EPA Issues Report on ISO 14001 Auditing

The U.S. Environmental Protection Agency has completed a year-long, independent study of the third-party registration process for environmental management systems. Their analysis and recommendations were recently issued in a 142 page report.

They concluded that the ISO 14001 accreditation, registration, and auditing systems are developing well at this “early stage”. Most registered organizations contacted for the study are satisfied with the results. These organizations report that third-party registration and auditing have enhanced their management practices and business effectiveness. However, they also identified some unresolved issues, such as variation in interpretation and professional norms.

The report said ISO 14001 registration and auditing are subject to conflicting and, in some cases, inappropriate expectations on the part of businesses, government agencies, environmental groups, the public, and even the registrars and auditors. Some regulators consider third-party registration to be privatized regulation, substituting to a degree for compliance monitoring and inspection. However, some environmental groups perceive ISO 14001 registration as a business-controlled (and therefore not credible) substitute for compliance verification.

Some businesses envision the EMS registration as justification for regulatory or public recognition benefits, while others prefer it to remain a voluntary, by-business and for-business framework for management improvement.

Some of the recommendations in the report for the Registrar Accreditation Board (RAB) were:

  • Use a peer review system like accounting firms for uniform professional norms
  • Act fairly, but vigorously, to correct, sanction, or suspend poorly performing registrars and auditors
  • Closely scrutinize the registrar scoping and bidding process and effort-allocation criteria
  • Strengthen the auditor requirements for environmental experience and education
  • Provide public listings of all complaints against registrars and auditors (by numbers, if not by name)
  • Strengthen its guidance on auditor independence (auditing versus consulting)
  • Require auditors to document the basis for all their findings

The study found that some registrars and auditors interpret their responsibility as assuring that clients are meeting their self-selected objectives and targets. It recommended that the EMS be audited against the requirements of ISO 14001 (e.g., commitments to comply with legal and regulatory requirements, prevention of pollution, and continual improvement), not merely to the organization’s own objectives and targets.

The report also suggested that the RAB and U.S. TAG to TC 207 develop guidance on the value and limits to third-party EMS auditing and registration. This guidance should address the appropriate feedback to be given on best practices, areas for improvement, and root cause analysis. The feedback should not involve prohibited consulting or create conflicts of interest.

Click Here to see a report summary at the National Academy of Public Administration web site. The full report in PDF format can be downloaded (see the link in the executive summary). A special thank you to Randy Garrison for bringing this report to my attention.