ISO 45001 Internal Auditor Exam – Sample MCQs for Preparation

🧠 ISO 45001 Internal Auditor Exam – 50 Sample MCQs

1–5: Context of the Organization (Clause 4)

1. Which clause addresses “Understanding the needs and expectations of workers and other interested parties”?
a) Clause 4.1
b) Clause 4.2 ✅
c) Clause 4.4
d) Clause 5.2

2. The term “scope of the OH&S management system” is found in:
a) Clause 5.1
b) Clause 6.2
c) Clause 4.3 ✅
d) Clause 7.1

3. What should be considered when determining the scope of the OH&S management system?
a) Legal requirements
b) Organizational boundaries
c) External and internal issues
d) All of the above ✅

4. Clause 4.4 refers to:
a) Leadership and commitment
b) Hazard identification
c) OH&S management system ✅
d) Internal audit

5. Interested parties may include all except:
a) Workers
b) Suppliers
c) Government bodies
d) Personal friends ✅

6–10: Leadership and Worker Participation (Clause 5)

6. Top management must:
a) Avoid responsibilities
b) Delegate all OH&S tasks
c) Demonstrate leadership and commitment ✅
d) Only attend annual meetings

7. The OH&S policy must be:
a) Confidential
b) Displayed only in the boardroom
c) Available to all interested parties ✅
d) Written in legal language only

8. Clause 5.4 focuses on:
a) Emergency response
b) Management review
c) Worker participation and consultation ✅
d) Risk assessment

9. One of the responsibilities of top management is to:
a) Approve vacation plans
b) Ensure availability of resources ✅
c) Manage petty cash
d) Set dress codes

10. Worker participation must be:
a) Encouraged but optional
b) Limited to managers
c) Based on rank
d) Enabled and supported ✅

11–15: Planning (Clause 6)

11. Clause 6.1.1 requires organizations to:
a) Identify all legal holidays
b) Understand risks and opportunities ✅
c) Create payroll reports
d) Develop employee recognition programs

12. Which is not a hazard?
a) Sharp tools
b) Slippery floors
c) Employee training ✅
d) Chemicals

13. Planning must include:
a) Hazard identification
b) Risk assessment
c) Legal compliance
d) All of the above ✅

14. Objectives must be:
a) Vague
b) Documented ✅
c) General
d) Avoided

15. What does clause 6.3 refer to?
a) Operational controls
b) Change management ✅
c) Outsourcing
d) Performance evaluation

16–20: Support (Clause 7)

16. Which of the following is not a form of documented information?
a) SOP
b) Verbal order ✅
c) Policy
d) Work instruction

17. What is essential to ensure competence?
a) Certificates only
b) Experience only
c) Education, training, and evaluation ✅
d) Job title

18. ISO 45001 requires communication to be:
a) Random
b) Accurate and timely ✅
c) Once a year
d) Only upward

19. Clause 7.5 relates to:
a) Communication
b) Competence
c) Documented information ✅
d) Emergency planning

20. Internal communication should:
a) Be controlled by IT
b) Exclude safety topics
c) Include relevant OH&S info ✅
d) Avoid discussing risks

21–25: Operation (Clause 8)

21. Operational planning must include:
a) Legal requirements
b) Risks and hazards
c) Controls
d) All of the above ✅

22. Which is a method of control in operations?
a) Wearing PPE ✅
b) Ignoring risks
c) Skipping inspections
d) Avoiding documentation

23. Emergency preparedness and response is under which clause?
a) 8.1
b) 8.2 ✅
c) 9.1
d) 10.2

24. Procurement control includes:
a) Ignoring safety records
b) Choosing cheapest vendor
c) Verifying suppliers’ OH&S practices ✅
d) Unsupervised deliveries

25. Outsourced processes must be:
a) Out of OH&S scope
b) Unregulated
c) Controlled by the organization ✅
d) Ignored

26–30: Performance Evaluation (Clause 9)

26. Clause 9.1.1 refers to:
a) Management review
b) Monitoring, measurement, and analysis ✅
c) Training
d) Emergency planning

27. Internal audits must be:
a) Unscheduled
b) Performed annually only
c) Conducted at planned intervals ✅
d) Done by marketing

28. Audit findings must be:
a) Destroyed after 30 days
b) Documented and communicated ✅
c) Shared on social media
d) Hidden

29. Management review inputs include:
a) Sales data
b) Audit results ✅
c) Social media analytics
d) Stock prices

30. Performance indicators must be:
a) Secret
b) Random
c) Relevant to OH&S objectives ✅
d) Infrequent

31–35: Improvement (Clause 10)

31. The organization must take action to:
a) Hide nonconformities
b) Promote non-compliance
c) Eliminate the cause of nonconformities ✅
d) Blame others

32. Continual improvement focuses on:
a) Keeping the status quo
b) Going beyond compliance ✅
c) Punishing employees
d) Ignoring feedback

33. What must happen after a nonconformity?
a) Do nothing
b) Close the issue quietly
c) Take corrective action ✅
d) Change managers

34. Clause 10.3 deals with:
a) Preventive action
b) Communication
c) Continual improvement ✅
d) Training

35. Root cause analysis is required for:
a) Awards
b) Planning audits
c) Investigating nonconformities ✅
d) Celebrations

36–40: General Terms and Definitions

36. What is a “hazard”?
a) A planned event
b) A potential source of harm ✅
c) A safe activity
d) An office tool

37. What is “risk”?
a) The result of a nonconformity
b) A missed opportunity
c) The combination of likelihood and consequence ✅
d) A bonus system

38. What is an “incident”?
a) Always results in injury
b) A planned procedure
c) An unplanned event that may result in harm ✅
d) A regular meeting

39. Nonconformity means:
a) Full compliance
b) Deviation from a requirement ✅
c) Good performance
d) Perfect process

40. Corrective action is taken to:
a) Celebrate success
b) Avoid documentation
c) Eliminate nonconformities ✅
d) Confuse auditors

41–45: Auditor-Specific Questions

41. What is the first step in an audit?
a) Interview the CEO
b) Audit planning ✅
c) Write nonconformities
d) Perform root cause analysis

42. Audit evidence must be:
a) Based on feelings
b) Verified opinions
c) Objective and verifiable ✅
d) Assumptions

43. Audit findings can be:
a) Observations
b) Conformities
c) Nonconformities
d) All of the above ✅

44. An internal audit is done by:
a) External consultants
b) Competent individuals from the same organization ✅
c) Vendors
d) Clients

45. The purpose of an audit is to:
a) Punish staff
b) Remove employees
c) Evaluate compliance and effectiveness ✅
d) Increase product cost

46–50: Real-World Application

46. If PPE is not used, it is a:
a) Reward system
b) Minor observation
c) Nonconformity ✅
d) Legal compliance

47. Workers report a near miss. What’s the next step?
a) Ignore it
b) Punish them
c) Record and analyze it ✅
d) Cancel work

48. Legal requirements are reviewed under which clause?
a) Clause 9
b) Clause 6.1.3 ✅
c) Clause 5.2
d) Clause 8.1

49. What supports a strong safety culture?
a) Ignoring workers
b) Punishing reports
c) Active leadership commitment ✅
d) Reducing training

50. Document control ensures:
a) Documents are hidden
b) Obsolete documents are still used
c) Only latest versions are available ✅
d) Documents are emailed to anyone