Ecesis EHS Software

ISO 45001
Documented
Information

Clause 7.5 of ISO 45001:2018 governs how organizations create, update, and control documented information within the OH&S management system. ISO 45001 uses the unified term “documented information” replacing the distinction between “documents” and “records” used in OHSAS 18001, though the functional difference remains: some information is maintained (kept current, such as procedures) and some is retained (preserved as evidence, such as audit records).

What the Standard Requires

The OHSMS must include documented information required by ISO 45001 and documented information determined as necessary for OHSMS effectiveness. When creating and updating, ensure appropriate identification and description, format and media, and review and approval. Control documented information to ensure it is available and suitable for use where and when needed, and adequately protected.

Required Documented Information

Information to Maintain (Keep Current)

  • EMS scope (Clause 4.3)
  • OH&S policy (Clause 5.2)
  • Roles, responsibilities, and authorities (Clause 5.3)
  • Processes for addressing risks and opportunities (Clause 6.1)
  • Methodology and criteria for hazard assessment (Clause 6.1.2)
  • Legal and other requirements (Clause 6.1.3)
  • OH&S objectives and plans (Clause 6.2)
  • Operational control procedures (Clause 8.1)
  • Emergency preparedness and response plans (Clause 8.2)

Information to Retain (Preserve as Evidence)

  • Competence records (Clause 7.2)
  • Communication records (Clause 7.4)
  • Monitoring and measurement results (Clause 9.1)
  • Calibration and maintenance of monitoring equipment (Clause 9.1)
  • Compliance evaluation results (Clause 9.1.2)
  • Internal audit program and audit results (Clause 9.2)
  • Management review results (Clause 9.3)
  • Incident and nonconformity records including corrective actions (Clause 10.2)

Best Practices for Document Control

  • Use document management software to control versions, approvals, and distribution
  • Focus on value, not volume — ISO 45001 is less prescriptive about documentation than OHSAS 18001
  • Establish naming conventions, retention periods, and obsolete document controls
  • Ensure workers can access relevant documents at the point of use (mobile access is beneficial)
  • Protect documented information from loss, improper use, and loss of integrity

Common Pitfalls

  • Over-documenting with procedures that add no value
  • Using outdated document versions because controls are inadequate
  • Not making documents accessible to workers in the field
  • Failing to retain records needed as audit evidence
How Ecesis ISO 45001 Software Helps: Ecesis Document Management Software provides centralized storage, version control, approval workflows, distribution tracking, and mobile access to ensure documented information is always current and available. Learn more about our ISO 45001 software →
Related Resources
ISO 45001 Implementation Guide ISO 45001 Software Context of the Organization Leadership & Policy Worker Participation Hazard Identification Legal Requirements

What Is Ecesis?

Ecesis is a leading EHS Software Solution that has been helping companies around the world reach their EHS goals since 1993.

Get in Touch

1499 West 120th Avenue
Suite 110
Westminster, CO 80234
(720) 547-5102 (866) 733-6912 Click To Email Us

Connect With Us

EHS Software on LinkedIn EHS Software on Facebook EHS Blog

Copyright © 2026 EnviroData Solutions, Inc.

Terms of Use    Privacy Statement    Cookies