ISO 14001 - Determining Legal Regulations and Requirements



legal regulations and requirements

First, I am not very familiar with ISO 14001. Second, one of our cutomers sent us supplier questionaire asking if we have reviewed the legal regulations and requirements. Sorry to say, I don't know what they are. Can anyone help me out without having to buy the standard and read it for myself?

Randy Stewart

Wait a Minute!

First, if you need to answer questions concerning ISO 14001 you may want to get a copy of the standard ($38).

Secondly, ISO-14001 doesn't cover "Legal and Other Requirements", it says you need to look at them and determine which apply.

You can find the requirements on the BLA web site for your state. They deal with environmental requirements for federal, state and city. Like the Storm Water drainage, etc. They will be different from state to state and city to city.

Hope that helps


Super Moderator
The other Randy is correct and I'll just expand some.

Your customer is refering to clause 4.3.2 of the standard, and wants to know if you are aware of the relevent ENVIRONMENTAL legal requirements (Fed, state, local) that your company is required to comply with. Do you have a method to keep track of them and keep current with changes? Are your personnel familiar with what their legal obligations are?

The "other requirements" references both voluntary and involuntary requirements like corporate policies, industry codes (Responsible Care or whatever), EPA's Wastewise or Energy Star programs, Green Seal, ISO 14001, ISO 9001, OSHA VPP (some OSHA stuff transfers to environmental), EMAS. Anything that has undertones of demanding a type of environmental conduct that is not a law is considered "other".


Involved - Posts
Basically it says this:

4.3.2 Legal and other requirements

The organization should establish and maintain procedures to identify, have access to and understand all legal and other requirements to which it subscribes, directly attributable to the environmental aspects of its activities, products or services.

The standard expects that an organization have a procedure to “IDENTIFY” and “HAVE ACCESS” to legal and other requirements that apply to it. This procedure can be documented if you prefer.

Having the procedure is actually the easy part. Doing the work to IDENTIFY the legal requirements that apply to your process is the tough part. If you do not have in house competence in environmental regulation (i.e. somebody who has considerable experience working with environmental regulations) I recommend you get some competent assistance from an outside consultant or legal council to help perform this work.

The other part, HAVE ACCESS, is fairly easy. There are many subscription services that will provide copies of the regulations and periodic regulatory updates in paper form or on the Internet. Some consultants and attorneys also provide this service. Organizations that have an ISO 14001 EMS also need to perform periodic compliance evaluation (read as compliance audit) of their activities. This also helps organization IDENTFY what regulations apply to them.
Top Bottom