ISO 9001:2015 requires top management to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements, but what exactly are these legal requirements? And what’s the most effective way to define these for your Quality Management System (QMS)?
What are the QMS legal requirements that ISO 9001:2015 requires you to define?
The requirement to comply with quality statutory and regulatory requirements, also expressed as legal requirements, occurs no less than twelve times in various clauses of the ISO 9001:2015 standard including:
- 4.2 Understanding the needs and expectations of interested parties… consistently provide products and services that meet customer and applicable statutory and regulatory requirements
- 5.1.2 Customer Focus… ensure that applicable statutory and regulatory requirements are determined, understood and consistently met and in this way demonstrate leadership and commitment to customer focus.
- 8.2 Requirements for products and services... ensure the requirements for the products and services are defined, including any applicable statutory and regulatory requirements.
- 8.4 Control of externally provided processes, products and services… control the potential impact of the externally provided processes, products and services on the organisation’s ability to consistently meet customer and applicable statutory and regulatory requirements.
- 8.5 Post-delivery activities… meet requirements for post-delivery activities associated with the products and services including statutory and regulatory requirements.
Examples of ISO 9001 Quality related Legal requirements for your QMS
Listing relevant compliance statutory and regulatory requirements in a legal register within your Quality Management System will help you determine how the requirements apply and what controls are in place to manage the requirement. Here’s a few examples of what you could include in your legal register:
The Unfair Trading Regulations impose a general prohibition on traders in all sectors from engaging in unfair commercial practices with consumers. It follows from this that there is a duty to trade fairly and honestly with consumers. The Regulations have significant importance in the marketing and selling of goods and services.
Applicable where there is a contract between a trader and a consumer for the trader to supply goods, digital content or services.
Stands alongside Regulations to create a greatly simplified body of consumer law. Taken together, they set out the basic rules which govern how consumers buy and businesses sell to them in the UK. Applicable to agreements, faulty products, sales descriptions including online sales.
Legal requirements relating to design and quality of production of products should be embedded into your product and service specifications. Other legal requirements to consider in your ISO 9001 legal register may include regulations relating to employment such as the Employment Rights Act 1996 (ERA) or the Coronavirus Act 2020.
Maintaining your ISO 9001 Quality Legal register
The introduction of new legislation or changes to existing legislation should be identified and communicated to relevant employees as soon as possible. As a quality manager you’ll need to:
- Determine whether a piece of amended legislation, or new legislation is relevant to your QMS
- Determine how the requirements apply and what controls are in place to manage the requirement
- Determine that the organization is compliant with the legislation
- Undertake periodic reviews of quality legal requirements to ensure continued compliance of your Quality Management System.
How Legal Compliance Manager Software can help you maintain your ISO 9001 QMS legal register
One of the easiest ways to maintain your quality legal register is to use software such as the ISOvA Legal Compliance Manager, which provides you with a list of over 240 UK statutory and regulatory requirements.
Simply review questions such as ‘Do you sell to consumers?’ or ‘Do you employ people?’ to identify if the legislation is relevant to your organisation. Clicking on ‘further information’ will take you to a webpage that explains the purpose of the requirement with examples of evidence required - See Step 2: Legal Register for further information.
The ISOvA Legal Compliance Manager ensures that your QMS automatically updates with the latest Quality legislations or changes to existing legislations. ISOvA also provides a free legal updates newsletter with a summary of those changes.