ client may take legal action which can
adversely affect the repute of a CB
• Auditor
The auditor may not be hired by any CB in future and legal action may be taken
against the auditor/s

60
• Client/ Auditee
They will lose business competitive edge/ Deterrence and may not trust any CB in
future due to which the whole 3rd party certification system become unreliable
Conduct of Auditors during onsite visit

• Audit team complying with safety and other requirements
• Avoid disrupting operational processes
• Do not touch or manipulate any equipment
• Changes in Audit schedule due to incident of serious nature
• Seek permission for mobile phone use including taking pictures etc.
• Auditee’s confidentiality in all matters must be respected

61

62
Opening Meetings
Who should attend?
• Lead Auditor and all the team members

• Top management of the organization
• Managers and directors of the organization
• Client rep (in case of 2nd party audit)
Note: Minutes of meetings are to be documented for 2nd and 3rd party audits.
Agenda of Opening Meetings

• Confirm the agreement of all parties
• Team introduction
• Ensure that all planned audit activities can be performed.
• Confirmation of the audit objectives, scope and criteria;
• Audit methods
• Communication channels during audit
• Method of reporting audit findings
• Information about the closing meeting
• Confidentiality &
information security
• Audit Language
• Update of Audit
Progress
• Resources availability
• Health and safety
issues
• Any foreseeable risks
• Handling NCRs
• Complaints and appeal

63
Exercise 10
Tutor will make 2 groups. One will act as an auditee (on behalf of PMS) and the other will act as
team of auditors (Lead auditor, auditors and technical experts). Tutor will act as Top
management of PMS. You have to simulate an opening meeting
Objective Evidence Collection

• Documented Information Review
o Procedures & Policies
o Records
• Observation
• Interviews
What is Objective Evidence

• Any Document or record
• Auditor Observation
• Interviewee statement
That may lead the auditor to confirm a conformity or otherwise
Note: Evidence can be both for compliance and non-compliance
Evidence Verification
• Relevant with the criteria

• Sufficient & Accurate to establish a conformity or otherwise
• Fact Based (not based on opinion or preference of auditors)
• Significant (With potential impact on OH&S MS)
• Verifiable
• Audit Trail may be carried out to reach to the conclusion
Evidence Collection Approach

It is the choice of auditors but some auditors chose from bottom and trace them back to the top.
Whereas some auditors chose from top and trace them down to bottom to establish conformity
or otherwise for any process or procedure

64
Onsite Documented Information Review
• Policies and procedures

• Documents of external origin
• Records of compliance
• Any other related OH&S MS document
• Ensure the effective implementation of OH&S MS
• Documents availability at point of use
• Consistency of documented information with nature and type of organization
• Obsolete documents status
• Traceability of documented information

65
Mock Onsite audit
Carry out the onsite audit for documented information Pg 174- 221 of this book. Record the
non-compliances, write down your observations which needed clarification through
observations/ interviews.

66
Interviewing
Why Interviewing?
• Confirm and gauge the understanding of workers
• Top Management Commitment for OH&S MS
• Employees awareness about OH&S MS and their role in OH&S MS performance
• Involvement and participation of employees in OH&S MS
• Subsequent to an observation/ document review for clarification

67
Effective Interviewing Tips

• Put interviewee at ease
• The interviewer must be sure that what evidence will be sought & why
• Open ended questions should be asked to tap response from the interviewee
• Rephrasing the question for better understanding of interviewee
• Create a friendly environment so that interviewee may answer in a better way
• Use of closed ended questions quite wisely so that conclusion can be made
• Do not jump to the conclusions
• Listen carefully and with patience.
• Remain neutral
• Ask relevant questions appropriate to the role of interviewee in OH&S MS
•
Remember: The purpose of Auditing is value addition for the auditee/ Client.
Therefore, the interviewee must be communicated that you are being asked so that your
organization may perform better
Interview Considerations
• Fearful (Organizational issues) The interviewee may get intimidated due to fear
of victimization by top management
• Over enthusiastic
• Language barrier (Interviewee my not understand the question due to language)
• Social and cultural issues (Some people do not want to be interviewed and they
take it as a negative thing for them so they may not respond well)
• Psychological issues (Depression, anxiety or fear)
• Distractions/ interruptions (Noise, interruptions by managers etc.)
Note: The auditor must consider the above mentioned factors before reaching to any
conclusion based on interviews

68
Exercise 11
You have recently carried out the mock onsite audit for documented information. There
were some non-conformities and also some observation which needed clarification from
auditee.
Prepare a questionnaire to satisfy yourself as an auditor for making decision for non-
conformity or otherwise. Tutor will be interviewed by each group

69
Observations
• Very important part of evidence collection

• Auditor judgment is very crucial in observations
• What to observe?
• How processes work
• Compliance with the procedures
• Attitude of workers, managers and top management towards OH&S
• Overall OH&S culture in the organization
• Resources available for OH&S MS

70
Exercise 12
You have observed some scenarios/ actions written in Doc 1B (pg 223). Please assess
the situation and identify objective evidence to ensure if it is a non-conformity or
otherwise. Please mention relevant ISO 45001:2018 Clause/ PMS OH&S MS Doc Ref (As
applicable)

71
Audit Trail
• Not an NC itself at present stage

• Alarming situation which may lead to some non-conformity or otherwise
• Further investigation needed to reach to the conclusion
• Extent of further investigation is decided by the auditors based on the implications

on
• OH&S MS

72
Exercise 13
Please analyze the situations given in Doc 2B (Pg 225 of book) to ensure if there is a non-
conformity or otherwise. Please follow audit trails to confirm

73
Communication During the audit

Between Lead Auditor and Auditee
• To apprise auditee about the audit progress
• For seeking evidences
• To ensure there is no surprise for auditee in closing meetings
• Any concerns of audit team
• Any amendments required in audit plan
Between Lead Auditor and team

• To ensure audit progresses as planned
• To ensure OH&S of work for team
• To seek guidance from Lead Auditor
• Any concerns of audit team

74
Quiz 8
While interview, a person told that there has been no PPE provided before the audit
day. After some time, the interviewee along with his managers comes to you. The
interviewee explains that there was a confusion in understanding the question and the
subject PPE’s have been available for use. As an auditor, what will be your response
and further course of action?

75

76
Audit Findings
Degree to which the organization’s management system conforms to the criteria:-
• The compliance with documented OH&S MS
• Non Compliance
• Non-conformity
o Major Non-conformity
o Minor Non-conformity
• Observations/ Improvement Opportunities
Non- Conformity
Non-fulfillment of a specified requirement of the criteria/ documented OH&S MS
Grading Non-Conformities
Major Non- Conformity
A major non conformity is when:

• There is a absence of a required procedure or total ineffectiveness in
implementation of a procedure
• Ineffectiveness of a key aspect of OH&S Management system
• A number of non conformities against the same procedure
• Significant affect on the OH&S MS
• Credibility of OH&S MS is under question
Minor Non- Conformity
A minor non conformity is when:

• There is a single isolated lapse in the implementation of OH&S MS
• There is no significant affect on the OH&S MS

77
Observation/ Improvement Opportunity

An observation/ IO is raised by the auditor once
• There is a situation with potential non conformity and requires clarification from the
auditee to ensure the effectiveness of OH&S MS
• Observations/ IO’s are although not a binding on Auditee to comply but they really add
value in OH&S MS
Non-Conformity Statement Features
• Self explanatory
• Extent and type of corrective actions required
• Should elicit response from the auditee
• Should be based on evidence and facts
• Should be numbered, dated and signed by the auditee
• Significant for OH&S MS
• Should not be a suggesting itself in statement
• Should not point the name of the persons

78
Exercise 14
Please write non-conformity statements for the scenarios mentioned in Doc 3B (Pg 226
of the book) and grade them into Major/ Minor as applicable

79

80
Audit Report Preparation
• As required in the agreed audit programme

• Non- Conformities have been graded into Major/ Minor
• Audit team agreement on outcome of the audit
• The degree of conformance of OH&S MS with the criteria
• The effectiveness of the OH&S MS
• Highlighting good practices and procedures
• Capability of the management review process
• Overall insight of OH&S MS of the organization
• Audit team and auditee’s Reference
• The dates and locations of the audit
• Any unresolved diverging opinions
• Agreed follow-up action plans
• Statement of the confidential nature of the contents
• Distribution list as agreed
Audit Report Distribution

• Issued within agreed time frame
• If delayed, reasons must be mentioned
• Dated, reviewed and approved, as appropriate
• Distributed as per audit plan

81
Exercise 15
Based on exercises, interviews and case studies during this course (Refer PMS only),
please prepare the audit report including:-
o The Summary Report

o The extent of conformity of Management system
o Identification of positive audit findings
o Number and grading of NCRs
o OH&S MS status in terms of continual improvement

82
Closing Meeting
Who should attend?
• Lead Auditor and all the team members

• Top management of the organization
• Managers and directors of the organization
• Any other concerned whose area has been audited
• Client rep (Where applicable)
Note: Minutes of meetings are to be documented for 2nd and 3rd party audits.
Agenda of Closing Meeting

• Confirmation of sample based Auditing
• The method of reporting
• The process of handling audit findings
• Presentation of the audit findings and conclusions
• Any diverging opinions between Audit team & Auditee
• Right of appeal for auditee
• Audit report availability
Note: First party audits do not require a formal closing meeting. Although the
organization may carry out at their sole discretion

83
Exercise 16
Tutor will make 2 groups. One will act as an auditee (on behalf of PMS) and the other
will act as team of auditors (Lead auditor, auditors and technical experts). Tutor will act
as Top management of PMS. You have to simulate a closing meeting

84
Corrective Action Programme & Follow up

85
Exercise 17
Please go through NCR and CA Forms (pg 214 – 221 of the book) and respond to the
corrective actions taken against the non-conformities in terms of their effectiveness
Outcome of Stage 2 Audit
• Corrective Actions taken by auditee and verified by Lead Auditor
• Audit is closed by Lead Auditor
• Lead Auditor recommendation to CB for issuance of certificate or otherwise (if there

are any pending unresolved issues beyond the stipulated timeframe for corrective
actions or the auditee has made an appeal to CB)

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101
Occupational Health & Safety Management System Manual
Proftech Machining Services (PMS)
4 Context of the organization

4.1 Understanding the organization and its context
The PMS shall determine external and internal issues that are relevant to its purpose
and that affect its ability to achieve the intended outcome(s) of its OH&S management
system. Internal and external issues are documented on Form F-4.1-O
4.2 Understanding the needs and expectations of workers and

other interested parties
The PMS shall determine:
a) The other interested parties, in addition to workers, that are relevant to the
OH&S management system;
b) The relevant needs and expectations (i.e. requirements) of workers and other
interested parties;
c) Which of these needs and expectations are or could become legal requirements
and other requirements.
These needs and expectations are documented on Form F-4.2-O

102
4.3 Determining the scope of the OH&S management system

The PMS shall determine the boundaries and applicability of the OH&S management
system to establish its scope by considering the external and internal issues, taking into
account the requirements of workers and other interested parties and the context of
PMS.
The scope shall be available as documented information on Form F-4.3-O.
4.4 OH&S management system

The PMS shall establish, implement, maintain and continually improve its OH&S
management system, including the processes needed and their interactions, in
accordance with the requirements of ISO 45001:2018.

103
5 Leadership and worker participation
5.1 Leadership and commitment

Top management shall demonstrate
leadership and commitment with respect to
the OH&S management system. The
Management commitment will be evident
from OH&S policy. Leadership and
Management Commitment has also been
documented on Form F-5.1-O
5.2 OH&S policy

The procedure for establishing, reviewing, updating and
continually improving OH&S Policy has been outlined as Doc
5.2 OH&S Policy.
5.3 Organizational roles, responsibilities and

authorities
Top management shall ensure that the responsibilities and
authorities for relevant roles within the OH&S management system are assigned and
communicated at all levels within the

104
organization and maintained as documented information. Workers at each level of the

organization shall assume responsibility for those aspects of OH&S management
system over which they have control.
Top management shall assign the responsibility and authority for:
a) Ensuring that the OH&S management system conforms to the requirements of

this ISO 45001:2018;
b) Reporting on the performance of the OH&S management system to top
management.
5.4 Consultation and participation of workers

The procedure for workers’ consultation and involvement has been outlined as Doc 5.4
Consultation
and participation of workers.

105
6 Planning
6.1 Actions to address risks and opportunities
6.1.1 General
When planning for the OH&S management system, PMS shall consider the internal and
external issues, view of interested parties, the scope of its OH&S management system
and the context in which the PMS operates. PMS shall accordingly take actions and
determine the risks and opportunities that need to be addressed to:
a) Give assurance that the OH&S management system can achieve its intended outcome(s);
b) Prevent, or reduce, undesired effects;
c) Achieve continual improvement.
When determining the risks and opportunities to the OH&S management system and
its intended outcomes that need to be addressed, PMS shall take into account:— hazards
• OH&S risks and other risks

• OH&S opportunities and other opportunities
• Legal requirements and other requirements
PMS, in its planning process, shall determine and assess the risks and opportunities that are
relevant to the intended outcomes of the OH&S management system associated with changes in
the organization, its processes or the OH&S management system. In the case of planned
changes, permanent or temporary, this assessment shall be undertaken before the change is
implemented.

106
The relevant functions of PMS shall maintain documented information on:
• Risks and opportunities;

• The processes and actions needed to determine and address its risks and
opportunities to the extent necessary to have confidence that they are carried out
as planned.
The risks and opportunities will be documented on Form F-6.1.1 and will be retained as
evidence for conformity by relevant work centres.
6.1.2 Hazard identification and assessment of risks and opportunities
6.1.2.1 Hazard identification
The procedure for hazard identification and assessment of risks and opportunities has
been outlined as Doc 6.1.2 HIRA.
6.1.3 Determination of legal requirements and other requirements
The procedure for determination and compliance with legal and other requirements has
been outlined as Doc 6.1.3 Legal & Other Requirements.
6.1.4 Planning action
The PMS shall plan:

a) Actions to:
• Address the risks and opportunities
• Address legal requirements and other requirements
• Prepare for and respond to emergency situations
b) How to:
• Integrate and implement the actions into its OH&S management system
processes or other business processes;
• evaluate the effectiveness of these actions;
PMS shall consider the hierarchy of controls and outputs from the OH&S management
system when planning to take action.

107
When planning its actions, PMS shall consider best practices, technological options, and
financial, operational and business requirements.
6.2 OH&S objectives and planning to achieve them
6.2.1 OH&S objectives
The procedure for establishing OH&S objectives at relevant functions and levels in
order to maintain and continually improve the OH&S management system and OH&S
performance has been outlined as Doc
6.2.1 OH&S Objectives
7 Support
7.1 Resources
The PMS shall determine and provide the resources needed for the establishment,
implementation, maintenance and continual improvement of the OH&S management
system. These requirements will be documented on Resources requirement Form F-7.1-
O.

108
7.2 Competence
The procedure for ensuring competence of personnel has been outlined as Doc 7.2
Competence.
7.3 Awareness
Workers shall be made aware of the following through PMS’ Internal communication
procedure, Daily Morning Toolbox talks, weekly refresher training and awareness
campaigns which will be launched from time to time:
a) The OH&S policy and OH&S objectives and the role of each employee in achieving the
continual improvement in OH&S performance
b) The implications and potential consequences of not conforming to the OH&S
management system requirements by the workers
c) Incidents and the outcomes of investigations those are relevant to them.
d) Hazards, OH&S risks and actions determined that are relevant to them.
e) The ability to remove themselves from work situations that they consider present an
imminent and serious danger to their life or health, as well as the arrangements for
protecting them from undue consequences for doing so.
7.4 Communication
7.4.1 General
The internal and external communication relevant to OH&S management system is

outlined as Doc 7.4 Communication.
7.5 Documented information
7.5.1 General
The procedure for Documented Information has been outlined as Doc 7.5 Control of
Documented Information.

109
8 Operation
8.1 Operational planning and control
8.1.1 General
The procedure for operational planning and control has been outlined as Doc 8.1
Operational Planning
and Control.
8.2 Emergency preparedness and response

The procedure for Emergency Preparedness and response has been outlined as Doc 8.2
Emergency
Preparedness and Response.

110
9 Performance evaluation
9.1 Monitoring, measurement, analysis and performance

evaluation
9.1.1 General
The procedure for Monitoring, measurement, analysis and evaluation of OH&S

performance has been outlined as Doc 9.1.1 Monitoring, measurement, analysis and
evaluation of OH&S performance.
9.1.2 Evaluation of compliance
The procedure for evaluation of compliance has been outlined as Doc 9.1.2 Evaluation
of Compliance.
9.2 Internal audit
9.2.1 General
The procedure for Internal OH&S Auditing has been outlined as Doc 9.2 Internal
Audit.
9.3 Management review

The procedure for Management Review of OH&S performance has been outlined as
Doc 9.3
Management Review.

111
10 Improvement
10.1 General
The organization shall determine opportunities for improvement and implement
necessary actions to achieve the intended outcomes of its OH&S management system.
10.2 Incident, nonconformity and corrective action

The procedure for non-conformities, corrective and preventive action has been outlined as Doc
10.2
Nonconformity and CAPA.
The procedure for incident investigation and reporting has been outlined as Doc 10.2A Incident
investigation and reporting.
10.3 Continual improvement

The PMS shall continually improve the suitability, adequacy and effectiveness of the OH&S
management system, by:
a) enhancing OH&S performance through continually improving the performance of
various processes of OH&S management system as outlined above;
b) promoting a culture that supports an OH&S management system by effective employees
participation, consultation, training and awareness ;
c) promoting the participation of workers in implementing actions for the continual
improvement of the OH&S management system;
d) communicating the relevant results of continual improvement to workers/ workers’
representatives;
e) maintaining and retaining documented information as evidence of continual
improvement.

Delegate Book

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Delegate Book

Uploaded by

Copyright:

Available Formats

i

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

About this book

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

2- Implementing & Operating OH&S MS.......................................................................................... 10

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Occupational health and safety opportunity .................................................................................... 17

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Outcome of Review ................................................................................................................................... 33

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Auditor Personal Attributes .................................................................................................................... 51

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Onsite Documented Information Review .............................................................................................. 64

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Outcome of Stage 2 Audit ........................................................................................................................ 85

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

8.2 Emergency preparedness and response......................................................................................... 109

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Recommend prior knowledge: FD127 ISO 45001:2018 Foundation (OHSMS)

The Plan, Do, Check, Act (PDCA) cycle

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

1.1.1 Explain the purpose of an occupational

Delegates will be assessed by the trainer(s)

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Occupational Health & Safety Management System

Difference between a procedure and process

The Process Approach in OH&S MS

The Process approach in implementation and auditing a management system is used

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Occupational Health & Safety Management system

Occupational Health and safety management system is a set of inter-related processes

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

• To reduce the direct and indirect costs associated with accidents

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

What is PDCA Cycle

How PDCA Cycle can be applied

A process or activity is planned. Once it is

Why PDCA Cycle

PDCA Cycle & ISO 45001:2018

Processes involved in Improving OH&S MS Performance

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

• Criteria against which OH&S MS is established e.g. ISO 45001:2018 etc.

2- Implementing & Operating OH&S MS

• Involvement & Participation of employees in implementation of OH&S MS e.g.

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

3- Processes involved in Monitoring & Measuring OH&S MS

4- Analyzing and Evaluating OH&S MS

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

5- Reviewing, Maintaining and Improving OH&S MS

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Audit Terminologies (Flip Chart Game)

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

Legal requirements and other requirements

Occupational health and safety management system

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0

OH&S management system

Occupational health and safety policy

DBLAC45k1-18 Issue: 5 Feb 18 Rev 0