ISO 14001 & ISO 18001 Legal Compliance Know Your Risk - Reduce your Risk"

Similar documents
Jonathan Wilson. Sector Manager (Health & Safety)

ENVIRONMENTAL, HEALTH & SAFETY MANAGEMENT SYSTEMS MANUAL

OH&S MANAGEMENT SYSTEM CHECKLIST - AS 4801:2001 (STATUS A = Acceptable; N = Not Acceptable; N/A = Not Applicable)

Table of Contents INTEGRATED MANAGEMENT SYSTEM MANUAL

SMALL BUSINESS OH&S SELF APPRAISAL

Internal Audit Checklist

ISO 9001:2000 AUDIT CHECKLIST

EMS ISO Checklist

AS/NZS 4801:2001. Safety Management Systems (SMS) Self-Assessment Checklist. Revision 1 (January 2014)

ISO 9001:2015 Overview of the Revised International Standard

Understanding Principles and Concepts of Quality, Safety and Environmental Management System Graham Caddies

Business Management System Manual. Context, Scope and Responsibilities

ISO 9001:2008 Requirements Explained - An Adobe PDF File for Use on a Network System

ISO 9001:2008 Quality Management System Requirements (Third Revision)

ISMS Implementation Guide

ISO 9001:2000 Gap Analysis Checklist

COMPANY NAME. Environmental Management System Manual

ISO 14001:2004 EMS Internal Audit Checklist & Gap Analysis

Abu Dhabi EHSMS Regulatory Framework (AD EHSMS RF)

15 Guiding Principles

Title: Rio Tinto management system

Quality Manual ISO 9001:2015 Quality Management System

GENERIC STANDARDS CUSTOMER RELATIONSHIPS FURTHER EXCELLENCE CUSTOMISED SOLUTIONS INDUSTRY STANDARDS TRAINING SERVICES THE ROUTE TO

WORKPLACE HEALTH AND SAFETY AUDITING GUIDELINES

Correspondence between ISO 9001:2008 and 14001:2004, OHSAS 18001:2007, ISM and the SeaBird Management System

GLASGOW SCHOOL OF ART OCCUPATIONAL HEALTH AND SAFETY POLICY. 1. Occupational Health and Safety Policy Statement 1

Preparation for ISO OH&S Management Systems

ISO 9001: 2008 Boosting quality to differentiate yourself from the competition. xxxx November 2008

The following paragraphs, identified to coincide with the OHSAS 18001:2007 numbering system, provide a clause-by-clause summary of the standard.

June 2010 HEALTH, SAFETY, AND ENVIRONMENT MANAGEMENT SYSTEM (HSEMS)

ISO 9001:2015 Internal Audit Checklist

TOTAL QUALITY MANAGEMENT II QUALITY AUDIT

OHSAS OCCUPATIONAL HEALTH AND SAFETY MANAGEMENT SYSTEMS

ISO 9001 (2000) QUALITY MANAGEMENT SYSTEM ASSESSMENT REPORT SUPPLIER/ SUBCONTRACTOR

INTEGRATED MANAGEMENT SYSTEM MANUAL IMS. Based on ISO 9001:2008 and ISO 14001:2004 Standards

AUDITOR GUIDELINES. Responsibilities Supporting Inputs. Receive AAA, Sign and return to IMS with audit report. Document Review required?

Quality, Environmental, Health and Safety Manual Toshiba International Corporation

Committed to Environment, Health, & Safety

Quality Management System Manual

Auditing Health and Safety Management Systems. 4th Edition

Comparison between FDA QSR and ISO 13485

ASTRAZENECA GLOBAL POLICY SAFETY, HEALTH AND ENVIRONMENT (SHE)

Quality & Safety Manual

Food Safety and Quality Management System

ISO 14001:2015: Key Changes

Presentation by BSI on the main changes to the IATF ISO/TS certification scheme

ISO 9001:2008 Audit Checklist

OH&S Management Systems Audit Checklist (NAT, E3)

DNV GL Assessment Checklist ISO 9001:2015

Quality management systems

Appendix 3 (normative) High level structure, identical core text, common terms and core definitions

Quality Management Standard BS EN ISO 9001:

NORTH AMERICA OPERATIONS. (Fairmont and Montreal Facilities) QUALITY MANUAL. Prepared to comply with the requirements of ISO 9001:2008

ONTARIO'S DRINKING WATER QUALITY MANAGEMENT STANDARD

OUTSOURCING STRATEGIES & RISKS FROM AN ISO PERSPECTIVE. Amera-Veritas. Amera-Veritas. Experts in in Quality, Safety & Supply Chain Assurance

TG TRANSITIONAL GUIDELINES FOR ISO/IEC :2015, ISO 9001:2015 and ISO 14001:2015 CERTIFICATION BODIES

QUALITY MANAGEMENT SYSTEM Corporate

Bawden Contracting Services Ltd Job Profile. Contracts Manager. Purpose of the Job

ENVIRONMENTAL POLICY & MANAGEMENT SYSTEM GUIDE

ISO 9001 : 2008 QUALITY MANAGEMENT SYSTEM AUDIT CHECK LIST INTRODUCTION

ENVIRONMENTAL MANAGEMENT POLICY MANUAL

AFTRS Health and Safety Risk Management Policy

ISO-9001:2000 Quality Management Systems

Implementing ISO 9001

Health and Safety Policy Part 1 Policy and organisation

QUALITY MANAGEMENT SYSTEM REQUIREMENTS General Requirements. Documentation Requirements. General. Quality Manual. Control of Documents

TÜV UK Ltd Guidance & Self Evaluation Checklist

The implementation of occupational health and safety management systems in one construction company in Brazil

Environmental management systems Requirements with guidance for use

32 PROMOTE, MONITOR AND MAINTAIN HEALTH, SAFETY AND SECURITY IN THE WORKING ENVIRONMENT

Smart Meters Programme Schedule 2.5. (Security Management Plan) (CSP South version)

AS9100 B to C Revision

Health, Security, Safety and Environment (HSE)

QUALITY MANAGEMENT SYSTEM REQUIREMENTS

Introduction to AS 9100

ISO 14001:2015 Client Transition Checklist

Environmental nonconformity, corrective & preventive action

Contents. Management Policy Manual SEM USA Page 2 of 12

Business Continuity Policy. Version 1.0

Integrated Management System Software

Chapter 2 ISO 9001:2008 QMS

Risk Management Strategy and Policy. The policy provides the framework for the management and control of risk within the GOC

ISO 9001:2008 Internal Audit & Gap Analysis Checklist

ISO 9001: A Quality Manual for the Transition Period and Beyond

UNCONTROLLED DOCUMENT ENVIRONMENTAL MANAGEMENT SYSTEM MANUAL UNCONTROLLED DOCUMENT

QUALITY MANUAL 3 KENDRICK ROAD WAREHAM, MA FAX

Integrated management systems Ship operating companies

Health, Safety and Environment Management System

The ANU OHS Strategic Plan Report prepared for the OHS Policy Committee 23 February 2011

BLOOM AND WAKE (ELECTRICAL CONTRACTORS) LIMITED QUALITY ASSURANCE MANUAL

MSC Group Chain of Custody (CoC) Guidance for Non-Reduced Risk Groups

SQF 2000 Guidance. Guidance for Developing, Documenting and Implementing SQF 2000 Systems for General Food Processing. 6th Edition NOVEMBER 2008

Achieve. Performance objectives

Chapter 1. The ISO 9001:2000 Standard and Certification Process

Comparison ISO/TS (1999) to VDA 6.1 (1998)

DEPARTMENT OF COMMERCE ENVIRONMENTAL MANAGEMENT SYSTEM

COMMISSION REGULATION (EU)

Transcription:

American Society For Quality -Toronto Section ISO 14001 & ISO 18001 Legal Compliance Know Your Risk - Reduce your Risk" Copyright: Coudenys Management Systems Inc.

RISK DEFINED Occurrence of the event X Impact of the event = RISK 2

RISK MANAGEMENT Is a structured approach to Managing Uncertainty related to a threat (Risk), a sequence of human activities including: risk assessment, strategies development to manage it, and mitigation of risk using managerial resources. 3

POTENTIAL RISK TREATMENTS Once risks have been identified and assessed, all techniques to manage the risk fall into one or more of these four major categories: Avoidance (eliminate) Reduction (mitigate) Transference (outsource or insure) Retention (accept and budget) 4

MANAGEMENT SYSTEMS - Risk management is simply a practice of systematically selecting cost effective approaches for minimising the effect of threat realization to the organization. - All risks can never be fully avoided or mitigated simply because of financial and practical limitations. - Therefore all organizations have to accept some level of residual risks. 5

MANAGEMENT SYSTEMS A management system is defined as: A system to establish policy and objectives and to achieve those objectives Note: A management system of an organization can include different management systems, such as a quality management system, a financial management system or an environmental management system. ISO 9000:2005, 3.2.2 6

MANAGEMENT SYSTEMS Focus on a structured methodology that when effective identifies risk potential and deploys activities to mitigate that risk. Effective Systems Should : Tell you what is working Tell you what is not working Effective Management System Should through conformance of the system provide: Manage the risk of what is not working Improve the results of what is working 7

CONFORMITY VS. COMPLIANCE Conformity: Compliance: Fulfillment of a requirement Nonconformity can lead to suspension or revocation of registration Voluntary Fulfillment of legal/statutory requirements Noncompliance can lead to fines/incarceration Mandatory 8

MANAGEMENT SYSTEM Is a conformity based activity using process controls, definitions, procedures etc. that when followed can equal Compliance to Regulation Compliance to Customer Specifications Reduced Risk Increased Performance Financial Due Diligence Corrective/ Preventive Actions Magnitude of Risk 9

COMMON RISK TO EVERY COMPANY 1/ Product - Product warranty / Recall 2/ People - Health & Safety 3/ Community - Environmental 4/ Legal - Compliance to Regulations 10

KEY ACTIVITIES 1/ Management Structure - Defines ownership, responsibility and accountability 2/ Documentation Structure - Defines requirements to control activity 3/ Records - Validates the completion of the structure 4/ Performance - Validates effectiveness of a structure 11

PRODUCT CONTROLS Supplier control Risks How are they controlled Does the supplier have the control Internal Process validation Maintenance Inspection & Test Calibration 12

Competence Identified Controlled Validated Managed PEOPLE CONTROLS Safety Bill C45 -Safety related Employees / Visitors / Subcontractors Privacy - information records 13

COMMUNITY CONTROLS Environmental / Health & Safety Risk MSDS Safety Spillage Records reporting Disposal Transportation of dangerous goods Contractors Legal Obligation & Compliance Risk can be large 14

LEGAL CONTROLS Compliance to regulation Didn t know not acceptable Records are key No record of compliance = Non-compliance Effects all aspects of the company Product design Health & Safety Environmental Helps manage and reduce risk!! 15

ISO 14001 /OHSAS 18001 ISO 14001:2004 Focus Community Environmental Awareness / reduction and preservation Are Children OHSAS 18001:2007 Focus Employee Accident awareness / reduction & prevention Our Families

LEGAL Both standards have a high linkage to legal compliance and ownership 4.3.2 - Legal and other requirements 4.5.2 - evaluation

4.3.2 LEGAL AND OTHER REQUIREMENTS The organization must establish a consistently used method for: Identifying and accessing legal and any other related requirement that it has to meet Keeping information on legal and other requirements upto-date Communicating relevant information to all personnel and interested parties Why is this done? To promote awareness and understanding of the legal and other responsibilities of the organization. 18

4.5.2 EVALUATION OF COMPLIANCE The organization shall: Establish, implement, and maintain procedures for periodically evaluating compliance with applicable legal requirements Keep records of the results of the periodic evaluations 19

4.5.2 EVALUATION OF COMPLIANCE New clause within the 2004 and 2007 versions of ISO 14001 & 18001 Broken down into 4.5.2.1 and 4.5.2.2 4.5.2.1 Legal Requirements, 4.5.2.2 Other Requirements. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

4.5.2.1 LEGAL REQUIREMENTS Consistent with commitment to compliance, the organization shall: establish, implement maintain a procedure periodically evaluating compliance with applicable legal requirements. The organization shall keep records of the results of the periodic evaluations. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

4.5.2.2 OTHER REQUIREMENTS The organization shall evaluate compliance with other requirements to which the organization subscribes. The organisation may wish to combine this with the activity in 4.5.2.1 or to establish a separate procedure. Organization shall keep records of the results of the periodic evaluations. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

4.5.2 EVALUATION OF COMPLIANCE In 4.3.2, the organisation determines which legal and other requirements apply to the organisation. This clause requires the organisation, at a period it determines, to review the legal and other requirements and assess their compliance against the requirements. You must go through the legal and other requirements section by section and determine compliance. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

CONFORMITY VS. COMPLIANCE Conformity: Compliance: Fulfillment of a requirement Nonconformity can lead to suspension or revocation of registration Voluntary Fulfillment of legal/statutory requirements Noncompliance can lead to fines/incarceration Mandatory 24

DETAIL REQUIRED The expected level of detail is as follows: Regulation/Act Requirement Finding OHSA Sec. 9(2) a OHSA Sec. 9(7) A joint health and safety committee is required, at a workplace at which twenty or more workers are regularly employed; At least half the members of a committee shall be workers employed at the workplace who do not exercise managerial functions. There are 25 employees, therefore JHSC is required. Objective evidence of speaking with management and workers, training and postings indicate a JHSC has been established. There are two worker representatives. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

4.5.2 EVALUATION OF COMPLIANCE For each legal and other requirement to which the organisation subscribes, the relevant portions need to be picked out and assessed. An affirmative or negative statement of compliance is not acceptable. For example we comply with the OHSA. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

4.5.2 EVALUATION OF COMPLIANCE The person or persons who complete the evaluation must prove competence through training, education and experience. Records must be available for the person or persons completing this evaluation to prove the above statement. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

4.5.2 EVALUATION OF COMPLIANCE The period for which these evaluations must be completed is not explicitly stated in the standard. Periodic assessments on a sampling basis may satisfy the requirement, if over time and taken together they cover all legal and other requirements over the period defined by the organization. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

HOWEVER With the transition period ending June 30, 2009 the organization must demonstrate a full audit of all requirements by this time. If this isn t demonstrated, no recommendation can be put forward not even if you have a corrective action in place stating you know it is not done. Check your Conditions of Contract with Registrar. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

REASON FOR CHANGE Focus on due diligence. This part of the standard is very weak and poorly done by the majority of organisations. Lack of understanding of requirement so it was made into a stand alone clause. Liability. Your Full OHSAS Service 18001:2007 RiskUpgrade Management Training Provider

POSITIVES FOR HAVING A 3 RD PARTY COMPLETE THE COMPLIANCE AUDIT 3 rd party Consultants are able to make the report and subsequent findings privileged/confidential and therefore restrict access. Outside party brings a fresh perspective. Broad knowledge of environmental & Health & Safety legislation. Competencies If report is not completed by someone with adequate knowledge, it requires more work on the part of the third party auditor to determine whether the report is sufficient, complete and meets the requirements. Competence should be the determining factor when hiring a consultant The registrar will be looking for when completing the audit. Reduction of risk to the company

COMMON REGISTRAR REQUIREMENTS FOR EVALUATION OF COMPLIANCE Evaluation of Compliance must be completed by a competent person, i.e. sufficient knowledge of legislation that applies to the organization. Person(s) completing the evaluation provide a sufficient report to the organization, i.e. all media (safty, air, water etc) is covered report provides enough information in order for the organization to understand issues provides enough information to facilitate corrective action. Frequency of evaluation of compliance is defined and documented. Corrective actions resulting from evaluation are taken in a timely fashion and are consistent with what was found in the evaluation. Focus Timely with Risk

CMSI CAN HELP YOU!!! Complete compliance audits Analyzing your risk Identifying your gaps Aspect / Impact review Hazard / Risk review Understanding your own risk and ways to place controls in place

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information