ISO 14001

1. Introduction
2. Overview
3. Global adoption
4. Benefits
5. Auditing
6. Choosing a registrar
7. Route to registration
8. Costs
9. Contributing editor

After the adoption of QMS Standards – which eventually lead to ISO 9001 - it was recognised that the same Plan Do Check Act elements could be applied to environmental management systems.

From the 1970s onwards there was greater international awareness of modern society’s impact on the environment and what we know call sustainability.  BSI introduced BS 7750 in 1992 and early versions of ISO 14001 were developed from 1992 onwards.

The current version is ISO 14001:2004. It is key to remember that this is an environmental management system (EMS) for environmental policy, compliance, training, improvement and operational controls.

ISO 14001 is not evidence of any particular scientific or technological standards or approaches being used by an organisation to manage their environmental impact - as is sometimes mistakenly believed - although it can be adapted by organisations who have such processes and want to manage their development through an EMS framework.

ISO 14001 is used for certification/registration although there is no necessity to have this third party approval unless an organisation desires it or is required by customers to do so i.e. an organisation can implement an ISO 14001 EMS without having a third party assessment.

The main requirements of ISO 14001:2004 are categorized into the following subjects:

• Policy (which includes a commitment to prevent pollution)
• Environmental aspects and impacts; environmental planning
• Management review
• Evaluation of legal and other requirements
• Implementation and operation
• Training and competency of staff and contractors
• Emergency preparedness and response to pollution and other unplanned environmental events
• Performance assessment
• Improvement

ISO 14001 can be implemented alongside ISO 9001:2008, BS OHSAS 18001 or other Standards e.g. Excellence Model, PAS 99. The trend is towards integrating management systems and there is strong commonality in certain areas such internal audit and management review as well as operational controls. Guidance on implementation can be found in books published by ISO amongst others.

ISO 14001 relevant to your organization?

ISO 14001 can be applicable to any organisation including public sector. It is increasingly becoming adopted in the service sector – including purely office based organisations - as well as more traditional manufacturing, transportation and built environment industries.

Based on an ISO survey in 2002 nearly 50,000 organisations worldwide had adopted ISO 14001 and this figure is now much higher as take up in the service sectors and built environment alone have dramatically increased in the last few years.

These depend on an organisations direct and indirect impact on the environment and their sustainable goals but would include:

• Improved business focus
• A more holistic approach to managing environmental  risks including reputational and financial risks to the organisation of non-compliance
• Reduced bureaucracy and parallel processes; yes, this is true! Management systems lead to less bureaucracy if they are properly implemented
• More effective and efficient audits both internally and externally

 

Of course, at least some reduced impact on the environment, be it through less energy consumption, less emissions or waste and less wasteful business processes. Some organisations can also support biodiversity protection through their EMS. Whilst not part of ISO 14001 some organisations will implement their Corporate Social Responsibility (CSR) policies and activities alongside their EMS. Synergies can be drawn between the two.

Organizations adopting ISO 14001 will find it provides a basis for integrated internal auditing. If the organisation already has ISO 9001 it may adapt the existing audit programme but with further staff training. Those components that are common such as documentation, records, training, audit process, review process, corrective and preventive action etc. do not need to be audited for each system but just once should suffice. This enables the opportunity for a greater focus on compliance and operational control issues and a reduction in audit time internally. Separate third party assessments can be obtained or combined or integrated options can be sought.

There are over 1000 certification bodies (CBs) globally. It is important to select an approved certification body and to ensure they comply with the following criteria:

• Ensure the CB is accredited to ISO/IEC 17021:2006, and the certification body accreditation is issued by a recognised competent body.
• Receive quotations from several CBs. Please do not just look at day rates quoted by the CB but verify if they charge expenses and other fees on top that effectively increase the day rates quoted.
• With ISO 14001, the CB will quote days based on how they assess the environmental risks of your industry i.e. the higher the environmental risks the more days of assessment. Sometimes, different CBs may assess the level of risks slightly differently and this will impact on the number of assessment days quoted. 
• Do not select the cheapest as their auditing or service may be below standard,
• Ensure the certification body is recognised by your customers and they  have relevant sector experience for your industry
• You are not obliged to use the services of an accredited certification body, in some countries you may find a certification body that recognised in your country, your customers, delivers a high level of service and operates under strident accreditation guidelines and rules.  However, if you do not use an accredited certification body you are likely to find that your ISO 14001 certificate will not be accepted as part of tender requirements and some blue chip customers may also query the validity of your certificate. If you have an international customer base please check your CB is accredited in your customer’s territory. The CB should be only too happy to clarify this for you if you are unsure.

There are various phases to registration:

1. Pre-audit Assessment
   • Check documentation with auditor
     Together, you and your auditor will review your documentation. This will ensure that all documented procedures cover the requirements of ISO 14001:2004.
   • Determine date of assessment
     Together with your auditor you will determine the best timetable for your registration and agree on a date for initial assessment. Many organizations benefit from a pre-assessment or "gap analysis" of the formal assessment prior to this.
2. Initial Assessment
   • An initial assessment will be conducted by your lead assessor. Sometimes there will be other assessors on the team. You will be informed of his recommendation at the closing meeting.
3. Registration Confirmation
   Following your auditors recommendation, your registration will be confirmed by the technical reviewers.
   • Certificate Issued
     Your certificate of registration will arrive soon after your registration has been confirmed.
4. Continued Assessment
   After registration your nominated auditor will visit your organization every 6 months or annually to ensure that your management system continues to meet the requirements of ISO 14001:2004.
5. Reassessment
   Your registrar is required to perform a reassessment of your management system every 3 years. This is normally 2/3 of the initial assessment duration. At the end of the closing meeting your auditor will confirm the outcome of the reassessment.

The answer depends on a number of factors. There are costs to both implement and to maintain your certification.

Implementation Costs

In terms of costs to implement, if you choose a full do-it-yourself approach, the only real costs will be the time for resources dedicated to the implementation process and in time spent writing documents and training your staff. If you have little experience with an EMS, or have limited internal resources, you might choose to get some outside professional help through a management system consultant. There are advantages by recruiting a consultant as you are able to guarantee your registration within a given period.

Certification Costs

Costs of registration are dependent on the size of your organization. Most registrars charge a certain rate per day to be on-site at your facility. This day rate will vary depending on your country, the typical day rate in the United Kingdom will vary between £400 and £900 per auditor day depending on the registrar. Small companies with less than 20 staff could expect one auditor on site for 1-3 days; Large companies can expect several auditors on site for up to up to 10-15 days depending on the environmental risk of the industry sector.

Other fees can include application fees, certificate fees, assessor expenses or annual licence fees.

To maintain your certification, the registrar must return annually to audit a portion of your system. These costs will be less than the original visit, since the time spent will be shorter. Once every three years, the registrar returns to audit your entire system.

Alan C. Field, MA, LL.B (Hons), PgC, MCQI CQP, MIIRSM, AIEMA, GiFireE, GradIOSH

Alan is the director of Highdown Management Services Ltd and an experienced consultant, author, trainer and third party lead assessor in all aspects of integrated management systems. He is also a principal examiner for the CQI membership examinations.