Home

Standards

 

 
 

  ISO 9001:2000 (Quality Management System)

  1.0 Scope

  1.1 General

This International standard specifies requirements for a quality management system where an organization

  1. needs to demonstrate its ability to consistently provide product that meets customer and applicable regulatory requirements

  2. aims to enhance customer satisfaction through the effective application of the system, including processes for continual improvement of the system and the assurance of conformity to customer and applicable regulatory requirements

NOTE : In this International Standard, the term “Product” applies only to the product intended for, or required by, a customer.

  1.2 Application

All requirements of this International Standard are generic and are intended to be applicable to all organizations, regardless of type, size and product provided.

Where any requirement(s) of this International Standard cannot be applied due to the nature of an organization and its product, this can be considered for exclusion.

Where exclusions are made, claims of conformity to this International Standard are not acceptable unless these exclusions are limited to requirements within clause 7, and such exclusions do not affect the organization’s ability, or responsibility, to provide product that meets customer and applicable regulatory requirements

  2.0 Normative Reference

The following normative document contains provisions which, through reference in this text, constitute provisions of this International Standard. For dated references, subsequent amendments to, or revisions of, any of these publications do not apply. However, parties to agreements based on this International Standard are encouraged to investigate the possibility of applying the most recent edition of the normative document indicated below. For undated references, the latest edition of the normative document referred to applies. Members of ISO and IEC maintain registers of currently valid International Standard.

ISO 9000 : 2000, Quality management systems – Fundamentals and vocabulary.

  3.0 Terms and Definitions

For the purposes of this International Standard, the terms and definitions given in ISO 9000 apply.

The following terms, used in this edition of ISO 9001 to describe the supply chain, have been changed to reflect the vocabulary currently used:

Supplier                           Organization                            Customer

The term “Organization” replaces the term “Supplier” used in ISO 9001 : 1994, and refers to the unit to which this International Standard applies. Also, the term “Supplier” now replaces the term “Subcontractor”.

Throughout the text of this International Standard, wherever the term “product” occurs, it can also mean “services”.

  4.0 Quality Management System

  4.1 General Requirements

The organization shall established, document, implement and maintained a quality management system and continually improve its effectiveness in accordance with the requirements of this International Standard.

  1. The organization shall identify the processes needed for the quality management system and their application throughout the organization

  2. Determine the sequence and interaction of these processes

  3. Determine criteria and methods needed to ensure that both the operation and control of these processes are effective

  4. Ensure the availability of resources and information necessary to support the operation and monitoring of these processes

  5. Monitor, measure and analyses these processes

  6. Implement actions necessary to achieve the planned result and continual improvement of these processes.

These processes shall be managed by the organization in accordance with the requirements of this International Standard.

Where an organization choose to outsource any process that affect product conformity with requirements, the organization shall ensure control over such processes. Control over such processes shall be identified within the quality management system.

  4.2 Documentation Requirements

  4.2.1 General

The quality management system documentation shall include

  1. documented statements of a quality policy and quality objectives

  2. a quality manual

  3. documented procedures required by this International

  4. documents needed by the organization to ensure the effective planning, operation and control of its processes

  5. records required by this International Standard. ( See 4.2.4 )

NOTE 1 : Where the term “documented procedure” appears within this International Standard, this means that the procedure established, documented, implemented and maintained.

NOTE 2 : The extent of the quality management system documentation can differ from the organization to another due to :

  1. the size of organization and type of activities

  2. the complexity of processes and their interactions

  3. the competence of personnel

NOTE 3 : The documentation can be in any form or type of medium

  4.2.2 Quality Manual

The organization shall established and maintained a quality manual that includes

  1. the scope of the quality management system, including details of and justification for any exclusions

  2. the documented procedures established for the quality management system, or reference to them

  3. a description of the interaction between the processes of the quality management system.

  4.2.3 Control of Documents

Documents required by the quality management system shall be controlled. Records are a special type of documents and shall be controlled according to the requirements given in. A documented procedure shall be established to define the controls needed

  1. to approve documents for adequacy prior to issue

  2. to review and update as necessary and re-approve documents

  3. to ensure that changes and the current revision status of documents are identified

  4. to ensure that relevant versions of applicable documents are available at points of use

  5. to ensure that the documents remain legible and readily identifiable

  6. to ensure that document of external origin are identified and their distribution controlled

  7. to prevent the unintended use of absolute documents, and to apply the suitable identification to them if they are retained for any purpose.

  4.2.4 Control of Records

Records shall be established and maintained to provide evidence of conformity to requirements and of the effective operation of the quality management system. Records shall remain legible, readily identifiable and retrievable. A documented procedure shall be established to define the controls needed for the identification, storage, protection, retrieval retention time and disposition of records.

  5.0 Management Responsibility

  5.1 Management Commitment

Top management shall provide evidence of its commitment to the development and implementation of the quality management system and continually improving its effectiveness by

  1. Communicating to the organization the importance of meeting customer as well as statutory and regulatory requirements

  2. Establishing the quality policy

  3. Ensuring that quality objectives are established

  4. Conducting management reviews

  5. Ensuring the availability of resources

  5.2 Customer Focus

Top management shall ensure that customer requirements are determined and fulfilled with the aim of enhancing customer satisfaction (see7.2.1 and 8.2.1).

  5.3 Quality Policy

Top management shall ensure that the quality policy

  1. Is appropriate to the purpose of the organization

  2. Includes a commitment to comply with requirements and continually improve the effectiveness of the quality management system

  3. Provides a framework for establishing and reviewing quality objectives

  4. Is communicated and understood within the organization

  5. Is reviewed for continuing suitability

  5.4 Planning

  5.4.1 Quality Objectives

Top management shall ensure that quality objectives, including those needed to meet requirements for product (see 7.1a), are established at relevant functions and levels within the organization. The quality objectives shall be measurable and consistent with quality policy.

  5.4.2 Quality Management System Planning

Top management shall ensure that

  1. The planning of the quality management system is carried out in order to meet the requirements given in 4.1, as well as the quality objectives

  2. The integrity of the quality management system is maintained when changes to the quality management system are planned and implemented.

  5.5 Responsibility, Authority and Communication

  5.5.1 Responsibility and Authority

Top management shall ensure that the responsibilities, authorities and their interrelation are defined and communicated within the organization.

  5.5.2 Management Representative

Top management shall appoint a member of management who, irrespective of other responsibilities, shall have responsibility and authority that includes

  1. Ensuring that processes needed for the quality management system are established implemented and maintained

  2. Reporting to top management on the performance of the quality management system and any need to improvement

  3. Ensuring the promotion of awareness of customer requirements throughout the organization.

NOTE: The responsibility of a management representative can include liaison with external parties on matters relating to the quality management system.

  5.5.3 Internal Communication

Top management shall ensure that appropriate communication processes are established within the organization and that communication takes place regarding the effectiveness of the quality management system

  5.6 Management Review

  5.6.1 General

Top management shall review the organization’s quality management system, at planned intervals, to ensure its continuing suitability, adequacy and effectiveness. This review shall include assessing opportunities for improvement and the need for changes to the quality management system, including the quality policy and quality objectives.

Records from management reviews shall be maintained (see 4.2.4).

  5.6.2 Review Input

The input to management review shall include information on

a)   results of audits,

b)   customer feedback,

c)   process performance and product conformity,

d)   status of preventive and corrective actions,

e)   follow-up actions from previous management reviews,

f)   changes that could affect the quality management system, and

g)   recommendations for improvement.

  5.6.3 Review Output

The Output from the Management Review Shall include any decisions and action related to 

a. Improvement of the effectiveness of Quality Management System and its processes 

b. Improvement of product releated to customer requirements and 

c. Resource needs.

  6.0 Resource Provision

  6.1 Provision of Resources

The organization shall determine and provide the resource needed

  1. To implement and maintain the quality management system and continually improve its effectiveness

  2. To enhance customer satisfaction by meeting customer requirements

  6.2 Human Resources

  6.2.1 General

Personnel performing work affecting product quality shall be competent on the basis of appropriate education training, skills and experience.

  6.2.2 Competency, Awareness and Training

The organization shall

  1. Determine the necessary competence for personnel performing work affecting product quality

  2. Provide training or take other actins to satisfy these needs

  3. Evaluate the effectiveness of the actions taken

  4. Ensure that its personnel are aware of the relevance and importance of their activities and how they contribute to the achievement of the quality objectives

  5. Maintain appropriate records of education, training, skills and experience (see 4.2.4)

  6.3 Infrastructure

The Organization shall determine, provide and maintain the infrastructure needed to achieve the conformity to product requirements, infrastructure includes, for example

  1. Buildings, workspace and associated utilities

  2. Process equipment, both hardware and software

  3. Supporting services such as transport or communication.

  6.4 Work Environment

The organization shall determine and manage the work environment needed to achieve conformity to product requirements.

  7.0 Product Realization

  7.1 Planning of Product Realization

The organization shall plan and develop the processes needed for product realization. Planning of product realization shall be consistent with the requirements of the other processes of the quality management system (see 4.1). In planning product realization, the organization shall determine the following, as appropriate

  1. Quality objectives and requirements for the product

  2. The need to establish processes, documents, and provide resources specific to the product

  3. Required verification, validation, monitoring, inspection and test activities specific to the product and the criteria for product acceptance

  4. Records needed to provide evidence that the realization processes and resulting product fulfill requirements (see 4.2.4).

The output of this planning shall be in a form suitable for the organization’s method of operations.

Note1: A document specifying the processes of the quality management system (including the product realization processes) and the resources to be applied to a specific product, project or contract, can be referred to as a quality plan.

Note 2: The organization may also apply the requirements given in 7.3 to the development of product realization processes.

  7.2 Customer Related Processes

  7.2.1 Determination of Requirements Related to the Product

The organization shall determine

  1. Requirement specified by the customer, including the requirements for delivery and post-delivery activities

  2. Requirements not stated by the customer but necessary for specified use or known and intended use

  3. Statutory and regulatory requirements related to the product

  4. Any additional requirements determined by the organization.

  7.2.2 Review of Requirements Related to the Product

The Organization shall review the requirements related to the product. This review shall be conducted prior to the organization’s commitment to supply a product to the customer (e.g. submission of tenders, acceptance of contracts or orders, acceptance of changes to contracts or orders) shall ensure that

  1. Product requirements are defined

  2. Contract or order requirements differing from those previously expressed are resolved

  3. The organization has the ability to meet the defined requirements. Records of the results of the review and actions arising from the review shall be maintained (see 4.2.4).

Where the customer provides no documented statement to requirement, the customer requirements shall be confirmed by the organization before acceptance.

Where product requirements are changed, the organization shall ensure that relevant documents are amended and that relevant personnel are made aware of the changed requirements.

Note: In some situations, such as internet sales, a formal review is impractical for each order. Instead the review can cover relevant product information such as catalogues or advertising material.

  7.2.3 Customer Communication

The Organization shall determine and implement effective arrangements for communicating with customers in relation to

  1. Product information

  2. Enquiries, contracts or order handling, including amendments

  3. Customer feedback, including customer complaints

  7.3 Design and Development

  7.3.1 Design and Development Planning

The organization shall plan and control the design and development of product During the Design and Development planning, the organization shall determine

  1. The design and development stages

  2. The review, verification and validation that are appropriate to each design and development stage

  3. The responsibilities and authorities for design and development

The organization shall manage the interfaces between different groups involved in design and development to ensure effective communication and clear assignment of responsibility.

Planning output shall be updated, as appropriate, as the design and development progresses.

  7.3.2 Design and Development Inputs

Inputs relating to product requirements shall be determined and records maintained (see 4.2.4). These shall include

  1. Functional and performance requirements

  2. Applicable statutory and regulatory requirements

  3. Where applicable, information derived from previous similar designs

  4. Other requirements essential for design and development.

These inputs shall be reviewed for adequacy. Requirements shall be complete, unambiguous and not in conflict with each other.

  7.3.3 Design and Development Outputs

The outputs of design and development shall be provided in a form that enables verification against the design and development input and shall to approved prior to release. Design and Development output shall

  1. Meet the input requirements for design and development

  2. Provide appropriate information for purchasing, production and for service provision

  3. Contain or reference product acceptance criteria

  4. Specify the characteristics of the product that are essential for its safe and proper use.

  7.3.4 Design and Development Review

At suitable stages, systematic reviews of design and development shall be conducted

  1. To evaluate the ability of the results of design and development to fulfill requirements

  2. To identify any problems and propose necessary actions.

Participants in such reviews shall include representatives of functions concerned with the design and development stage (s) being reviewed. Records of the results of the reviews and any necessary actions shall be maintained (see 4.2.4)

  7.3.5 Design and Development Verification

Verification shall be performed to ensure that the design and development outputs have satisfied the design and development input requirements. Records of the results of the verification and any necessary actions shall be maintained (see 4.2.4).

  7.3.6 Design and Development Validation

Design and development validation shall be performed in accordance with planned arrangements (see 7.3.1) to ensure that the resulting product is capable of fulfilling the requirements for the specified or known intended use of application. Wherever practicable, validation shall be completed prior to the delivery or implementation of the product. Records of the results of validation and any necessary actions shall be maintained (see 4.2.4)

  7.3.7 Design and Development Changes

Design and development changes shall be identified and records maintained. The changes shall be reviewed, verified and validated, as appropriate, and approved before implementation. The review of design and development changes shall include evaluation of the effect of the changes on constituent parts and delivered product. Records of the results of the review of changes and any necessary actions shall be maintained (see 4.2.4).

  7.4 Purchasing

  7.4.1 Purchasing Process

The Organization shall ensure that purchased product conforms to specified purchase requirements. The type and extent of control applied to the supplier and the purchased product shall be dependent upon the effect of the purchased product on subsequent product realization or the final product.

The Organization shall evaluate and select suppliers based on their ability to supply product in accordance with the organization’s requirements. Criteria for selection, evaluation and re-evaluation shall be established. Records of the results of evaluations and any necessary actions arising from the evaluation shall be maintained (see 4.2.3).

  7.4.2 Purchasing Information

Purchasing information shall describe the product to be purchased, including where appropriate

  1. Requirements for approval of product, procedures, processes and equipment

  2. Requirements for qualification of personnel

  3. Quality management system requirements.

The Organization shall ensure the adequacy of specified purchase requirements prior to their communication to the supplier

  7.4.3 Verification of Purchased Products

The Organization shall establish and implement the inspection or other activities necessary for ensuring that purchased product meets specified purchase requirements.

Where the Organization or its customer intends to perform verification at the supplier’s premises, the organization shall state the intended verification arrangements and method of product release in the purchasing information.

  7.5 Production and Service Provision

  7.5.1 Control of Production and Service Provision

The organization shall plan and carry out production and service provision under controlled conditions, Controlled conditions shall include, as applicable

  1. The availability of information that describes the characteristics of the product

  2. The availability of work instructions

  3. The use of suitable equipment

  4. The availability and use of monitoring and measuring devices

  5. The implementation of monitoring and measurement

  6. The implementation of release, delivery and post-delivery activities

  7.5.2 Validation of Processes for Production and Service Provision

The organization shall validate any processes for production and service provision where the resulting output cannot be verified by subsequent monitoring or measurement.

This includes any processes where deficiencies become apparent only after the product is in use or the service has been delivered.

Validation shall demonstrate the ability of these processes to achieve planned results. The organization shall establish arrangements for these processes including, as applicable.

  1. Defined criteria for review and approval of the processes

  2. Approval of equipment and qualification of personnel

  3. Use of specific methods and procedures

  4. Requirements for records (see 4.2.4)

  5. Revalidation

  7.5.3 Identification and Traceability

Where appropriate, the organization shall identify the product by suitable means throughout product realization. The organization shall identify the product status with respect to monitoring and measurement requirements.

Where Traceability is a requirement, the organization shall control and records the unique identification of the product (see 4.2.4).

Note: In some industry sectors, configuration management is a means by which identification and Traceability are maintained.

  7.5.4 Customer Property

The organization shall exercise care with customer property while it is under the organization’s control or being used by the organization. The organization shall identify, verify, protect and safeguard customer property provided for use or incorporation into the product. If any customer property is lost, damaged or otherwise found to be unsuitable for use, this shall be reported to the customer and records maintained (see 4.2.4).

Note: Customer property can include intellectual property

  7.5.5 Preservation of Products

The organization shall preserve the conformity of product during internal processing and delivery to the intended destination. This preservation shall include identification, handling, packaging, storage and protection. Preservation shall also apply to the constituent parts of a product.

  7.6 Control of Monitoring and Measuring Devices

The organization shall determine the monitoring and measurement to be undertaken and the monitoring and measuring devices needed to provide evidence of conformity of product to determined requirements (see 7.2.1).

The organization shall establish processes to ensure that monitoring and measurement can be carried out and are carried out in a manner that is consistent with the monitoring and measurement requirements.

  1. Where necessary to ensure valid results, measuring equipment shall

  2. Be calibrated or verified at specified intervals, or prior to use, against measurement standards traceable to international or national measurement standards; Where no such standards exist, the basis used for calibration or verification shall be recorded

  3. Be adjusted or re-adjusted as necessary

  4. Be identified to enable the calibration status to be determined

  5. Be safeguarded from adjustments that would invalidate the measurement result

  6. Be protected from damage and deterioration during handling, maintenance and storage.

In addition, the organization shall assess and record the validity of the previous measuring results when the equipment is found not to conform to requirements.

The organization shall take appropriate action on the equipment and any product affected. Records of the results of calibration and verification shall be maintained (see 4.2.4).

When used in the monitoring and measurement of specified requirements, the ability of computer software to satisfy the intended application shall be confirmed.

This shall be undertaken prior to initial use and reconfirmed as necessary.

Note: See ISO 10012-1 and ISO 10012-2 for guidance

  8.0 Measurement, Analysis and Improvement

  8.1 General

The organization shall plan and implement the monitoring, measurement, analysis and improvement processes needed

  1. To demonstrate conformity of the product

  2. To ensure conformity of the quality management system

  3. To continually improve the effectiveness of the quality management system.

This shall include determination of applicable methods, including statistical techniques, and the extent of their use

  8.2 Monitoring and Measurement

  8.2.1 Customer Satisfaction

As one of the measurements of the performance of the quality management system, the organization shall monitor information relating to customer perception as to whether the organization has fulfilled customer requirements. The methods for obtaining and using this information shall be determined

  8.2.2 Internal Audit

The organization shall conduct internal audits at planned intervals to determine whether the quality management system

  1. Conforms to the planned arrangements (see 7.1), to the requirements of this international standard and to the quality management system requirements established by the organization

  2. Is effectively implemented and maintained

An audit Programme shall be planned, taking into consideration the status and importance of the processes and areas to be audited, as well as the results of previous audits. The audit criteria, scope, frequency and methods shall be defined. Selection of auditors and conduct of audits shall ensure objectivity and impartiality of the audit process Auditors shall not audit their own work.

The responsibilities and requirements for planning and conducting audits, and for reporting results and maintaining records (see 4.2.4) shall be defined in a documented procedure.

The management responsible for the area being audited shall ensure that actions are taken without undue delay to eliminate detected nonconformities and their causes. Follow-up activities shall include the verification of the actions taken and the reporting of verification results (see 8.5.2)

Note: See ISO 10011-1, ISO 10011-2 and ISO 10011-3 for guidance.

  8.2.3 Monitoring and Measurement of Processes

The organization shall apply suitable methods for monitoring and, where applicable, measurement of the quality management system processes. These methods shall demonstrate the ability of the processes to achieve planned results. When planned results are not achieved, correction and corrective action shall be taken, as appropriate, to ensure conformity of the product

  8.2.4 Monitoring and Measurement of Products

The organization shall monitor and measure the characteristics of the product to verify that product requirements are fulfilled.

This shall be carried out at appropriate stages of the product realization process in accordance with the planned arrangements (see 7.1).

Evidence of conformity with the acceptance criteria shall be maintained. Records shall indicate the person's authorizing release of product (see 4.2.4).

Product release and service delivery shall not proceed until all the planned arrangements (see 7.1) have been satisfactorily completed, unless otherwise approved by a relevant authority, and where applicable by the customer

  8.3 Control of Nonconforming Products

The organization shall ensure that product which does not conform to product requirements is identified and controlled to prevent its unintended use or delivery. The controls and related responsibilities and authorities for dealing with nonconforming product shall be defined in a documented procedure. The organization shall deal with nonconforming product by one or more of the following ways:

  1. By taking action to eliminate the detected nonconformity

  2. By authorizing its use, release or acceptance under concession by a relevant authority and, where applicable, by the customer

  3. By taking action to preclude its original intended use or application Records of the nature of nonconformities and any subsequent actions taken, including concessions obtained, shall be maintained (see 4.2.4)

When nonconforming product is corrected it shall be subject to re-verification to demonstrate conformity to the requirements. When nonconforming product is detected after delivery or use has started, the organization shall take action appropriate to the effects, or potential effects, of the nonconformity.

  8.4 Analysis of Data

The organization shall determine, collect and analysis appropriate data to demonstrate the suitability and effectiveness of the quality management system and to evaluate where continual improvement of the quality management system can be made.

This shall include data generated as a result of monitoring and measurement and from other relevant sources. The analysis of data shall provide information relating to

  1. Customer satisfaction (see 8.2.1)

  2. Conformance to product requirements (see 7.2.1)

  3. Characteristics and trends of processes and products including opportunities for preventive action

  4. Suppliers

  8.5 Improvement

  8.5.1 Continual Improvement

The organization shall continually improve the effectiveness of the quality management system through the use of the quality policy, quality objectives, audit results, analysis of data, corrective and preventive actions and management review.

  8.5.2 Corrective Action

The organization shall take action to eliminate the cause of nonconformities in order to prevent recurrence. Corrective actions shall be appropriate to the effects of the nonconformities encountered.

A documented procedure shall be established to define requirements for

  1. Reviewing nonconformities (including customer complaints)

  2. Determining the causes of nonconformities

  3. Evaluating the need for action to ensure that nonconformities do not recur

  4. Determining and implementing action needed

  5. Records of the results of action taken (see 4.2.4)

  6. Reviewing corrective action taken.

  8.5.3 Preventive Action

The organization shall determine action to eliminate the causes of potential nonconformities in order to prevent their occurrence. Preventive actions shall be appropriate to the effects of the potential problems. A documented procedure shall be established to define requirements for

  1. Determining potential nonconformities and their causes

  2. Evaluating the need for action to prevent occurrence of nonconformities

  3. Determining and implementing action needed

  4. Records of results of action taken (see 4.2.4), and e) Reviewing preventive action taken.

  ISO 14001:2004 (Environmental Management System)

  1.0 Scope

This International Standard specifies requirements for an environmental management system to enable an organization to develop and implement a policy and objectives which take into account legal requirements and other requirements to which the organization subscribes, and information about significant environmental aspects. It applies to those environmental aspects that the organization identifies as those which it can control and those which it can influence. It does not itself state specific environmental performance criteria.

This International Standard is applicable to any organization that wishes to

  1. establish, implement, maintain and improve an environmental management system

  2. assure itself of conformity with its stated environmental policy

  3. demonstrate conformity with this International Standard by

    1. making a self-determination and self-declaration, or

    2. seeking confirmation of its conformance by parties having an interest in the organization, such as customers, or

    3. seeking confirmation of its self-declaration by a party external to the organization, or

    4. seeking certification/registration of its environmental management system by an external organization

All the requirements in this International Standard are intended to be incorporated into any environmental management system. The extent of the application depends on factors such as the environmental policy of the organization, the nature of its activities, products and services and the location where and the conditions in which it functions. This International Standard also provides, in Annex A, informative guidance on its use.

  2.0 Normative Reference

No normative references are cited. This clause is included in order to retain clause numbering identical with the previous edition (ISO 14001:1996).

  3.0 Terms and Definitions

For the purpose of this document, the following terms and definitions apply.

3.1 Auditor

person with the competence to conduct an audit

[ISO 9000:2000, 3.9.9]

3.2 Continual Improvement

recurring process of enhancing the environmental management system (3.8) in order to achieve improvements in overall environmental performance (3.10) consistent with the organization’s (3.16) environmental policy (3.11)

NOTE : The process need not take place in all areas of activity simultaneously.

3.3 Corrective Action

action to eliminate the cause of a detected nonconformity (3.15)

3.4 Document

information and its supporting medium

NOTE 1 : The medium can be paper, magnetic, electronic or optical computer disc, photograph or master sample, or a combination thereof.

NOTE 2 : Adapted from ISO 9000:2000, 3.7.2.

3.5 Environment

surroundings in which an organization (3.16) operates, including air, water, land, natural resources, flora, fauna, humans, and their interrelation.

NOTE : Surroundings in this context extend from within an organization (3.16) to the global system.

3.6 Environmental Aspect

element of an organization’s (3.16) activities or products or services that can interact with the environment (3.5)

NOTE : A significant environmental aspect has or can have a significant environmental impact (3.7).

3.7 Environmental Impact

any change to the environment (3.5), whether adverse or beneficial, wholly or partially resulting from an organization’s (3.16)environmental aspects (3.6)

3.8 Environmental Management System (EMS)

part of an organization’s (3.16) management system used to develop and implement its environmental policy (3.11) and manage its environmental aspects (3.6)

NOTE 1 : A management system is a set of interrelated elements used to establish policy and objectives and to achieve those objectives.

NOTE 2 : A management system includes organizational structure, planning activities, responsibilities, practices,procedures (3.19), processes and resources.

3.9 Environmental Objective

overall environmental goal, consistent with the environmental policy (3.11), that an organization (3.16) sets itself to achieve

3.10 Environmental Performance

measurable results of an organization’s (3.16) management of its environmental aspects (3.6)

NOTE : In the context of environmental management systems (3.8), results can be measured against the organization’s (3.16) environmental policy (3.11), environmental objectives (3.9), environmental targets (3.12) and other environmental performance requirements.

3.11 Environmental Policy

overall intentions and direction of an organization (3.16) related to its environmental performance (3.10) as formally expressed by top management.

NOTE : The environmental policy provides a framework for action and for the setting of environmental objectives (3.9) and environmental targets (3.12).

3.12 Environmental Target

detailed performance requirement, applicable to the organization(3.16) or parts thereof, that arises from the environmental objectives (3.9) and that needs to be set and met in order to achieve those objectives.

3.13 Interested Party

person or group concerned with or affected by the environmental performance (3.10) of an organization (3.16)

3.14 Internal Audit

systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the environmental management system audit criteria set by the organization (3.16) are fulfilled.

NOTE : In many cases, particularly in smaller organizations, independence can be demonstrated by the freedom from responsibility for the activity being audited.

3.15 Nonconformity

non-fulfillment of a requirement

[ISO 9000:2000.3.6.2]

3.16 Organization

company, corporation, firm, enterprise, authority or institution, or part or combination therof, whether incorporated or not, public or private, that has its own functions and administration.

NOTE : For organizations with more than one operating unit, a single operating unit may be defined as an organization.

3.17 Preventive Action

action to eliminate the cause of a potential nonconformity (3.15)

3.18 Prevention of Pllution

use of processes, practices, techniques, materials, products, services or energy to avoid, reduce or control (separately or in combination) the creation, emission or discharge of any type of pollutant or waste, in order to reduce adverse environmental impacts (3.7)

NOTE : Prevention of pollution can include source reduction or elimination, process, product or service changes, efficient use of resources, material and energy substitution, reuse, recovery, recycling, reclamation and treatment.

3.19 Procedure

specified way to carry out an activity or a process

NOTE 1 : Procedures can be documented or not.

NOTE 2 : Adapted from ISO 9000:2000, 3.4.5.

3.20 Record

Document (3.4) stating results achieved or providing evidence of activities performed

NOTE : Adapted from ISO 9000:2000,3.7.6.

  4.0 Environmental Management System Requirements

  4.1 General Requirements

The organization shall establish, document, implement, maintain and continually improve an environmental management system in accordance with the requirements of this International Standard and determine how it will fulfill these requirements.

The organization shall define and document the scope of its environmental management system.

  4.2 Environmental Policy

Top management shall define the organization’s environmental policy and ensure that, within the defined scope of its environmental management system, it

  1. is appropriate to the nature, scale and environmental impacts of its activities, products and services

  2. includes a commitment to continual improvement and prevention of pollution

  3. includes a commitment to comply with applicable legal requirements and with other requirements to which the organization subscribes which relate to its environmental aspects

  4. provides the framework for setting and reviewing environmental objectives and targets

  5. is documented, implemented and maintained

  6. is communicated to all persons working for or on behalf of the organization, and

  7. is available to the public

  4.3 Planning

  4.3.1 Environmental Aspects

The organization shall establish, implement and maintain a procedure(s)

  1. to identify the environmental aspects of its activities, products and services within the defined scope of the environmental management system that it can control and those that it can influence taking into account planned or new developments, or new or modified activities, products and services

  2. to determine those aspects that have or can have significant impact(s) on the environment (i.e. significant environmental aspects)

The organization shall document this information and keep it up to date.

The organization shall ensure that the significant environmental aspects are taken into account in establishing, implementing and maintaining its environmental management system.

  4.3.2 Legal and Other Requirements

The organization shall establish, implement and maintain a procedure(s)

  1. to identify and have access to the applicable legal requirements and other requirements to which the organization subscribes related to its environmental aspect

  2. to determine how these requirements apply to its environmental aspects.

The organization shall ensure that these applicable legal requirements and other requirements to which the organization subscribes are taken into account in establishing, implementing and maintaining its environmental management system.

  4.3.3 Objectives, Targets and Programmes

The organization shall establish, implement and maintain documented environmental objectives and targets, at relevant functions and levels within the organization.

The objectives and targets shall be measurable, where practicable, and consistent with the environmental policy, including the commitments to prevention of pollution, to compliance with applicable legal requirements and with other requirements to which the organization subscribes, and to continual improvement.

When establishing and reviewing its objectives and targets, an organization shall take into account the legal requirements and other requirements to which the organization subscribes, and its significant environmental aspects. It shall also consider its technological options, its financial, operational and business requirements, and the views of interested parties.

The organization shall establish, implement and maintain a programme(s) for achieving its objectives and targets. Programme(s) shall include.

  1. designation of responsibility for achieving objectives and targets at relevant functions and levels of the organization

  2. the means and time-frame by which they are to be achieved

  4.4 Implementation and Operation

  4.4.1 Resources, Roles, Responsibility and Authority

Management shall ensure the availability of resources essential to establish, implement, maintain and improve the environmental management system. Resources include human resources and specialized skills, organizational infrastructure, technology and financial resources.

Roles,responsibilities and authorities shall be defined, documented and communicated in order to facilitate effective environmental management.

The organization’s top management shall appoint a specific management representative(s) who, irrespective of other responsibilities, shall have defined roles, responsibilities and authority for

  1. ensuring that an environmental management system is established, implemented and maintained in accordance with the requirements of this International Standard

  2. reporting to top management on the performance of the environmental management system for review, including recommendations for improvement

  4.4.2 Competency, Training and Awareness

The orgainization shall ensure that any person(s) performing tasks for it or on its behalf that have the potential to cause a significant environmental impact(s) identified by the organization is (are) competent on the basis of appropriate education, training or experience, and shall retain associated records.

The organization shall identify training needs associated with its environmental aspects and its environmental management system. It shall provide training or take other action to meet these needs, and shall retain associated records.

The organization shall establish, implement and maintain a procedure(s) to make persons working for it or on its behalf aware of.

  1. the importance of conformity with the environmental policy and procedures and with the requirements of the environmental benefits of improved personal performance

  2. the significant environmental aspects and related actual or potential impacts associated with their work, and the environmental benefits of improved personal performance

  3. their roles and responsibilities in achieving conformity with the requirements of the environmental management system

  4. the potential consequences of departure from specified procedures

  4.4.3 Communication

With regard to its environmental aspects and environmental management system, the organization shall establish, implement and maintain a procedure(s) for

  1. internal communication among the various levels and functions of the organization

  2. receiving, documenting and responding to relevant communication from external interested parties

The organization shall decide whether to communicate externally about its significant environmental aspects, and shall document its decision. If the decision is to communicate, the organization shall establish and implement a method(s) for this external communication.p

p

  4.4.4 Documentation

The environmental management system documentation shall include

  1. the environmental policy, objectives and targets

  2. description of the scope of the environmental management system

  3. description of the main elements of the environmental management system and their interaction, and reference to related documents

  4. documents,including records, determined by the organization to be necessary to ensure the effective planning, operation and control of processes that relate to its significant environmental aspects

  5. documents, including records, required by this International Standard

  4.4.5 Control of Documents

Documents required by the environmental management system and by this International Standard shall be controlled. Records are a special type of document and shall be controlled in accordance with the requirements given in 4.5.4

The organization shall establish, implement and maintain a procedure(s) to

  1. approve documents for adequacy prior to issue

  2. review and update as necessary and re-approve documents

  3. ensure that changes and the current revision status of documents are identified

  4. ensure that relevant versions of applicable documents are available at points of use

  5. ensure that documents remain legible and readily identifiable ensure that documents of external origin determined by the organization to be necessary for the planning and operation of the environmental management system are identified and their distribution controlled

  6. prevent the unintended use of obsolete documents and apply suitable identification to them if they are retained for any purpose

  4.4.6 Operational Control

The organization shall identify and plan those operations that are associated with the identified significant environmental aspects consistent with its environmental policy, objectives and targets, in order to ensure that they are carried out under specified conditions, by

  1. establishing, implementing and maintaining a documented procedure(s) to control situations where their absence could lead to deviation from the environmental policy, objectives and targets

  2. stipulating the operating criteria in the procedure(s)

  3. establishing, implementing and maintaining procedures related to the identified significant environmental aspects of goods and services used by the organization and communicating applicable procedures and requirements to suppliers, including contractors

  4.4.7 Emergency Preparedness and Response

The organization shall establish, implement and maintain a procedure(s) to identify potential emergency situations and potential accidents that can have an impact(s) on the environment and how it will respond to them.

The organization shall respond to actual emergency situations and accidents and prevent or mitigate associated adverse environmental impacts.

The organization shall periodically review and, where necessary, revise its emergency preparedness and response procedures, in particular, after the occurrence of accidents or emergency situations.

The organization shall also periodically test such procedures where practicable.

  4.5 Checking

  4.5.1 Monitoring and Measurement

The organization shall establish, implement and maintain a procedure(s) to monitor and measure, on a regular basis, the key characteristics of its operations that can have a significant environmental impact. The procedure(s) shall include the documenting of information to monitor performance, applicable operational controls and conformity with the organization’s environmental objectives and targets.

The organization shall ensure that calibrated or verified monitoring and measurement equipment is used and maintained and shall retain associated records

  4.5.2 Evaluation of Compliance

4.5.2.1 Consistent with its commitment to compliance, the organization shall establish, implement and maintain a procedure(s) for periodically evaluating compliances with applicable legal requirements.

The organization shall keep records of the results of the periodic evaluations.

4.5.2.2 The organization shall evaluate compliance with other requirements to which it subscribes. The organization may wish to combine this evaluation with the evaluation of legal compliance referred to in 4.5.2.1 or to establish a separate procedure(s).

The organization shall keep records of the results of the periodic evaluations.

  4.5.3 Non Conformity, Corrective Action and Preventive Action

The organization shall establish, implement and maintain a procedure(s) for dealing with actual and potential nonconformity(ies) and for taking corrective action and preventive action. The procedure(s) shall define requirements for

  1. identifying and correcting nonconformity(ies) and taking action(s) to mitigate their environmental impacts

  2. investigating nonconformity(ies), determining their cause(s) and taking actions in order to avoid their recurrence

  3. evaluating the need for action(s) to prevent nonconformity(ies) and implementing appropriate actions designed to avoid their occurrence

  4. recording the results of corrective action(s) and preventive action(s) taken

  5. reviewing the effectiveness of corrective action(s) and preventive action(s) taken

Actions taken shall be appropriate to the magnitude of the problems and the environmental impacts encountered.

The organization shall ensure that any necessary changes are made to environmental management system documentation.

  4.5.4 Control of Records

The organization shall establish and maintain records as necessary to demonstrate conformity to the requirements of its environmental management system and of this International Standard, and the results achieved.

The organization shall establish, implement and maintain a procedure(s) for the identification, storage, protection, retrieval, retention and disposal of records.

Records shall be and remain legible, identifiable and traceable.

  4.5.5 Internal Audits

The organization shall ensure that internal audits of the environmental management system are conducted at planned intervals to

  1. determine whether the environmental management system

  2. Conforms to planned arrangements for environmental management including the requirements of this International Standard

  3. has been properly implemented and is maintained, and provide information on the results of audits to management

Audit programme(s) shall be planned, established, implemented and maintained by the organization, taking into consideration the environmental importance of the operation(s) concerned and the results of pervious audits

Audit procedure(s) shall be established, implemented and maintained that addressthe responsibilities and requirements for planning and conducting audits, reporting results and retaining associated records the determination of audit criteria, scope, frequency and methods.

Selection of auditors and conduct of audits shall ensure objectivity and the impartiality of the audit process.

  4.6 Management Review

Top management shall review the organization’s environmental management system at planned intervals, to ensure its continuing suitability, adequacy and effectiveness. Reviews shall include assessing opportunities for improvement and the need for changes to the environmental management system, including the environmental policy and environmental objectives and targets. Records of the management reviews shall be retained.

Input to management reviews shall include

  1. results of internal audits and evaluations of compliance with legal requirements and with other requirements to which the organization subscribes

  2. communication(s) from external interested parties, including complaints

  3. the environmental performance of the organization

  4. the extent to which objectives and targets have been met

  5. status of corrective and preventive actions

  6. follow-up actions from previous management reviews

  7. changing circumstances, including developments in legal and other requirements related to its environmental aspects

  8. recommendations for improvement

The outputs from management reviews shall include any decisions and actions related to possible changes to environmental policy, objectives, targets and other elements of the environmental management system, consistent with the commitment continual improvement.

  OHSAS 18001:2007 (Occupational Health & Safety Assessment Series)

  1.0 Scope

This Occupational Health and Safety Assessment Series (OHSAS) specification gives requirements for an occupational health and safety (OH&S) management system, to enable an organization to control its OH&S risks and improve its performance state specific OH&S performance criteria, nor does it give detailed specifications for the design of a management system.

This OHSAS specification is applicable to any organization that wishes to:

  1. establish an OH&S management system to eliminate or minimize risk to employees and other interested parties who may be exposed to OH&S risks associated with its activities

  2. implement, maintain and continually improve an OH&S management system

  3. assure itself of its conformance with its stated OH&S policy

  4. demonstrate such conformance to others

  5. seek certification/registration of its OH&S management system by an external organization; or

  6. make a self – determination and declaration of its conformance with this OHSAS specification

All the requirements in this OHSAS specification are intended to be incorporated into any OH&S management system. The extent of the application will depend on such factors as the OH&S policy of the organization, the nature of its activities and the risks and complexity of its operations.

This OHSAS specification is intended to address occupational health and safety rather than product and services safety.

  2.0 Normative Reference

Other publications that provide information or guidance are listed in the Bibliography. It is advisable that the latest editions of such publications be consulted. Specifically, reference should be made to:

Occupational health and safety management systems – Guidelines for the implementation of OHSAS 18001.

BS 8800:1996, Guide to occupational health and safety management systems.

  3.0 Terms and Definitions

For the purposes of this OHSAS specification the following terms and definitions apply.

3.1 Accident

undesired event giving rise to death, ill health, injury, damage or other loss

3.2 Audit

systematic examination to determine whether activities and related results conform to planned arrangements and whether these arrangements are implemented effectively and are suitable for achieving the organization’s policy and objectives (see 3.9)

3.3 Continual Improvement

process of enhancing the OH&S management system, to achieve improvements in overall occupational health and safety performances, in line with the organization’s OH&S policy

NOTE : The process need not take place in all areas of activity simultaneously.

3.4 Hazard

source or situation with a potential for harm in terms of human injury or ill health, damage to property, damage to the workplace environment, or a combination of these

3.5 Hazard Identification

process of recognizing that a hazard (see 3.4) exists and defining its characteristics

3.6 Incident

event that gave rise to an accident or had the potential to lead to an accident

NOTE : An incident where no ill health, injury, damage, or other loss occurs is also referred to as a “near- miss “. The term “incident” includes “near- misses”.

3.7 Interested Parties

individual or group concerned with or affected by the OH&S performance of an organization

3.8 Nonconformance

any deviation from work standards, practices, procedures, regulations, management system performance etc. that could either directly or indirectly lead to injury or illness, property damage, damage to the workplace environment, or a combination of these

3.9 Objectives

goals, in terms of OH&S performance, that an organization sets itself to achieve

NOTE : Objectives should be quantified wherever practicable.

3.10 Occupational Health and Safety

conditions and factors that affect the well – being of employees, temporary workers, contractor personnel, visitors and any other person in the workplace

3.11 OH&S management system

Part of the overall management system that facilitates the management of the OH&S risks associated with the business of the organization. This includes the organizational structure, planning activities, responsibilities, practices, procedures, processes and resources for developing, implementing, achieving, reviewing and maintaining the organization’s OH&S policy

3.12 Organization

company, operation, firm, enterprise, institution or association, or part thereof, whether incorporated or not , public or private, that has its own functions and administration

3.13 Performance

measurable results of the OH&S management system, related to the organization’s control of health and safety risks, based on its OH&S policy and objectives

NOTE : Performance measurement includes measurement of OH&S management activities and results.

3.14 Risk

combination of the likelihood and consequences(s) of a specified hazardous event occurring

3.15 Risk Assessment

overall process of estimating the magnitude of risk and deciding whether or not the risk is tolerable

3.16 Safety

freedom from unacceptable risk of harm [ISO/IEC Guide 2]

3.17 Tolerable Risk

risk that has been reduced to a level that can be endured by the organization having regard to its legal obligations and its own OH&S policy

  4.0 Occupational Health and Safety Management System Requirements

  4.1 General Requirements

The organization shall establish and maintain an OH&S management system, the Requirements for which are set out in Clause 4.

  4.2 OH&S Policy

There shall be an occupational health and safety policy authorized by the organization’s top management, that clearly states overall health and safety objectives and a Commitment to improving health and safety performance.

The policy shall:

  1. be appropriate to the nature and scale of the organization’s OH&S risks

  2. include a commitment to continual improvement

  3. include a commitment to at least comply with current applicable OH&S legislation and with other requirements to which the organization subscribes

  4. be documented, implemented and maintained

  5. be communicated to all employees with the intent that employees are made aware of their individual OH&S obligations

  6. be available to interested parties

  7. be reviewed periodically to ensure that it remains relevant and appropriate to the organization

  4.3 Planning

  4.3.1 Planning for Hazard Identification, Risk Assessment and Risk Control

The organization shall establish and maintain procedures for the ongoing identification of hazards, the assessment of risks, and the implementation of necessary control measures.

These shall include:

  1. Routine and non-routine activities

  2. Activities of all personnel having access to the workplace (including subcontractors and visitors)

  3. Facilities at the workplace, whether provided by the organization or others.

The organization shall ensure that the results of these assessments and the effects of these controls are considered when setting its OH&S objectives.

The organization shall document and keep this information up to date. The organization's methodology for hazard identification and risk assessment shall:

  1. Be defined with respect to its scope, nature and timing to ensure it is proactive rather than reactive

  2. Provide for the classification of risks and identification of those that are to be eliminated or controlled by measures as defined in 4.3.3 and 4.3.4

  3. Be consistent with operating experience and the capabilities or risk control measures employed

  4. Provide input into the determination of facility requirements, identification of training needs and/or development of operational controls

  5. Provide for the monitoring of required actions to ensure both the effectiveness and timeliness of their implementation.

  4.3.2 Legal and Other Requirements

The organization shall establish and maintain a procedure for identifying and accessing the legal and other OH&S requirements that are applicable to it.

The organization shall keep this information up-to-date. It shall communicate relevant information on legal and other requirements to its employees and other relevant interested parties.

  4.3.3 Objectives

The organization shall establish and maintain documented occupational health and safety objectives, at each relevant function and level within the organization.

When establishing and reviewing its objectives, an organization shall consider its legal and other requirements, its OH&S hazards and risks, its technological options, its financial, operational and business requirements, and the views of interested parties.

The objectives shall be consistent with the OH&S policy, including the commitment to continual improvement

  4.3.4 OH&S Management Programmes

The organization shall establish and maintain (an) OH&S Management programme(s) for achieving its objectives.

This shall include documentation of:

  1. The designated responsibility and authority for achievement of the objectives at relevant functions and levels of the organization;

  2. The means and time-scale by which objectives are to be achieved. The OH&S management programme(s) shall be reviewed at regular and planned intervals.

Where necessary the OH&S management programme(s) shall be amended to address changes to the activities, products, services, or operating conditions of the organization.

  4.4 Implementation and Operation

  4.4.1 Structure and Responsibility

The roles responsibilities and authorities of personnel who manage, perform and verify activities having an effect on the OH&S risks of the organization's activities, facilities and processes, shall be defined, documented and communicated in order to facilitate OH&S management.

Ultimate responsibility for occupational health and safety rests with top management.

The organization shall appoint a member of top management (e.g. in a large organization, a Board or executive committee member) with particular responsibility for ensuring that the OH&S management system is properly implemented and performing to requirements in all locations and spheres of operation within the organization.

Management shall provide resources essential to the implementation, control and improvement of the OH&S management system.

Note: Resources include human resources and specialized skills, technology and financial resources.

The organization's management appointee shall have defined roles, responsibilities and authority for:

  1. Ensuring that OH&S management system requirements are established, implemented and maintained in accordance with this OH&S specification

  2. Ensuring that reports on the performance of the OH&S management system are presented to top management for review and as a basis for improvement of the OH&S management system.

All those with management responsibility shall demonstrate their commitment to the continual improvement of OH&S performance

  4.4.2 Training, Awareness and Communication

Personnel shall be competent to perform tasks that may impact on OH&S in the workplace. Competence shall be defined in terms of appropriate education, training and/or experience.

It shall establish and maintain procedures to ensure that its employees working at each relevant function and level are aware of

  1. The importance of conformance to the OH&S policy and procedures, and to the requirements of the OH&S management system;

  2. The OH&S consequences, actual or potential, of their work activities and the OH&S benefits of improved personal performance;

  3. Their roles and responsibilities in achieving conformance to the OH&S policy and procedures and to the requirements of the OH&S management system, including emergency preparedness and response requirements (see 4.4.7)

  4. The potential consequences of departure from specified operating procedures. Training procedures shall take into account differing levels of

    1. Responsibility, ability and literacy

    2. Risk

  4.4.3 Consultation and Communication

The organization shall have procedures for ensuring that pertinent OH&S information is communicated to an from employees and other interested parties.

Employee involvement and consultation arrangements shall be documented and interested parties informed Employees shall be:

  1. Involved in the development and review of policies and procedures to manage risks

  2. Consulted where there are any changes that affect workplace health and safety

  3. Represented on health and safety matters

  4. Informed as to who is their employee OH&S representative (S) and specified management appointee (see 4.4.1).

  4.4.4 Documentation

The organization shall establish and maintain information, in a suitable medium such as paper or electronic form, that:

  1. Describes the core elements of the management system and their interaction

  2. Provide direction to related documentation

Note: It is important that documentation is kept to the minimum required for effectiveness and efficiency

  4.4.5 Document and Data Control

The organization shall establish and maintain procedures for controlling all documents and data required by this OHSAS specification to ensure that:

  1. They can be located

  2. They are periodically reviewed, revised as necessary and approved for adequacy by authorized personnel

  3. Current versions of relevant documents and data are available at all locations where operations essential to the effective functioning of the OH&S system are performed

  4. Obsolete documents and data are promptly removed from all points of issue and points of use or otherwise assured against unintended use

  5. Archival documents and data retained for legal or knowledge preservation purposes or both, are suitably identified

  4.4.6 Operational Control

The organization shall identify those operations and activities that are associated with identified risks where control measures need to be applied.

The organization shall plan these activities, including maintenance, in order to ensure that they are carried out under specified conditions by:

  1. Establishing and maintaining documented procedures to cover situations where their absence could lead to deviations from the OH&S policy and the objectives

  2. Stipulating operating criteria in the procedures

  3. Establishing and maintaining procedures related to the identified OH&S risks of goods, equipment and services purchased and/or used by the organization and communicating relevant procedures and requirements to suppliers and contractors

  4. Establishing and maintaining procedures for the design of workplace, process, installations, machinery, operating procedures and work organization, including their adaptation to human capabilities, in order to eliminate or reduce OH&S risks at their source

  4.4.7 Emergency preparedness and Response

The organization shall establish and maintain plans and procedures to identify the potential for, and responses to, incidents and emergency situations, and for preventing and mitigating the likely illness and injury that may be associated with them.

The organization shall review its emergency preparedness and response plans and procedures, in particular, after the occurrence of incidents or emergency situations.

The organization shall also periodically test such procedures where practicable

  4.5 Checking and Corrective Actions

  4.5.1 Performance Measurement and Monitoring

The organization shall establish and maintain procedures to monitor and measure OH&S performance on a regular basis.

These procedures shall provide for:

  1. Qualitative and quantitative measures, appropriate to the needs of the organization

  2. Monitoring of the extent of which the organization's OH&S objectives are met

  3. Proactive measures of performance that monitor compliance with the OH&S management Programme, operational criteria and applicable legislation and regulatory requirements

  4. Reactive measures of performance to monitor accidents, ill health, incidents (including near-misses) and other historical evidence of deficient OH&S performance

  5. Recording of data and results of monitoring and measurement sufficient to facilitate subsequent corrective and preventative action analysis.

If monitoring equipment is required for performance measurement and monitoring, the organization shall establish and maintain procedures for the calibration and maintenance of such equipment.

Records of calibration and maintenance activities and results shall be retained

  4.5.2 Accidents, Incidents, Non-Conformance and Corrective and Preventive Action

The organization shall establish and maintain procedures for defining responsibility and authority for:

  1. The handling and investigation of

    1. Accidents

    2. Incidents

    3. Non-conformances

  2. Taking action to mitigate any consequences arising from accidents, incidents or non-conformances

  3. The initiation and completion of corrective and preventive action

  4. Confirmation of the effectiveness of corrective and preventive actions taken.

These procedures shall require that all proposed corrective and preventive actions shall be reviewed through the risk assessment process prior to implementation.

Any corrective or preventive action taken to eliminate the causes of actual and potential non-conformances shall be appropriate to the magnitude of problems and commensurate with the OH&S risk encountered.

The organization shall implement and record any changes in the documented procedures resulting from corrective and preventive action

  4.5.3 Records and Records Management

The organization shall establish and maintain procedures for the identification, maintenance and disposition of OH&S records, as well as the results of audits and reviews.

OH&S records shall be legible, identifiable and traceable to the activities involved. OH&S records shall be stored and maintained in such a way that they are readily retrievable and protected against damage, deterioration or loss.

Their retention times shall be established and recorded. Records shall be maintained, as appropriate to the system and to the organization, to demonstrate conformance to this OHSAS specification

  4.5.4 Audit

The organization shall establish and maintain an audit programme and procedures for periodic OH&S management system audits to be carried out, in order to:

  1. Determine whether or not the OH&S management system

    1. Conforms to planned arrangements for OH&S management including the requirements of this OHSAS specification

    2. Has been properly implemented and maintained

    3. Is effective in meeting the organization's policy and objectives

  2. Review the results of previous audits

  3. Provide information on the results of audits to management.

The audit programme, including any schedule, shall be based on the results of risk assessments of the organization's activities, and the results of previous audits. The audit procedures shall cover the scope, frequency, methodologies and competencies, as well as the responsibilities and requirements for conducting audits and reporting results. Wherever possible, audits shall be conducted by personnel independent of those having direct responsibility for the activity being examined.

Note: The word "Independent" here does not necessarily mean external to the organization.

  4.6 Management Review

The organization's top management shall, at intervals that it determines, review the OH&S management system, to ensure its continuing suitability, adequacy and effectiveness.

The management review process shall ensure that the necessary information is collected to allow management to carry out this evaluation. This review shall be documented.

The management review shall address the possible need for changes to policy, objectives and other elements of the OH&S management system, in the light OH&S management system audit results, changing circumstances and the commitment to commitment to continual improvement