Managing your ISO Compliance Obligations

  Managing your ISO Compliance Obligations

Back in 2020, we’d been working for nearly 10 years and couldn’t find an affordable solution that gave us all the information that we needed for managing a range of different ISO Standards. We had ISO 9001 for Quality, ISO 14001 for Environmental Management, and ISO 45001 for Occupational Health and Safety, and also ISO 27001 for Information Security.  

So, we started to build our own solution. It worked so well that we soon started getting requests from our clients to use it, so ISO Compliance Register was born!  

The ISO Management Standards all ask the same question of a Compliance Manager in regards of legislation (some of them call it Compliance Obligations). First, you need to:

Determine and have access to the ISO compliance obligations related to its management system (e.g. environmental aspects)  

How are you going to do this? Every month, we see upwards of 30 to 50 items of legislation, related guidance or industry standards being updated. Sometimes these can have fairly insignificant impact on your organisation, but sometimes, they can be fairly important and have far reaching impacts. You’ve only got to look at the recent news and the impact of the Grenfell Disaster, or issues with Online Safety to see how legislation has changed and the impact on businesses, products and services that those two pieces of legislation have had.  

So you need to identify what affects you?  

In ISO Compliance Register platform, you can do this quickly and easily and compile all the items into a simple to manage Register! We keep our database up to date with all the UK, EU and Republic of Ireland legislation and compliance obligations which saves you hours of searching the dozens of sources – all because we’ve done it for you!! 

Once you’ve wrapped all that up, you need to:  

Determine how these compliance obligations apply to the organisation; 

It’s all very well identifying a piece of legislation that affects your organisation. We probably all have some computers and cleaning chemicals that we use, (so that’s COSHH and the Computer Misuse Act for a kick off), but what does it mean to you?  

The great thing with legislation is that while there is a lot of it, there is also a lot of guidance. Some of the legislation and regulations are very clear in their requirements of what you need to do.  

In the ISO Compliance Register, we’ve pulled the key bits together so you can see the typical tasks that you need to do at a glance. Of course, you know your business much better than we do, so you should always look at our more detailed information and if necessary the actual regulations – but at least you’ve got access to it in 1 click!  

Take it a step further in ISO Compliance Register, and you can share the information with your team as part of the Compliance Register that you put together. You’ve hit the requirement, so now, finally, and in line with the Plan, Do, Check, Act cycle, you need to:  

Take these compliance obligations into account when establishing, implementing, maintaining and continually improving its management system.

The thing with legislation is that it’s always changing or evolving. New Acts of Parliament are passed, or Regulations are bought into effect (Regulations are one way that governmental organisations give the details of what you need to do).  

At ISO Compliance Register, we’ve got a natty little way to update all the legislation and it seamlessly blends into your existing Registers. When you do your audits or Register reviews, you can then review the changes and record any actions or changes that you’ve taken.  

Want To Know More?

Give us a call or drop us an email and we’ll happily show you how it all works and you can start getting on top of your compliance, rather than drowning in an overwhelming sea of bureaucracy!