ISMS Code – Information Security Management System Code

TQCSI HR Compliance Code:2019

What is the HR Compliance Code?

TQCSI’s Human Resources (HR) Compliance Code is a standard to which companies can develop a HR compliance management system and, with certification, demonstrate their compliance to fundamental HR requirements.

Complimenting a number of international standards, it embraces best practice requirements of all organisations for human resources and it is equally applicable to small companies and large organisations.

HR compliance is a fundamental legal requirement for all organisations.

HR Compliance System Requirements

A HR Compliance Management System requires organisations to:

• understand their HR related external & internal issues, and interested parties
• have a HR Policy describing senior management’s commitment
• understand their legislative requirements
• have policies and procedures to meet their legislative requirements
• assess potential HR compliance related risks
• develop and monitor HR objectives and targets
• ensure staff are competent and understand their HR requirements
• manage contractors’ and subcontractors’ HR obligations
• identify and resolve HR problems
• take corrective action for significant or repetitive HR problems
• conduct internal audits of the HR management system
• conduct system review of the HR management system.

Documentation Requirements:

• HR Policy – typically a one page document declaring commitment to HR compliance
• Policies for HR related requirements
• HR Procedures – ideally they are brief instructions for employees to follow (eg grievance process)
• HR Forms
• HR Risk Register
• HR Objectives & Targets Register
• Training & Compliance Register
• Problems Register
• Corrective Action Register.

Implementing a HR Compliance Management System:

Why use TQCSI’s HR Code and an effective HR Compliance Management System:

• ensure awareness of and abide by relevant legislation, agreements and conventions people work under
• meet government and major customer requirements to manage people, legislative compliance, ethical operations, cultural integrity and contractor control
• ensure workplaces have transparent and compliant performance management systems, dispute resolution and grievance systems, and codes of behaviour
• provide an inclusive environment where people work without fear or intimidation
• demonstrate the ability to reliably work with larger organisations
• assure employees that their pay, superannuation, taxation and benefits are correct
• extending the existing inventory from aspirational guidelines to concrete compliance to contemporary ‘Human Resources’ requirements
• reduced risk through assessment of HR threats
• 3^rd party certification may reduce any need for 2nd party audits
• gain stakeholder and customer trust that their data is protected
• improved efficiency
• enhanced company profile
• confidence that your employees are being treated fairly.

TQCSI Certification Process:

• contact your TQCSI Office and ask for a quote or apply on-line - TQCSI will need to know what your business does and how many employees (full time equivalent)
• to prevent delays, don’t wait until your HR Compliance Management System is fully implemented.

Certification Mark for HR Compliance Code:

The certification mark can be used on all promotional material to promote your certification.

Need Help?

Contact This email address is being protected from spambots. You need JavaScript enabled to view it..

To access the HR Compliance Code, Click Here.

TQCSI Information Security Code:2018

What is the IS Code?

TQCSI’s Information Security (IS) Code for information security management systems is a standard to which companies can develop a system and gain certification to demonstrate their compliance with fundamental information security requirements. Based on the international standard, ISO 27001, it embraces many of the international requirements but is not as prescriptive and much less bureaucratic. It is an ideal ‘stepping stone’ for companies who wish to work towards ISO 27001 certification and may satisfy pre-qualification requirements for larger clients.

Information security is predominantly IT related but not completely. Other information security related processes also need to be considered such as phones, HR information, access to the premises and physical security.

Information Security System Requirements 

An Information Security Management System (ISMS) requires organisations to:

• understand their information security related external & internal issues, and interested parties
• have an Information Security Policy describing senior management’s commitment
• assess potential information security related risks
• develop a Statement of Applicability based on controls listed at Annex A to the Code
• monitor controls listed in the Statement of Applicability to ensure their effectiveness
• develop and monitor information security objectives
• ensure staff are competent and understand the information security management system
• control any outsourced information security related processes (eg IT services)
• control information security nonconformances
• take corrective action for significant or repetitive nonconformances
• conduct internal audits of the information security management system.

Information Security Documentation Requirements:

• Information Security Policy – typically one page document declaring commitment to information security
• Statement of Applicability – register of risk assessment and controls
• Procedures – as many or as few as you need; ideally they are brief instructions for employees to follow (eg backup process)
• Registers – for information security objectives and nonconformances.

Implementing an Information Security Management System:

Benefits of an Information Security Management System:

• ensures companies cover their legal and regulatory requirements for information security
• company operations have never been more IT system dependent
• commercially sensitive information has never been more at risk
• reduced risk through assessment of threats to information security
• information and processes are increasingly entered in the cloud
• 3rd party certification may reduce any need for 2nd party audits
• gain stakeholder and customer trust that their data is protected
• expand potential tendering opportunities by demonstrating a high level of information security through 3rd party certification
• improved efficiency
• enhanced company profile
• ensure business continuity
• confidence that information security is controlled.

TQCSI Certification Process:

• contact your TQCSI Office and ask for a quote or apply on-line - TQCSI will need to know what your business does and how many employees (full time equivalent)
• to prevent delays, don’t wait until your Information Security Management System is fully implemented.

Certification Mark for Information Security Code:

The certification mark can be used on all promotional material to promote your certification.

Need Help?

Contact This email address is being protected from spambots. You need JavaScript enabled to view it..

Medical devices – Quality management systems – Requirements for regulatory purposes

ISO 13485 specifies requirements for a quality management system that can be used by an organisation involved in one or more stages of the life-cycle of a medical device.

These include design and development, production, storage and distribution, installation, servicing and final decommissioning and disposal of medical devices, and design and development or provision of associated activities.

The Standard can also be used by suppliers or external parties providing products such as raw materials, components, subassemblies, medical devices, sterilization, calibration, distribution, and maintenance services.

For a quote or more information, don’t hesitate to contact us.

 

ISO 27001:2022 - Information Security Management Systems Requirements

Information Technology Security techniques

What is ISO 27001?

ISO 27001 for Information Security Management Systems requires organisations to adopt a risk based approach to the security of all information. ISO 27001 is not a prescriptive document, rather it is intended to enable organisations to ensure the security of information through the assessment and treatment of information security risks, documented in a Statement of Applicability.

Information Security Management System Requirements

Information Security Management Systems (ISMS) require organisations to:

• identify information security risks
• understand external & internal issues, and interested parties, relevant to information security
  
• develop an information security Policy - typically one page document declaringcommitment to information security
• develop a Statement of Applicability, documenting the assessment of identified information security risks and establishing controls (risk treatment) based on reference controls documented at Annex A of ISO 27001
• develop procedures -- instructions required to address information security
• control any outsourcing of information management
• develop and monitor information security objectives and targets
• embrace information security risks and opportunities throughout the business
• ensure staff are competent and understand their information security responsibilities
• monitor information security performance
• control information security nonconformances and take corrective action for significant or repetitive nonconformances
• conduct internal audits of the information security management system
• ensure senior management strategically review the information security management system

Documentation Requirements:

• Information Security Policy Statement of Applicability
• ISMS or Management Manual Procedures
• Improvement Plan (monitoring information security objectives and targets)
• Registers – nonconformances and corrective action.

Implementing an Information Security Management System:

Benefits of an Information Security Management System:

• demonstrated due diligence by meeting regulatory and customer requirements
• meeting international best practice for security
• meeting tender requirements and stand out from the competition
• improved reputation and enhanced company profile
• demonstrated integrity of data to customers, suppliers and other stakeholders
• reduced risk of fraud, information loss and disclosure
• increased resilience to cyber attacks
• prompt detection of data leakage and rapid reaction to breaches
• reduced costs associated with information security
• all forms of information, ensuring confidentiality, integrity and availability of data secured
• ensured workplace confidentiality and improved company culture
• easily integrated with other management systems.

Transition from ISO 27001:2013 to ISO 27001:2022

 ISO/IEC 27001:2022 was published in October 2022.  It is not a fully revised edition; the main changes are:

• Annex A references the controls in ISO 27002:2022, which includes the information of control title and control
• the notes of Clause 6.1.3.c are revised editorially, including deleting the control objectives and using “information security control” to replace “control”
• the wording of Clause 6.1.3.d is re-organized to remove potential ambiguity.

The number of controls in ISO 27002:2022 decreases from 114 controls in 14 clauses to 93 controls in 4 clauses. Of those, 11 controls are new, 24 are merged from the existing controls, and 58 are updated. Moreover, the control structure is revised, which introduces “attribute” and “purpose” for each control and no longer uses “objective” for a group of controls.

Clients may apply to be audited and certified to the old Standard (ISO 27001:2013) until 30 April 2023, after which only applications against the new Standard (ISO 27001:2022) will be accepted. Clients may request to be audited and certified to the new Standard (ISO 27001:2022) from 1 November 2022. 

All clients must be audited and certified to ISO 27001:2022 no later than three years following its publication (30 October 2022). No certification to ISO 27001:2013 is permitted after 30 October 2025.

TQCSI Certification Process:

• contact your TQCSI Office and ask for a quote or apply on-line - TQCSI will need to know what your business does, how many employees (full time equivalent) and what types of information security risks are applicable
• to prevent delays, don’t wait until your Information Security Management System is fully implemented.

Certification Mark for Information Security Management Systems:

Once obtained, this certification mark can be used on all marketing material to promote your ISO 27001 Information Security Management System certification.

Need Help?

Contact: This email address is being protected from spambots. You need JavaScript enabled to view it..

TQCSI HACCP Code:2020 for Food Safety Programs

What is the TQCSI HACCP Code?

TQCSI’s Hazard Analysis Critical Control Point (HACCP) Code for Food Safety Programs is based on the guidelines published by CODEX Alimentarius. It specifies food safety requirements for use by organisations within the food and beverage industry to provide objective evidence of their capability to supply food or beverage which meets customer and legislative requirements.

It requires organisations to implement the simplest form of food safety management system by identifying potential hazards to food safety, risk assessing them and controlling those deemed critical. In the absence of an international standard for HACCP, TQCSI developed the Code following consultation with food safety specialists and regulators throughout Asia. It has been formally recognised by JAS-ANZ (one of only a handful of codes to be registered by an accreditation body any where in the world).

HACCP Food Safety Program Requirements

A HACCP-based Food Safety Program requires organisations to:

• appoint a HACCP Team
• develop and implement a HACCP Food Safety Plan
• develop a Food Safety Manual briefly addressing the clauses of the HACCP Code
• implement food safety practices
• develop and implement procedures, particularly for each of the critical control points
• implement record keeping for monitoring of the critical control points
• ensure staff are competent and understand their responsibilities
• control food safety nonconformances
• conduct internal audits of the food safety program.

Documentation Requirements:

• Food Safety Plan
• Food Safety Manual
• Procedures
• Records for CCP monitoring
• Register for nonconformances.

Implementing a HACCP-based Food Safety Program:

Benefits of a HACCP-based Food Safety Program:

• demonstrated due diligence by meeting regulatory and customer requirements
• enhanced company profile and reputation
• greater marketing opportunities
• minimised risk and reduce food hazards
• greater protection from spurious food poisoning allegations
• improved food safety performance
• competent and empowered employees.

What is the best third-party certification option for your business?

Click here to understand the key differences and definitions of HACCP, ISO 22000, FSSC 20000.

TQCSI Certification Process:

• contact your TQCSI Office and ask for a quote or apply on-line - TQCSI will need to know what your business does and how many employees (full time equivalent)
• to prevent delays, don’t wait until your Food Safety Program is fully implemented.

Certification Mark for HACCP-based Food Safety Programs:

Once obtained this certification mark can be used on all marketing material to promote your HACCP Food Safety Program certification.

Need Help?

Contact This email address is being protected from spambots. You need JavaScript enabled to view it..

FSSC 22000 (Version 5.1) - Food Safety Management Systems Requirements

What is FSSC 22000?

FSSC 22000 for Food Safety Management Systems provides a framework for effectively managing food safety and quality responsibilities. FSSC 22000 demonstrates that a robust and effective food safety management system (FSMS) is in place to meet the requirements of regulators, food business customers and consumers.

The FSSC 22000 Scheme is recognized by the Global Food Safety Initiative (GFSI) and supported by the European Food and Drink Association (CIAA) and the American Groceries Manufacturing Association (GMA).

Other GFSI programs like IFS, BRC & SQF are product certification standards but FSSC 22000 is a management system certification scheme, which means a significant difference in the audit approach – essentially FSSC 22000 provides the framework for organisations to implement processes how they wish to meet the requirements.

FSSC 22000 has three components:

Organisations can achieve FSSC 22000 certification in the following scopes:

• Food manufacturing (ISO 22002-1)
• Catering (ISO 22002-2)
• Food packaging manufacturing (ISO 22002-4)
• Food and feed for animals (ISO 22002-6)
• Retail and supermarkets (PAS 221)
• Transport and storage (ISO 22002-5).

FSSC 22000 Requirements

A Food Safety Management Systems for FSSC 22000 requires organisations to:

• understand external & internal issues, and interested parties, relevant to food safety
• develop a Food Safety Policy – typically one page document declaring commitment to food safety
• appoint a Food Safety Team
• develop and implement a Hazard Control Plan
• develop a FSMS or Management Manual briefly addressing the clauses of ISO 22000 & specific FSSC 22000 requirements
• implement food safety practices to address the respective pre-requisite program (PRP)
• develop procedures, particularly for each of the critical control points (CCPs) and operational pre-requisite programs (OPRPs)
• implement record keeping for monitoring of the CCPs and OPRPs
• develop and monitor food safety objectives and targets
• embrace food safety risks and opportunities
• develop and implement a Food Defence Plan and Food Fraud Mitigation Plan
• monitor food safety performance
• plan responses to food safety emergencies
• ensure staff are competent and understand their food safety responsibilities
• control food safety nonconformances and take corrective action for significant or repetitive nonconformances
• ensure internal and external communication of food safety issues
• implement evaluation and monitoring of external providers
• implement an allergen management program
• implement verification of the Hazard Control Plan and PRPs
• conduct internal audits of the food safety management system
• ensure senior management strategically review the food safety management system
• implement a risk based environmental monitoring program.

Documentation Requirements:

• Food Safety Policy
• Hazard Control Plan
• FSMS or Management Manual
• Procedures
• Food Safety Improvement Plan (monitoring food safety objectives and targets)
• Food Defence Plan
• Food Fraud Mitigation Plan
• Emergency Plan
• Allergen Management Plan
• Records for OPRP & CCP monitoring
• Registers for nonconformances and corrective action
• Environmental Monitoring Plan.

Implementing a FSSC 22000 Food Safety Management System:

Benefits of FSSC 22000 Food Safety Management System:

• demonstrated due diligence meeting regulatory and customer requirements
• enhanced company profile, reputation and brand protection
• increased stakeholder confidence
• certification that is accepted by all organisations
• significantly greater marketing opportunities leading to higher profits
• enhanced food safety in supply chain and increased supply chain management
• minimised risk and food safety related incidents
• improved food safety performance
• greater protection from spurious food poisoning allegations
• food safety culture embedded and employees empowered
• easily integrated with other management systems.

 What is the best third-party certification option for your business?

Click here to understand the key differences and definitions of HACCP, ISO 22000, FSSC 20000.

TQCSI Certification Process:

• contact your TQCSI Office and ask for a quote or apply on-line - TQCSI will need to know what your business does and how many employees (full time equivalent)
• to prevent delays, don’t wait until your Food Safety Management System is fully implemented.

Certification Mark for FSSC 22000 Food Safety Management Systems:

Once obtained, this certification mark can be used on all marketing material to promote your FSSC 22000 Food Safety Management System certification.

Need Help?

Contact This email address is being protected from spambots. You need JavaScript enabled to view it..

ISO 22000:2018 - Food Safety Management Systems Requirements

(for any organization in the food chain)

What is ISO 22000?

ISO 22000 for Food Safety Management Systems requires organisations to adopt a risk based approach to food safety. Now based on the same Higher Level Structure that all ISO management system standards follow, ISO 22000 combines the principles of ISO 9001 for quality management systems and Hazard Analysis and Critical Control Point (HACCP) with internationally accepted, industry based pre-requisite programs.

ISO 22000 identifies food safety requirements for organisations within the food and beverage industry chain to address and then implement a food safety management system by identifying, assessing and controlling potential hazards to food safety.

Food Safety Management System Requirements

A Food Safety Management System (FSMS) requires organisations to:

• understand external & internal issues, and interested parties, relevant to food safety
• develop a Food Safety Policy – typically one page document declaring commitment to food safety
• appoint a Food Safety Team
• develop a Hazard Control Plan
• develop a FSMS or Management Manual briefly addressing the clauses of ISO 22000
• implement food safety practices to address the respective pre-requisite program (PRP)
• develop procedures, particularly for each of the critical control points (CCPs) and operational pre-requisite programs (OPRPs)
• implement record keeping for monitoring of the CCPs and OPRPs
• develop and monitor food safety objectives and targets
• embrace food safety risks and opportunities, and consider the need for a Food Defence Plan and Food Fraud Vulnerability Plan
• monitor food safety performance
• plan responses to food safety emergencies
• ensure staff are competent and understand their food safety responsibilities
• control food safety nonconformances and take corrective action for significant or repetitive nonconformances
• ensure internal and external communication of food safety issues
• implement evaluation and monitoring of external providers
• implement verification of the Hazard Control Plan and PRPs
• conduct internal audits of the food safety management system
• ensure senior management strategically review the food safety management system.

Documentation Requirements:

• Food Safety Policy
• Hazard Control Plan
• FSMS or Management Manual
• Procedures
• Food Safety Improvement Plan (monitoring food safety objectives and targets)
• Emergency Plan
• Records for OPRP & CCP monitoring
• Registers for nonconformances and corrective action.

Implementing a Food Safety Management System:

Benefits of Food Safety Management System:

• demonstrated due diligence
• meeting regulatory and customer requirements
• enhanced company profile and reputation, and stakeholder confidence
• greater marketing opportunities leading to higher profits
• enhanced food safety in supply chain
• minimised risk and food safety related incidents
• improved food safety performance
• greater protection from spurious food poisoning allegations
• food safety culture embedded and employees empowered
• easily integrated with other management systems.

What is the best third-party certification option for your business?

Click here to understand the key differences and definitions of HACCP, ISO 22000, FSSC 20000.

TQCSI Certification Process:

• contact your TQCSI Office and ask for a quote or apply on-line - TQCSI will need to know what your business does and how many employees (full time equivalent)
• to prevent delays, don’t wait until your Food Safety Management System is fully implemented.

Certification Mark for Food Safety Management Systems:

Once obtained, this certification mark can be used on all marketing material to promote your ISO 22000 Food Safety Management System certification.

Need Help?

Contact This email address is being protected from spambots. You need JavaScript enabled to view it..

ISO 55001:2018 - Asset Management Systems Requirements

What is ISO 55001?

The ISO 55001 Standard for Asset Management Systems (AMS) provides a framework to help organisations proactively manage their assets throughout their lifecycle. With a third-party certified asset management system in place, organisations can maintain greater control over their key business assets, mitigate risks and achieve a greater return on investment.

Benefits of ISO 55001 certification

Businesses of all shapes and sizes benefit from certification to the ISO 55001 standard. You can apply the standard to all types of business assets, whether they be physical, financial, or intellectual. By adopting the ISO 55001 approach to asset management, you can demonstrate long term sustainable growth, attract new clients, and improve your systems.

The benefits of an ISO certified asset management system often include:

• demonstrated due diligence by meeting customer requirements
• meeting international best practice for asset management
• being able to meet tender requirements quickly
• stand out from the competition and access new markets
• improved reputation and enhanced company profile
• improved financial performance
• improved services and outputs
• long term system integrity and tracking assets over their lifecycle
• informed asset investment decisions
• improved organisational sustainability
• increased asset efficiency and performance
• greater transparency of assets’ location and maintenance
• easily integrated with other management systems.

Why certify your Asset Management System (AMS) with TQCSI?

A TQCSI certification is an independent endorsement from the world’s leading certification body of your commitment to asset management. We provide ISO 55001 certification to businesses all over the world. 

With proven certification systems and a global network of offices, we make it simple and affordable for businesses of all sizes to achieve ISO 55001 certification. Our offices are staffed by a team of local experts who not only understand your operating environment but also speak your language.

Don’t wait, start your ISO 55001 certification now

You don’t need to wait until your AMS is fully implemented. TQCSI can assess your asset management system no matter where you are in your systems development journey. Reach out to your local TQCSI office today, or tell us a bit about your business and your asset management objectives via our online form.

Preparing for your ISO 55001 Asset Management System

At TQCSI, we aim to make your ISO 55001 certification fast, hassle-free, and straightforward. Our auditors will assess your systems, processes and documentation and provide information about areas to be addressed.

Below is a checklist of typical system requirements and documentation that a certified ISO 55001 system may need.

Asset Management System Requirements

Typically, an Asset Management Systems (AMS) require organisations to:

• understand external & internal issues, and interested parties, relevant to asset management
• develop an Asset Management Policy declaring a commitment to sustainable asset management
• develop an AMS or Management addressing the clauses of ISO 55001; often integrated with the Manual for other management systems
• develop a Strategic Asset Management Plan (SAMP) documenting policies for asset management direction in the organisation
• develop Asset Management Plans (AMPs) to address the different groups or classes of assets
• establish an Asset Register
• implement systems for planning, scheduling, recording and monitoring maintenance
• develop and monitor asset management objectives and targets
• embrace asset management risks and opportunities throughout the business
• ensure staff are competent and understand their asset management responsibilities
• control any outsourcing of asset management and maintenance
• monitor asset management performance
• control asset management non-conformances and take corrective action for significant or repetitive non-conformances
• conduct internal audits of the asset management system
• ensure senior management strategically review the asset management system.

Documentation Requirements

Typical ISO 55001 documentation includes:

• Asset Management Policy
• AMS or Management Manual
• Procedures
• Strategic Asset Management Plan (SAMP)
• Asset Management Plans (AMPs)
• Asset Register
• Maintenance System
• Improvement Plan (monitoring asset management objectives and targets)
• Registers to record non-conformances and corrective action.

Implementing an Asset Management System

To achieve your ISO 55001 certification, your AMS should demonstrate the processes, resources, and organisational culture commitment to proactive asset management and continuous improvement.

TQCSI Certification Process:

• Contact your TQCSI Office and ask for a quote or apply on-line - TQCSI will need to know what your business does, how many employees (full time equivalent) and what types of asset classes are applicable
• To prevent delays, don’t wait until your Asset Management System is fully implemented.

Certification mark for ISO 55001 Asset Management Systems

Once your AMS has been certified, you can proudly display the TQCSI certification mark to promote your certification.

Questions?

Contact your local TQCSI office to find out how certifying your Asset Management Systems to the ISO 55001 standard will help give you a competitive edge, or email us at This email address is being protected from spambots. You need JavaScript enabled to view it..

ISO 45001:2018 - Occupational Health & Safety Management System Certification

What is the ISO 45001 standard?

Every day thousands of lives are lost in workplace accidents or as a result of illnesses linked to work activities. The ISO 45001:2018 sets the international standard for Occupational Health and Safety (OH&S) Management Systems. It helps organisations proactively manage their OH&S risks and improve their OH&S performance.

Safety is a serious business. Organisations worldwide who are serious about safety, reducing workplace risks and creating safer working conditions are certifying to this international occupational health and safety standard.

ISO 45001:2018 Occupational Health and Safety Management Systems replaces OHSAS 18001 and AS 4801. If your organisation is either OHSAS 18001 or AS 4801 certified, you will need to update to the new ISO 45001 standard.

TQCSI is here to help you become newly certified or bring your existing certification up to date. Navigating the standard without the help of an expert can be difficult. We’re the experts in ISO 45001, so you don’t have to be.

Benefits of a ISO 45001 Management System

ISO 45001 certification shows that you take the safety and wellbeing of your employees seriously. A standardised OH&S management system helps you to manage risks, reduce workplace incidents and ensure that everyone gets home safely.

The benefits of an ISO 45001 certified Occupational Health and Safety Management System are varied, including:

• creating a safe and healthy workplace
• improved OH&S performance
• developing and implementing a OH&S policy and objectives
• establishing a systematic and auditable process for managing OH&S risks
• minimises risk and reduces workplace accidents and incidents
• clear documentation requirements for managing workplace safety in your business
• encourages all levels of staff to take an active role in OH&S matters
• demonstrates due diligence by meeting regulatory requirements and customer expectations
• improves team morale and empowerment of employees
• reduced costs, including lower insurance premiums
• builds a reputation as a safe place to work
• easily integrates with other management systems

Why certify with TQCSI?

The standard focuses on the interaction between an organisation and its operating environment providing flexibility in its application. However, because of this built-in flexibility, interpreting the standard can be complex.

Our experienced team of auditors are not just experts in ISO 45001. They are also experts in local OH&S requirements and community expectations that may affect your business. We are here to ensure your path to certification is smooth sailing no matter where in the world you’re located.

Let’s get started

Whether you already have an OH&S management system in place, or you’re starting from scratch, we can help. Contact your local TQCSI office or complete our online form to get started with ISO 45001.

How to prepare for ISO 45001 Occupational Health & Safety Management Systems certification

At TQCSI, we want to help you achieve your ISO 45001 certification quickly and easily. To help you get started, we’ve prepared a checklist of items that are often looked for during your audit.

System Requirements

To be ISO 45001 compliant, your organisation must:

• conduct a risk assessment of the site, plant and equipment, and processes
• understand external and internal issues relevant to workplace safety
• develop a Safety Policy declaring commitment to workplace safety
• develop a Risk Register
• develop an Safety or Management Manual briefly addressing the clauses of ISO 45001
• develop procedures to address workplace safety monitoring
• undertake Job Safety Analysis (JSA), or similar, to identify project risks
• uevelop Safe Work Method Statements (SWMS) for high risk processes
• develop Safe Operating Procedures (SOPs), or similar, for high risk equipment
• develop and monitor safety objectives and targets
• develop processes to address workplace safety monitoring
• embrace workplace safety risks and opportunities
• ensure compliance with regulatory requirements and codes of practice
• implement workplace inspections
• monitor safety performance
• plan responses to workplace safety emergencies
• report and investigate accidents and incidents
• control safety nonconformances and take corrective action for significant or repetitive nonconformances
• conduct internal audits of the safety management system
• ensure senior management strategically review the safety management system
• ensure staff are competent and understand the safety management system

Documentation Requirements

The following documentation must be in place to support your Occupational Health & Safety Management System:

• Risk Assessments (site, plant/equipment and processes)
• Safety Policy
• Risk Register
• Safety or Management Manual
• Procedures
• Job Safety Analysis (JSA), or similar
• Safe Work Method Statements (SWMS)
• Safe Operating Procedures (SOPs), or similar
• Safety Improvement or Management Plan (monitoring safety objectives and targets)
• Registers – for accidents & incidents, nonconformances and corrective action, and compliance
• Emergency Response Plan.

Implementing your Occupational Health & Safety Management System

Your ISO 45001 certified system will take a holistic approach to managing OH&S. It should encompass reporting, documentation, and processes.

TQCSI ISO 45001 Certification Process: Next Steps

• Contact your local TQCSI Office and ask for a quote or apply on-line - TQCSI will need to know what your business does and how many employees (full time equivalent)
• To prevent delays, don’t wait until your Safety Management System is fully implemented.

Certification Mark for ISO 45001 Safety Management Systems

Once you have achieved full compliance with ISO 45001 standard, you can proudly display the TQCSI certification mark. It is an internationally recognised symbol of certified quality and safety.

Need Help?

Contact us at This email address is being protected from spambots. You need JavaScript enabled to view it..