CALL US 1-888-553-2256

ISO 14001 Knowledge base

'. get_the_author_meta('first_name'). ' '.get_the_author_meta('last_name').'

Internal Audits in the EMS: Five Main Steps

Author: Mark Hammar

Just like the internal audit process required by ISO 9001 and other management standards, many people do not understand the value of the internal audit process in ISO 14001. In Five main steps in ISO 9001 Internal Audit, I explained the five main steps required to plan, perform, and follow up on internal audits for the processes in the quality management system (QMS). This process of ISO 14001 internal audit according to clause 9.2 works equally well when applied to the ISO 14001 environmental management system (EMS), but the focus is slightly different. Here is how the process applies in a different way for the environmental management system internal audits.

1) The Audit Schedule

Just as with any good internal audit process for any management system, the first important thing is to have an overall schedule of when you are planning to audit each process that will be audited for system conformance. The cycle for this is often a year, but can be whatever you like, and the frequency of audits on any given process is linked to criteria like the environmental importance of the process and past audit conformance. If you have a process that has critical environmental aspects associated with it, you may want to look at this process more often than one that can have only minor impact on the environment. The audit schedule should be available to employees and managers, because you don’t want to have surprise audits.

2) Process Audit Planning

After confirming the audit with the process owner, the auditor can start to make preparations for the audit itself. Review of the process is critical for this – in particular, understanding the environmental aspects associated with the process. This is the key difference between an internal audit for a QMS and an internal audit for an EMS. While a QMS audit will look at a process and how well it is performing against the plans for the product or service of the company, an EMS audit will look at how well the process is performing against the plans for the environmental aspects associated with the process. A good audit plan will make sure you look for all the right data to support these process plans.

3) Performing the Audit

Probably the first thing to remember about performing the audit is that you are not using the internal audit to judge the legal compliance of the process. While a compliance audit is a good idea, and sometimes a legal requirement, this is not the goal of the internal audit program. This process is identified elsewhere in section 4.5.2 of the ISO 14001 standard. The internal audit is looking at the process against the environmental plans that the company outlined for the process. Are the environmental aspects monitored when applicable? Are any required environmental operational controls in place and maintained? Are nonconformities, corrective actions, and preventive actions against the process being addressed? In short, you are evaluating if the process meets the planned conditions with respect to how it can interact with the environment.

4) Audit Reporting

Like all audits, an EMS process audit is almost valueless if it is not properly reported. If the employees engaged in the process are doing well, they need to know this. Conversely, if there are problems, employees need to understand what these are so that they can be addressed and corrected. Opportunities to improve that are identified in the audit need to be presented to the process employees to consider their value in making their process better. These are the main ways that a company can gain value from the internal audit process, and if they are not well reported you can lose this value.

5) Follow Up on the Audit Issues and Improvements

Just as with corrective and preventive action, follow up is one of the least well done parts of the internal audit process. If there is no closed loop to follow up on the actions and opportunities presented by the audit, then the value of identifying them in the first place is lost. Making sure that a problem that was previously identified is actually fixed can prevent the futile reporting of the same problem again and again. Use follow up to make your internal audits better.

Do you need to have separate audits for the EMS?

Of course not! There is no reason that you cannot use one process for internal audit if your company wishes to be compliant with more than one management system. By utilizing common processes for such things as internal audit and corrective and preventive action, you can save time and money when maintaining e.g. both the QMS and the EMS. The important thing is to make sure that you satisfy the needs of all systems when you do your one internal audit. If you can satisfy all the needs in one audit visit, then this will be a benefit to you, and to your company’s pocketbook.

To get familiar with internal audit visit  ISO 14001:2015 Internal Auditor online course.

If you enjoyed this article, subscribe for updates

Improve your knowledge with our free resources on ISO 14001 standard.

You may unsubscribe at any time.

For more information on what personal data we collect, why we need it, what we do with it, how long we keep it, and what are your rights, see this Privacy Notice.

Leave a Reply

Your email address will not be published. Required fields are marked *

FREE ISO 14001 CONSULTATION
Iciar Gallo
ISO 14001 Expert, Advisera

GET FREE ADVICE

Upcoming free webinar
How to perform an ISO 14001:2015 internal audit
Wednesday – November 28, 2019

OUR CLIENTS

OUR PARTNERS

  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.