9.2 Internal Audit [ISO 45001, with Procedure & Checklist]

What is an ISO 45001 Internal Audit?

Your organization should establish an internal audit programme to cover all requirements of the OH&S standard. In addition, you should ensure that consideration is given to the status and importance of the processes that comprise the audit programme and the results of previous audits.

Contents

Objective evidence should demonstrate information of concerning the effective implementation the audit programme, as well as a sample of audit results.

audit report

Who Should Perform the Internal Audits?

Internal audits are most effective when conducted by persons or departments independent of the functions being audited.

Such audits should provide the accountable executive and senior management with feedback on the status of:

  • Compliance with regulations
  • Compliance with policies, processes and procedures
  • The effectiveness of safety risk controls
  • The effectiveness of corrective actions
  • The effectiveness of the OH&S Management System

Some organizations cannot ensure appropriate independence of an internal audit, in such cases, they should consider engaging external auditors (e.g.; independent auditors or auditors from another organization).

Internal Audit Training

It is critical that due care be taken in selecting staff to perform the role of internal auditor. Individuals who show potential as auditors should be given formal training by a registered training organization. The required level of competence of all internal auditors is maintained via refresher training or, more importantly, active participation in the audit programme.

Apart from having the appropriate training, selected staff should also possess the necessary personal qualities and attributes that enable them to act in accordance with the principles of auditing. It is strongly recommended that the internal auditors widely publish an audit programme, as it will provide a useful planning tool for key stakeholders.

internal audit blackboard planning

9.2.1 General - The Internal Audit Process

The internal audit process itself should cover all facets of preparing for and conducting audits based on a sound audit programme: audit scope, audit criteria, references, definitions, audit schedule, audit performance, follow-up audits, corrective action, audit documentation, audit failure and management review.

The Health and Safety Manager should ensure that internal audits are conducted by staff who do not work in the area being audited. It should be noted that the exchange of internal auditors among different organizations can be a useful process. The exchange of auditors, where possible, can also be used to enhance the value of the audit and the individual auditor’s competencies.

Planning of internal audits should take into account the safety criticality of the processes, the results of previous audits and assessments (from all sources), and the implemented safety risk controls. Internal audits should identify noncompliance with regulations and policies, processes and procedures. They should also identify system deficiencies, lack of effectiveness of safety risk controls and opportunities for improvement.

9.2.2 Internal Audit Programme

Planning of internal audits should take into account the safety criticality of the processes, the results of previous audits and assessments (from all sources), and the implemented safety risk controls. Internal audits should identify noncompliance with regulations and policies, processes and procedures. They should also identify system deficiencies, lack of effectiveness of safety risk controls and opportunities for improvement.

Assessing for compliance and effectiveness are both essential to achieving safety performance. The internal audit process can be used to determine both compliance and effectiveness.

The following questions can be asked to assess compliance and effectiveness of each process or procedure:

Determining Compliance

  • Does the required process or procedure exist?
  • Is the process or procedure documented (inputs, activities, interfaces and outputs defined)?
  • Does the process or procedure meet requirements (criteria)?
  • Is the process or procedure being used?
  • Are all affected personnel following the process or procedure consistently?
  • Are the defined outputs being produced?
  • Has a process or procedure change been documented and implemented?

Assessing Effectiveness

  • Do workers understand the process or procedure?
  • Is the purpose of the process or procedure being achieved consistently?
  • Are the results of the process or procedure what the “customer” asked for?
  • Is the process or procedure regularly reviewed?
  • Is a safety risk assessment conducted when there are changes to the process or procedure?
  • Have process or procedure improvements resulted in the expected benefits?

In addition, internal audits should monitor progress in closing previously identified non-compliances. These should have been addressed through root-cause analysis and the development and implementation of corrective and preventive action plans.

Use an Internal Audit Programme to ensure that the ‘process names’ identified in the Process Matrix & Application form are copied into the internal audit programme.

In conjunction with Top management, the Health and Safety Manager should devise a 10-year Internal Audit Programme. When designing the audit programme, you should ensure that customer feedback, organizational changes, and risks and opportunities are brought into consideration.

The frequency of audits depends on the criticality of each process and the perceived need to audit, but all processes and areas are audited at least once every two years. Critical processes generally interact with the customer directly and are therefore audited annually, or more regularly as required. Develop the 2-year internal audit programme with specific dates and durations of each planned audit.

Workers must be included in the audit process and the development of the audit programme. Retain the audit programme and the audit results as documented information.

You should consider process status in terms of maturity and stability; a more established, proven process will be audited less frequently than a newly implemented or recently modified process and should receive a lower status score. Conversely; processes which are not performing to the planned arrangements, should be assigned a higher status score.

You should consider process importance as the degree of direct impact that process performance has on customer satisfaction; i.e., could the process provide the customer with nonconforming product? Support processes should be given a lower ranking than the manufacturing/service provision processes. In addition, the results of previous audits should be considered too. Processes that have been audited recently that have shown effectiveness and improvement should be audited less frequently.

Foreman checklist document

Using an Internal Audit Checklist

The audit checklist is one of the many tools available from the auditor’s toolbox that helps ensure your audits address the necessary requirements.

The checklist stands as a reference point before, during and after the audit, and will provide the following benefits:

  • Ensures the audit is conducted systematically
  • Promotes audit planning
  • Ensures a consistent audit approach
  • Actively supports your organization’s audit process
  • Provides a repository for notes collected during the audit process
  • Ensures uniformity in the performance of different auditors
  • Provides reference to objective evidence

Use an Internal Audit Checklist that integrates the requirements of ISO 45001:2018 and presents them as questions.

Using this audit checklist to undertake a clause-by-clause audit works very effectively for the initial audits in preparation for implementation, gap analysis or certification. However, once your health and safety management system is implemented, your organization is expected to develop a process approach to its auditing programme.

Use a process audit report (from the internal audit procedure). It requires the auditor to review the inputs, risks, controls, activities, equipment, materials, personnel, and methods of measurement for each process. You can cross-refer the clause references in the process audit report to the internal audit checklist questions.

Use a Template - Don't Try to Do it all Alone!

Our templates will help you to assess the status of your existing health and safety management system and identify process weakness to allow a targeted approach to prioritizing corrective action to drive improvement.

  • Audit checklist metrics dashboard graphically displays status attributes
  • Quickly identify and target system weakness
  • Real time charts display audit result data - ideal for reports or presentations

The dashboard provides fast and reliable access to system and process metrics, precluding the need to know where all performance data is stored, or for having to locate the metrics champion for current data. It also reduces the likelihood that data is lost when metrics owners change or leave the company and reduces the learning curve for new metrics owners.

  • Clearly illuminates under-performing metrics for prompt management attention
  • Provides a unique management ally during internal and external audits
  • Improves meeting efficiency by segregating metrics.

Documented Information

Auditors should not necessarily expect to find a documented internal audit procedure in place. However, they must be able to access documented information confirming the implementation of an audit programme by the organization.

Documented information must also be available to evidence the results of audits.

Related Information You Might Find Useful

Next ISO 45001 Clause

Each ISO 45001 Clause Explained

Updated: 28th April 2022
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard

ISO Checklist

Don’t Try to Manage It All Alone!

Our ISO Auditors and OH&S Trainers have been in this industry for years, and since 2002 we’ve been providing thousands of small businesses and large corporations with the tools they need to get certified.

Instead of trying to create everything you need to follow this process from scratch, use ours. We have procedures, templates, checklists, process maps, forms and gap analysis tools to help you control your documented information without missing a single input or output.

Before you invest all the hours reinventing the wheel, before you spend countless dollars outsourcing the task — try our templates.


  Standard  

Internal Audit Checklist

The Occupational Health and Safety Assessment Series ISO 18001:2007 audit checklist will help ensure your audits address the necessary requirements. It stands as a reference point before, during and after the audit process.

OHSAS 18001 is no longer in date, it has been superseded by ISO 45001 - but this will give you a very good idea of what you will get when you buy an Internal Audit Checklist.

OHSAS 18001:2007

$0 free download

OH&S Internal Auditing Procedure - view sample

The purpose of this procedure is to define your organization’s process for undertaking management system internal audits, process audits, supplier evaluation and legislation audits in order to assess the effectiveness of the application of our health and safety management system and its compliance to ISO 45001:2018.

This procedure also defines the responsibilities for planning and conducting audits, reporting results and retaining associated records. Includes:

  • Internal Auditing Process Activity Map
  • Internal Audit Process Map - view sample
  • Internal Audit Report - view sample
  • Nonconformity & Corrective Action Log
  • Nonconformity & Corrective Action Report
  • Off-site Supplier Self-Assessment
  • On-site Supplier Audit Checklist
  • Process Audit Template

ISO 45001:2018

$19 USD add to cart

OH&S Internal Audit Checklist - view sample

Occupational Health & Safety Management System Compliance Auditing

The audit checklist will help your audits address the necessary requirements. It stands as a reference point before, during and after the audit process and if developed for a specific audit and used correctly will provide the following benefits:

  • Ensures the audit is conducted systematically
  • Promotes audit planning
  • Ensures a consistent audit approach
  • Actively supports your organization’s audit process
  • Provides a repository for notes collected during the audit
  • Ensures uniformity in the performance of different auditors
  • Provides reference to objective evidence

This audit checklist comprises tables of the certifiable (‘shall’) requirements, from Section 4.0 to Section 10.0 of ISO 45001:2018, each required is phrased as a question. This audit checklist may be used for element compliance audits and for process audits.

264 Audit Questions, 48 pages.

4.0 Context of the organization - view sample
5.0 Leadership and Worker Participation
6.0 Planning
7.0 Support
8.0 Operation
9.0 Performance Evaluation
10.0 Improvement

ISO 45001:2018 $39 USD add to cart

OH&S Internal Audit Programme - view sample

  • Track your internal audits
  • All clauses tracked
  • MS Excel
  • Management Processes
  • Operation Processes
  • Support Processes
  • Other Processes
  • 2-year Short-range Audit Programme Schedule
  • 10-year Audit Schedule

Schedule internal audit tasks and develop your internal audit programme by simply entering the start and finish dates of each internal audit. The internal audit programme calculates the duration and creates automated graphs using different colors for the bar-chart cells.

The process matrix provides a very convenient overview of all the processes that make up your management system. Defining the sequence and interaction of processes is also a requirement. This process matrix itself can satisfy this requirement.

ISO 45001:2018 $39 USD add to cart
 

3 Internal Audit Checklists bundle (3 separate)

ISO 9001:2015 Internal Audit Checklist (as above)

and

ISO 14001:2015 Internal Audit Checklist (as above)

and

OH&S 45001:2018 Internal Audit Checklist

ISO 9001:2015
+
ISO 14001:2015
+
ISO 45001:2018

$99 USD

 

$117
-15% discount

add to cart

Integrated Internal Audit Checklist (QMS + EMS) - view sample

The checklist ensures each audit concisely compares the requirements of ISO 9001:2015 and ISO 14001:2015, and your EQMS against actual business practice.

The audit checklist stands as a reference point before, during and after the internal audit process.

386 Audit Questions, 68 pages. MS Word.

- Context of the organization
- Leadership
- Planning
- Support
- Operation
- Performance Evaluation - view sample
- Improvement

ISO 9001:2015,
ISO 14001:2015
integrated.

$69 USD add to cart

Integrated Internal Audit Checklist (QMS + OH&S)

The checklist ensures each audit concisely compares the requirements of ISO 9001:2015 and ISO 45001:2018, and your QOH&S against actual business practice.

The audit checklist stands as a reference point before, during and after the internal audit process.

441 Audit Questions, 26 pages. MS Excel.

- Context of the organization
- Leadership
- Planning
- Support
- Operation
- Performance Evaluation
- Improvement

Audit Data Summary (Automated charting)

ISO 9001:2015,
ISO 45001:2018
integrated.
$69 USD add to cart

Integrated Internal Audit Checklist (EMS + OH&S)

The checklist ensures each audit concisely compares the requirements of ISO 14001:2015 and ISO 45001:2018, and your EOH&S against actual business practice.

The audit checklist stands as a reference point before, during and after the internal audit process.

301 Audit Questions, 19 pages. MS Excel.

- Context of the organization
- Leadership
- Planning
- Support
- Operation
- Performance Evaluation
- Improvement

Audit Data Summary (Automated charting)

ISO 14001:2015,
ISO 45001:2018
integrated.
$69 USD add to cart

Integrated Internal Audit Checklist (QMS + EMS + OH&S) - view sample

The checklist ensures each audit concisely compares the requirements of ISO 9001:2015, ISO 14001:2015 and ISO 45001:2018, and your EHQMS against actual business practice.

The audit checklist stands as a reference point before, during and after the internal audit process.

510 Audit Questions. 28 Pages. MS Excel.

- Context of the organization
- Leadership, Commitment and Worker Participation
- Planning
- Support
- Operation
- Performance Evaluation
- Improvement

Audit data Summary (automated including graphs), showing:
- Compliance per Domain
- Compliance per Standard
- Non-compliance Summary

ISO 9001:2015,
ISO 14001:2015,
ISO 45001:2018
integrated.

$109 USD add to cart

Integrated Internal Audit Template (QMS + EMS)

Everything you need to perform an internal audit for ISO 9001 and ISO 14001 together.

3 Checklists, including Internal Audit Checklist - view sample
5 Procedures - view sample
10 Reports & Forms - view sample
6 Process Maps - view sample
EQMS Internal Audit, Non-Conforming & Corrective Action Tracker - view sample

  • EQMS Audit Checklist - view sample
  • Control of Internal Audits Procedure - view sample
  • Control of Documented Information Procedure
  • Control of Nonconformity & Corrective Action Procedure
  • Control of Management Reviews Procedure
  • Control of Data Analysis Procedure
  • Corrective Action Report
  • Internal Audit Feedback Form
  • Internal Audit Report - view sample
  • Non-conformance Report
  • Management Review Agenda & Minutes
  • Control of Internal Audits Process Activity Map
  • Internal Audit Process Map - view sample
  • Control of nonconformity & Corrective Action Process Activity Map
  • Nonconformity & Corrective Action Process Map
  • Control of Management Reviews Process Activity Map
  • Management Review Process Map
  • Control of Data Analysis Process Activity Map
  • EQMS Data Points Process Map
  • Audit, NC & CA Tracker - view sample

Plus:

  • EQMS Internal Audit Guidance
  • EQMS Documented Information Guidance

Please note - this is for Internal Auditing. If you are looking for a complete EQMS please click here.

ISO 9001:2015,
ISO 14001:2015
integrated.

$199 USD

add to cart

Integrated Internal Audit Template (QMS + EMS + OH&S)

Everything you need to perform an internal audit for ISO 9001, ISO 14001 and ISO 45001 together.

3 Checklists, including Integrated Internal Audit Checklist - view sample
1 Integrated internal Audit Programme - view sample
6 Procedures - view sample
10 Reports - view sample

  • EHQMS Integrated Audit Checklist - view sample
  • Process Audit Checklist
  • Supplier Audit Checklist
  • Internal Audit Program - view sample
  • Documented Information Procedure
  • Nonconformity & Corrective Action Procedure
  • Data Analysis & Evaluation Procedure
  • Internal Audits Procedure - view sample
  • Management Reviews Procedure
  • Continual Improvement Procedure
  • Nonconformity Report
  • Concession Request
  • Concession Request Log
  • Internal Audit Report
  • Internal Audit Assignment
  • Internal Audit Feedback
  • Management Review Agenda & Minutes
  • Corrective Action Report
  • Improvement Activity Form
  • Process Effectiveness Assessment Form
  • Documented Information Process Turtle Diagram
  • Documented Information Process Map
  • Nonconformity & Corrective Action Process Turtle Diagram
  • Nonconformity & Corrective Action Process Map
  • Data Analysis & Evaluation Process Turtle Diagram
  • EHQMS Data Points Process Map
  • Internal Audits Process Turtle Diagram
  • Internal Audit Process Map
  • Management Review Process Turtle Diagram
  • Management Review Process Map
  • Continual Improvement Process Turtle Diagram
  • Improvement Worksheet
  • Process Matrix & Application
  • Corrective Action Log

Plus Audit data Summary (including automated graphs), showing:

  • Compliance per Domain
  • Compliance per Standard
  • Non-compliance Summary

Plus:

  • Integrated Clause-by-clause Guidance
  • Internal Audit Guidance

Please note - this is for Internal Auditing. If you are looking for a complete EHQMS please click here.

ISO 9001:2015,
ISO 14001:2015,
ISO 45001:2018
integrated.
$249 USD add to cart
  • Supplied as fully-editable MS Word or Excel files
  • All the templates use styles – making reformatting and rebranding a breeze
  • Immediate download

Pay by Credit Card, Debit Card, PayPal or Apple Pay.
Credit card, PayPal or ApplePay

money back guarantee


We are 100% confident in the quality and contents of our products. Used by thousands of organizations around the world, our templates have been sold online since 2002.

Please read our Money Back Guarantee.

 

Are The Templates Suitable For You?

Bought by Small Businesses and Large Corporations our templates have been sold online and CD since 2002.

Used by:

  • Small Businesses – dentists, accountants, engineers
  • Large organizations – hospitals, power plants, aircraft manufacturers

The Templates are used by first timers following our step-by-step, clause-by-clause guidance documents; and experienced Quality Managers wishing to streamline and improve their existing documentation.

The application of our templates and OH&S manuals is scalable and generic; regardless of the size and type of organization. The elements that form the Health and Safety Management System Template are the same.

Five Reasons To Choose Our Templates

1. Our customizable templates save you time and money by offering a streamlined process to create your quality documentation

2. They’ve got everything you need in one simple template

3. Proven to work our templates have helped thousands of businesses big and small achieve certification

4. Documents use styles to make reformatting and rebranding a breeze

5. Our templates are generalizable for any industry or sector. The application of our templates is scalable and generic; regardless of the size and type of organization.

 

FAQs About Our Templates

Ask Us a Question

More Information

 

ISO 9001 Client images