4.4 OH&S Management System [ISO 45001]

ISO 45001 OH&S Management System

A health and safety management system comprises all policies, objectives, roles, responsibilities accountabilities, codes, standards, communications, processes, procedures, tools, data, and documents that provide a systematic means of ensuring safe operation for a facility by managing the adopted control measures in a comprehensive and integrated manner.


OH&S Management System Structure

The structure of your health and safety management system in support of occupational health and safety should be unique to your organisation. Information may be in paper or electronic form and procedures can be interpreted in whatever method best suits your organisation’s needs, including flow charts, picture diagrams, video imaging, soft copy computer-based procedures etc.

The main consideration is that the documented information can be understood and utilised by the appropriate personnel within your organisation, which in turn provides the control and continual improvement that the Standard requires.

  • Scope of the OH&S Management System
  • Safety policy and objectives
  • Safety accountability of the accountable manager
  • Safety responsibilities of key safety personnel
  • Documentation control procedures
  • Hazard identification and risk management schemes
  • Safety performance monitoring
  • Incident investigation and reporting
  • Emergency response planning
  • Management of change (including organisational changes with regard to safety responsibilities)
  • Safety promotion
  • Training and communication on safety

The size and scope of your organisation will be key factors in determining the system’s structure. It is the responsibility of the auditor to determine compliance with ISO 45001:2018, regardless of how you have put it together.

Process Responsibility Matrix

How Do I Document The OH&S Processes?

Use a Process Responsibility Matrix (included in our OH&S Template) to align the clauses and requirements of ISO 45001:2018 to the processes within your organization.

The process matrix provides a very convenient overview of all the processes that make up your management system and how they relate to, or address the standard.

Defining the sequence and interaction of processes is also a requirement. The process matrix itself can satisfy this requirement.

  1. Management processes form the backbone of the health and safety management system and the business itself
  2. Operation processes are steps that you go through to give the customer what they want, e.g.; from order acceptance to design through to delivery
  3. Support processes do not contribute directly to what the customer wants but do help the key processes to achieve it. Support processes include often human resources, finance, document control, training and facilities maintenance, etc.

A good way to do this is to think about how workflows through your organization. Consider how the inputs and outputs to the key processes flow from one process to the next, what sub-processes might exist within it and how the support processes link in. For now, ignore the standard, in fact put it in a draw and forget it exists. Instead focus on your key processes and how the departments interface with each other.

Certification auditors will expect to see a process model that explains the key processes of the business and how each relates and links to the others. The depth of process explanation may be as detailed as the company chooses but should be based on its customer and applicable regulations or statutory requirements, the nature of its activities and its overall corporate strategy.

The auditor must see evidence that the organization has determined their processes and that the interactions are also defined, all within the OH&S manual. Subsequently, this includes the actual and technical inputs and outputs of the processes to show their inter-relationship.

Process Application

Process Application

Use the Process Application Matrix (included in our OH&S Template) worksheet to assign requirements to relevant functions, processes, departments and teams to show how your organization establishes, implements, maintains and continually improves its health and safety management system, its processes and their interactions, in accordance with the requirements of ISO 45001:2018 Clause 4.4.

The completed Process Responsibility & Process Application workbooks form the basis for programming internal audits as well as becoming a roadmap to the entire health and safety management system that allows internal and external personnel to clearly understand how our organization’s processes fit together by:

  • Identifying the processes needed for the OH&S Management System, including their sequence and interaction
  • Ensuring effective operation and control of the processes, e.g.; defined process requirements, defined roles, required competencies, associated training or guidance material
  • Ensuring inputs and outputs from each of the identified processes, together with assignment of responsibilities and authorities e.g.; process owner, Champions and process users
  • Ensuring effective operation and control of the identified processes, e.g.; process monitoring indicators, process performance indicators, target setting, data collection, performance trends and internal/external audit results
  • Demonstrating arrangements for process governance e.g.; process owner reviews, process councils, dashboards, risks and opportunities relating to the process, resource needs, user training or competency and continual improvement initiatives.

Related Information You Might Find Useful

Next ISO 45001 Clause

Each ISO 45001 Clause Explained

Updated: 23rd February 2022
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard

ISO Checklist

Don’t Try to Manage It All Alone!


Our ISO Auditors and Quality Manager Trainers have been in this industry for years, and since 2002 we’ve been providing thousands of small businesses and large corporations with the tools they need to get certified.

Instead of trying to create everything you need to follow this process from scratch, use ours. We have procedures, templates, checklists, process maps, forms and gap analysis tools to help your documentation without missing a single input or output.

Before you invest all the hours reinventing the wheel, before you spend countless dollars outsourcing the task — try our templates.

Start with expert templates, then make them yours


ISO Procedures