I am quite sure that you have heard that ISO 14001 has an updated version, available now. So after 11 years (yes it’s been that long!) of getting used to the present requirements it’s all change again. As I said in a previous blog most of us don’t like change so I am sure many people will be asking lots of questions starting with when, what and why. In this blog I will try to answer some of the questions and hopefully allay any fears that may surround the coming update. Having been involved with QHSE for over 25 years I have seen huge changes to environmental management and both company’s and the public’s interpretation of environmental management and the environment on the whole.
When will ISO 14001 be available?
- A final version of ISO 14001: 2015 is now available to purchase from BSI.
- The final approved version of ISO 9001:2015 is also now available to purchase from BSI.
How long will ISO 14001:2004 continue to be recognized and audited to?
- The current standard will be recognized and can be audited until the end of the 3 year transition period for ISO 14001:2015 (expected end of 2018).
What are the main changes to ISO 14001?
There are now 10 clauses not 8 as before; but don’t panic there are 2 more new ones on top of the old 8, as the clauses are better organized round a new 10 clause structure which all the other management system standards will follow in the future (including ISO 14001 and ISO 45001; previously known as OHSAS 18001 and I will cover those standards in future blogs). The High Level Structure for all Management System Standards is shown below and takes into compliance with Annex SL.
- Normative References
- Terms and Definitions
- Context of the Organization
- Performance Evaluation
Understanding the organisation and its context. The intention of this is to ensure that the organisation has a high-level understanding of the important issues that can affect, either positively or negatively, its ability to achieve the intended outcomes of its Environmental Management System (EMS). In addition ISO 14001 adds a requirement that the organisation is to consider environmental conditions that may directly or indirectly impact the organisation. For example: climate change, floods, poor air quality, poor water quality, existing contamination, natural resource availability, biodiversity (have insurance companies been involved here?)
Understanding the needs and expectations of interested parties. The organisation needs to establish who the interested parties (such as legislative bodies, clients, the public, etc.) are relevant to the EMS, and to identify the needs and expectations that those interested parties have. ISO 14001 also now uses the term “compliance obligations” which include all relevant requirements:
- defined by law,
- imposed by upper levels in the organisation (for example corporate requirements),
- pertinent to the interested parties that the organisation decides to comply with. This is important; as this clarifies that the organisation has the right to choose which applicable requirements of the relevant interested parties it aims to comply with.
Leadership and commitment. ISO 14001 adds an important new requirement, that top management has to demonstrate its leadership and commitment, and by taking accountability for the effectiveness of the EMS. This basically means that top management need to demonstrate involvement in audits, inspections, reviews and to show that they have involvement in the EMS on an ongoing basis (so gone are days of the boss simply signing the policy!)
Environmental Policy. This now needs to make mention of the organisation’s commitment to protecting the environment, including prevention of pollution. In addition the policy now has to be communicated not only to employees, but also to “all persons working under the control of the organisation”, so this could mean temporary and contract staff as well. There is also provision to make reference to sustainability resource use.
- One of the most significant aspects of ISO 14001: 2015 is related to 6.1 where ‘risk associated with threats’ has been introduced. Unlike the old standard, the new ISO 14001 standard expects you to “determine the risk associated with threats and opportunities”. So what does this mean and what does the new standard expect you to do? It expects you to start by developing a risk planning process and then to use this process to establish how to address your context, to handle your interested parties, to meet your compliance obligations, to deal with your environmental aspects and impacts, and to manage your threats and opportunities. And once you’ve done all of this it expects you to define actions to address your environmental aspects, your compliance obligations, and your threats and opportunities. Then, to make sure that all of these actions will be carried out, it requires you to make them an integral part of your EMS processes, and then to implement, control, evaluate, and review the effectiveness of these actions and these processes. The expansion of risk within ISO 14001 also removes the mention of Preventive Action as we should now think of the entire EMS as a system of preventive action.
- There are no significant changes or additions to Resources (7.1), Competence (7.2), Awareness (7.3) and Documented information (7.5) However, there are have been additional requirements defined with regards to Communication (7.4), as a result the sub-clause is considerably expanded and divided into three parts and now include greater requirements for internal and external communication including:
- The quality of the communication which could mean that it is relevant, reliable, simple to follow and informative.
- Encouraging any person doing work under the organisation´s control to make his/her voice heard in relation to improvement opportunities; thus improving and promoting 2-way communication and subsequent system improvement.
- The communication of the environmental performance of the organisation; many organisation will already adhere with this clause both internally and externally.
Operational planning and control: This new requirement requires the organisation to:
- determine environmental requirements for the procurement of products and services
- ensure that environmental requirements are considered in the design, delivery, use and end-of-life treatment of products and services.
- communicate environmental requirements to suppliers and contractors as part of the procurement process.
- provide information to end users and interested parties about potential environmental impacts during the delivery, use and end-of-life treatment of products and services.
Monitoring and measurement: This now specifies that what needs to be monitored and measured shall be related to operations, compliance obligations, operational controls and progress towards meeting the environmental objectives, using indicators. In the current version of ISO 14001, the use of indicators is not explicitly required, (though their use is widespread). Now, this is a clear requirement. The organisation needs to define criteria to allow it to evaluate its environmental performance, again through the use of appropriate indicators. Another key issue is that the organisation has to communicate information internally and externally on its environmental performance, complying, at least, with any applicable compliance obligation. The requirement to evaluate conformity with compliance obligations is still included, and effectively underpins the whole standard.
- ISO 14001:2015 promotes the process approach beyond the existing requirements of ISO 14001:2004. As the revised standard defines specific requirements for adopting a process approach.
- Again like ISO 9001: 2015 documents and records are history; the organisation now has documented information! Basically semantics, as it really means the same thing; it simply now recognises that most organisations have record and information in many mediums not just on paper.
There are many more minor changes to the new ISO 14001 standard including lots of small changes to words, phrases and terms which have varying negligible impacts; however, in this blog I have tried to focus on some of the more significant changes.
For more information, contact Agility Systems today on (+44 01224 33 00 00)
Next time I will explain the changes coming to ISO 45001 (was OHSAS 18001)
Alan McInnes, CMIOSH, CIQA, MIIRSM