Clause 5.3 of ISO 45001:2018 requires top management to assign and communicate responsibilities and authorities for relevant roles within the OH&S management system. While top management retains overall accountability, workers at each level must take responsibility for those aspects of the OHSMS over which they have control.
What the Standard Requires
Top management must ensure that responsibilities and authorities for relevant OHSMS roles are assigned and communicated at all levels within the organization, and maintained as documented information. Specifically, roles must be assigned for ensuring the OHSMS conforms to ISO 45001 requirements and reporting on OHSMS performance to top management.
Best Practices for Assigning Roles
- Create a RACI matrix (Responsible, Accountable, Consulted, Informed) for all OH&S activities
- Include OH&S responsibilities in job descriptions and performance evaluations
- Ensure the person(s) responsible for the OHSMS have sufficient authority and access to top management
- Document roles clearly so there are no gaps or overlaps in accountability
- Assign specific responsibilities for hazard reporting, incident investigation, and emergency response
- Include contractor supervision responsibilities in relevant roles
Key Roles in an OH&S Management System
While organizational structures vary, typical OHSMS roles include top management (overall accountability), OH&S manager or coordinator (day-to-day system management), department managers and supervisors (operational safety in their areas), safety committee members, internal auditors, emergency response coordinators, and workers themselves (following procedures, reporting hazards).
Common Pitfalls
- Assigning responsibility without corresponding authority or resources
- Making OH&S the sole responsibility of one person instead of distributing across the organization
- Not updating role assignments when personnel or organizational structure changes
- Failing to communicate roles to workers in a way they understand
