LEGAL UPDATE
Our tool can help you build Legal Registers quickly and easily; choose a self-service option or a supported service and keep up to date on everchanging legislation.
Our tool can help you build Legal Registers quickly and easily; choose a self-service option or a supported service and keep up to date on everchanging legislation.
At Spedan Ltd, we understand the pressure of keeping up with endless legal updates while managing your ISO compliance. That's why we've created a game-changing solution for ISO Compliance Managers.
Comprehensive Legal Updates: Access all the latest legal information in one place.
User-Friendly Interface: Easy to learn and navigate, saving you time.
Dedicated Support: Get help whenever you need it, with additional consultancy available.
Automatic Updates: Your registers are always up-to-date.
Legislation Alerts: Stay informed with regular updates on new and amended laws.
Inclusive Tools: Manage tasks, audits, and reviews seamlessly.
Task Identification: Know exactly what needs to be done for each piece of legislation.
Resource Links: Access guidance and resources with ease.
Ready to revolutionize your ISO compliance process? Discover how our consultancy and software platform can transform your workflow, cut costs, and boost productivity today!
All ISO management systems require a commitment to remain compliant with legal and other obligations, but some organisations live under the illusion that because they have operated for a period of time with no problems, they remain compliant.
However, it is often the case that most organisations are breaking some ISO Compliance Obligations at some point or other. The reality with UK regulators is that unless something occurs that brings an organisation into their line of sight, the practices will go unnoticed. In most cases, this is not being done maliciously, but simply from a lack of understanding.
The business problem really arises when an incident occurs, such as employee having an accident, the regulators turn up and start investigating. In these cases, the organisation is then facing two challenges:
Failure to meet ISO compliance obligations can be costly financially and also affect brand and reputation. Regulators and the Courts can charge your organisation significant amounts of money for investigations and final prosecution charges. For example, in the UK, the Health and Safety Executive can issue a ‘Notice of Contravention’ for material breaches if Inspectors consider situations serious enough that they need formally addressing.
Many regulators now charge fees for intervention (FFI). For example, the HSE charge these at the rate of £154 an hour to cover all visits and time that the HSE takes to investigate. This accrues to very significant amounts.
To ensure that your organisation is up to date, it is crucial to have an ongoing process of identifying and understanding the legal requirements, and then embed them into your everyday processes.
Changing legislation is one of the top ten issues that could lead to a significantly disruptive incident on an organisation according to the Business Continuity Institute (2019).
We know that reading about legal updates isn't the same as a good chat. Speak to us to find out what it means to you and your business.
SPEAK TO US| Common Legislation for ISO 14001 | Common Legislation for ISO 45001 | Common Legislation for ISO 27001 |
|---|---|---|
| Environmental Protection Act 1990 | Health and Safety at Work etc. Act 1974 | Computer Misuse Act 1990 |
| Environmental Protection (Miscellaneous Amendments) (England and Wales) Regulations 2018 | Management of Health and Safety at Work Regulations 1999 | Data Protection Act 2018 |
| Packaging (Essential Requirements) Regulations 2015 | Management of Health and Safety at Work Regulations 1999 | Anti-Terrorism, Crime and Security Act 2001 |
| Waste (England and Wales) Regulations 2011 | Health and Safety (Consultation with Employees) Regulations 1996 | Copyright, Designs and Patents Act 1988 |
| Fluorinated Greenhouse Gases Regulations 2015 | Control of Substances Hazardous to Health Regulations 2002 (COSHH) | Sanctions and Anti-Money Laundering Act 2018 |
| Other ISO 14001 Compliance Obligations | Other ISO 45001 Compliance Obligation | Other ISO 27001 Compliance Obligations |
| Customer Environmental Policies | Industry Guidance (INDG) | Information Commissioner Guidelines |
| UN Sustainable Development Goals | Sector Guidance | Customer Information Security Policies |
Organisations that have understood and implemented ISO standards correctly will have introduced processes that identify, manage and evaluate compliance obligations as an ongoing activity.
The International ISO Standards all require that legal requirements are understood and implemented. In Clause 4, the organisation is required to identify the context in which it operates. For example, guidance to the main ISO 45001 Occupational Health and Safety standard identifies specifically that the Context should list out legal requirements, and that they should be carried forward into and hazard identification and risk planning. Specific requirements in all the other ISO management standards state that legal, statutory, regulatory and contractual obligations should be managed to avoid breaches.
In line with the Plan-Do-Check-Act improvement cycle, the ISO management standards require that you evaluate legal compliance so that your organisation understands how it is performing in relation to those legal requirements. This is a useful tool to ensure that you meet the changing needs of legislation over time; updating the requirements where needed, or even identifying management practices no longer necessary.
A practical approach to managing compliance obligations is to maintain records such as an environmental compliance register, or a safety compliance register. This will allow you to track legal updates and actions that have been taken to manage them.
Organisations need to monitor and audit compliance obligations and provide evidence this has been done. This is usually presented to external auditors in the form of an audit report, that links the documentation, e.g. an environmental compliance register, to the operations being undertaken.
