Eager to be legal
An intended attribute of a risk-based environmental management system (EMS) that
meets ISO 14001:1996 (the EMS standard) is compliance with the appropriate legal
David Powley, of DNV Certification, provides basic advice on how the management system can be used to full effect with a view to it withstanding an independent certification audit.
A management system can be regarded as a device to manage risks facing an organisation
– one such risk is that of falling foul of the law. Certification to the ISO
14001 standard entails a capability to deliver environmental regulatory compliance.
Within the standard itself there is enough to enable this.
Clause 4.3.2 requires a procedure ‘to identify and have access to legal and
other requirements….’ Clause 4.3.3 says ‘When establishing and reviewing
its objectives, an organisation shall consider the legal and other requirements…’
Clause 4.5.1 requires an organisation to ‘establish and maintain a documented
procedure for periodically evaluating compliance with relevant environmental
legislation and regulation’.
When looking at the meaning within all of the Standard-speak there are essentially
two main demands for an organisation. These are first of all to understand and
react to the governing environmental regulatory framework and secondly to periodically
check compliance with it.
The process of understanding and reacting to the environmental regulatory framework
is one of gathering and reacting to information and comprises a number of sub-processes
which have similarities to that which intelligence agencies and marketing functions
adopt. The sub-processes are collection/collation, interpretation, dissemination
Currently there are masses of opportunities of access to legal information
what with the internet, journals and regular subscription to information sources.
Information overload is a problem that can so easily be suffered. An example
collation process is one that results in a database that has legislation conveniently
arranged according to atmospheric emissions, discharges to the aquatic environment,
wastes management, nuisance, ecological aspects and resource usage issues. A
third-party audit (TPA) generally reveals that most organisations handle this
activity well but having the information is not the end game!
All for interpretation
Moving on to interpretation, at some stage the organisation through its appointed
personnel must decide on the meaning and applicability (to the organisation)
of the legislation as well as considering the implications of amendments. This
requires some expertise, which an auditor will always look for during a TPA.
It is all very well understanding and having access to information, but what
is done with it?
Dissemination is where many organisations can fall short. It does not mean
handing over copies of statutory instruments to operational personnel or quoting
directly from legal documents, which of course have their own idiom that can
baffle most normal people. The appropriate content of the legislation should
be communicated in a comprehensible form to the personnel most affected. For
example, the main requirements of Discharge Consent (e.g. limits, volumes etc)
should be understood by the supervision or management of the site’s effluent
treatment process. The TPA auditor will evaluate whether this dissemination
is being carried out.
The fourth sub-process, reaction, basically means complying with the applicable
regulatory framework. This can be setting improvement objectives wherever there
is evidence of non-compliance or maintaining the use of appropriate procedures
in order to ensure the existing compliance.
For improvement objectives the TPA auditor will check that there is a high
degree of intention and commitment that achieves that improvement. In the case
of management by use of appropriate procedures, the auditor will check compliance
with these procedures (e.g. the operating instructions of the effluent treatment
The most efficient way of checking compliance with legislation is via the internal
(or first party) audit. For example, there is nothing more powerful or revealing
than a line-by-line compliance audit of the requirements set out in licence
conditions such as Discharge Consents, Process Authorisations, Site Licences
and other statutory conditions.
Any variances found can then be the subject of corrective action. There may
be other preferred ways of checking compliance but whatever method is used,
the TPA will want to see that some form of meaningful self-evaluation is carried
out by an organisation.
The above is merely a brief and simplistic account of a subject deserving more
detailed explanation. However the point worth bearing in mind is that the relationship
between environmental management systems and legislative compliance means something
more useful than accumulating information that is not reacted to. It means enabling
an organisation to actually comply with the law.
© Faversham House Ltd 2022 edie news articles may be copied or forwarded for individual use only. No other reproduction or distribution is permitted without prior written consent.