At Spedan, we have many years of experience in supporting Clients with managing their legal compliance issues. Legislation is increasingly harder to manage for organisations as they struggle to maintain the breadth of information that is needed.
Our service supports Senior Managers and ISO systems managers alike stay abreast of legal requirements. From the start, we will review and assess your products, services and activities to create a bespoke legal register. The legal register contains summary guidance on what each piece of legislation requires as well as links to the primary legislation and resources that help you manage it.
On a monthly basis, we will send you and the team updates of legislation so that you keep on top of changes. All through the year, you and the team will be able to access iSHEQ, the unique online resource provided by Spedan, that holds further detailed information, links and guidance.
Our approach is flexible to the needs of your organisation and we aim to work closely with your team. We are happy to provide partial support to a fully managed service.
All ISO management systems require a commitment to remain compliant with legal and other obligations, but some organisations live under the illusion that because they have operated for a period of time with no problems, they remain compliant.
However, it is often the case that most organisations are breaking regulations at some point or other. The reality with UK regulators is that unless something occurs that brings an organisation into their line of sight, the practices will go unnoticed. In most cases, this is not being done maliciously, but simply from a lack of understanding.
The business problem really arises when an incident occurs, such as employee having an accident, the regulators turn up and start investigating. In these cases, the organisation is then facing two challenges:
This can be costly financially, and affect the brand and reputation. Regulators and the Courts can charge your organisation significant amounts of money for investigations and final prosecution charges. For example, in the UK, the Health and Safety Executive can issue a ‘Notice of Contravention’ for material breaches if Inspectors consider situations serious enough that they need formally addressing.
Many regulators now charge fees for intervention (FFI). For example, the HSE charge these at the rate of £154 an hour to cover all visits and time that the HSE takes to investigate. This accrues to very significant amounts.
To ensure that your organisation is up to date, it is crucial to have an ongoing process of identifying and understanding the legal requirements, and then embed them into your everyday processes.
Changing legislation is one of the top ten issues that could lead to a significantly disruptive incident on an organisation according to the Business Continuity Institute (2019).
We know that reading about it isn't the same as a good chat. Speak to us to find out what it means to you and your business.SPEAK TO US
Organisations that have understood and implemented ISO standards correctly will have introduced processes that identify, manage and evaluate legislation as an ongoing activity.
The International ISO Standards all require that legal requirements are understood and implemented. In Clause 4, the organisation is required to identify the context in which it operates. For example, guidance to the main ISO 45001 Occupational Health and Safety standard identifies specifically that the Context should list out legal requirements, and that they should be carried forward into and hazard identification and risk planning. Specific requirements in all the other ISO management standards state that legal, statutory, regulatory and contractual obligations should be managed to avoid breaches.
In line with the Plan-Do-Check-Act improvement cycle, the ISO management standards require that you evaluate legal compliance so that your organisation understands how it is performing in relation to those legal requirements. This is a useful tool to ensure that you meet the changing needs of legislation over time; updating the requirements where needed, or even identifying management practices no longer necessary.
Further into the ISO standards, the monitoring and auditing requirements require that the organisation evaluates its compliance to the legislation and provides evidence. This is usually presented to external auditors in the form of an audit report, that links the legislation to the operations being undertaken. The report will show that the organisation has evaluated the legislative requirements so that actions taken are appropriate, and then audited the processes and provided evidence that they conform.
Take a look at our other services.
iSHEQ. A premium toolkit for ISO 9001 Managers,
packed with information and resources.