COMPLIANCE OBLIGATIONS & EVALUATION OF COMPLIANCE

The ‘triad’ of ISO Standards most utilised by organisations (i.e. ISO 9001:2015[i], ISO 14001:2015 and ISO 45001:2018) include mandatory requirements to identify, address and adhere to applicable legislation and ‘other requirements’. Notably ISO 14001:2015 and ISO 45001:2018 include specific clauses for organisation to demonstrate conformance. Within ISO 9001:2015 applicable statutory legislation again needs to be addressed. 


[i] Note! Mandatory compliance obligations also apply to numerous clauses within ISO 9001:2015 e.g. in relation to Customer focus, requirements for products and/or services etc.
​

ISO 14001:2015 and ISO 45001:2015: Clause 6.1.3 – Compliance Obligations.
It should be noted that this is a ‘shall’ clause and therefore is a mandatory requirement to determine (and have access to those compliance obligations related to the organisation’s activities), in relation to its: -

• environmental aspects, 
• or to its hazards, occupational health and safety (OH&S) risks and its environmental or OH&S management systems, or 
• contractual requirements

The organisation is required to maintain and retain documented information of this requirement. The form of this documented information can be hardcopy or electronic. 
When considering the mandatory requirements there are several factors that should be taken into account: -

• what (specifically) are the organisations’ legal and other requirements; 
• how they are determined and accessed, reviewed and kept up to date;
• take the compliance obligations into account when establishing, implementing, maintaining and continually improving its environmental or OH&S management systems;
• How the (relevant) workforce has access to the information of legal and other requirements that are applicable to them;

Consideration should be given to how these legal and other requirements apply to the organisations’ activities, processes (e.g. Bribery Act 2010) and how they apply to the use of plant & equipment (e.g. Provision and Use of Work Equipment Regulations 1998), it’s staff and workforce (e.g. Working Time Regulations 1998). 
Other requirements may include (but not restricted to the following): -

• contractual requirements
• employment agreements
• local byelaws.

Clause 9.1.2 – Evaluation of Compliance
The standards require the organisation to establish, implement and maintain the processes needed to evaluate fulfilment of its compliance obligations. In doing so the organisation must: -

• determine the frequency that compliance will be evaluated;
• evaluate the compliance and to take action (if applicable);
• maintain the knowledge and understanding of its compliance status. 

The organisation is required to maintain and retain documented information of this requirement. The form of this documented information can be hardcopy or electronic. 
 
Paul J. Burns
Note!
Practical ISO Ltd, is a UK based quality, health, safety and environmental consultancy, all information published in this document relates to the United Kingdom’s legislation. We undertake evaluation of compliance audits, prepare legal registers’ and maintain (where required). 
​