The compliance obligations in ISO 14001 are often quite challenging for businesses, because the process can be difficult to understand. It’s often thought that the standard requires a legal register to be updated every time a new piece of legislation is passed. But in reality, the requirements are a bit more involved.
There’s no specific requirement to maintain a legal register to fulfil the compliance obligations in ISO 14001 (and also ISO 45001 for that matter). Though it’s often the best way to determine the applicable legislation. Plus, it’s a useful tool to have in your back pocket when you’re preparing for a compliance audit.
So, let’s take a closer look at the compliance obligations in ISO 14001 and best practices for remaining on the right side of the standard and the law.
What does environmental compliance mean?
All businesses are required by law to comply with relevant environmental legislation. In addition, you might also have other types of non-legal requirements to adhere to, for example, codes of practice or contractual obligations.
In terms of compliance obligations in ISO 14001, it only includes requirements that are related to the Environmental Management System (EMS), and more specifically, to your environmental aspects.
These might arise from environmental laws and regulations that apply to your business, and also voluntary commitments.
How to determine compliance obligations in ISO 14001?
Firstly, you need to identify the applicable legal requirements. The internet is a useful tool for obtaining information on environmental laws and regulations, (although it can be a long and drawn-out process).
Bear in mind that documenting your list of legal requirements is just the beginning. From there on in, it’s an ever-changing landscape, and you need to keep up to date with any new regulations that are passed.
In addition, it’s vital that you understand how the legislation applies to your business. Some regulations might not even be applicable to the business. But you need to identify those that are, and record how they impact your business.
How to evaluate compliance obligations in ISO 14001
You need to establish, implement and maintain a process for the periodic evaluation of compliance, and everything has to be documented. The easiest place to start is with the list of compliance obligations that you generated at the start of the process.
It’s also important to understand the frequency for evaluating compliance obligations in ISO 14001. This is because some legal requirements will need to be verified more often than others.
For example, trade effluent discharges might need reviewing more frequently than your recycling rate. Plus, the frequency of evaluation might also depend on your industry, as some sectors have higher environmental impacts than others.
Your evaluations might include things like –
- Monitoring facility activities
- Inspecting work areas and equipment
- Ensuring the adherence of employee operating criteria
It’s also important to note any potential gaps, malfunctions, deterioration or unusual situations that could lead to a non-compliance. You can take proactive steps to avoid any incidents once you’ve familiarised yourself with the risks. In addition, there’s the added peace of mind of knowing that there haven’t been any unauthorised or unplanned releases since you last checked.
Evaluation methods for compliance obligations in ISO 14001
Evaluation of your compliance obligations can take different formats, such as –
- Inspections
- Direct observations
- Interviews
- Review of routine sampling
- Audits
But the important thing is to keep the process ongoing.
All mandatory or voluntary compliance obligations in ISO 14001 need to be evaluated at a defined frequency. An efficient way to devise your schedule is to review your –
- Compliance history
- Potential for performance change
- Potential Penalties for non-compliance
All ISO standards follow the Plan-Do-Check-Act (PDCA) cycle. And the evaluation of compliance obligations can also follow this cycle very well.
PLAN – Appoint an auditor or an auditing team. Auditors can be internal or external, as long as they are competent and understand the environmental regulations for your business.
DO – Conduct the audit, including a review of your procedures to determine your level of compliance.
CHECK – The ISO standards place emphasis on leadership commitment. So, senior management must be made aware of any breaches or potential breaches. And the relevant measures need to be agreed and taken to fix any instances of non-compliance.
ACT – Implement new procedures or changes to existing procedures. Training courses are a great way to start rolling this out, ensuring that everybody is aware of and on board with what’s going on. And lastly, re-evaluate whether the changes you’ve made have had the intended effect, or if there’s still work to be done. Then go back to the Planning phase of the cycle, rinse and repeat.
Reporting the results
The standard requires that results are communicated to senior management. To this end, your management review mechanism can be used to ensure this is happening as it should be. But it’s likely that the senior team want to know immediately if a potential breach is identified, rather than find out at a review at a later date.
Conformity check
Use the table below to check your conformity:
Are you working towards certification to ISO 14001? Do you need assistance with a legal register or evaluation of compliance audit? We’d love to help. Get in touch.