a

A New Environment?
December 2004
In January 2004, Dr Anne-Marie Warris, LRQA Global Product Manager EMS, and
UK expert to ISO 14001 revision, prepared a detailed briefing note on the revision
of ISO 14001:1996 to ISO DIS 14001:2003 for LRQA customers. Dr Warris revised
the briefing note in August 2004 to include the changes to the FDIS 14001:2004. .
The new standard ISO 14001:2004 has been published in November 2004. The
amendments to the DIS version are highlighted in blue and bold font.

Introduction
LRQA customers who have an Environmental Management System (EMS) certified
to ISO 14001:1996 will be aware that this standard was revised and has been
replaced by ISO 14001:2004 on 15 November 2004.

LRQA is continuing to keep its customers informed of developments that will affect
them, this briefing note considers the changes which have come into effect with the
new standard and what action will be required by an organisation with an
accredited certified ISO 14001:1996 system.

Overview
The ISO 14001:2004 features clarification of requirements, alignment with ISO 9001
and changes to the text to make the standard more user friendly. Some changes are
likely to require organisations to review and perhaps amend their system to ensure
conformance with the final version of the new standard.

The changes to the standard are detailed below. They cover:

• scope
• policy
• environmental aspects identification
• legal and other requirements
• resources, roles, responsibility and authority
• competence Training and Awareness
• communication
• environmental management system documentation
• document control
• emergency preparedness and response
• evaluation of legal compliance
• non-conformance, corrective and preventive action
• other minor changes.

© Lloyd’s Register Quality Assurance Page 1 of 9

December 2004
For clarity each change is referred to by its relevant paragraph number in ISO
14001:1996 and includes recommendations for action.

One noticeable change has been that documented procedures are no longer required,
except for procedures required under the clause relating to operational control.
However, organisations still need to ‘establish, implement and maintain’ procedures
to implement and manage their EMS.

Note the addition of the word ‘implement’ within what used to be standard text
from ISO 14001:1996. The term ‘implement’ has also been added elsewhere in the
text in parallel with the existing term ‘establish’ even when the text does not refer
to procedure(s).

Scope – clause 4.1

An organisation is now required to define the scope of its EMS. This scope directly
links the management system with the organisation’s activities, products and
services. The words ‘and determine how it fulfils these requirements’ related to
requirements in ISO 14001 have been added to the clause 4.1.

You need to do two things. Firstly, define the scope of your EMS, including what
activities, operations, services and products are included within it. The scope needs
to be documented, one possibility could be in the environmental policy. Secondly,
you need to evaluate and document how your EMS fulfils the requirements of ISO
14001. This could be done as part of the internal audit or as part of management
review, as long as it is traceable. Please note just stating that your internal audit cycle
covers all requirements may in many cases not be sufficient, unless the internal audit
demonstrates how you meet them.

Definitions
There are changes to several of the definitions which impact on an organisation’s
system, these are highlighted below.

Auditor – This definition is new and is taken from ISO 9001:2000 and links to the
concept of competence of auditors. You will need to demonstrate that your auditors
are competent. Most LRQA customers already do so but you are recommended to
check that auditor competence is defined in your system.

Continual improvement - Slight changes remind users that the process is ‘recurring’.
For most organisations this is already clear but you are recommended to ensure that
your continual improvement process is not a one off approach.
The definition also is more definitive by linking it to environmental performance
rather than improvement of the management system.

© Lloyd’s Register Quality Assurance Page 2 of 9

December 2004
Internal audit - Changes to the wording underline the fact that audits must be
independent and switches the emphasis of the audit scope from determination of
conformance of the EMS to determination of conformance with the environmental
management system audit criteria. You, therefore, need to be sure that your audit
criteria are defined and clear. Since internal audits already require determination of
audit criteria and lay down what needs to be audited, this should not be a major
issue.
The audit criteria would be expected to include conformance of the EMS to
achieve the policy and objectives.

A note has been added to clarify acceptable internal audit approached for small
and medium size companies (SME).

Environmental performance - The focus has changed from the management system to
an organisation’s management of its environmental aspects. The effect will depend
on what you use to demonstrate environmental performance and its improvements.
You are recommended to check the processes that you use to ensure they are in
accordance with the clarified definition.

Prevention of pollution - The wording has been clarified to reflect methods and
options for the prevention of pollution. More options are now listed and the
definition of pollution includes ‘creation, emissions and discharge of any type of
pollutant’. You need to look at your definition of prevention of pollution, and its
scope and use in your system, to ensure it covers the new concepts. This applies
specifically if you have paraphrased prevention of pollution rather than used the
term itself in your policy and other documents.

Some new definitions, taken from ISO 9000:2000, have been added. These include
non conformity, correction, corrective action and preventive action. These are
well-established definitions but you need to ensure that your EMS system uses
the terms consistently with their definitions and that your system is in
conformance with the requirements in the definitions.

Policy – clause 4.2

An organisation’s environmental policy has to be consistent with the scope of its
EMS and its scope can not be wider than the actual scope of the EMS. This allows
interested parties asking for the environmental policy to gain information about the
scope of the EMS and to learn what is and what is not covered in the organisation’s
management system.

© Lloyd’s Register Quality Assurance Page 3 of 9

December 2004
Several changes now require an organisation to review its environmental policy. You
need to do this to ensure that your policy:
• is developed by top management
• covers the scope of your EMS and does not imply a wider scope than that
• covers all activity, products and services within the scope of your EMS
• notes change to terminology related to legislative and regulatory
requirements
• reflects other environmental requirements your organisation may have
subscribed to
• is distributed to everyone working for, or on behalf of, the organisation, such
as sub-contractors, contractors, temporary staff, and remote workers.

Environmental aspects identification - clause 4.3.1

The famous, or infamous, ‘or’ has been changed to ‘and’, but ‘within the scope of the
organisation’s EMS’. The requirement has been clarified as to which aspects an
organisation can influence. Also as a result of other changes to clauses, aspects
associated with projects now forms part of this clause of the standard.

A number of text changes mean that aspect identification now covers all activities,
products and services within the scope of the organisation’s EMS. It also separates
control and influence, and introduces planned and new developments, new and
modified activities, products and services.

Significant aspects will now be considered in the planning activities such as new
and changed activities, products and services as well as the development,
implementation and maintenance of the EMS. There is also a reminder to
document this information. Documentation includes the records of the
identification and conclusion and actions arising from the application of the
methodology to determine significance.

The wording regarding influence has changed from ‘… over which it can be
expected to have an influence’ to ‘… those which it can influence’. You now need to
identify aspects which your organisation can influence rather than those over which
it can be expected to have an influence.

You need to review your procedure for identifying environmental aspects to ensure
that it covers all activities, products and services within your defined EMS scope.
Also that it covers aspects that you can control and influence and that it covers
changes, new and planned developments, new and modified activities, products and
services. Having reviewed your procedure you need to ensure that any changes are
implemented and documented.

© Lloyd’s Register Quality Assurance Page 4 of 9

December 2004
You also need to make sure that the EMS meets the new requirements and where
necessary the EMS is amended to reflect changes to aspects management. Please
note that there is now a stipulation that aspects ‘information’ is documented. This
was part of the overall concept in the ‘Records’ clause in ISO 14001:1996 edition just
not so clearly. Most LRQA customers have documented aspects but you need to be
aware that some kind of documentation must be demonstrable.

Legal and other requirements – clause 4.3.2

The first point to note is the general change from the confusing usage of legislative,
regulatory and legal requirements to ‘legal requirements’. The word ‘legislative’ is
changed to ‘legal’. This differentiates between ‘legislative’, which refers to a law
passed by government, and ‘legal’ which is much broader and covers regulatory,
court decisions and others. This does not mean that because a piece of legislation is
not in the Environmental Protection Act it is not relevant to the EMS. For example,
Control of Major Accidents and Hazards (COMAH in the UK, Seveso in EU) is an
environmental legal requirement where it is applicable to a site.

Note the main change here between the DIS version and the new standard is the
removal of the term ‘environmental’ in front of legal and other requirements.
‘Legal and other requirements’ have now been linked to the organisation’s
environmental aspects. The term ‘applicable’ has been added to direct the
management system design and operation at those legal requirements that apply
to the environmental aspects. Please note that the reference is to ‘environmental
aspects’ not to ‘significant environmental aspects’. So you need to identify legal
requirements applicable to all your aspects.

Organisations need to have procedure(s) to determine how legal requirements and

other requirements to which the organisation subscribes apply to the organisation’s
environmental aspects. You must consider such requirements in developing,
implementing and maintaining the EMS. Therefore, you need to look at your overall
EMS and ensure that it reflects legal requirements and other requirements to which
the organisation subscribes.

Resources, roles, responsibility and authority- clause 4.4.1

The new title emphasises the importance of resources, roles and authority as well as
responsibility. Paragraphs have been reorganised and the replacement of the word
‘provide’ with ‘ensure the availability’ could be significant for organisations
experiencing high staff turnover, particularly where this involves the loss of
‘provided’ auditors. You will be expected to have contingency plans in place to
ensure that alternative auditors are available - for example, a consultant, sub-
contractor or an auditor from an affiliated organisation.

The management representative’s report to top management now also includes

recommendations for improvement.

© Lloyd’s Register Quality Assurance Page 5 of 9

December 2004
Competence, training and awareness - clause 4.4.2
A new term has come into use: ‘persons working for, or on behalf of, the
organisation’. This is broader than just employees – or the old ‘members’ – and care
needs to be taken to ensure that all relevant persons have been covered, for example,
in terms of competence.

A new title reflects a change in the order of paragraphs and highlights the order of
importance of these subjects. Competence now extends in two directions: firstly to
‘potential significant impacts’ and secondly to cover persons working for, or on
behalf of, the organisation.

You need to make sure that your competence evaluation covers all persons working
for, or on behalf of, the organisation, such as sub-contractors, contractors, temporary
staff and remote workers, and that significant impact also covers potential impacts.

The new first paragraph now allows organisations with established training needs to
provide the training themselves or take other action such as recruiting or sub-
contracting. Note a requirement for records has been added which is broader than
the term ‘training records’ in the 1996 version.

Communication – clause 4.4.3

The changes clarify what organisations need to do if they decide to communicate
externally about their environmental aspects. This will affect your management
system only if you decide to communicate in this way – in which case you need to
establish methods for communication.

It is very unlikely that an organisation will not communicate externally in one

way or another and a categorical statement by the organisation that it will not
communicate should be carefully thought through.

Environmental management system documentation - clause 4.4.4

The title has been changed to ‘Documentation’ to reflect the fact that the
requirements are now in common with ISO 9001:2000 and the list of required
documents and records has been extended. As an LRQA customer, your
management system probably already covers this but you should confirm that you
have identified all documents and records necessary to ensure effective planning,
operation and control of processes related to your significant environmental aspects.

Document control – clause 4.4.5

The title has been changed to be in line with ISO 9001:2000 and the wording has
been changed completely to reflect ISO 9001:2000. However, in reality the changes
are minimal. The key relevancies relate to external documents and the need to
identify changes to documents issued by the organisation. Other changes are in the
wording rather than in practice.

© Lloyd’s Register Quality Assurance Page 6 of 9

December 2004
This means you need to review your document control procedure and update its
wording to comply with the new standard’s wording. Implementation and operation
of the management system is not likely to be affected. However, you do need to
identify distribution control for documents of external origin such as legal
requirements, licences to operate and other requirements to which your organisation
subscribes. You should also ensure that you can identify the changes in versions of
documents issued by the organisation by tracking changes, revision index and so on.

Emergency preparedness and response - clause 4.4.7

The 1996 text has been refocused and a bullet list provided. You should check that
your existing emergency and accident procedure covers ‘identification of potential
emergency situations and potential accidents that can have (an) impact(s) on the
environment, and how it (the organisation) will respond to them’; and decide how
you wish to respond to actual emergency situations and accidents and how to
prevent or mitigate associated environmental impacts.

Evaluation of compliance – new clause 4.5.2

The most obvious change in ISO DIS 14001:2003 has been to bring the last paragraph
4.5.1 into a separate clause to highlight the importance of periodic evaluation of legal
compliance.

This change remained in the new standard and was further emphasised by the
introduction of periodic evaluation of compliance with ‘other requirements to
which the organisation subscribes’. In summary between the DIS and new
standard changes, the text has been amended to cover compliance evaluation of
legal requirements and compliance evaluation of other requirements to which
your organisation subscribes. There is a requirement for keeping records of the
results of the periodic evaluations.

The rationale for the evaluation of legal compliance has been defined as being
required ‘to meet the organisation’s commitment to compliance…’ You will need
to amend your procedure(s) for evaluation of legal compliance and also include or
create another procedure for the compliance evaluation of other requirements to
which the organisation subscribes.. You also need to ensure you keep records of
the evaluation to show its results and the fact that the periodic evaluation has
been carried out.

This clause of the standard is the one that most organisations will need to focus
on. Note an evaluation for compliance is not the same as an audit.

Non conformance, corrective and preventive action – now clause 4.5.3

This section has benefited from further clarification since the DIS stage. It is now
a very close match to the corresponding text in ISO 9001:2000. You need to look at
your current procedure and implementation of this clause to ensure it meets the
clarified requirements.

© Lloyd’s Register Quality Assurance Page 7 of 9

December 2004
Additionally the concept of potential nonconformity has been brought to the
forefront. It was already in the 1996 edition but its focus is much clearer in this FDIS
version.

Other changes
Records – now clause 4.5.4
The order of the wording has been changed. ‘Records’ now has a catch-all statement
to say an organisation needs records to demonstrate its implementation of
procedures and results achieved. You will need to look at the records you have
identified to support your EMS and this International Standard and ensure they
demonstrate compliance to the EMS, procedures and results. Recorded retention
times are no longer required, although record retention still has to be specified.

The record requirements have been included again in a few critical clauses as
noted throughout the text above.

Internal audit – now clause 4.5.5

The title has been changed to align with ISO 9001:2000, although the main part of
the requirements remains largely unchanged. The changes mean that you are
recommended to check that your audit procedures comply with the requirements,
that your audit process delivers the requirements and that your audit and auditors
are impartial and objective.

You should also ensure that your audit programme is ‘maintained’ by ensuring that
the programme is updated if audits slip or are rescheduled. Please note your new
responsibility for ‘planning’ audits – this must be addressed in the audit procedure.

Management review- clause 4.6

As with previous clauses, the wording has been aligned with ISO 9001:2000 and
provides a more detailed checklist for inputs and outputs from the management
review. Management reviews are to be conducted at ‘planned intervals’ rather than
‘intervals it determines’ and new additions for management review include
opportunities for improvement and targets – not just objectives.

As a result of the FDIS discussion, additional requirements for inputs to the

management review were included in ISO 14001:2004. These were:
• environmental performance,
• changes and development in legal requirements and other requirements,
• recommendations for improvements.

Therefore, you should ensure your current management review process covers the
inputs and outputs provided for in the requirements and ensure that additional
inputs and outputs critical to the operation of your EMS are also covered. Also be
aware of the need to document more explicitly decisions and actions arising from the
management review.

© Lloyd’s Register Quality Assurance Page 8 of 9

December 2004
Conclusion
There have been many comments and debates about the forthcoming revision to ISO
14001 and despite press reports that predict ‘business as usual’, organisations must
be aware that changes will be required to their management system in order to
ensure conformance with the new standard.

This briefing note sets out those changes and how they are likely to affect LRQA
customers and their Environmental Management Systems. Please send any enquires
to enquires@lrqa.com.

© Lloyd’s Register Quality Assurance Page 9 of 9

December 2004