Your Clause 4.2 register exists. Workers are listed. Their needs say “safe working environment.” The register was last touched at implementation β or rubber-stamped at the last management review without a single line changed. If your ISO 45001 interested parties register looks like that, it will pass a surface-level audit check. It will not survive an auditor who follows the clause chain.
ISO 45001:2018 builds a structural dependency between three clauses that most implementations treat as separate deliverables. Clause 4.2 generates inputs. Clause 5.4 transmits them through worker consultation. Clause 6.2 consumes them when setting OH&S objectives. When the first link is static, the entire chain produces objectives disconnected from the workforce the system is supposed to protect.
What ISO 45001 Clause 4.2 Actually Requires
Clause 4.2 of ISO 45001:2018 requires the organisation to determine the relevant interested parties β workers are named first β and their relevant needs and expectations. The verb is “determine” β present tense, open-ended. Under the Annex SL structure, context clauses (4.1 through 4.4) are ongoing inputs to planning, not one-time deliverables. Organisations familiar with the parallel Clause 4 structure in ISO 9001 will recognise this pattern β but ISO 45001 adds a critical participative dimension.
But Clause 4.2 does not operate alone. Clause 5.4(d)(1) specifies that non-managerial workers must be consulted on “determining the needs and expectations of interested parties.” Read that again: the determination itself β the act of working out what workers need β is a participative activity. Management cannot populate the register unilaterally and call it done.
This is where most implementations go wrong. The OH&S manager or consultant drafts the register, management signs it off, and it gets filed. Nobody asked the workers what their needs actually are. The 4.2 output was never worker-informed β it was management’s assumption documented in a template.
The Chain That Breaks: Clause 4.2 β 5.4 β 6.2
The dependency runs like this:
Clause 4.2 outputs specific worker needs and expectations. Clause 5.4(d)(1) requires workers to be consulted on those outputs. Clause 5.4(d)(5) separately requires workers to be consulted on establishing OH&S objectives β the Clause 6.2 process. Clause 6.2.1 requires objectives to “take into account applicable requirements,” which includes the needs and expectations identified under 4.2.
Three clauses. Three separable evidence items an auditor can request:
First, 4.2 outputs specific enough to act on β not “safe environment” but needs you can trace to a hazard report, an incident log, or a documented worker conversation.
Second, a 5.4 consultation record showing those 4.2 outputs were discussed with non-managerial workers during the objective-setting process β not after objectives were decided.
Third, 6.2 objectives with documented rationale showing which 4.2 inputs were considered, which influenced the objective, and which were set aside and why.
When the 4.2 register is static, the second and third evidence items do not exist. The 5.4 consultation process runs β toolbox talks happen, safety committees meet β but it transmits no 4.2 content into the 6.2 process. Objectives come from management risk assessments and last quarter’s incident numbers. Internally consistent. Not demonstrably worker-influenced.
What Auditors Test in the Interested Parties Register
Experienced ISO 45001 auditors do not stop at confirming the register exists. Their audit trail follows a traceability logic:
The auditor requests the 4.2 register, then the 6.2 objectives, then asks the auditee to show which specific 4.2-identified need influenced which specific objective. If the auditee cannot make that trace, the auditor has grounds for a nonconformity against Clause 6.2.1 β objectives not demonstrably shaped by applicable requirements β or against Clause 5.4, where the consultation process did not produce the documented outputs the standard expects.
CB sources back this up. Poor worker participation keeps showing up as a primary first-audit failure driver β and auditors are looking for operational evidence, not procedure manuals. The distinction that catches people: auditors assess whether feedback was acted upon, not whether a consultation meeting happened.
No publicly available certification body guidance document specifies the precise mechanism by which Clause 4.2 outputs must demonstrably influence Clause 6.2 objectives. The phrase “taking into account” in Clause 6.2.1 is not operationally defined in any accessible CB interpretation. This is a live coverage gap β the standard creates the obligation, but the audit criterion for “documented that consultation occurred” versus “demonstrably influenced the objective” remains inconsistently applied across certification bodies.
Converting the Register Into a Worker-Informed Mechanism
Fixing this requires six steps β none of them complex, all of them requiring procedural discipline:
First, audit the existing register for specificity. Replace generic entries (“safe environment”) with operationally testable needs derived from hazard logs, incident data, and worker feedback. Segment workers by group β production floor, remote, contractor, agency β because their needs differ. Organisations that have not assessed hazard identification scope gaps across contractor categories will find this segmentation exposes the same blind spots.
Second, build a worker-input channel for the 4.2 determination. Not a suggestion box. A periodic, documented process β run as a Clause 5.4(d)(1) consultation activity β where non-managerial workers contribute to or validate the needs recorded against them. This is the step most implementations skip entirely.
Third, define update triggers. Identify what forces a 4.2 review: new work processes, organisational restructuring, new legal requirements, significant incidents, near-miss patterns, or worker-raised concerns. Document the triggers. This converts the register from a static document to a living input.
Fourth, insert a mandatory 5.4 consultation step into objective-setting. Before OH&S objectives are finalised under Clause 6.2, table the current 4.2 outputs with non-managerial worker representatives per Clause 5.4(d)(5). Record which inputs were considered, which were incorporated, and which were not β with rationale. The “why not” documentation is your audit defence for “taking into account.”
Fifth, build a traceability matrix linking 4.2 inputs to 6.2 objectives. A cross-reference document mapping each OH&S objective to the 4.2 needs it addresses, the 5.4 consultation event where it was discussed, and the risk assessment result (Clause 6.1) it responds to. This single document is the primary audit evidence for the entire chain.
Sixth, schedule the 4.2 review upstream of objective-setting in management review. Place the register review as a standing agenda item before the objective review under Clause 9.3, so the register review feeds directly into the objective discussion β mirroring the clause chain in your meeting structure. A gap assessment can identify where this sequencing is misaligned before the next surveillance visit.
Why This Matters Before the ISO 45001 Revision
ISO/TC 283 published a second committee draft of the revised ISO 45001 in January 2026. The expected publication date is around 2027, with a transition period to follow. The revision expands into worker wellbeing and remote working models β and it shifts the audit emphasis from documentation conformity to demonstrated effectiveness.
That shift is the one that matters. Organisations fulfilling Clause 4.2 through a static register are meeting a documentation test that the 2027 revision is designed to tighten. The structural deficit is not just a current-edition audit risk β it is a pre-transition gap that will not close with a register update when the new edition takes force.
Key Takeaway
Clause 4.2 does not ask for a register. It asks for a determination process β ongoing, worker-informed, and wired into every OH&S objective your organisation sets. The register is a by-product of that process, not the deliverable. When auditors trace the chain from 4.2 through 5.4 to 6.2 and find no documented influence, the nonconformity is not about missing paperwork. It is about an OH&S management system that governs workers without ever incorporating what they actually need.
Clause references reflect mapped standard requirements verified through certification body interpretation sources. Verify against the current edition of ISO 45001:2018 before audit use.
About AEC International
AEC International provides ISO certification, training, and consultancy services at the intersection of occupational health and safety, management system design, and workforce governance. We support organisations across industries in achieving and maintaining ISO 45001 certification β from gap analysis and implementation through audit preparation and continual improvement.
Learn more: www.aec.llc