Differences between statutory audits and ISO 45001 audits

Differences between statutory audits and ISO 45001 audits


Statutory audits or regulatory audits are the exercise of verifying that organizations comply with the appropriate and applicable legal requirements, such as contracts, regulations, and legal provisions that a legal entity must comply with.

Statutory audits can be performed because of a change in management, in leadership or relevant persons, when you are detecting a problem, or in the worst case, if you receive a lawsuit. The above examples are not always necessary to perform the audit, because it is convenient to perform it to prevent the above mentioned and to keep your organizational system in order.

When a legal audit is performed, the difficulties you have are identified and, likewise, the areas of opportunity in which you should pay attention to for the good growth of your management. In other words, statutory audits reflect the current and faithful image of the risk treatment you are following and verify if it has been followed and if it has worked correctly.

By performing your statutory audit periodically (recommended every 6 months or at least once a year) in an objective way, you will be able to promote the culture of prevention in the different areas you have.


While it is true that statutory audits are important for the different sectors that exist, there are also the certifications under ISO 45001 . To differentiate between the two, let’s look at the focus of each, specifically with respect to occupational health and safety.

Statutory auditing is aimed at regulatory compliance under the law, and certification under ISO 45001 (occupational health and safety) is aimed at compliance within the development of a management system to prevent occupational hazards.

Let’s start with the point of compliance, the legal audit is mandatory and the ISO 45001 certification is voluntary. The legal audit, being mandatory, has to be performed according to legal requirements and is subject to exemptions, it also depends on the line of business of your company and its size, it can range from one to two years or more. The certification audit is carried out every three years, the certificate granted lasts for the whole cycle and a review is carried out, usually annually.

The scope of the statutory audit is made by checking the actions that you carry out together with your work team for prevention, a comparison of the certifications in ISO 45001 that is directly the scope on the management system in safety and health at work that has been implemented. Therefore, the treatment given to the two processes is different.


Auditors performing statutory audits have a different specific knowledge than ISO auditors, the former must have a technical understanding of Occupational Risk Prevention.

Auditors for ISO certifications must have a sectorial qualification and for each ISO standard they specialize in, it can be one or several, they can be qualified in one sector or more.

For auditing in occupational health and safety management systems you have to focus on ISO 45001. Remember that there are updates of the standards and auditors must be aware of them for a better result.

Another difference that we can find is that in ISO 45001 audits the concepts of indicators and objectives are discussed, which must be met to support the improvement and sustainability of the management system. In Legal Audits you will not find these terms.


This comparison helps you to understand that certification audits are a valuable instrument that help your organization to have a management system supported by international norms and with the best standards; and that statutory audits are in charge of verifying the adjustment of your organization with the defined regulations.

With the ISO 45001 certification you can obtain several benefits, here are some of them.

You will create a better risk prevention
You will foster a solid organizational culture
You and your team will meet the established objectives and goals.
Productivity will be higher
You will give more reliability and security to your clients and workers.

If you are interested in certification in your management system, QAlliance has the experience to help you achieve your goals and your ISO 45001 certification. Contact us for more details and to give you the attention you need.

Leave a Reply

Your email address will not be published. Required fields are marked *