Operator responsibility is not an abstract liability issue, but a daily task: it's about organization, record-keeping, and legally compliant fulfillment of inspection and maintenance obligations in buildings. This article summarizes the relevant legal bases, highlights typical liability traps, and provides a practice-oriented roadmap with prioritized measures and digital tools such as CAFM, IoT and document management, so that facility managers and technical directors have concrete to-dos and selection criteria for implementation.
Legal Basis and Binding Standards for Operator Responsibility
Key takeaway: Copyright © 2026 Operator responsibility relies on a few binding legal sources; those who know them can derive and document obligations specifically. Important starting points are the Ordinance on Industrial Safety and Health, the Occupational Safety and Health Act, state building codes, as well as DGUV regulations and VDI guidelines. Read the texts in their original version: BetrSichV, ArbSchG, DGUV, BAuA, VDI.
What the Most Important Standards Practically Require
BetrSichV: Operators must Risk assessments for systems, appoint responsible persons, and define inspection intervals. Furthermore, safety-relevant changes must be documented and recurring deadlines must be met.
ArbSchG (German Occupational Safety and Health Act): Employers and operators are obliged to design workplaces safely, conduct training, and implement protective measures. The risk assessment must be in writing and updated when changes occur.
DGUV and VDI/Guidelines: DGUV regulations specify testing procedures (e.g., DGUV V3 for electrical installations). VDI guidelines such as VDI 6022 are not laws but are considered the state of the art and are incorporated into the inspection requirements of authorities and insurers.
- Documents during inspections: Risk Assessments, Inspection Logs (DGUV V3, Elevators, Fire Alarm Systems), Maintenance Plans, Operator Instructions, Training Records, and Contracts with Third-Party Companies.
- What Authorities Expect: Traceable Responsibilities, Complete Inspection History, and an Audit Trail, No Loose Excel-Lists Without Version Control.
- Practical audit point: If a signed proof is missing, auditors often consider the measure to have not been carried out.
Clarification of the term 'Operator': The operator is not automatically the owner. The operator can be the user, the contractually responsible party, or an external FM service providers party. The decisive factor is the actual control and organizational power over the operation of the facility.
Trade-offs and limitations: Documentation alone does not protect against liability – it is a condition, not a substitute for proper technology and organization. Digital systems facilitate record-keeping but increase dependence on data quality; poor Master Data data quickly turns a CAFM system into a paper archive 2.0.
Concrete example: In a hospital, compliance with VDI 6022 for ventilation systems is a regular inspection subject. The operator has the duty to prove regulated inspection intervals, keep inspection logs, and contractually define responsibilities between hospital management and external FM service providers service providers. Without a verifiable audit trail, responsibility may fall back on the operator during a hygiene inspection.
Next step: Identify the three to five systems with the highest risk potential and compare existing records against the mentioned standard requirements. Only then will legal certainty derived from documents become practical and verifiable.
Frequently Asked Questions
Key takeaway: Frequently Asked Questions about Operator responsibility focus not on general knowledge but on practical decisions: who signs which protocols, which records are sufficient during an inspection, and how to integrate digital tools into the record-keeping process.
Is Operator Responsibility Fully Delegable to an External FM Service Provider?
Short answer: No. Operational tasks can be delegated, but the overall legal responsibility usually remains with the operator. Practical consequence: Contracts must include inspection mechanisms, reporting obligations, and escalation paths so that the operator can prove their inspection duties towards authorities and insurers.
What Documents Do Supervisory Authorities Typically Require During an Inspection?
Most important Documents: Risk assessments, verified inspection logs (e.g., DGUV V3), maintenance plans, operator instructions, and training certificates. Authorities check the traceability of responsibilities and whether inspection results have actually been implemented; incomplete or unverified logs are often considered non-existent.
What CAFM Functions Are Indispensable for Fulfilling These Documentation Requirements?
Essential functions: a robust asset register with unique IDs, automated inspection plans, mobile inspection checklists, a complete audit trail, and document management for certificates. Trade-off: Many systems provide reports – the problem is rarely the lack of functions, but poor Master Data and a lack of process integration.
How Quickly Does the Introduction of CAFM Pay Off in the Context of Operator Responsibility?
Realistic expectation: The payback period is usually between 12 and 36 months, depending on the size of the property, the number of inspection cycles, and the initial condition of the data. Limitation: If you only map paper processes 1:1, the benefit remains low; invest first in cleaning up critical master data and Standardization of inspection workflows.
What Technical Requirements Are Needed for a Clean IoT Connection to CAFM?
Minimum requirements: Real-time events for critical alarms, standardized asset IDs, timestamps, and reliable interfaces such as REST or OPC-UA. Limitation: Live-data are only helpful if rules exist that translate alarms into inspection or escalation workflows; otherwise, you just create more notifications without consequences.
What Role Does Insurance Play in the Documentation Process?
Practical finding: In the event of a claim, insurers require proof that reasonable Operator Duties have been complied with. Incomplete documentation can lead to reduced benefits. Actual benefits of digital logs: A clean audit trail significantly reduces points of contention — provided the data is immutable and the process is documented.
Concrete example: In an industrial plant, temperature increases in switchgear triggered an IoTalarm; the system automatically created a ticket in the CAFM, documented measured values, and the measures initiated as a result. In the event of a later claim, the insurer accepted the complete logs as proof of immediate countermeasures, thereby avoiding disputes over negligence.
Misconception I often see: Uploading certificates to a system once does not replace regular checks. Authorities and insurers look at consistent processes, not just the completeness of files.
Next steps that have an immediate impact: 1) List the ten most critical assets and link them to existing inspection protocols; 2) Set up an audit trail for these assets in your CAFM and test it against a hypothetical authority request; 3) Supplement contracts with service providers to include the obligation to digitally transfer signed protocols; 4) Pilot IoTconnection for a critical system and measure the response time until ticket creation.
