Posted By Callisto2001 After a recent audit by BSI of our H&S Management System I was left with a non conformance that required us to demonstrate how we complied & evaluated our legal compliance. We were able to show that we had an internal audit annually for this specifically as well as a number of third party audits; additionally, we subscribe to an electronic H&S monthly update service and have access to a large number of ACOP's pertinent to our business activities. I am struggling a little to think of further measures we could employ to demonstrate evaluation and compliance of legal obligations; can anybody help me with ideas\suggestions on what else we might introduce?

Posted By C.J. Detail how you ensure you comply with each piece of legslation you have identified which could be: PPE Regs examples (off the top of my head) A meeting where PPE requirements for the company was discussed. Audit undertaken on the PPE inspection regime. Records of PPE being risk assessed & trialed before being used. Periodic site inspections, which cover use of PPE as part of their contents Records of concerns or improvements disscussed with PPE reported in the H&S Meetings. Accident investigations which show that PPE was looked at to see if it was suitable or whether different PPE could have prevented it. External Audits where PPE is covered. LA or HSE inspections where PPE was covered.

Posted By Robert K Lewis A regular issue this is becoming and it probably the key to a half decent system. Simply identifying the legal and other requirements is not enough and the compliance audits I have seen simply look to see if all relevant legislation is identified. By definition this will ignore the second half of the clause requirement ie OTHER REQUIREMENTS. It also ignores the fact that you require procedures to identify that you are in fact COMPLYING with the law and other requirements not simply recording that they are recognised. Most systems I have seen recently, paqrticularly the "installed in 30 or 45 day" ones really do not adddress this and really should not have been certified as compliant. Look at the ISO 14001 guidance as this ma give some assistance. Bob

Posted By KayS I would say that's unfair of the auditor to give a nonconformity for that - Observation, fair enough, but I was taught (by BSi learning as it happens) that auditors are supposed to look for conformity, not nonconformity, so I think it sounds a bit harsh! Mind you, I have been feeling very cynical about 3rd party audits lately ;-P I reckon only internal employees who truly know the ins and outs of their management systems (and who are objective enough to admit flaws) can ultimately come up with worthwhile improvements, rather than bureaucracy just for the sake of it as often proposed by external auditors.

Posted By KayS I do agree with Bob, but I still say semantics and personal interpretation can cloud issues like this - Callisto2001 says "complied & evaluated our legal compliance. We were able to show that we had an internal audit annually", i.e. he/she said the problem was with 'legal' compliance and not necessarily related to evaluation of compliance with the 'other requirements'. Now obviously we don't know how effective his/her internal audit and associated procedure was, and whether or not it did show sufficient (evaluation of) compliance (legal or otherwise), but having only the superficial information given in the question I can still detect some conformity to the non-explicit requirements of the standard. Perhaps the auditee could have given the auditor more details (e.g. like the good examples given above by C.J.) or maybe Callisto2001 neglected to mention a failure to comply with procedural requirements the company set for themselves, but from the information provided it doesn't sound like a nonconformity. However, all of that said, I am open to suggestion and for my own personal development I am also keen to understand the reasons why others may feel the clause was not covered. Thanks Kay

Posted By Cliff Davis I agree with Bob on this. My company fell in to the same trap and It reads like the company concerned hasn't understood the requirement of 4.5.2 either. The evidence required is a list of legislation pertaining to your business, both generic such as HASAW, PUWER, LOLER etc and specific, for example if you worked in food production or construction. The relevant list MUST contain the legislation pertaining to your business and you MUST show how you pro-actively check this legislation. Once i got my head round it, it wasn't that difficult.