Transcript No Slide Title

National Academy of Public Administration
Third-Party Auditing of
Environmental Management Systems:
The U.S. Registration System for ISO 14001
www.napawash.org
Presentation Outline
Project Purpose
Research Questions and Methods
Panel Recommendations:
 Clarifying
expectations of the EMS
registration system
 Maintaining public confidence in the
registrar accreditation program
 Increasing auditor professionalism
 Interpreting the ISO 14001 standard
 Improving the registrar selection process
The Purpose of the Project
Promote greater understanding of how
the U.S. ISO 14001 accreditation,
registration and auditing system works
Clarify expectations regarding what the
system is designed to deliver
Identify areas where the system should
be strengthened
Research Questions
How does ISO 14001 compare with other
forms of auditing?
How does the system maintain integrity
and credibility?
How do the auditors do their job?
How do they interpret the requirements of
the standard in assessing conformity?
Additional Questions
What do organizations look for in a
registrar?
How can registration practices be
tailored to the needs of small- and
medium-sized businesses and
government operations?
Research Methods
Interviews
• ANSI-RAB National Accreditation Program
(NAP), accredited registrars, EMS auditors,
organizations and interested individuals
Observation
of three EMS audits
Document review and analysis
Panel deliberation and consideration
Panel Conclusions
The system is developing well at this
early stage
More than 1,100 registrations have
been awarded in the U.S.
 Over
18,000 worldwide
The system appears to be keeping
up with this growth without becoming
overwhelmed or suffering a decline in
quality
Unresolved Issues
Variations in interpretation and
professional norms
Maintaining and enhancing credibility
with government and the public
Understanding the ISO 14001
Registration System
The ISO 14001 System
ANSI-RAB NAP accredits registrars
 Accreditation
is voluntary
Registrars hire auditors
 RAB
offers voluntary auditor certification
Organizations contract with registrars
Auditors assess ISO 14001 conformity of
organizations seeking registration
Registrars register organizations, keep own
lists of registrations awarded
Conflicting Expectations
Internal management improvement
Business-to-business assurance
Public certification of good environmental
practices
Justification for government benefits
 Recognition,
regulatory flexibility
Privatized regulatory oversight, inspection
 Compliance
assurance
Current Practice
A business-to-business transaction
 But
involving public concerns (compliance,
prevention of pollution)
 A management systems standard
 Not
an environmental compliance or
performance standard
 But audits improvements in systems for
assuring compliance and performance
EMS Auditing
How does ISO 14001 auditing compare
with financial auditing?
with environmental compliance
auditing?
Financial Auditing
Public agency (SEC) does registration, sets
auditing standards
 ISO
14001 is entirely business-operated
Financial audits accompany a public financial
statement
 Only
environmental policy statement is public
Financial auditors are certified, liable (as are
consultants)
 EMS
auditors not liable, certification voluntary
Financial auditors subject to peer review
 EMS
auditors are not, except accreditation audits
Financial Accounting
Provides Lessons
ANSI-RAB and the registration
community should develop a peer
review system
ANSI-RAB should consider requiring
certification for EMS auditors and
consultants
EMS vs. Compliance Audits
An EMS audit is not a compliance
audit
 Samples,
does not inspect for all
regulations
 But must audit effectiveness of systems
for assuring compliance, correcting and
preventing violations.
A compliance audit is not an EMS audit
 Inspects
for violations, but not responsible
for systems to prevent recurrences.
ANSI-RAB and government should
EMS Audits vs. Public Policies
Some environmental agencies are
now using EMS registration as a
program requirement
The ISO 14001 registration and
auditing system has strengths and
limitations, irrespective of
government incentives
Public policy initiatives should
consider the inherent strengths and
limitations of this system when
Registrar Accreditation:
How does the system maintain integrity
and credibility?
National Accreditation
Program Role Paramount
The National Accreditation Program
is the principal guardian of the
credibility of auditing and registration
ANSI-RAB must assure that
registrars and their auditors are
competent and consistent in their
practice
ANSI-RAB must act fairly but
vigorously to correct, sanction, or
suspend poorly performing registrars
Insuring Registrar
Professionalism
More guidance needed on minimum
standards for initial registration
auditing
 Closer
scrutiny of registrars’ scoping
and bidding processes and effortallocation criteria is needed
 Not based solely on audit-days on site,
but on best practices for pre-audit
planning, budgeting, scoping, team
composition, and on-site audit visits
Complaints and Sanction
Process Must Be
Robust
ANSI-RAB provides only limited
public information on complaints
ANSI-RAB should list publicly the
numbers, types, and disposition of all
complaints received
ANSI-RAB should certify its own
complaints-management process to
the ISO 9000 quality systems
standard
Timely and Accurate
Registration Data Needed
No single source for this information
Central public listing of all registered
organizations needed
 Including
scope of registration, dates,
registrar
 Regularly updated to show
discontinuance or suspension of
registration
Auditor Professionalism:
How do EMS auditors do their job?
Insuring Auditor Proficiency
Qualifications of EMS auditors vary
widely
 QMS
experience, environmental
expertise, industry sector experience
Requirements for environmental
expertise should be strengthened
ANSI-RAB should consider requiring
certification for EMS auditors
 And
at least voluntary training and
certification for EMS consultants
More Guidance on Auditor
Independence Is
Needed
Some businesses want auditors to
“add value” during their visits
 E.g.
best practices, suggestions for
improvement
ANSI-RAB forbids consulting by
auditors
Guidance is needed to educate
auditors and clients on appropriate
activities of auditors
 What
is inadequate, not how to fix it
Judgments should be
documented
Auditing requires professional
judgment
 Auditors
should document the basis for
each judgment on non-conformances.
 Auditable documentation also is needed
to support an auditor’s overall
assessment of an EMS and
recommendation for or against
registration
Interpreting the Standard:
How assure consistent criteria across
registrars, auditors, registered firms?
What Does Conformity Mean?
ISO 14001 requires auditable
commitments
 To
compliance, prevention of pollution,
continual improvement
ISO 14001 drafters were deliberately
ambiguous about these definitions
Many auditors therefore audit only
whether an organization has followed
its own goals
Conformity should mean meeting clear
Assessing Prevention of
Pollution
ISO 14001 definition is broader than U.S.
EPA’s “pollution prevention”
 Does
not emphasize source reduction
 Causes confusion, especially in U.S.
Meaning and criteria should be clarified
Auditors should assess evidence that firm
has considered reasonable options for
prevention of pollution
Assessing Continual
Improvement
ISO 14001 requires continual improvement
of the environmental management system,
not environmental performance
 But
cannot justify claims that system is
improving if performance is not
ISO 14001 should more clearly define
criteria for continual improvement
Selecting a Registrar:
How should an organization choose a
registrar?
Registrar Selection
Many organizations do not select a
registrar carefully
 QMS
registrar, word of mouth
 Late in process, long after consultant
• Consultants are not necessarily trained in EMS, nor certified
Some use better criteria
 Systems
knowledge, environmental expertise,
sectoral experience
 Auditing philosophy
Many have limited understanding of EMS
auditing and its uses and value
Strengthen Registrar
Selection Process
ANSI-RAB and the registrars’ trade
association should develop an
interview guide for potential registrants
 Purpose
and value of third-party EMS
auditing
 Considerations in selecting a registrar
 Steps in registrar selection, pre-audit
planning, and auditing and registration
process
More Detailed Evidence of
Third Party Benefits
Needed
Many U.S. businesses remain
skeptical as to whether benefits
exceed costs
 Especially
small, medium-sized
enterprises
More detailed evidence of the
benefits and costs of ISO 14001
registration is needed
 For
public and private sector organizations,
of all sizes
 Customers mandating supplier EMSs could
More Help Needed for
SMEs
Cost savings: bundle or pool similar
SMEs in common EMS, by sector or
geographic region
The U.S. Technical Advisory Group
to ISO (U.S. TAG) should involve
more SMEs in its deliberations
Areas for Further Research
Auditor Training and EMS Course
Providers
Comparison of U.S. Registration
Practices to Registration Practices in
Other Countries
For a copy of the report
www.napawash.org