ISO 45001 mandatory clauses for an audit

In clause 9.2.1 for internal audit the ISO 45001 standard simply states that the organization must audit that the OHSMS meets their own requirements, and the requirements of the standard. Using the recommended approach from ISO 19011, the idea is to perform an audit of the processes, rather than a clause-by-clause audit of the standard. During the audit you see if the planned process arrangements meet the ISO 45001 standard requirements, then you talk to people and see if they are meeting the process planned arrangements as identified by the company (because most of them won’t know the ISO 45001 standard, rather they know what they have been trained to do. With internal audit the audit is not done clause-by-clause, so there are no mandatory clauses to audit.

When it comes to a certification audit, they will audit all of your processes, and then ensure that everything meets all of the requirements of ISO 45001. If you are auditing a supplier (second-party audit) then it is up to you what you want to look at; you don’t need to follow the standard at all (for instance you may just want to look at their nonconformance process). If you have specific requirements on a supplier, this is often the audit criteria used in a second-party audit.

You can learn more about auditing using ISO 19011 in the article: How to perform an internal audit using

ISO 19011, https://info.advisera.com/free-download/how-to-perform-an-internal-audit-using-iso-19011