An audit is an evidence gathering process.
Evidence is used to evaluate
how well audit criteria are being met. Audits must be
objective, impartial,
and independent, and the audit
process must be both systematic and
documented. Audits can be either internal or external.
Internal audits are referred to as first-party audits
while external audits
can be either second or third party. They can also be
combined audits
(when two or more management systems of different
disciplines are
audited together at the same time).
Audit evidence includes records, factual
statements, and other verifiable
information that is related to the audit
criteria being used. Audit
criteria
may be thought of as a reference point and include policies,
requirements,
and other forms of documented
information. They are
compared against
audit evidence to determine how well they are being met.
Audit evidence
is used to determine how well policies are being implemented
and how
well requirements are being followed.
|
Competence means being able to apply
knowledge and skill
to achieve intended results. Being competent means
having the
knowledge and skill that you need and knowing how to apply
it.
It means that you’re qualified to do the job.
|
A compliance obligation
is a requirement. There are two
kinds
of compliance obligations: mandatory
compliance obligations and
voluntary compliance obligations. Mandatory compliance
obligations
include laws and regulations while voluntary
compliance obligations
include contractual commitments, community and industry standards,
ethical codes of conduct, and good governance guidelines. A
voluntary
obligation becomes mandatory once you decide to comply with
it.
|
To conform means to meet a requirement (or a
compliance obligation).
Since there are many kinds of requirements, conformity
can take many
forms. You can conform (or comply) with mandatory
requirements like
laws and regulations or with voluntary requirements such as
contracts,
agreements, codes, and standards.
In the context of environmental
management, you can conform
(or comply) with (or to) the ISO 14001 requirements (or
obligations)
and to any additional environmental management requirements
(or obligations) that your organization establishes for
itself.
|
An organization’s context is its business
environment. It includes
all of the issues, factors, and conditions that could influence or be
influenced by an organization's environmental
management system.
The new ISO 14001 standard now expects you to
understand both
your external context and your internal context when you
establish
your EMS.
This means that you need to identify and understand the
external issues and the external
environmental conditions that could
influence your organization's
EMS and the results that it intends to
achieve. It also means that you need to identify and
understand the
internal issues and internal environmental conditions that
could
influence your EMS and the results it intends to achieve.
|
In the context of this EMS standard,
continual improvement is a set of
recurring activities that organizations use to enhance their
environmental
performance. Environmental performance
is enhanced whenever the
environmental aspects of activities, processes, products,
services, and
systems are controlled and whenever adverse environmental
impacts
are reduced and beneficial environmental impacts are
produced.
|
Corrective actions are steps that are taken
to prevent recurrence
by eliminating the cause or causes of an existing
nonconformity.
The corrective action process tries to make sure that
existing
nonconformities don’t happen again.
|
The term documented
information refers to information that
must be controlled and
maintained and its supporting medium.
Documented information can be in any format and on any
medium
and can come from any source.
Documented information includes information
about the environmental
management system and related processes. It
also includes all the
information that organizations need to operate and all the
information
that they use to document the results that they achieve (aka
records).
|
Effectiveness refers to the degree to which
a planned effect is achieved.
Planned activities are effective if these activities are
actually carried out
and planned results are effective if these results are
actually achieved.
|
The term environment refers to an
organization’s natural and human
surroundings. An organization’s environment
extends from within the
organization itself to the
global system, and includes air, water, land,
flora, and fauna (including people), and natural resources
of all kinds.
|
An environmental aspect is an element or
characteristic of an activity,
product, or service that interacts or can interact with the
environment.
Environmental aspects
can cause environmental
impacts. They can
have either beneficial impacts or adverse
impacts and can have a
direct and decisive impact on
the environment or contribute only
partially or indirectly to a larger environmental change.
|
Environmental conditions
are states or characteristics
of the
environment at a particular point in time.
ISO 14001 expects you
to
identify the environmental conditions that are capable of
affecting or
being affected by your organization and to figure out what
you need
to do to prevent or reduce the risk
that these conditions could
adversely affect its environmental performance.
|
An environmental impact
is a change to the environment that is
caused either partly or entirely by one or more
environmental aspects.
An environmental aspect can have either a direct and
decisive impact
on the environment or contribute only partially or
indirectly to a larger
environmental change. In addition, it can have either a
beneficial
environmental impact or an adverse environmental impact.
|
An environmental
management system (EMS) is one part of a larger
management system
and is a set of interrelated or
interacting elements
that organizations use to implement their environmental
policy, to achieve
their environmental objectives, to meet their environmental
compliance
obligations, to manage their environmental aspects,
and to address
their environmental risks and
opportunities.
These elements include structures,
programs, procedures, processes,
practices, plans, rules, roles, regulations,
responsibilities, relationships,
contracts, agreements, documents, records, methods, tools,
techniques,
technologies, and resources.
|
An environmental objective is an
environmental result your organization
intends to achieve. Your organization’s environmental
objectives should
be based on or derived from its environmental
policy and must be
consistent with this policy.
|
The term environmental performance refers
to the environmental
results that are achieved whenever the environmental aspects
of
activities, processes, products, services, systems, and
organizations
are managed and controlled. Environmental performance
is improved
whenever the environmental aspects of activities, processes,
products,
services, systems, and organizations are managed and
controlled and
whenever adverse environmental
impacts are reduced and
beneficial
environmental impacts are produced. You can measure environmental
performance by using indicators to compare
environmental results
against environmental objectives and environmental policies
(or other suitable criteria).
|
A policy is a commitment, direction, or
intention and is formally stated
by the top management of an organization. An environmental
policy
should make a commitment to protect the environment, to meet
all
relevant compliance obligations, and to enhance
environmental
performance.
|
An indicator is a “measurable
representation”. It is used to indicate
or measure the status or condition of an operation or an
activity. In
the context of this standard, indicators
can be used to quantify and
evaluate
environmental performance.
They can be used to measure
how much success you’ve had and how much progress you’ve
made
relative to the environmental
objectives you wish to achieve and the
environmental policy you wish to implement. Indicators
can also be
used to monitor trends and to support decision making.
|
In general, an interested party is any
person, group, or organization who
can affect, be affected by, or believe that they are
affected by a decision
or activity. In the context of this ISO 14001 standard, an interested
party
is anyone who can affect, be affected
by, or believe that they are
affected by the
environmental performance of an organization.
|
In the context of this standard, the term life
cycle refers to the
consecutive and interlinked stages of a product system from
the
acquisition of raw materials to end-of-life disposal. The life cycle
of a product system includes
all associated activities, products,
and services and may include
procured goods and services as
well as end-of-life treatment, decommissioning, and
disposal.
|
A management system is a set of
interrelated or interacting elements
that organizations use to formulate policies and objectives
and to
establish the processes that
are needed to ensure that policies are
followed and
objectives are achieved. These elements
include
structures, programs,
procedures, practices, plans, rules, roles,
responsibilities, relationships, contracts, agreements, documents,
records, methods, tools, techniques, technologies, and
resources.
There are many types of management systems. Some of
these include
environmental management systems, financial management systems,
risk
management systems, quality management systems, business
continuity management systems, food
safety management systems,
information security management systems,
occupational health and
safety management systems, compliance management
systems,
and emergency management systems.
|
Measurement is a
process that is used to determine a value.
|
To monitor means to determine the status of
an activity, process, or
system at different stages or at different times. In order
to determine
status, you may need to supervise and to continually observe
and
check the activity, process, or system that is being
monitored.
|
Nonconformity refers to the
“non-fulfilment of a requirement”.
When an organization fails to meet a requirement, a nonconformity
exists. Since there are many kinds of requirements,
nonconformity
can take many forms. You can fail to conform (or fail to
comply) with
mandatory requirements like laws and regulations or with
voluntary
requirements such as contracts, agreements, codes, and
standards.
|
An objective is a result you intend to
achieve. Objectives can be strategic,
tactical, or operational and can apply to an organization as
a whole or to
a system, process, project, product, or service. Objectives
may also be
referred to as targets, aims, goals, or intended outcomes.
|
An organization can be a single person or a
group that achieves its
objectives by using its own
functions, responsibilities, authorities,
and relationships. It can be a company, corporation,
enterprise, firm,
partnership, charity, or institution and can be
either incorporated or
unincorporated and be either privately or publicly owned. It
can also
be an operating unit that is part of a larger entity.
|
When an organization
makes an arrangement with an outside
organization to perform part of a function
or process, it is referred
to as outsourcing. To outsource means
to ask an external organization
to perform part of a function or process normally done
inhouse. While
the outsourced organization is beyond the scope of your EMS,
the
outsourced process or function itself may fall within the
scope.
|
According to ISO, the term performance
refers to a measurable result.
It refers to the measurable results that activities,
processes, products,
services, systems and organizations are able to achieve. So
whenever
processes, products, services, systems, or organizations
perform well
it means that acceptable results are being achieved.
|
To prevent pollution means to avoid,
reduce, or control the creation,
emission, or discharge of contaminants or waste materials.
Pollution
must be prevented in order to reduce adverse environmental
impacts.
Organizations use a wide variety of methods,
techniques, practices,
processes, products, and services to prevent pollution.
These include
the reduction or elimination of pollution at the source; the
efficient use
of resources, materials, and energy; the reuse, recovery,
reclamation,
and recycling of resources; the
redesign of processes, products,
and services; and the substitution of one type of energy
source
or substance for another cleaner energy source or substance.
|
A procedure is a way of carrying out a
process or an activity.
Procedures may or may not be documented.
|
A process is a set of activities that are
interrelated or that interact
with one another. They transform inputs into outputs.
Processes
are interconnected because the output from one process often
becomes the input for another process.
|
A requirement is a need, expectation, or
obligation. It can be stated or
implied by an organization, its
customers, or other interested parties.
A specified requirement is one that has been
stated (in a document for
example), whereas an implied requirement is a
need, expectation, or
obligation that is common practice or customary.
|
According to ISO 31000 2009, risk is the “effect
of uncertainty” and
an effect is a positive or negative deviation from
what is expected.
Risk is often expressed as a combination of
two factors: probability
and consequences. It asks two questions: what is
the probability that
a potential event will occur
in the future? And what consequences
would this event produce or what impact would it have if it
occurred?
Uncertainty (or lack of certainty) is a
state or condition that involves
a deficiency of information and
leads to inadequate or incomplete
knowledge or understanding. In the context of
risk management,
uncertainty exists
whenever the knowledge or understanding of
an event, consequence, or likelihood is inadequate or
incomplete.
|
According to ISO 14001 2015, risks are
potential adverse effects
(or threats) and opportunities are potential
beneficial effects.
|
The term top management normally refers to
the people at the top of an
organization. It refers to the people who provide resources
and delegate
authority and who coordinate, direct, and control
organizations. However,
if the scope of a management system covers only part of an
organization,
then the term top management refers, instead, to
the people who direct
and control that part of the organization.
|