How do you ensure compliance with 4.3.2 - Legal & other requirements?

S

samsung

Clause 4.3.2 states

The organization shall establish, implement and maintain a procedure(s)
a) to identify and have access to the applicable legal requirements and other requirements to which the organization subscribes related to its environmental aspects, and

b) to determine how these requirements apply to its environmental aspects.

My specific queries are:

1. What procedure is generally adopted to identify the applicable legal (& other) requirements?

2. What procedure is generally adopted to comply with point # (b) above?

2. Can there be more than one procedure in the sane organization both for (a) & (b)? [since the statement specifies 'procedure(s)]


Your valuable feedback is appreciated.

Thanks.
 

somashekar

Leader
Admin
Clause 4.3.2 states



My specific queries are:

1. What procedure is generally adopted to identify the applicable legal (& other) requirements?

2. What procedure is generally adopted to comply with point # (b) above?

2. Can there be more than one procedure in the sane organization both for (a) & (b)? [since the statement specifies 'procedure(s)]


Your valuable feedback is appreciated.

Thanks.

1. 2. )We have made a legal checklist to capture all applicable legal requirement, its current reference and where it is available and who is responsible to periodically look for updates and amend the checklist. These form the few left side columns in our spread sheet. Against each such legal requirement, the row captures the year and month plan when action is necessary to be taken for each of the requirement. This is a dynamic check list and always reviewed in any circumstances and updating rights are given to specific individuals. This is how we identify.
The same procedure applies to our environmental aspects as the environmental consents issued to us based on our inputs are also captured within the the legal checklist.
3.) There can be as many procedures as long as the intent is met and the procedures do not clash in terms of work to be done, and authority & responsibility clarified.
 
Last edited:
S

samsung

1. 2. )We have made a legal checklist to capture all applicable legal requirement, its current reference and where it is available and who is responsible to periodically look for updates and amend the checklist. These form the few left side columns in our spread sheet. Against each such legal requirement, the row captures the year and month plan when action is necessary to be taken for each of the requirement. This is a dynamic check list and always reviewed in any circumstances and updating rights are given to specific individuals. This is how we identify.
The same procedure applies to our environmental aspects as the environmental consents issued to us based on our inputs are also captured within the the legal checklist.
3.) There can be as many procedures as long as the intent is met and the procedures do not clash in terms of work to be done, and authority & responsibility clarified.

Infact what I was seeking is how do you know that a particular legal requirement (that exists in the checklist) applies to the organizational activities. Many organizations subscribe to legal update services which only send the information/updated or new legislation etc. but they don't tell us whether or not and how that update applies to our activities and as such this procedure cannot be used to claim compliance to 4.3.2.

Let me explain it further - suppose someone is set to establish a new industry, the management, through public domain, obtains a long list of rules and regulations that normally apply to this kind of industries. Now the company wishes to seek EMS certification. What specific tools/ methods/ rules of thumb etc. should it use to identify from the list which of the requirements (& also in what way) apply to a particular operation.
 

somashekar

Leader
Admin
Infact what I was seeking is how do you know that a particular legal requirement (that exists in the checklist) applies to the organizational activities. Many organizations subscribe to legal update services which only send the information/updated or new legislation etc. but they don't tell us whether or not and how that update applies to our activities and as such this procedure cannot be used to claim compliance to 4.3.2.

Let me explain it further - suppose someone is set to establish a new industry, the management, through public domain, obtains a long list of rules and regulations that normally apply to this kind of industries. Now the company wishes to seek EMS certification. What specific tools/ methods/ rules of thumb etc. should it use to identify from the list which of the requirements (& also in what way) apply to a particular operation.
By reading, understanding, applying, discussing, consulting ~~~
In fact it is a process of determination of legal requirements in the way the word determine means 'Go find out'.
We have to make efforts to pick which of the legal requirement applies to us and how.
 
S

samsung

By reading, understanding, applying, discussing, consulting ~~~
In fact it is a process of determination of legal requirements in the way the word determine means 'Go find out'.
We have to make efforts to pick which of the legal requirement applies to us and how.

Correct but that's an unsystematic way. I would again emphasize:

The organization shall establish, implement and maintain a procedure(s) ..............

Procedure = a specified way
 

somashekar

Leader
Admin
Correct but that's an unsystematic way. I would again emphasize:



Procedure = a specified way
I would never call it unsystamatic.
What ever I do to identify my organization's applicable legal and other requirements is my specified way. If it is to any extent ineffective and brought to my notice either in an audit process or in any other instance, I have to take it to strenghten my procedure.
 
S

samsung

I would never call it unsystematic.
What ever I do to identify my organization's applicable legal and other requirements is my specified way. If it is to any extent ineffective and brought to my notice either in an audit process or in any other instance, I have to take it to strengthen my procedure.

This is what people still do even without an EMS but in order to get consistent and predictable results, one looks towards a management system where things are done in a specified way and everybody in an organization does the same way.

I'm sure there must be a way out.
 

somashekar

Leader
Admin
This is what people still do even without an EMS but in order to get consistent and predictable results, one looks towards a management system where things are done in a specified way and everybody in an organization does the same way.

I'm sure there must be a way out.
I would be very thankful to learn the way out as you share the same when found. If people still do this way without an EMS, then at least the Legal part of the EMS is met to a reasonable extent without ever knowing what E,M and S means to them.
This reading, understanding, applying, discussing, consulting is in itself a good System. EMS came much later.
Again I am sure cove will be helpful in a way out. :)
Wishing you well ~~~
 
S

samsung

I would be very thankful to learn the way out as you share the same when found. If people still do this way without an EMS, then at least the Legal part of the EMS is met to a reasonable extent without ever knowing what E,M and S means to them.
This reading, understanding, applying, discussing, consulting is in itself a good System. EMS came much later.
Again I am sure cove will be helpful in a way out. :)
Wishing you well ~~~

Certainly I'll share it the moment I know it and also get convinced with that.
 

Jen Kirley

Quality and Auditing Expert
Leader
Admin
By reading, understanding, applying, discussing, consulting ~~~
In fact it is a process of determination of legal requirements in the way the word determine means 'Go find out'.
We have to make efforts to pick which of the legal requirement applies to us and how.
I believe this is the correct approach. :agree:

Here's the thing: It is practical and worthwhile to subscribe to a reliable service that alerts the organization to regulatory updates. But the organization needs to discern:

1) which updates apply,
2) how and why they apply,
3) what needs to be changed,
4) how, why and by whom the changes are most appropriately accomplished.

Accomplishing those four steps is an analytical process, and as with most processes it's important for the process to be carried out by competent personnel. That's where the human resource elements factor in.

It may be possible to subscribe to a service that can do this for you, but I personally have never seen one that could perform the process to my satisfaction and comfort level.
 
Top Bottom