UNIVERSITI PUTRA MALAYSIA EMS I NTERNAL A UDIT W ORKSHOP 3 A PRIL 2015 9.00 AM – 5.00 PM...
-
Upload
aubrie-lang -
Category
Documents
-
view
218 -
download
0
Transcript of UNIVERSITI PUTRA MALAYSIA EMS I NTERNAL A UDIT W ORKSHOP 3 A PRIL 2015 9.00 AM – 5.00 PM...
UNIVERSITI PUTRA MALAYSIAEMS INTERNAL AUDIT
WORKSHOP3 APRIL 2015
9.00AM – 5.00PM
Facilitator : Hafriazhar Mohd. Mokhtar
Email : [email protected]
Mobile : +6019 258 5819
Climate Plus Sdn Bhd (805925-K)H-40-1A, Jalan Prima Saujana 2D,
Prima Saujana, 43000 Kajang, Selangor.climateplusmy.weebly.com
DELEGATIONS: QUALIFIED INTERNAL AUDITOR IN
ISO 14001:2004 EMS(REF.: UPM/ISO-EMS/P004; SEMAKAN 00; ISU 01;
15/7/2013)
OBJECTIVES:TO PROVIDE INTERNAL AUDITORS
WITH IMPROVED KNOWLEDGE AND TOOLS TO BE ABLE TO AUDIT AN IS0-
14001 ENVIRONMENTAL MANAGEMENT SYSTEM (EMS)
SUFFICIENTLY.
AGENDA OVERVIEW:
• Auditing
• IS0 14001 Framework
• EMS Principles
• EMS Internal Auditing
AUDITING
AUDITING
WHAT IS AUDITING?
Audit definition UNI EN ISO 19011 Ed. 2003: “Systematic, independent and documented process for obtaining audit evidence and evaluate objectively, in order to determine the extent to which audit criteria are fulfilled”.
Objectives of an Audit:
To achieve confidential knowledge of the conformity of the applied system by the organization that is object of evaluation, respecting the environment and conformity legislation.
AUDITING
WHO DO THE AUDIT?
Auditor definition: “Person with the competence to conduct an audit” (ISO 9000:2000. 3.9.9)
Audit team:
Also called a verification group, composed of an Audit Team Leader (Lead Auditor) as person in charge and assigned with a role of guidance of team member and reporting to auditee. In addition to this role, the team may also be composed of other figures identified as: audit team member (auditor), technical expert and observer.
AUDITING
TYPES OF AUDIT•Internal audits (or first party) carried out with the aim of verification of the accomplishment and effectiveness of the systems or some important aspects, like: particular operations, products and services, departments or functions of an organization.
•External audit (second party) audits carried out by an organization on its supplier/contractor (Client-Supplier relationship) using, in this case too, either internal personnel, usually an inter-functional team, or external society is entrusted with doing it.
•Certification audit (third party) independent of an organization, that has an aim release of the certificate of conformity with the requirements taken as a reference, that may be management systems.
AUDITING
Scope of an audit:
Audits carried out in an organisation, (they can be of the 1st, 2nd or 3rd party), have as a main scope judgement, through sample method, of the conformity of the implemented management system with the established requirements
ISO 14001
FRAMEWORK
ISO 14001 FRAMEWORKHERE WE
ARE!
EMS PRINCIPL
ES
EMS PRINCIPLES
ISO 14001 promotes these values:
•Think prevention before cure or correction•Environmental performance is everyone’s responsibility•Improving awareness and understanding helps to improve performance•Top Management must lead by example•Environmental management is risk management•Continual improvements never ends•In a system, everything depends on everything else (so does everyone)
EMS PRINCIPLES
So what is ISO 14001 about?
•It is a management framework to raise awareness and institute actions throughout the organization
•That makes environmental care a natural part of everyone's job
•In time, it develops an environmental culture just like the safety culture
•Everyone can do it naturally because it makes sense, and is a benefit to each individual as well as to the organization
EMS PRINCIPLES
But what is the different between ISO 14001 and 9001?
Boss to staff:“We’d like to develop your leadership skills so we are putting you in charge of the ISO 14001 project”
EMS PRINCIPLES
Quality Policy Organization
Management Representative
TrainingDocument and Data Control
Quality System Procedures, Contract Review, Design Control, Purchasing, Process Control, Handling, Storage,
Packaging, Preservation and Delivery, Servicing
Inspection and Testing, Control of Inspection, Measuring and Test
EquipmentCorrective and Preventive Action
Control of Quality RecordsInternal Quality Audits
Management Review
Environmental PolicyResources, Roles, Responsibility and Authority
Competence, Training and AwarenessDocument ControlOperational Control
Monitoring and Measurement
Non-Conformance and Corrective and Preventive Action
RecordsEnvironmental Management System
AuditsManagement Review
ISO 9001 ISO 14001
Similarities between ISO 9001 and ISO 14001:
EMS PRINCIPLESThe ISO 14001 EMS Model
4.5.1 Monitoring & Measurement4.5.2 Preventive & Corrective Action4.5.3 Records4.5.4 EMS Audit
4.5.1 Monitoring & Measurement4.5.2 Preventive & Corrective Action4.5.3 Records4.5.4 EMS Audit
4.4.1 Resources, Roles, responsibility and authority4.4.2 Competence, Training & Awareness4.4.3 Communication4.4.4 Documentation4.4.5 Document Control4.4.6 Operational Control4.4.7 Emergency Preparedness
4.2 Define Policy4.2 Define Policy
4.3.1 Identify Aspects4.3.1 Identify Aspects
4.3.2 Legal Requirements
4.3.2 Legal Requirements
4.3.3 Identify Objectives Targets and Programs
4.3.3 Identify Objectives Targets and Programs
4.4 Implementation and Operation
4.4 Implementation and Operation
4.5 Checking4.5 Checking
4.6 Management Review4.6 Management Review
3.2 Continual Improvement3.18 Prevention of Pollution
Products, Services, and
Activities
4.1 General Requirements
4.2 Environmental Policy
4.3 Planning Environmental aspects Legal and other requirements Objectives, Targets and Programs
4.4. Implementation and Operation Resources, Roles, Responsibilities and Authority Competence, Training and Awareness Communication Documentation Controls of documents Operational control Emergency Preparedness and Response
4.5 Checking Monitoring and Measurement Evaluation of compliance Nonconformity, Corrective action and Preventive action Control of records Internal audit
4.6. Management Review
EMS PRINCIPLES – THE STANDARDS REQUIREMENTS
GENERAL REQUIREMENTS Establish, document, implement, maintain and continually improve (EDIMC) EMS
In accordance with ISO 14001:2004 Determine how the EDIMC fulfill ISO
14001:2004 requirements Define and document the scope of
EMS
EMS PRINCIPLES
OUR SCOPES?
“Teaching and Learning”
EMS PRINCIPLES
ENVIRONMENTAL POLICY The environmental
policy describes the organization’s overall approach and intentions.
Is the Keystone upon which the entire EMS is constructed.
NOT A PUBLIC RELATIONS DOCUMENT
Policy
Management Review
Implementation and OperationChecking
Planning
EMS PRINCIPLES
POLICY REQUIREMENTSTo meet ISO 14001 requirements, the policy must:
Be appropriate to the nature, scale, and environmental
impacts of the organization activities and goods produced.
Include a commitment to continual improvement and
prevention of pollution.
Include a commitment to comply with applicable legal
requirements and other requirements to which organization
subscribes.
Provides the framework for setting and reviewing
environmental objectives and targets.
Be documented, implemented and maintained, and
communicated to all employees (also persons working on
behalf)
Be available to the public.
EMS PRINCIPLES
PLANNING Environmental
Aspects.
Legal and Other Requirements.
Objectives, Targets and Program(s).
Policy
Management Review
Implementation and OperationChecking
Planning
EMS PRINCIPLES
S.M.A.R.T.
PLANNING
Teaching&
LearningActivities,Products
&Services
IdentifyEnvironmental
Aspects
DetermineSignificant
EnvironmentalAspects
Determine Legal and Other
Requirements
Establish
Objectives
and
Targets
Develop
Environmental
Management
Programs
EMS PRINCIPLES
ACTIVITIES, PRODUCTS AND SERVICES What to consider within described &
defined scope of the EMS?
Consider mission – what ‘facility’ is designed to do e.g. lecture halls, labs, and… etc.?
Consider activities that support the mission e.g. lectures, lab experiments and… etc.?
Consider actions that are both regulated (controlled) and not regulated (not controlled) e.g. commuting to work/lectures
EMS PRINCIPLES
ASPECTS AND IMPACTS Identify environmental aspects of activities products
and services within defined scope of EMS that can be
controlled and over which can be influenced taking into
account planned or new developments, or new or
modified activities, products and services” Aspects: Element of an organization's activities,
products or services that can interact with the environment.
Impacts: Any change to the environment, whether adverse or beneficial, wholly or partially resulting from an organization's activities, products or services
EMS PRINCIPLES
ASPECTS AND IMPACTS
Activitys vs Aspects vs Impacts
EMS PRINCIPLES
ASPECTS AND IMPACTS Content Requirements of Environmental Aspects
understand how organization interacts with the environment
control versus influence arrive at a list of significant environmental
aspects based upon impactsdevelop a procedure to support this three step
decision making process
EMS PRINCIPLES
EMS PRINCIPLESEveryone & Everything Impacts The Environment
Either adversely or beneficially!
EMS PRINCIPLES
Environmental receptors: People (public)
Public nuisance Natural Resources
Consumption of non-renewable resources Land/Soil
Soil excavation, erosion, solid contamination Water
River water contamination, wastewater discharge Air
Emissions of heat, particulates, GHG, GST?!
DETERMINE SIGNIFICANT ASPECTS The process of arriving at a list of Significant
Environmental Aspects must be a reasonable and understandable procedure be based upon the following criteria:
1. perceived risk(human health vs. ecosystem);2. impact analysis (internal, local, regional, global);3. probability of occurrence4. direct or indirect control;5. regulated or non-regulated;6. resource utilization;7. community interest;8. etc.
Consider normal, unique, and emergency conditions
Where do opportunities exist for improvement?
EMS PRINCIPLES
LEGAL AND OTHER REQUIREMENTS Identify legal requirements that apply to a facility’s
activities – use audit guides or protocols
Identify other requirements that apply including corporate policies, Executive Orders (public organizations), facility initiatives or voluntary practices
ISO 14001 does not require documentation for the Legal and Other Requirements section (4.3.2). However, the only practical way to demonstrate conformance is to assemble in one place a list and copies of each applicable environmental law, regulation and voluntary subscription along with the supporting permits and/or contracts as evidence.
EMS PRINCIPLES
OBJECTIVES AND TARGETS
Consider “legal and other requirements”
Consider significant aspects
Reflect corporate policies
Reflect financial and technical limitations
Reflect “interested parties”
Reflect policy commitment and commitment
to pollution prevention
Consider how you will measure progress
EMS PRINCIPLES
OBJECTIVES AND TARGETS
Objectives are the “Goals” that support the “Vision” contained in the
Environmental Policy Statement.
EMS PRINCIPLES
ISO 14001 SPECIFICATIONS FOR OBJECTIVES/TARGETS
The ISO 14001 Standard stipulates several criteria that must be considered when establishing environmental objectives. Specifically:
Environmental policy commitments to continual improvement, prevention of pollution, and compliance with legal and other requirements.
Concentration on controlling significant environmental aspects – the activities, products, and services with the highest environmental impacts – since reducing their significance (i.e., the risks associated with them) automatically lowers their impacts.
Taking consideration of technological options and financial, operational, and business requirements means that environmental objectives and targets must be practical in terms of being technologically achievable, within the limits of available budget constraints, and consistent with operational and business strategies. In other words, objectives and targets must be realistic and attainable,
not mere dreams or wish lists. The views of interested parties. Any individual, group, agency, or community
that may be affected by or have a stake in the operations of the facility implementing the EMS. This can be a long list, including: National, regional/provincial, local government officials Local community representatives Public interest groups and other stakeholders (The views of interested
parties are also helpful when an organization makes a decision regarding communication of its environmental aspects).
EMS PRINCIPLES
ISO 14001 ENVIRONMENTAL MANAGEMENT PROGRAMS:
The organization shall establish and maintain programs for achieving its objectives and targets, including:
(a) designation of responsibility for achieving objectives and targets at each level and function of the organization
(b) the means and time-frame by which they are to be achieved
EMS PRINCIPLES
ENVIRONMENTAL MANAGEMENT PROGRAMS
An EMP is an action plan specifying:How objectives and targets will be accomplishedWho is responsible for achieving themWho will manage and supervise the activitiesWho will carry out the workWhat they will doWhat resources are needed (e.g., people, skills, equipment, time, money)When the tasks will be completed (i.e., a schedule)
EMS PRINCIPLES
ISO 14001 PLANNING SEQUENCE
ENVIRONMENTAL POLICY
Guiding Light
ENVIRONMENTAL ASPECTS
Problem Definition
LEGAL AND OTHER
REQUIREMENTS
Obligations
OBJECTIVES AND TARGETS
Goal Setting
ENVIRONMENTAL MANAGEMENT
PROGRAMS
Means of Achieving
Goals
EMS PRINCIPLES
IMPLEMENTATION AND OPERATION This phase includes 7 elements: Resources, Roles,
Responsibilities and Authority
Competence, Training and Awareness
Communication Documentation Controls of documents Operational control Emergency Preparedness
and Response
Policy
Management Review
Implementation and Operation
Checking and Corrective Action
Planning
EMS PRINCIPLES
IMPLEMENTATION AND OPERATION
Resources, Roles,
Responsibility &Authority
Competence,Training &Awareness
Document Control
EMS Documentation
Emergency preparedness and response
Communication
Operational Control
Organization &Accountability
Capabilities &Communications
Controls
EMS PRINCIPLES
RESOURCES, ROLES, RESPONSIBILITY & AUTHORITY
Roles and responsibilities are defined,
documented, communicated
Management will provide resources for
implementation of the system
Identifies Management Representative (s) In charge
Report to top management
EMS PRINCIPLES
COMPETENCE, TRAINING AND AWARENESS
Ensure competence training to regulatory requirements
standard operating procedures
Ensure training and awareness relevant to EMS - including policy
relationship between employees’ activities and
environmental impacts
EMS PRINCIPLES
COMMUNICATION
Ensure internal communication
External communication of significant environmental impacts is optional, however this decision shall be documented
Provide process for responding to external communication
EMS PRINCIPLES
DOCUMENTATION AND DOCUMENT CONTROL
Procedures for controlling documents
can be located - are legible, dated and
maintained
reviewed and revised as necessary and
approved
current versions are available to
practitioner
obsolete documents are removed from use
EMS PRINCIPLES
DOCUMENTATION Under ISO 14001, documentation refers to all
written material concerning the EMS
Documents include policies, procedures, manuals, plans, diagrams, flowcharts, correspondence, memoranda related to the EMS
Records are documents, but under ISO 14001 are distinguished from documentation:
Documentation concerns what should happen Records contain information on what has happened
EMS PRINCIPLES
SHALL DOCUMENT4.2 ENVIRONMENTAL POLICY
4.3.1 Environmental aspects
4.3.3 Environmental objectives and targets
4.4.1 Roles, responsibilities, and authority
4.4.3 Communications from external interested parties
4.4.4 EMS core elements
4.4.6 Procedures essential for operational control
4.5.1 Monitoring and measurement of key operations that have potential significant impacts
4.5.2 Compliance with laws and regulations
4.5.3 Records
4.6 MANAGEMENT REVIEW
EMS PRINCIPLES
MUST DOCUMENT4.3.2 Significant environmental aspects
4.3.3 Registry of legislation and regulations
4.3.4 Environmental management programs - action plans to achieve objectives and targets
4.4.2 Training needs results, and training plans
4.4.7 Emergency response plan
4.5.2 Corrective and preventive actions
4.5.5 EMS audit results
EMS PRINCIPLES
WHAT ARE OPERATIONAL CONTROLS?
Means by which an organization prevents pollution from operations, e.g.:
Pollution control equipment such as scrubbers, filters, precipitators, clarifiers, biological and chemical treatment, etc.
Alarms for gas, pH, conductance, tank level, etc. Preventive maintenance practices Operating procedures
EMS PRINCIPLES
METHODS OF OPERATIONAL CONTROL
Process controls: Electronic Mechanical Monitoring observation
Operating procedures: Verbal documented
EMS PRINCIPLES
WHAT IS A PROCEDURE?
An activity carried out according to specified instructions
Combination of responsibilities, authority, resources, instructions needed to consistently perform an activity
A procedure may be documented (i.e., written), but a document is NOT necessarily a procedure
EMS PRINCIPLES
ONE MORE THING FROM ISO 14001 4.4.6
The organization shall establish and maintain procedures related to the
identifiable significant environmental aspects of goods and services used by the
organization and communicate relevant procedures and requirements to suppliers
and contractors
EMS PRINCIPLES
RESPONSIBILITIES OF CONTRACTORS AND SUPPLIERS
The organization is responsible for informing contractors and suppliers about operating procedures relating to their goods and services
Contractors must comply with all EMS requirements when on site
Suppliers may be required to meet specified environmental standards in their own facilities
EMS PRINCIPLES
EMERGENCY PREPAREDNESS AND RESPONSE
Procedures to address accidents and emergencies prevent and mitigate environmental impacts
review and revise after emergency or accident
test where appropriate
EMS PRINCIPLES
CHECKING 5 elements:
Monitoring and Measurement.
Evaluation of Compliance
Nonconformity, Corrective Action and Preventive Action.
Control of Records
Internal Audit.
Policy
Management Review
Implementation and OperationChecking
Planning
EMS PRINCIPLES
CHECKING
RecordsOngoingMonitoring and
Measuring
Periodic Internal EMS Audits
Nonconformity,Corrective action and
Preventive Action
Periodic Evaluations of compliance
EMS PRINCIPLES
MONITORING AND MEASURING Procedures to monitor and measure activities
related to significant aspects
Root cause analysis
Audits
Track performance, operational control and objectives and targets
Maintain and calibrate monitoring equipment
EMS PRINCIPLES
EVALUATION OF COMPLIANCE
Periodically evaluate compliance with applicable legal requirements
Also evaluate compliance with other requirements the company subscribes
Keep records of such evaluations
EMS PRINCIPLES
NONCONFORMITY, CORRECTIVE ACTION AND PREVENTIVE ACTION
Identify cause of nonconformity
Develop corrective action and implement it
Modify procedures if necessary to prevent
recurrence
Define responsibility and authority to address non-
conformance
EMS PRINCIPLES
CONTROL OF RECORDS
Procedures for identification, maintenance and disposition of environmental records
Legible and traceable to the activity,
product or service involved
EMS PRINCIPLES
INTERNAL AUDITS Periodically audit to determine if the EMS
is being properly implemented and maintained, and
conforms to the standard
Provide audit information to management
EMS PRINCIPLES
MANAGEMENT REVIEWReview inputs:
Opportunities for improvementNeed for changes to EMS
Environmental policy Environmental Objectives
and Targets.Based on inputs (a - h)
Review outputs:Decision and actionConsistent to continual improvement
Policy
Management Review
Implementation and Operation
Checking and Corrective Action
Planning
EMS PRINCIPLES
MANAGEMENT REVIEW PROCESS
Need to consider:
• audit findings• progress records on objectives• changes to facilities• changes in activities, products or services• changes in technology• concerns of interested parties• other relevant information
To Assess the
• suitability,• adequacy, and• effectiveness of the EMS
In order to determine the need for change and improvement to:
• the environmental policy
• the objectives and targets
• other elements of the EMS
EMS PRINCIPLES
EMS INTERNA
L AUDITIN
G
EMS INTERNAL AUDITING
What is EMS Internal Auditing?
•The assessment of processes to verify that they are operating within planned arrangements:
o are procedures followed?o are procedures effective for
their purpose?o do they meet the requirements
of ISO 14001?
•Factual statements of observations backed by evidence
•Evaluation of processes NOT people
•Not compliance audits
EMS INTERNAL AUDITINGWhy EMS Internal Auditing?
•As a checking mechanism of the EMS plan and implementation
•Verify existence and implementation of EMS procedures and other arrangements
•Is EMS achieving its intended objectives?
•Preparation for certification/third party audits
•Provides information on the results of audits to management
EMS INTERNAL AUDITING
Can do sampling for internal audits?
EMS INTERNAL AUDITING
NO:The need to conduct the audit for all area/function/department implemented with the systems to ensure consistent implementations throughout the organizations
Can do sampling for internal audits?
YES:When assessing/evaluating sets of data with regards to records of an operations or monitoring over a certain period of time using acceptable uncertainty sampling methods
EMS INTERNAL AUDITING
What The EMS Auditor Needs To Know?
•ISO 14001 Requirements•Auditing Techniques and Procedures•System Thinking and Analysis•The System Being Audited•Environmental Exposures and Prevention•Organizational, societal & governmental expectations
EMS INTERNAL AUDITING
Why?
Audit has to be based on objective evidence. They have to be seen as a testimonial with the aim of evaluating at least the following aspects of Environmental Management Systems:•system performances •necessities that the system has to realize•strong points of the system•weak points of the system.
EMS INTERNAL AUDITING
Things need to be established:
•Programs and procedures for periodic EMS audits ("snapshots")
•Extent and frequency based on results of previous audits
•Results given to management for EMS review
•Performed by independent (internal or external) auditors
•Based on satisfying pre-established objective criteria
EMS INTERNAL AUDITING
Audit disclosures:
•EMS auditors are not looking for non compliances
•EMS auditors are generally not sufficiently versed to designate non-compliances
•The EMS audit reports deal with non conformances to the organization's own EMS
EMS INTERNAL AUDITING
Collecting objective evidence:
•Collect sufficient evidence through interviews, examination of documents and observation of activities and conditions
•Information from interviews should be verified through observations, independent sources, records and existing measurements
•Audit findings should be reviewed with auditee to establish their factual basis
EMS INTERNAL AUDITING
EMS Audit Indicators:
•Adequacy of documents, procedures, programs, records
•Implementation/integration/consistency
•Progress towards objectives and targets for:- compliance- operational controls- reductions- efficiencies- financial returns
•Commitment by management to:- environmental policy- EMS
•Awareness and competency of employees•Continual improvement of EMS
EMS INTERNAL AUDITING
EMS Internal Audit Levels:
•Buy-in on the Concept of EMS
•Definition (creation) of the EMS
•Deployment and Use of the EMS:• Is it being used?• Are the elements current?• Are the elements effective?• Is EMS used strategically?
EMS INTERNAL AUDITING
Tools needed:
•Standard reference guidance
•Internal audit procedures (Ref.: UPM/ISO-EMS/P004; Semakan 00; Isu 01; 15/7/2013)
•Audit checklists
•Audit notes
EMS INTERNAL AUDITING
Presentation of findings - categories:
•Major non-conformity
•Minor non-conformity
•Observations/opportunity for improvements
•Verbal
EMS INTERNAL AUDITING
Reporting of audit findings:
•Audit report
•Resolution of non-conformity• Determination of root cause• Immediate corrections• Corrective actions
•Records