Testing Emergency procedures in real life.

[Claes Gefvenberg]

Hi all,

I'd like to hear your opinions on this one:

A company in the neighbourhood got into trouble during the ISO 14001 certification audit, when it was discovered that they had not tested their emergency preparedness routines. (4.4.7. and yes, the nature of their process certainly warrants such procedures). But they got off the hook...

They had recently had a real life emergency and claimed that the procedures had been tested that way. I don't know whether they had reviewed the emergency or not at the time of the audit.

Anyway they got away with it. They now hold a certificate.

/Claes

[Sam]

They got lucky. A real life emergency does is not a substitute for periodic testing. Primarily because it does not involve other people in the process.

[Dean P.]

We have a process that evaluates how effective our emergency response procedures are, with corrective actions or improvements noted. This process is used to evaluate both actual and mock situations.

I agree, the company got lucky. The procedure states that they must 'periodically test' (which would imply a mock situation). They may have passed on the basis that they had a drill schedule, and also if they evaluated the effectiveness of the particular real-life response (I don't know whether or not they did). If they did have a testing plan in place but hadn't yet got around to it, and they also evaluated the effectiveness of the actual response, I can see how the auditor would buy this.

[Randy]

It depends on what their procedure states. If they requie a test every 6 months and exceeded that time limit it doesn't matter whether the actual emergency happened or not, they failed to conform to their requirement.

On the other hand if they stipulate that a test must be conducted, but don't give a specific time period (it must be at least annually or as required by regulatory agencies) an the actual emergency happened, the system was in fact tested under actual conditions, and the requirement has been satisified.

I am curious as to whether or not they did any follow up, reviewed what went right an what didn't and decided on corrective actions for shortcomings.

[Claes Gefvenberg]

Of course one can argue that since their entire EMS is brand new, they had not had the time for any drills yet. The question in that case would be if they had planned one? Anyway, I agree with Sam & Dean that they got lucky. My reason for starting this thread is that I can foresee this happening a lot in the future.

Quote:

I am curious as to whether or not they did any follow up, reviewed what went right an what didn't and decided on corrective actions for shortcomings.

So am I, but I'm afraid I don't have that information...

[Dean P.]

Claes,

I started a thread earlier this year with respect to your concern - namely, how mature does a system have to be in order to be certified to ISO-14001?

Based on the responses I received, the answer was 'not very'. Basically, if you have documented procedures in place that meet the requirements of the standard, you can set up your audit and claim immaturity of the system as the reason why you can't show progress on anything (targets, drills, regulatory issues, etc.). The difficult part will be the 2nd, 3rd, and 4th audit. This is where companies must show continual improvement and complete records that they are doing EVERYTHING they say they are.

We are starting our system next week (by starting I mean we have ID's all sig. aspects, set our objectives and targets, all procedures are 'live' in our controlled system and we are working on our EMP's). We are set to have our certification audit in September. Basically, I can meet the requirements of the standard for this audit without having any drills, and without meeting any of our targets, as long as I have plans to meet all of these by the end of the year. I don't know if it's right or not, but we need to have the certification by the end of the year and the bottom line is, we better show results for our surveillance audit in March.

Personally, I think that this mainly stems from the fact that most companies are doing ISO-14001 because the Big 3 say so, not because they want to prevent pollution and improve the environment. JMO.

[Randy]

Pretty perceptive of you Dean

Make sure that you have performed some type of internal audit and can show some corrective / preventive action by the time the registrar comes knocking.

And if you're the MR...never, never, never answer a question with "I don't know." Remember you are addressing issues, developing information, so on and so forth

[Claes Gefvenberg]

Hi Dean,

We have reached the same stage as you have, with the certification audit planned for late May. (Good luck btw )

Quote:

The difficult part will be the 2nd, 3rd, and 4th audit. This is where companies must show continual improvement and complete records that they are doing EVERYTHING they say they are.

Aye, there's the rub. You can get the certificate before you are ready to back your words up with action.

/Claes