ISO 45001:2018, the Occupational Health and Safety Management System standard was published in early March 2018. This is the eleventh in a series of blogs, in which we describe what the implementing company must do in order to meet the requirement of the standard. We will continue to look at clause 6.1: Actions to address risks and opportunities.
Clause 6.1.3: Determination of Legal Requirements and Other Requirements
The organisation should have a process to determine and have access to health and safety legal requirements and other requirements applicable to its OHSMS, and to determine how these requirements apply to the OHSMS.
The process should cover:
- What are the organisation’s legal and other requirements and how are they determined, accessed and kept up-to-date;
- How do these legal and other requirements apply to the organisation’s activities, processes, plant & equipment, workforce, hazard profile & associated OH&S risks, the overall OH&SMS and its OH&S performance;
- How these legal and other requirements are taken into account when establishing, implementing, maintaining and continually improving the organisation’s OH&S management system.
Legal requirements could include:
- Acts and statutory instruments such as the Safety, Health and Welfare at Work Act 2005 and the Safety, Health and Welfare at Work (Chemical Agents) Regulations 2001;
- Licences, permits and other forms of authorisation such as the EPA Office of Radiological Protection licence or Seveso establishment notification;
- Improvement or prohibition notices issued by HSA/HSE;
- EU Directives or Regulations.
Other requirements could include:
- Parent company protocols or policies;
- Collective bargaining agreements;
- Voluntary adherence to sector or trade body guidance documents;
- Contractual conditions;
- Employment agreements;
- Voluntary principles, codes of practice, technical specifications, charters;
- Public commitments of the organisation or its parent company.
The organisation must ensure that relevant workers know how to access information on legal and other requirements that are applicable to them.
The organisation is required to maintain and retain documented information on this process. This will ensure that the information is updated to reflect any changes to the organisation’s health and safety profile.