John Nolan To attain ISO 14001 accreditation, your organization will need to prove its compliance with the accreditation body at the “registration audit,” then face a surveillance audit for the next two years on or around the anniversary before the need for the registration reoccurs on the third anniversary. On our site you will find many articles that will help you prepare for your initial audit by building your EMS (Environmental Management System), such as 5 elements of a successful 14001 project, but your first surveillance audit will provide a different, if similar experience to the initial audit. So, given that you have the experience of navigating the initial audit successfully, what do you need to be aware of when facing your first surveillance audit? And, are there any tips and advice that can give you an advantage at the audit itself?
14001 surveillance audit: 5 tips
Your surveillance audit will typically last one day, and the auditor will generally check for a number of predetermined things: are any recommendations or minor non-conformities from the registration audit closed off? Does the organization use the ISO logos on stationery, websites, and letterheads? Does the organization complete the standard activities that underpin the EMS, such as internal audit, management review, and corrective action? Does the function of the EMS provide demonstrable continual improvement? Along with these, the auditor is perfectly entitled to concentrate on any one segment of your EMS and look in more details. This is probably likely if you have the same auditor for registration and surveillance audits, and perhaps he felt that he sensed a slight weakness or didn’t have time to focus as strongly on one aspect as the others. So, what can be done to ensure you are ready?
- Nonconformances and recommendations from the registration audit: Ensure that these are diligently and efficiently closed off with a fully auditable trail to display such. Failing to act on the auditor’s recommendations from the registration audit is the worst possible way to host the auditor at the surveillance visit!
- Use of the logo: Ensure this falls within the ISO guidelines. If in doubt, contact your auditing body for guidelines. Incorrect use can lead to your accreditation being withdrawn, so best not to make any assumptions.
- Ensure you review all your processes as you did for your registration audit: Management review, internal audits, and use of corrective and preventive actions are all critical to displaying that you have a functioning EMS that will achieve its objectives. Remember that proof of both execution and review of these processes is required.
- Re-educate your employees: Proof of formal training is required to pass your registration audit, and in addition to continuing this practice, it is good to prime your employees for the surveillance audit. Ensure everyone is comfortable answering questions and displaying compliance with the physical and written processes you will have established when building your EMS, and passing your registration audit. Once again, it is good to remind your employees that not being able to answer a question is not a fail, but offering to find out or trying to navigate the EMS to find the answer for the auditor at a later date is totally acceptable.
- Continual improvement: This underpins the ISO 14001 standard, and after hosting a series of audits over the last 15 years, I prefer to approach this in a more proactive manner than previously. Why not produce a “Continual Improvement Log” for your EMS, where you can formally record systemic improvements and projects you have undertaken as a result of internal audit recommendation, management review, or risk-based thinking within your EMS? This is a good way of demonstrating both your commitment to continual improvement and the fact that you are committed to achieving it.
So, these tips should help us prepare for the surveillance audit, but is there anything else we need to do?
Surveillance audit: What else do we need?
In fact, as stated above, you basically need everything you did for the registration audit to be confident in your EMS at the surveillance audit. However, with the experience of the registration audit under your belt, hopefully this will be less stressful. Evidence of your review, internal audit, and corrective action processes will give strength to your EMS and case during the surveillance audit. Stick to the same principles that gave you success at your registration audit, and use the tips above, and you will be able to demonstrate compliance and improvement.
Please use our free Gap Analysis Tool to compare your EMS with the 14001 standard.
