ISO 14001 and OHSAS 18001 Training and Consultancy

A recent visit to a medium-sized engineering company that was not quite at the certification stage revealed an issue that seems to be a regular problem for management system administrators and auditors alike. The company had already established a functioning H&S management system, and were building a separate EMS to address the growing number of environmental issues that required to be managed. I was asked to visit and comment on their progress.

The particular area of concern was that five different procedures were created to address the management of incidents, accidents, near misses, audit findings, and actions arising from HSE meetings including outputs from the management review meetings. Due to the variable terminology used and depending on which documents one was reading, it was difficult to know exactly which ‘action-tracker’ database to add the issue. Even the titles of the databases changed according to which document one was reading. Some action items were loaded onto the wrong database and additionally, not all items had been included on any database at all.

Common sense suggests that the solution would be to merge these databases into one Excel spreadsheet and by tagging different entries with one of 4 or 5 options, the system would be searchable for each category. Further developments, such as linking the entry to an action completion target date, a description of the action, a responsible person and a date actually completed would be an entirely natural development. For many organisations who operate an EMS, this function is undertaken with varying degrees of effectiveness. But there are a surprising number of EMS administrators who just don’t seem to buy into this level of simplicity.

The company in question had a paper-based audit reporting and corrective action system that relied on the auditors waiting for feedback to enable them to hand write the response on the sheet. This situation arose because auditors didn’t have access to a company laptop. Several other companies that I know have their EMS on a server and strangely have decided to use the hard-copy paper system for tracking audit findings. The problem with that approach these days, is that the monitoring and effective close-out of the issues identified is less likely to happen, and can be extremely ineffective. For the company in question, the management review action ‘system’ relied on post-meeting updates to a Word file containing the agenda and minutes and this was updated at irregular intervals, by the HSE manager. It became a matter of luck that the action item identified at the annual meeting was completed.

For companies with a significant amount of applicable environmental regulation, the absence of a proper action-tracking database could be critical as the lost or forgotten item could easily result in prosecution for failure to address a particular legal issue that was identified by the company but not acted upon in a timely manner.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

Things have been very busy for me over the summer months and some thoughts have emerged during the last few visits to companies relating specifically to internal auditor competency. The first consideration I have is that there is little in the text of ISO 14001;2004 that clearly addresses this issue.
The relevant clause (4.5.5.) states that the ‘selection of auditors and conduct of audits shall ensure objectivity and the impartiality of the audit process’. This seems to go unnoticed by some environmental managers who are responsible for developing audit programmes that the issue of demonstrating competency of the auditor should stand up to some kind of objective scrutiny. So when auditing this clause of the standard the first question that I could ask is ‘how can you demonstrate auditor competency?’ I also realise that there could be difficulties in issuing an objective non-conformance related to this mainly due to the absence of any real requirement within the standard. The ideal answer to this sort of question would be that the person attended a 3-day approved-IEMA internal auditor course and passed the assessment and examination. The same person then would hopefully have worked with an established EMS audit team during the experience-gathering phase before registering as an EMS auditor.

In my sample of companies visited this year I have not ever been given that answer and I then have to scrutinise examples of audit reports myself and interview the internal auditor to ascertain whether their understanding of the process indicates an appropriate and reasonable degree of competency. Do they really understand what issues to investigate during an audit? Are they able to audit within areas of potential high risk and importance? Do they use the aspects register to identify these areas? Are the techniques used to ask questions and follow audit trails of a suitable standard? And so on.

Sometimes, the audit reports are excellent and it is clear that the audits are very useful. Other times, it is obvious that the auditors really do not add any value at all as they simply use a tick list. Which brings me round to the point of this article. In the next revision to ISO 14001:2004, why not include a requirement for internal EMS auditors to have attend and passed an approved, recognised training course on the subject?

I also audit OHSAS 18001:2007 and the clause relating to internal OHSMS audits is almost identical except here the word ‘competencies’ is included within the text which reads ;-
‘audit procedures shall be established, implemented and maintained that address the responsibilities, competencies and requirements for planning and conducting audits’.

At least the various bodies responsible for setting standards are slowly recognising the need for demonstrating auditor competency. It would help the external auditor working at the coal-face of EMS certification to clearly spell out the requirement for a properly trained internal EMS auditor. Although the internal audit reports would still need examination, I would probably be much more impressed by the outcome than at present!

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

As a seasoned professional, your certification auditor should be a first-hand example of best practice and competence in the field of EMS auditing. Is that a true statement? I really do not know, so I ask the question! Why not e-mail me your responses (in confidence of course and without naming any names) and I will comment on this later.

There are a number of important functions that the certification auditor undertakes. Most obviously, during the initial audit, the management system is checked to see that all the requirements of ISO 14001 have been addressed. Additionally, the auditor should be satisfied that the requirements of applicable environmental legislation have been captured by the organisation. The auditor should also assess the process of evaluating the environmental aspects. Whilst the latter two activities are part of the overall assessment of the EMS to the requirements of ISO 14001, their importance may sometimes be underplayed in favour of other system elements such as ‘document control’ or ‘communications’ that present less complexity or liability issues. Of course, all elements must be checked during an audit of this type, but the legal and aspect registers play a pivotal role in the EMS and the approach to the assessment of these areas reveals a great deal about the competency of the certification auditor.

An EMS audit is almost always undertaken over a relatively short timescale and the auditor is usually required to assign priorities with regard to the items to check within the limited time available to carry out the work. Hence the need for a timetable and checklist. The auditor should be seen to investigate a fully representative sample within all the significant areas of risk and verify that they are under control and within the scope of the EMS. By doing this, the auditor ensures that the ‘big issues’ have been assessed and surely this has to represent the ‘best practice’ that I mentioned above.

At the start of a certification assessment, the auditor should consider issues such as the need for a PPC permit, the management of waste streams, drainage issues, compliance to the discharge consent and a range of other potential legal requirements. During an audit, I am always looking to see how effectively the environmental manager assesses compliance to environmental legislation and how the requirements of the law are translated into company procedures and work instructions. I am also keen to check that the aspect evaluation includes all the issues that are important to the company. The certification auditor may check that the items included on the register have procedures that are appropriate and implemented, but more importantly, the auditor should be looking for items that are NOT on the register but which should be. That is a more difficult task because the evidence needed to answer that question has to be accumulated from the audit itself. All the skills of the auditor are required in order to track, assess and present this information and a measure of the competency of your EMS certification auditor could be based on the way this assessment is communicated.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

Several months of first-hand experience of auditing EMS’s to the new version of ISO 14001 has led to some interesting thoughts and conclusions. The first is that many companies with an existing EMS are simply not carrying out an evaluation of their compliance to legal requirements. The second is that where this is being conducted, the activity is currently ineffective in answering the question of compliance in a direct and clear manner.

It is understandable that organizations with an EMS feel uneasy about declaring their level of compliance with legislation but the inclusion of this requirement as a separate element of ISO 14001:2004 provides an excellent opportunity for the EMS auditor to assess the real commitment that is raised within all environmental policies on this very topic.

During one recent audit, the company in question had simply not conducted the assessment and excused themselves by declaring that the register of legislation provided the necessary information. Another company actually did what appeared to be an effective evaluation which included their assessment of compliance with the Water Industry Act 1991 for their discharge to sewer. However, on closer scrutiny the tabular document did not actually state whether or not the consent conditions (BOD, COD, Suspended solids etc) had been met but stated that Environmental Procedure 13 addressed the monitoring activities undertaken. Close scrutiny of their discharge monitoring results revealed that a number of readings for one parameter or another were exceeded at some time or other in the last six months. Putting that into words hurts, but as an auditor I expect clarity and visibility in this area and current EMS’s are simply not delivering the goods!

Some companies confuse the requirement of 4.3.2 – Identifying and accessing legal requirements, and 4.5.2 – Evaluation of compliance. It is important that the EMS auditor does not do likewise, but the two activities could be satisfactorily linked as demonstrated by another recent EMS audit in which the organization in question used a simple 3-column table to identify the law, relate the requirements to company activities, and to state the degree of compliance in each respective column. By re-evaluating this document every 6 months it was clear that the legal requirements were understood and areas of non-compliance could be identified and reported in the corrective action database.

The linkage between policy requirement, identification of legal requirement, operational control activities designed to achieve compliance and finally the assessment of compliance should be well understood by all EMS auditors. At best, failure to do so may hinder the process of continual improvement. At worst, the company may end up in court as a result of a serious legal compliance problem that could have been averted through the correct application of element 4.5.2 of ISO 14001:2004.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

These days it is usual for suppliers of products and services to be included within a database together with supporting information. The process requires the supplier or contractor to complete a questionnaire, usually running to several pages in which various criteria deemed to be relevant to the process are listed. After careful scrutiny, the client company usually approves the supplier for a period which may last for several years. It sounds like a really useful activity - rooting out the poor performers and rewarding those suppliers who meet the purchasing requirements.

I have seen some effective procedures for undertaking supplier evaluation especially where there are a number of potential suppliers of the same service or products and where the service is relatively non-specialised. However, as you would expect from an integrated management system that probably originated from a QMS, most of these relate to product approvals, supplier confidence issues and price. EMS’s often include the need to assess the environmental impacts of products and services. This good intention vaporises once the environmental requirements become subsumed within the overall purchasing department’s strategy for appointing contractors or purchasing products. Having said that, there are many examples of success in purchasing strategy involving individual changes to purchasing policy, for example the phasing out of solvents, chemicals and processes that are environmentally damaging. A specific objective is usually set for these examples, making them auditable within the EMS in a number of areas.

The near absence of any reference to purchasing policy and environmental improvement within ISO 14001 makes it difficult for the EMS auditor to carry out an effective audit within this topic area, even if the potential supply-chain impacts on the environment far outweigh the impacts within the factory gates. So how does the auditor work around this difficult situation without moving into ‘subjectivity’ and ‘auditors own opinion’? One way is to review the aspects register to see if the company has considered how it’s purchasing decisions impact on the environment. However, experience shows that the aspect register would be unlikely to cover individual purchases unless the scale was large enough (boiler refurbishment, process change).

Within ISO 14001, Operational control (4.4.6) mentions the word ‘suppliers’ within the relevant section, but the clarity of language that would enable the auditor to ask the right question is missing. This omission makes it very difficult for the EMS auditor to drive forwards the necessary improvements that should be made to the enactment of the purchasing policy. In my opinion, the requirement for a simplified LCA, as part of the aspect evaluation, should be carried out to identify where in the supply chain the significant environmental impacts are arising. The ISO 14001 registered company should then purchase from suppliers who have lower impacts and the auditor would seek evidence that this is being completed. It’s as simple as that!

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

Given the fact that the Carbon Reduction Commitment started this April and the speed at which the impending deadline for registration (September 30th), it seems to be a perfect time to consider how the ISO 14001 auditor community could add value to the organisation that may be implicated.

The first point is that this scheme is potentially complex and the certification auditor should certainly invest in some study time to become acquainted with the basics. I am working my way through the 99 page CRC User Guide (6th April Update) which provides an excellent reference source to the scheme. The auditor must then understand a number of definitions that have an immediate impact on the registration process. This includes terms such as the half hourly meter, the qualification period (the calendar year of 2008), the registration period (April to September 2010) and the making of an information disclosure during the registration period.

The auditor should find out if the responsible person within the organisation is tracking the CRC. Has it been included within the EMS legal register? By now it should be up there in lights because the scheme has been gathering momentum since early 2009. Has the responsible manager registered for full participation or made an information disclosure? Either way, the quantity of electricity that flowed through all half-hourly meters during 2008 should have been compiled. If it is more than 6000 megawatt hours, then full participation is required. This information gathering process should be checked by the auditor. Have all domestic accommodation supplies been deducted – important to universities? Have franchisors and landlord/tenant relationships been clarified? The list goes on!

The auditor should also check that the organisational structure of the business or undertaking is fully understood and the guidance of the financial director may have played a crucial role in determining this. Public sector entities and universities, schools and government departments are all potentially implicated within CRC so EMS auditors working within these sectors should check that the specific rules are understood.

A recent ISO 14001 audit of an engineering company which is part of a large group provided an interesting insight into CRC. The HSE manager was very well aware of the scheme, though an interesting line of enquiry was investigated to determine potential exemption on the basis of a Climate Change Agreement negotiated through the relevant trade body. The certification body auditor should always be exploring such avenues of opportunity, even though they may need further investigation and discussion.

On a final note, my personal ‘journey’ to reduce carbon dioxide emissions as described in the July article is progressing extremely well. There is a growing number of consultants and ISO 14001 auditors who are using the simple but effective Excel spreadsheet developed specifically for the purpose - join our group by emailing me. Since 1st June, I have saved 247 kg of carbon dioxide with much more to follow!

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

Given the prevalence of cooling systems, air-conditioning units and related facilities equipment for building management systems, it is surprising how often these are neglected from the management system perspective. Internal EMS auditors may be required to investigate the Fluorinated Greenhouse Gas Regulations 2008 as part of the overall audit programme and therefore should provide an accurate assessment of the applicability and, if appropriate, assess the degree of compliance with the requirements.
Firstly, the auditor should become familiar with the type of operations that take place at the site. There are significant requirements for process cooling within commerce (there are many industries that require this capability such as plastic extrusion, clean-room facilities, office temperature control). Often cooling systems are hidden away at the back of buildings and away from people due to aesthetics and noise nuisance issues.

In planning for the audit, guidance on this topic can be found in documents such as F-gas Support, or the Supplementary Guidance Document issued in May 2007 from DEFRA.
The next task is to check the aspect register to see if any reference is made to the use of fluorinated greenhouse gases as a coolant. There should be information detailing the type of coolant and quantity used in any single unit, and from there an assessment of the significance made. If not there may be a nonconformity relating to the inadequacy of the register.

The key information is to find out if the cooling unit contains more than 3 kg of refrigerant and to identify the type of coolant used. Also check the Legal register - the aspect register is often combined and any missing information on the legal applicability should be treated as a finding. Understand also the issue of global warming potential – a refrigerant with over 150 units means the regulation may apply.

Aside from the more complex issues surrounding the applicability, the auditor should then determine the degree of control of the maintenance process (sub-contractor management). Is the aircon maintenance company using trained staff? Have the certificates been checked by the person responsible within your company? Are records kept which provide details of the amounts of refrigerant supplied? Based on these sorts of questions, the EMS auditor can then prepare audit findings based on the outcome of these investigations against the specific element of ISO 14001. Add value to the audit by pinpointing areas where the regulations are not understood or where actions relating to compliance are not met.

Often, awareness of the type of refrigerant involved can be missing or unclear, even though the contractors employed to maintain the chillers may ensure that the F-Gas regulations are complied with. Certificates of persons doing the work should be seen by the company and copies of certificates help with meeting the rigorous training and competency requirements.

By carrying out careful planning, the auditor can help improve the company’s environmental performance as well as help maintain legal compliance in this important piece of environmental legislation that has wide applicability throughout commerce and industry.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

Whilst carrying out a recent EMS surveillance audit, it became apparent that the organisation in question required some guidance in the direction and focus of it’s HSE management system objectives and targets. The issue in question related to the measurement of it’s carbon footprint which was becoming quite relevant given that the parent organisation had pledged to reduce its global carbon dioxide emissions by 10% over the course of the year. The local site duly recorded the amount of carbon emitted at source using electricity and gas consumption measurements from meters located within the workshops and offices of the main building. However there was no data relating to the significant amounts of carbon dioxide emitted by vehicles used by the sales staff, technical advisors and engineers who travelled the length and breadth of the country on company business.
Even more galling was the fact that accident statistics did include vehicle accidents and their impact on the health and safety performance of the business and this was reported to the head office at regular intervals. The linkage between business and accidents arising within the business framework in this case was clear, but the issue of carbon dioxide measurement was not. I considered it a duty to assist the organisation move in the right direction to provide a clear focus of what objectives were required.

A recent family dinner party over Easter provided another viewpoint to the above situation. Environmental issues formed part of a passionate and interesting debate in which the melting polar icecaps, the likely increase in sea levels and related issues provided me with the opportunity to conduct a impromptu quiz. Each family member was asked if they knew their personal carbon footprint. The second question asked what was the closest estimate to the average UK carbon footprint per person between either 0.5, 10 or 100 tonnes per year. None of us knew our actual carbon footprint, and an even split between the 3 potential answers was the result of the second question. Clearly the information required to understand the quantities involved and the key contributors to the total carbon footprint was unclear. The desire to reduce our personal carbon footprint was clearly evident, but the mechanism by which the most significant reductions could be made was absent.

The similarities between personal and corporate efforts became clear to me. Both were well meaning but both also lacked a clear strategy and systematic approach to address the issue. The company mentioned at the start of this article had ISO 14001 so it was important that some additional guidance was given to help the company develop a better estimate of it’s total carbon footprint.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

The traditional environmental management system is undergoing a quiet revolution as it has become apparent that duplication of management system elements is unnecessary and leads to inefficiency. These days, businesses are establishing one streamlined management system that delivers all the HSEQ needs in one package. The benefits include the ease of maintenance of procedures and instructions, more awareness of procedures by groups of users and easier tracking of actions and communications. Another clear benefit is that auditors are on-site for one visit only and time is used more effectively, keeping down costs and any disruption caused by the audit itself.

However, for the auditor, the overall level of skill required to perform the HSE or HSEQ audit is increased, the knowledge base and technical capabilities are more demanding and the potential for bias towards the favoured standard may also be an issue to watch for.
Auditors conducting integrated internal audits require more training mainly because the requirement for careful planning and preparation is increased, as is the greater use of checklists and timetabling. Guidance through training and shadowing of integrated audits improves the confidence of the auditor and helps to address any concerns that would otherwise impede the whole process. Knowledge of one or even two standards may already be established, but most certification auditors who wish to become integrated auditors are undergoing a lengthy process of extension of knowledge and experience and this often involves studying Health & Safety courses (Certificate or Diploma), attending relevant lead auditor courses (IEMA-approved of course) and developing a track record in integrated audits.

In planning integrated audits, a spread of departments or areas should be visited and it is always advisable to identify the key business risks that are relevant to each area and for each standard. This provides a vital starting point for the audit because it is then possible to ask the auditee how the particular risk is controlled which in turn provides a lead into the procedures, communications and processes that are employed by the organisation. It is the task of the auditor to link the issues with the correct standard and the relevant element. For the auditor, it’s business as usual only three times more involved – a point that illustrates the value of a carefully constructed checklist and timetable.

One example of a recent integrated audit (quality and environmental) involved a check of monitoring equipment used to gather stack emission data. The absence of the equipment could be linked to the purchasing department which eventually identified a flaw approving the supplier as required by a particularly convoluted approval process. The linkage of issues through two or even three standards sometimes provides some very interesting audit trails which help the business to improve as a whole rather than in isolated business functions or areas.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

Many internal auditors have now developed a good understanding of the key elements and requirements that are contained within the ISO 14001 standard. Relatively uncomplicated matters such as control of documents, management review, policy and objective setting are audited to ensure that the key requirements are being met and without such scrutiny the effectiveness of the management system would surely falter and eventually become a worthless collection of procedures and records. However, as the amount of detail that is contained within an EMS increases, the auditor is required to develop more highly-tuned skills and abilities in order to make sense of this level of complexity.

A recent audit highlighted this situation as the number of potentially complex audit trails that could be followed were running into double figures and this highlighted the need for a carefully constructed checklist and timetable. These provided clear topic areas for the audit as well as restricting the scope to a couple of specific locations within the factory. In this case, the company was involved in engineering and manufactured a range of automotive components that were packaged and shipped around the world. On the day of the audit, the requirements of the packaging regulations were examined in detail. Although the site was in a compliance scheme, the information submitted to the managing company had not been audited internally, and a number of minor discrepancies were revealed that were classified as one minor nonconformity. As the audit trail progressed, it became clear that an important class of packaging had been missing from the submission data due to a ‘technical’ misunderstanding and this generated a more significant nonconformity for the company.

Investigations involving a greater degree of technical understanding and knowledge have increased as the level of detail increases within the regulatory framework. Understanding the detail associated with the carbon emission trading scheme, the hazardous waste regulations, the upcoming WEEE regulations, planning law and many others requires that the internal EMS auditor has to develop at least a basic understanding of a wide range of topics. This enables the right questions to be asked that has relevance to the area under investigation.

For the certification auditor, the necessary level of understanding and knowledge of environmental issues should extend well into specialist areas and beyond the requirements of ISO 14001. Demonstrating progress towards higher level qualifications and success in the attainment of recognised professional standards within the membership schemes that are available is a reflection of this need and should be encouraged at every opportunity.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

This short story illustrates why an environmental auditor should always be able to identify issues that may appear to be very obvious once they have been revealed. The recent success of the series ‘The Apprentice’ is perhaps due in part at least to the straight-talking direct style of Sir Alan Sugar, who provides some excellent assessments of the performances of the young hopeful participants.

Likewise, auditors should be able to ask some direct and essentially simple questions such as “Is the management review effective in addressing issues raised?”. An interview with representatives of the management team should then provide the answers, providing the style and phrasing of the questions is suitably less combative than Sir Alan’s.

In this example, a large office-based company had held an ISO 14001 certificate for a number of years. Things were becoming routine on the environmental front as the only real issue of interest was the minimisation of waste and electrical energy consumption by an agreed percentage that had not changed for at least 2 years.
The audit revealed that top management conducted an integrated business systems management review, the whole presentation took up about 25 powerpoint slides packed with information on customer satisfaction, business performance indicators and related information. Action points were well covered.

The section at the end addressed environmental issues and graphical comparisons of energy use illustrated a somewhat variable performance. The summary slide sought to indicate that performance was on track. However, closer scrutiny revealed that actually the energy total for the year was 10% higher than the agreed target. This went unnoticed and at the end of the environmental presentation there was no action point or summary requiring this to be addressed. The target for the following year was again set for a 5% reduction but without recognition that the most recent objective and target had effectively failed to deliver the goods!

The auditor must be able to see this clearly and to reveal the problem so future management reviews can be carried out more effectively. It was noted that several quality-related issues were clearly linked to improvement actions together with personal responsibilities set within the management team. There is no reason why environmental issues should not be addressed in a similar manner to quality-related issues especially when the organisation has gone to great lengths to integrate their management systems.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

Marsden (FIEMA)

The internal audit is one of a number of management tools that can be used to determine the effectiveness of the EMS. Even though the audit process is usually given a high profile, at least on paper, it comes as no surprise that potential auditors are often unable to display the appropriate level of enthusiasm and commitment that the task requires.

The annual audit programme may have been allocated to certain members of the workforce with an appropriate level of persuasion by the environmental manager and after a short period of training the fledgling auditors are cast out amongst the indifferent workforce. The task itself is daunting enough given that most of the interviewees are unable or unwilling to offer guidance on the areas worthy of investigation. Rightly so, that is the task of the auditor. Relatively inexperienced EMS auditors may find the task onerous and perplexing, even with the benefit of that day or so of training. What could be a most valuable investigation into the inner workings of the EMS turns into a quagmire as the auditor attempts to select a suitable and worthy line of investigation or alternatively is required to ask meaningless questions such as ‘ where are your operational control procedures’ or ‘what is meant by continual improvement of environmental performance in your area of work’. The use of phrases derived directly from ISO 14001:2004 ensures that the auditor quickly runs out of time and the auditee runs out of patience or interest.

How different the audit could be if only the auditor quickly jotted down the key points associated with environmental risk in the area under investigation. Look over the aspect register and see what has already been identified as significant. Make a note of those issues. Think also about which types of environmental legislation is important in the area of the audit. If in doubt, ask the environmental manager for guidance and make a note of any requirements that could make demands on the organisation. The next part of this ‘quiet’ moment prior to the audit is to ask oneself how these issues are actually managed and how those laws are complied with. Are the controls adequate to manage the risk? By focusing on just one or two key issues, the auditor stays right on track, keeps the audit relevant by drilling down to the detail that may, or may not, reveal deficiencies in the system. Either way the auditor commands attention because there is logic and reasoning behind the audit questions.

One example of this approach related to a recent internal audit carried out on behalf on a large engineering company. A serious concern arose with regard to the classification of a series of effluent sludge consignments arising from a settlement pit. Of around 12 other different waste types, this attracted attention purely because it was a high risk issue. The relatively new hazardous waste legislation provided an immediate audit trail and by focusing on this waste stream rather than cardboard or scrap metal, the audit provided the site’s management with an high priority opportunity for improvement that was quickly addressed.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

On a recent Advanced EMS Auditor training course, there was particular interest from delegates in exploring the issues relating to the personal scope of each auditor. The case study required each delegate to work within a tightly defined area and this restricted their range of questions and confined their audit trail investigations. The area was defined by location and also by the element of ISO 14001 and this was included within the timetable. This narrowing of the scope of the audit concerned some delegates, who believed that they should audit anything and everything in that location.

“If we are in the production hall, why not audit aspects, legal, responsibilities, training, communications, operational procedures, emergency planning and finish off with monitoring and measurement?”

The answer is that you only have a limited amount of time and an audit should take a representative and relevant sample of the management system in that area. This guidance can present a challenge. Many distractions can be provided by the auditee (intentionally or otherwise) and one or two of the delegates found themselves spending most of their allocated 15-minute simulated interview auditing an entirely different issue to that required by the timetable. The ‘time-out’ called by the trainee lead auditor enabled the interview to regain its direction.

In real EMS audit situations, where the auditor is well aware of the scope, audit trails may lead you away from the element or topic that is presented in the timetable. Let’s say that the auditor is required to investigate the degree of legal compliance (4.5.2. of ISO 14001) of effluent plant operations. During the course of this investigation, the auditor discusses legal requirements with the operator and supervisor and it emerges that there is little understanding of the EMS by these persons. Training now becomes the focus of attention, and the auditor moves away to view training records and competency assessments in the HR department.

The experienced auditor will ensure that all issues relating to legal compliance in the effluent plant have been examined and that clear answers relating to this topic have been obtained regardless of anything else that is found. It is likely that most of the time allocated to the effluent plant investigation will be taken up with these questions and that the training issue will need to be investigated later either by the same auditor, or another team member if that proves to be a more sensible option.

Timetabling and scoping disciplines placed on enthusiastic delegates within the training environment ensures that a more systematic and professional approach continues into the real world of EMS auditing.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

It would be interesting to undertake a survey of the companies that have an ISO 14001 certificate to find out who performs the required internal EMS audit. Is there a rigorous selection process that is used by the environmental manager to identify the cream of the crop? Is there a long queue of hopefuls making early representation with regard to their attributes and suitability as EMS auditors? The answer to both these questions is a resounding no! In fact you may be taken by complete surprise to learn that the opposite is actually the case. There is usually little interest in the role and it takes a significant amount of persuasion to recruit even a team of two to undertake audits that could be classed, over an ISO 14001 certificate’s life, as being representative and comprehensive.

The reasons why this situation exists may be many and varied and may be completely unrelated to the fact that the task is an audit in the first place. One reason may simply because someone is asked to do yet more work, for the same pay and within the same amount of time. In other words, there is no carrot.
It could also be linked to the fact that it is an audit - “we want you to investigate the activities of your work colleagues and tell us if they are following all the procedures and requirements that are contained within the EMS manual”. Its hard to imagine a more challenging and contentious task! Especially if there are a number of issues that could be revealed and require attention before the external certification auditor calls.
The fact that EMS audits are becoming increasingly technical and demanding is not lost on the potential pool of auditors. The one-day auditor training course down the road is probably unlikely to provide the necessary skills and training and it is often the case that resources are insufficient to enable the auditor to absorb the required skills to undertake an effective audit.

As desperation sets in and the months roll by and the red cells automatically populate the audit programme spreadsheet, the environmental manager may resort to a very cunning plan. Yes, they do it themselves! The logic is this – “as an expert in environmental issues, as the person who knows most about the workings of the EMS, and to minimise the outlay of financial resources, it is logical and most convenient that I do the audit”. The first three assumptions may well be correct, but the latter statement is more open to serious debate.

There are many managers who think that this approach is acceptable. After all, surely it is better that an audit is completed by someone who knows the system, rather than not at all? The answer to this frequent dilemma lies within ISO 19011, Section 4(d) which states quite clearly that “auditors are independent of the activity being audited and are free from bias and conflict of interest”.

It’s now time for environmental managers to demonstrate this clear requirement to their senior management and provide the necessary resources and rewards that may create those elusive queues to join the EMS audit team. Now there’s a challenge! Continue the debate on the IEMA forum.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

In my youth I was, along with many young boys (and maybe even some girls), a casual reader of the fantasy comics in which the dynamic hero always triumphed over adversity. This was usually achieved by taking huge risks, flying through the air at great speed and quashing the enemy against impossible odds. Without any of these rare aerodynamic attributes, reckless nerve and the ability to act calmly under all kinds of pressure, I sometimes wonder, in the course of my work, if there is the opportunity for an EMS auditor to perform a similar miracle. Maybe not, until I read through one of the many reports that has been issued so far relating to the largest explosion disaster in peacetime Europe - Buncefield.

It was a surprise to me that the event could possibly arise from an industrial ‘accident’. The sheer scale of the event was stunning and the fact that no deaths occurred was equally amazing. For me the most interesting point concerning the post-event analysis was contained within a Safety Alert issued in July 2006 which related to the maintenance of the high-level safety devices that are designed to provide an alert to a high level of liquid contained within a tank. The high level alarms were tested by raising a switch in order to simulate the high-level situation and to demonstrate that the alarms were working properly. On completion of this test, the switches should be returned to the normal position and locked in place using padlocks provided as part of the equipment, as specified in the appropriate manufacturers instructions. The Safety Alert went on to state that failure to do this can lead to the switch being made inoperative during normal operating mode even though it would give the appearance of functioning normally when tested.

So could you, as an EMS auditor, have been in a position during a routine periodic audit of such a fuel depot, to recognise that this issue could lead to such a catastrophic event?

The aspect evaluation assessment may actually divert the auditor from this audit trail. It is a large fuel depot and any fuel leak would be regarded as a very serious event. However, the likelihood of such an event occurring may have been considered to be so small, that the resulting risk / impact rating re-enforced the view that sufficient controls were in place. Audit them thoroughly. Consider how the fuel could escape – either by leaking pipes or holes in tanks, or somehow overflowing the tank during pumping operations. The latter could be caused by blockages or inactive or faulty alarm systems. The testing of these alarms is carried out according to procedures, so the auditor should carry out detailed investigations in this area.

In my view, the real skill of the EMS auditor lies in the selection of relevant areas to audit (those with the potential to cause harm and damage), the way in which the auditor follows lines of questioning and the degree to which the auditor understands how these types of catastrophic event can arise. The work of the EMS auditor continues in real life - while Superman lives in fantasyland!

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

n Marsden (FIEMA)

Looking at the number of companies that hold an ISO 14001 certificate can provide a useful barometer of the success of the ISO system (accreditation and certification) around the world. Broadly speaking, there are currently around 130,000 certificates issued worldwide, with about 5,500 in the UK. China and India lead the field with around 15,000 to 20,000 each. Estimation of numbers is not an exact science, nor should it be given that one certificate could cover a significant number of sites for a large manufacturing and warehousing business.

The number of companies certified to ISO 9001 globally is around 750,000, and the number of certificates issued to OHSAS 18001 I personally believe exceeds the number of ISO 14001 certificates issued. This is to be expected given that ‘quality’ and ‘health & safety’ are ubiquitous. Companies supply goods and services and have employees, so it follows that they require extensive sets of procedures that deal with the range of applicable issues.

It could also be quite easily argued that environment affects all businesses as well. Banks, insurance companies, architects, warehouse operations, transport fleets, salmon farms, as examples, all have their share of environmental issues to address. So why are the numbers of certificates less for ISO 14001 than for ISO 9001? Why is the rate of growth of OHSAS 18001 certificates much greater than the steady climb in numbers for ISO 14001?

One reason could be that the direct environmental issues (the significant aspects associated with it’s defined scope) are perceived to be fewer in number than the range of ‘quality’ or ‘H&S’ issues that apply to a typical business. The many thousands of small businesses that already hold an ISO 9001 certificate collectively most probably have a huge impact on the environment. If that is true, it would surely be advantageous to the environment of our world if an integrated management system standard could be developed that would encourage the 400,000 companies to bolt-on the one or two relatively ‘big’ environmental issues into their existing management system.

One example is a small but thriving road repair business that operates in my village. It already has ISO 9001 and has built health and safety into the system. The management of gas, fuel, waste containers and bitumen could easily become a documented process that would be managed, monitored and controlled systematically. The integrated management system auditor would then simply add this to the scope and at appropriate intervals ensure that the company follows it’s obligations stated in the policy.

Replicate that over 400,000 times and you have a very worthwhile achievement in place.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

A recent EMS audit of an engineering product company drew my attention to the need for an ISO 14001 certification auditor to stand back from the fine detail of an EMS and see the wider perspective of what an EMS is supposed to do. Findings from some of their internal HSEQ audits revealed items such as backup torque wrenches being outdated with their calibration, or some low-risk environmental purchasing procedure being at the incorrect revision. Trivialisation immediately came to mind.

The company in question for this visit had undergone an initial assessment to ISO 14001 several years ago with another certification body, and as the number of significant environmental issues had been whittled down, there seemed to be little scope for further improvement. However, on closer inspection, the register did show that general waste had worked it’s way up the priority list and now was sitting near the top.

Members of the management team were interviewed as part of the audit, and it was revealed that the recent EMS Review presented information on various items such as energy monitoring, funding for heat recovery and some other issues relating to procurement policy. However, waste minimisation itself was not considered at all (probably because a number of earlier initiatives to research opportunities relating to waste minimisation and recycling had been lost in the mists of time).

A large amount of plastic strapping was regularly binned, significant quantities of cardboard were dumped in skips and about 200,000 small plastic bags per year were used to transport fasteners from one part of the production line to the next. They were then disposed into bins, eventually finding their way into the large compactor. My impression was that the EMS was simply not working because the company was unknowingly struggling to translate the results of the aspect evaluation into meaningful objectives and programmes. A literal ‘waste of effort’.

The potential for recycling cardboard, separating out the plastic strapping at source and making sure that metal components were not able to contaminate the plastic waste provided a fresh approach to an old problem. The solution required a small research programme followed up by a change to the entrenched waste disposal procedure.

The ISO 14001 certification process provides an excellent opportunity for a independent auditor to look over the system and to verify that significant areas from an environmental perspective have been addressed as part of the EMS. Management representatives are sometimes unable to recognise an opportunity, often because they have many different jobs to perform, sometimes they are simply too close to the action. Sometimes they are not given the ‘clout’ needed to make senior management sit-up and take notice.

By focusing attention on the need for a coherent strategy and action plan to address the waste stream, the company regained it’s enthusiasm for waste minimisation and as a result hope to reduce waste costs by at least £10,000 per year and provide a solid platform for recycling and reuse of resources in the future.

John Marsden (FIEMA)
info@marsden-international.com

John is an independent management system auditor who works for a number of international certification bodies.

Article Published December 2010

Inspiration for the final and thirty third article in this series of ‘The Auditor’ was proving elusive whilst enjoying another train trip to Aberdeen in readiness for an offshore HSE Audit. However, a casual browse through a borrowed Sunday newspaper magazine revealed amazing images of a sinking oil platform off the coast of Brazil. Here was the inspiration for the final article in ‘The Auditor’ series.

The sheer scale of this disaster, which happened in 2001 with the loss of 11 lives was of the highest magnitude possible - the platform was the largest in the world at the time. The accompanying article, written by an award-winning journalist, wove an interesting mix of personal comments gleaned from various sources which included the wife of a petroleum engineer who died in the accident, an oil workers’ union representative and two injured subcontract workers. The overall article embraced the broader sustainability and ethical viewpoint, pointing a finger at the social and financial inequality caused by the mishandling of wealth generated by a rapidly expanding oil industry.

With particular reference to the disaster itself, the emotive nature of the article can be balanced by reading the official and verified report published in June 2001 by the Inquiry Commission of the P-36 accident, easily downloadable via the web. This document provides a summary of the findings which describes how a number of factors led to the explosion and sinking of the platform. The report states that a rupture of the starboard emergency drain storage tank took place due to accidental entry of hydrocarbons followed by an increase in pressure. Various other events combined which led to the two explosions and ultimately, the loss of the platform.

One interesting point for the auditor is that the magazine article refers to comments made by the engineer to his wife prior to the accident – the unverifiable personal testament which pointed to some particular concerns raised about the safety of platform. One was that “one of the valves in the legs is not working”. Another comment was that “a tank that contained the run-off gases had been placed in the leg of the structure, a potentially fatal oversight”. The communication of these, and probably other concerns, were made to management which were apparently “brushed off”. The number of accidents reported was also up for scrutiny, implying that under-reporting of incidents and accidents was the norm.

The formality and rigour of the official report on one side and the almost casual personal viewpoint expressed by the newspaper article both provide vital information and lines of enquiry for the auditor. In particular, what mechanisms existed for proper communication of safety concerns? What maintenance regimes were in place, especially for checking venting and valve operations? What formal reviews were carried out at the design stage of the platform? Why were inspection doors left open? Perhaps most importantly of all, why was the risk assessment process inadequate?

Environment, health and safety and performance risk all come together on an oil platform. Fact, fiction and all that lies inbetween are similarly entwined and it is the work of the HSE auditor to tease them apart in order to reveal real and vital opportunities for improvement.

John Marsden (FIEMA)

John Marsden is an independent management system auditor who works for a number of international certification bodies.

n
John is an independent management system auditor who works for a number of international certification bodies.

John Marsden (FIEMA)