Environmental Management Systems

ISO 14001
Charlie Parrish charles_parrish@ncsu.edu (919) 515-4266 www.ies.ncsu.edu

EMS - Internal Auditor Training

- Half Day Overview -

Training Objectives
Obj #1 = Understand Auditing Terminology Obj #2 = Learn about the steps in the audit process & associated responsibilities Obj #3 = Understand how to change your audit approach for different facility areas Obj #4 = Start to develop audit interviewing skills Obj #5 = Learn the essentials of audit write-ups (non-conformances)

Which 3 ISO 14001 elements - identify the environmental issues to be managed?

Element # ISO 14001 Element Title

Which ISO 14001 elements specify actions to manage significant aspects?

Element # ISO 14001 Element Title

What ISO 14001 Elements call for Management of Legal Issues

Element ISO 14001 Element # Title 4.2 4.3.2 4.3.2 4.3.2 4.3.3 4.5.2 4.6
5

How are Legal Issues Managed

The Official Definition of an EMS Audit

A systematic and documented verification process of objectively obtaining and evaluating evidence to determine whether an organizations EMS conforms to the EMS audit criteria, and communicating the results to management.

What is an EMS Internal Audit (ISO 14001:4.5.5) 1. Determine conformance against criteria: "Planned Arrangements" (EMS Programs and Procedures) "This international standard" (ISO 14001) 2. Determine if EMS has been Properly implemented and maintained 3. Provide Feed back on EMS to Management

What is Conformance ?
Meeting Criteria (Requirements) For Example
Requirement Work Time Arrival Oil Change Frequency Take Vitamin Every Day Evidence of Conformance Time Card Receipts from Jiffy-Lube

Observation of Person Taking Vitamin

What is Evidence ?
Something that proves or demonstrates a truth Is verifiable (the same evidence can be collected by independent auditors) You can hold in your hand (record) AUDITORs COLLECT EVIDENCE & EVALUATE IT FOR CONFORMANCE
9

Exercise What would be evidence of implementation of an ISO 14001 EMS ?

Element 4.2 Environmental Policy 4.3.2 Legal and Other Requirements 4.3.3 Targets, Objectives and Programs 4.4.2 Competency, Training and Awareness Measure of Implementation

4.4.3 Communication 4.4.6 Operational Control 4.4.7 Emergency Preparedness & Response

(use form in Exercises tab)

10

Who is an Auditor
The person with the competence to conduct an Audit. Competence = 2 things: 1. Person with the personal attributes listed in 19011 - 7.2 AND, 2. Person with the ability to apply the skills and knowledge gained through education, training, work experience and audit experience

11

Personal Attributes Exercise (7.2 of ISO 19011) Pick the 3 personal attributes that you feel are the most important in being a good EMS auditor (dont need to tank them 1,2 & 3; just the top 3)

(use form in Exercises tab)

12

What does an Auditor Need to know 1. Knowledge of the standard 2. Knowledge of the EMS being audited 3. Knowledge of the process being audited (can't audit what you don't understand)

13

Terminology
- Audit ISO 19011 - 3.1 ISO 14001- 3.6 Criteria 19011- 3.2 19011- 6.2.2 Audit Evidence 19011 - 3.3 Auditee 19011- 3.7 Auditor 19011- 3.8 Top Management 9000 - 3.2.7 Audit Client 19011- 3.6 Scope 19011- 3.13 19011- 6.2.2 THE REQUIREMENTS (i.e., policies, procedures or requirements) - Systematic, independent and documented process for obtaining audit evidence, AND evaluating objectively to determine the extent to which the audit criteria are fulfilled.

- Verifiable information - records, statement of fact or other info which are relevant to audit criteria and verifiable -( Evidence is something you can hold in your hand ) - Organization being audited - Person with competence to conduct an audit (see item #4) Person or group of people who directs and controls an organization at the highest level - EXAMPLE: President, CEO, Plant Manager Organization or person requesting audit - EXAMPLE: Corporate Headquarters Location - departments where the audit will be conducted ( extent and boundaries of an audit) - EXAMPLE: Assembly Area
14

Terminology 2
Audit Objective 19011 - 5.2.1 14001 - 4.5.4 Audit Findings 19011- 3.4 Audit Conclusion 19011- 3.5 Answer this question: Why are we conducting this audit ? - EXAMPLE: To verify conformance with ISO 14001 and the EMS Results of the evaluation of the collected evidence against audit criteria - Outcome of an audit provided by the audit team after consideration of the audit objectives and all audit findings. - EXAMPLE: 6 Non Conformances and 5 Observations indicate the EMS has been implemented, but not properly maintained

15

Terminology Exercise
#

Type of Audit

Audit Criteria

Audit Scope

Audit Objective

Audit Client

Auditee

Audit Findings

Audit Evidence

Audit Conclusion

1 IRS audit of taxpayer

Haz Waste Compliance Audit

Vehicle Inspection Station Audit

Financial Audit of Large Corporation

Sanitary Conditions 5 Audit of Restaurant

Energy Audit for 6 Compressor Leaks Audit of a Bank Security System Audit of why a policeman used a gun

Building Construction 9 Specifications Audit

(use form in Exercises tab)

16

Types of Audits

1. 1st vs. 2nd & 3rd party (INTERNAL vs. EXTERNAL ) 2. GAP Analysis vs. Audit 3. Compliance vs. EMS Audits (Compliance vs. Conformance )

17

Compliance

vs

Conformance

Meeting Legal Requirements Determined by Compliance Evaluation (4.5.2)

Meeting ISO Requirements Determined by Internal EMS Audit (4.5.5)

Which one are you being trained for today?

18

What is the Difference .

EMS Audit Regulatory Audit

Audit Criteria

Audit Scope

Audit Frequency

Auditor Skills Sensitivity of Audit Report (confidentiality, etc)

(use form in Exercises tab)

19

Change Gears A look at Communications, Questions & Audits

20

Communication The Listening Model - A Step wise Approach 1. Auditor speaks, 2. Auditee Listens and reacts 3. Auditor gages reaction (uncomfortable OR comfortable), if uncomfortable go back to #1 4. Auditee achieves understanding & responds 5. Auditor achieves understanding & Full Communication achieved

21

Communication Components -

Visual Tones Words

What percentage of full communication is made up of visual, tones, words ?

- Try This: Go around the room and read the following sentence. Each person emphasizes one of the bolded words (I did not tell your manager the report was finished)
22

Non verbal communication

Type body posture hand/arm movements gestures distance eye contact facial expressions dress or attire Positive Communications Negative Communications

23

Communication Feedback as a Tool

Try This: Read the following Auditor/Auditee script using feedback to demonstrate Auditor understanding of Auditees answer

Auditor Explain to me about Environmental Targets. Auditee - Environmental Targets are set by upper management. We learn what they are when we aren't achieving them Auditor (Repeat the answer using slightly different words)
24

Audit Teams and Team Dynamics

Individually Take 5 minutes (ONLY) to read

and answer questions about the Albatross Count Up the number of answers that are - True, False OR Needmore-info

25

Lessons Learned from the Albatross?

_____________ _____________ _____________ _____________ _____________ _____________ _____________ _____________ _____________ _____________
26

Change Gears The Audit Interview

Auditor introductions Discuss purpose of audit Discuss procedure Notes taken Reports will be issued Corrective actions may be implemented Opening questions Tell me about your Job? Policy, Emergency, Training Questions Leading questions (if needed) Thank auditee
27

Good Opening Questions (1 of 2)

Tell me about your job. How does it effect the environment? Are you aware of your companys Environmental Management System? Do you do your job any differently because of the EMS? What is your Environmental Policy. What does the Policy mean to you? Who do you talk to about environmental issues Why is it important to follow the EMS?
28

Good Opening Questions (2of 2)

What kind of environmental training have you had? If theres a _____ (spill, fire, tornado, other emergency), what do you do? What are the companys most important environmental issues? What are your significant aspects? What EMS requirements apply to you? How do you know if something you do affects the environment

29

Auditing Questions Dos and Donts

Try Not to ask Yes or No Questions? If you do, follow up the questions by asking for proof (evidence) Use Broad, Open Ended Questions, such as Describe to Me .. Walk me through how you do this How do you . Show me Keep the Burden of Proof on the auditee (dont give them the answer) You may have to lead them if they dont cover the material i.e., Do you have any environmental work instructions?

30

Two Basic Types of EMS Audits

1. Auditing the Env. Management Representative (EMR Audits)
NOTE: This is what takes place in a Document Review & a Pre-Assessment

2. Auditing Production Floor & Non-EHS Personnel (Area Audits) NOTE: If your company does audits by ISO 14001 Element #, even on the plant floor see audit checklist for plant floor (production) personnel (see Audit Checklists)
31

EMR Audits (1 of 3)
The initial audit should start with the EMR - Determine if all the ISO 14001 elements have
been met (18 elements, 61 shalls, 12 procedures, 20 records or implied records) (see Guidance) - Allows auditor to become familiar with the EMS documentation system - Allows the auditor to determine who, what, when & where to audit other EMS components

This starts with auditing the Level 1 and Level 2 procedures and identifies other work instructions to audit later
32

EMR Audits (2 of 3)
Level 1 Document Audit Level 1 Must Provide Direction to related Docs All the promises should be measureable (make them live up to their language) Level 2 Documents should be usable Not too much fluff (dont need to repeat the standard, or Level 1 info) They should ID who does what. If procedure is confusing to you its confusing to others
33

EMR Audits (3 of 3)
This is where most major NC's are found (not addressing an ISO 14001 shall statement) Questions can come from a prepared ISO 14001 checklist (like whats in your notebook & on next slide) However, the auditor needs to collect evidence of conformance not just answers to questions
34

Example of EMR Audit Checklist

S e c tio n 4.3.3 -- Obje c tive s and Targ e ts 4.3.3-1 Doe s the orga niza tion ha ve docume nte d obje ctive s a nd ta rge ts ? 4.3.3-2 4.3.3-3 Are the obje ctive s a nd ta rge ts e s ta blis he d a t e a ch re le va nt function a nd le ve l within the orga niza tion? Are ta rge ts a re qua ntifie d whe re pra ctica ble a nd do ta rge ts provide de ta ile d pe rforma nce re quire me nts tha t ne e d to be s e t a nd me t in orde r to a chie ve the obje ctive s Is progre s s tha t is ma de obje ctive s a nd ta rge ts - tra cke d a nd monitore d? (Are obje ctive s a nd ta rge ts ma inta ine d a nd re vie we d? )

4.3.3-4

4.3.3-5

Did the proce dure / proce s s us e d by the orga niza tion to e s ta blis h a nd ma inta in its obje ctive s - cons ide r: - S ignifica nt e nvironme nta l a s pe cts ; - Le ga l a nd othe r re quire me nts ; - Te chnologica l options ; - Fina ncia l, ope ra tiona l a nd bus ine s s re quire me nts ; - Vie ws of inte re s te d pa rtie s ? Are the obje ctive s a nd ta rge ts cons is te nt with the e nvironme nta l policy -- including the commitme nt to pre ve ntion of pollution? the commitme nt to complia nce with le ga l a nd othe r re quire me nts & continua l improve me nt ? Ha s the orga niza tion e s ta blis he d progra m(s ) for a chie ving its obje ctive s a nd ta rge ts ?

4.3.3-6 4.3.3-7

EXERCISE:nd ta rge ts cons isthe EMR forpolicy -- including Audit te nt with the e nvironme nta l one Element !! Are the obje ctive s a
(use form in Checklist tab)
35

4.3.3-8 4.3.3-9

Doe s the progra m include a de s igna tion of re s pons ibility for a chie ving obje ctive s a nd ta rge ts a t e a ch re le va nt function a nd le ve l of the orga niza tion?

Area Audits Identifying the Requirements

An Auditor Needs to be Familiar with the Area he/she will be auditing Find out what happens in that area Significant aspects? Targets/objectives? Training was done? Operational controls? Contractors in the area? Tracking key characteristics? Emergency response responsibilities
36

EF-13B

AreaArea Audits - Coming Up to Speed the Requirements Audits Identifying

EMS Requirements
Targets / Objectives Required Environmental Training Operational Controls (Work Instructions) Environmental Contractors or Suppliers Work in this area Key Responsibilities in Emergency Response Monitoring Environmental Performance (Key Characteristics)

Area of Plant Significant / Point of Environmental Contact Aspect(s)

(use form in Audit Forms tab)

37

Area Audits Create a Requirements Checklist

(use form in Audit Forms tab)

38

Area Audits The Audit Interview

Start w/ Introductions, Purpose, etc Use Opening Questions to start Area Audit Make sure you cover the EMS requirements Remember to Sample for Evidence (show me that report, can I see that container, etc) - This is where you get the verifiable evidence such as looking at records !!

39

Exercise Mock Area Audit

Audit the Work Instruction from Previous Exercise Use Your Area Audit Forms: EMS Requirements Checklist Each Student plays these roles: Student #1 = Auditor Student #2 Auditee Student #3 = Reviewer (change roles so that everyone gets to play)

Auditing Exercise - Review Form

Auditor Introduction The Auditor introduced self to Auditee Rating Notes and Comments

The Auditor informed the auditee that Notes would be taken during the audit

The Auditor explained the purpose of the audit

Question Techniques Questions were short and to the point The Auditor used open ended questions (Who, What , Why, When, where, how) The Auditor asked probing questions beyond the prepared checklist The Auditor maintained control over the interview Other

(use form in Audit Forms tab)

The Auditor displayed a positive attitude

Remember Need to ask for evidence (records, etc)

The Auditor complemented the auditee on good things Rating Scale: 5 = Great, 4 = Good, 3 = OK, 2 = Needs Improvement, 1 = Update resume
40

Change Gears A look at Audit Procedures & Programs

41

- The Audit Program - ISO 19011

A guidance Standard for conducting Quality and EMS Audits
ISO 19011 Applicability - Guidance Only - Covers all audits (compliance, quality, EMS, etc) - Good section on definitions (augments 14001, ISO 9000) - Covers 1) Internal & Registration Audits, but primarily is used for registration type auditors (especially competence of auditors)

ISO 19011- Section - ethical conduct 4 - Auditor Principles - Fair presentation - Due Professional Care - Independence - Evidence based Approach NOTE : Auditors can be removed from an audit team if any of the above principles are compromised (ISO 19011 excerpt) Other 19011 Clauses - Section 5 - Managing Programs, summarized in Figure 1 in ISO 19011 - Section 6 Audit Activities , summarized in Figure in ISO 19011 - Section 7 - Auditor Competence

Can be purchased at www.asq.org

42

Steps in Auditing
Step 1: Notification & Document Request (Levels 1-3) Step 2: Level 1 & Level 2 Document Review Step 3: Develop Daily Schedule / Responsibilities Step 4: Auditor Homework Develop Area Checklist and Familiarity with the processes, aspects, etc Step 5: Conduct Opening meeting Step 6: EMR Audit Audits Step 7: Area Write-ups Step 8: Audit
43

Meetings
Example Opening Meeting Agenda
1. Introductions (credentials, etc) 2. Sign in at Roster 3. Explain Scope 4. Explain Standard 5. Explain Objective (this is not a compliance audit) 6. Confirm Audit Interview Schedule 7. Discuss Confidentiality Issues 8. Promote auditee participation 9. Go over H & S requirements

EXERCISE Conduct an Opening Meeting (use above agenda):

- EMR Audit - Area Audits (Waste Handling or Treatment Area) - Area Audit (On-Site Contractor - Waste Disposal Vendor)
44

What makes up - your Audit Program ?

Calendar Schedule Which Elements are audited Which Departments or Areas are Audited

What is your audit Procedure ?

What is the process Opening Meetings ? Who has lead Auditor responsibilities Other Responsibilities Which Forms are Used Reports Issued ? Distribution of Reports ? What about Corrective Actions? READ THE COMPANY AUDIT PROCEDURE
45

Sampling
- When to Sample - What factors affect Sample Size - Type of Sample (Targeted Sample vs. Random Sample) -When to collect More Samples -EXAMPLE: How many employees do you ask about the policy - in order to determine if policy has been communicated:
- Company Size is 100 - 2 Shifts - 6 Departments - Evidence of shoddy training - Evidence of Both Conformance/Non Conf.
46

Findings Write-ups: What you need.

Criteria

Finding

Evaluation THE FINDING TRIANGLE

Evidence

47

What's a Non-Conformance
Types of Non Conformances - Major Nonconformance = missing element / system breakdown / sinking boat / high impact on environment - Minor Non-Conformance = deviation from procedure / small hole in boat / minor impact to environment - Observation = No responses required / opportunity for improvement - Lack of Evidence - Missing ISO 14001 Element - Not Following EMS Procedure

Reasons for Non Conformances

Exercise Major or Minor Non Conformance (pg 16) Exercise - Write Up Audit Findings (pg 15) Exercise Non Conformance Report (pg 17-19)
(use forms in Exercises tab)
48

Corrective and Preventive Actions

- Correction:(9000-3.6.6) = Action to eliminate a detected nonconformity (simple human error) - Corrective Action:(9000-3.6.5) = Action to eliminate the cause of a detected nonconformity - Preventive Action:(9000-3.6.4) = Action to eliminate the cause of a potential nonconformity Continual Improvement - recurring activity to increase the ability to fulfill requirements Components of an Effective CA System - Effective Root Cause Analysis (FMEAs, 8D method, 5 why, etc.) - Escalating CA review cycle

Exercise Correction, Corrective Action, or Preventive Action (pg 20)

(use form in Exercises tab)
49

Certified Auditors (Not Internal Auditors)

Types of Auditor Certification Scope and Grades of Auditors - Qualifications Based (Non-Accredited) - Competency Based (Accredited) SCOPE OF AUDITORS Environmental Management Environmental Management System Site Contamination Assessment Environmental Report Verification Compliance Audit QUALIFICATION BASED AUDITORS Knowledge Competencies (Training) Audit Experience Work Experience Verification of Personal Attributes For registrars, certification bodies: ANSI-ASQ National Accreditation Board http://www.anab.org/ GRADES OF AUDITORS - EMS Associate - AA - EMS Auditor - A - EMS Principal - PR - EMS Lead - LA - EMS Business Improvement - BI COMPETENCY BASED AUDITORS Knowledge Competencies Skill Competencies (Witnessed Audit) Work Experience Personal Attributes (Exam) For auditors & training bodies RAB QSA International http://www.rabqsa.com/per_enviro.shtml

Qualification Categories for Certified Auditors

Contact Info for Registrars and Certified Auditors

50

Pitfalls to Avoid
Avoiding Internal Auditing altogether Were not ready syndrome Not Auditing Top Management (put-em to the test) Auditing using checklist questions that the auditor doesnt understand (Understand ISO 14001 and Your Own EMS documentation) Auditing to the standard only and not including company documents (they may be more specific than the standard)

51

Time for the Test ?????

Easy Test: - 30 Min - Review answers after - Grade your own paper

52