How to create an Process Oriented ISO 14001:2004 Audit Plan & Checklist:truce:

Determine the desired output and then identify the necessary inputs and activities necessary to achieve it...

Also remember, that some of your aspects and your EMS may cross over many (or even all) of your processes. Your audit plan will have to address those as well.

I tried to do this way.Make the process-flow.Determine the support processes.Prepare an audit checklist that covers all and conduct the audit.For example,effuent treatment process when audited,it will also cover associated areas like laboratory,maintenance,calibration,training,legal compliance,chemical storage,waste disposal etc.

How to create an Process Oriented ISO 14001:2004 Audit Plan & Checklist:truce:


Many of the processes and activities in ISO 14001 are the same as in TS or ISO 9001. So, audit them the same way as you would in ISO/TS. Then, the remaining few which are different, (ie: Aspects and Impacts) become easier to audit as well.

Does anyone have an example of how they do their process based ISO 14001:2004 audits?

I am looking for an example but can't seem to find one on here or by googling. There's lots of good advice but no examples. Thanks for your help!

Does anyone have an example of how they do their process based ISO 14001:2004 audits?

I am looking for an example but can't seem to find one on here or by googling. There's lots of good advice but no examples. Thanks for your help!


I had a recent client who defined "Managing Aspects and Impacts" as a process. Also, "Emergency Preparedness," and "Managing Legal & Other Req." Those were audited as processes. Everything else was audited with their equivalent TS processes (i.e.: doc control, CA/PA, Calibration, etc.).

I thought it was a pretty interesting approach.

Can't give you a sample, of course, as it is customer's proprietary info.

Thanks for your input. That's an interesting approach. I am pretty much looking at the same idea, however none of our TS 16949 trained auditors have EMS training, so I'm not sure how well I can combine the audits. I think at this point I would like to keep the EMS and QMS audits separate, but still adopt a process based approach to the EMS audits. In the future, I will attempt to combine them a bit more.

For the purpose of the EMS audits, I have defined our procedures/processes that require auditing as:

Environmental Policy
Aspects Management
Regulatory Compliance
Objectives and targets
HR / Training, Awareness & Competence
Emergency Response
Corrective action
Documentation / Records
Internal Audits
Management Review

Process Engineering & Design Inputs (inc. change management)
Production
Maintenance
Chemical & liquid storage
Waste - Hazardous waste / recycling / emissions / waste water treatment


I'm trying to hash out a format today, so I'll post it when I'm done. Hopefully in the meantime someone else might have something else to share.

Thanks for your input. That's an interesting approach. I am pretty much looking at the same idea, however none of our TS 16949 trained auditors have EMS training, so I'm not sure how well I can combine the audits. I think at this point I would like to keep the EMS and QMS audits separate, but still adopt a process based approach to the EMS audits. In the future, I will attempt to combine them a bit more.

For the purpose of the EMS audits, I have defined our procedures/processes that require auditing as:

Environmental Policy
Aspects Management
Regulatory Compliance
Objectives and targets
HR / Training, Awareness & Competence
Emergency Response
Corrective action
Documentation / Records
Internal Audits
Management Review

Process Engineering & Design Inputs (inc. change management)
Production
Maintenance
Chemical & liquid storage
Waste - Hazardous waste / recycling / emissions / waste water treatment


I'm trying to hash out a format today, so I'll post it when I'm done. Hopefully in the meantime someone else might have something else to share.


I think you have the right idea. The EMS auditors would need to be trained of course.

I didn't check each item, but noted that Operational Control does not seem to be covered?

maybe it will be a good idea to refresh your internal auditors on the process approach... i found the attached file from ISO/TC 176/SC 2 useful for this purpose :)

hjilling -

I have revised my list slightly. I am not planning on auditing the operational control "procedure", but rather the operational controls that exist surrounding each process (i.e. production, maintenance, etc.). Do you think that's acceptable? So here is the list again:

Operational Control - Process Engineering & Design Inputs (inc. change management)
Operational Control - Production
Operational Control - Maintenance
Operational Control - Chemical & liquid storage
Operational Control - Waste/ Hazardous waste / recycling / emissions / WWTS
Environmental Policy
Aspects Management
Regulatory Compliance
Objectives and targets
HR/Training, Awareness & Competence
Emergency Response
Corrective action (inc. complaints)
Documentation / Records
Internal Audits
Management Review


Here is a checklist of what I have developed for legal/other requirements. Let me know what you think!

1. Is there an emergency response plan that covers all potential environmental emergency scenarios?

2. How often is the emergency response plan reviewed and revised? Review the emergency response plan. Has it been reviewed as per the schedule?

3. Has the emergency response plan been reviewed after the following:
- tests of emergency response plan?
- accidents / emergency situations?

4. Have any environmental emergencies occurred in the last 6 months? Review records. Were the causes of the incidents investigated and corrective action initiated?

5. Verify the following emergency response equipment is being checked as specified:
- fire extinguishers – monthly
- emergency lighting – monthly
- sprinklers – annually
- fire alarms – annually

6. Have employees received training on the emergency response plan, emergency evacuation and spill response as per the training plan?

7. Is the emergency plan periodically tested? Verify documentation showing an emergency evacuation drill was performed in the last year.


:)

and again - if anyone has a "process based" ISO 14001:2004 internal audit checklist that they would be willing to post I would be very greatful. I have found 1 in a thread on here and it was a great "jumping off point" for me. Thank you Sambasi for posting it in this thread http://elsmar.com/Forums/showthread.php?t=1540&page=3&highlight=14001+checklist


I will post mine as an attachment when I am complete.

:thanx:

I think you have the right idea. It is not possible to sign off on something with just a cursery review here. I didn't check each item, but overall, it looks very good.

The EMS auditors would need to be trained of course.

Also, the questions seem to be slanted a bit toward a yes/no approach. That is good, but better would be to draw out the answers. Review examples. How effective are they. How well do people understand, etc. I try to avoid yes/no, and favor an approach that evaluates how well it is done. Especially, if you are trying to apply a process approach.

Here's a "CB-approved" process audit checklist... I am not trying to be funny, it really has been approved and endorsed by CBs. I have removed the header that included the audit number, company name, date, and lead auditor info.

Here's a "CB-approved" process audit checklist... I am not trying to be funny, it really has been approved and endorsed by CBs. I have removed the header that included the audit number, company name, date, and lead auditor info.

that looks like the form my CB is using... remember: don't ask why, instead ask why not! :)

Here's a "CB-approved" process audit checklist... I am not trying to be funny, it really has been approved and endorsed by CBs. I have removed the header that included the audit number, company name, date, and lead auditor info.


It certainly would work for a process based audit. It might be useful, to give internal auditors some guidance, to include a few things:

Process Owner
Internal Supplier, Internal Customer
Inputs and outputs, interactions
Objectives for this process
Metrics being tracked
Sequence of this particular process (or attach a flow chart, etc.)

These items do not have to be printed on the form, but would be an appropriate part of the process audit. They are a key part of what the auditor needs to audit to determine if the process is effective. In my training classes, these items are on the cover page to help start the audit on the right foot.

CB auditors supposedly do this automatically, but, for less experienced auditors, I find reminding them of these items as a starting point has been very beneficial (doesn't hurt to remind some CB auditors either...). A blank sheet can be pretty intimidating or limiting to an inexperienced auditor.

ok someone fill me in....what or who is a CB?

For our TS process audits we use a blank form and expect the auditor to develop their own checklist. but I would prefer to make a checklist for the EMS auditors to follow. I will try to move away from the "yes or no" checklist. good point.

ok someone fill me in....what or who is a CB?

For our TS process audits we use a blank form and expect the auditor to develop their own checklist. but I would prefer to make a checklist for the EMS auditors to follow. I will try to move away from the "yes or no" checklist. good point.

Fair question, we get in a hurry sometimes.

CB is Certification Body (your Registrar who issues the Certificate).

AB is Accreditation Body who accredits your Registrar to be authorized to issue valid certificates.

I posted a short list of things in my earlier post which would be good to put in a process oriented audit checklist. It would be good consider these.

ok someone fill me in....what or who is a CB?

For our TS process audits we use a blank form and expect the auditor to develop their own checklist. but I would prefer to make a checklist for the EMS auditors to follow. I will try to move away from the "yes or no" checklist. good point.
Note added:sorry, guess I wasn't fast enough :-)
CB is short for Certification Body-the registrar that audits and (hopefully) approves your systesm
AB is the Accreditdation Body-the ones who approve the CBs

I don't use a blank form for TS internal audits because our auditors have other full time jobs, and a check list is a reminder of specifics to ask or review. Also has room for plenty of comments.

Fair question, we get in a hurry sometimes.

CB is Certification Body (your Registrar who issues the Certificate).

AB is Accreditation Body who accredits your Registrar to be authorized to issue valid certificates.



:bonk: DUH...it must be a friday of a very long week. of course that's what CB is. thanks for reminding me!

(you'd almost think I was new at this!) :lol:


I don't use a blank form for TS internal audits because our auditors have other full time jobs, and a check list is a reminder of specifics to ask or review. Also has room for plenty of comments.

Yes that is my thinking regarding the EMS audits. I want to make sure all bases are covered while making it as painless as possible for the auditor! I will be leaving space for the auditors to list any additional questions they ask.

...it must be a friday of a very long week...



No Prob... Some Fridays it is all we can do to find our way home...