This disclosure asks an organisation to explain whether it has a formal approach for managing occupational health and safety across its activities, and how far that approach reaches. In practice, the report should make clear if the system applies to all operations, selected business units, specific sites, or only part of the workforce, and should describe the main features of that approach in a way that shows how health and safety is managed rather than just stated as a policy.
The practical focus is on coverage and consistency: readers should be able to see where the management system applies, where it does not, and whether it is embedded across the organisation or concentrated in a few flagship locations. The disclosure is therefore less about describing isolated initiatives and more about showing the scope, structure, and operational reach of the organisation’s health and safety management arrangements.
This LRA educational guidance supports disclosure preparation. For the exact requirements, always refer to the official GRI source.
A quick mental checklist before you prepare this disclosure — tick each as you settle it.
Key datapoints to prepare
How to prepare it
Request the OHS system evidence from EHS / Operations
Translate the disclosure into an internal business question — then adapt it to your organisation's own language.
Use your organisation’s own labels first, then map them to the reporting disclosure. For example, talk about your safety programme, site controls, incident process, or local H&S arrangements if that is how the business describes them internally.
Please provide the GRI 403-1 information for the OHS management system, including whether it is implemented, the basis for implementation, and the scope and exclusions.
Why it fails: This uses reporting jargon and leaves the owner guessing which internal records to pull. It does not say what people, sites, activities, or source systems to use, so the response may be incomplete or inconsistent.
Please send the current safety programme details for [period]: which workers, activities, and sites are covered; which are not covered; why any gaps exist; and whether the programme sits in place because of a legal duty, a recognised framework, or both. Include the internal record name, owner, and latest review date.
Notes that turn data into a disclosure
LRA training templates — adapt them to your organisation, and check the official source before sign-off.
State how the organisation defines the people, activities and sites included in the health and safety system, and note whether the system exists because of a legal duty or because it follows recognised risk or management guidance.
Explain what the figures mean in practice by describing the parts of the workforce, work and locations that are covered, and whether any exclusions are limited or material.
If coverage changed from the prior period, explain whether that was due to a new legal requirement, adoption of a recognised framework, or a change in the scope of people, activities or sites included.
Preparation tools & forms
Professional preparation tools for GRI 403-1 — free with an LRA Community membership. Register once (it's free) and every download unlocks, together with the Disclosure Library, templates and the LRA AI-assistant.
For each claim, check the evidence
Evidence pack to prepare
Common reporting gaps
Mistakes to avoid when collecting the data
Where judgement is often needed
Illustrative examples
Synthetic, written by LRA — not from a company report, not text from any standard.
We have put in place a workplace health and safety system for our own staff and for agency workers whose day-to-day tasks and sites we control. It is in place because local law requires it, and it is also aligned with recognised management approaches used in our sector. - The legal basis we rely on is the UK Health and Safety at Work etc. Act 1974, the Management of Health and Safety at Work Regulations 1999, and the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013. - The framework we use is built around ISO 45001 and our internal risk-control procedures. - It covers 1,240 employees and 310 non-employee workers across 6 production sites and 2 distribution depots; that is 100% of employees and 100% of controlled non-employees in scope. - We exclude 18 remote sales contractors because their work is not directed by us and their workplaces are not under our control.
Synthetic illustration only. Shows how to state whether a health and safety system exists, why it exists, what it is based on, who and what it covers, and any exclusions, using plain language and internally consistent figures.
Our company runs a health and safety system for employees and for labour-hire staff working under our direction at our depots and transport hubs. We use it because the law expects it, and we also follow recognised risk-management practice. - The legal requirements we meet include the Health and Safety at Work etc. Act 1974, the Workplace (Health, Safety and Welfare) Regulations 1992, and the Control of Substances Hazardous to Health Regulations 2002. - The guidance and standards we work to include ISO 45001 and HSE’s HSG65 approach. - The system applies to 860 employees and 140 agency workers at 4 warehouses, 1 cross-dock site, and 1 vehicle-maintenance yard; that is 100% of employees and 100% of controlled agency workers. - We do not include 22 self-employed delivery drivers because their routes and work locations are set by their own businesses rather than by us.
Synthetic illustration only. Shows a second plausible reporter with different wording, different legal references, and a different coverage pattern, while keeping the disclosure complete and numerically consistent.
How companies report GRI 403-1
Real reports where this topic is disclosed. These are report practice, not exact disclosure templates to copy.

Scenarios to work through
A manufacturer has one safety framework for its own staff, but contractors on the warehouse site follow a separate site rulebook. The reporting team is unsure whether to describe this as one system or two, and whether both groups sit inside the scope.
A logistics group says its safety approach was built to meet local law in three countries. The draft report names the countries but does not say which legal duties shaped the system or whether those duties were the reason it was set up.
A services company uses a health and safety framework adapted from a well-known risk standard, but only for office staff. Field technicians and temporary workers are managed through separate local procedures, and the team is unsure whether to mention the standard and the exclusions together.
A retailer has one safety system for stores and distribution centres, but head office staff are not included because they work remotely and are covered by a separate wellbeing process. The draft wording says only that the system covers “operational sites” and gives no reason for the omission.
Related framework references
How this disclosure maps across the major reporting frameworks.
Questions this page answers
Start with the datapoints listed on the page: system coverage statement, legal basis, legal requirements list, standards basis, frameworks used, system coverage scope, and any exclusions with reasons. The page also has a step-by-step preparation section to help you turn those inputs into a draft.
Use the page’s system coverage scope and exclusions fields to define what is in and out of scope, and record the reasons for any exclusions. The page is set up to help you explain the coverage clearly rather than assume a one-size-fits-all approach.
The page includes an evidence pack with five items and six assurance claims to verify, each framed around claim, risk and evidence. Use those to build a file that shows how the disclosure was prepared and what supports each statement.
The page lists common reporting gaps and mistakes so you can check for missing scope detail, weak explanations, or unsupported statements before you finalise the disclosure. It is designed as a practical review aid rather than a compliance checklist.
The Download Centre includes a Prep & Assurance workbook in .xlsx format that you can use to capture the required datapoints and organise assurance evidence. The page also offers a printable Library Card in PDF if you want a lighter reference copy.
The page gives draft-output support through visualisation ideas, narrative starters, and a GRI content-index line. That helps you turn the prepared data into a report-ready draft without starting from a blank page.
Yes, the page includes synthetic illustrative example disclosures, including a quantitative table, to show how the disclosure can be presented. Treat it as a worked example only and make sure your own figures and wording match your actual data.
The page notes ESRS S1 (Own Workforce) as the closest correspondence, so you can reuse the same underlying data where it is relevant. It does not say the requirements are identical, so you still need to check the disclosure wording and presentation separately.
The page is written for sustainability and ESG managers, HR or data owners, and assurance reviewers, so ownership should sit with whoever can explain the system coverage, legal basis, and evidence behind the disclosure. Use the preparation section and workbook to make responsibilities clear internally.
The page has a 'From company reports' table that links to real published reports where the topic is disclosed. That can help you see how others have handled the topic, while still building your own disclosure from your own data.
Get your GRI 403-1 tools — free
Your preparation tools are free for LRA Community members and students. Register once (it's free) and your download starts right away — plus the Disclosure Library, templates and the LRA AI-assistant.
You're in — your download is starting
Your file is downloading now. Your Community Cabinet — with the Disclosure Library, templates and the LRA AI-assistant — is ready too.
Open your Cabinet →