How to create an ISO 14001 list of legal and regulatory requirements

Meeting environmental legislation is one of the most critical parts of the ISO 14001 standard. While the standard does not distinguish between different business sectors, it is easy to imagine the potential negative effects of a power station or chemical plant failing to meet legal requirements, and the resulting impact. Therefore, given the importance of meeting legislation, what steps can a company take to ensure that these requirements are met ahead of an external audit? Does it make sense to have an ISO 14001 legislation checklist to help achieve compliance for your company? In this article learn why it does.

Environmental legislation: What does the standard say?

Clause 5 of the standard mentions that each company will have a requirement to fulfil its compliance obligations, and this is expanded upon in clause 6, which addresses “planning.” As seen in the article Compliance requirements according to ISO 14001:2015 – What has changed?, legislation and the needs of a company’s interested parties can now be classified together as “compliance obligations.”

The standard suggests each company should have access to obligations that affect it, determine how they might affect the EMS, and take them into account when planning activities while maintaining documented evidence. It therefore becomes clear that maintaining an audit checklist could potentially help your company to meet these requirements, so what other factors should you consider before establishing the checklist?


Compliance obligations: What is important?

Now that we understand that legislation and the needs of interested parties are classified together, we can decide where to document this, how to verify it and how to review it effectively. It makes sense to consider the following questions:

  • What channels can be identified and used to ensure relevant legislation is identified?
  • Who is responsible for this within your organization?
  • Are all stakeholder requirements considered? Do you need input from different internal departments and defined external partners to achieve this?
  • How is internal and external communication managed? Do employees and other stakeholders need to be informed of changes to ensure processes and behaviors are adjusted accordingly? Is training a requirement to meet the terms of any changes?
  • Is there independent checking that all the correct compliance obligations have been identified and implemented?

How to create an ISO 14001 list of legal and regulatory requirements

The most important thing is that you can now create a checklist that ensures these tasks are allocated, carried out, and recorded in a manner that makes it possible to review their effectiveness. The ISO 14001:2015 standard makes no mention of a checklist, but legislation checking is one instance where creating a checklist can make sense from a business point of view.

An external certification audit is one method of “independent checking” that many businesses choose to use. In the article How to prepare for ISO 14001:2015 certification audit we looked at audit preparation, and the creation of a checklist can also help with this. As well as being a critical part of the audit scope, complying with legislation can help meet business objectives, avoid costly financial penalties and, in many cases, ensure that your business reputation remains intact. Consolidating the legislation changes, responsibilities, dates of change and actions required to communicate to stakeholders can help achieve this efficiently.

What should be included?

It is critical to note that the standard states only that “compliance obligations” need to be considered when organizing the activities of the EMS, but this checklist can also provide an opportunity for improvement for your business. Consider all activities that could affect your compliance to legislation itself and decide if they are worth including in your checklist.

For example, if your electronics business must conform to RoHS legislation (Restriction of Hazardous Substances), you may have to prove your compliance twice yearly. However, if you go six months without checking and then find a problem, it may be too late to fix it in time for the prescribed date. In this case you could have the legislation issue on your checklist (compliance to RoHS legislation), and your compliance requirements (prove compliance on January 1st and July 1st every year and produce declaration for customers), but you should ensure your checklist prompts the responsible person to review the status and make necessary changes every three months, and one month before the compliance dates.

Thinking like this can not only help your business meet legislation and compliance requirements but can establish good practices that ensure you stay ahead of the competition too. It is also wise to remember that section 9.1.2 deals with evaluation of compliance, so it is good practice to ensure that the output of this new process is periodically verified as being accurate too.

Keeping the stakeholders satisfied

In the article ISO 14001: The benefits to customers we examined the many positive factors that adoption of the standard can bring to your customer base. Ensuring that your compliance obligations are organized, visible, responsibilities allocated and the whole process documented can bring another benefit to your customers, and a checklist is an excellent method of achieving this. Satisfying a certification auditor is obviously a positive, but the major benefit of compliance is to your business and – critically – to the environment.

To learn more about how to handle legal requirements, enroll in this free online training: ISO 14001:2015 Foundations Course.

Advisera John Nolan
Author
John Nolan
John Nolan is a Fellow of the Institute of Leaders and Managers in the United Kingdom, and Prince 2 accredited with a background in Engineering and Electronics and Data Storage and Transfer. Having studied and qualified as both a Mechanical and Electronic Engineer, he has spent the last 15 years designing and delivering Quality Systems and projects across many sectors in the UK, including both national and local government.