Assigning OH&S Management Roles and Responsibilities Under ISO 45001
ISO 45001 Clause 5.3
Assign OH&S responsibilities clearly and write them down.
ISO 45001 Clause 5.3 - Organisational Roles, Responsibilities and Authorities
ISO 45001:2018 Clause 5.3 requires top management to make sure the responsibilities and authorities for relevant roles within the OH&S management system are assigned and communicated at all levels in the organisation, and retained as documented information.
The clause has two specific requirements assigned to top management. First, ensuring that the OH&S management system meets the requirements of ISO 45001:2018. Second, ensuring that performance of the OH&S management system is reported to top management. These two responsibilities cannot be delegated away - top management owns them.
Beyond those two, the clause expects that workers at every level take responsibility for the parts of the OH&S management system they can control. The driver controls vehicle checks, the supervisor controls the toolbox talk, the manager controls resource allocation, and so on. The system works because responsibility is distributed appropriately, not concentrated in one person.
What Role Definition Looks Like in Practice
Most organisations meet this clause through an organisation chart and a set of role descriptions or responsibility statements. Larger organisations may have a separate OH&S responsibility matrix that maps each clause of the standard to the role accountable for it. Smaller organisations typically capture this within the management system manual.
The standard does not prescribe the format. What matters is that responsibilities are clearly assigned, the people holding them know what is expected, and the assignments are written down somewhere accessible.
For ISO 45001 specifically, common roles to consider include the OH&S management representative, the H&S adviser or competent person under UK legislation, line managers with team safety responsibilities, first aiders, fire wardens, mental health first aiders if appointed, and the workforce safety representatives where they exist.
The most efficient approach is an organisation chart supported by listed responsibilities for each role. This can sit within the management system manual to keep it tied to the rest of the documentation. Where the structure is more complex, a responsibility assignment matrix mapping clauses to roles is useful.
Two specific responsibilities cannot be delegated. Ensuring the system meets the standard, and ensuring performance is reported up to top management. Those two stay with top management. Everything else can be delegated as long as the assignment is clear and the person is competent.
I check that there is a person assigned with overall responsibility for the OH&S management system performance and for reporting it to top management. I also check that individual workers know what their own OH&S responsibilities are, even if those are simply about following procedures and reporting hazards.
Practical Compliance Guidance
The IMS1 Manual is the natural home for the organisation chart and role responsibilities. Section 2.3 Organisational Roles, Responsibilities and Authorities sets out the structure for documenting these.
The following alphaZ documents support compliance with ISO 45001:2018 Clause 5.3.
| alphaZ document | How to use it |
|---|---|
| ISO 45001 Toolkit | The full set of documents for ISO 45001 compliance, including the IMS1 Manual where roles and responsibilities are recorded. |
| ISO 9001/14001/45001 IMS Toolkit | The integrated set of documents for organisations running quality, environmental and OH&S responsibilities through one manual. |
Note - all the above files can be downloaded with an alphaZ subscription.
Frequently Asked Questions
UK Legislation
The following UK legislation places duties on employers and employees that ISO 45001 Clause 5.3 reflects. Organisations outside the UK should identify equivalent legislation in their jurisdiction.
