Requirement Of ISO 14001 Standards

REQUIREMENTS OF ISO 14001In order to effectively implement and benefit from an ISO 14001 EMS, it is important tohave an understanding of the standard’s requirements. A quick review of the standardshows that it is structured following the Plan, Do, Check, Improve philosophy of theTotal Quality Management movement, as follows:PLAN4.2 Policy4.3 PlanningDO4.4 Implementation and OperationCHECK4.5 Checking and Corrective ActionIMPROVE4.6 Management ReviewWithin these five elements are 17 sub-elements stating the various requirements.4.2 Policy4.3 Planning4.3.1 Environmental Aspects4.3.2 Legal and Other Requirements4.3.3 Objectives and Targets4.4.4 Environmental Management Programs4.4 Implementation and Operation4.4.1 Structure and Responsibility4.4.2 Training Awareness and Competence4.4.3 Communications4.4.4 EMS Documentation4.4.5 Document Control4.4.6 Operation Control4.4.7 Emergency Planning and Response4.5 Checking and Corrective Action4.5.1 Monitoring and Measurement4.5.2 Nonconformance, Corrective, and Preventive Action4.5.3 Records4.5.4 EMS Audit4.6 Management ReviewWithin these 17 sub-elements are all of the requirements, or “shalls”, necessary to conform to ISO 14001. There is no substitute for reading the standard in terms of recognizing the requirements. As a matter of fact, no auditor should embark on an audit without having easily available the criteria to which they are doing the audit. However,below we briefly summarize the key points of the sub-elements. This summary is not intended to be a replacement for ISO 14001, and should not be used exclusively as such during an audit.Detailed Section by Section Summary4.2 PolicyISO 14001 requires that the organization have a policy statement to drive the EMS.These tend to be short, one page or less documents, and simply affirm the commitments. There is no expectation that specific details be noted in the policy. For example, the commitment to pollution prevention can simply be stated saying, “we are committed to prevention of pollution”. The policy must be clearly endorsed by top management and be available to the public and employees. Although the availability to the public can be rather passive; i.e. “is here if they want it”, there is an expectation that the employee awareness is more proactive. Section 4.2 of ISO 14001 lists the other requirements of the policy.4.3.1 Environmental AspectsThis element requires a procedure that not only identifies the aspects and impacts, but also provides for determination of significance, and keeping the information up to date.ISO 14001 does not prescribe what aspects should be significant, or even how todetermine significance. However, it is expected the organization will develop aconsistent and verifiable process to do so.4.3.2 Legal and Other RequirementsThis is a requirement for a procedure that explains how the organization obtainsinformation regarding its legal and other requirements, and makes that informationknown to key functions. This is not the assessment or compliance audit requirement, butrather a more up front determination of requirements.4.3.3 Objectives and TargetsThere is no requirement for a procedure in this element, only that objectives and targetsbe documented. It does require that certain items be considered in developing theobjectives, such as legal requirements and prevention of pollution. It is sometimeseasiest to develop a procedure anyway for this element to be able to verify theseconsiderations were made.4.3.4 Environmental Management Programs (EMP)EMPs are the detailed plans and programs explaining how the objectives and targets willbe accomplished. These EMPs usually note responsible personnel, milestones and dates,and measurements of success. Noting monitoring and measurement parameters directlyin the EMP facilitates conforming to 4.5.1 on Monitoring and Measurement discussedbelow.4.4.1 Structure and ResponsibilityISO 14001 requires that the relevant management and accountability structure be definedin this element. This usually takes the form of an organizational chart. Also, theorganization must denote the Management Representative who is responsible to overseethe EMS and report to management on its operation.4.4.2 Training Awareness and CompetenceThe key point in this element is that personnel must receive applicable training regardingthe EMS. Specific requirements are itemized in ISO 14001, and include general,company-wide items such as knowing the policy, to more function-specific training onaspects and emergency response. An organization usually responds to this element with atraining matrix, cross-referencing to training materials and records.4.4.3 CommunicationsProcedures are required for both internal and external communications. Note that ISO14001 only requires procedures, and allows the organization to decide for itself thedegree of openness and disclosure of information. Whatever the decision in terms ofdisclosure, that decision process must be recorded.4.4.4 EMS DocumentationThis requirement is simply that the organization has documented the system in either electronic or paper form such that it addresses the elements of the standard and providesdirection to related documentation. Not all ISO 14001-required procedures need to bedocumented, as long as the system requirements can be verified.4.4.5 Document Control.Procedures are required to control documents, such as system procedures and work instructions, and to ensure that current versions are distributed and obsolete versions areremoved from the system.4.4.6 Operational ControlThis element is the one which connects the EMS with the organization as a whole. Here,the critical functions related to significant aspects and objectives and targets are identified and procedures and work instructions created to ensure proper execution of activities.Requirements for communicating applicable system requirements to contractors are also addressed.4.4.7 EmergencyPlanning and Response Although typically addressed through conventional emergency response plans, thiselement also requires that a process exist for identifying the potential emergencies, inaddition to planning and mitigating them. A linkage to the aspects analysis, where impacts are assessed, is appropriate. Emergency incidents include those that may not be regulated, but may still cause significant impact as defined by the organization.4.5.1 Monitoring and MeasurementProcedures are required describing how the organization will monitor and measure key parameters of operations. These parameters relate to the significant aspects, objectives and targets and legal and regulatory compliance. In order to properly manage the system, measurements must be taken of its performance to provide data for action. Responses to this element usually cross reference to many other specific procedures and work instructions describing measurement and equipment calibration. It is in this element thatwe find the requirement for what is commonly referred to as a compliance audit.4.5.2 Nonconformance, Corrective, and Preventive ActionThis element requires procedures for acting on Non-conformances identified in the system, including corrective and preventive action. Non-conformances may be identified through audits, monitoring and measurement, and communications. The intent is to correct thesystem flaws. Typically, Corrective Action Report (CAR) forms are the norm, noting the nonconformance, the suggested fix, and closure of the action when completed. Note that this requirement does not imply in any way that the party identifying the nonconformance must be the one to suggest the fix. Instead, it is expected that the system provide for theinformation to be routed to the most appropriate party to address the concern.4.5.3 RecordsRecords are expected to exist to serve as verification of the system operating. For example, records include audit reports and training records. Unlike controlleddocuments, records are “once and done” documents, resulting from the execution of some process or procedure. Procedures in this element are required for the maintenance of records.4.5.4 EMS AuditsISO 14001 requires that the system provide for internal audits. This procedures(s) will include methodologies, schedules, and processes to conduct the audits. Interestingly, the EMS audit will in essence, audit the audit process itself!4.6 Management ReviewThis element requires that periodically, top management will review the EMS to ensure itis operating as planned. If not, resources must be provided for corrective action. For areas where there are no problems, the expectation is that with time, management will provide for improvement programs. Usually there is no detailed procedure for thiselement, although records of agendas, attendance, and agreed upon action items aremaintained as verification.