Aligning Incident Management With ISO 45001 Requirements

Quality Digest


Incident reporting
Capturing data on the time, location, and circumstances surrounding the incident will be helpful both for tracking trends and for OSHA reporting purposes.

Our PROMISE: Quality Digest only displays static ads that never overlay or cover up content. They never get in your way. They are there for you to read, or not.

Manufacturers should also consider the following incident management best practices:

Clause 10.2 of ISO 45001 requires companies to establish processes for incident investigation, reporting, and corrective action. The standard also includes requirements for documentation and communication, as well as the stipulation to use incident data to promote continuous improvement.

Preventive action
Some incidents are straightforward in terms of identifying preventive actions. However, if you’re having trouble coming up with an effective preventive action, consider using an impact assessment and FMEA. This helps determine how substantial of a preventive action is necessary based on risk and the effect on the process.

Using the QMS to build an ISO 45001-compliant incident management process

However, someone has to pay for this content. And that’s where advertising comes in. Most people consider ads a nuisance, but they do serve a useful function besides allowing media companies to stay afloat. They keep you aware of new products and services relevant to your industry. All ads in Quality Digest apply directly to products and services that most of our readers need. You won’t see automobile or health supplement ads.

Corrective action
This step includes root cause analysis using tools such as a 5 Whys analysis, 8D problem solving, or failure mode and effects analysis (FMEA). Don’t assume you know the root cause, but rather follow the process to completion to avoid missing anything.

Quality management system (QMS) automation is becoming increasingly prevalent for manufacturers looking to standardize incident management. A configurable QMS helps companies create an ISO 45001-compliant process that aligns with internal processes, allowing these companies to:
• Capture, store, and share incident details within one centralized, permissions-based system
• Facilitate collaboration among different team members to accelerate the resolution of problems
• Launch a 5 Why, 8D, or FMEA from the EHS incident management solution
• Create customized workflows for incident investigations and reporting aligned with internal processes and reporting structures
• Automatically populate incident reports and OSHA 300 forms for regulatory reporting
• Analyze trends in EHS incident data to develop more effective preventive actions and drive continuous improvement


While ISO 45001 is largely aimed at incident prevention, several requirements apply to how organizations respond to and manage incidents. These include requirements around:
• Incident reporting: Manufacturers must document their process for reporting incidents, including near misses, injuries, and occupational illnesses.
• Incident investigation: Companies must investigate incidents to identify their root causes, contributing factors, and related hazards.
• Incident response: Organizations must establish a process for incident response that mitigates the effect of incidents to prevent further harm.
• Documentation and record-keeping: The standard requires documentation of the incident management process as well as records of incidents, investigations, and corrective actions.
• Communication: Companies must keep workers informed about the results of incident investigations. The standard emphasizes sharing lessons learned, as well as seeking employee input on appropriate prevention and control measures.
• Corrective and preventive action: The standard requires companies to implement corrective actions to address the root cause of incidents and prevent recurrence.
• Continuous improvement: Like all ISO standards, there is a strong focus on continuous improvement. ISO 45001 requires companies to use incident management data to drive improvements in EHS performance as a whole.

The biggest gap in manufacturing-incident management

So please consider turning off your ad blocker for our site.

Published: Wednesday, October 4, 2023 – 12:03

That means incorporating risk into decision-making throughout the process. One example would be using a risk matrix and scoring to prioritize corrective actions. Another would be using failure mode and effects analysis (FMEA) to determine prevention measures for addressing an identified root cause.

Similar to other ISO standards, ISO 45001 doesn’t provide specific instructions on how to manage incidents. However, it does require that manufacturers incorporate risk-based thinking into their approach.

This occupational health and safety standard is especially prevalent in manufacturing, where managing safety incidents is a core concern from the perspective of protecting workers, reducing costs, and avoiding compliance problems.

Quality Digest does not charge readers for its content. We believe that industry news is important for you to do your job, and Quality Digest supports businesses of all types.

Immediate response and documentation
Whenever possible, take photos of the incident scene, and keep it closed off until the investigation is complete, if feasible.

Published Aug. 17, 2023, on the AssurX blog.