ISO 45001:2018 – Clause 7.5: Documented Information

Compliance Management, ISO Standards, Management Systems, Occupational Health & Safety

ISO 45001:2018, the Occupational Health and Safety Management System standard was published in early March 2018. This is the eighteenth in a series of blogs, in which we describe what the implementing company must do in order to meet the requirement of the standard. We will now look at clause 7.5: Documented information.

ISO 45001:2018 – Clause 7.5: Documented Information

ISO 45001
Clause 7.5.1: General

It is important for top management to ensure that the OHSMS processes are carried out as planned and the desired results are achieved. Capturing key pieces of information in documented form can assist in this effort. Documenting how the system works helps personnel responsible for its implementation understand what they need to do and how to do it. Where a number of people are performing a process, documenting the steps can ensure consistency in the results. Documenting decisions made, OHSMS activities performed and the resulting outcomes provides evidence to demonstrate conformity to requirements and the effective implementation of the OH&S management system.

Mandatory documents include the documented information required by ISO 45001 and additional information identified by the organisation as necessary for the effective operation of its OH&S management system.

The extent of documented information for an OH&S management system can differ from one organisation to another due to:

  • The size of the organisation and the type of activities, processes, products or services it is engaged in;
  • The need to demonstrate fulfilment of legal and other requirements;
  • The complexity of the organisation’s processes and how they interact;
  • The competence of workers.

ISO 45001 has moved from prescriptive requirements for specific ‘documents’ and ‘records’ towards the more inclusive term ‘documented information’. This allows the organisation to customise its occupational health and safety documentation to better reflect its particular circumstances. There are now basically two types of documented information; “living” documents that describe how things are done within the OHSMS, and “static” records that reflect results of some activity at a particular point in time. Whether in electronic or paper format, the correct and current versions of living documents, be they procedures, work instructions, process maps, plans or programmes, need to be available to those who use them. This requires the organisation to have a process to create these documents and control their revision. Records of results need to be created, reviewed, and retained for a period of time.

The organisation should attempt to keep the complexity of the documented information at the minimum level necessary to ensure contemporaneous effectiveness, efficiency and simplicity. It should be noted that an Occupational Health and Safety Manual is no longer required by ISO 45001, but most organisations are likely to persevere with it as an integral part of their OH&S management system

Clause 7.5.2: Creating and Updating

When creating and updating documented information, the organisation must ensure appropriate:

  • Identification and description (e.g. a title, date, author or reference number);
  • Format (e.g. language, software version, graphics) and media (e.g. paper, electronic);
  • Review and approval for suitability, adequacy and effectiveness.
Clause 7.5.3: Control of Documented Information

The organisation is required to control documented information in order to ensure that it is available where needed and that it is suitable for use. It must also be adequately protected against improper use, loss of integrity and loss of confidentiality.

With reference to documented information the organisation must make decisions on its:

  • Distribution, access, retrieval and use;
  • Storage and preservation;
  • Control of any changes;
  • Retention and disposal.

The organisation is also required to identify any documented information of external origin that is considered essential for the planning and operation of its OH&S management system and ensure that it is controlled.

All of the controls described are primarily aimed at preventing unintended use of obsolete documented information.

Health & Safety , ISO 45001 , Occupational Health & Safety , OHS , OHSAS 18001 , OHSMS
Related Posts
UK and Ireland: COVID-19 Legislation and Guidance Update The Covid-19 Emergency in Europe UK and Ireland: COVID-19 – What the legislation and guidance is saying? Ergonomics – Importance in the Workplace and Employer’s Responsibilities Legislation Update Ireland: New Ionising Radiation Regulations 2019 Revised Code of Practice for Access and Working Scaffolds Improving Worker Consultation & Participation – ISO 45001:2018 The Safety, Health & Welfare at Work (Chemical Agents) Regulations 2001: Changes & Impacts Practical Ways of Demonstrating Top Management Involvement in ISO 45001 for OH&S Management System The Safety, Health and Welfare at Work (Electromagnetic Fields) Regulations
Request a Demo  
Request a Demo

See Pegasus in action

The best way to understand what Pegasus can do for you, is to see it in action. Request a demo and one of our consultants will set-up a quick online tailored demo to run through the relevant aspects of the service.
  • This form collects your details above so we can contact you back in relation to your enquiry. Please see our privacy policy for more information.