How to prove that we conform to legal requirements



Can anyone suggest some ways to show the conformity with legal requirement?
During my last audit(the first experience), auditor requested a minor NC on nothing can show that we verified the conformity. In fact, we set up an environmental law database to collect all applicable legal and regulatory requirements.
The auditor suggested to list every applicable clause/sentence on a paper, is there a better way?
Last edited by a moderator:
Elsmar Forum Sponsor


We did two things. First, since neither myslef nor anyone else with my company is an expert to environmental law, I contracted with a local company to come in and perform an environmental complaince audit. He identified all applicable legal requirements, then made certain we were in compliance. It cost us about $1500.

Second, once we knew what legal requirements were applicable I documented them in relation to the aspects. I did not go as far as documenting every "applicable sentence", but did list the clause numbers, the aspect to which it relates and the method of controls we are using to remain compliant.

Dean P.

Conformance with legal requirements can be done in different ways, but in each case you need documentation / evidence to show compliance. For example, once you have identified your legal requirements (as Mike indicated), you may want to do a regular inspection of your facility to ensure things are still in compliance with respect to spill control, emission controls (depending on your business), waste disposal. You should also have records of air emissions (SARA 313?), waste disposal (manifests), etc. that would show compliance with those portions of the law.

Finally, you should check back with the legislation on a regular basis to ensure nothing has changed, and document this check. For example, I do a monthly environmental inspection at our facility. First is a check of documentation, including manifests, ventilation system PM checks, and also a review of our legislation to ensure nothing has changed. Then I conduct a physical tour of our facility, looking for potential issues that I can correct before they happen (potential spills and releases, etc.). It is all documented on one form.



Super Moderator
This is why is part of the standard. You are supposed to perform or have performed on your behalf an evaluation of your environmental compliance efforts. The big catch here is that I (or hopefully any other auditor) will seek verification of the competence of the person(s) performing the evaluation...and the reading environmental magazines and attending an 8 hour course to become competent may not cut it.

Environmental compliance is not something that a novice or the unknowing needs to be screwing with.

You better make sure of the competence of 3rd party assistance you get like consultants and engineer's.

Jim Wynne

Staff member
Randy said:
You better make sure of the competence of 3rd party assistance you get like consultants and engineer's.
Are there any official standards for what constitutes competence in this regard?


Randy, what training or credentials would you consider to be acceptable for an environmental consultant? Does your answer change based on the complexity of the operations the business is performing or their list of significant aspects?

Second, how often should this evaluation be performed?


Starting to get Involved
Once you have decided what legal requirements are applicable - you may need specialist help to ensure you don't miss any out or misinterpret any - You could add a few fields to your database to show against each requirement: how the requirement applies to you, how to check you comply, result of the last check, who checked it and when. You could then run reports by date to ensure you check all requirements at least once per year or what ever period is suitable.

legal Req: Noise at work regulations 1989
How it affects you: Noise within the working environment must not exceed 85dB
How to check: Noise survey to be carried out using calibrated meter.
Result of check: Noise surveys carried out no readings above 85dB recorded. Refer to hard copy held in Facilities Dept.
Carried out by: A N Other
When: 16/06/05


Super Moderator
That's really kinda "iffy".

I recently did an audit where the "competent" person had a master's in Env Science, 6-8 years of env experience in "complaince" and actually wrote they could not say for sure that their organization was in complinace in an annual evaluation report. I found that they had not filed Form "R's" for 3 years and EPCRA reports were 2 years behind. They were in an industry that has a couple of highly regulated materials and some emissions have a specific EPA focus program attached to them. The big DUH hit me, and to say that this became a "Major" issue would be an under-statement.

Competence is a hard thing to determine and actually prove with a subject like environmental compliance because of its far ranging aspects (no pun intended here). I have about 15 years of compliance in air, water, waste, etc, and I learned most of what I know working in California, but I am weak in many areas where I don't have a good amount of hands on experience. I am considered by many to be "competent" whereas I consider myself marginally dangerous at best.

I think competence winds up being "you know it when you see it", kinda like pornography.


Quite help, buddies

Some law reads are easy to find such as "noise", because they are quantitive, not qualitative.
My boss definitely will not pay that much money to contract with a consultant. So I'm so pain on the qualitative requirements and afraid can not find all applicable ones.


Finding everything is a huge task. I dont know what the laws are like in China. In the US, if you are in violation of an EPA reg, the fines will be much more than the cost of the consultant. That was the first part of how I convinced my boss to spend the money.

Second, the standard says, " the organization shall identify and have access to the applicable legal requirements... determine how those requirements apply to its environmental aspects... ensure that these applicable legal requriements are taken into account in establishing, implementing and maintaining its environmental management system."

Unless you or someone else in your company has the skills to identify the legal requirements, you must have someone from the outside perform this for you.

Although I understand tight budgets and trying not to spend unnecessary money, this is as close to a requirement as they come. I think your boss/company needs to show they are committed to the process and spend the money.
Thread starter Similar threads Forum Replies Date
Q Do we have to prove a link between the mill and our raw material supplier? AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 9
P How to Scientifically Prove the Importance of a Process - CMMI Process Areas Software Quality Assurance 7
B How to prove that an organization implements anti bribery policy IATF 16949 - Automotive Quality Systems Standard 8
C UDI Label Verification - How do we ensure the barcode is correct and prove it? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
S How to Statistically Prove 2 Dimensions are Related Using Minitab Software 18
U Sample size to prove parts are good with 99.73% confidence Inspection, Prints (Drawings), Testing, Sampling and Related Topics 4
L What needs to be done to prove compliance with RoHS and WEEE EU Medical Device Regulations 5
A Is MSA useful to prove a Measurement System after Relocation? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 2
P How to prove that Cr oxide makes a stent biocompatible (e-polished 316LVM) Manufacturing and Related Processes 9
P Testing a US device in Europe to prove Equivalence in a ?head-to-head? Study EU Medical Device Regulations 6
J Reliability Prove-out, Pass-Fail Testing Reliability Analysis - Predictions, Testing and Standards 2
K What would you give up to prove conformity and honesty? Internal Auditing 21
S ISO 17025 requirements not enough to prove NIST Traceability? ISO 17025 related Discussions 10
I Prove or disprove that a cube can be cut in 27 smaller cubes in less than 6 cuts Brain Teasers and Puzzles 14
M How do I prove I don't receive a controlled product? Ractopamine Hydrochloride Misc. Quality Assurance and Business Systems Related Topics 4
C Clinical Data to Prove Equivalence Other US Medical Device Regulations 4
U Can anyone prove that: 2x2=5 ? Coffee Break and Water Cooler Discussions 63
D Testing an Inspector to Prove Competency in Visual Inspection Records and Data - Quality, Legal and Other Evidence 2
S Lean System Developer - How should I work to prove myself? Lean in Manufacturing and Service Industries 19
D How to Prove and Explain to Consultant (Internal Auditor) and Manager? Internal Auditing 7
M Planning requirement 5.4: How should the management prove compliance ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
L Is there any way to prove a process is in control other than with a control chart? Statistical Analysis Tools, Techniques and SPC 6
H How do we prove that we are improving the continual improvement process? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 23
L How do you prove you need resources? Misc. Quality Assurance and Business Systems Related Topics 5
J Finished Goods Testing - Using historical test data to prove finished goods OK Inspection, Prints (Drawings), Testing, Sampling and Related Topics 5
A Contract Review - How do you prove it? Contract Review Process 16
K Statistical Hypothesis Testing to prove signficant quality improvement or decline Statistical Analysis Tools, Techniques and SPC 6
S Necessity of Legal Register to conform to ISO 9001, ISO 14001, IATF 16949 ISO 14001:2015 Specific Discussions 6
A How to make sample plan needs to conform with the AOQL AQL - Acceptable Quality Level 0
Gamula Biocompatibility GLP conform tests outside China China Medical Device Regulations 1
M Does Calibration to ISO/IEC 17025 conform to Z540.3? ISO 17025 related Discussions 1
M Terms in accompanying documents to conform to IEC 60601-1-11 IEC 60601 - Medical Electrical Equipment Safety Standards Series 6
A Toy Company Doesn't Conform With CE Marking Requirements CE Marking (Conformité Européene) / CB Scheme 9
Mr.Happy Dbase or Excel file to keep track on our internal failures (Non conform products) Document Control Systems, Procedures, Forms and Templates 8
M 2nd language - How to conform? (Documentation) Document Control Systems, Procedures, Forms and Templates 10
T How to calibrate or validate a test software to conform with 4.11 General Measurement Device and Calibration Topics 3
A Legal Manufacturer of a medical device Vs Legal Manufacturer of MDSW EU Medical Device Regulations 7
N Address of Legal Manufacturing Site in ISO 13485 certificates? ISO 13485:2016 - Medical Device Quality Management Systems 1
A Donating sterilizing gel - Is it legal in Europe? EU Medical Device Regulations 1
A MDR Article 22 applicability - Legal manufacturer EU Medical Device Regulations 6
Q Legal Manufacturing Address Change – multiple registrations at same address 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
J Complaints and not the legal manufacturer? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 20
Ronen E Legal counselling and Medical Devices Regulatory Affairs Other Medical Device Regulations World-Wide 2
A What if Contract Manufacturers does not have an ISO 13485 certificate? Where will the NB audit take place, at legal mfg. site or contract mfg. site? Other Medical Device Regulations World-Wide 3
G QMS requirements for legal manufacturer when outsourcing manufacturing process Other Medical Device Regulations World-Wide 22
G ISO 9001 Legal Compliance and Legal Register Requirements ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
Sidney Vianna Interesting Discussion Legal compliance as part of ISO 45001 accredited certification. Major OSHA penalties in the USA. Occupational Health & Safety Management Standards 15
M End of Life or Device transfer regulations for Legal Manufacturer Other Medical Device Regulations World-Wide 1
S Legal Manufacturer FDA Reporting Obligations for Using New Contract Sterilization Site Other Medical Device Regulations World-Wide 0
R In this type of Legal Manufacturer-CMO arrangement, what happens to the DHR? ISO 13485:2016 - Medical Device Quality Management Systems 1
Similar threads

Top Bottom