Legal Register for OHSAS 18001

We are a UK company, involved in engineering and construction. I have a legal register detailing all the legislation I believed was relevant to our organization.

Unfortunately during audit I received a minor NC against "Legal Register 4.3.2" for missing out several pieces of legislation that were considered applicable, namely, "The Working Time Directive, IEE Wiring Regulations, Health Act Re: Smoking, and the Fire Reform Order".

Obviously I have now included these, but to ensure that I am up to date does anyone have a legal register for a UK company they would be willing to send me so I could pick through for the less obvious legislation, or any suggestions what to include above and beyond the typical H & S stuff.

I do have a full copy of legislation from the HSE regarding Health & Safety so I'm OK with this aspect, but I'm looking for the less obvious items I may still have missed.
Thanks

1st, I'm struggling hard to find the requirement for a "Register" to begin with. Did you say that you would have a Register?

Take a look again at your hazards to make sure you addressed everything(because you only have to link hazards to legal and other requirements).

Hi,
You seem to be getting confuesd or maybe i am? one area for key inputs is "legal requirements" but the intenet is to be awre of them not to compile exhuastive lists. However like randy has said, its the hazards you are involved in that should guide you forward i will attach a HS summary sheet for you on UK laws if that helps you out? its how i felt i got near the requirements but its not a register i have taken out key logs etc to protect the innocents lol (once i found out how to attach it)

Hi,

The OHSAS 18001:2007 clause # 4.3.2 Legal and other requirements spell out as
The organization shall establish, implement and maintain a procedure(s) for identifying and accessing the legal and other OH&S requirements that are applicable to it.

The organization shall ensure that these applicable legal requirements and other requirements to which the organization subscribes are taken into account in establishing, implementing and maintaining its OH&S management system.

The organization shall keep this information up-to-date.

The organization shall communicate relevant information on legal and other requirements to persons working under the control of the organization, and other relevant interested parties.


This clause has nothing to do with “Legal Register” This clause requires different control measures like

• Identification and accessing the legal and other OH&S requirements that is applicable to it.
• The organization shall keep this information up-to-date.
• The organization shall communicate relevant information on legal and other requirements to persons working under the control of the organization, and other relevant interested parties.

There is no requirement for the Documented Procedure, but organization has to provide the evidence to conformance to above mentioned requirements.
Auditor cannot raise any NC against the written legal requirements, but he /she might raise NC against the absence or ineffective control on the above mentioned control of applicable legal requirements.

This is general practice that organizations usually identify the legal requirement through any document (You may call it as Legal register), but the message of this clause is to have a management system to address the above mentioned controls as required by applicable legal requirements

This is all very interesting, and I have downloaded the procedure that was offered. I am from South Africa, and I have been having a nightmare of a problem with our auditing body and the auditors, both legal and systems. They expect the company to purchase or implement an exhaustive register based in excel, that you can click and access the laws that are applicable to your organisation. OHSAS 18001:2002 Draft clearly states that no library is necessary to be compliant, but one needs only to be able to access this information. Am I stupid or missing out something here? From what I have read here on this forum, we all seem to be under the same impression. Apart from anything else, these things cost up to sixty thousand rand locally, which for some of my smaller clients is an impossible amount to cough up. Do they need it?

christarboton said:

This is all very interesting, and I have downloaded the procedure that was offered. I am from South Africa, and I have been having a nightmare of a problem with our auditing body and the auditors, both legal and systems. They expect the company to purchase or implement an exhaustive register based in excel, that you can click and access the laws that are applicable to your organisation. OHSAS 18001:2002 Draft clearly states that no library is necessary to be compliant, but one needs only to be able to access this information. Am I stupid or missing out something here? From what I have read here on this forum, we all seem to be under the same impression. Apart from anything else, these things cost up to sixty thousand rand locally, which for some of my smaller clients is an impossible amount to cough up. Do they need it?

Click to expand...

1st, you ain't audited to 18002 and any auditor that does so is incorrect....18002 is a guidance document only .

2nd, it doesn't matter what your auditors expect, I'm a OHSMS Lead Auditor for small 3rd party CB and my expectations, desires, wishes, hopes and wants are not part of the equation. There is no "shall" for a register.

3rd, you're not stupid, your auditor is a clod for mandating that which is not required and I would complain to the CB for this clown making stuff up.

4th, you can write eveything down on a tablet as long as you keep it up to date and control it as a system document and meet your communication of relevant information requirements

As an aside note: If someone is offended by the terms clown and clod, TUFF....people making demands like this give my profession a stain

I do not know your organizational documentation structure, but some organization make a Big MISTAKE, that they develop a procedure /SOP or put in their quality manual, wherein they proudly mention to have a legal register, legal counselor ..etc and all the funny legal lacunas , in such case Auditor may ask to see the compliance against the procedural requirements.

Being a Auditte , you reserve the right to ask the Auditor “Why & ????” and get the reference of the “ Shall” requirement of the standard, not the Auditor wish list or best practices in the industry

Tibs1uk said:

We are a UK company, involved in engineering and construction. I have a legal register detailing all the legislation I believed was relevant to our organization.

Unfortunately during audit I received a minor NC against "Legal Register 4.3.2" for missing out several pieces of legislation that were considered applicable, namely, "The Working Time Directive, IEE Wiring Regulations, Health Act Re: Smoking, and the Fire Reform Order".

Obviously I have now included these, but to ensure that I am up to date does anyone have a legal register for a UK company they would be willing to send me so I could pick through for the less obvious legislation, or any suggestions what to include above and beyond the typical H & S stuff.

I do have a full copy of legislation from the HSE regarding Health & Safety so I'm OK with this aspect, but I'm looking for the less obvious items I may still have missed.
Thanks

Click to expand...

Irrespective of the other discussions going on about the need, or not, to have a register, have you tried the OPSI and Netregs websites?

Thank you very much for clearing this up. as I said, this is not the first time that I have experienced this problem, or the first auditor that states that this register is mandatory, so I am going to take it further to the CB. In response to the Wak125, the procedure is very simple to enable the client to cut costs - the recession is giving us a hammering down here, and the bigger guys are cutting costs all over, although they say not at the expense of safety, so the procedure does not specify the type of register, and we only state that we will keep it updated through various means, including subscription to a legal consultancy. We have also listed the applicable legislation that we feel applies to that client, but have been told that it is not good enough, and indeed the legal compliance audit has been postponed as we speak!

Thanks everyone, been away the last three weeks my apologies for not responding sooner.

I have an off site based audit next week with the auditor who normally visits our company, this was not the person that gave the minor NC. I intend to follow this up with them using your advice.

The 'register' in question is basically a list of legislation applicable to the hazards, operations and controls within the company. Am I right in thinking that I can do away with the register. The relevant legislation detailed with the hazard identification, risk assessment and controls, will suffice so long as I show that we can determine any changes that could affect these legal or other requirements. For example, during internal audit and biennial evaluation of legal compliance.

This does still leave me with the issue of identifying some of the more obscure pieces of legislation which may be relevant, but taken for granted.

Thanks again.