Recently Certification Bodies appear to have taken more interest in how organisations evaluate their compliance with requirements. Several of our customers have suffered nonconformities raised with this type of finding. This article explores how to meet the requirements.
Although the wording varies, this requirement is common to the management systems standards:
AS 4801:2001 – 188.8.131.52 General
With regard to the OHSMS, the organization shall establish, implement
and maintain procedures to monitor—
(b) compliance with relevant OHS legislation
Standards such as ISO 9001:2008 expect you to evaluate conformance and compliance with a range of requirements including those of the management system and the customer at various stages from initial customer enquiry through to customer satisfaction in regards to the supplied product or service.
ISO 14001:2004 – 4.5.2 Evaluation of compliance
184.108.40.206 Consistent with its commitment to compliance, the organization shall establish, implement and maintain a procedure(s) for periodically evaluating compliance with applicable legal requirements.
220.127.116.11 The organization shall evaluate compliance with other requirements to which it subscribes. The organization may wish to combine this evaluation with the evaluation of legal compliance referred to in 18.104.22.168 or to establish a separate procedure(s).
As such we have developed a checklist to assist in meeting these requirements.
- Identify requirements.
What is it you have to evaluate compliance against? In order to meet this requirement you need to first identify what it is you are aim to meet the requirements of. So for instance at the management system level in terms of Safety and Environment standards there is legislation that should be referenced. There is nothing that states how much detail you should include here. Some companies identify legislation in their system, some identify specific clauses, some get away with only detailing another resource such as a website which lists all current legislation. Choose which ever serves your purpose.
- Evaluation of Compliance.
- audits – obviously interal audits are designed to ensure you are compliant with requirements, but by specifically identifying the legislative requirements assessed during the audit it can’t be argued you aren’t doing what is required.
- inspections – any inspections you currently conduct have an element of evaluating compliance. Again identify the specific requirements in the inspection record.
- product records – anything you do to record compliance with requirements whilst in the act of delivering your product or service is evaluating the product compliance. These records may also have other checks associated with them that support the organisation’s compliance with other requirements such as legislative. Just make sure they are identified.
- management review – use the management review to review the requirements applicable to the business, review the success of the compliance evaluation activities and make a statement of compliance in the minutes.
If you already hold management system certification these methods are likely to already be established within your organisation and already have a defined frequency with which they will be undertaken.
If you need assistance establishing your requirements or defining how you will evaluate your compliance contact us and we can point you in the right direction.