Quick answer: A corrective action register is a central record of all actions raised to fix identified WHS problems — whether from incidents, audits, inspections, or worker reports. It tracks each action from the moment it is raised through to completion and verification, closing the loop on your safety system.
Last reviewed: June 2026 by the BlueSafe Technical Team. Reflects current Model WHS framework.
When something goes wrong in a workplace — an incident, a failed inspection, a near miss — the immediate response is only half the job. The other half is making sure the root cause is addressed, a responsible person is assigned, and the fix is actually verified. Without a structured way to track that process, actions get raised and forgotten, problems recur, and auditors find gaps.
A corrective action register is the tool that prevents this. It is one of the most practically useful documents in any WHS management system, and it is central to the continuous improvement requirements of frameworks such as ISO 45001.
This guide explains what a corrective action register is, what it records, why it matters, and how to maintain one effectively.
What is a corrective action register?
A corrective action register is a live document that records every corrective action raised within your WHS system. Each entry captures the full lifecycle of a corrective action — from the trigger event that raised it, through the investigation and response, to the point where the action is verified as effective and closed out.
The register is sometimes called a corrective action log, nonconformity register, or improvement register. Regardless of the name, the purpose is the same: to ensure that every identified problem is tracked, owned, acted on, and verified — and that there is a documented record of this process.
Corrective action registers are used by businesses of all sizes, but they are particularly important for organisations working toward ISO 45001 certification, responding to WHS audits, or managing complex worksites where multiple hazards and incidents need to be tracked across teams.
What a corrective action register records
A well-structured corrective action register captures the following for each entry:
Action ID
A unique identifier (e.g., CA-2026-001) that allows each corrective action to be tracked, referenced in meeting minutes, and cross-linked to related documents such as incident reports or audit findings.
Source or trigger
What prompted the corrective action. Common sources include:
- Incidents and near misses — anything reported through your incident register
- Internal audits — findings from scheduled WHS system audits
- Workplace inspections — hazards or deficiencies identified during site inspections
- Worker reports or complaints — concerns raised through consultation processes
- External audits — findings from regulators, certifying bodies, or principal contractors
- Management reviews — items arising from senior management review of WHS performance
- Regulatory notices — improvement notices or prohibition notices issued by a WHS regulator
Recording the source makes it easy to analyse patterns over time. If most of your corrective actions are coming from the same source — for example, repeated inspection findings in the same area — that pattern is itself important information.
Description of the nonconformity or problem
A clear statement of what went wrong, what was found, or what requirement was not met. This should be specific enough that someone reading the register months later can understand exactly what the issue was without needing to track down the original report.
Root cause (where identified)
For more significant corrective actions, the root cause — not just the symptom — should be recorded. A surface fix that does not address the underlying cause will not prevent recurrence. Root cause analysis can be as simple as asking "why did this happen?" several times, or as structured as a formal 5-Why or fishbone analysis.
Responsible person
The name (and ideally the role) of the person accountable for completing the corrective action. Without a named individual, actions tend to remain open indefinitely. The responsible person should be someone with both the authority and the resources to actually implement the fix.
Due date
A target completion date. This should be realistic — set too far out and the action loses urgency; set unrealistically tight and it will never be met. Higher-risk corrective actions should be assigned shorter timeframes.
Status
The current state of the action, typically one of:
- Open — raised but not yet started
- In progress — work is underway
- Completed — the action has been carried out
- Verified — the action has been confirmed as effective
- Closed — the full cycle is complete, including verification
- Overdue — the due date has passed without completion
Verification of effectiveness
This is the step that many organisations skip — and it is the most important one. Completing a corrective action is not the same as verifying that it worked. Verification means checking that the action actually eliminated or reduced the problem it was intended to address. This check is carried out after the action has been in place for a period, and the result — along with who performed the verification and when — should be recorded in the register.
Why a corrective action register matters
It closes the loop
Identifying a problem is the beginning of the safety process, not the end. A corrective action register ensures that every problem raised leads to a concrete response that is followed through. Without it, actions get raised verbally, noted in meeting minutes, and never completed.
It demonstrates continuous improvement
Regulators, auditors, and certification bodies do not just want to know that your workplace is safe today. They want evidence that your organisation learns from experience and improves over time. A corrective action register is direct, auditable evidence of this. It shows the problems you identified, how you responded, and that you verified your responses actually worked.
It supports ISO 45001 compliance
ISO 45001 clause 10.2 requires organisations to react to nonconformities and take corrective action, including determining root causes, implementing actions to prevent recurrence, and retaining documented information as evidence. A corrective action register is the primary document used to satisfy this requirement. Without it, a certification audit will find a gap.
It supports incident follow-up
Corrective actions frequently arise from incident investigations. A corrective action register that is linked to your incident register creates a clear chain from the event through the investigation to the preventive measures implemented. This is exactly the kind of systemic documentation that a WHS regulator or insurer will look for after a serious incident.
It protects the PCBU
If a serious incident occurs, one of the first things investigators look at is whether the organisation identified similar risks previously and what it did about them. A register showing that corrective actions were raised, tracked, and closed out — with verification — is powerful evidence of due diligence. A register full of overdue, unverified actions tells a very different story.
How to maintain a corrective action register
Assign a register owner. One person (typically the safety manager, officer, or the PCBU in a small business) should be responsible for maintaining the register, following up on overdue actions, and ensuring verifications are completed.
Raise actions promptly. Corrective actions should be entered into the register as soon as they are identified — not after the next meeting or at the end of the week. Delays reduce accountability and allow problems to persist.
Set realistic due dates. Assign timeframes based on risk level. A critical hazard identified after a serious incident may need to be addressed within 24–48 hours. A housekeeping issue found in an inspection may reasonably be scheduled for the next fortnight.
Review the register regularly. The register should be a standing agenda item at safety committee meetings and management reviews. Outstanding and overdue actions should be escalated to the appropriate level of management.
Close the loop every time. Do not mark an action as closed without a verification entry. Verification does not need to be complex — it may be a re-inspection, a follow-up observation, or a brief note that the corrective measure was checked and is working. But it must be documented.
Analyse trends. Periodically review the register for patterns — which sources are generating the most actions, which responsible persons have the highest overdue rates, which areas of the workplace are recurring problem areas. This analysis informs your management review and your planning for the next period.
Sample register rows
The following examples illustrate how entries might appear in a corrective action register.
| Action ID | Date Raised | Source / Trigger | Description | Root Cause | Responsible Person | Due Date | Status | Verification |
|---|---|---|---|---|---|---|---|---|
| CA-2026-001 | 3 June 2026 | Incident — near miss | Forklift and pedestrian near-miss in Warehouse Bay 3. No physical separation in place. | Pedestrian walkway markings worn and not reinstated after floor repair. | Warehouse Manager | 10 June 2026 | Verified | Re-inspection 12 June 2026 confirmed new floor markings and bollards installed. J. Torres. |
| CA-2026-002 | 5 June 2026 | Internal audit | SWMS not current for elevated work platform tasks. Referenced superseded equipment model. | SWMS review cycle not triggered when EWP was replaced in March 2026. | Safety Officer | 19 June 2026 | In progress | — |
| CA-2026-003 | 10 June 2026 | Worker report | Inadequate lighting in storeroom — workers reporting difficulty reading chemical labels. | Light fitting failed; replacement not scheduled under maintenance programme. | Facilities Manager | 17 June 2026 | Open | — |
How the corrective action register connects to your WHS system
The corrective action register does not sit in isolation. It is fed by your incident register, your audit programme, your inspection checklists, and your worker consultation process. Its outputs feed into your management review, your training needs analysis, and your hazard and risk register.
For businesses working toward or maintaining ISO 45001 certification, the corrective action register is direct evidence for clauses 10.1 (Continual improvement) and 10.2 (Incident, nonconformity and corrective action). For further guidance on the ISO 45001 corrective action and nonconformity requirements, see our guide on ISO 45001 corrective action and nonconformity.
Frequently asked questions
What is the difference between a corrective action and a preventive action?
A corrective action responds to something that has already gone wrong — an incident, a failed inspection, or a nonconformity. It aims to fix the root cause so the problem does not recur. A preventive action is taken before a problem occurs, to address a risk that has been identified but has not yet caused harm. Many modern WHS frameworks, including ISO 45001, treat both through the same corrective action process, since identifying and acting on potential problems is itself part of continuous improvement.
Is a corrective action register a legal requirement in Australia?
There is no WHS law in Australia that specifically requires a document called a "corrective action register." However, all PCBUs have a duty to manage risks and implement controls — and documenting corrective actions is a practical way to demonstrate that duty is being met. If your business is seeking ISO 45001 certification, clause 10.2 explicitly requires a process for managing nonconformities and corrective actions, which includes maintaining documented information.
How long should corrective action records be kept?
Retention periods are not universally fixed by WHS legislation, but a common practice is to retain corrective action records for at least five years. If a corrective action relates to a notifiable incident, the relevant WHS regulator record-keeping requirements apply — in most states this is a minimum of five years from the date of the incident. Check the specific requirements in your jurisdiction and any applicable certification standard.
What happens if a corrective action is not completed on time?
Overdue corrective actions are a red flag in any WHS audit. They suggest that your system identifies problems but does not reliably close them out. If a due date is missed, you should update the register immediately with a revised due date, the reason for the delay, and who approved the extension. Recurring overdue actions may indicate resource or accountability issues that need to be escalated to senior management.
Ready to manage corrective actions in one place?
BlueSafe Online gives you access to ready-to-use WHS document templates including corrective action registers, incident registers, and audit tools — designed for Australian small business and built to satisfy audit and certification requirements.
This guide provides general information only. Requirements for corrective action documentation will depend on the nature of your business, applicable legislation, certification standards, and any contractual obligations.