Instant downloadAuditor-writtenSecure Stripe checkout

ISO 45001 Requirements: The Complete Documentation Checklist

An ISO 45001 requirements checklist turns the standard’s clauses into concrete things to have in place before an audit. Because ISO 45001 shares the Harmonised Structure with ISO 9001 and ISO 14001, the checklist covers management-system documents (Clauses 4–10) plus safety-specific records. This ISO 45001 requirements checklist walks through both so your occupational health and safety management system is complete before assessment.

ISO 45001 requirements checklist toolkit templates
A toolkit that turns this ISO 45001 requirements checklist into ready-to-edit files.

Documents vs. records

ISO 45001 asks for documents you create up front (policy, processes, methodology) and records your system generates as it runs (audit results, incident reports, review minutes). One shows intent; the other shows the system is working.

The mandatory documents

  1. Scope of the OH&S management system (4.3)
  2. OH&S policy (5.2)
  3. Roles, responsibilities, and authorities (5.3)
  4. Process for addressing risks and opportunities (6.1.1)
  5. Methodology and criteria for hazard identification and risk assessment (6.1.2)
  6. OH&S objectives and plans to achieve them (6.2)
  7. Emergency preparedness and response process (8.2)

The mandatory records

  • Legal and other requirements (a “legal register”) (6.1.3)
  • Evidence of competence (7.2)
  • Evidence of communications (7.4)
  • Evidence that processes are carried out as planned (8.1)
  • Compliance evaluation results (9.1.2)
  • Internal audit programme and results (9.2)
  • Management review results (9.3)
  • Incidents, nonconformities, and corrective actions (10.2)

Note: ISO 45001 has no “Annex A” or Statement of Applicability — it’s a pure management-system standard. Your exact document set still depends on your activities and hazards; confirm against the current text of ISO 45001:2018.

Skip the blank page.

The ISO 45001 Toolkit includes every document below — policy, hazard and risk assessment templates, legal register, objectives, and procedures — as editable, auditor-written files mapped to ISO 45001:2018.

Get the ISO 45001 Toolkit →

The document that does the heavy lifting

Your hazard identification and risk assessment is the beating heart of the system — it drives your controls, objectives, and much of your operational planning. We cover how to do it well in our guide to hazard identification and risk assessment.

How to work through your ISO 45001 requirements checklist

Work outward from your hazards, not the clause numbers. Map where people could be harmed, then attach the required elements: an OH&S policy and objectives, hazard identification and risk assessment procedures, legal and other requirements, operational controls, emergency preparedness, and the records that prove they run. Worker consultation and participation must be evidenced throughout — it is a defining feature of the standard. The 2018 revision lets you decide how much to document, so keep it proportionate. The standard is published by ISO, and structuring your ISO 45001 requirements checklist around real risks keeps it both auditable and useful.

Frequently asked questions

Does ISO 45001 require a manual?

No — like other modern ISO standards, it doesn’t mandate a single “OH&S manual.” It requires the specific documented information listed above.

How much documentation is enough?

Enough to run the system effectively and demonstrate conformity — proportionate to your size, activities, and risks.

New to the standard? Start with our complete guide to ISO 45001.

Keep the checklist living: hazards change as your work changes, so revisit risk assessments and controls whenever you introduce new tasks, equipment, or sites. And reuse what ISO 9001 or ISO 14001 already give you — document control, internal audit, and management review satisfy the same clauses, shrinking your checklist to the safety-specific additions.

A final tip: don’t over-document. ISO 45001 mandates only a handful of documented items and lets you decide the rest, so a small firm can run a lean, genuinely used system while a large industrial site documents far more. Both satisfy the same ISO 45001 requirements checklist as long as the safety outcomes are real.

Shopping Cart