Evaluation of Compliance In ISO 14001 Standards
The requirement to establish a procedure for periodically evaluating compliance with applicable legal and other requirements falls short of specifically requiring regulatory compliance audits but, in fact, a system of regular regulatory compliance audits may be the most practical means for meeting this requirement of the standard. In the U.S., determination of whether to conduct a compliance audit will be governed in part by the particular jurisdiction’s approach to allowing a legal privilege for the self-assessment audit.
Evaluation vs. Audit – The difference between an evaluation and audit can only be determined by looking outside of ISO 14001. Consulting a dictionary reveals that an evaluation involves a determination of value or worth and that an audit is an examination of accounts done by persons appointed for the purpose. A better definition `is the more specific ISO 19011:2002, Guidelines for Quality and/or Environmental Management Systems Auditing, which defines an audit as a “systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled.” Many organizations do not have a system for evaluating regulatory compliance other than their own records and the inspections of regulatory officials. This lack of a verification system can be a risky way to operate. Reports of enforcement actions and consent agreements show that many organizations are blindsided by rogue employees who violate rules and falsify documents to cover up environmental misdeeds. Although ISO 14001 does not prescribe a specific approach to evaluation of regulatory compliance, organizations should consider methods for going beyond verification of records by collecting and evaluating physical evidence.