Occupational health and safety management system program

At Microsoft, health and safety are integral to the company's operations and support its mission to empower every person and organization on the planet to achieve more. In alignment with this mission, the Global Occupational Health and Safety (OHS) team has developed and implemented an OHS Management System (OHSMS) to enhance the health and safety of Microsoft's extended team.

This system is implemented within the context of Microsoft's global operations and is supported by digital platforms such as aka.ms/SafetyHub, which centralizes guidance, tools, and reporting for health and safety. The OHSMS reflects Microsoft's organizational structure, technological environment, and commitment to innovation. It is designed to adapt to evolving legal requirements, stakeholder expectations, and emerging health and safety risks.

The OHSMS includes a set of global OHS requirements designed to build a strong safety culture, enhance organizational visibility, and clarify roles and responsibilities. These requirements are designed to comply with or, where possible, exceed both international standards and local regulations while enabling effective monitoring and management of health and safety performance. All OHS support personnel are required to engage with the system, follow its requirements, and actively contribute to maintaining a safe and healthy work environment.

This description of the OHSMS defines the minimum global requirements for executing health and safety at all Microsoft locations. Any variation to this document, such as creating a location-specific procedure or plan, modifying the existing requirements, or making other changes, must be evaluated through the OHS Governance Framework before implementation.

Information about approved variations to this program can be found in Section 11 of this document.

The requirements outlined in this document apply to all Microsoft full-time employees (FTEs), interns, and external staff (where applicable). Microsoft suppliers must maintain their own health and safety programs that are consistent with the Microsoft Supplier Code of Conduct, including setting health and safety standards, processes, and procedures for Microsoft external staff and subcontractors who provide services to Microsoft, to the extent permitted by law.

Compliance with this management system is expected across all locations. Exclusions are limited to operations where Microsoft does not have management control and must be justified and documented through the OHS Governance Framework.

The Global OHS Team has established key elements to support consistent, effective health and safety management across Microsoft.

• Health and Safety Policy: This Policy outlines Microsoft's commitment to providing a healthy and safe work environment and serves as the foundation for the OHSMS.
• OHS Principles: These principles represent the core values and expectations that guide the implementation of the OHSMS. They are embedded in Microsoft's Global OHS programs to ensure consistent applications of OHS requirements.
• OHS Programs: These programs define the minimum health and safety requirements that are applicable across all locations and describe how these requirements are to be implemented. They reflect Microsoft's commitment to continuous improvement and compliance with applicable laws and standards.
• Governance Framework: Focused on delivering consistent global programming, this framework ensures the implementation and execution of OHS programs in alignment with Microsoft's requirements and applicable law. It also governs how to manage variations when global requirements conflict with local legal or business needs.

The OHS Governance Framework enables consistent application of OHS requirements across all locations, promotes proactive risk and opportunity assessments, and supports continuous improvement through structured governance. It is designed to do the following:

• Ensure compliance with global OHS standards and local legal requirements.
• Support flexibility through a formal Variation Request process (OHS Bypass or Program Deviations) enabling adaptation to local legal or business needs while maintaining alignment with global OHSMS.
• Strengthen accountability via Governance Self-Assessments to evaluate program relevance, identify variations, and surface improvement opportunities.
• Conduct quarterly Governance Reviews to assess variation requests and their impact, evaluate internal and external factors that influence health and safety risks and opportunities, and identify actions that drive continual improvement across the system.

The Framework is governed by the Global OHS Team, which provides strategic direction, allocates resources, and ensures alignment with Microsoft's broader compliance and risk management goals. It applies to all Microsoft locations and is a key mechanism for maintaining consistency and effectiveness of the OHSMS.

Microsoft's Health and Safety Policy supports the company's mission to empower every person and organization on the planet to achieve more by ensuring the health and safety of employees and communities. The Policy provides a framework for setting health and safety objectives and includes commitments to prevent work-related injuries and illnesses, eliminate hazards, reduce risks, comply with applicable legal and internal requirements, and promote employee participation.

The creation of independent local OHS policies is not permitted. However, country supplements to the Health and Safety Policy may be developed to address specific business needs or local legal requirements, subject to review and approval through the OHS Governance Framework.

The OHSMS is structured around four core principles that promote consistency, accountability, and compliance throughout the organization. These principles—Leadership and Commitment, Awareness and Engagement, Compliance and Conformance, and Performance and Improvement—along with their supporting elements, are designed around International Organization for Standardization (ISO) 45001, the international standard for occupational health and safety (OH&S) management systems. This structure ensures a systematic and effective approach to managing health and safety risks and opportunities.

These principles are fully aligned with the Health and Safety Policy and serve as the foundation for implementing, maintaining, and continually improving the OHSMS. They guide the development of objectives, allocation of resources, engagement of stakeholders, and evaluation of performance.

By adhering to the OHS Principles, Microsoft aims to meet stakeholder expectations, comply with and, where possible, exceed health and safety law and requirements, maintain clear organizational accountability, and demonstrate a strong, visible commitment to health and safety excellence.

7.1 Leadership and Commitment

The Leadership and Commitment principle is essential to establishing and sustaining a strong OHS culture. Management demonstrates its dedication and accountability by:

• Establishing and enforcing the OHSMS, which reflects the Microsoft health and safety priorities.
• Promoting open communication and collaboration across all levels of the organization.
• Actively engaging with employees to identify, assess, and address health and safety concerns in a timely and effective manner.
• Integrating OHS considerations into strategic planning and operational decision-making processes.
• Leading by example to reinforce the importance of health and safety in the workplace.

Effective leadership and visible commitment are critical to achieving positive OHS outcomes and embedding a proactive, prevention-focused OHS culture throughout Microsoft.

7.1.1 Objectives

The OHSMS defines four main objectives to support the health and safety culture. These objectives align with the policy and strategic direction, ensuring that they address relevant risks and opportunities proactively:

• Prevention: Prevent work-related injury and ill health and protect the health and safety of workers and other interested parties.
• Compliance: Comply with Microsoft OHS requirements and applicable legal requirements.
• Improvement: Achieve continual improvement in OHS performance and the effectiveness of the OHSMS.
• Excellence: Foster a positive and initiative-taking attitude toward OHS among employees, managers, and stakeholders.

To achieve these health and safety objectives, the Global OHS Team:

• Implements programs that define global OHS processes and requirements, ensuring consistency and alignment across all locations.
• Establishes performance objectives and indicators, which are adopted across all Microsoft locations to drive accountability and measurable progress, and which are reviewed and updated annually through the Management Review process and integrated into the Global OHS programs to support continuous improvement.
• May approve additional specific objectives to address business or local OHS needs, following the established Variation Request process outlined in the Governance Framework.

7.1.2 Resources

Microsoft leadership is committed to fostering a culture that supports effective OHS management and performance by providing the necessary resources to ensure a healthy and safe work environment. These resources include the following.

• Staff: A dedicated team of OHS professionals responsible for developing, implementing, and monitoring the OHSMS while supporting managers, employees, and stakeholders on OHS-related matters.
• Infrastructure: Safe and healthy work environments across all offices, data centers, and campuses worldwide, maintained in accordance with leading OHS practices and hazard prevention and control measures.
• Technology: Digital tools and platforms—including Microsoft 365, Teams, SharePoint, Power BI, and Azure—used to enable OHS communication, collaboration, data analysis, and reporting and advanced OHS risk management, monitoring, and learning solutions.
• Information: Reliable and relevant information on OHS performance, risks, opportunities, and best practices that are collected, analyzed, and shared through secure and timely methods to support informed decision-making.
• Financial resources: Adequate funding to support OHS activities, including investment in training, equipment, technology, and continuous improvement initiatives, along with the costs and benefits of OHS programs.

7.1.3 Organizational Structure

Microsoft has established a comprehensive organizational structure to support effective OHS management across all locations. Roles and responsibilities are clearly defined and aligned with organizational needs and risk profiles.

OHS roles and accountabilities are assigned at all levels of the organization.

To ensure appropriate resource allocation, Microsoft applies an OHS support model based on employee count, risk level, and legal requirements.

• Level 1: Locations with more than 20 employees and high-risk work activities or where in-country OHS staff are legally required. These sites (e.g., Brazil, Romania, Singapore) receive full in-country support and frequent site visits.
• Level 2: Locations with more than 20 employees but no high-risk activities. These sites (e.g., Peru, Poland, Vietnam) receive remote support with limited site visits (1–2 per year), often relying on local partners such as HR, Facilities, or Security.
• Level 3: Locations with 5–20  employees. These sites (e.g., Trinidad, Oman, Sri Lanka) receive limited remote support focused on incident investigations, inquiries, legal register applicability assessments, and SafetyHub content.

7.1.4 Stakeholders

The Global OHS Team closely collaborates with various internal and external stakeholders to proactively address occupational health and safety risks at Microsoft. These stakeholders—including employees, suppliers, regulatory authorities, and local partners—support the execution of OHS programs, provide subject matter expertise, and engage in global OHSMS initiatives.

Stakeholder needs and expectations are identified through processes such as the Global OHS inbox, OHS Launchpad, SafetyHub feedback, safety committee recommendations, and audit outcomes. This information is considered annually during Management Review and is used to update OHS priorities, objectives, programs, and communications to maintain alignment with stakeholder interests and adaptability to changing conditions.

7.2 Awareness and Engagement

Microsoft fosters a proactive health and safety culture by promoting awareness and engagement across all levels of the organization. This principle ensures that employees, interns, and external staff are informed, involved, and empowered to contribute to the continual improvement of the OHSMS.

7.2.1 Communications

Microsoft ensures that OHS information is communicated in a timely, clear, and accessible manner and is tailored to the needs of diverse audiences. Communications are designed to promote awareness, engagement, and continual improvement in OHS performance.

The Global OHS Team and OHS Program Managers are responsible for internal communications, which are delivered through channels such as orientation, training, aka.ms/SafetyHub, and Staffbase. External communications are managed by corporate functions to ensure alignment with Microsoft's brand and confidentiality standards.

Communications are tailored to language, literacy, accessibility, and cultural context to ensure inclusiveness and understanding. Communication strategies are periodically reviewed and improved based on feedback, performance indicators, and lessons learned. Microsoft uses a variety of tools and platforms to support effective and consistent OHS communication.

7.2.2 Training

Microsoft provides consistent and high-quality OHS training to all FTEs, interns, and applicable external staff to build awareness, improve engagement, and reduce the risk of injury and illness. The Global Training program ensures that training is aligned with Microsoft's OHS objectives, requirements, and accessibility standards.

All required OHS training is delivered through Microsoft Viva Learning, offering interactive and engaging learning experiences. Viva Learning supports tracking, reporting, and evaluation of course completion and learner satisfaction. All training must meet Microsoft accessibility standards.

All new hires receive a global New Employee Health and Safety Training through Viva Learning, consisting of modules covering basic safety information. Site-specific and risk-based OHS induction may also be provided to meet local requirements and exposure.

Qualified OHS trainers or external consultants may deliver instructor-led training for topics not available in Viva Learning or require practical instruction. Supervisors will also provide on-the-job, in-person training focused on hazards and controls identified in the risk assessment.

Additional training may also be delivered by certified local providers (e.g., government agencies) to meet legal or operational needs. Emergency-related training, including fire safety, first aid, and emergency preparedness, is managed by Security and GWS in consultation with OHS.

Additional OHS training must undergo review and approval according to the Variation Request process.

7.2.3 Employee Engagement

Microsoft encourages the active participation of employees, interns, and external staff to strengthen the health and safety culture and ensure effectiveness of OHSMS across all locations.

Participants are expected to:

• Follow Microsoft's health and safety commitment as outlined in the Health and Safety Policy.
• Complete all required health and safety training.
• Report injuries, illnesses, near misses, and unsafe behaviors and conditions via the SafetyHub Report app on Viva Connections (aka.ms/safetyhubreport).
• Participate in Health and Safety Committees or in consultation processes, where available, to provide feedback and suggest improvements.
• Engage in OHS-related surveys and feedback opportunities, including those used to assess risk perception, training effectiveness, and program satisfaction.
• Request appropriate training and certification for equipment use or material handling, as required.

In addition, Microsoft ensures that employees are consulted on health and safety matters through formal committees or other locally appropriate mechanisms. Participation is inclusive and accessible, with clear guidance on how to engage and provide feedback. Input is reviewed and used to improve OHS programs, and roles for enabling participation are clearly defined across leadership and OHS teams, as outlined in the Employee Engagement program.

7.2.4 Document Management

The Global OHS Team oversees the documentation required to support the OHSMS, including the Policy, objectives, programs, plans, procedures, records, and reports. All OHS-related documents must be stored in the Global OHS Team site to ensure consistency, version control, and authorized access.

The OHS Document Management program (coming soon) defines how documents are created, reviewed, approved, updated, retained, and disposed of. All documents must be:

• Approved by authorized personnel before use.
• Assigned to the owner responsible for maintenance and revision.
• Identified with a unique title, version, author, and revision status.
• Accessible to relevant personnel and protected from unauthorized changes or loss.
• Reviewed periodically or when changes occur.
• Archived or removed from circulation when obsolete.

Documents containing Personally Identifiable Information (PII)—such as incident investigations or employee training records—must be stored in secure systems such as Enablon or Employee Central. Local copies must be deleted once uploaded to ensure compliance with privacy and retention requirements.

All OHS records are retained, stored, and disposed of in accordance with the Microsoft Corporate Document Retention Schedule.

7.3 Compliance Conformance

The Compliance and Conformance principle ensures that Microsoft operations adhere to applicable legal obligations and internal OHS programs while fostering a proactive, transparent, and accountable OHS culture.

This principle supports the prevention of injury and ill health, promotes continuous improvement, and reinforces Microsoft's commitment to operational excellence.

7.3.1 Risk Management

The Global OHS Team continuously identifies and evaluates health and safety risks and opportunities. This dynamic process is integrated with Microsoft´s evolving OHS strategy and is supported by rigorous documentation, real-time monitoring, and periodic evaluation through the Variation Request, Management of Change, and Management Review processes.

Microsoft maintains a formal Risk Assessment program that meets compliance expectations and internal standards. This program systematically identifies, assesses, and controls potential hazards and undesired events across all operations.

Risk assessments for Microsoft employee tasks must be conducted by qualified individuals with expertise in hazard identification and control selection. Suppliers are responsible for conducting their own risk assessments in accordance with their internal systems while ensuring alignment with Microsoft's expectations.

All risk assessments must be documented, reviewed, and updated periodically—or immediately when operational changes introduce new hazards. If an incident investigation reveals an unassessed hazard, the relevant risk assessment must be revised accordingly.

When control measures identified in a risk assessment are not already addressed in Microsoft's global OHS programs, the variation request process must be followed before implementation to ensure consistency, effectiveness, and oversight governance.

Risk management outcomes, including control effectiveness, incident trends, and audit findings, are monitored through performance indicators and dashboards. These data insights inform strategic decisions and drive continuous improvement.

7.3.2 Legal Compliance

Compliance with applicable OHS laws and regulations is foundational to Microsoft OHSMS. It ensures that minimum legal requirements are met, reducing the risk of liabilities and penalties. Any conflict between local legal requirements and Microsoft OHS programs must be escalated and resolved through the Variation Request process outlined in the OHS Governance Framework before any local implementation begins.

Legal and other OHS requirements are identified based on the hazards and risks associated with each activity or service. These are documented in the Enhesa Legal Register, which forms the basis for country or business group-specific action plans. Note: The applicability screening must be completed to generate the Legal Register.

Noncompliance must be addressed through action plans created in Enablon. These plans must outline corrective measures, define resolution timelines, and assign responsible individuals with the necessary authority to address the nonconformance.

The Legal Register is reviewed periodically and updated when legal requirements change.

Where legal interpretation is required, guidance should be sought from Regional OHS Managers, CELA, or external advisors to ensure an appropriate resolution.

7.3.3 Incident Management

Microsoft is committed to the timely reporting, investigation, and resolution of all OHS incidents to prevent recurrence and promote a healthy and safe work environment.

The Incident Reporting and Investigation program outlines the requirements for:

• Reporting incidents via aka.ms/safetyhubreport. Notifying authorities and stakeholders as required.
  • If you cannot access the app, please report your injury to Global OHS.
• Conducting thorough investigations to identify root causes, contributing factors, and impacts.
• Developing and implementing corrective action plans.
• Sharing lessons learned with relevant teams to prevent recurrence and drive continuous improvement.

7.3.4 Health and Safety Requirements

The Global OHS Team is responsible for developing and maintaining comprehensive OHS programs that define the minimum requirements necessary to implement a world-class health and safety culture at Microsoft.

All business groups and locations are expected to adhere to these Global OHS programs. If conflicts arise with local legal requirements or another Microsoft program, the Variation Request process within the Governance Framework must be followed to resolve these conflicts.

To ensure compliance with Global OHS requirements while fulfilling legal obligations, approved variations are documented as formal supplements to the OHS programs. In cases where a local OHS manual, plan, or program is legally mandated, it must undergo the Variation Request process and receive approval from the Governance Committee. Upon approval, the preferred and standardized approach is to use the site-specific OHS Plan template, which references Global OHS program requirements and integrates the approved local criteria. Independent local documents are not permitted outside of this established process.

When new or enhanced procedures are developed, they should be submitted to the Global OHS Team for consideration of their potential inclusion in future Global OHS programs. All approved changes undergo regular review to ensure continued compliance and relevance.

Microsoft suppliers are required to maintain their own health and safety programs consistent with the Microsoft Supplier Code of Conduct.

7.3.5 Management of Change

Management of Change (MOC) is a structured process used to evaluate and control the impact of planned changes—temporary or permanent—on health and safety. It applies to modifications in operations, equipment, procedures, or processes that could introduce new hazards or affect existing controls.

Before implementing any change, a risk assessment must be conducted to identify potential hazards, evaluate impacts, and define appropriate controls. This includes design considerations, engineering reviews, and documentation of decisions.

The MOC process is distinct from the Governance Variation Request process. While MOC addresses operational or technical changes that may affect health and safety performance, the Variation Request process is used to formally request deviations from global OHS program requirements due to legal obligations or business needs. Variation Requests must be reviewed and approved by the Global OHS Governance Committee, whereas MOC is managed locally with support from the Global OHS Team when needed.

Together, these processes ensure that both operational changes and program-level variations are managed in a controlled, transparent, and compliant manner.

7.3.6 Purchasing and Suppliers

Microsoft procurement policies govern the sourcing of suppliers, purchase order (PO) approvals, and contract execution. Prior to procurement, health and safety considerations must be assessed to ensure alignment with OHS requirements.

Suppliers must have an approved PO before delivering goods or services. After-the-fact purchase orders (ATF POs) are considered policy violations as they represent unauthorized expenditures and pose financial and compliance risks.

When suppliers handle employee data (collection, storage, or processing), they must comply with the Supplier Security and Privacy Assurance (SSPA) program. Authorized personnel must approve invoices. Outsourced staff may manage POs and approve invoices, as long they comply with all of Microsoft's procurement procedures, including compliance with SSPA and Privacy reviews, proper spend categorization, and timely approvals.

Supplier contracts must be signed by someone with the appropriate purchasing authority, as defined in the Authorization for Expenditures Policy and the Corporate Signature Policy.

7.3.7 Mergers and Acquisitions

Mergers and acquisitions (M&A) represent a critical phase in Microsoft's business operations, as they involve the integration of existing or prospective partners into the company's ecosystem. Health and safety considerations are an essential component of any M&A transaction.

The Global OHS Team collaborates with the M&A team to develop and implement OHS strategies for each transaction, focusing on assessing the target organization's health and safety performance and compliance, identifying potential OHS risks and liabilities, aligning with Microsoft's global OHS standards, and integrating the target's OHS practices into Microsoft's system for a seamless transition.

OHS due diligence involves collaboration with Legal, Real Estate and Facilities, and Security to understand the target's risk profile. Post-acquisition, the Global OHS Team ensures that health and safety priorities are maintained and that Microsoft protects people and promotes operational excellence.

7.4 Performance and Improvement

The Performance and Improvement principle ensures that Microsoft's OHSMS remains effective, relevant, and aligned with business strategy. This principle fosters accountability, learning, and innovation through structured evaluation methods, defined performance indicators, and leadership engagement.

This includes monitoring performance through metrics and insights , identifying and addressing gaps through inspections, audits, and reviews, engaging leadership in performance evaluation and priority setting, and fostering innovation to enhance OHS programs, tools, and practices.

7.4.1 Inspections and Assessments

Inspections and assessments are systematic processes used to verify compliance with health and safety requirements across Microsoft locations.

Inspections focus on identifying potential hazards and ensuring compliance with OHS requirements and local regulations. Assessments evaluate the implementation and effectiveness of OHS programs and procedures.

The scope and frequency of workplace inspections and assessments are based on the nature of the work, risk levels, documented procedures, legal obligations, and operational changes that may impact health and safety.

Qualified individuals or teams, as designated in the Inspections and Assessments program, are responsible for conducting these evaluations. Their findings support proactive risk management and continuous improvement.

7.4.2 Audits and Certifications

Audits are a key component of the OHSMS, providing independent and objective evaluations of OHS performance, program integrity, and compliance with requirements.

Internal audits are conducted to assess conformance with OHSMS requirements, identify improvement opportunities, and ensure readiness for external evaluations. These audits are planned and executed according to the Audits program and are integral to the management review process.

External audits may vary in scope and purpose and are conducted by accredited certification bodies, regulatory authorities, or other qualified entities. The selection of audit type and scope is based on business needs, legal obligations, and strategic objectives. The OHSMS is structured to support formal certification offering recognition, competitive advantage, and evidence of continual improvement. Certifications are funded locally.

All participants in the audit and certification activities must follow the procedures outlined in the Audits program to ensure consistency, accountability, and alignment with Microsoft's global OHS expectations.

7.4.3 Management Review

Management Review is an annual strategic process to assess the relevance and effectiveness of the OHSMS, ensure alignment with business strategy, and drive continual improvement. It engages leadership in reviewing performance, identifying risks, and considering internal and external factors, such as organizational changes, workforce dynamics, regulatory shifts, and economic conditions, that impact health and safety.

The OHS Council serves as the primary review body. Outcomes, including decisions and action items, are documented, and any resulting changes to OHS programs must follow the Governance Variation Request process. Outcomes, including decisions and action items, are documented, and any resulting changes to OHS programs must follow the Governance Variation Request process.

Locations conducting reviews for certification or legal compliance adapt the deck to meet local needs while maintaining alignment with Microsoft's OHSMS.

7.4.4 Innovation

Innovation drives continual improvement in the OHSMS by enabling proactive enhancements to health and safety performance across all levels of the organization.

The Global OHS Team fosters a culture of innovation by promoting the use of emerging technologies, such as Microsoft Copilot and AI agents. These innovation efforts are leveraged to anticipate risks, streamline processes, and enhance decision-making. Creative solutions are encouraged through cross-functional collaboration and ongoing engagement with frontline teams.

By embedding innovation into the OHSMS, Microsoft strengthens its ability to anticipate risks, adapt to change, and improve health and safety outcomes. All innovations are reviewed through Governance and Management Review meetings to ensure that they're relevant, scalable, and sustainable.

10.1 Microsoft Internal

• Microsoft Health and Safety Policy
• Microsoft Supplier Code of Conduct
• SafetyHub | Global
• Microsoft internal safety programs can be accessed here: SafetyHub Programs and Guidance

10.2 Microsoft external

• ISO 45001

The following terms are used in this document. The definitions below are used in the scope of this document, but local regulatory definitions supersede if there is a conflict.

Enablon: Microsoft's enterprise system for managing OHS data, including incident reporting, risk assessments, and legal compliance tracking.

Enhesa: A global regulatory intelligence platform used by Microsoft to identify, monitor, and evaluate applicable health and safety legal requirements. Enhesa supports the creation of country-specific legal registers and compliance action plans.

Global OHSMS: Integrated suite of global OHS programs and requirements designed to foster a solid OHS culture across Microsoft. This system promotes health and safety practices that not only meet but may exceed global OHS requirements and local regulations. It involves the development and implementation of programs, objectives, programs, plans, procedures, records, and reports to ensure a safe and healthy work environment.

Global OHS Policy: Corporate policy that outlines the company's commitment to ensuring the health and safety of its employees and communities. The policy emphasizes the importance of injury and illness prevention, hazard elimination, and risk reduction to create a safe and thriving work environment.

Global OHS programs: Designed to protect the health and safety of all individuals at Microsoft, including employees, external staff, and visitors. These programs reflect Microsoft's commitment to maintaining high standards of health and safety through effective governance and adherence to regulatory requirements. The OHS programs encompass accident prevention, risk management, and compliance with applicable laws to ensure a safe and healthy work environment.

Governance Self-Assessment: A structured internal review conducted by OHS Managers to evaluate the relevance, implementation, and effectiveness of OHS programs and identify potential variations or improvement opportunities.

Incident Management: A structured process for identifying, reporting, investigating, and resolving unplanned events (e.g., injuries, illnesses, property damage) to restore operations, ensure compliance, and prevent recurrence.

ISO 45001: An international standard for occupational health and safety (OH&S) management systems that provides a framework to identify, control, and reduce workplace risks, improve safety performance, and ensure legal compliance.

Management Review: An annual strategic process led by the OHS Council to assess the effectiveness of the OHSMS, review performance data, and align health and safety priorities with business strategy.

OHS Bypass Request: Process within the OHS Governance Framework that allows for certain variations to be implemented without going through the full approval process, provided they meet specific criteria.

OHS Governance Framework: Structured approach designed to ensure adherence to Microsoft's Global OHSMS that addresses any variations that arise from legal requirements or business group needs.

OHS Governance Committee: A committee formed by the Global OHS Team to review and approve or reject variation requests to the OHSMS.

OHS Program Deviation: A formal request to make changes, additions, reductions, or exceptions to the Global OHSMS to accommodate local legal requirements or specific business needs that conflict with global OHS standards.

OHS Program Manager: An individual responsible for implementing and enforcing all provisions of the Global OHSMS at a specific location or within a business group. This role includes ensuring compliance with global and local requirements, advising on hazardous conditions, coordinating training, and managing incident reporting and corrective actions.

OHS Support Model: A tiered framework for allocating OHS resources based on employee count, risk level, and legal requirements at each location (Levels 1–3).

Risk management: A structured approach to identifying, assessing, and controlling health and safety risks, integrated with incident reviews, change management, and compliance efforts.

SafetyHub: Microsoft's centralized digital platform for accessing OHS guidance, reporting incidents, and managing country-specific safety content.

SMART criteria: A framework for setting OHS objectives that are specific, measurable, achievable, relevant, and time-bound.

Specific OHS Plan template: Defines OHS criteria for a specific Microsoft workplace to ensure compliance with both Microsoft´s OHS requirements and local legislation.

Variation Requests: Requests for changes, additions, reductions, or exceptions to the OHSMS that arise from legal requirements or business group needs.