ISO 14001 was first published in 1996 and specifies the actual requirements for an environmental management system. It applies to those environmental aspects which the organization has control and over which it can be expected to have an influence.
ISO 14001 is often seen as the corner stone standard of the ISO 14000 series. However, it is not only the most well known, but is the only ISO 14000 standard against which it is currently possible to be certified by an external certification authority. Having stated this, it does not itself state specific environmental performance criteria.
This standard is applicable to any organization that wishes to:
- implement, maintain and improve an environmental management system- assure itself of its conformance with its own stated environmental policy (those policy commitments of course must be made)- demonstrate conformance- ensure compliance with environmental laws and regulations- seek certification of its environmental management system by an external third party organization- make a self-determination of conformance
Sunday, August 30, 2009
Evaluation Of Compliance Of ISO 14001 EMS
The requirement to establish a procedure for periodically evaluating compliance with applicable legal and other requirements falls short of specifically requiring regulatory compliance audits but, in fact, a system of regular regulatory compliance audits may be the most practical means for meeting this requirement of the standard. In the U.S., determination of whether to conduct a compliance audit will be governed in part by the particular jurisdiction’s approach to allowing a legal privilege for the self-assessment audit.
Evaluation vs. Audit – The difference between an evaluation and audit can only be determined by looking outside of ISO 14001. Consulting a dictionary reveals that an evaluation involves a determination of value or worth and that an audit is an examination of accounts done by persons appointed for the purpose. A better definition `is the more specific ISO 19011:2002, Guidelines for Quality and/or Environmental Management Systems Auditing, which defines an audit as a “systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.” Many organizations do not have a system for evaluating regulatory compliance other than their own records and the inspections of regulatory officials. This lack of a verification system can be a risky way to operate. Reports of enforcement actions and consent agreements show that many organizations are blindsided by rogue employees who violate rules and falsify documents to cover up environmental misdeeds. Although ISO 14001 does not prescribe a specific approach to evaluation of regulatory compliance, organizations should consider methods for going beyond verification of records by collecting and evaluating physical evidence.
Evaluation vs. Audit – The difference between an evaluation and audit can only be determined by looking outside of ISO 14001. Consulting a dictionary reveals that an evaluation involves a determination of value or worth and that an audit is an examination of accounts done by persons appointed for the purpose. A better definition `is the more specific ISO 19011:2002, Guidelines for Quality and/or Environmental Management Systems Auditing, which defines an audit as a “systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.” Many organizations do not have a system for evaluating regulatory compliance other than their own records and the inspections of regulatory officials. This lack of a verification system can be a risky way to operate. Reports of enforcement actions and consent agreements show that many organizations are blindsided by rogue employees who violate rules and falsify documents to cover up environmental misdeeds. Although ISO 14001 does not prescribe a specific approach to evaluation of regulatory compliance, organizations should consider methods for going beyond verification of records by collecting and evaluating physical evidence.
REQUIREMENTS OF ISO 14001
REQUIREMENTS OF ISO 14001In order to effectively implement and benefit from an ISO 14001 EMS, it is important tohave an understanding of the standard’s requirements. A quick review of the standardshows that it is structured following the Plan, Do, Check, Improve philosophy of theTotal Quality Management movement, as follows:
PLAN4.2 Policy4.3 Planning
DO4.4 Implementation and Operation
CHECK4.5 Checking and Corrective Action
IMPROVE4.6 Management Review
Within these five elements are 17 sub-elements stating the various requirements.
4.2 Policy
4.3 Planning4.3.1 Environmental Aspects4.3.2 Legal and Other Requirements4.3.3 Objectives and Targets4.4.4 Environmental Management Programs
4.4 Implementation and Operation4.4.1 Structure and Responsibility4.4.2 Training Awareness and Competence4.4.3 Communications4.4.4 EMS Documentation4.4.5 Document Control4.4.6 Operation Control4.4.7 Emergency Planning and Response
4.5 Checking and Corrective Action4.5.1 Monitoring and Measurement4.5.2 Nonconformance, Corrective, and Preventive Action4.5.3 Records4.5.4 EMS Audit
4.6 Management Review
Within these 17 sub-elements are all of the requirements, or “shalls”, necessary toconform to ISO 14001. There is no substitute for reading the standard in terms ofrecognizing the requirements. As a matter of fact, no auditor should embark on an auditwithout having easily available the criteria to which they are doing the audit. However,below we briefly summarize the key points of the sub-elements. This summary is notintended to be a replacement for ISO 14001, and should not be used exclusively as suchduring an audit.
Detailed Section by Section Summary4.2 PolicyISO 14001 requires that the organization have a policy statement to drive the EMS.These tend to be short, one page or less documents, and simply affirm the commitments.There is no expectation that specific details be noted in the policy. For example, thecommitment to pollution prevention can simply be stated saying, “we are committed toprevention of pollution”. The policy must be clearly endorsed by top management andbe available to the public and employees. Although the availability to the public can berather passive; i.e. “is here if they want it”, there is an expectation that the employeeawareness is more proactive. Section 4.2 of ISO 14001 lists the other requirements of thepolicy.
4.3.1 Environmental AspectsThis element requires a procedure that not only identifies the aspects and impacts, butalso provides for determination of significance, and keeping the information up to date.ISO 14001 does not prescribe what aspects should be significant, or even how todetermine significance. However, it is expected the organization will develop aconsistent and verifiable process to do so.
4.3.2 Legal and Other RequirementsThis is a requirement for a procedure that explains how the organization obtainsinformation regarding its legal and other requirements, and makes that informationknown to key functions. This is not the assessment or compliance audit requirement, butrather a more up front determination of requirements.
4.3.3 Objectives and TargetsThere is no requirement for a procedure in this element, only that objectives and targetsbe documented. It does require that certain items be considered in developing theobjectives, such as legal requirements and prevention of pollution. It is sometimeseasiest to develop a procedure anyway for this element to be able to verify theseconsiderations were made.
4.3.4 Environmental Management Programs (EMP)EMPs are the detailed plans and programs explaining how the objectives and targets willbe accomplished. These EMPs usually note responsible personnel, milestones and dates,and measurements of success. Noting monitoring and measurement parameters directlyin the EMP facilitates conforming to 4.5.1 on Monitoring and Measurement discussedbelow.
4.4.1 Structure and ResponsibilityISO 14001 requires that the relevant management and accountability structure be definedin this element. This usually takes the form of an organizational chart. Also, theorganization must denote the Management Representative who is responsible to overseethe EMS and report to management on its operation.
4.4.2 Training Awareness and CompetenceThe key point in this element is that personnel must receive applicable training regardingthe EMS. Specific requirements are itemized in ISO 14001, and include general,company-wide items such as knowing the policy, to more function-specific training onaspects and emergency response. An organization usually responds to this element with atraining matrix, cross-referencing to training materials and records.
4.4.3 CommunicationsProcedures are required for both internal and external communications. Note that ISO14001 only requires procedures, and allows the organization to decide for itself thedegree of openness and disclosure of information. Whatever the decision in terms ofdisclosure, that decision process must be recorded.
4.4.4 EMS DocumentationThis requirement is simply that the organization has documented the system in eitherelectronic or paper form such that it addresses the elements of the standard and providesdirection to related documentation. Not all ISO 14001-required procedures need to bedocumented, as long as the system requirements can be verified.
4.4.5 Document Control.Procedures are required to control documents, such as system procedures and workinstructions, and to ensure that current versions are distributed and obsolete versions areremoved from the system.
4.4.6 Operational ControlThis element is the one which connects the EMS with the organization as a whole. Here,the critical functions related to significant aspects and objectives and targets are identifiedand procedures and work instructions created to ensure proper execution of activities.Requirements for communicating applicable system requirements to contractors are alsoaddressed.
4.4.7 Emergency Planning and ResponseAlthough typically addressed through conventional emergency response plans, thiselement also requires that a process exist for identifying the potential emergencies, inaddition to planning and mitigating them. A linkage to the aspects analysis, whereimpacts are assessed, is appropriate. Emergency incidents include those that may not beregulated, but may still cause significant impact as defined by the organization.
4.5.1 Monitoring and MeasurementProcedures are required describing how the organization will monitor and measure keyparameters of operations. These parameters relate to the significant aspects, objectivesand targets and legal and regulatory compliance. In order to properly manage the system,measurements must be taken of its performance to provide data for action. Responses tothis element usually cross reference to many other specific procedures and workinstructions describing measurement and equipment calibration. It is in this element thatwe find the requirement for what is commonly referred to as a compliance audit.
4.5.2 Nonconformance, Corrective, and Preventive ActionThis element requires procedures for acting on Non-conformances identified in the system,including corrective and preventive action. Non-conformances may be identified throughaudits, monitoring and measurement, and communications. The intent is to correct thesystem flaws. Typically, Corrective Action Report (CAR) forms are the norm, noting thenonconformance, the suggested fix, and closure of the action when completed. Note thatthis requirement does not imply in any way that the party identifying the nonconformancemust be the one to suggest the fix. Instead, it is expected that the system provide for theinformation to be routed to the most appropriate party to address the concern.
4.5.3 RecordsRecords are expected to exist to serve as verification of the system operating. Forexample, records include audit reports and training records. Unlike controlleddocuments, records are “once and done” documents, resulting from the execution of someprocess or procedure. Procedures in this element are required for the maintenance ofrecords.
4.5.4 EMS AuditsISO 14001 requires that the system provide for internal audits. This procedures(s) willinclude methodologies, schedules, and processes to conduct the audits. Interestingly, theEMS audit will in essence, audit the audit process itself!
4.6 Management ReviewThis element requires that periodically, top management will review the EMS to ensure itis operating as planned. If not, resources must be provided for corrective action. Forareas where there are no problems, the expectation is that with time, management willprovide for improvement programs. Usually there is no detailed procedure for thiselement, although records of agendas, attendance, and agreed upon action items aremaintained as verification.
PLAN4.2 Policy4.3 Planning
DO4.4 Implementation and Operation
CHECK4.5 Checking and Corrective Action
IMPROVE4.6 Management Review
Within these five elements are 17 sub-elements stating the various requirements.
4.2 Policy
4.3 Planning4.3.1 Environmental Aspects4.3.2 Legal and Other Requirements4.3.3 Objectives and Targets4.4.4 Environmental Management Programs
4.4 Implementation and Operation4.4.1 Structure and Responsibility4.4.2 Training Awareness and Competence4.4.3 Communications4.4.4 EMS Documentation4.4.5 Document Control4.4.6 Operation Control4.4.7 Emergency Planning and Response
4.5 Checking and Corrective Action4.5.1 Monitoring and Measurement4.5.2 Nonconformance, Corrective, and Preventive Action4.5.3 Records4.5.4 EMS Audit
4.6 Management Review
Within these 17 sub-elements are all of the requirements, or “shalls”, necessary toconform to ISO 14001. There is no substitute for reading the standard in terms ofrecognizing the requirements. As a matter of fact, no auditor should embark on an auditwithout having easily available the criteria to which they are doing the audit. However,below we briefly summarize the key points of the sub-elements. This summary is notintended to be a replacement for ISO 14001, and should not be used exclusively as suchduring an audit.
Detailed Section by Section Summary4.2 PolicyISO 14001 requires that the organization have a policy statement to drive the EMS.These tend to be short, one page or less documents, and simply affirm the commitments.There is no expectation that specific details be noted in the policy. For example, thecommitment to pollution prevention can simply be stated saying, “we are committed toprevention of pollution”. The policy must be clearly endorsed by top management andbe available to the public and employees. Although the availability to the public can berather passive; i.e. “is here if they want it”, there is an expectation that the employeeawareness is more proactive. Section 4.2 of ISO 14001 lists the other requirements of thepolicy.
4.3.1 Environmental AspectsThis element requires a procedure that not only identifies the aspects and impacts, butalso provides for determination of significance, and keeping the information up to date.ISO 14001 does not prescribe what aspects should be significant, or even how todetermine significance. However, it is expected the organization will develop aconsistent and verifiable process to do so.
4.3.2 Legal and Other RequirementsThis is a requirement for a procedure that explains how the organization obtainsinformation regarding its legal and other requirements, and makes that informationknown to key functions. This is not the assessment or compliance audit requirement, butrather a more up front determination of requirements.
4.3.3 Objectives and TargetsThere is no requirement for a procedure in this element, only that objectives and targetsbe documented. It does require that certain items be considered in developing theobjectives, such as legal requirements and prevention of pollution. It is sometimeseasiest to develop a procedure anyway for this element to be able to verify theseconsiderations were made.
4.3.4 Environmental Management Programs (EMP)EMPs are the detailed plans and programs explaining how the objectives and targets willbe accomplished. These EMPs usually note responsible personnel, milestones and dates,and measurements of success. Noting monitoring and measurement parameters directlyin the EMP facilitates conforming to 4.5.1 on Monitoring and Measurement discussedbelow.
4.4.1 Structure and ResponsibilityISO 14001 requires that the relevant management and accountability structure be definedin this element. This usually takes the form of an organizational chart. Also, theorganization must denote the Management Representative who is responsible to overseethe EMS and report to management on its operation.
4.4.2 Training Awareness and CompetenceThe key point in this element is that personnel must receive applicable training regardingthe EMS. Specific requirements are itemized in ISO 14001, and include general,company-wide items such as knowing the policy, to more function-specific training onaspects and emergency response. An organization usually responds to this element with atraining matrix, cross-referencing to training materials and records.
4.4.3 CommunicationsProcedures are required for both internal and external communications. Note that ISO14001 only requires procedures, and allows the organization to decide for itself thedegree of openness and disclosure of information. Whatever the decision in terms ofdisclosure, that decision process must be recorded.
4.4.4 EMS DocumentationThis requirement is simply that the organization has documented the system in eitherelectronic or paper form such that it addresses the elements of the standard and providesdirection to related documentation. Not all ISO 14001-required procedures need to bedocumented, as long as the system requirements can be verified.
4.4.5 Document Control.Procedures are required to control documents, such as system procedures and workinstructions, and to ensure that current versions are distributed and obsolete versions areremoved from the system.
4.4.6 Operational ControlThis element is the one which connects the EMS with the organization as a whole. Here,the critical functions related to significant aspects and objectives and targets are identifiedand procedures and work instructions created to ensure proper execution of activities.Requirements for communicating applicable system requirements to contractors are alsoaddressed.
4.4.7 Emergency Planning and ResponseAlthough typically addressed through conventional emergency response plans, thiselement also requires that a process exist for identifying the potential emergencies, inaddition to planning and mitigating them. A linkage to the aspects analysis, whereimpacts are assessed, is appropriate. Emergency incidents include those that may not beregulated, but may still cause significant impact as defined by the organization.
4.5.1 Monitoring and MeasurementProcedures are required describing how the organization will monitor and measure keyparameters of operations. These parameters relate to the significant aspects, objectivesand targets and legal and regulatory compliance. In order to properly manage the system,measurements must be taken of its performance to provide data for action. Responses tothis element usually cross reference to many other specific procedures and workinstructions describing measurement and equipment calibration. It is in this element thatwe find the requirement for what is commonly referred to as a compliance audit.
4.5.2 Nonconformance, Corrective, and Preventive ActionThis element requires procedures for acting on Non-conformances identified in the system,including corrective and preventive action. Non-conformances may be identified throughaudits, monitoring and measurement, and communications. The intent is to correct thesystem flaws. Typically, Corrective Action Report (CAR) forms are the norm, noting thenonconformance, the suggested fix, and closure of the action when completed. Note thatthis requirement does not imply in any way that the party identifying the nonconformancemust be the one to suggest the fix. Instead, it is expected that the system provide for theinformation to be routed to the most appropriate party to address the concern.
4.5.3 RecordsRecords are expected to exist to serve as verification of the system operating. Forexample, records include audit reports and training records. Unlike controlleddocuments, records are “once and done” documents, resulting from the execution of someprocess or procedure. Procedures in this element are required for the maintenance ofrecords.
4.5.4 EMS AuditsISO 14001 requires that the system provide for internal audits. This procedures(s) willinclude methodologies, schedules, and processes to conduct the audits. Interestingly, theEMS audit will in essence, audit the audit process itself!
4.6 Management ReviewThis element requires that periodically, top management will review the EMS to ensure itis operating as planned. If not, resources must be provided for corrective action. Forareas where there are no problems, the expectation is that with time, management willprovide for improvement programs. Usually there is no detailed procedure for thiselement, although records of agendas, attendance, and agreed upon action items aremaintained as verification.
Friday, August 28, 2009
Part of Your Operation
Many facilities have multiple operating units at one location. It is not uncommon to have aresearch and development office at a production facility. The production facility may want toachieve ISO 14001 conformance, but not the R&D offices. As long as an auditor can clearlysee the separation of these two activities, both physically and administratively, there shouldbe little cause for concern.The example above can be used to illustrate another point. If a large manufacturing facilityhad an R&D office on-site, there might be two distinct functional units that share physicalresources but are separate cost centers. In some cases, units will actually pay each other foroffice space, utilities and janitorial service although they are part of the same corporation. Inthis case, separation for purposes of ISO 14001 program development and implementation isnot difficult. Activities should be separate enough, however, to be clear to an outsider. If R&Dengineers are constantly venturing out onto the production line and making changes inpractices and procedures, it may appear to an auditor that they are a portion of theoperational group for the facility. Separation of functional groups might be harder to argue.An example of separation that may NOT be acceptable is separation of the purchasingfunction from the rest of an operation. Since purchasing is tied at almost every managementlevel in an operation, this would seem unreasonable to most auditors, and could generate aconcern in evaluating an ISO 14001 EMS program.
Integration with Existing procedures
Much of what an organization must do in an ISO 14001 EMS is probably already being done.No organization can operate without some environmental programs in place. These programsmay need modification to comply with the ISO 14001 standard, but they serve as a goodstarting point to begin construction of an ISO compliant EMS. In fact, a good way to look atyour EMS Manual is to view it as a road map. It will tell people where to find programs theorganization uses to handle environmental concerns such as: wastewater systems operationalmanuals, air permit operating requirements, hazardous wastes handling procedures, materialspurchasing requirements, and so forth.A well-conceived ISO 14001 EMS will use existing environmental programs and proceduresas a foundation. It will also include the business management practices of the companywherever possible. An example of this would be tying environmental impacts of raw materialspurchases into an existing procedure to review raw materials specifications for engineeringrequirements and consistency. Many firms already have such procedures in place.Other types of program integration may include integrating cost accounting practices withenvironmental operational practices. Many organizations cannot actually determine wheretheir environmental dollars go. As a result, they cannot identify opportunities for financialimprovement in environmental practices. Without such information, the environmentalmanagement of an organization is difficult. If management cannot see any cost benefit inenvironmental decision making, the managers usually take the least costly option. Activitybasedcosting allows a more comprehensive understanding of how environmental expensesare accrued by process and product rather than by facility or region. Then process control andproduct design can be reviewed to see if costs associated with their environmental impactscan be minimized. This is a good example of what ISO 14001 hopes to accomplish--goodfinancial management leading to better environmental control.
Program Intent
The intent of an ISO 14001 environmental management system (EMS) is to develop asystematic management approach to the environmental concerns of the organization. Theexpected outcome of this approach is continual improvement in environmental management.By setting an environmental policy, then making the environmental concerns of the firm clear(Aspects) and defining what will be done to control them (Objectives and Targets), planning isaccomplished. Then, by establishing organizational structure, personnel responsibilities,competency and training, implementation begins. Communication practices, documentationcontrol and procedural documents, operational control and emergency preparedness definethe operation portion of the program. These items are usually included in an EMS Manual,which documents a program to accomplish the Objectives and Targets set above. Theorganization’s methods for measuring and monitoring its environmental impacts is alsoincluded in the Manual, along with practices for identifying nonconformance and forimplementing corrective and preventive actions. These, along with routine systems audits andrecord keeping constitute the EMS checking and corrective action program. And finally, theprogram has a routine management review of its activities. The words in bold above describethe general sections of an ISO 14001 EMS.
Emergency Preparedness and Response In ISO 14001
Emergency Preparedness and Response In ISO 14001
Under the Emergency Preparedness and Response requirement of ISO 14001:2004 (§4.4.7), the organization is required to establish procedures for identifying the potential for and responding to emergency situations and accidents that can have an impact on the environment.
Identification of Potential Emergency and Accident Situations – Experience indicates that organizations infrequently have a preexisting procedure for identifying potential emergency and accident situations.
The norm is to establish emergency and accident responses for a variety of emergency and accident situations irrespective of the potential for their occurrence. But ISO 14001 is specific about requiring a procedure to identify the potential for emergency situations and accidents. Adhering to the requirement of the procedure is a valuable exercise that helps organizations identify weaknesses in their own emergency planning and to plan for that which is most likely to occur.
Because many environmental impacts of an emergency or accident situation are secondary in nature, it appears that all potential emergency or accident situations need to be identified before a determination of environmental impacts can be made. An organization that attempts to identify potential emergency or accident situations based on a review of its environmental aspects would likely miss the environmental impact potential of, say, an automobile accident.
There are five steps implied by the emergency preparedness and response requirement:
1) Identify the potential for emergency situations and accidents of all kinds;
2) Paying particular attention to the potential environmental impacts of accidents and emergency situations, identify how the organization can prevent and mitigate associated adverse environmental impacts;
3) Determine how the organization and its employees should respond to emergency situations and accidents;
4) Periodically simulate emergency situations to test response capabilities; and,
5) Review and revise procedures based on experience derived from actual and simulated emergency situations and accidents.
Accident and Emergency Situation Identification – In order to identify potential for and responding to emergency situations and accidents, the organization should develop a procedure for systematically identifying accident and emergency situations, evaluating their probability of occurrence, their likely consequences, and their severity.
Organizations often engage risk management specialists to assist in the identification of potential emergency or accident situations that could lead to human injury, environmental damage, or economic loss. While many checklists are available to facilitate this kind of evaluation, there is virtually no substitute for physical evaluation of facilities by knowledgeable personnel, whether employees or outside professionals.
Emergency Response Procedures – The organization is required to develop procedures for responding to emergency situations and accidents when they occur. Typically, response procedures include identifying public emergency response agencies and their capabilities, identifying individuals within the organization who are trained and able to provide assistance in emergencies, establishing an emergency communications network, and providing emergency lighting, signage, and equipment. Because Emergency Response Procedures are based on identified potential emergency situations and accidents specific to the organization, the emergency response plan will be unique for each organization.
Periodic Testing – The value of conducting emergency response exercises lies not only with simulating situations that could occur but also in identifying flaws in the response plan. Practice drills can be the most effective test of the system to give employees, emergency response personnel, and management the opportunity to walk through the plan and gain familiarity with its procedures. While a full-dress response exercise is valuable, testing of procedures can be effectively done on much smaller scales and still provide the benefits of testing. Above all, the organization should not let the impracticality of a full-dress exercise keep it from testing sub elements of the emergency response plan.
Review and Revise – ISO 14001 calls for continual improvement of the EMS. Periodically reviewing and revising emergency response plans based on the experience gained from the occurrence of emergency situations or accidents or in testing response plans is an example of continual improvement.
Written Response Plans – Many written emergency response plans are too cumbersome to be of value in an emergency situation – their value depends entirely upon previous training of persons who will be called upon to execute them. Yet, many organizations fail to provide the emergency response training necessary to make the plans functional.
Keeping in mind that even the simplest, most direct emergency response plan requires training for effective implementation, an alternative for organizations to consider is establishment of abbreviated, readily available Immediate Response Directions established for each kind of potential emergency situation or accident. Such an emergency response plan might consist of a laminated card prepared for each potential emergency situation or accident and providing specific responsibilities and associated actions for employees and visitors, supervisors, emergency coordinators, and emergency directors.
Under the Emergency Preparedness and Response requirement of ISO 14001:2004 (§4.4.7), the organization is required to establish procedures for identifying the potential for and responding to emergency situations and accidents that can have an impact on the environment.
Identification of Potential Emergency and Accident Situations – Experience indicates that organizations infrequently have a preexisting procedure for identifying potential emergency and accident situations.
The norm is to establish emergency and accident responses for a variety of emergency and accident situations irrespective of the potential for their occurrence. But ISO 14001 is specific about requiring a procedure to identify the potential for emergency situations and accidents. Adhering to the requirement of the procedure is a valuable exercise that helps organizations identify weaknesses in their own emergency planning and to plan for that which is most likely to occur.
Because many environmental impacts of an emergency or accident situation are secondary in nature, it appears that all potential emergency or accident situations need to be identified before a determination of environmental impacts can be made. An organization that attempts to identify potential emergency or accident situations based on a review of its environmental aspects would likely miss the environmental impact potential of, say, an automobile accident.
There are five steps implied by the emergency preparedness and response requirement:
1) Identify the potential for emergency situations and accidents of all kinds;
2) Paying particular attention to the potential environmental impacts of accidents and emergency situations, identify how the organization can prevent and mitigate associated adverse environmental impacts;
3) Determine how the organization and its employees should respond to emergency situations and accidents;
4) Periodically simulate emergency situations to test response capabilities; and,
5) Review and revise procedures based on experience derived from actual and simulated emergency situations and accidents.
Accident and Emergency Situation Identification – In order to identify potential for and responding to emergency situations and accidents, the organization should develop a procedure for systematically identifying accident and emergency situations, evaluating their probability of occurrence, their likely consequences, and their severity.
Organizations often engage risk management specialists to assist in the identification of potential emergency or accident situations that could lead to human injury, environmental damage, or economic loss. While many checklists are available to facilitate this kind of evaluation, there is virtually no substitute for physical evaluation of facilities by knowledgeable personnel, whether employees or outside professionals.
Emergency Response Procedures – The organization is required to develop procedures for responding to emergency situations and accidents when they occur. Typically, response procedures include identifying public emergency response agencies and their capabilities, identifying individuals within the organization who are trained and able to provide assistance in emergencies, establishing an emergency communications network, and providing emergency lighting, signage, and equipment. Because Emergency Response Procedures are based on identified potential emergency situations and accidents specific to the organization, the emergency response plan will be unique for each organization.
Periodic Testing – The value of conducting emergency response exercises lies not only with simulating situations that could occur but also in identifying flaws in the response plan. Practice drills can be the most effective test of the system to give employees, emergency response personnel, and management the opportunity to walk through the plan and gain familiarity with its procedures. While a full-dress response exercise is valuable, testing of procedures can be effectively done on much smaller scales and still provide the benefits of testing. Above all, the organization should not let the impracticality of a full-dress exercise keep it from testing sub elements of the emergency response plan.
Review and Revise – ISO 14001 calls for continual improvement of the EMS. Periodically reviewing and revising emergency response plans based on the experience gained from the occurrence of emergency situations or accidents or in testing response plans is an example of continual improvement.
Written Response Plans – Many written emergency response plans are too cumbersome to be of value in an emergency situation – their value depends entirely upon previous training of persons who will be called upon to execute them. Yet, many organizations fail to provide the emergency response training necessary to make the plans functional.
Keeping in mind that even the simplest, most direct emergency response plan requires training for effective implementation, an alternative for organizations to consider is establishment of abbreviated, readily available Immediate Response Directions established for each kind of potential emergency situation or accident. Such an emergency response plan might consist of a laminated card prepared for each potential emergency situation or accident and providing specific responsibilities and associated actions for employees and visitors, supervisors, emergency coordinators, and emergency directors.
Migration to ISO 9001:2008
Migration To ISO 9001:2008
The International Accreditation Forum (IAF) and the International Organization for
Standardization (ISO) have agreed on an implementation plan to ensure a smooth transition of
accredited certification to ISO 9001:2008, the latest version of the world's most widely used
standard for quality management systems (QMS). The details of the plan are given in the joint
communiqué by the two organizations which appears below.
Like all of ISO's more than 17 000 standards, ISO 9001 is periodically reviewed to ensure that it
is maintained at the state of the art and a decision taken to confirm, withdraw or revise the
document.
ISO 9001:2008, which is due to be published before the end of the year, will replace the year
2000 version of the standard which is implemented by both business and public sector
organizations in 170 countries. Although certification is not a requirement of the standard, the
QMS of about one million organizations have been audited and certified by independent
certification bodies (also known in some countries as registration bodies) to ISO 9001:2000.
ISO 9001 certification is frequently used in both private and public sectors to increase
confidence in the products and services provided by certified organizations, between partners
in business-to-business relations, in the selection of suppliers in supply chains and in the right
to tender for procurement contracts.
ISO is the developer and publisher of ISO 9001, but does not itself carry out auditing and
certification. These services are performed independently of ISO by certification bodies. ISO
does not control such bodies, but does develop voluntary International Standards to
encourage good practice in their activities on a worldwide basis. For example, ISO/IEC
17021:2006 specifies the requirements for bodies providing auditing and certification of
management systems.
Certification bodies that wish to provide further confidence in their services may apply to be
"accredited" as competent by an IAF recognized national accreditation body. ISO/IEC
17011:2004 specifies the requirements for carrying out such accreditation. IAF is an
international association whose membership includes the national accreditation bodies of 49
economies.
ISO technical committee ISO/TC 176, Quality management and quality assurance, which is
responsible for the ISO 9000 family of standards, is preparing a number of support documents
explaining what the differences are between ISO 9001:2008 and the year 2000 version, why
and what they mean for users. Once approved, these documents will be posted on the ISO
Web site – probably in October 2008.
ISO (International Organization for Standardization) and the IAF (International Accreditation
Forum) have agreed an implementation plan to ensure a smooth migration of accredited
certification to ISO 9001:2008, after consultation with international groupings representing
quality system or auditor certification bodies, and industry users of ISO 9001 certification
services.
ISO 9001:2008 does not contain any new requirements
They have recognized that ISO 9001:2008 introduces no new requirements. ISO 9001:2008
only introduces clarifications to the existing requirements of ISO 9001:2000 based on eight
years of experience of implementing the standard world wide with about one million
certificates issued in 170 countries to date. It also introduces changes intended to improve
consistency with ISO14001:2004
The agreed implementation plan in relation to accredited certification is therefore the
following:
Accredited certification to the ISO 9001:2008 shall not be granted until the publication of ISO
9001:2008 as an International Standard.
Certification of conformity to ISO 9001:2008 and/or national equivalents shall only be issued
after official publication of ISO 9001:2008 (which should take place before the end of 2008)
and after a routine surveillance or recertification audit against ISO 9001:2008.
Validity of certifications to ISO 9001:2000
One year after publication of ISO 9001:2008 all accredited certifications issued (new
certifications or recertifications) shall be to ISO 9001:2008.
Twenty four months after publication by ISO of ISO 9001:2008, any existing certification issued
to ISO 9001:2000 shall not be valid.
The International Accreditation Forum (IAF) and the International Organization for
Standardization (ISO) have agreed on an implementation plan to ensure a smooth transition of
accredited certification to ISO 9001:2008, the latest version of the world's most widely used
standard for quality management systems (QMS). The details of the plan are given in the joint
communiqué by the two organizations which appears below.
Like all of ISO's more than 17 000 standards, ISO 9001 is periodically reviewed to ensure that it
is maintained at the state of the art and a decision taken to confirm, withdraw or revise the
document.
ISO 9001:2008, which is due to be published before the end of the year, will replace the year
2000 version of the standard which is implemented by both business and public sector
organizations in 170 countries. Although certification is not a requirement of the standard, the
QMS of about one million organizations have been audited and certified by independent
certification bodies (also known in some countries as registration bodies) to ISO 9001:2000.
ISO 9001 certification is frequently used in both private and public sectors to increase
confidence in the products and services provided by certified organizations, between partners
in business-to-business relations, in the selection of suppliers in supply chains and in the right
to tender for procurement contracts.
ISO is the developer and publisher of ISO 9001, but does not itself carry out auditing and
certification. These services are performed independently of ISO by certification bodies. ISO
does not control such bodies, but does develop voluntary International Standards to
encourage good practice in their activities on a worldwide basis. For example, ISO/IEC
17021:2006 specifies the requirements for bodies providing auditing and certification of
management systems.
Certification bodies that wish to provide further confidence in their services may apply to be
"accredited" as competent by an IAF recognized national accreditation body. ISO/IEC
17011:2004 specifies the requirements for carrying out such accreditation. IAF is an
international association whose membership includes the national accreditation bodies of 49
economies.
ISO technical committee ISO/TC 176, Quality management and quality assurance, which is
responsible for the ISO 9000 family of standards, is preparing a number of support documents
explaining what the differences are between ISO 9001:2008 and the year 2000 version, why
and what they mean for users. Once approved, these documents will be posted on the ISO
Web site – probably in October 2008.
ISO (International Organization for Standardization) and the IAF (International Accreditation
Forum) have agreed an implementation plan to ensure a smooth migration of accredited
certification to ISO 9001:2008, after consultation with international groupings representing
quality system or auditor certification bodies, and industry users of ISO 9001 certification
services.
ISO 9001:2008 does not contain any new requirements
They have recognized that ISO 9001:2008 introduces no new requirements. ISO 9001:2008
only introduces clarifications to the existing requirements of ISO 9001:2000 based on eight
years of experience of implementing the standard world wide with about one million
certificates issued in 170 countries to date. It also introduces changes intended to improve
consistency with ISO14001:2004
The agreed implementation plan in relation to accredited certification is therefore the
following:
Accredited certification to the ISO 9001:2008 shall not be granted until the publication of ISO
9001:2008 as an International Standard.
Certification of conformity to ISO 9001:2008 and/or national equivalents shall only be issued
after official publication of ISO 9001:2008 (which should take place before the end of 2008)
and after a routine surveillance or recertification audit against ISO 9001:2008.
Validity of certifications to ISO 9001:2000
One year after publication of ISO 9001:2008 all accredited certifications issued (new
certifications or recertifications) shall be to ISO 9001:2008.
Twenty four months after publication by ISO of ISO 9001:2008, any existing certification issued
to ISO 9001:2000 shall not be valid.
Nonconformity, Corrective Action and Preventive Action
Nonconformity, Corrective Action and Preventive Action in ISO 14001 EMS
The intent of §4.5.3 is that the organization put in place procedures for 1) identifying actual and potential nonconformities to EMS requirements, 2) taking appropriate corrective or preventive action, and 3) reviewing the effectiveness of corrective or preventive actions taken.
The nonconformity requirement of ISO 14001:1996 was a passive requirement in that it was only triggered when a nonconformity came to the attention of the organization through one of the other EMS procedures, such as the EMS audit or management review. ISO 14001:2004, however, requires that the organization establish and maintain procedures to identify actual or potential nonconformities, determine their causes, take action to avoid recurrence or occurrence, record results, and review effectiveness of corrective or preventive actions.
How the organization goes about identifying actual or potential nonconformities is up to it to determine. From the standpoint of registration auditors, it would seem that they would want to see a specific procedure requiring members of the organization to conduct some kind of periodic checklist driven, walk-through inspection for nonconformities. In addition, the procedure should allow for submission of nonconformities by any member of the organization. Actual nonconformities are usually fairly evident and relatively easy to investigate because there is a tangible occurrence with which to deal. The organization should also want to evaluate minor instances of nonconformity that, while not significant in and of themselves, if they occurred under different circumstances, could lead to a significant deviation from the EMS. Such “near misses” could be identified by the occurrence of a sudden, unexpected event, a failure to achieve an objective or target, or a deviation from the Environmental Policy.
Potential nonconformities are more difficult to identify and correct. Here, application of Failure Mode and Effects Analysis would be appropriate for organizations having that capability.
When investigating nonconformities, organizations should focus on identifying underlying root causes, not just the immediate manifestation of the problem. If a chemical storage drum leaks, the organization should take action, first, to mitigate the damage and, then, to determine why the leak occurred; e.g., improper or negligent handling, mechanical failure, or lack of a leak detection system. Corrective or preventive actions should then focus on eliminating the cause through training, communication of procedures, use of leak-resistant drums, or installation of a leak detection system.
Other ISO 14001 sections, principally Emergency Preparedness and Response, Internal Audit, and Management Review, are tools that the organization implements in order to help identify instances of actual or potential nonconformity. The underlying principle of these sections is that the identification of nonconformities should be made by the organization through diligent application of these tools, not from the occurrence of an environmental event, a customer or community complaint, or investigation by a regulatory authority. While §4.5.3 does not specifically mention disciplinary action, in many cases disciplinary action or the threat of disciplinary action is appropriate to prevention of future nonconformities. Many organizations have written codes of conduct that give employees notice that deviations from the codes will not be tolerated and that prescribed penalties can result for infractions. These codes can be expanded to include penalties for deviations from the EMS. If so, penalties should be commensurate with the violation itself and should acknowledge the nature of the environmental damage, the degree of negligence, prior conduct, and the forthrightness of the employee being disciplined. Any such code and its remedies should be administered fairly and consistently and should have as its objective correction and prevention of EMS nonconformities, not punishment of employees.
Finally, identification, investigation, and correction of nonconformities leads to the need to revise documented procedures.
The intent of §4.5.3 is that the organization put in place procedures for 1) identifying actual and potential nonconformities to EMS requirements, 2) taking appropriate corrective or preventive action, and 3) reviewing the effectiveness of corrective or preventive actions taken.
The nonconformity requirement of ISO 14001:1996 was a passive requirement in that it was only triggered when a nonconformity came to the attention of the organization through one of the other EMS procedures, such as the EMS audit or management review. ISO 14001:2004, however, requires that the organization establish and maintain procedures to identify actual or potential nonconformities, determine their causes, take action to avoid recurrence or occurrence, record results, and review effectiveness of corrective or preventive actions.
How the organization goes about identifying actual or potential nonconformities is up to it to determine. From the standpoint of registration auditors, it would seem that they would want to see a specific procedure requiring members of the organization to conduct some kind of periodic checklist driven, walk-through inspection for nonconformities. In addition, the procedure should allow for submission of nonconformities by any member of the organization. Actual nonconformities are usually fairly evident and relatively easy to investigate because there is a tangible occurrence with which to deal. The organization should also want to evaluate minor instances of nonconformity that, while not significant in and of themselves, if they occurred under different circumstances, could lead to a significant deviation from the EMS. Such “near misses” could be identified by the occurrence of a sudden, unexpected event, a failure to achieve an objective or target, or a deviation from the Environmental Policy.
Potential nonconformities are more difficult to identify and correct. Here, application of Failure Mode and Effects Analysis would be appropriate for organizations having that capability.
When investigating nonconformities, organizations should focus on identifying underlying root causes, not just the immediate manifestation of the problem. If a chemical storage drum leaks, the organization should take action, first, to mitigate the damage and, then, to determine why the leak occurred; e.g., improper or negligent handling, mechanical failure, or lack of a leak detection system. Corrective or preventive actions should then focus on eliminating the cause through training, communication of procedures, use of leak-resistant drums, or installation of a leak detection system.
Other ISO 14001 sections, principally Emergency Preparedness and Response, Internal Audit, and Management Review, are tools that the organization implements in order to help identify instances of actual or potential nonconformity. The underlying principle of these sections is that the identification of nonconformities should be made by the organization through diligent application of these tools, not from the occurrence of an environmental event, a customer or community complaint, or investigation by a regulatory authority. While §4.5.3 does not specifically mention disciplinary action, in many cases disciplinary action or the threat of disciplinary action is appropriate to prevention of future nonconformities. Many organizations have written codes of conduct that give employees notice that deviations from the codes will not be tolerated and that prescribed penalties can result for infractions. These codes can be expanded to include penalties for deviations from the EMS. If so, penalties should be commensurate with the violation itself and should acknowledge the nature of the environmental damage, the degree of negligence, prior conduct, and the forthrightness of the employee being disciplined. Any such code and its remedies should be administered fairly and consistently and should have as its objective correction and prevention of EMS nonconformities, not punishment of employees.
Finally, identification, investigation, and correction of nonconformities leads to the need to revise documented procedures.
Evaluation of Compliance of ISO 14001 EMS
Evaluation Of Compliance Of ISO 14001 EMS
The requirement to establish a procedure for periodically evaluating compliance with applicable legal and other requirements falls short of specifically requiring regulatory compliance audits but, in fact, a system of regular regulatory compliance audits may be the most practical means for meeting this requirement of the standard. In the U.S., determination of whether to conduct a compliance audit will be governed in part by the particular jurisdiction’s approach to allowing a legal privilege for the self-assessment audit.
Evaluation vs. Audit – The difference between an evaluation and audit can only be determined by looking outside of ISO 14001. Consulting a dictionary reveals that an evaluation involves a determination of value or worth and that an audit is an examination of accounts done by persons appointed for the purpose. A better definition `is the more specific ISO 19011:2002, Guidelines for Quality and/or Environmental Management Systems Auditing, which defines an audit as a “systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.” Many organizations do not have a system for evaluating regulatory compliance other than their own records and the inspections of regulatory officials. This lack of a verification system can be a risky way to operate. Reports of enforcement actions and consent agreements show that many organizations are blindsided by rogue employees who violate rules and falsify documents to cover up environmental misdeeds. Although ISO 14001 does not prescribe a specific approach to evaluation of regulatory compliance, organizations should consider methods for going beyond verification of records by collecting and evaluating physical evidence.
The requirement to establish a procedure for periodically evaluating compliance with applicable legal and other requirements falls short of specifically requiring regulatory compliance audits but, in fact, a system of regular regulatory compliance audits may be the most practical means for meeting this requirement of the standard. In the U.S., determination of whether to conduct a compliance audit will be governed in part by the particular jurisdiction’s approach to allowing a legal privilege for the self-assessment audit.
Evaluation vs. Audit – The difference between an evaluation and audit can only be determined by looking outside of ISO 14001. Consulting a dictionary reveals that an evaluation involves a determination of value or worth and that an audit is an examination of accounts done by persons appointed for the purpose. A better definition `is the more specific ISO 19011:2002, Guidelines for Quality and/or Environmental Management Systems Auditing, which defines an audit as a “systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.” Many organizations do not have a system for evaluating regulatory compliance other than their own records and the inspections of regulatory officials. This lack of a verification system can be a risky way to operate. Reports of enforcement actions and consent agreements show that many organizations are blindsided by rogue employees who violate rules and falsify documents to cover up environmental misdeeds. Although ISO 14001 does not prescribe a specific approach to evaluation of regulatory compliance, organizations should consider methods for going beyond verification of records by collecting and evaluating physical evidence.
Wednesday, August 26, 2009
ISO 14001 STANDARD
ISO 14001 is in fact a series of international standards on environmental management. It provides a framework for the development of an [url=htttp://www.iso9001store.com/]environmental management system[/url] and the supporting audit programme.
The ISO 14001 series emerged primarily as a result of the Uruguay round of the GATT negotiations and the Rio Summit on the Environment held in 1992. While GATT concentrates on the need to reduce non-tariff barriers to trade, the Rio Summit generated a commitment to protection of the environment across the world.
After the rapid acceptance of ISO 9000, and the increase of environmental standards around the world, the International Standards Organisation (ISO) assessed the need for international environmental management standards. They formed the Strategic Advisory Group on the Environment (SAGE) in 1991, to consider whether such standards could serve to:
Promote a common approach to environmental management similar to quality management;Enhance organizations’ ability to attain and measure improvements in environmental performance; andFacilitate trade and remove trade barriers.In 1992, SAGE’s recommendations created a new committee, TC 207, for international environmental management standards. This committee and its sub-committees included representatives from industry, standards organizations, government and environmental organizations from many countries. What developed was a series of ISO14000 standards designed to cover:
-environmental management systems-environmental auditing-environmental performance evaluation-environmental labelling-life-cycle assessment-environmental aspects in product standards
ISO 14001 was first published as a standard in 1996 and it specifies the actual requirements for an environmental management system. It applies to those environmental aspects over which an organization has control and where it can be expected to have an influence.
ISO 14001 is often seen as the corner-stone standard of the ISO 14000 series. It specifies a framework of control for an Environmental Management System and is the only ISO 14000 standard against which it is currently possible to be certified by an external certification body. However, it does not in itself state specific environmental performance criteria.
The ISO 14001 series emerged primarily as a result of the Uruguay round of the GATT negotiations and the Rio Summit on the Environment held in 1992. While GATT concentrates on the need to reduce non-tariff barriers to trade, the Rio Summit generated a commitment to protection of the environment across the world.
After the rapid acceptance of ISO 9000, and the increase of environmental standards around the world, the International Standards Organisation (ISO) assessed the need for international environmental management standards. They formed the Strategic Advisory Group on the Environment (SAGE) in 1991, to consider whether such standards could serve to:
Promote a common approach to environmental management similar to quality management;Enhance organizations’ ability to attain and measure improvements in environmental performance; andFacilitate trade and remove trade barriers.In 1992, SAGE’s recommendations created a new committee, TC 207, for international environmental management standards. This committee and its sub-committees included representatives from industry, standards organizations, government and environmental organizations from many countries. What developed was a series of ISO14000 standards designed to cover:
-environmental management systems-environmental auditing-environmental performance evaluation-environmental labelling-life-cycle assessment-environmental aspects in product standards
ISO 14001 was first published as a standard in 1996 and it specifies the actual requirements for an environmental management system. It applies to those environmental aspects over which an organization has control and where it can be expected to have an influence.
ISO 14001 is often seen as the corner-stone standard of the ISO 14000 series. It specifies a framework of control for an Environmental Management System and is the only ISO 14000 standard against which it is currently possible to be certified by an external certification body. However, it does not in itself state specific environmental performance criteria.
IS0 14001 HISTORICAL DEVELOPMENT
Firstly ISO 14000 environment system standards was prepared in June of 1992 year in Rio at world apex and this standard brooks decisions of this world apex and Rio contract principles. After 1 year, ISO established one technique committee which is yielded by 50 different country representatives to prepare international environment management system in 1993 year. ISO 14001 environment management system standard was issued in September of 1996 year with works of this committee. ISO 14001 standard is used as voluntary now but ISO 14001 will be burden by coercions of societies, international organizations, states in the future. Levels which environment management system passed are the following briefly:
= Europe community countries issued I action plan in 1973 year (to practice protecting preventions of environment )= BS 7750 Standard in 1992= Rio Declaration in 1992 year= ISO/TC 207. Environmental management technique committee was established in 1993 year to develop ISO 14000 family standards= TS 9719 standard (environment management system – General features) in 1994 year= ISO 14001 standard in 1996 year= ISO 14001 current version in April of 2005 Nisan 2005
The www.iso9001store.com website provided the software very helpful to my company.
= Europe community countries issued I action plan in 1973 year (to practice protecting preventions of environment )= BS 7750 Standard in 1992= Rio Declaration in 1992 year= ISO/TC 207. Environmental management technique committee was established in 1993 year to develop ISO 14000 family standards= TS 9719 standard (environment management system – General features) in 1994 year= ISO 14001 standard in 1996 year= ISO 14001 current version in April of 2005 Nisan 2005
The www.iso9001store.com website provided the software very helpful to my company.
Subscribe to:
Posts (Atom)