ISO 14001 EMS Pre-Audit Findings - Construction Company


June Ang - 2005

EMS Pre-Audit

Hi ladies & gentlemen,

My company (construction company) has just finished the ISO 14001 Pre-audit for system review on 25 July 2002. Here are some comments from the external auditor that I would like to share with all of you.

1) EMS documents
The auditor commented that the documents are adequate to satisfy the ISO 1400 requirements and in the right track. (Thanks to all the experts here! :) )

2) Objectives & Targets
The external auditor commented that the objectives & targets we established are more "reactive" in nature as most of the targets we set are to reduce the Government Fines - MOM & ENV fines. Since the MOM/ ENV visit are not very common and not fixed interval, we might able to achieve our targets although the actual implementation is not effective. We have been adviced to set the objective & target which is more "proactive".

3) Emergency
We also been adviced to come out with the evaluation report after each emergency drill. Report should include the assessment on the effectiveness of the mergency plan & to identify the area for improvement. Photogpahic evidence is preferrred. The frequency of emergency drill should also need to be reviewed as so to account for new staff, different construction phase etc.

4) Aspects
The auditor also query on the consistency for assessing the environmental aspect as different people perepare the register for different site. We have been adviced that the Aspect Register must be properly checked and approved by a "competent" person, or effective communication and training must be carried out.

That's all. Thank you.
Last edited by a moderator:


Super Moderator
It's good to hear that you're in as good as shape as you are. I'm hope that we were able to help in some small way.

As for your comments, they don't sound that unreasonable except for the fact the auditor may be telling you how to perform corrective actions. If that is so, the auditor may be stepping over the line to providing consulting also.

Trying to reduce potential fines through better regulatory compliance sound pro-active to me. I've read your stuff, as have others here (and the material you sent me also). In my opinion you have developed a balanced approach with your O&T's. But then again I'm one of your stakeholders I guess.

You're doing a fine job from what I've seen.

Keep it up and us informed.


Dean P.

Randy - Say it ain't so! An auditor that tries to tell you how to do something, rather than just audit it in an objective manner??????:vfunny: :vfunny: :vfunny: If I had a nickel for each time an auditor said to me "You know, I'm not supposed to consult while we're auditing, but if I were you......" Well, I guess it's good to see that auditors are consistent around the globe!!

Anyway, great job June. I agree with Randy that your findings are pretty reasonable, and also show that there are no major deficiencies in your system. Good luck with the implementation audit (by the way, when is it?)



Super Moderator
I don't, and won't tell folks how to fix their problems when I audit. I will give general advice on where to go (like here for instance) for further advice, but I never give the answer I think is correct. It may not be right for them.

Dean P.

That's just what companies need from their auditors - 'tell me where to get the help, don't tell me what you want to see'.

Unfortunately, most (all?) of the auditors I've had experience with (covering 3 different registrars) have all wanted to form our system to what they think it should be, probably to make it easier for them to audit. Even to the point where they were telling us what the column headings should be on some of our spreadsheets! I'd say that is definitely crossing the line.

People are also very quick to completely reform a system to meet an auditors needs ('we must do what he says to keep our certificate') without thinking of the impact on the business and how it runs at their facility. Bottom line, you've got to stick to your guns and make sure your system is tailored to work best for your company, not tailored for your 3rd party auditor.


Super Moderator
It's their system, not mine. Meet the requirements, prove it's effectiveness, show improvement, strive to obtain something (O&T), and all tha other good stuff.

"Do it your way, not mine" "Show me the beef"


June Ang - 2005

Hi Randy and Dean,

Thanks. :bigwave:

Our actual live audit is scheduled to be somewhere mid of October, around two and a half months later. I'm now busy in reviewing the EMS documents to relect the actual practice that we've improved from what we've written in the original documents.

Yes, the auditor was telling us how to perform the corrective actions in the way that he think would be more effective by doing so and so. Anyway, these comments were given during the audit and the formal report hasn't received yet.

In my opinion, an auditor will actually try to help the auditee in satisfying the minimum requirements as they don't intend to fail their client. In other word, they will consult us to do this and that so that they can gain the confidence level there and pass the audit with less hesitation.
Last edited by a moderator:

Dean P.

Don't get me wrong, June, auditors know the standard better than anyone and almost always have good ideas for improvement of a system. I was referring to the cases where the auditors ideas went beyond a suggestion for improvement, they were actually telling us what to write down to satisfy their own requirements and save themselves time, not us.

Good luck and keep us up to date!


Super Moderator
Do what your auditor is suggesting, especially if this is your registration auditor. This is not a good practice to audit/consult (do the names Arthur Anderson & Enron ring a bell)?

You have plenty of time to do your fine tuning. Use it well.

June Ang - 2005

Questions raised from the internal audit

I have a few questions raised from the internal audit and hope to get your opinions.

I'll like to touch on the first one.

4.3.1 Environmental Aspects
There were 2 main NCs raised up during the internal audit.

1. The information in EHS Aspects & Hazards Register not complete.
(a) Emergency related activities and the associated aspects not identified
(b) Critical activities with significant aspects not clearly identified

2. The information in EHS Aspects & Hazards Register not kept up-to-date.

Logically, the register which is "not complete" will also resulted in "not kept up-to-date". I was thinking to combine thses two NCs into one NC so that it becomes "not complete & not kept up-to-date". But, finally, i still stick to the orginal NCs.

Quetion: How do you define "the information must be kept up-to-date"?

Based on my company requirements:
1) complete - the information we required must be included in the register

2) kept up-to-date - the current activities on site must be reviewed/reverified, the aspects must be reviewed/reassessed, the control measures must be reviewed/re-identified

What are your opinions?
Top Bottom