Incident Reporting & Investigation Procedure Explained [ISO 45001 Procedure]

What Is An Incident Reporting & Investigation Procedure For ISO 45001?

Under clause 10.2 of ISO 45001, companies need to establish, implement and maintain a process for the investigation and reporting of incidents. Taking corrective action, the company can be better equipped to react to future incidents and manage them effectively.

The ISO 45001 Incident Reporting and Investigation Procedure Consists of Six Steps:

  1. Forming an investigation team
  2. Determining the incident statement
  3. Gathering information
  4. analyzing the accumulated evidence
  5. Conducting the root cause analysis
  6. Writing the investigation report


Incident investigation and reporting is a way of notifying management and the governing authority body of any incidents on site. This allows for thorough evaluation and corrective action.


Purpose of The Incident Reporting & Investigation Procedure

The purpose of the Incident Reporting & Investigation Procedure is to outline your organization’s methodology to establishing the processes required for an effective incident and near miss response programme. This will methodically examine all undesired events that have or could have resulted in physical harm to interested parties or result in damage to property.

The intent of any resulting investigation is to establish the facts and circumstances related to the event in order to determine the root-cause and develop remedial action to control the risk.

What Happens Immediately After An Incident?

#1 – The Initial Notification

  • Initial notification must be done immediately
  • Preserve all relevant data, knowledge, and evidence
  • Prepare a preliminary incident report
  • Initiate communication and send preliminary reports telephonically, by email, or in-person

Report checklist

#2 The Preliminary Incident Report

  • Contains initial information compiled about the incident
  • It is sent to management immediately for evaluation
  • Action determination is made by management on how to proceed
  • The report must be sent to the HSE Manager within the specified time frame
  • Depending on the severity and management decision, a full investigation can start

The Incident Severity Evaluation

This evaluation method determines the severity of an incident in terms of damage and impact on the company. Not every incident will require all the steps in the procedure. However, this will be determined in the preliminary report.

Incidents are unplanned and the possibility of them happening is already adding strain on the possible resources they might require. Having to do an investigation will cost the company resources. Because of this, it's critical to use an incident severity evaluation that delivers a decision-making matrix.

Degree Of Personal Injury

  • Minor or major injury
  • Minor injury – painful but non-lethal – bruises or strains
  • Significant injury – disabling/life-threatening – burns, stabs, head injuries

Cost Of Damage To Property

  • The damage cost will determine the level of investigation needed
  • Damage can be minor, requiring maintenance
  • Damage can be rather significant, needing a total replacement
  • The more damage that was done, the higher the level of investigation will be

Environmental Spill Magnitude

  • A spill can also determine the level of investigation needed
  • The nature of the spill will determine the level of investigation
  • Hazardous substances will cause more damage

Cost To The Corporate Image

  • Large companies will want to keep their image clean and will spend money on a thorough investigation where needed.
  • An incident that can damage a company's image will want to be avoided as far as possible.

Consequences Of The Incident

  • The potential consequences related to the incident will determine the level of the investigation.
  • The level of investigation must be equal to the potential risk.

Evaluating - Use An Incident Severity Matrix

  • Used to evaluate the severity level of an incident
  • Determines the impact on the company
  • Justifies the investigation level needed

severity evaluation

Incident Reporting & Investigation Steps

Once the level of investigation needed has been determined, your procedure should follow the following steps:

  1. Form your investigation team
  2. Determine the incident statement
  3. Gather all information
  4. Analyze all gathered evidence
  5. Conduct a root cause analysis
  6. Write your investigation report

To prepare for an incident investigation and subsequent report, you will need several documents. These incident investigation and report forms are part of the system used in trend analysis.

Step #1 – Form an Investigation Team

  • Senior management should make available and allocate sufficient resources to this team.
  • Ensure team leader is qualified to carry out the tasks required
  • Ensure competency of the whole team

Step #2 – Determine Your Incident Statement

  • The investigation team must agree on the document format for the investigation to be carried out.
  • The team is to ensure the incident statement is well formulated and that no information is omitted.
  • The three most critical questions that need to be asked are What happened? What is the immediate consequence? What was the worst-case scenario?

Step #3 - Gather the Information

  • Use a systematic approach to gather information
  • Use a pre-approved incident checklist
  • Address critical questions about safety, tools, conditions, PPE, identified hazards, supervision, and training

Following these questions should always be the following;

  • Witness statements
  • Photographs
  • Measurements
  • Document review

Interviewing Witnesses


  • Comfort and put the witness at ease
  • Explain the reason for your investigation
  • Ask open ended questions
  • Listen to what the witness is saying
  • Take notes of what is being said


  • Interrupt the witness
  • Make the witness feel intimidated
  • Prompt an answer of scenario
  • Ask a leading question
  • Show any emotion
  • Ask yes or no questions

Step #4 – Analyze The Evidence Gathered

The investigating team must now take all gathered information and analyze all evidence presented. The following factors must be considered;

Physical factors

  • The position of equipment used concerning other equipment
  • The condition of the equipment
  • Maintenance history of the equipment
  • Accessibility to the controls
  • Design of the equipment and controls
  • Housekeeping schedule

Human factors

  • Look for psychological factors and precursors before the incident
  • Analyze training, experience, and competence
  • Supervision and management structure
  • Levels of communication

Administrative factors

  • Analyze policies and risk assessment procedures
  • Rules and procedures
  • Equipment certificates
  • Work permits and all other related permits

Step #5 – Conduct Root Cause Analysis

  • Process of identifying all contributing factors
  • Put factors in sequential order.
  • Identify the immediate cause as the causation agent, e.g., exposed wires that caused electrocution.
  • Identify the underlying cause – Incorrect or lack of PPE worn
  • Identify the root cause – Poor maintenance

Step #6 – Write An Investigation Report

The final step in the procedure would be to write the complete report. This report is usually written in great detail after the investigation has been completed should be as follows;

  • Concise, clear, and factual
  • Contain all essential information like date, time, and place of the incident
  • Name of investigator
  • Facts related to the incident, who, what, how, why, and when
  • State the causes, immediate, underlying, and root cause
  • Resources used
  • Result of the incident – injury, death
  • Corrective action
  • Conclusion

man writing document

Documenting Your Response To The Incident

The ISO 45001 guidelines require that all identified risks need to have a documented response protocol in place. These responses need to form part of your OH&S Management System. They need to be audited, reviewed, and regularly updated to stay relevant.

Updated: 23rd February 2022
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard

ISO Checklist

Don’t Try to Manage It All Alone!

Our ISO Auditors and OH&S Trainers have been in this industry for years, and since 2002 we’ve been providing thousands of small businesses and large corporations with the tools they need to get certified.

Instead of trying to create everything you need to follow this process from scratch, use ours. We have procedures, templates, checklists, process maps, forms and gap analysis tools to help you control your documented information without missing a single input or output.

Before you invest all the hours reinventing the wheel, before you spend countless dollars outsourcing the task — try our templates.

ISO 9001
ISO 14001
ISO 45001

Incident Reporting & Investigation Procedure

The purpose of this procedure is to outline your organization’s methodology to establishing the processes required for an effective incident and near miss response programme which methodically examines all undesired events that have or could have resulted in physical harm to interested parties or result in damage to property.

The intent of any resulting investigation is to establish the facts and circumstances related to the event in order to determine the root-cause and develop remedial action to control the risk.


Forms & Reports also included:

  • Incident Reporting & Investigation
  • Process Turtle Diagram
  • Incident Report
  • Incident Investigation Form

>> Free Download - Control of Calibrated Equipment Procedure - this will give you a good idea of what to expect when you purchase the procedure.

>> I'm looking for more Procedures


$19 USD

add to cart

  • Supplied as fully-editable MS Word or Excel files
  • All the templates use styles – making reformatting and rebranding a breeze
  • Immediate download

Pay by Credit Card, Debit Card, PayPal or Apple Pay.
Credit card, PayPal or ApplePay

money back guarantee

We are 100% confident in the quality and contents of our products. Used by thousands of organizations around the world, our templates have been sold online since 2002.

Please read our Money Back Guarantee.


Are The Templates Suitable For You?

Bought by Small Businesses and Large Corporations our templates have been sold online and CD since 2002.

Used by:

  • Small Businesses – dentists, accountants, engineers
  • Large organizations – hospitals, power plants, aircraft manufacturers

The Templates are used by first-timers following our step-by-step, clause-by-clause guidance documents; and experienced Quality Managers wishing to streamline and improve their existing documentation.

The application of our templates and OH&S manuals is scalable and generic; regardless of the size and type of organization. The elements that form the Health and Safety Management System Template are the same.

Five Reasons To Choose Our Templates

1. Our customizable templates save you time and money by offering a streamlined process to create your quality documentation

2. They’ve got everything you need in one simple template

3. Proven to work our templates have helped thousands of businesses big and small achieve certification

4. Documents use styles to make reformatting and rebranding a breeze

5. Our templates are generalizable for any industry or sector. The application of our templates is scalable and generic; regardless of the size and type of organization.


FAQs About Our Templates

Ask Us a Question

More Information


ISO 9001 Client images