NR-1 – General Provisions and Occupational Risk Management

(Last modification: SEPRT Ordinance No. 6,730, of March 9, 2020.)

(Effective date: January 3, 2022 – SEPRT Ordinance 8,873, of July 23, 2021)

1.1 Objective

1.1.1 The purpose of this standard is to establish the general provisions, scope, terms and definitions common to the regulatory standards (NRs) on occupational health and safety and the guidelines and requirements for the management of occupational risks and preventive measures in occupational health and safety.

1.1.2 For the purpose of applying the NR, the terms and definitions in Annex I shall be taken into account.

1.2 Scope

1.2.1 The NRs are binding on employers and employees in both urban and rural areas.

1.2.1.1 The NRs are mandatory for organizations and public bodies of direct and indirect administration, as well as for bodies of the legislative and judicial branches and the Public Prosecutor’s Office, whose employees are subject to the Consolidation of Labour Laws.

1.2.1.2 By law, the provisions of the NRs apply to other legal relationships.

1.2.2 Compliance with the NRs does not exempt organizations from compliance with other provisions contained in building codes or sanitary regulations of states or municipalities, as well as those arising from collective bargaining agreements.

1.3 Responsibilities and structure

1.3.1 The Secretariat of Labor (STRAB), through the Undersecretariat of Labor Inspection (SIT), is the national body competent in matters of occupational health and safety to:

a) formulate and propose the guidelines, operating standards and supervise activities in the area of occupational health and safety;
b) promote the National Campaign for the Prevention of Workplace Accidents (CANPAT);
c) coordinating and supervising the Workers’ Food Program (PAT);
d) promote the monitoring of compliance with the legal and regulatory requirements on occupational health and safety across the national territory;
e) participate in the implementation of the National Occupational Health and Safety Policy (PNSST); and
f) hear appeals, whether voluntary or on its own initiative, as the last instance, against decisions of the regional body responsible for occupational health and safety, unless expressly provided otherwise.

1.3.2 It is the responsibility of the SIT and the regional bodies subordinate to it in matters of occupational safety and health, within the limits of their competence, to carry out:

g) enforcement of the legal and regulatory rules on occupational safety and health; and
h) activities related to CANPAT and PAT.

1.3.3 It is the responsibility of the Regional Labour Authority to impose the appropriate sanctions for non-compliance with the legal and regulatory provisions on occupational safety and health.

1.4 Rights and responsibilities

1.4.1 The employer is responsible to:
a) comply with and enforce the legal and regulatory requirements for occupational health and safety;
b) inform workers of:
I. the occupational risks present in the workplace;
II. the preventive measures adopted by the company to eliminate or reduce such risks;
III. the results of the medical examinations and complementary diagnostic tests to which the workers themselves are subjected; and
III. the results of the medical examinations and complementary diagnostic tests to which the workers themselves are subjected; and
IV – the results of environmental assessments conducted in the workplace.
c) prepare instructions on occupational health and safety and to inform the workers;
d) allow workers’ representatives to accompany the monitoring of legal and regulatory provisions on occupational health and safety;
e) determine the procedures to be followed in the event of an occupational accident or illness, including the analysis of its causes;
f) provide the Labour Inspectorate with all information related to occupational safety and health; and
g) implement preventive measures, in consultation with the workers, in the following order of priority:
I. elimination of risk factors;
II. minimization and control of risk factors through collective protective measures; III. the minimization and control of risk factors through the adoption of administrative or organizational measures; and
IV. the adoption of individual protective measures.

1.4.1.1 Organizations required to establish a CIPA according to NR-5 shall, in addition to other measures they deem necessary, adopt the following measures to prevent and combat sexual harassment and other forms of violence in the workplace: (MTP Ordinance No. 4.219, of December 20, 2022 – item and paragraphs shall be effective as of March 20, 2023)

a) inclusion of rules of conduct regarding sexual harassment and other forms of violence in the company’s internal regulations, with wide dissemination of their content to male and female employees;
b) establishment of procedures for receiving and monitoring complaints, investigating the facts and, where appropriate, imposing administrative sanctions on those directly or indirectly responsible for acts of sexual harassment and violence, while ensuring the anonymity of the person making the complaint, without prejudice to the appropriate legal procedures; and
c) at least every 12 (twelve) months, providing training, orientation, and awareness-raising to male and female employees at all levels of the organization on issues related to violence, harassment, equality, and diversity in the workplace, in accessible, appropriate formats that are as effective as possible.

1.4.2 The workers are responsible for:

a) to comply with the legal and regulatory provisions on occupational health and safety and health, including the instructions given by the employer;
b) undergo the medical examinations provided for in the NR;
c) collaborate with the organization in implementing the NR; and
d) use the personal protective equipment provided by the employer.

1.4.2.1 An employee’s unjustified refusal to comply with the provisions of the previous item constitutes an act of misconduct.

1.4.3 Workers may stop their activities if they see a work situation that, in their opinion, poses a serious and imminent risk to their life and health, and immediately inform their supervisor. 1.4.3.1 If the employer confirms that there is a serious and imminent risk, workers cannot be required to return to work until corrective action has been taken.

1.4.4 Each worker must be provided with information at the time of recruitment or when transferring to a job involving a change in risks, concerning:

a) the occupational risks that exist or may arise in the workplace;
b) the means of preventing and controlling such risks;
c) the measures adopted by the organization
d) the procedures to be followed in the event of an emergency; and
e) the procedures to be adopted in accordance with 1.4.3 and 1.4.3.1.

1.4.4.1 Information can be provided:

f) during training; and
g) through safety briefings, physical or electronic documents.

1.5 Occupational risk management

1.5.1 The provisions of this section shall be used to prevent and manage occupational risks.

1.5.2 For the purpose of characterizing unsafe or hazardous activities or operations, the provisions of NR15 – Unsafe Activities and Operations and NR16 – Hazardous Activities and Operations shall be used.

1.5.3 Responsibilities

1.5.3.1. The organization shall establish and implement occupational risk management in its activities.

1.5.3.1.1 The management of occupational risks shall constitute a Risk Management Program (PGR).

1.5.3.1.1.1 At the discretion of the organization, the Risk Management Program may be implemented by operational unit, sector or activity.

1.5.3.1.2 The PGR can be covered by management systems as long as they comply with the requirements of this NR and the legal requirements for occupational health and safety.

1.5.3.1.3 The Risk Management Program shall include or be integrated with plans, programs and other documents required by occupational health and safety legislation.

1.5.3.2 The organization shall:

a) avoid occupational risks that may occur in the workplace;
b) identify hazards and possible injuries or health problems;
c) evaluate occupational risks indicating the level of risks;
d) classify occupational risks to determine the need for preventive measures;
e) implement preventive measures in accordance with the risk classification and in the order of priority established in paragraph (g) of section 1.4.1; and
f) monitor the control of occupational risks.

1.5.3.2.1 The organization shall consider working conditions in accordance with NR-17.

1.5.3.3 The organization shall establish mechanisms to:

a) consult with the workers regarding the awareness of occupational risks; for this purpose, the statements of the Internal Commission for Accident and Harassment Prevention (CIPA), if applicable, may be adopted; and

b) communicate to the employees the risks consolidated in the risk register and the prevention measures included in the Action Plan of Risk Management Program.

1.5.3.4 The organization shall take the necessary measures to improve its health and safety performance.

1.5.4 Hazard identification and risk assessment process

1.5.4.1 The process of hazard identification and risk assessment shall take into account the provisions of regulatory standards and other legal requirements for occupational health and safety.

1.5.4.2 Preliminary hazard analysis (PHA)

1.5.4.2.1 The preliminary risk analysis shall be carried out:

a) before the establishment or new facilities are put into operation;
b) for existing activities; and
c) changes and introduction of new processes or work activities.

1.5.4.2.1.1 If the risk cannot be avoided at the preliminary risk analysis phase, the organization shall carry out the process of hazard identification and risk assessment as described in the following items.

1.5.4.2.1.2 At the discretion of the organization, the preliminary hazard analysis can be included in the hazard identification phase.

1.5.4.3 Hazard identification

1.5.4.3.1 The hazard identification step shall include

a) description of the hazards and possible injuries or health problems;
b) identification of the sources or circumstances; and
c) identification of the group of workers exposed to the hazards.

1.5.4.3.2 Hazard identification shall address foreseeable external work-related hazards that may affect occupational health and safety.

1.5.4.4 Risk assessment

1.5.4.4.1 The organization shall assess the occupational risks associated with the hazards identified in its establishment(s) to provide information for taking preventive measures.

1.5.4.4.2 For each risk, the level of occupational risk shall be indicated, which is determined by combining the severity of possible injuries or health problems with the probability or chance of their occurrence.

1.5.4.4.2.1 The organization shall select risk assessment tools and techniques that are appropriate to the risk or circumstance being assessed.

1.5.4.4.3 The rating of the severity of the injury or health problem shall take into account the significance of the consequence and the number of workers likely to be affected.

1.5.4.4.3.1 The significance shall take into account the consequences of the occurrence of major accidents.

1.5.4.4.4 The rating of the probability of occurrence of injuries or health problems shall take into account:

a) the requirements specified in regulatory standards;
b) the preventive measures implemented;
c) the requirements of the work activity; and
d) comparison of the occupational exposure profile with the reference values established in NR-9.

1.5.4.4.5 After the assessment, the occupational risks shall be classified, taking into account item 1.5.4.4.2, in order to identify the need to adopt preventive measures and prepare an action plan.

1.5.4.4.6 The risk assessment shall be a continuous process and shall be reviewed every two years or when the following situations occur:

a) after the implementation of preventive measures, in order to assess residual risks;
b) after innovations and changes in technologies, environments, processes, conditions, procedures and work organization that introduce new risks or change existing risks;
c) when preventive measures are found to be inadequate, insufficient or ineffective;
d) When occupational injuries or illnesses occur;
e) when there are changes in current legal requirements. 1.5.4.4.6.1 In the case of organizations certified to the OHS management system standards, the period may be up to 3 (three) years.

1.5.5. Risk control

1.5.5.1. Preventive measures

1.5.5.1.1 The organization shall take preventive measures to eliminate, reduce or control risks whenever:

a) the requirements of regulatory standards and legislation so indicate;
b) the classification of occupational risks in accordance with item 1.5.4.4.5 so requires;
c) a correlation between injuries and health problems of workers and the identified risks and work situations has been demonstrated by medical surveillance.

1.5.5.1.2 If the organization demonstrates that collective protective measures are not technically feasible, or are inadequate, or are in the study, planning, or implementation stages, or even on a temporary or emergency basis, other measures must be taken in accordance with the following hierarchy:

a) administrative and organizational measures; and
b) use of personal protective equipment (PPE).

1.5.5.1.3 The implementation of preventive measures shall be accompanied by informing workers of the procedures to be adopted and the limitations of the preventive measures.

1.5.5.2. Action plans

1.5.5.2.1 The organization shall develop an action plan that identifies the preventive measures to be implemented, improved or maintained in accordance with item 1.5.4.4.5.

1.5.5.2.2 Preventive measures shall be scheduled and methods for monitoring and measuring results shall be established.

1.5.5.3 Implementation and monitoring of preventive measures

1.5.5.3.1 The implementation of preventive measures and related adjustments shall be recorded.

1.5.5.3.2 The implementation of preventive measures shall be monitored in a planned manner and shall include:

a) verification of the implementation of planned measures;
b) inspection of workplaces and equipment; and
c) monitoring environmental conditions and exposure to harmful agents, as appropriate.

1.5.5.3.2.1 Preventive measures shall be corrected if data obtained during monitoring indicate ineffective performance. Monitoring workers’ health

1.5.5.4.1 The organization shall develop occupational health measures for employees, integrated with other preventive measures, according to the risks related to the work.

1.5.5.4.2 The surveillance of workers’ health shall be a planned, systematic and continuous preventive process, in accordance with the classification of occupational risks and in compliance with NR-7.

1.5.5.5. Analysis of injuries and illnesses

1.5.5.5.1 The organization shall analyze work-related injuries and illnesses.

1.5.5.5.2 The analysis of work-related accidents and illnesses shall be documented and:
a) a) consider the situations that cause the events, taking into account the activities actually performed, the working environment, the materials and the organization of work;
b) identify the factors related to the event; and
c) provide evidence to support and review existing prevention measures.

1.5.6. Emergency preparedness

1.5.6.1 The organization shall establish, implement and maintain procedures for responding to emergency scenarios that are appropriate to the risks, characteristics and circumstances of the activities.

1.5.6.2 The emergency response procedures shall include:
d) the means and resources required for first aid and transportation of victims
e) the necessary measures to be taken in the event of major emergencies, where applicable.

1.5.7 Documentation

1.5.7.1 The Risk Management Program shall include at least the following documents:

a) risk register,
b) action plan.

1.5.7.2 The documents that make up the Risk Management Program shall be prepared, dated and signed under the responsibility of the organization, taking into account the provisions of other regulatory standards.

1.5.7.2.1 The documents that make up the Risk Management Program shall always be available to interested employees or their representatives and to the labor inspectorate.

1.5.7.3 Risk register

1.5.7.3.1 The results of the hazard identification and risk assessment shall be compiled in a risk register.

1.5.7.3.2 The risk register shall contain at least the following information:

a) characterization of work processes and environments;
b) characterization of activities;
c) description of the hazards and possible injuries or health problems to workers, identifying the sources or circumstances, a description of the risks arising from the hazards, identifying the groups of workers exposed to those risks, and a description of the preventive measures taken;
d) data from the preliminary analysis or monitoring of exposures to physical, chemical and biological agents and the results of the ergonomics assessment in accordance with NR-17;
e) risk assessment, including classification for the purpose of preparing the action plan; and
f) criteria adopted for risk assessment and decision-making.

1.5.7.3.3 The risk register shall be kept up to date.

1.5.7.3.3.1 The audit trail of changes shall be maintained for at least 20 (twenty) years or for the period specified in specific regulations.

1.5.8 General provisions for occupational risk management

1.5.8.1 When several organizations carry out activities simultaneously in the same workplace, they shall carry out integrated actions to apply prevention measures aimed at protecting all workers exposed to occupational risks.

1.5.8.2 The contracting organization’s Risk Management Program may include prevention measures for companies contracted to provide services on its premises or at a location previously agreed in the contract or referring to the contractors’ programs.

1.5.8.3 Contracting organizations shall provide contractors with information on risks related to that are under their management and that may affect the contractor’s activities.

1.5.8.4 Contracting organizations must provide the contractor with the risk register for specific activities carried out on the contractor’s premises or at a location previously agreed in the contract.

1.6 Providing digital information and digitizing documents

1.6.1 Organizations shall provide occupational health and safety information in digital format according to the model approved by STRAB after consultation with the SIT.

1.6.1.1 The models approved by STRAB shall take into account the principles of simplification and reduction of bureaucracy. 1.6.2 The documents provided for in the NR may be issued and stored in digital media with a digital certificate issued within the framework of the Brazilian Public Key Infrastructure (ICP-Brazil), standardized by a specific law.

1.6.3 Physical documents signed manually, including those before the effective date of this NR, may be archived in digital media, for the corresponding period required by specific legislation, through a digitization process as provided by law.

1.6.3.1 The digitization process shall be carried out in order to maintain the integrity, authenticity and, if necessary, the confidentiality of the digital document, using a digital certificate issued within the framework of the Brazilian Public Key Infrastructure (ICP-Brazil).

1.6.3.2 Employers who choose to keep the documents provided for in the legislation shall keep the originals as provided by law.

1.6.4 The employer shall guarantee the preservation of all digital or digitized documents through procedures and technologies that allow their legal validity to be verified at any time throughout the national territory, permanently guaranteeing their authenticity, integrity, availability, traceability, irreversibility, privacy and interoperability.

1.6.5 The employer shall guarantee the full and unrestricted access of the labor inspectorate to all digitized or originally digital documents.

1.6.5.1 For documents that must be available to workers or their representatives, the organization shall provide them with the means to access the information in order to meet the objectives of the specific standard.

1.7 Qualification and training in health and safety at work

1.7.1 The employer shall promote the qualification and training of employees in accordance with the provisions of the regulatory standards (NRs).

1.7.1.1 At the end of the initial, periodic or occasional training provided for in the NR, a certificate shall be issued containing the name and signature of the worker, program content, workload, date, place of training, name and qualification of the instructors and signature of the technical person responsible for the training.

1.7.1.2 Training shall include:

a) initial training;
b) periodic training; and
c) occasional training.

1.7.1.2.1 Initial training shall be carried out before the worker starts his duties or according to the period specified in the NR.

1.7.1.2.2 Periodic training shall be provided according to the frequency specified in the NR or, if not specified, within a period determined by the employer. 1.7.1.2.3 Occasional training shall take place:

a) when there is a change in work procedures, conditions or operations, which implies a change in risks at work;
b) in the event of a serious or fatal accident which indicates the need for new training; or
c) after returning from a leave of absence of more than 180 (one hundred and eighty) days.

1.7.1.2.3.1 The workload, duration and programmatic content of any training shall be suited to the situation that justified it.

1.7.1.3 Training may include:

a) practical training, supervised professional practice or on-the-job instruction;
(b) simulated exercises; or
(c) qualification to operate vehicles, vessels, machinery or equipment.

1.7.2 The time spent in training provided for in the NR shall be considered as working hours.

1.7.3 The certificate shall be provided to the employee and a copy shall be retained by the organization.

1.7.4 The training shall be recorded in the employee’s records.

1.7.5 Training required by the NR may be provided in addition to other training in the organization, as long as the content and workload are consistent with the applicable regulatory standard.

Sharing content within the same organization

1.7.6 Reuse of training content provided by the same organization is permitted provided that:

a) the content and workload required for the new training is included in the previous training;
b) the content of the previous training was delivered within a period of time less than that specified in the NR, or less than 2 (two) years if no such period is specified; and
c) validated by the technical person responsible for the training.

1.7.6.1 The use of the content shall be noted on the certificate, stating the content and date of completion of the training used.

1.7.6.1.1 The validity of the new training now takes into account the date of the most recent training.

Sharing training between organizations

1.7.7 The training completed by the employee can be evaluated and validated or complemented by the organization.

1.7.7.1 The validation shall take into account:

a) the activities performed by the employee in the previous organization, if applicable;
b) the activities to be performed in the organization;
c) the content and workload completed;
d) the content and workload required; and
e) whether the last training was carried out in a period shorter than that specified in the NR, or less than 2 (two) years ago in cases where no period is specified in the NR.

1.7.8 The use of previous training, in whole or in part, shall not relieve the organization of its responsibility to issue a certificate of training to the employee, and the certificate shall state the date on which the validated or complemented training was conducted.

1.7.8.1 The date of the most recent validated or complemented training shall be used to determine the period of refresher training.

Distance or semi-presential training

1.7.9 The training may be distance or semi-presential provided that the operational, administrative, technological and pedagogical structuring requirements set out in Annex II of this NR are met.

1.7.9.1 The practical content of the training may be delivered via distance learning or semi-presential provided that it is provided for in a specific NR.

1.8 Different treatment for individual microentrepreneurs (MEI), microenterprises (ME) and small businesses (EPP)

1.8.1 The individual microentrepreneur (MEI) is exempted from the obligation to prepare the Risk Management Program.

1.8.1.1 The exemption from the obligation to prepare the Risk Management Program does not extend to the MEI contracting organization, which must include it in its preventive actions and in its PGR when it operates in its premises or in a location previously agreed in the contract.

1.8.2 The Special Secretariat for Social Security and Employment (SEPRT) will issue forms with instructions on the preventive measures to be taken by the MEI.

1.8.3 Micro-enterprises and small businesses that are not required to establish an SESMT and that choose to use the risk assessment tool(s) to be provided by the SEPRT as an alternative to the tools and techniques provided for in item 1.5.4.4.2.1, will be able to structure the Risk Management Program taking into account the report generated by this tool(s) and the action plan.

1.8.4 Microenterprises and small businesses, risk levels 1 and 2, which do not identify occupational exposures to physical, chemical and biological agents in the preliminary hazard analysis and declare digital information in the form of item 1.6.1 are exempted from the preparation of the Risk Management Program.

1.8.4.1 The declared digital occupational health and safety information shall be disclosed to the employees.

1.8.5 The exemption provided for in this standard applies to the obligation to prepare the Risk Management Program and does not remove the obligation for MEI, ME and EPP to comply with the other provisions of the NR.

1.8.6 MEI, ME and EPP, risk levels 1 and 2, who declare digital information in the form of item 1.6.1 and do not identify occupational exposures to physical, chemical, biological agents and risks related to ergonomic factors, are exempted from preparing the Occupational Medical Surveillance Program (PCMSO)

1.8.6.1 Exemption from the PCMSO does not exempt the company from conducting medical examinations and issuing the Occupational Health Certificate (ASO).

1.8.7 Risk levels 1 and 2 referred to in items 1.8.4 and 1.8.6 are those provided for in NR04 – Specialized Services in Occupational Health and Safety (SESMT).

1.8.8 The employer is responsible for providing the information specified in 1.8.4 and 1.8.6.

1.9 Final provisions

1.9.1 Failure to comply with the legal and regulatory provisions on health and safety at work will result in the penalties provided for in the relevant legislation.

1.9.2 Any failure to comply with the NRs will be decided by the Labor Secretariat after consultation with the SIT.


Annex I Terms and Definitions

Annex II Guidelines and Minimum Requirements for the Use of Distance and Semi-Presencial Education

8 Replies to “NR-1 – General Provisions and Occupational Risk Management”

  1. Need following clarification-

    1. If some technically qualified people from India are coming to Brazil on technical visa , are those are qualified ( based on their Indian Technical qualification ) for to installation, validation ,commissioning machines in a Brazilian company?
    2. Or they have get certified as per NR — certification to work their ( NR 10, NR 12 , NR35 etc)
    3. If they have to get certified — then which are those certification and which are authorized agencies who will certify them accordingly ?

    1. No. They are not deemed qualified unless their qualifications are revalidated in Brazil. For ex., an engineer has to revalidate her/his diploma and then affiliate herself/himsellf with the Regional Council of Engineers. Both processes are quite troublesome.

    2. There are two different aspects you need to take into account based on your question:
      1) For the specifics risks such as Electrical (NR10) and Working at Height(NR35) for example, you just need to check if the Indian Techinical that are comming, has any equivalent certification that qualifies him to work in such risk environment. Remember that Brazilian regulations requires not only the certification (paper signed), but also a document that evidence what was the content that this certificates qualifies you. With that content, you are able to validate the equivalence of its qualification. This approach is normally accepted all the world, but eve so, some companys has it’s on process of safety introductions, to reinforce some rules and to make sure the visitors undertands the main risks he will work with.
      2) If they not have a certification, or a equivalent certification, you may contract many companies that can gives him this qualifications and certifications here in Brazil. You just need to make sure you are contracting good companies for that, and also followed the rules regarding the minimum numbers of hours for each qualification.

  2. To whom it may concern,
    Please can you confirm how to be qualified (recognized) professional for NR13 (Boilers & Pressure Vessels)?
    I’m looking for the Brazilian’s requirements for NR13 certification of qualified professional (i.e.: how to be certified as NR13 qualified professional)?
    Thank you for the support on this topic.
    Best regards,

    1. A qualified (recognized) Professional (Profissional Habilitado – PH) is someone who has legal competence to exercise the engineering profession in the related activities in accordance with the professional regulations in Brazil. Thus, the registration the Regional Council of Engineering, Architecture and Agronomy (CREA) is required (necessary proof) to be a PH.

  3. Dear Sir, Madam,
    We see no evidence of certification in “Writing, stamped and signed by an authorised body” when a small electrically driven macerator is to be delivered to a Brasilian Company. We deliver our machines all over the world with a CE-compliance as is published in our manuals. Would it be legal to do the same for the Brasilian standards NR10, NR12 and NR37 when we are sure that we comply with these regulatory standards?

    1. Products manufactured in or exported to Brazil need a certificate issued by a certification body, stating that the product meets Brazilian requirements. Having a product certified by a certification body accredited by INMETRO guarantees that the product complies with Brazilian regulations and the required safety standards. Since INMETRO defines the products and respective requirements within each respective certification scheme, you can check INMETRO if they already have a certification scheme for your product.

  4. We design, manufacture, and sell an electro-mechanical health and wellness product. We are UL, CSA, CE, AUS/NZ, and soon to be UKCA approved. We are looking to sell our product into Brazil but are not sure if we meet all of the regulatory requirements. Where should I look to identify which regulations apply to our product and if we currently meet the standard? Thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *