01. Dec 2015

ISO 9001 Revision explained in simple terms

Statutory and regulatory requirements

In a series of technical lectures, Quality Austria provides information on the revision of ISO 9001:2015. Each month, a key concept of the revision will be explained more profoundly. This month, Eckehard Bauer, MSc, and Ing. Wolfgang Hackenauer, MSc, explain the exciting topic of the statutory and regulatory requirements and show seven steps to legal certainty.

Understanding statutory and regulatory requirements

Eckehard Bauer, MSc, and Wolfgang Hackenauer, MSc

 

What approach is pursued by ISO 9001:2015?
ISO 9001:2015 can be used to enable organizations to permanently meet the customer requirements as well as the statutory and regulatory requirements that are applicable to the products and services provided by the organizations. Furthermore, statutory and regulatory requirements are significant for the scope of the Standard. ISO 9001:2015 does not include any specific requirements relating to other management systems, e.g. environmental management systems, occupational health and safety management systems or finance management systems.

Examples of statutory requirements:

  • laws (Product Liability Act, Act on Electrical Engineering, food law, etc.)
  • Regulations and Directives (Machinery Safety Regulation, “CE marking”, Construction Products Directive, etc.)
  • administrative decisions (trade licences)
  • contracts (delivery contract, customer contract, liability insurance, etc.)
  • internal obligations (company agreements, working-time models, plans for personnel development, etc.)

The Figure is to give a rough overview of what Clauses in connection with “statutory and regulatory requirements” (Note: Instead of “statutory and regulatory requirements”, “legal requirements” can also be used) need to be taken into account and of the concrete requirements to be met (e.g. determination of the legal requirements).

 

Fig. 1: Statutory Requirements

In connection with issues relating to products and services, the topic of legal requirements placed on organizations sometimes is particularly critical.

In order to meet the customers’ expectations and the relevant statutory and regulatory requirements, the organizations are required to determine the relevant requirements and monitor and review relevant information. Furthermore, top management must be capable of demonstrating that the customer requirements as well as applicable statutory and regulatory requirements are determined, understood and met.

Moreover, the organization must be capable of ensuring that it can provide products and services that help the organization to keep promises relating to any statutory and regulatory requirements (feasibility study, contract review). If the organization provides design and development services, applicable statutory and regulatory requirements will have to be considered as design and development input.

When determining the type and extent of control of external provision of processes, products and services, statutory and regulatory requirements will have to be taken into account. These requirements also need to be taken into consideration at post-delivery activities.

 

Changes to the preceding issue

Up to now, the statutory and regulatory requirements have only been dealt with in the general part.

Now the topic draws a red-thread path through the Standard. However, a comparison with ISO 14001:2015 shows the following: Even though a high level structure is striven for, it is ISO 14001:2015 that closes the control loop. A bow is bent from a commitment to the protection of the environment in environmental policy via performance evaluation to management review.

 

Implementation

By systematically implementing these normative requirements relating to the topic of “law”, an organization can take significant steps to becoming fit to meet statutory and regulatory requirements. If statutory and regulatory requirements are not directly transmitted by the customer, it will become necessary to investigate into product and/or service specific obligations.

The REGULATION (EC) No 765/2008 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 9 July 2008 setting out the requirements for accreditation and market surveillance relating to the marketing of products and repealing Regulation (EEC) No 339/93 basically regulates market surveillance of certain products. The member states have issued national Market Surveillance Programmes.

Market surveillance is aimed at ensuring that products will only be brought into circulation and put into operation if they do not pose any risks and hazards to the safety and health of persons and if they meet other requirements regulated in the relevant Regulations, Directives and Acts. Examples of other topics of market surveillance include accuracy of inspection, measuring and test equipment or good housekeeping with energy.

Excerpt from the Market Surveillance Programme 2016:

News & Events

The basis for long-term success!

28. Mar 2024

ISO 14001 is being revised – what can we expect?

New revision planned

Learn more
22. Mar 2024

Into the future with a system

New qualityaustria Overview of Services 2024 published

Learn more
08. Jan 2024

Current information on the ISO 450xx series

New publication EN ISO 45001:2023

Learn more
13. Mar 2024

Event: 29. qualityaustria Forum

21. Dec 2023

ISO 9001 Revision: What you need to know now!

The first board meeting has taken place

Learn more
18. Dec 2023

Whistleblower system SecuReveal now accessible via qualityaustria website

All about the anonymous whistleblowing system for whistleblowers

Learn more
28. Nov 2023

SCC: Current status and important news

Known key points and further information

Learn more
07. Nov 2023

Quality Austria is new Certification Body for ISO/IEC 27001

Increasing demand for information security

Learn more
28. Aug 2023

Notified Body for in vitro diagnostics and medical devices

Communication from QMD Services GmbH

Learn more
24. Aug 2023

Achieving the green transformation with management systems

Achieving the green transformation with management systems

Learn more
24. Aug 2023

Pick up speed with EN 15085

Quality Austria recognized as manufacturer certification body

Learn more
19. Sep 2023

Event: CIS Compliance Summit 2023

The event will take place on 19 September 2023 at the ATH Savoyen in Vienna.

Learn more
+43 732 34 23 22