ISO 9001 Legislative Compliance Requirements

The Introduction of ISO 9001:2015 states:

“The potential benefits to an organisation of implementing a quality management system based on this International Standard are: a) the ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements;”

Many people are unaware that when you decide to comply with ISO 9001:2015, you are also required to include statutory and regulatory requirements within the QMS. People are not only unaware of these requirements, but are also often times unsure on how to comply with these legislative compliance requirements. Throughout the entire document, regulatory and statutory requirements are mentioned and in  Appendix A of ISO 9001:2015 it clearly states that it is your responsibility to meet these requirements as part of the QMS.

What are Statutory and Regulatory requirements?

Statutory is defined by a decree or an act, and regulatory is either a state, national or international law. ISO 9001:2015 states that these rules need to be followed and met when you become ISO 9001:2015 certified. These legal requirements are mandated and are necessary in order for your organization to sell products and services legally.

What are the legislative compliance requirements in ISO 9001:2015?

ISO 9001:2015 statutory and regulatory requirements are discussed in conjunction with customer requirements. ISO 9001:2015 is based around meeting customer needs, applicable statutory and regulatory requirements, and industry requirements. Depending on your organization, it is your responsibility to understand and meet and necessary requirements.

A great way to help you keep your requirements organized, is to set up a matrix or chart to clearly allow you to distinguish what requirements you need to meet and what the source document is.

For your Quality Management System, there are two main types of statutory requirements you need to meet:

Product and Service Requirements

Product and service requirements include specifications that allow for their legal sale. An example of a requirement includes safety testing standards. It is your responsibility to understand and meet the necessary legal requirements, and should be embedded into your product and service specifications. If there are any certain tests mandated for a product or service you offer this should also be included into your requirements.  

Process and Procedure Requirements

There are several requirements based around processes and procedures that are necessary to meet. There are several regulatory and statutory requirements surrounding processes and procedures and it is important to know which are applicable to your organization and to meet these needs. One example would be employee competence.