An audit is an evidence gathering process.
Evidence is used to evaluate
how well audit criteria are being met. Audits must be
and independent, and the audit
process must be both systematic and
documented. Audits can be either internal or external.
Internal audits are referred to as first-party audits
while external audits
can be either second or third party. They can also be
(when two or more management systems of different
audited together at the same time).
Audit evidence includes records, factual
statements, and other verifiable
information that is related to the audit
criteria being used. Audit
may be thought of as a reference point and include policies,
and other forms of documented
information. They are
audit evidence to determine how well they are being met.
is used to determine how well policies are being implemented
well requirements are being followed.
Competence means being able to apply
knowledge and skill
to achieve intended results. Being competent means
knowledge and skill that you need and knowing how to apply
It means that you’re qualified to do the job.
A compliance obligation
is a requirement. There are two
of compliance obligations: mandatory
compliance obligations and
voluntary compliance obligations. Mandatory compliance
include laws and regulations while voluntary
include contractual commitments, community and industry standards,
ethical codes of conduct, and good governance guidelines. A
obligation becomes mandatory once you decide to comply with
To conform means to meet a requirement (or a
Since there are many kinds of requirements, conformity
can take many
forms. You can conform (or comply) with mandatory
laws and regulations or with voluntary requirements such as
agreements, codes, and standards.
In the context of environmental
management, you can conform
(or comply) with (or to) the ISO 14001 requirements (or
and to any additional environmental management requirements
(or obligations) that your organization establishes for
An organization’s context is its business
environment. It includes
all of the issues, factors, and conditions that could influence or be
influenced by an organization's environmental
The new ISO 14001 standard now expects you to
your external context and your internal context when you
This means that you need to identify and understand the
external issues and the external
environmental conditions that could
influence your organization's
EMS and the results that it intends to
achieve. It also means that you need to identify and
internal issues and internal environmental conditions that
influence your EMS and the results it intends to achieve.
In the context of this EMS standard,
continual improvement is a set of
recurring activities that organizations use to enhance their
performance. Environmental performance
is enhanced whenever the
environmental aspects of activities, processes, products,
systems are controlled and whenever adverse environmental
are reduced and beneficial environmental impacts are
Corrective actions are steps that are taken
to prevent recurrence
by eliminating the cause or causes of an existing
The corrective action process tries to make sure that
nonconformities don’t happen again.
The term documented
information refers to information that
must be controlled and
maintained and its supporting medium.
Documented information can be in any format and on any
and can come from any source.
Documented information includes information
about the environmental
management system and related processes. It
also includes all the
information that organizations need to operate and all the
that they use to document the results that they achieve (aka
Effectiveness refers to the degree to which
a planned effect is achieved.
Planned activities are effective if these activities are
actually carried out
and planned results are effective if these results are
The term environment refers to an
organization’s natural and human
surroundings. An organization’s environment
extends from within the
organization itself to the
global system, and includes air, water, land,
flora, and fauna (including people), and natural resources
of all kinds.
An environmental aspect is an element or
characteristic of an activity,
product, or service that interacts or can interact with the
can cause environmental
impacts. They can
have either beneficial impacts or adverse
impacts and can have a
direct and decisive impact on
the environment or contribute only
partially or indirectly to a larger environmental change.
are states or characteristics
environment at a particular point in time.
ISO 14001 expects you
identify the environmental conditions that are capable of
being affected by your organization and to figure out what
to do to prevent or reduce the risk
that these conditions could
adversely affect its environmental performance.
An environmental impact
is a change to the environment that is
caused either partly or entirely by one or more
An environmental aspect can have either a direct and
on the environment or contribute only partially or
indirectly to a larger
environmental change. In addition, it can have either a
environmental impact or an adverse environmental impact.
management system (EMS) is one part of a larger
and is a set of interrelated or
that organizations use to implement their environmental
policy, to achieve
their environmental objectives, to meet their environmental
obligations, to manage their environmental aspects,
and to address
their environmental risks and
These elements include structures,
programs, procedures, processes,
practices, plans, rules, roles, regulations,
contracts, agreements, documents, records, methods, tools,
technologies, and resources.
An environmental objective is an
environmental result your organization
intends to achieve. Your organization’s environmental
be based on or derived from its environmental
policy and must be
consistent with this policy.
The term environmental performance refers
to the environmental
results that are achieved whenever the environmental aspects
activities, processes, products, services, systems, and
are managed and controlled. Environmental performance
whenever the environmental aspects of activities, processes,
services, systems, and organizations are managed and
whenever adverse environmental
impacts are reduced and
environmental impacts are produced. You can measure environmental
performance by using indicators to compare
against environmental objectives and environmental policies
(or other suitable criteria).
A policy is a commitment, direction, or
intention and is formally stated
by the top management of an organization. An environmental
should make a commitment to protect the environment, to meet
relevant compliance obligations, and to enhance
An indicator is a “measurable
representation”. It is used to indicate
or measure the status or condition of an operation or an
the context of this standard, indicators
can be used to quantify and
They can be used to measure
how much success you’ve had and how much progress you’ve
relative to the environmental
objectives you wish to achieve and the
environmental policy you wish to implement. Indicators
can also be
used to monitor trends and to support decision making.
In general, an interested party is any
person, group, or organization who
can affect, be affected by, or believe that they are
affected by a decision
or activity. In the context of this ISO 14001 standard, an interested
is anyone who can affect, be affected
by, or believe that they are
affected by the
environmental performance of an organization.
In the context of this standard, the term life
cycle refers to the
consecutive and interlinked stages of a product system from
acquisition of raw materials to end-of-life disposal. The life cycle
of a product system includes
all associated activities, products,
and services and may include
procured goods and services as
well as end-of-life treatment, decommissioning, and
A management system is a set of
interrelated or interacting elements
that organizations use to formulate policies and objectives
establish the processes that
are needed to ensure that policies are
objectives are achieved. These elements
procedures, practices, plans, rules, roles,
responsibilities, relationships, contracts, agreements, documents,
records, methods, tools, techniques, technologies, and
There are many types of management systems. Some of
environmental management systems, financial management systems,
management systems, quality management systems, business
continuity management systems, food
safety management systems,
information security management systems,
occupational health and
safety management systems, compliance management
and emergency management systems.
Measurement is a
process that is used to determine a value.
To monitor means to determine the status of
an activity, process, or
system at different stages or at different times. In order
status, you may need to supervise and to continually observe
check the activity, process, or system that is being
Nonconformity refers to the
“non-fulfilment of a requirement”.
When an organization fails to meet a requirement, a nonconformity
exists. Since there are many kinds of requirements,
can take many forms. You can fail to conform (or fail to
mandatory requirements like laws and regulations or with
requirements such as contracts, agreements, codes, and
An objective is a result you intend to
achieve. Objectives can be strategic,
tactical, or operational and can apply to an organization as
a whole or to
a system, process, project, product, or service. Objectives
may also be
referred to as targets, aims, goals, or intended outcomes.
An organization can be a single person or a
group that achieves its
objectives by using its own
functions, responsibilities, authorities,
and relationships. It can be a company, corporation,
partnership, charity, or institution and can be
either incorporated or
unincorporated and be either privately or publicly owned. It
be an operating unit that is part of a larger entity.
When an organization
makes an arrangement with an outside
organization to perform part of a function
or process, it is referred
to as outsourcing. To outsource means
to ask an external organization
to perform part of a function or process normally done
the outsourced organization is beyond the scope of your EMS,
outsourced process or function itself may fall within the
According to ISO, the term performance
refers to a measurable result.
It refers to the measurable results that activities,
services, systems and organizations are able to achieve. So
processes, products, services, systems, or organizations
it means that acceptable results are being achieved.
To prevent pollution means to avoid,
reduce, or control the creation,
emission, or discharge of contaminants or waste materials.
must be prevented in order to reduce adverse environmental
Organizations use a wide variety of methods,
processes, products, and services to prevent pollution.
the reduction or elimination of pollution at the source; the
of resources, materials, and energy; the reuse, recovery,
and recycling of resources; the
redesign of processes, products,
and services; and the substitution of one type of energy
or substance for another cleaner energy source or substance.
A procedure is a way of carrying out a
process or an activity.
Procedures may or may not be documented.
A process is a set of activities that are
interrelated or that interact
with one another. They transform inputs into outputs.
are interconnected because the output from one process often
becomes the input for another process.
A requirement is a need, expectation, or
obligation. It can be stated or
implied by an organization, its
customers, or other interested parties.
A specified requirement is one that has been
stated (in a document for
example), whereas an implied requirement is a
need, expectation, or
obligation that is common practice or customary.
According to ISO 31000 2009, risk is the “effect
of uncertainty” and
an effect is a positive or negative deviation from
what is expected.
Risk is often expressed as a combination of
two factors: probability
and consequences. It asks two questions: what is
the probability that
a potential event will occur
in the future? And what consequences
would this event produce or what impact would it have if it
Uncertainty (or lack of certainty) is a
state or condition that involves
a deficiency of information and
leads to inadequate or incomplete
knowledge or understanding. In the context of
whenever the knowledge or understanding of
an event, consequence, or likelihood is inadequate or
According to ISO 14001 2015, risks are
potential adverse effects
(or threats) and opportunities are potential
The term top management normally refers to
the people at the top of an
organization. It refers to the people who provide resources
authority and who coordinate, direct, and control
if the scope of a management system covers only part of an
then the term top management refers, instead, to
the people who direct
and control that part of the organization.