REVISION OF ISO 14001 New Developments in June 2013 This report was prepared by: Nigel Leehane and reviewed by: Bryan Hughes
Bringing sustainability and safety to the world’s most complex environments
Revision of ISO 14001 New Developments in June 2013
TABLE OF CONTENTS 1.0 Introduction
3
1.1 Background 1.2 Where can you find out more?
3 3
2.0
Environmental aspects and business risk: One or two processes?
4
3.0
The need for documenting management system processes
5
4.0
The ongoing debate about controlling the value chain
6
5.0
Enhanced emergency preparedness and response
7
6.0
What performance criteria should organisations measure?
8
7.0
Revised timeline and milestones for the revision process
9
8.0
How can CRA help with the transition to ISO 14001:2015?
10
900002 August 2013
2
Revision of ISO 14001 New Developments in June 2013
1.0 INTRODUCTION 1.1 Background
1.2 Where can you find out more?
ISO 14001:2004 is being revised. The International Organisation for Standardisation (ISO) working group responsible for revising the text met at the end of June, with the objective of developing a new draft for consultation. Unfortunately, the group did not have enough time to review all comments from the previous consultation, and so the next draft will not be issued until after another meeting, scheduled for early October 2013.
CRA will be publishing briefings throughout the revision process on our website. If you would like to receive updates on this and other topics, then please subscribe to our quarterly newsletter via our website. Existing subscribers will automatically receive the newsletters and any other ISO 14001 briefings.
However, the consultation responses on many of the clauses were addressed, with some clauses being substantially re-written. Areas of development include: 1. The relationship between environmental risks (aspects) and business risks; 2. The need for documenting management system processes; 3. Addressing the value chain in its upstream and downstream phases; 4. Emergency preparedness and response plans; and 5. Determining the criteria against which performance is measured.
This e-book is the second CRA has produced on the revision of ISO 14001. Earlier this year, following the production of the March 2013 draft of the standard, CRA produced an e-book titled “Key Changes Proposed in the March 2013 Draft” which identified seven major changes that are planned for the standard. This e-book, which explains these changes in detail, aims to help you appreciate the key themes of the revision, and what auditors may expect from you once ISO14001:2015 is released. This ebook is still available for download from our website home page. Nigel Leehane is one of the UK’s technical experts appointed to the ISO working group revising 14001. Please contact him on 0115 965 6700 or nleehane@cra.co.uk if you would like to know more about the changes to ISO 14001 and the implications for your organisation.
This report takes you through these five areas of development, with the aim of keeping you abreast of the progress towards the new standard, and what you can expect once it is released in 2015.
900002 August 2013
3
Revision of ISO 14001 New Developments in June 2013
2.0 ENVIRONMENTAL ASPECTS AND BUSINESS RISK: ONE OR TWO PROCESSES? The ISO Future Challenges report on the revision of ISO 14001 did not make any specific recommendations in relation to the treatment of risk, but it did recommend the strengthening of the relationship between environmental management and the core business, especially at the strategic level and in the context of business opportunities. The High Level Structure for management systems also provided core text on addressing risk, including taking into account the organisation’s context and stakeholder expectations. In the last draft (Committee Draft 1 (CD1)), circulated for comment earlier this year, these had been incorporated in a clause which made reference to an overall assessment of risk, including context and environmental aspects, and with subsequent requirements explaining how to identify and assess environmental aspects and identify legal requirements. This did not have a logical flow.
This new approach has much to recommend it, as it clearly links environmental issues to business strategy. However, it appears to mandate a two-stage risk evaluation process, firstly involving environmental aspects and then broader business considerations. In reality, organisations may elect to apply a single stage risk evaluation process, and it is not clear that the current text allows this. Also, the current text under-emphasises the implications of changing environmental conditions for the business. The current definition of a significant environmental aspect is one that can have a significant environmental impact. The evaluation of business risks, based on significant environmental aspects, therefore excludes the consideration of environmental impacts on the business, and planning for adaptation.
The latest draft text, taking account of comments on CD1, has a new structure: • Identifying environmental aspects; • Identifying legal requirements; • Assessing the significance of aspects, taking account of legal requirements and organisational context; • Evaluating the business risks and opportunities resulting from the environmental aspects; • Planning to take action to address environmental aspects; and • Planning to take action to address business risks and opportunities.
900002 August 2013
4
Revision of ISO 14001 New Developments in June 2013
3.0 THE NEED FOR DOCUMENTING MANAGEMENT SYSTEM PROCESSES When developing a management system, a question often asked is “what has to be covered by a procedure?” The 2004 version of the standard defined a procedure as “a specified way to carry out an activity or a process”, which can be documented or not. A total of twelve clauses state that a procedure is needed, for example for aspects assessment, communications, monitoring and auditing. However, the only requirement for documented procedures is for operational control. In reality though, most organisations document their procedures for many of the processes in the management system, in an effort to ensure that the requirements are understood and are implemented consistently.
So, will the HLS ensure that the revised ISO 14001 has a more flexible approach to the implementation of procedures or processes? Not exactly! The working group decided that there is a need to ensure that certain environmental management processes are documented. The revised text uses the term “specify the way it will implement and maintain a process”, for the following five EMS processes:
In some cases, the proliferation of procedures in a management system has resulted in a reluctance to follow them, as to do so would take up too much time and not necessarily deliver any benefit. Unfortunately, the term “procedure” has come to represent unnecessary bureaucracy and inefficiency.
• Non-conformances.
The ISO High Level Structure (HLS) common text for management systems does not use the term “procedure”. Instead, it explains that a management system establishes a set of inter-related processes, which can be documented. The individual clauses do not specify that a process is needed to achieve the required outcome, but simply explain what that outcome should be. For example, the clause on auditing specifies that the organisation will carry out audits, but not that it has a process for doing this. The earlier explanation that a management system will be based on a set of processes is sufficient to imply that processes will be established (and documented) where the organisation itself determines that this will be useful. The only specific reference to processes is in the clause on operational control.
900002 August 2013
• Identification and assessment of environmental aspects; • Identification of legal requirements and voluntary obligations; • Emergency preparedness and response; • Evaluation of compliance; and
So, although there is no mandatory requirement for documenting procedures for many management system processes, the revised standard emphasises the need to ensure that certain processes critical for environmental management are set out. In practice, organisations inevitably will document the way in which they intend to manage their activities and their EMSs, to ensure that objectives are achieved and policy commitments satisfied. It is up to them to determine the level of documentation needed, and hopefully to develop effective and user-friendly tools (whether called “procedures”, “processes or anything else) for the job.
5
Revision of ISO 14001 New Developments in June 2013
4.0 THE ONGOING DEBATE ABOUT CONTROLLING THE VALUE CHAIN The ISO working group did not conclude its work on the further development of requirements for ISO 14001 relating to the value chain. The previous draft of the standard focused on addressing procurement and outsourced processes, with expectations that organisations should exercise some degree of control of these, and also with regard to design. This attracted a significant number of comments from consultees, some favourable and others urging caution in relation to imposing unrealistic requirements, especially for SMEs. The response of the working group was an attempt to clarify the scope of the requirements, defining procurement and outsourcing as being upstream functions, and retaining the text in relation to those being controlled. It defined as downstream the delivery, use and disposal of products, and suggested that design and communication should be applied there. Unfortunately, this does not adequately address some of the concerns relating to the earlier draft, and it is also potentially confusing. For example, if an organisation procures a service to deliver its products, is this to be viewed as an upstream (procurement) or downstream (delivery) stage in the lifecycle?
It is to be hoped that the working group dispenses with the categorisation of control measures into the upstream and downstream approaches, and instead focuses on the necessary controls themselves, regardless of where they are applied in the value chain. Retaining the robust text developed previously for the management of procurement and outsourcing, and developing similarly explicit requirements for design (whether of processes, goods or services is irrelevant) would be far more helpful to the user. Also, in order to address the concerns that these requirements are too onerous for SMEs, the use of “as appropriate� would provide organisations with the opportunity to justify exclusions, where genuinely warranted.
Also debated, with no conclusion being reached by the end of the meeting, was the moving of design into the operational control clause, on the grounds that design is a means of controlling or influencing downstream environmental aspects. Obviously, the same argument could be used for the control of procurement (the 2004 version addressed the purchase of goods and services in the operational control section). The Future Challenges study recommended that more emphasis be given to the value chain, and merging design, and potentially procurement, into operational control seems a perverse way of achieving this.
900002 August 2013
6
Revision of ISO 14001 New Developments in June 2013
5.0 ENHANCED EMERGENCY PREPAREDNESS AND RESPONSE “14001-conforming� organisations have a procedure for identifying and evaluating potential emergency scenarios and planning to respond in the event that an incident occurs. Many such organisations also develop emergency response plans as a key part of this process. However, having an emergency response plan is not a requirement of the 2004 edition of ISO 14001. Its requirements are the identification of potential emergencies and responses, responding to emergencies, review of procedures after an emergency and periodically testing the procedures. The latest draft of the revised text specifically requires the development of an emergency preparedness and response plan, which sets out how the organisation will respond to the identified emergency scenarios. This is a far more pragmatic approach, reflecting actual practices in emergency control. The remainder of the clause focuses on the application of the emergency response plan, its testing and revision. The emergency preparedness and response clause draft text also specifies that the response to an incident should be appropriate to the magnitude of the emergency and the potential environmental impact, again applying common sense to an important area of environmental management. There have been too many examples of organisations responding inappropriately or too robustly to an incident, resulting in greater impacts than those from the emergency situation itself. As always, organisations should ensure that emergency preparedness and response plans are modified to reflect changing circumstances, and that these new requirements are documented and communicated to all relevant staff. There is no excuse for staff having to rely on outdated emergency plans!
900002 August 2013
7
Revision of ISO 14001 New Developments in June 2013
6.0 WHAT PERFORMANCE CRITERIA SHOULD ORGANISATIONS MEASURE? The 2004 edition of the ISO 14001 standard specifies that organisations should measure “the key characteristics of its operations that can have a significant environmental impact”, in other words, of its environmental aspects. It went on to elaborate that the organisation’s monitoring procedure should address the monitoring of performance, applicable operational controls, and “conformity with the organisation’s environmental objectives and targets”. The latest draft of the revised text is based on the High Level Structure, but also incorporates the use of performance indicators for monitoring and measuring key environmental factors, as recommended by the Future Challenges report. It is also more specific regarding what should be monitored, and is clearer in this than the 2004 version. The draft provides a bulleted list, which includes, in addition to characteristics which may have an environmental impact and operational controls: • Characteristics necessary for the evaluation of compliance;
The inclusion of the value chain is likely to prove contentious, but the current wording does specify that this should only be undertaken if appropriate. The test will be the significance of the value chain aspects and the organisation’s ability to exercise effective and beneficial control. The draft also adopts High Level Structure text in relation to how monitoring and measurement should be carried out, including the selection of methods and criteria, etc. Importantly, it also requires that organisations determine “when the results from monitoring and measurement shall be analysed and evaluated”. This will help to ensure that monitoring results are not just filed, but are used to identify opportunities for improvement. Auditors, internal and external, should aim to determine conformance with these new requirements, thereby encouraging improved monitoring and measuring practices and the more effective use of the resultant data.
• Characteristics related to value chain control (if appropriate); and • Progress towards (not conformity with) environmental objectives. Importantly, this emphasises the need to monitor or measure the operational and other factors relating to compliance, encouraging organisations to better understand their compliance status, almost on a real time basis, rather than just after a compliance audit. Similarly, the emphasis on objectives is not just to conform to them, i.e. be able to demonstrate that they have been achieved after a period of time, but to understand how the organisation is making progress towards them. In both these cases, the standard is using monitoring and measuring as a management tool, rather than a test of conformity.
900002 August 2013
8
Revision of ISO 14001 New Developments in June 2013
7.0 REVISED TIMELINE AND MILESTONES FOR THE REVISION PROCESS The working group responsible for revising the text met at the end of June, with the objective of developing a new draft for consultation. Unfortunately, the group did not have enough time to review all comments from the previous consultation, and so the next draft will not be issued until after another meeting, scheduled for early October 2013. The intention is to produce a “Committee Draft 2”, which will be sent to ISO member bodies and their committees for comment, probably for 3 months from November 2013. Following this, a “Draft International Standard” will be completed in May 2014 and made available for public consultation for 3 months from September 2014. The revised standard will be completed by February 2015 and sent to the ISO member bodies to vote to accept it for publication. Assuming it passes the vote, it will be published in May or June 2015, rather than January 2015 as planned. ISO 14001 Revision Timescales Working Group Dates
October 2013
May 2014
February 2015
Output
Committee Draft 2
Draft International Standard
Final Draft International Standard
Consultees
ISO Members and their committees
ISO Members and the public
ISO Members
Probable Consultation Period
Nov 2013 - Jan 2014
Sept - Nov 2014
Vote Mar - Apr 2015
Publish May - Jun 2015
900002 August 2013
9
Revision of ISO 14001 New Developments in June 2013
8.0 HOW CAN CRA HELP WITH THE TRANSITION TO ISO 14001:2015? CRA is in a unique position to provide support to organisations with the transition from ISO 14001:2004 to ISO14001:2015. Participating in the ISO working group carrying out the revision means that we have insights into the potential direction of future drafts leading up to 2015. We can also appreciate the intentions and reasoning behind the changes to the standard. CRA can help organisations, such as yours, develop a plan to review and modify their systems to meet the requirements of ISO 14001:2015.
Although the revised standard will not be published until 2015, there are advantages in undertaking a gap analysis now against the likely requirements, so that organisations can start to plan their system enhancements. Additional Services CRA can provide support in all aspects of system redevelopment, but at an early stage clients may wish to consider:
Gap Analysis The starting point is to undertake a gap analysis of existing systems being used by the client, not only the EMS, but other related business processes, with which ISO 14001:2015 will expect a greater degree of integration. Owing to the increased emphasis on higher level business management, this should also include processes for strategy development. The gap analysis would focus on all the areas of change and would also explore how the new structure (based on the ISO high level structure for all management systems) can be accommodated. It is not a requirement to adopt the new clause numbering system, provided the new requirements are incorporated into the organisation’s system. We can provide guidance on how these requirements can be interwoven with an existing management systems structure.
• Briefings to senior management on the implications of the revised standard; and • Training EMS staff in carrying out detailed review and system modification tasks. For Further Information Nigel Leehane is one of the UK’s technical experts appointed to the ISO working group revising 14001. Please contact him on 0115 965 6700 or nleehane@cra.co.uk if you would like to know more about the changes to ISO 14001 and the implications for your organisation.
The output of the gap analysis would include: • Recommendations for addressing the new requirements of ISO 14001:2015; • Guidance on integrating these and existing EMS arrangements further into other business processes; • An appropriate and achievable timeline for system redevelopment; and • Recommendations for developing and empowering a system review team.
900002 August 2013
10
CRA Europe Synergy House, Unit 1, Calverton Business Park, Hoyle Road, Calverton, Nottingham, UK NG14 6QL T: +44 (0) 115 965 6700 E: info@cra.co.uk
F: +44 (0) 115 965 5282 W: www.cra.co.uk
Bringing sustainability and safety to the world’s most complex environments