Procedure Internal Audit of The Environmentals

Internal Audit of the Environmental Management System

Revision information Description

Fifth revision. Task 5 updated to replacement of overall audit
opinion with indication of control acceptability.
Fourth revision. Task 5 updated to align audit opinion criteria with
Global Standard HSE Auditing and to remove the requirement to
map audit findings against Basic Risk Factors.
Third revision. Task 7 & 8 descriptions expanded.
Second revision. Tasks 6 & 7 re-ordered; references to HSE PSA
Team changed to EPE HSE Assurance Team; added reference to
3yr rolling audit plan in Task 1; expanded Task 5 description.

Objective To ensure that internal audits of the Environmental Management

System (EMS) are conducted at planned intervals to:
a) Determine whether the EMS
1. Conforms to planned arrangements for
environmental management including the
requirements of ISO 14001:2004 [6]
2. Has been properly implemented and is maintained

b) Provide information to management on the suitability,

adequacy and effectiveness of the EMS.

Scope EPE.

Risk domain and risk Risk Domain Risk(s):

Environment Negative impact to the environment now
and/or in the future
Reputation Damage to Group (license to operate)
because Shell appears not to be able to
conduct its activities in a socially acceptable
Legal Breaches of the law, new regulations that
hinder the business and failure to obtain
Asset Integrity Facility or installation breakdown or failure to
meet quality requirements agreed with
internal or external customers

Input to activity Input From Activity name / Doc No. IT system

EMS Auditor Tool kit Livelink
EPE HSE Legislative compliance; Livelink
Assurance Process HSEMS Internal
EPE HSE HSE audit Management, Livelink
Assurance planning, scheduling and

Procedure / Activity Description Internal Audit of the Environmental Management System

Activity Responsibility

HSE Coordinator /

UK HSE Regulator
EMS Line Rep


E Advisor




Taskdefinition References

programmeof audits

Implement and
2 maintaintheaudit

3 Plantheaudit

4 Conduct audit

Report theresultsof
5 theaudit tothe i [8], [9]

Conduct consistency
&qualitycheck i

Ensureaudit findings
i i i
7 [2], [4], [5]
audit database&

Revieweffectivenes i
8 of corrective& [3]

9 Maintainrecordsof

Procedure / Activity Description Internal Audit of the Environmental Management System

Output of activity Output To Activity / Doc No. IT system

Audit schedule Livelink
Terms of Reference Livelink
Audit Report Livelink
Audit Findings and Audit tracking
Actions tool
Feedback surveys Livelink
Audit Trend Analysis Livelink

Additional requirements Task 1

Planning the audit programme shall take place in the year before the
audits are to be conducted and the audit programme shall be issued
by the end of the year.

Planning the audit programme shall include planning the frequency

of audits and the selection of auditors. The scheduling of audits
takes into consideration the following:

1) The history of EMS & HSEMS audit activity for an individual

2) The results of previous audits
3) Known levels of Operational activity that may have an influence
4) Significance of environmental aspects.

Resource (auditors) shall be identified in the plan and allocated both

an audit month and an audit location. The exact timing of the Audit
shall be negotiated between the Auditee and the auditors. Change
in Audit Leader and significant change to the audit timing shall be
agreed with the Auditee and endorsed by the HSE ARC.

Each asset and function shall be part of the audit programme.

At appropriate intervals the programme shall also contain provision

for an EMS ‘system audit’, the purpose of which is to check:
1. Compliance of the relevant parts of the Corporate Management
System (CMS) with ISO 14001:2004
2. Strengths and weaknesses of corporately managed elements of
the EMS

The EPE HSE Assurance Team shall manage the audit programme
and shall maintain the current revision in an appropriately accessible
Livelink location.

The normal audit resource should be approximately 2 weeks x 2

auditors for areas with operational sites i.e. Assets, Project
Engineering, Well Engineering. Other Functions / Directorates can
be limited to approximately 1 week x 2 auditors. This time shall
include write up and issue of the audit report.

Audits of Assets / Functions with operational sites, should include as

an optimum, visits to 2 separate sites. For Assets with more than
one sub-Asset, the sites visited should, whenever practical be in
different ‘sub-Assets’. For Assets / Functions with operations across
more than one country, the sites should, whenever practical be from
Procedure / Activity Description Internal Audit of the Environmental Management System

different countries. However, this should take into account the

coverage of previous audits.

Auditor selection and competence

Each audit team shall have one lead auditor.

The EPE HSE Assurance team shall maintain a list of competent

auditors from the environmental and wider EPE HSE community and
shall propose auditors from the resource pool.
Auditors shall be competent on the basis of training and/or

Lead Auditors shall have completed the following training:

Approved external EMS Audit Course e.g. IEMA (UK) or the Shell
Internal Audit (SIA) approved EP04 technical auditing course.

A nominated Lead Auditor must be part of each EMS audit team and
normally takes the primary role of leading the audit.
In certain cases e.g. local circumstances, such as language issues,
an audit team member may have to adopt the leading role.
If this arrangement is necessary then it must be agreed and
recorded with the EPE HSE Assurance team. Appropriate
environmental expertise for the audit scope shall be part of the
competences of the audit team.

Audit Team Members will normally be drawn from the Environmental

skill pool and should ideally have completed the following training:
Shell Internal Audit - Internal auditing course or approved external
EMS Audit Course e.g. IEMA (UK)

Selection of auditors shall ensure that audits are conducted

objectively and impartially. Auditors shall be independent i.e. they
shall not audit the Asset / Function they normally support. One
member of the audit team should, preferably, have local expertise.

Task 2
Changes to the audit programme should only be made in
exceptional circumstances. Where a change does become
necessary the EPE HSE Assurance Team shall liaise with the HSE
Country Lead to identify alternative arrangements.

The HSE Coordinator / Environmental Advisor shall gain approval

from the auditee for the plan and shall ensure that the individual
asset / function 90-day plans (or equivalent) and Assurance Plans
(where relevant) include these audit activities. Ideally this process
should be conducted at the outset, of the issue of the yearly plan.

Task 3
Planning of individual audits is the responsibility of the auditor.

The audit owner shall be the Asset / Functional Leader.

The auditee shall be the relevant Asset Operations Manager(s) /
Functional Equivalent.
The Follow-up Coordinator shall be confirmed with the auditee at the
audit closeout meeting.

Approximately 6 weeks before the audit start date the auditors

shall contact the EMS Line Rep and/or HSE Co-ordinator /

Procedure / Activity Description Internal Audit of the Environmental Management System

Environmental Advisor and discuss the location entry process, the

audit facilitation and ensure all logistics are covered.

Approximately 4 weeks before the audit start date the auditors

shall liaise with the relevant Asset / Functional Environmental
Advisor and/or Operations / Department Manager to agree a Terms
of Reference (TOR) and include any particular areas that would
benefit focus or that show potential risk / exposure, whilst still
ensuring all the audit criteria is covered. Auditors shall make use of
the standard TOR template available from the Auditor Toolkit. If
there is a need to make significant deviation from the Objectives,
Scope or Deliverables within the standard TOR (e.g. in the case of
an audit of Non-Operated Ventures) then this should be agreed
upfront with the EPE HSE Assurance Team.

Resources used to assist the above decision-making process may


! Environmental Aspects Register for the relevant process

! Asset Environmental Aspects Inventory
! E-Case (UK)
! Asset / Function Global Environmental Standards check
! Asset Environmental Permits & Consents Register
! HSE-MS Self Assessment Questionnaire
! Management Reviews
! Previous audit findings & trends
! Advice from the Environmental Advisor regarding the
environmental importance of the operation(s) concerned

2 weeks before the audit start date the auditors shall issue the
TOR to the auditee(s).

Task 4
Audits shall be conducted objectively and impartially.

There is a checklist for asset / function audits and a checklist for

‘system audits’, which are available as guidance to the auditors
Asset / function audits shall focus on the implementation of the EMS
within the asset or function and shall avoid corporate level issues, as
these will be covered in ‘system audits’.

Opening meeting - The auditors should, if at all possible, interview

the asset/function Leader at an early stage in the audit. The meeting
should provide introduction and familiarisation for all parties to the
Audit Scope. In some cases more than one meeting will be required
e.g. one for the onshore management team and one for offshore.

Auditors should ensure that the platform/site leaders are fully

informed of relevant areas of concern before leaving the site.

Closing meeting - Senior Management from the asset / function

being audited should attend the audit close out meeting in person or
nominate a delegate who has the authority to agree the findings.

The findings should be discussed and ideally agreed. A summary of

the main findings should be left with the auditee.

Procedure / Activity Description Internal Audit of the Environmental Management System

Task 5
All findings should have been discussed with the relevant auditee(s)
before issue of the audit report. However, the auditor shall have the
final decision on the content of the audit report.

Auditors shall make use of the Standard Audit Report template

(available from the Auditor Toolkit) to write up the audit.
The classification of the findings shall be conducted by applying the
Group Risk Assessment Matrix (RAM) and audit finding rating
classification, categorised within four specific criteria: Low, Medium,
High and Serious.

In addition, auditors shall make an assessment of control

acceptability against each of the individual ISO 14001 system
elements. An assessment of the implementation of the EMS in its
entirety shall not be made.
Control Acceptability is based upon the principal of risk acceptability
outlined in the Group Risk Management Manual [9]. Although
somewhat subjective in nature, the criteria for determining each of
the three levels of Control Acceptability - Green, Yellow, Red - is
detailed below.

Controls Acceptable
! The findings are assessed as low/medium risk and are “once-
off” rather than process or system structural weaknesses or
! No or a few Low and/or Medium rated findings are reported
which indicate a general enhancement of the process or system
framework is needed.
Controls Need Improvement
! There is a clear gap between the current and target levels of
risk exposure which may result in HSSE objectives not being
! Some Medium and/or a few High rated findings are reported
which indicate a weakness in part of the process or system
structural framework.
Controls Need Major Improvement
! There is a significant gap between the current and target levels
of risk exposure which is likely to result in HSSE objectives not
being met.
! Many Medium, some High and/or one or more Serious rated
findings are reported which indicate a failure in a significant part
of the process or system structural framework.

The Audit Team shall make recommendations in terms of corrective

/ preventive actions and target dates but the Auditee is responsible
for finalising these and agreeing actions with the individual action

The final audit report should be issued to the Auditee within four
weeks of the closing meeting.

Task 6
The Auditor should send the audit report to the Assurance Review
Team as identified on the front page of the Audit Report template.
The Assurance Review Team will check the audit report for quality
and consistency with previous audit results.
Procedure / Activity Description Internal Audit of the Environmental Management System

If changes are thought to be required then these should be fed back

to the Auditee and the details of the report updated accordingly.

Task 7
The Follow-up Coordinator shall ensure that the audit findings,
corrective and preventive actions, action parties and timescales are
entered into the Fountain Assurance tracking system and tracked to

The HSE Assurance Team distributes the final audit report to the
environmental skill pool. Serious and High findings are transferred
to the UK Regulator Liaison for the purposes of lateral learning via
the UK HSE Issues Management Register [4] / UK HSE Issues
Management Forum [5].

The EPE HSE Assurance Team shall report key / repeat findings
from EMS audits in the HSE ARC
Task 8
The effectiveness of close-out of corrective and preventive audit
actions shall be assured by the following processes:
! The HSE Assurance Team regularly report on repeat
findings/trends from all HSE audits to the HSE ARC and
also as input to the HSE Management Review.
! Audit Teams review the close-out of previous EMS related
audit actions raised on the asset/function
! The HSE Assurance team carry out periodic review of
effectiveness of actions taken as a result of HSE-related
audit findings

Task 9
The EPE HSE Assurance Team shall be responsible for maintaining
the completed audit reports for a period of five years.

All associated documentation such as annotated audit checklists and

location notes taken during the audit should be destroyed, as they
should be superseded by the audit report.

Related controlling Ref. Title Document No.

[1] EP Standard HSE Auditing EP2005-0180
[2] EP ‘Procedure for Tracking Assurance EP.03.PR.01
[3] Team Description HSE ARC A-02.TD.03
[4] Procedure UK HSE Issues Management EPE.HSE.PR.45
[5] Team Description: UK HSE Issues EPE.HSE.TD.10

Other references Ref. Title Document No.

[6] ISO 14001:2004 Standard

[7] Global Environmental Standards EP-HSE web
[8] Group (YG) ‘Risk Assessment Matrix’ SWW
(RAM), 2006
[9] Shell Risk Management Manual 2006 SWW

Procedure / Activity Description Internal Audit of the Environmental Management System

