No Slide Title
Download
Report
Transcript No Slide Title
National Academy of Public Administration
Third-Party Auditing of
Environmental Management Systems:
The U.S. Registration System for ISO 14001
www.napawash.org
Presentation Outline
Project Purpose
Research Questions and Methods
Panel Recommendations:
Clarifying
expectations of the EMS
registration system
Maintaining public confidence in the
registrar accreditation program
Increasing auditor professionalism
Interpreting the ISO 14001 standard
Improving the registrar selection process
The Purpose of the Project
Promote greater understanding of how
the U.S. ISO 14001 accreditation,
registration and auditing system works
Clarify expectations regarding what the
system is designed to deliver
Identify areas where the system should
be strengthened
Research Questions
How does ISO 14001 compare with other
forms of auditing?
How does the system maintain integrity
and credibility?
How do the auditors do their job?
How do they interpret the requirements of
the standard in assessing conformity?
Additional Questions
What do organizations look for in a
registrar?
How can registration practices be
tailored to the needs of small- and
medium-sized businesses and
government operations?
Research Methods
Interviews
• ANSI-RAB National Accreditation Program
(NAP), accredited registrars, EMS auditors,
organizations and interested individuals
Observation
of three EMS audits
Document review and analysis
Panel deliberation and consideration
Panel Conclusions
The system is developing well at this
early stage
More than 1,100 registrations have
been awarded in the U.S.
Over
18,000 worldwide
The system appears to be keeping
up with this growth without becoming
overwhelmed or suffering a decline in
quality
Unresolved Issues
Variations in interpretation and
professional norms
Maintaining and enhancing credibility
with government and the public
Understanding the ISO 14001
Registration System
The ISO 14001 System
ANSI-RAB NAP accredits registrars
Accreditation
is voluntary
Registrars hire auditors
RAB
offers voluntary auditor certification
Organizations contract with registrars
Auditors assess ISO 14001 conformity of
organizations seeking registration
Registrars register organizations, keep own
lists of registrations awarded
Conflicting Expectations
Internal management improvement
Business-to-business assurance
Public certification of good environmental
practices
Justification for government benefits
Recognition,
regulatory flexibility
Privatized regulatory oversight, inspection
Compliance
assurance
Current Practice
A business-to-business transaction
But
involving public concerns (compliance,
prevention of pollution)
A management systems standard
Not
an environmental compliance or
performance standard
But audits improvements in systems for
assuring compliance and performance
EMS Auditing
How does ISO 14001 auditing compare
with financial auditing?
with environmental compliance
auditing?
Financial Auditing
Public agency (SEC) does registration, sets
auditing standards
ISO
14001 is entirely business-operated
Financial audits accompany a public financial
statement
Only
environmental policy statement is public
Financial auditors are certified, liable (as are
consultants)
EMS
auditors not liable, certification voluntary
Financial auditors subject to peer review
EMS
auditors are not, except accreditation audits
Financial Accounting
Provides Lessons
ANSI-RAB and the registration
community should develop a peer
review system
ANSI-RAB should consider requiring
certification for EMS auditors and
consultants
EMS vs. Compliance Audits
An EMS audit is not a compliance
audit
Samples,
does not inspect for all
regulations
But must audit effectiveness of systems
for assuring compliance, correcting and
preventing violations.
A compliance audit is not an EMS audit
Inspects
for violations, but not responsible
for systems to prevent recurrences.
ANSI-RAB and government should
EMS Audits vs. Public Policies
Some environmental agencies are
now using EMS registration as a
program requirement
The ISO 14001 registration and
auditing system has strengths and
limitations, irrespective of
government incentives
Public policy initiatives should
consider the inherent strengths and
limitations of this system when
Registrar Accreditation:
How does the system maintain integrity
and credibility?
National Accreditation
Program Role Paramount
The National Accreditation Program
is the principal guardian of the
credibility of auditing and registration
ANSI-RAB must assure that
registrars and their auditors are
competent and consistent in their
practice
ANSI-RAB must act fairly but
vigorously to correct, sanction, or
suspend poorly performing registrars
Insuring Registrar
Professionalism
More guidance needed on minimum
standards for initial registration
auditing
Closer
scrutiny of registrars’ scoping
and bidding processes and effortallocation criteria is needed
Not based solely on audit-days on site,
but on best practices for pre-audit
planning, budgeting, scoping, team
composition, and on-site audit visits
Complaints and Sanction
Process Must Be
Robust
ANSI-RAB provides only limited
public information on complaints
ANSI-RAB should list publicly the
numbers, types, and disposition of all
complaints received
ANSI-RAB should certify its own
complaints-management process to
the ISO 9000 quality systems
standard
Timely and Accurate
Registration Data Needed
No single source for this information
Central public listing of all registered
organizations needed
Including
scope of registration, dates,
registrar
Regularly updated to show
discontinuance or suspension of
registration
Auditor Professionalism:
How do EMS auditors do their job?
Insuring Auditor Proficiency
Qualifications of EMS auditors vary
widely
QMS
experience, environmental
expertise, industry sector experience
Requirements for environmental
expertise should be strengthened
ANSI-RAB should consider requiring
certification for EMS auditors
And
at least voluntary training and
certification for EMS consultants
More Guidance on Auditor
Independence Is
Needed
Some businesses want auditors to
“add value” during their visits
E.g.
best practices, suggestions for
improvement
ANSI-RAB forbids consulting by
auditors
Guidance is needed to educate
auditors and clients on appropriate
activities of auditors
What
is inadequate, not how to fix it
Judgments should be
documented
Auditing requires professional
judgment
Auditors
should document the basis for
each judgment on non-conformances.
Auditable documentation also is needed
to support an auditor’s overall
assessment of an EMS and
recommendation for or against
registration
Interpreting the Standard:
How assure consistent criteria across
registrars, auditors, registered firms?
What Does Conformity Mean?
ISO 14001 requires auditable
commitments
To
compliance, prevention of pollution,
continual improvement
ISO 14001 drafters were deliberately
ambiguous about these definitions
Many auditors therefore audit only
whether an organization has followed
its own goals
Conformity should mean meeting clear
Assessing Prevention of
Pollution
ISO 14001 definition is broader than U.S.
EPA’s “pollution prevention”
Does
not emphasize source reduction
Causes confusion, especially in U.S.
Meaning and criteria should be clarified
Auditors should assess evidence that firm
has considered reasonable options for
prevention of pollution
Assessing Continual
Improvement
ISO 14001 requires continual improvement
of the environmental management system,
not environmental performance
But
cannot justify claims that system is
improving if performance is not
ISO 14001 should more clearly define
criteria for continual improvement
Selecting a Registrar:
How should an organization choose a
registrar?
Registrar Selection
Many organizations do not select a
registrar carefully
QMS
registrar, word of mouth
Late in process, long after consultant
• Consultants are not necessarily trained in EMS, nor certified
Some use better criteria
Systems
knowledge, environmental expertise,
sectoral experience
Auditing philosophy
Many have limited understanding of EMS
auditing and its uses and value
Strengthen Registrar
Selection Process
ANSI-RAB and the registrars’ trade
association should develop an
interview guide for potential registrants
Purpose
and value of third-party EMS
auditing
Considerations in selecting a registrar
Steps in registrar selection, pre-audit
planning, and auditing and registration
process
More Detailed Evidence of
Third Party Benefits
Needed
Many U.S. businesses remain
skeptical as to whether benefits
exceed costs
Especially
small, medium-sized
enterprises
More detailed evidence of the
benefits and costs of ISO 14001
registration is needed
For
public and private sector organizations,
of all sizes
Customers mandating supplier EMSs could
More Help Needed for
SMEs
Cost savings: bundle or pool similar
SMEs in common EMS, by sector or
geographic region
The U.S. Technical Advisory Group
to ISO (U.S. TAG) should involve
more SMEs in its deliberations
Areas for Further Research
Auditor Training and EMS Course
Providers
Comparison of U.S. Registration
Practices to Registration Practices in
Other Countries
For a copy of the report
www.napawash.org