Creating Work Health And Safety Policies: Australian Employer’s Compliance Guide

Running a business in Australia isn’t just about sales, strategy and growth. It also means taking clear, practical steps to keep people safe at work - whether they’re employees, contractors, volunteers, or visitors.

That’s where work health and safety (WHS) policies come in. A well‑drafted WHS policy helps you manage risks, build a strong safety culture and show regulators you take safety seriously. It also makes day‑to‑day decisions easier for managers and staff.

If putting WHS paperwork together feels overwhelming, you’re not alone. The good news is that creating a practical, compliant policy is absolutely doable when you break it into steps. In this guide, we’ll explain what a WHS policy is (and when you’re expected to have one), the legal duties that apply across Australia, and a simple process you can follow to draft, roll out and review your policy with confidence.

We’ll also cover common mistakes to avoid and the key documents that typically support WHS compliance for small and medium businesses. If you want to protect your people, reduce risk and stay on the right side of the law, keep reading - we’re here to help you navigate WHS the smart way.

What Is WHS And Do You Need A Written Policy?

Work health and safety (WHS) - sometimes called occupational health and safety (OHS) - is about identifying hazards, assessing risks and putting controls in place so people are not harmed while doing work for your business.

Legally, duties under WHS laws fall on the “person conducting a business or undertaking” (PCBU). In practice, that’s usually the company, sole trader or partnership running the business. Officers (for example, directors and key decision‑makers) must exercise due diligence to make sure the PCBU is meeting its obligations, and workers must take reasonable care for their own safety and follow reasonable instructions.

Do you need a written WHS policy? A written policy is not universally mandated for every PCBU in every situation. However:

• As your business grows, written policies become essential to demonstrate compliance and to set consistent expectations across teams, shifts and locations.
• For many industries and higher‑risk work, documented procedures (like safe work method statements for high‑risk construction work) are specifically required under the regulations.
• A short, clear policy makes it easier to induct staff, consult with workers, and show “what good looks like” in daily operations.

Even where a written policy isn’t strictly required, it’s a practical way to meet your general duty to manage risks and to evidence your approach if a regulator asks questions after an incident. It also supports your broader duty of care to workers.

Who Enforces WHS And What Laws Apply In Australia?

Across most of Australia, WHS obligations come from harmonised “model” laws. Safe Work Australia develops the model laws and codes of practice, but it does not enforce them.

Enforcement is managed by state and territory WHS regulators. These include (for example) SafeWork NSW, Workplace Health and Safety Queensland, WorkSafe ACT and WorkSafe WA. Victoria operates under the Occupational Health and Safety Act 2004 (Vic) and WorkSafe Victoria enforces those OHS laws.

Core Legal Duties For PCBUs

While details vary by jurisdiction, the duties are broadly similar:

• Provide a safe working environment, plant and systems of work so far as is reasonably practicable. This includes safe premises, machinery, substances, and work processes.
• Identify hazards and manage risks by eliminating them where reasonably practicable, or otherwise minimising risks using effective controls.
• Provide information, training, instruction and supervision so workers can do their jobs safely.
• Consult with workers (and health and safety representatives if you have them) about hazards, proposed changes and risk controls.
• Prepare for and respond to incidents with a clear system for reporting, investigating and improving.
• Notify the regulator of notifiable incidents (such as serious injuries, illness, or dangerous incidents) immediately, and preserve the site until directed (except to save life or prevent further injury).

Officers must exercise due diligence - for example, by staying informed about WHS, ensuring appropriate resources and processes are in place, and verifying that these are used.

Psychosocial Hazards Are Part Of WHS

Recent updates to WHS laws and codes of practice emphasise psychosocial hazards like work‑related stress, bullying, fatigue, aggression and occupational violence. These are safety risks you must assess and manage like any other hazard.

Supporting policies (such as respectful workplace standards, fatigue management and workload planning) and early, fair processes for managing issues can help. If questions arise about stress‑related absences, it’s important to handle them fairly and consistently; our guide on managing employee stress leave explores common employer obligations.

Privacy When Handling Incident Information

If you collect personal information (including health information) during incident reporting or investigations, consider your privacy obligations. The Privacy Act 1988 (Cth) applies to Australian Privacy Principles (APP) entities - generally businesses with an annual turnover of more than $3 million, and some smaller businesses in specific categories (for example, health service providers or those trading in personal information).

Good practice is to tell people what you collect and why, and to secure sensitive information appropriately. A clear Privacy Policy and a concise privacy collection notice help set expectations and reduce risk.

Step‑By‑Step: How To Create Or Improve Your WHS Policy

Here’s a simple, practical process you can follow to develop or refresh your WHS policy and supporting procedures.

1) Map Your Work And Identify Hazards

• List your tasks and work contexts: on‑site, off‑site, remote work, driving, client premises, after‑hours call‑outs.
• Identify physical hazards (trips, plant, manual handling, chemicals, electricity), environmental hazards (heat, noise), and psychosocial hazards (workload, conflict, fatigue).
• Ask your team - consultation is a legal requirement and workers often see risks that managers miss.

2) Assess Risks And Decide On Controls

• Use a simple risk matrix to assess likelihood and consequence.
• Apply the hierarchy of control: eliminate risks where reasonably practicable; otherwise substitute, isolate, use engineering controls; supplement with administrative controls and PPE.
• Document your reasoning so you can explain why a control is reasonably practicable for your business.

3) Draft Your WHS Policy

Keep it short, clear and tailored to your work. A practical policy usually includes:

• Commitment statement: Your promise to provide a safe working environment and to continuously improve.
• Scope and definitions: Who the policy applies to (workers, contractors, volunteers) and key terms (hazard, risk, PCBU).
• Roles and responsibilities: What officers, managers, supervisors, workers and contractors must do.
• Risk management approach: How your business identifies hazards, assesses risks, and implements controls.
• Consultation and participation: How you consult (toolbox talks, HSRs, safety committees) and how workers can raise issues.
• Training and supervision: Induction, refresher training, competence checks, licences/permits to operate.
• Incident management: Reporting, investigating, corrective actions, and regulatory notifications.
• Monitoring and review: Audits, inspections, KPIs, and how (and when) the policy will be updated.

Make sure your policy aligns with related workplace rules in your staff handbook - consistency keeps expectations clear for your team.

4) Build Simple Procedures And Forms

Support your policy with easy‑to‑use tools:

• Risk assessment templates and checklists for common tasks.
• Safe work procedures, work instructions, and (if applicable) safe work method statements.
• Induction content and short refresher modules.
• Hazard and incident reporting forms, with a clear triage process and follow‑up steps.
• Consultation records (meeting notes, toolbox talk summaries) so you can demonstrate engagement.

5) Train, Consult And Roll It Out

• Induct all new starters before they start work, and schedule periodic refreshers.
• Explain the “why” behind controls so they are more likely to be used correctly.
• Invite feedback through regular check‑ins and safety meetings. Consultation isn’t a one‑off.

6) Keep It Live: Monitor, Review And Improve

• Review at least annually, and whenever things change - new equipment, new premises, new processes, or after an incident or near‑miss.
• Track actions to completion and communicate improvements to your team.
• Retire controls that don’t work, and invest in those that do.

If your business is growing quickly or you operate in a higher‑risk environment, it’s sensible to have your WHS policy reviewed alongside core employment documents like your Employment Contract and workplace policies, so everything works together.

Common Pitfalls And How To Avoid Them

Small missteps can create big risks. Here are common issues we see - and what to do instead.

• Copy‑pasting generic templates: Generic policies don’t match your real work. Tailor the policy to your specific tasks, environment and equipment.
• “Set and forget” paperwork: Policies need life. Train people, test procedures, and review regularly as your business changes.
• No consultation: Consultation is required by law. Make it practical with toolbox talks, quick surveys and meeting time carved out for safety.
• Focusing only on physical hazards: Psychosocial risks such as workload and conflict are part of WHS. Include them in your risk assessments and controls.
• Unclear reporting pathways: If people don’t know how to report hazards or near‑misses, they won’t. Publish a simple process and respond quickly to build trust.
• Assuming “office work” is low risk: Don’t overlook ergonomic set‑ups, electrical safety and isolation risks in home or hybrid arrangements.

If you recognise any of these in your business, a short policy refresh and training session can make a big difference.

What Documents Help With WHS Compliance?

Beyond your WHS policy, most businesses rely on a handful of supporting documents to embed safety into daily operations:

• Workplace Policies And Staff Handbook: One place for safety, conduct, bullying and harassment, leave, complaints and other rules workers need to follow. Your handbook should align with your safety approach outlined above. See more on aligning policies within a staff handbook.
• Employment Contracts: Set expectations about following safety procedures, reporting hazards and cooperating with return‑to‑work plans. Having a clear, role‑appropriate Employment Contract makes enforcement and training simpler.
• Safety Procedures And Checklists: Short, practical instructions for operating plant, handling chemicals, manual handling, and emergency response.
• Incident And Hazard Reporting Forms: Easy ways to report, investigate and track corrective actions. Keep them short so workers will actually use them.
• Training And Induction Materials: Role‑specific content plus a simple tracking log so you can evidence competence and licence checks.
• Privacy Documents: If you handle incident data or health information, have a current Privacy Policy and a short privacy collection notice that explains what you collect and why.
• Topic‑Specific Policies (as needed): For example, a respectful workplace or bullying policy, fatigue management, vehicle use, or drug and alcohol testing where safety‑critical work is performed.

Not every business needs every document. However, if you employ people, do client‑site work, use vehicles, or operate plant or equipment, you will likely need several of the above. Keeping them short, consistent and easy to use is the key.

How Often Should You Update WHS Documents?

Set a regular review cycle (at least annually) and update sooner if:

• you introduce new plant, substances or processes,
• you expand locations or change how work is performed (including more remote work),
• an incident or near‑miss occurs, or
• a relevant law or code of practice is updated.

Document your reviews and changes. Showing continuous improvement goes a long way with both workers and regulators.

Where Do WHS And Employment Law Meet?

Safety and employment often intersect - for example, directing a worker to stay off plant until trained, or requiring fitness for duty after an injury. Make sure your safety expectations are reflected in your workplace rules and contracts, and that your approach to leave and performance management is fair and consistent with employment law. If you’re updating WHS processes, consider whether related HR policies also need a refresh.

Key Takeaways

• WHS duties sit with the PCBU (your business) and officers, and are enforced by state and territory regulators - not Safe Work Australia.
• A short, tailored WHS policy is a practical way to manage risks, train staff and demonstrate compliance, even where a written policy isn’t strictly mandated.
• Consultation, training, incident reporting and psychosocial risk management are core parts of your legal obligations.
• Support your policy with simple procedures, forms and related workplace rules in your staff handbook and Employment Contract.
• If you collect incident or health information, check whether you’re an APP entity and use a clear Privacy Policy and collection notice to manage privacy risks.
• Review and update your WHS documents at least annually, and whenever your business or the law changes.

If you would like a consultation on creating or reviewing your work health and safety policies, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no‑obligations chat.