Q. What is ISO 45001?
ISO 45001 is an international standard for Occupational Health and Safety Management Systems (OHSMS).
It provides a framework to identify, control, and reduce risks associated with workplace health and safety.
The goal is to create a safe and healthy working environment for employees and stakeholders.
Q. What is the purpose of ISO 45001?
To prevent work-related injuries and ill health.
To promote a safe and proactive safety culture within the organization.
To comply with legal and regulatory requirements related to health and safety.
To continually improve occupational health and safety performance.
Q. What are the benefits of implementing ISO 45001 in an organization?
Reduces accidents, injuries, and ill-health incidents.
Improves employee morale, trust, and safety awareness.
Enhances legal compliance and risk management.
Builds reputation and stakeholder confidence.
Leads to productivity improvement and cost reduction due to fewer disruptions.
Q. What is the latest version of ISO 45001 and when was it published?
The latest and first version is ISO 45001:2018.
It was published in March 2018 by the International Organization for Standardization (ISO).
Q. What is meant by an Occupational Health and Safety Management System (OHSMS)?
OHSMS is a structured framework that helps manage health and safety risks in the workplace.
It ensures systematic identification, assessment, and control of hazards.
Aims to protect employees and ensure legal compliance through continuous improvement.
Q. What is the difference between ISO 45001 and OHSAS 18001?
ISO 45001 replaced OHSAS 18001 in March 2021.
ISO 45001 follows the Annex SL structure, aligning with ISO 9001 & 14001.
It focuses more on leadership, risk management, and worker participation.
OHSAS 18001 was procedure-based, while ISO 45001 is process-based and proactive.
Q. What is the PDCA (Plan-Do-Check-Act) cycle in ISO 45001?
Plan: Identify hazards, assess risks, and set OHS objectives.
Do: Implement operational controls and training.
Check: Monitor and evaluate performance and compliance.
Act: Take corrective actions and drive continual improvement.
(This cycle ensures a systematic and continuous approach to safety management.)
Q. How is ISO 45001 aligned with other ISO standards (like 9001 and 14001)?
Uses the Annex SL – High-Level Structure, common to ISO 9001 & ISO 14001.
Promotes integration of Quality, Environment, and Safety systems (QHSE).
Ensures consistency, efficiency, and easier implementation of multiple ISO standards.
Q. What are the key objectives of ISO 45001?
Eliminate hazards and minimize OHS risks.
Promote worker well-being and safe work culture.
Ensure compliance with legal and other requirements.
Continually improve occupational health and safety performance.
Q. Why is employee participation important in ISO 45001?
Workers are closest to potential hazards and can identify risks effectively.
Participation builds ownership, safety culture, and trust.
Encourages reporting of unsafe conditions and continuous improvement.
Ensures the system is realistic, practical, and effective in daily operations.
Q. How many clauses are there in ISO 45001:2018?
ISO 45001:2018 consists of 10 main clauses.
Clauses 1 to 3 are introductory (Scope, Normative References, Terms & Definitions).
Clauses 4 to 10 form the core requirements of the Occupational Health and Safety Management System (OHSMS).
Q. Name the main clauses of ISO 45001.
Clause 1: Scope
Clause 2: Normative References
Clause 3: Terms and Definitions
Clause 4: Context of the Organization
Clause 5: Leadership and Worker Participation
Clause 6: Planning
Clause 7: Support
Clause 8: Operation
Clause 9: Performance Evaluation
Clause 10: Improvement
Q. What is Clause 4 — Context of the Organization?
Focuses on understanding internal and external issues that can impact OHSMS.
Requires identification of interested parties and their needs.
Defines the scope of the OHSMS.
Ensures the organization’s OHSMS is aligned with its strategic direction and objectives.
Q. What does Clause 5 — Leadership and Worker Participation mean?
Emphasizes top management’s active role in promoting health and safety.
Leaders must demonstrate commitment, accountability, and communication.
Ensures consultation and participation of workers in OHS decision-making.
Builds a strong safety culture through involvement at all levels.
Q. What is Clause 6 — Planning?
Focuses on identifying hazards, assessing risks, and determining controls.
Addresses legal and other requirements related to OHS.
Involves setting OHS objectives and planning actions to achieve them.
Ensures proactive management of risks and opportunities.
Q. What is Clause 7 — Support?
Covers the resources, competence, awareness, communication, and documentation needed for OHSMS.
Ensures training and awareness of all employees.
Manages documented information for proper control and traceability.
Strengthens the system’s foundation through adequate support mechanisms.
Q. What is Clause 8 — Operation?
Deals with implementation and control of operational processes.
Includes hazard elimination, risk reduction, and emergency preparedness.
Ensures operational activities are carried out safely and under control.
Focuses on contractor management and change control.
Q. What is Clause 9 — Performance Evaluation?
Involves monitoring, measurement, analysis, and evaluation of OHS performance.
Requires conducting internal audits and management reviews.
Helps ensure effectiveness, compliance, and continual improvement.
Promotes data-driven decision-making for better OHS outcomes.
Q. What does Clause 10 — Improvement cover?
Focuses on corrective actions and continual improvement of OHSMS.
Encourages investigation of incidents and nonconformities.
Aims to eliminate root causes and prevent recurrence.
Drives a culture of learning and proactive enhancement of safety performance.
Q. What is meant by “Annex SL” in ISO standards?
Annex SL is the common framework and structure for all modern ISO management system standards.
Provides 10 standardized clauses and consistent terminology.
Enables easy integration of multiple ISO systems (e.g., ISO 9001, 14001, 45001).
Promotes efficiency, consistency, and alignment across different management systems.
Q. What are “hazards,” “risks,” and “opportunities” in ISO 45001?
Hazard: Anything with the potential to cause injury or ill health (e.g., machinery, noise, chemicals).
Risk: The likelihood and severity of harm occurring due to a hazard.
Opportunity: A situation or condition that can improve OHS performance (e.g., new safety technology or process improvement).
(ISO 45001 focuses on identifying, assessing, and managing all three proactively.)
Q. What is “risk-based thinking”?
A proactive approach to identify and control potential hazards and risks before incidents occur.
Ensures preventive measures are integrated into daily activities.
Helps organizations prioritize actions based on the severity and probability of risks.
Promotes continuous improvement and informed decision-making.
Q. What is a “near miss”?
An unplanned event that did not result in injury or damage, but had the potential to do so.
Serves as an early warning to prevent future incidents.
Reporting and analyzing near misses help in identifying root causes and improving safety systems.
Q. What is a “nonconformity”?
A deviation or failure to meet a specified requirement of the OHSMS, regulation, or internal policy.
Can arise from incorrect procedures, lack of training, or process failures.
Requires corrective action to prevent recurrence.
Q. What is “corrective action”?
A step taken to eliminate the cause of a detected nonconformity or incident.
Focuses on root cause analysis rather than temporary fixes.
Ensures prevention of recurrence and improves system reliability.
Q. What is “preventive action”?
Action taken to eliminate potential causes of nonconformity or incidents before they occur.
In ISO 45001, preventive actions are embedded through risk-based thinking.
Aims for proactive prevention rather than reactive correction.
Q. What is the difference between incident and accident?
Incident: Any undesired event that could result — or has resulted — in harm or loss.
Accident: An incident that actually causes injury, illness, or damage.
All accidents are incidents, but not all incidents are accidents.
Q. What is meant by “consultation and participation of workers”?
Workers are actively involved in identifying hazards, assessing risks, and decision-making.
Encourages open communication and feedback on safety issues.
Builds a safety culture through shared responsibility and trust.
Required under Clause 5.4 of ISO 45001 for effective OHSMS implementation.
Q. What is a “safe work environment”?
A workplace free from hazards and risks that could cause injury or ill health.
Ensures proper controls, training, PPE, and safety systems are in place.
Promotes physical, mental, and social well-being of all employees.
Achieved through continual monitoring, maintenance, and improvement.
Q. What is “hierarchy of controls”?
A systematic approach to control and reduce workplace risks in order of effectiveness:
1. Elimination – Remove the hazard completely.
2. Substitution – Replace with a less hazardous option.
3. Engineering Controls – Isolate people from the hazard.
4. Administrative Controls – Change work methods or policies.
5. PPE (Personal Protective Equipment) – Provide protective gear as the last line of defense.
The higher levels offer more reliable and sustainable control over workplace risks.
Q. What are “interested parties” in ISO 45001?
Interested parties are individuals or organizations affected by or having an interest in the organization’s OHS performance.
Examples include employees, contractors, customers, regulators, suppliers, shareholders, and local communities.
Understanding their needs helps ensure the OHSMS remains relevant and effective.
Q. What is meant by “compliance obligations”?
Refers to legal and other requirements that the organization must follow regarding occupational health and safety.
Includes laws, regulations, industry standards, codes of practice, and agreements with stakeholders.
Ensures the organization meets its legal duties and maintains a strong compliance culture.
Q. What is “documented information”?
Any information that must be controlled and maintained by the organization.
Includes policies, procedures, records, manuals, reports, and other documents.
Ensures consistency, traceability, and evidence of OHSMS implementation.
Controlled through proper versioning, review, and approval processes.
Q. What is “emergency preparedness and response”?
The process of identifying potential emergency situations (e.g., fire, chemical spill, explosion).
Involves planning, training, and establishing procedures to handle emergencies effectively.
Regular drills, reviews, and updates ensure readiness and minimize impact.
Objective: Protect life, environment, and property during emergencies.
Q. What is “legal and other requirements” in ISO 45001?
These are mandatory and voluntary obligations related to occupational health and safety.
“Legal” covers government laws and regulations; “Other” includes industry codes, customer or corporate commitments.
Organizations must identify, access, and comply with these requirements regularly.
Non-compliance can lead to legal penalties and reputational damage.
Q. How do you determine internal and external issues affecting OHSMS?
Conduct SWOT or PESTLE analysis to identify factors impacting OHSMS.
Internal issues: culture, resources, processes, employee competence.
External issues: legal changes, social expectations, technology, economy.
Helps in strategic planning and aligning OHSMS with business goals.
Q. Who are the interested parties in your organization’s OHSMS?
Internal: Employees, management, contractors, unions.
External: Customers, suppliers, regulatory bodies, insurance agencies, and local communities.
Their needs and expectations influence safety policies, performance targets, and communication methods.
Q. How does leadership demonstrate commitment to OHSMS?
By establishing and communicating the OHS policy.
Allocating resources for OHSMS implementation.
Leading by example and ensuring compliance with safety rules.
Encouraging participation and ensuring worker safety awareness.
Reviewing performance and driving continual improvement.
Q. What are the roles and responsibilities of top management under ISO 45001?
Provide leadership and direction for the OHSMS.
Ensure OHS objectives align with the organization’s strategic goals.
Promote a positive safety culture and ensure worker involvement.
Comply with legal obligations and allocate necessary resources.
Review and improve OHS performance through regular evaluation.
Q. How do you ensure worker participation and consultation?
Establish formal channels (meetings, safety committees, suggestion systems).
Conduct toolbox talks, training sessions, and feedback programs.
Encourage reporting of hazards, near misses, and unsafe acts without fear.
Ensure workers are involved in risk assessments and policy development.
Promotes shared responsibility and continuous improvement.
Q. What is an OH&S policy?
A formal statement of the organization’s commitment to provide a safe and healthy workplace.
Reflects the organization’s values, objectives, and legal obligations.
Must include commitments to eliminate hazards, fulfill compliance obligations, and continually improve OHS performance.
Communicated to all employees and made available to interested parties.
Q. What should be included in the OH&S policy?
Commitment to provide safe and healthy working conditions.
Commitment to eliminate hazards and reduce OH&S risks.
Commitment to fulfill legal and other compliance obligations.
Commitment to consultation and participation of workers.
Commitment to continual improvement of OH&S performance.
(It should be documented, communicated, implemented, and periodically reviewed.)
Q. How do you communicate the policy to employees?
Through induction training and safety awareness programs.
Displaying the policy on notice boards, intranet, and workplace areas.
Toolbox talks and meetings for reinforcement.
Ensuring employees understand their role in achieving the policy’s objectives.
Using two-way communication to promote engagement.
Q. How is leadership accountability defined in ISO 45001?
Top management is accountable for preventing work-related injury and ill health.
They must lead by example, ensuring OHSMS is integrated into business operations.
Assign roles, responsibilities, and authority clearly across all levels.
Ensure availability of resources, compliance, and continual improvement.
Accountability cannot be delegated, though responsibilities can.
Q. What is the role of safety committees under ISO 45001?
Serve as a platform for consultation and participation between management and workers.
Review incidents, near misses, and risk assessments.
Recommend improvements in safety practices and policies.
Promote a positive safety culture and awareness across the organization.
Ensure effective communication of health and safety matters.
Q. How do you identify hazards in your workplace?
Conduct workplace inspections and job safety analyses (JSA).
Review incident and near-miss reports.
Perform task observations and employee interviews.
Analyze equipment manuals, MSDS, and change management activities.
Use risk assessment tools to continuously identify potential hazards.
Q. What methods are used for risk assessment?
Qualitative and quantitative assessments.
Risk matrix (Likelihood × Severity) approach.
Job Safety Analysis (JSA) and Hazard and Operability (HAZOP) studies.
Failure Mode and Effects Analysis (FMEA).
What-if analysis and checklists for routine evaluation.
Q. What are the steps in risk assessment?
1. Identify hazards – what can cause harm.
2. Assess risks – determine likelihood and severity.
3. Evaluate and prioritize risks – based on risk ranking.
4. Implement control measures – to eliminate or reduce risks.
5. Monitor and review effectiveness – ensure controls are working.
Q. What is the difference between hazard identification and risk evaluation?
Hazard identification is the process of recognizing anything that can cause harm.
Risk evaluation determines the level of risk by analyzing the likelihood and severity of harm.
Hazard identification is qualitative, while risk evaluation is quantitative or semi-quantitative.
Together, they form the foundation of risk management.
Q. How do you determine opportunities in OH&S?
Analyze incident trends, audit findings, and employee feedback.
Identify areas for improvement in processes or equipment.
Explore technological upgrades or training improvements.
Use risk assessments to find opportunities for better performance.
Opportunities help enhance safety culture and operational efficiency.
Q. What is meant by “elimination of hazards”?
The most effective control measure in the hierarchy of controls.
Involves completely removing the hazard source from the workplace.
Example: replacing manual lifting with automated systems.
Prevents the hazard from posing any risk to employees.
Q. What are control measures in ISO 45001?
Actions taken to minimize or eliminate risks arising from hazards.
Based on the Hierarchy of Controls:
1. Elimination – remove the hazard.
2. Substitution – replace with safer options.
3. Engineering Controls – isolate or redesign processes.
4. Administrative Controls – implement safe work procedures.
5. PPE – provide personal protective equipment as the last resort.
Aim: Reduce risk to acceptable levels and protect workers effectively.
Q. What are examples of engineering and administrative controls?
Engineering Controls: Physical changes to reduce exposure to hazards.
Examples: Machine guards, ventilation systems, noise enclosures, safety interlocks, automation.
Administrative Controls: Procedural or policy-based measures to manage risk.
Examples: Job rotation, work permits, SOPs, signage, rest breaks, supervision, safety training.
(Engineering controls are preferred as they eliminate risk at the source.)
Q. How do you manage legal and regulatory requirements?
Identify applicable laws and standards related to OH&S.
Maintain a compliance register updated regularly.
Monitor changes in legislation and communicate updates.
Conduct periodic legal compliance audits.
Ensure records and evidence of compliance are maintained.
Q. What is a risk register?
A documented record of all identified hazards, risks, and their controls.
Contains details like risk description, likelihood, severity, controls, and responsibility.
Helps in monitoring, prioritizing, and reviewing OHS risks effectively.
Acts as a living document updated during audits or process changes.
Q. How often is the risk assessment reviewed?
At least annually, or as defined by company policy.
After incidents, near misses, or significant changes in processes.
When new equipment, materials, or personnel are introduced.
Ensures current controls remain effective and relevant.
Q. What is the difference between proactive and reactive monitoring?
Proactive Monitoring: Preventive approach — identifies and corrects issues before incidents occur.
Examples: Inspections, audits, safety observations, preventive maintenance.
Reactive Monitoring: Response-based — analyzes events after they occur.
Examples: Incident reports, accident investigations, trend analysis.
Both are essential for continuous improvement in safety performance.
Q. What is “management of change” (MOC)?
A systematic process to manage changes that may impact OH&S.
Ensures that hazards introduced by changes (e.g., new equipment, materials, processes) are identified and controlled.
Involves risk assessment, communication, training, and approval before implementation.
Prevents unintended safety consequences during transitions.
Q. How do you manage contractors’ safety under ISO 45001?
Pre-qualification and evaluation of contractor safety performance.
Induction and safety orientation before work starts.
Include safety clauses in contracts and agreements.
Monitor and audit contractor activities regularly.
Ensure contractors follow site rules, PPE, and reporting requirements.
Q. How do you control procurement from an OH&S perspective?
Evaluate suppliers and materials for compliance with OH&S standards.
Include safety criteria in purchase specifications and supplier assessments.
Ensure equipment and substances meet legal and safety requirements.
Communicate hazards and control measures to users during delivery or installation.
Promote safe and sustainable purchasing decisions.
Q. What is competence in ISO 45001?
Defined as the ability to apply knowledge and skills to perform tasks safely and effectively.
Includes education, training, skills, and experience relevant to the role.
Ensures that workers can recognize and control hazards in their work area.
Q. How do you ensure workers are competent for their roles?
Identify competency requirements for each job.
Provide relevant training and mentoring programs.
Evaluate skills and understanding through assessments or observation.
Maintain competency records and refresh training periodically.
Address gaps through retraining or reassignment.
Q. What training is required under ISO 45001?
Induction training for new employees and contractors.
Job-specific safety training (hazard awareness, PPE use, safe work procedures).
Emergency response training (fire, first aid, evacuation).
Refresher and awareness training for ongoing competency.
Leadership and internal auditor training for key personnel.
Q. How do you verify training effectiveness?
Conduct post-training assessments or quizzes.
Observe job performance to ensure skills are applied correctly.
Review incident trends and compliance after training.
Seek feedback from employees and supervisors.
Use results to improve future training programs.
Q. How do you communicate safety information internally?
Through meetings, toolbox talks, emails, posters, intranet, and notice boards.
Two-way communication channels for feedback and suggestions.
Regular safety bulletins and performance updates.
Use simple, clear language suitable for all employees.
Encourages awareness, engagement, and proactive participation in OH&S.
Q. What is external communication in ISO 45001?
Refers to the exchange of OH&S information with external stakeholders such as authorities, customers, suppliers, and the public.
Ensures transparent communication about incidents, compliance status, or emergencies.
Must be controlled, documented, and approved to prevent misinformation.
Promotes trust, legal compliance, and community confidence.
Q. What are controls for documented information?
Ensures all OHSMS documents are created, reviewed, approved, and updated systematically.
Documents must be readily available, legible, and protected from loss or damage.
Controls include version control, access restriction, and archival procedures.
Prevents use of outdated or incorrect information in safety-critical operations.
Q. How do you handle obsolete documents?
Withdraw obsolete documents from points of use immediately.
Label or stamp them as “Obsolete” to avoid misuse.
Retain copies if required for legal or reference purposes.
Follow the document control procedure to ensure proper tracking and disposal.
Q. How is awareness ensured among employees and contractors?
Through training sessions, safety inductions, and toolbox talks.
Displaying policies, safety signs, and posters in the workplace.
Periodic refreshers and behavioral safety programs.
Ensure everyone knows their roles, risks, and safety responsibilities.
Evaluate awareness during audits and safety observations.
Q. What are examples of OH&S communications?
Internal: Safety meetings, bulletin boards, intranet updates, emails, safety alerts.
External: Reports to regulatory bodies, contractors, suppliers, and the public.
Incident notifications, emergency updates, or compliance reports.
Aim is to share relevant safety information quickly and clearly.
Q. What is operational planning and control in ISO 45001?
The process of planning and implementing controls to ensure safe work operations.
Involves risk assessments, safe work procedures, and emergency planning.
Ensures outsourced, contracted, and internal operations meet OH&S requirements.
Supports consistent and safe execution of daily activities.
Q. How do you control outsourced processes?
Clearly define safety requirements and responsibilities in contracts.
Evaluate the competence and performance of service providers.
Monitor and audit their activities to ensure compliance.
Maintain effective communication and documentation of their work.
Ensure alignment with the organization’s OHSMS standards.
Q. What are safe work procedures?
Step-by-step written instructions to perform tasks safely and efficiently.
Developed through risk assessment and worker consultation.
Include hazards, PPE, precautions, and emergency steps.
Aim to standardize operations and minimize risks during work activities.
Q. What is lockout-tagout (LOTO) and why is it important?
LOTO is a safety procedure used to isolate and lock energy sources before maintenance or repair.
Prevents unexpected start-up or release of energy that can cause injury.
Involves locks, tags, and authorized personnel for control.
Critical for protecting workers from electrocution, burns, or mechanical hazards.
Q. What is permit-to-work (PTW)?
A formal written authorization to perform high-risk or non-routine tasks.
Specifies work scope, hazards, precautions, and responsible persons.
Common for jobs like hot work, confined space entry, and electrical maintenance.
Ensures coordinated safety control and hazard mitigation before work begins.
Q. How do you ensure emergency preparedness?
Identify potential emergency scenarios through risk assessments.
Develop and maintain Emergency Preparedness and Response Plans (EPRP).
Conduct training and mock drills regularly for employees and contractors.
Ensure emergency equipment (alarms, extinguishers, PPE) is maintained and accessible.
Periodically review and update plans based on drill results and incidents.
Q. What are examples of emergency situations?
Fire or explosion in plant areas.
Chemical spills or gas leaks.
Electrical shock or power failure.
Natural disasters like earthquakes, floods, or storms.
Medical emergencies or accidents at the workplace.
Security breaches or evacuation scenarios.
Q. How often do you conduct emergency drills?
Typically once every 6 to 12 months, depending on the risk level.
High-risk operations may require quarterly drills.
Additional drills conducted after process changes, incidents, or legal updates.
Ensures readiness and effectiveness of emergency response teams.
Q. How do you evaluate emergency preparedness effectiveness?
Review response time, communication, and coordination during drills.
Conduct post-drill debriefings and collect participant feedback.
Identify gaps or delays and implement corrective actions.
Update emergency procedures and training based on findings.
Maintain records and performance reports for continuous improvement.
Q. What steps do you take during an accident investigation?
1. Secure the area to prevent further injury or damage.
2. Gather evidence (photos, witness statements, equipment condition).
3. Analyze root causes using methods like the “5 Whys” or “Fishbone Diagram.”
4. Recommend corrective and preventive actions.
5. Document findings and communicate to all relevant personnel.
6. Monitor effectiveness of implemented actions.
Q. What is performance evaluation in ISO 45001?
The process of monitoring, measuring, analyzing, and reviewing OHS performance.
Ensures that objectives, policies, and legal requirements are being met.
Involves internal audits, compliance evaluations, and management reviews.
Drives evidence-based improvement in OHSMS.
Q. What are leading and lagging indicators in safety performance?
Leading Indicators:
Proactive measures showing how safety is being managed.
Examples: Number of safety trainings, audits completed, near-miss reports, preventive actions.
Lagging Indicators:
Reactive measures showing what has already happened.
Examples: Lost Time Injury Frequency Rate (LTIFR), total incidents, severity rate.
Both together provide a balanced view of safety performance.
Q. What are examples of safety KPIs?
Lost Time Injury Frequency Rate (LTIFR).
Total Recordable Incident Rate (TRIR).
Number of Near Misses Reported.
Corrective Actions Closed on Time.
Percentage of Trained Employees.
Number of Safety Audits Conducted.
Emergency Drill Performance Score.
(KPIs help monitor safety performance and drive continual improvement.)
Q. How do you conduct internal audits?
Plan the audit schedule based on risk and importance of processes.
Prepare audit checklist referring to ISO 45001 requirements and internal procedures.
Conduct audit objectively, interviewing employees and reviewing records.
Record findings — conformity, nonconformity, and improvement areas.
Report results to management and track corrective actions to closure.
(Ensures the OHSMS remains effective, compliant, and continually improving.)
Q. What are the types of audits — first, second, and third party?
First-Party Audit: Conducted internally by the organization to assess its own OHSMS.
Second-Party Audit: Conducted by customers or other stakeholders on suppliers or contractors.
Third-Party Audit: Conducted by an external certification body for ISO 45001 certification or surveillance.
(Each level increases the degree of independence and objectivity.)
Q. What are the common audit findings in ISO 45001?
Incomplete risk assessments or missing documentation.
Outdated procedures or records not controlled properly.
Lack of employee awareness or training evidence.
Inadequate incident investigation or corrective action tracking.
Improper implementation of operational controls or PPE usage.
Failure to review legal compliance regularly.
Q. What is the difference between major and minor nonconformity?
Major Nonconformity:
Significant failure of the OHSMS or absence of a required process.
Affects the ability to achieve OHS policy or objectives.
Requires immediate corrective action and sometimes re-audit.
Minor Nonconformity:
Isolated deviation that doesn’t impact the overall system.
Needs correction and monitoring, but not immediate re-audit.
Q. How do you verify the effectiveness of corrective actions?
Review evidence of implementation (records, photos, training logs).
Conduct follow-up audits or inspections.
Evaluate whether the issue has recurred or not.
Confirm the root cause was properly addressed.
Update documentation and close the corrective action formally.
Q. What is a management review?
A formal evaluation by top management to assess the performance of the OHSMS.
Ensures the system’s adequacy, suitability, and effectiveness.
Conducted at planned intervals (usually annually).
Drives strategic decisions and continual improvement actions.
Q. What are inputs and outputs of management review?
Inputs:
Results of audits and performance evaluations.
Status of objectives and corrective actions.
Feedback from employees, incidents, and compliance status.
Changes in risks, opportunities, or legal requirements.
Outputs:
Decisions and actions for improvement.
Resource allocation for OHS initiatives.
Revised objectives and policies if needed.
Direction for continual improvement of OHS performance.
Q. What is continual improvement in ISO 45001?
A recurring process of enhancing OHS performance to achieve better results over time.
Involves reducing incidents, improving awareness, and strengthening controls.
Driven by data analysis, audits, feedback, and management review.
Ensures the OHSMS remains dynamic, proactive, and effective.
Q. How do you identify improvement opportunities?
Through internal audits, incident trends, and employee suggestions.
Data analysis of leading and lagging indicators.
Management reviews and risk assessments.
Benchmarking against industry best practices.
Continuous feedback from workers and stakeholders.
Q. What is root cause analysis?
A systematic method to identify the fundamental reason for a problem or nonconformity.
Helps in implementing effective corrective actions to prevent recurrence.
Common tools: 5 Whys, Fishbone Diagram (Ishikawa), Pareto Analysis.
Focuses on addressing causes, not symptoms for long-term improvement.
Q. Name some tools for RCA (5 Why, Fishbone Diagram, etc.).
5 Whys Analysis: Sequential questioning to trace the root cause of a problem.
Fishbone Diagram (Ishikawa): Categorizes possible causes under headings like Man, Machine, Method, Material, etc.
Pareto Analysis (80/20 Rule): Identifies the most significant causes contributing to the majority of problems.
Fault Tree Analysis (FTA): Graphical method showing logical relationships between causes and effects.
Brainstorming / Flowcharting: Used to map and analyze problem processes.
(These tools help identify and eliminate the real cause, not just symptoms.)
Q. What are corrective and preventive actions?
Corrective Action: Action taken to eliminate the cause of a detected nonconformity or incident to prevent recurrence.
Preventive Action: Action taken to eliminate the cause of potential nonconformities before they occur.
Both are based on risk-based thinking and aim to improve system effectiveness.
Example: Corrective—fixing a faulty machine; Preventive—regular inspection to avoid breakdown.
Q. How do you ensure lessons learned from incidents are applied?
Document incident investigations and identified root causes.
Communicate lessons learned through safety meetings, alerts, and training.
Update risk assessments, procedures, and checklists based on findings.
Monitor implementation of corrective actions.
Include in management review for continual improvement.
Q. What is the difference between corrective and preventive maintenance?
Corrective Maintenance: Performed after equipment failure or malfunction to restore functionality.
Preventive Maintenance: Performed regularly and proactively to prevent failures before they happen.
Preventive maintenance reduces downtime and safety risks, while corrective maintenance reacts to issues after they occur.
Q. How do you handle recurring nonconformities?
Conduct a deeper root cause analysis to identify underlying systemic issues.
Review effectiveness of past corrective actions.
Re-train employees if noncompliance is due to lack of awareness.
Update procedures or controls to strengthen prevention.
Monitor closely until recurrence is eliminated.
Q. What is the importance of worker feedback for improvement?
Workers are closest to hazards and daily operations, offering valuable insights.
Encourages a culture of ownership and safety awareness.
Helps identify risks early and propose practical solutions.
Promotes continuous improvement and trust between management and employees.
Directly contributes to reducing incidents and improving morale.
Q. What are examples of continual improvement initiatives in safety?
Regular safety audits and risk reviews to identify improvement areas.
Upgrading PPE or engineering controls based on feedback and technology.
Implementing digital safety reporting systems.
Behavior-based safety programs and training refreshers.
Reward and recognition schemes for proactive safety behavior.
Reducing incident rates or improving safety KPIs year-on-year.
Q. What are key occupational health & safety laws in India?
The Factories Act, 1948 – Governs health, safety, and welfare in manufacturing workplaces.
The Occupational Safety, Health and Working Conditions (OSHWC) Code, 2020 – Consolidates multiple labor laws on safety and working conditions.
The Employees’ Compensation Act, 1923 – Covers compensation for work-related injuries or death.
The Indian Boiler Act, 1923 – Regulates boiler safety.
The Environment (Protection) Act, 1986 – Covers environmental and pollution control aspects.
Q. What is the Factory Act, 1948?
A central legislation ensuring the health, safety, welfare, and working conditions of factory workers.
Applies to premises with 10 or more workers (with power) or 20 or more workers (without power).
Mandates safety measures, working hours, leave, and health provisions.
Aims to prevent accidents, promote well-being, and ensure humane working conditions.
Q. What are the main provisions under the Factories Act related to safety?
Fencing of machinery and use of safety devices.
Provision for ventilation, lighting, and cleanliness.
Appointment of Safety Officers in factories with >1000 workers.
Emergency exits, fire protection, and safety training.
Reporting and investigation of accidents and dangerous occurrences.
Q. What is the role of the Safety Officer under the Factories Act?
Advise management on accident prevention and legal compliance.
Conduct safety inspections, audits, and training programs.
Investigate incidents and recommend corrective actions.
Promote safety awareness and safe work culture among employees.
Maintain records, reports, and liaison with statutory bodies.
Q. What is the meaning of statutory compliance?
Adhering to laws, rules, and regulations set by government or regulatory authorities.
In OH&S, it includes compliance with the Factories Act, OSH Code, and Environmental Laws.
Ensures legal operation, safe workplace, and avoidance of penalties.
Forms a key part of Clause 6.1.3 (Compliance Obligations) in ISO 45001.
Q. How do you ensure compliance with national and local OH&S regulations?
Maintain an updated legal register covering all applicable acts and rules.
Conduct periodic compliance audits and inspections.
Train employees and management on legal requirements.
Track statutory renewals (licenses, permits, consents).
Ensure timely reporting to regulatory authorities.
Q. What are key registers and records maintained for safety?
Accident and dangerous occurrence register.
Health examination records and medical reports.
Safety training and PPE issuance records.
Machine maintenance and inspection registers.
Fire and emergency drill reports.
Legal compliance and audit reports.
Q. How do you evaluate compliance obligations?
Identify all applicable legal, regulatory, and customer requirements.
Review compliance status through periodic audits or inspections.
Assess risks and consequences of non-compliance.
Update documentation and take corrective actions if gaps are found.
Report findings in management reviews for continual improvement.
Q. What is the purpose of periodic safety inspections?
To identify unsafe conditions, practices, or equipment early.
Ensure ongoing compliance with safety standards and legal norms.
Verify effectiveness of control measures implemented.
Prevent incidents through timely corrective actions.
Promote a culture of safety vigilance and accountability.
Q. How do you demonstrate compliance to auditors?
Present updated legal register and compliance matrix.
Show records of inspections, training, and incident investigations.
Provide permits, licenses, and renewal documents.
Demonstrate evidence of implementation — signage, PPE, risk assessments.
Ensure employee interviews reflect awareness of OH&S policies and rules.
Q. What is an incident investigation procedure?
A systematic process used to determine the root causes of incidents or near misses.
Aims to prevent recurrence by identifying hazards, failures, and improvement areas.
Includes reporting, investigation, analysis, corrective action, and follow-up.
Ensures compliance with ISO 45001 Clause 10.2 (Incident and Nonconformity Handling).
Q. What are the steps in conducting an incident investigation?
1. Report the incident immediately to the safety department.
2. Secure the area to prevent further harm.
3. Collect evidence — photos, witness statements, equipment data.
4. Analyze root causes using tools like 5 Whys or Fishbone Diagram.
5. Recommend corrective and preventive actions.
6. Document findings and communicate results.
7. Follow up to verify action effectiveness.
Q. Who should be part of the investigation team?
Safety Officer / EHS Manager – Leads the investigation.
Department Supervisor – Provides operational insight.
Employee Representative / Worker Involved – Shares firsthand experience.
Maintenance / Engineering Staff – Assists in technical analysis.
HR or Management Representative – Ensures accountability and support.
Q. How do you classify incidents (near miss, LTI, fatal)?
Near Miss: An event with potential to cause harm but did not.
First Aid Case: Minor injury treated on-site, no lost time.
Medical Treatment Case: Injury requiring medical care beyond first aid.
Lost Time Injury (LTI): Injury causing an employee to miss workdays.
Fatal Incident: Incident resulting in death.
Q. What is “Lost Time Injury” (LTI)?
An injury that results in an employee being unable to work for at least one full shift or day after the incident.
Key indicator of workplace safety performance.
Tracked through LTI frequency rates to monitor trends and improvements.
Q. What is a “Total Recordable Incident Rate” (TRIR)?
A standard metric to measure overall workplace safety performance.
Used for benchmarking safety performance across industries.
Q. What is the difference between corrective and containment action?
Containment Action: Immediate steps to control or minimize impact of a problem.
Example: Stopping a machine after an accident.
Corrective Action: Long-term steps to eliminate the root cause and prevent recurrence.
Example: Installing machine guarding and revising procedures.
Containment is reactive, corrective is preventive and sustainable.
Q. How do you communicate investigation outcomes to workers?
Through toolbox talks, safety meetings, or notice boards.
Share root causes, corrective actions, and key learnings.
Use anonymous summaries to maintain confidentiality.
Encourage feedback and worker participation for improvement.
Reinforce preventive measures to avoid future incidents.
Q. What is an emergency assembly point?
A designated safe location where all employees gather during emergencies or evacuations.
Marked clearly with signage and accessible routes.
Used for headcount verification and further instructions.
Ensures safe evacuation and accountability during crises.
Q. What is the role of mock drills in emergency preparedness?
Test the effectiveness of emergency plans and response procedures.
Evaluate response time, coordination, and communication during emergencies.
Helps identify gaps or weaknesses in preparedness.
Enhances employee confidence and readiness.
Promotes continuous improvement in emergency management.
Q. What would you do if a worker refuses to wear PPE?
Stop the work immediately to prevent exposure to hazards.
Explain the importance and consequences of not wearing PPE.
Re-train or counsel the worker on safety compliance.
If behavior continues, report to supervisor/management for disciplinary action.
Emphasize that PPE is mandatory and part of legal & organizational policy.
Q. If an employee gets injured on-site, what are your immediate actions?
Stop work and ensure the area is safe.
Provide first aid or arrange immediate medical assistance.
Report the incident to the supervisor and safety department.
Secure the scene for investigation and evidence.
Record the incident and initiate root cause analysis and corrective actions.
Q. How would you handle a chemical spill?
Alert personnel and evacuate the area if needed.
Wear appropriate PPE before responding.
Contain and neutralize the spill using spill kits and procedures.
Report the incident to the safety team immediately.
Dispose of waste safely and review preventive measures to avoid recurrence.
Q. During an audit, if you find an unreported near miss, what will you do?
Acknowledge and record the near miss immediately.
Investigate to identify the root cause and potential risk.
Implement corrective and preventive actions.
Educate workers on the importance of near-miss reporting.
Treat it as an opportunity for learning, not blame.
Q. If top management is not showing commitment to ISO 45001, what will you do?
Highlight management responsibilities as per Clause 5 (Leadership).
Present data showing safety performance benefits from ISO 45001.
Engage management in safety reviews and site visits.
Communicate stakeholder expectations and legal obligations.
Promote that leadership involvement drives culture and certification success.
Q. If an external auditor asks for risk assessment records, what will you present?
Documented risk assessment register showing hazards, risks, and controls.
Methodology used (likelihood × severity matrix).
Records of reviews, updates, and approvals.
Evidence of communication and implementation to workers.
Demonstrate that risk assessments are living documents, not one-time exercises.
Q. How do you handle contractors not following site safety rules?
Stop their work immediately if unsafe acts are observed.
Discuss non-compliance with the contractor supervisor.
Conduct retraining and re-orientation if needed.
Issue warnings or penalties as per contract clauses.
Monitor more closely and ensure compliance before resuming work.
Q. What would you do if you find unsafe behavior among workers?
Intervene immediately to stop unsafe action.
Educate the worker on potential risks and safe alternatives.
Identify root causes — lack of awareness, training, or supervision.
Conduct behavior-based safety talks to reinforce safe habits.
Encourage positive reinforcement and peer accountability.
Q. How do you encourage a “safety culture” in your organization?
Lead by example and promote open communication.
Recognize and reward safe behaviors.
Conduct regular safety awareness campaigns and training.
Engage employees in hazard identification and safety committees.
Build the mindset that safety is everyone’s responsibility, not just management’s.
Q. How would you explain the importance of ISO 45001 to a new worker?
ISO 45001 is a global standard for workplace health and safety.
It ensures safe working conditions, risk control, and accident prevention.
Protects you and your coworkers from injuries or illness.
Demonstrates that the company cares for your well-being.
By following ISO 45001 practices, everyone contributes to a safer workplace.
Q. What is the structure of ISO 45001 based on Annex SL?
ISO 45001 follows the Annex SL High-Level Structure, common to all modern ISO standards.
It consists of 10 main clauses:
1. Scope
2. Normative References
3. Terms and Definitions
4. Context of the Organization
5. Leadership and Worker Participation
6. Planning
7. Support
8. Operation
9. Performance Evaluation
10. Improvement
This structure promotes integration with ISO 9001 (Quality) and ISO 14001 (Environment).
Q. What are the main changes between OHSAS 18001 and ISO 45001?
ISO 45001 adopts the Annex SL structure for easy integration with other ISO systems.
Strong focus on leadership and worker participation.
Introduces risk-based thinking and organizational context.
Emphasizes proactive hazard prevention rather than reactive control.
Moves from a procedural approach to a process-based approach.
OHSAS 18001 required a management representative, ISO 45001 makes leadership fully accountable.
Q. What is the importance of “context of the organization” in ISO 45001?
Helps the organization understand internal and external factors affecting OH&S performance.
Ensures the OHSMS is aligned with business strategy and operational realities.
Promotes a customized approach to risk management.
Encourages proactive identification of challenges and opportunities.
Forms the foundation for defining scope and planning controls.
Q. What are examples of internal and external issues in OHSMS?
Internal Issues:
Organizational culture, employee competence, resources, infrastructure, technology.
External Issues:
Legal requirements, economic conditions, suppliers, community expectations, technological trends.
Identifying these ensures better preparedness and system effectiveness.
Q. Who are the interested parties in occupational health and safety?
Internal: Employees, managers, contractors, unions.
External: Customers, suppliers, regulators, insurers, shareholders, local communities.
Their needs and expectations influence OHS objectives, policies, and compliance obligations.
Q. How do you determine the needs and expectations of workers and interested parties?
Conduct meetings, surveys, and consultations with employees and stakeholders.
Review legal and regulatory requirements.
Analyze customer, community, or insurance expectations.
Record and review in OHSMS documentation.
Ensure these are considered during risk assessment and policy formulation.
Q. What is the importance of leadership commitment in ISO 45001?
Leadership drives safety culture, policy, and strategic alignment.
Ensures resources, training, and communication are available for OHSMS.
Builds trust and motivation among employees.
Demonstrates visible involvement in safety initiatives and reviews.
Without leadership commitment, OHSMS effectiveness cannot be sustained.
Q. How is accountability of top management defined?
Top management is fully accountable for OH&S performance and compliance.
Must ensure OHSMS is integrated into the organization’s processes.
Responsible for policy implementation, risk management, and continual improvement.
Must consult and engage workers in key decisions.
Accountability cannot be delegated, though responsibilities can.
Q. What are the roles of the OHS management representative?
(Although ISO 45001 does not mandate a specific “management representative,” organizations may assign one.)
Coordinate and monitor OHSMS implementation.
Facilitate communication between management and workers.
Maintain documentation and ensure compliance with ISO 45001 requirements.
Organize audits, reviews, and corrective actions.
Act as a link between management, workforce, and auditors.
Q. How do you integrate OHSMS into organizational strategy?
Align OHS objectives with business goals and risk management processes.
Include OH&S performance in strategic planning and management reviews.
Allocate budget and resources for safety improvements.
Promote cross-functional involvement in safety planning.
Use OHS data and trends to influence corporate decisions and drive sustainability.
Q. What is the procedure for hazard identification?
Step 1: Review all work activities, processes, and equipment.
Step 2: Identify potential hazards — physical, chemical, ergonomic, etc.
Step 3: Consult workers and review incident/near-miss data.
Step 4: Document findings in a hazard register.
Step 5: Evaluate existing controls and determine need for improvement.
Step 6: Update regularly and whenever changes occur.
(This forms the foundation for effective risk assessment and control.)
Q. Give examples of workplace hazards (physical, chemical, ergonomic, etc.).
Physical Hazards: Noise, vibration, heat, radiation, slips, and trips.
Chemical Hazards: Fumes, vapors, gases, acids, solvents.
Biological Hazards: Viruses, bacteria, mold, waste.
Ergonomic Hazards: Poor posture, repetitive strain, manual handling.
Psychosocial Hazards: Stress, harassment, long hours.
Mechanical Hazards: Moving machinery, unguarded parts, pressure systems.
Q. What are psychosocial hazards?
Hazards that affect mental health or emotional well-being of workers.
Examples: Work stress, bullying, job insecurity, shift work, high workload, lack of support.
Can lead to fatigue, anxiety, burnout, or depression.
Controlled by work-life balance policies, counseling, and supportive supervision.
Q. What is the difference between hazard, risk, and danger?
Hazard: Source with potential to cause harm (e.g., electricity).
Risk: Probability and severity of harm occurring (e.g., electric shock due to faulty wire).
Danger: The actual exposure or condition where harm is imminent.
(Hazard → Risk → Danger = sequence leading to harm if uncontrolled.)
Q. How do you assess the severity and likelihood of a risk?
Use a risk matrix combining two factors:
Severity: Potential consequence if the hazard occurs (minor, major, fatal).
Likelihood: Probability of the event occurring (rare, possible, frequent).
Risk Level = Severity × Likelihood
Based on the score, classify risks as Low, Medium, or High and plan control actions accordingly.
Q. What tools are used for risk assessment (HIRA, JSA, FMEA, etc.)?
HIRA (Hazard Identification and Risk Assessment): Identifies hazards, assesses risks, and defines controls.
JSA (Job Safety Analysis): Breaks down each task step to identify specific risks and controls.
FMEA (Failure Mode and Effects Analysis): Evaluates potential failure points and their impact.
HAZOP (Hazard and Operability Study): Used for process industries to assess system deviations.
Risk Matrix: Used for simple visual risk prioritization.
Q. What is ALARP (As Low As Reasonably Practicable)?
A principle of risk reduction used in ISO 45001.
Means reducing risk to the lowest level that is reasonably achievable, considering cost, time, and effort.
Ensures that all practical controls are implemented unless the cost is grossly disproportionate to the benefit.
Promotes balanced, practical, and sustainable safety management.
Q. What is the difference between proactive and reactive safety management?
Proactive Safety:
Prevents incidents by identifying and controlling risks in advance.
Involves inspections, audits, training, and near-miss reporting.
Reactive Safety:
Responds to incidents after they occur.
Focuses on investigations, corrective actions, and data analysis.
Proactive = Prevention; Reactive = Response.
Effective OHSMS combines both for continual improvement.
Q. How often should risk assessments be reviewed?
At least annually or as per company policy.
After any incident, process change, or introduction of new equipment.
When legislation or workplace conditions change.
Periodic reviews ensure the assessment remains accurate, current, and effective.
Q. How do you control risks associated with non-routine tasks?
Conduct specific risk assessment before the task begins.
Issue a Permit-to-Work (PTW) for authorization and control.
Provide job-specific training and supervision.
Use appropriate PPE and emergency readiness measures.
Conduct post-job review to capture lessons learned.
(Non-routine tasks require extra precautions due to unfamiliarity and unique hazards.)
Q. How are workers involved in safety decision-making?
Workers are consulted during risk assessments and policy development.
Participate in safety committees and incident investigations.
Report hazards and suggest improvements through feedback systems.
Involvement ensures ownership, awareness, and stronger compliance.
Builds trust and supports a bottom-up approach to safety.
Q. How do you ensure worker consultation in OHSMS?
Establish formal channels like safety meetings and suggestion boxes.
Conduct toolbox talks and training sessions for open discussion.
Include workers in risk assessments and control planning.
Encourage anonymous feedback to overcome hesitation.
Recognize and act on worker input to strengthen engagement.
Q. What are typical safety committee responsibilities?
Review incidents, near misses, and risk assessments.
Recommend corrective actions and monitor their closure.
Promote awareness campaigns and training programs.
Ensure compliance with safety policies and legal requirements.
Serve as a communication bridge between management and workers.
Q. How do you motivate employees to report near misses?
Foster a no-blame reporting culture.
Simplify reporting systems (verbal, digital, or paper-based).
Recognize and reward proactive reporting.
Share lessons learned from reported cases.
Ensure confidentiality and demonstrate visible management support.
Q. What are methods to improve communication between management and workers?
Conduct regular meetings and open forums for feedback.
Use multiple communication tools — posters, emails, intranet, TBTs.
Ensure two-way communication — not just top-down.
Translate key messages into local languages.
Build trust through transparency and timely action on issues raised.
Q. How do you promote a positive safety culture?
Lead by example — leadership involvement in safety.
Reward safe behavior and recognize compliance.
Conduct continuous training and awareness programs.
Encourage open communication and reporting of hazards.
Make safety a core value, not just a policy.
Q. What is a toolbox talk (TBT) and why is it important?
A short, focused discussion held before starting work.
Covers specific job hazards, safe practices, and controls.
Promotes daily awareness and hazard recognition.
Encourages worker participation and feedback.
Helps prevent incidents through timely reminders and teamwork.
Q. What is behavioral-based safety (BBS)?
A proactive safety approach focusing on identifying and improving unsafe behaviors.
Involves observing, coaching, and reinforcing safe actions.
Encourages workers to take responsibility for their own and others’ safety.
Reduces accidents by changing attitudes and habits, not just rules.
Q. How do you measure safety culture?
Conduct safety perception surveys and interviews.
Analyze near-miss reports, audit findings, and training participation.
Track leading indicators (observations, engagement) and lagging indicators (incident rates).
Assess management commitment and worker involvement.
Use findings to set improvement goals and monitor progress.
Q. How do you manage language barriers in worker communication?
Use multilingual signs, posters, and training materials.
Conduct training in local languages with visual aids and demonstrations.
Employ interpreters or bilingual supervisors when necessary.
Use pictograms, color codes, and simple instructions for clarity.
Encourage peer mentoring and feedback to ensure understanding.
Q. What documents are mandatory under ISO 45001:2018?
Scope of the OHSMS.
OH&S Policy and Objectives.
Hazard identification and risk assessment records.
Competence, training, and awareness records.
Communication and consultation procedures.
Emergency preparedness and response plan.
Internal audit and management review records.
Incident, nonconformity, and corrective action reports.
(These documents demonstrate compliance and effective system implementation.)
Q. What is “documented information”?
Refers to information that must be controlled and maintained by the organization.
Includes both documents (procedures, policies) and records (evidence of implementation).
Can be in any format — digital, paper, or electronic.
Ensures consistency, traceability, and compliance within the OHSMS.
Q. What is the purpose of document control?
To ensure that only current and approved versions of documents are in use.
Prevents use of obsolete or unauthorized documents.
Ensures availability, accuracy, and integrity of information.
Supports audit readiness and regulatory compliance.
Q. How do you ensure version control for documents?
Assign unique document numbers and revision levels.
Maintain a document master list showing revision history.
Require approval before issue or update.
Track changes and communicate updates to all relevant users.
Use controlled electronic systems or stamps for version identification.
Q. What is a record retention policy?
Defines how long specific documents and records are kept before disposal.
Ensures availability for audits, legal, and operational requirements.
Based on statutory and company-defined durations.
Includes procedures for secure storage and safe disposal.
Q. What are examples of OHSMS records?
Risk assessment and hazard control records.
Training attendance and competency evaluations.
Incident and near-miss reports.
PPE issuance and inspection records.
Audit, inspection, and management review reports.
Emergency drill and maintenance logs.
Q. How do you ensure confidentiality of health and safety records?
Restrict access to authorized personnel only.
Store records in locked cabinets or password-protected systems.
Ensure compliance with data protection and privacy laws.
Obtain consent before sharing sensitive medical information.
Conduct periodic reviews of access permissions.
Q. What is a “document master list”?
A central register that tracks all controlled documents within the OHSMS.
Includes details like document number, title, issue date, revision level, and owner.
Ensures quick retrieval and identification of current versions.
Used by auditors to verify document control effectiveness.
Q. What is the process for controlling obsolete documents?
Withdraw obsolete versions from circulation immediately.
Mark or stamp them as “Obsolete” to prevent accidental use.
Retain copies if needed for legal or reference purposes.
Update the master list to reflect the document’s status.
Dispose securely when retention period expires.
Q. What are common documentation mistakes during audits?
Using outdated or uncontrolled versions of documents.
Missing signatures, dates, or approvals on forms.
Incomplete or inconsistent records for training, risk, or inspection.
Unclear revision tracking or version control.
Failure to implement what’s documented (“paper compliance”).
(Proper documentation is the backbone of audit success and system credibility.)
Q. What kind of training is required under ISO 45001?
Induction training for new employees and contractors.
Job-specific safety training based on risk assessment.
Emergency preparedness and first aid training.
Use of PPE and safe work practices.
Internal audit and leadership training for key personnel.
Refresher training at regular intervals to maintain competence.
Q. How do you identify training needs?
Through competence gap analysis and job role evaluation.
Review incident investigations, audit findings, and risk assessments.
Consult with supervisors and workers for input.
Use performance reviews and feedback to detect weak areas.
Update training needs annually or after process changes.
Q. How do you assess training effectiveness?
Conduct post-training quizzes or practical evaluations.
Observe on-the-job behavior and compliance with safe practices.
Review incident rates or error reductions post-training.
Gather feedback from trainees and supervisors.
Analyze results in management review for improvement.
Q. What are examples of OHS awareness programs?
Safety week campaigns and poster competitions.
Toolbox talks and daily safety briefings.
Fire evacuation and emergency drills.
Health check-up camps and ergonomics workshops.
Behavioral-based safety sessions and safety leadership talks.
Q. How do you ensure contractors receive safety induction?
Conduct mandatory induction before work begins.
Cover site rules, hazards, emergency procedures, and PPE requirements.
Maintain attendance and acknowledgment records.
Issue work permits only after induction completion.
Periodically refresh induction for long-term contractors.
Q. What are the key topics in employee safety training?
Hazard identification and risk control.
Emergency procedures and first aid.
Fire safety and evacuation drills.
PPE usage and maintenance.
Safe operation of machinery and tools.
Incident reporting and communication procedures.
Q. How do you evaluate contractor competence?
Review safety performance history and certifications.
Check training records and compliance documentation.
Conduct site-specific safety orientation and evaluation tests.
Observe work practices during initial operations.
Reassess periodically through audits and performance reviews.
Q. What is the difference between skill and competence?
Skill: The ability to perform a specific task (e.g., welding, machine operation).
Competence: A combination of skills, knowledge, and experience applied safely and effectively.
Competence ensures the person can perform tasks correctly and safely under all conditions.
Q. How do you maintain training records?
Maintain individual training files with certificates and attendance sheets.
Record training type, date, trainer, and evaluation results.
Store records digitally or in hardcopy, ensuring easy retrieval.
Update after each training session and keep per the retention policy.
Ensure availability for audit and performance tracking.
Q. How do you promote continuous learning in OHS?
Schedule regular refresher and advanced training programs.
Encourage employee participation in safety meetings and seminars.
Share lessons learned from incidents and near misses.
Recognize individual contributions to safety improvements.
Integrate OHS topics into daily communication and leadership discussions.
Q. What are operational controls in ISO 45001?
Planned measures and procedures to ensure safe operations and risk reduction.
Derived from risk assessment outcomes and legal requirements.
Include SOPs, work permits, PPE usage, maintenance schedules, and supervision.
Aim to eliminate or minimize OH&S risks during operations.
Ensures consistent, safe, and compliant execution of work activities.
Q. How do you define operational criteria for control?
Based on risk significance, process criticality, and legal obligations.
Define acceptable performance limits and safe work conditions.
Developed through risk assessment, incident analysis, and industry standards.
Documented in procedures, permits, and work instructions.
Reviewed periodically for effectiveness and relevance.
Q. How do you ensure safe operations during maintenance?
Implement Permit-to-Work (PTW) system for maintenance activities.
Follow LOTO procedures to isolate energy sources.
Provide PPE and job-specific training to maintenance staff.
Conduct pre-job risk assessments and toolbox talks.
Supervise and inspect work progress and site conditions.
Q. What is LOTO (Lockout–Tagout) and why is it important?
LOTO is a safety procedure to isolate energy sources before maintenance or repair.
Prevents unexpected startup or release of energy that could cause injury.
Involves locking switches and tagging with warning labels.
Protects workers from electrical, mechanical, or hydraulic hazards.
A critical element of operational control and legal compliance.
Q. What is confined space entry procedure?
Identify and assess confined spaces (e.g., tanks, vessels, pits).
Obtain a Confined Space Entry Permit before entry.
Ensure gas testing, ventilation, PPE, standby personnel, and communication.
Provide rescue plan and emergency equipment.
Supervise continuously during entry operations.
Q. What is work-at-height safety requirement?
Any work performed above 1.8 meters (or as per regulation) is considered “work at height.”
Requires risk assessment and fall protection plan.
Use full body harness, guardrails, scaffolds, or lifelines.
Ensure competent personnel and supervision.
Conduct toolbox talks and inspect equipment before use.
Q. How do you control PPE usage compliance?
Establish clear PPE policy and signage at work areas.
Conduct training and awareness on proper PPE use.
Perform regular inspections and spot checks.
Disciplinary actions or counseling for non-compliance.
Ensure availability, comfort, and maintenance of PPE.
Q. What are administrative vs engineering controls?
Engineering Controls:
Physically isolate or reduce exposure to hazards.
Examples: Machine guards, ventilation systems, automation.
Administrative Controls:
Manage work through procedures and behavior.
Examples: Work permits, training, job rotation, signage.
Engineering controls are more effective as they eliminate hazards at the source.
Q. How do you control outsourced safety-critical operations?
Evaluate and approve contractors based on competence and safety performance.
Clearly define OHS requirements in contracts.
Provide induction and supervision during operations.
Conduct regular audits and performance reviews.
Ensure alignment with the organization’s OHSMS controls.
Q. What is contractor management system in ISO 45001?
A structured approach to managing contractor activities safely.
Covers prequalification, onboarding, supervision, and performance monitoring.
Ensures contractors comply with company and legal safety standards.
Includes risk assessment, PTW, and incident reporting mechanisms.
Promotes safe coordination and accountability across all levels of work.
Q. What is an emergency preparedness plan?
A documented procedure outlining how to respond effectively to potential emergencies.
Ensures protection of people, property, and the environment during crises.
Includes roles, responsibilities, communication flow, evacuation routes, and contact details.
A key requirement under ISO 45001 Clause 8.2 (Emergency Preparedness and Response).
Q. What are common workplace emergencies?
Fire or explosion.
Chemical spills or gas leaks.
Medical emergencies or injuries.
Electrical faults or equipment failure.
Natural disasters (earthquakes, floods, storms).
Security threats or structural collapse.
Q. What are steps to prepare an emergency response plan?
1. Identify potential emergency scenarios through risk assessment.
2. Develop response procedures for each scenario.
3. Assign roles and responsibilities (first-aid, fire wardens, etc.).
4. Provide training and conduct drills.
5. Ensure communication systems and emergency equipment are in place.
6. Review and update the plan periodically.
Q. What is an emergency response team (ERT)?
A trained group of employees responsible for managing emergencies.
Includes fire wardens, first aiders, and evacuation coordinators.
Responds immediately to contain, control, and mitigate incidents.
Works in coordination with local authorities and external responders.
Plays a key role in protecting life and minimizing loss.
Q. How do you evaluate emergency response effectiveness?
Conduct post-drill reviews and debrief sessions.
Measure response time, communication efficiency, and coordination.
Assess equipment functionality and staff awareness.
Record observations and improvement actions.
Update emergency procedures based on findings.
Q. How often do you conduct emergency drills?
At least once a year or as required by legal/regulatory norms.
High-risk operations may conduct drills quarterly or semi-annually.
Drills conducted after major process changes or incidents.
Ensures continuous readiness and system reliability.
Q. What documents should be available during emergencies?
Emergency response plan and contact lists.
Evacuation maps and assembly point details.
Material Safety Data Sheets (MSDS).
First aid and firefighting equipment logs.
Incident reporting and drill evaluation forms.
Emergency equipment inspection checklists.
Q. How do you handle fire or chemical spill emergencies?
Raise the alarm and evacuate personnel safely.
Isolate the source (stop gas supply or shut valves).
Use appropriate fire extinguishers or spill control kits.
Inform emergency response team and local authorities if required.
Account for personnel at the assembly point.
Investigate and record the incident after stabilization.
Q. How do you record and analyze drill performance?
Use a drill observation checklist to record timing and response details.
Document participants, actions taken, and deviations.
Conduct debrief meetings to capture feedback.
Prepare a drill evaluation report with recommendations.
Track and close corrective actions for continual improvement.
Q. What are lessons learned from emergency incidents?
Identify strengths and weaknesses in response procedures.
Highlight communication or coordination gaps.
Improve training, signage, and equipment readiness.
Update emergency plans and re-train staff if needed.
Share lessons with all employees to prevent future occurrences.
Q. What are key performance indicators (KPIs) for safety?
Measurable metrics used to monitor and evaluate OH&S performance.
Common KPIs include:
Lost Time Injury Frequency Rate (LTIFR).
Total Recordable Incident Rate (TRIR).
Near-miss reporting rate.
% of closed corrective actions.
Training completion rate.
Safety audit compliance score.
KPIs help in tracking progress and driving continual improvement.
Q. What is the difference between leading and lagging indicators?
Leading Indicators: Predictive and proactive; measure activities that prevent incidents.
Lagging Indicators: Reactive; measure outcomes after incidents occur.
Leading indicators drive prevention, while lagging indicators reflect results.
Q. Give examples of leading safety indicators.
Number of safety trainings and toolbox talks conducted.
Near-miss reports submitted and acted upon.
Audit and inspection compliance rates.
Behavioral observations completed.
Corrective action closure rate.
(These show proactive safety engagement.)
Q. Give examples of lagging safety indicators.
Number of recordable injuries or fatalities.
Lost Time Injury Frequency Rate (LTIFR).
Property damage incidents.
Work-related illness cases.
Days lost due to injury.
(These measure reactive safety performance outcomes.)
Q. How do you track safety performance trends?
Maintain a safety performance dashboard or trend chart.
Analyze monthly and yearly KPIs for patterns.
Use incident and audit data for performance insights.
Identify increasing or recurring issues for corrective actions.
Present results in management reviews for decision-making.
Q. How do you ensure objectives are measurable and achievable?
Set objectives using the SMART principle:
Specific, Measurable, Achievable, Relevant, Time-bound.
Align with organizational context and risks.
Define clear targets and performance indicators.
Assign responsibilities and monitor progress regularly.
Review results during management reviews.
Q. What is an internal audit and its purpose in OHSMS?
A systematic and independent evaluation of the OHSMS.
Determines whether the system conforms to ISO 45001 requirements.
Identifies gaps, weaknesses, and improvement opportunities.
Ensures effective implementation and readiness for certification or external audits.
Promotes continual improvement and compliance assurance.
Q. How do you plan an internal audit schedule?
Based on risk levels, process criticality, and past audit results.
Cover all clauses and departments within a defined cycle (usually annual).
Prepare a documented audit plan showing scope, criteria, and timing.
Notify auditees in advance and assign trained auditors.
Update the schedule after process or organizational changes.
Q. What is audit evidence?
Objective information used to verify conformity with audit criteria.
Includes records, procedures, interviews, and observations.
Must be verifiable, factual, and unbiased.
Used by auditors to form audit findings and conclusions.
Q. What are common nonconformities found in ISO 45001 audits?
Incomplete or outdated risk assessments.
Lack of evidence for training or competency evaluation.
Poor documentation control or missing records.
Failure to close corrective actions on time.
Inadequate emergency preparedness or communication.
Leadership and worker participation not effectively demonstrated.
Q. What is the Factory Act, 1948 — main safety provisions?
The Factories Act, 1948 ensures health, safety, and welfare of workers in factories.
Key safety provisions include:
Fencing of machinery and machine guarding.
Precautions against fire and explosion.
Ventilation, cleanliness, and safe work environment.
Appointment of Safety Officers (Sec 40-B) for large factories.
Maintenance of lifting tools, pressure vessels, and electrical safety.
Accident reporting and emergency readiness.
Q. What are the key responsibilities of an occupier and manager under the Act?
Occupier:
Ensures overall compliance with the Act and rules.
Responsible for health, safety, and welfare of workers.
Provides safety policy, risk control, and adequate training.
Manager:
Oversees daily operations and enforcement of safety procedures.
Maintains records, registers, and incident reports.
Ensures safe work practices and supervision.
Q. What is Form 4 (Safety Officer appointment)?
Form 4 is the official notification form for appointing a Safety Officer under Section 40-B of the Factories Act, 1948.
Submitted to the Chief Inspector of Factories (CIF) for approval.
Required for factories employing 1,000 or more workers or as prescribed by state rules.
Ensures that a qualified safety professional is designated for OHS management.
Q. What are Indian legal requirements for fire and electrical safety?
As per National Building Code (NBC) and Factories Act:
Provide adequate fire exits, extinguishers, and alarms.
Conduct regular fire drills and equipment inspection.
Electrical Safety Rules (CEA Regulations):
Ensure proper earthing, insulation, and load limits.
Conduct periodic testing and maintenance of electrical systems.
Appoint qualified electricians and supervisors.
Q. What is “Consent to Operate” under Pollution Control Board?
A legal authorization issued by the State Pollution Control Board (SPCB).
Allows an industry to operate after complying with environmental norms.
Ensures control of air, water, and hazardous waste pollution.
Must be renewed periodically as per the Water and Air Acts.
Key requirement for environmental compliance in ISO 14001 and ISO 45001.
Q. What is the difference between statutory and regulatory compliance?
Statutory Compliance:
Refers to laws passed by legislation (e.g., Factories Act, 1948).
Regulatory Compliance:
Refers to rules and guidelines issued by regulatory bodies (e.g., SPCB, Electrical Inspectorate).
Both ensure legal adherence, but statutory laws are broad, while regulatory rules are implementation-specific.
Q. How do you evaluate legal compliance in ISO 45001?
Maintain an updated legal register identifying all applicable OH&S laws.
Conduct periodic compliance audits or assessments.
Verify evidence of implementation (licenses, permits, records).
Review compliance results in management review meetings.
Take corrective actions for non-compliance areas.
Q. How do you stay updated on new legal requirements?
Subscribe to government notifications, official gazettes, and SPCB websites.
Attend safety and compliance seminars or webinars.
Consult legal advisors or industry associations.
Review circulars from labor and environmental departments.
Update the legal register whenever new rules or amendments arise.
Q. What is the penalty for noncompliance under Factory Act?
Penalties vary based on the nature of violation:
General contravention: Fine up to ₹2,00,000 or imprisonment up to 2 years.
Accident due to negligence: Higher fines and possible imprisonment.
Continued noncompliance: Additional daily fines.
May also lead to license suspension or prosecution.
Q. What is an annual safety report or Form 34 submission?
Form 34 is an Annual Safety Report submitted to the Directorate of Industrial Safety and Health (DISH).
Summarizes accidents, training conducted, safety audits, and improvements during the year.
Helps regulatory authorities monitor factory safety performance.
Must be submitted every year by the factory management or Safety Officer.
Q. What is an incident investigation procedure?
A systematic process to determine the root cause of an incident or near miss.
Aims to prevent recurrence by identifying unsafe acts, conditions, and system failures.
Includes reporting, evidence collection, analysis, corrective action, and follow-up.
Required under ISO 45001 Clause 10.2 (Incident and Nonconformity Handling).
Q. What are the immediate steps after an incident?
Stop work and ensure the area is safe.
Provide first aid and arrange for medical help if required.
Inform management and safety personnel immediately.
Secure the scene to preserve evidence.
Record initial details and begin investigation promptly.
Q. Who should be part of the investigation team?
Safety Officer / EHS Manager – leads the investigation.
Department Supervisor or Line Manager.
Employee involved or eyewitness.
Maintenance / Technical expert if equipment is involved.
HR or Management representative for documentation and follow-up.
Q. How do you identify the root cause?
Review sequence of events leading to the incident.
Analyze equipment, environment, and human factors.
Use tools like 5 Why analysis or Fishbone Diagram.
Distinguish between immediate, underlying, and root causes.
Focus on systemic failures, not individual blame.
Q. What is the “5 Why” method of root cause analysis?
A simple but powerful tool for identifying the fundamental cause of a problem.
Involves asking “Why?” repeatedly (typically five times) until the real cause is found.
Example:
Why did the worker slip? → Floor was wet.
Why was the floor wet? → Leak from pipe.
Why was the pipe leaking? → Seal damaged.
Why was seal damaged? → Poor maintenance.
Root cause: Inadequate preventive maintenance.
Q. What is a Fishbone (Ishikawa) Diagram?
A visual tool used to identify potential causes of a problem.
Causes are categorized under Man, Machine, Method, Material, Measurement, and Environment.
Helps analyze multiple factors contributing to an incident.
Encourages team-based brainstorming and root cause identification.
Q. What are corrective and preventive actions?
Corrective Action: Steps taken to eliminate the root cause of a detected nonconformity or incident.
Example: Repairing or redesigning faulty equipment.
Preventive Action: Steps taken to eliminate potential causes before they occur.
Example: Regular inspections and training to prevent future failures.
Both aim to improve safety performance and system effectiveness.
Q. How do you track implementation of corrective actions?
Maintain a Corrective Action Register with target dates and responsible persons.
Conduct follow-up audits or inspections to verify completion.
Review evidence of implementation (photos, records, training).
Update status in management review meetings.
Mark actions closed only after verifying effectiveness.
Q. How do you communicate findings to management?
Prepare a comprehensive investigation report summarizing causes and actions.
Present findings during management review or safety meetings.
Highlight trends, risks, and improvement opportunities.
Recommend policy or procedural changes if needed.
Use visual dashboards or presentations for clarity.
Q. How do you prevent recurrence of similar incidents?
Implement effective corrective and preventive actions.
Review and update risk assessments and SOPs.
Conduct training and awareness sessions on lessons learned.
Strengthen supervision and inspections.
Monitor KPIs to ensure continuous improvement and compliance.
Q. What is continual improvement in ISO 45001?
A systematic and ongoing process of enhancing OH&S performance and OHSMS effectiveness.
Focuses on reducing risks, preventing incidents, and improving safety culture.
Achieved through data analysis, audits, feedback, and management reviews.
Ensures the organization adapts to changes and maintains compliance.
Q. How do you identify opportunities for improvement?
Analyze audit results, incident trends, and near-miss reports.
Gather worker feedback and safety suggestions.
Review KPIs, inspection findings, and management review outcomes.
Benchmark against industry best practices and legal updates.
Identify gaps between objectives and actual performance.
Q. What are examples of continual improvement initiatives?
Updating risk assessments with new controls or technology.
Introducing behavior-based safety (BBS) programs.
Implementing digital safety monitoring tools.
Upgrading PPE or emergency response systems.
Conducting refresher training and safety awareness drives.
Reducing incident rates through proactive interventions.
Q. How is management review conducted?
Conducted at planned intervals (usually annually) by top management.
Review OHS performance, objectives, audit results, and compliance status.
Identify trends, risks, opportunities, and resource needs.
Document decisions and actions for continual improvement.
Ensures leadership involvement and strategic direction alignment.
Q. What are inputs to management review?
Audit results and performance data.
Incident reports, near misses, and corrective actions.
Legal and compliance updates.
Progress toward OH&S objectives.
Feedback from workers and interested parties.
Resource adequacy and training effectiveness.
Q. What are outputs from management review?
Decisions on OHS policy, objectives, and improvements.
Allocation of resources and responsibilities.
Action plans for identified risks and opportunities.
Updates to procedures, processes, or training programs.
Recommendations for system or structural improvements.
Q. How do you measure the effectiveness of OHSMS?
Track safety KPIs (e.g., LTIFR, TRIR, near-miss rates).
Conduct internal audits and compliance evaluations.
Assess incident reduction trends and corrective action closure.
Review employee participation and training effectiveness.
Validate through management review and external audits.
Q. How do you handle underperformance in safety metrics?
Investigate root causes of poor performance.
Reassess goals and targets for realism and relevance.
Strengthen controls and retrain employees.
Increase supervision and monitoring in problem areas.
Report findings to management and track improvement actions.
Q. What are safety leadership indicators?
Visible management commitment (site visits, participation).
Proactive communication and engagement with workers.
Resource allocation for safety initiatives.
Response time to incidents or unsafe reports.
Recognition programs for safe behavior.
These indicators reflect active leadership involvement in safety.
Q. How do you ensure the OHSMS remains effective over time?
Conduct regular reviews and internal audits.
Keep risk assessments and legal registers up to date.
Maintain employee awareness and competence through training.
Monitor KPIs and corrective actions continuously.
Promote a culture of accountability and continual improvement.
Ensure top management involvement in all key decisions.