The Audit Plan In ISO 14001

The Audit Plan In ISO 14001

The audit plan is the document that establishes the scope, objectives and criteria, and schedule of the audit. It also goes into specific details on what areas will be audited, when, and by whom.

Other details such as which checklists may be used, how the report is to be formatted and distributed, and how meetings will be conducted can also be included in the plan. In essence, the audit plan reflects the programs, procedures, and methodologies of the EMS audit process, in accordance with element 4.5.4 of ISO 14001. These planning items are usually described in the procedures for element 4.5.4 and do not need to be re-created every time an audit occurs. For example, it can be determined that the entire EMS will be audited once per year, but in four partial events. This schedule then becomes part of the procedure.

The audit scope defines what part of the organization will be audited. Obviously, this should coincide with the scope of the EMS itself, and is usually the site in question. If the full EMS audit is divided in smaller segments conducted throughout the year, then the scope of any given segment is what portion of the organization will be audited at that time. Typically, an organization will create a chart or matrix showing the various divisions of the site or activity and when it will be audited. A typical entry may show the maintenance department being audited in the first quarter and production in the fourth quarter, for example.

Also noted in the audit plan is the audit objective(s). The audit objective describes why an audit is being conducted. Typically the reason is to conform to ISO 14001 4.5.4 requiring that the EMS be periodically evaluated. Another reason is demonstrate conformance to others.

Although EMS audits may appear in their own right to be “good practice”, it is essential that auditors have a clear concept of what the general objectives of such audits are.

The definition of EMS audits highlights the need to confirm conformance with planned arrangements and to ensure that these arrangements are effective and suitable to achieve objectives. ISO 14011 expands this to form a number of general objectives for any type of EMS audit. Audits should be carried out to:

- determine conformance of an auditee’s EMS with the EMS audit criteria

- determine whether the auditee’s EMS has been properly implemented and maintained

- to identify areas of potential improvement in the auditee’s EMS

- assess the ability of the internal management review process to ensure the continuing suitability and effectiveness of the EMS

- evaluate the EMS of an organization where there is a desire to establish a contractual relationship, such as with a potential supplier or a joint-venture partner.

Using this definition and sources such as ISO 14010 and 14011, the following statement of the specific objectives of an internal EMS audit has been developed. Internal audits should be carried out to ensure that:

- The EMS continues to meet the needs of the business

- The necessary documented procedures that exist are practical and satisfy any specified requirements

- The necessary documented procedures are understood and followed by appropriately trained personnel

- Areas of conformity and nonconformity with respect to implementation of the EMS system are identified and corrective action implemented

- The effectiveness of the system in meeting the EMS objectives is determined and that a basis is created for identifying opportunities and initiating actions to improve the EMS system

The above objectives imply that internal audits are concerned with more than just the policing of an established system. If auditors and managers are to remain committed to the implementation of the EMS system, it must also contribute to the process of developing that system and seeking improvements.

Internal auditing must not be carried out in a way that results in the transfer of responsibility from the operating staff to the auditor or auditing organization, i.e., at all times the individual or department must retain and accept responsibility for his or her role in the EMS.

If the internal audit process is not designed and implemented to meet the objectives and to avoid the pitfalls described above, it is unlikely that the top management commitment essential to an effective audit process will be readily forthcoming.

The audit criteria define what the “rules” are. For the sake of this guide, the criteria will be the elements of ISO 14001. A subtle point to note however is that the site’s EMS requirements are also part of the criteria. This means that in addition to responding to the requirements of ISO 14001, the EMS must also respond to “planned arrangements”, or what the organization said it was going to do. In audits, a common response is “the standard does not require such and such detail”. However, if the site’s procedure does require some specific response, then it becomes part of the criteria. In essence, the auditors are verifying the system not only to ISO 14001, but also to what the EMS documentation states.

How the audit is divided and scheduled throughout the time interval is up to the organization and will be a function of minimizing disruption to site operations and resource needs. The only requirement is that the full audit be completed within the frequency established in the procedures under 14001, 4.5.4. One of the requirements regarding frequency is that how often an area is audited be in part a function of prior audit results. This means that the planned frequency may change with time based on what auditors are finding.

How long each audit takes again is a function of resource needs and operations. It is recommended, however, that any individual audit event not be protracted out over long time periods. The longer a task takes, the easier it is to get distracted and lose focus.

Much has been written about how to audit a system if the full audit is not completed in one event. Unlike other audits, including quality audits, where a more segmented approach can be taken, ISO 14001 systems tend to be very sensitive to consistency. For example, the emergency planning process may conform to the standard element 4.4.7 in that a procedure exists; however,

it may not reflect the potential significant impacts identified in element 4.3.1. Had the audit team focused only on element 4.4.7, they would not have noted the apparent nonconformance.

When developing an audit plan, it is wise to consider the three C’s of ISO 14001 EMS auditing:

Conformance, Consistency, and Continual Improvement. Conformance relates to addressing each of the requirements of the standard, i.e., the “shalls”. Consistency relates to how well each procedure or process of the EMS relates to the others. In other words, do objectives and targets reflect the policy commitments? Are personnel trained on the correct legal and other requirements? Finally, Continual Improvement requires that the system lead to improvements in the system itself as well as with environmental performance. A system that has all the prerequisite procedures, but remains static, is not in conformance.

The concepts of consistency and continual improvement are more subtle because they are through-running threads of the standard and not always a definitive statement. The required commitment to continual improvement and the text of the standard itself however do go some way towards reminding the auditor.

With the three C’s in mind, one now sees why it is best to audit all applicable elements of the standard in a given area at one time, rather that tracing any one standard element throughout various areas. For example, during the first quarter audit event, Company X may audit all of ISO 14001 in maintenance. During the second quarter event, all of ISO 14001 will be audited in the production area, and so on. This is in contrast to auditing only a certain element, i.e., corrective action, across several site areas in one audit event.

Now we know what is being audited, when it is being audited, and to what “rules” it is being audited. The remainder of the plan is simply then the logistics of the audit. The logistics include identification of team members, noting if and what checklists will be used, schedule and formats of meeting to name a few. Below is the full list of recommended audit plan elements as described in ISO 14011:

• the audit objectives and scope;

• the audit criteria;

• identification of the auditee’s organizational and functional units to be audited;

• identification of the functions and/or individuals within the auditee’s organization having significant direct responsibilities regarding the auditee’s EMS;

• identification of those elements of the auditee’s EMS that are of high audit priority;

• the procedures for auditing the auditee’s EMS elements as appropriate for the auditee’s organization;

• the working and reporting languages of the audit;

• identification of reference documents;

• the expected time and duration for major audit activities;

• the dates and places where the audit is to be conducted;

• identification of audit team members;

• the schedule of meetings to be held with the auditee’s management;

• confidentiality requirements;

• report content and format, expected date of issue and distribution of the audit report;

• document retention requirements.

If the internal audit is to proceed smoothly, it is helpful for the internal auditor to establish a dialogue prior to the actual audit with the person responsible for the area being audited. This dialogue may be conducted by memo, telephone, or during a formal or informal meeting. The main factor that should influence the auditor’s choice of method for setting up this dialogue should be the organization’s normal style or culture. Irrespective of the method of communication the auditor adopts, the following points should be established:

• The overall duration of the proposed audit

• The starting location and time

• The proposed scope and areas to be covered by the audit

• A timetable for approximate progress of the audit where applicable, e.g., if a number of different departments or geographical areas are to be included in the scope of the audit

• The arrangements for any close out meeting where the findings of the audit can be agreed and corrective action requirements discussed

• The personnel liable to be involved at each stage of the audit

If an auditor does not give sufficient attention to ensuring that clear agreement is reached with respect to the above points, the potential for misunderstandings that can affect the conduct of the audit is greatly increased. However, these initial communications with the personnel of the area being audited not only affect the “tone” of the forthcoming audit, but they can significantly influence the commitment and level of cooperation shown by that area throughout the audit process and for many subsequent audits.

Prior to commencing the audit, but once the plan is prepared, the audit team assignments are made, and working documents are defined. Working documents are those documents such as observation logs and checklists that are used during the audit to collect evidence, but are not necessarily retained as records. In other words, they may be discarded after the audit is complete and the report prepared.

Of these, only the checklist should require an input at this stage from the auditor. However, before compiling a checklist, the auditor must determine if the function and format of the checklist are prescribed by the audit procedure or whether personal preference can be exercised.

The format of the checklist may vary considerably, depending on whether it is intended to act as an aide or as a part of audit records showing the scope and conduct of the audit. The former may consist only of general topics to be covered during the audit, whereas the latter may be an extensive and detailed questionnaire on which details of sampling and answers to the questions are to be recorded.

The need for checklists and the type appropriate will vary according to other experience of the auditors and the culture of the company. It is recommended that for purposes of internal audits, checklists, even if limited, should always be developed. However, standard questionnaire type checklists not prepared by the auditor that must be slavishly followed and completed, should be

avoided. This latter type is likely to result in an unnecessary restriction in the scope of the audit and a stifling of auditor initiative.

Although an auditor should always work within the scope defined for the audit, the working documents must not be designed so that they restrict additional audit activities or investigations that may become necessary as a result of information gained during the audit. There are differences of opinion over whether it is preferable to create the checklist anew or whether a previously developed checklist can be used. Although the former is desirable in principle, it is not always practical in terms of the best use of the resources available. The best compromise is to utilize whatever available checklists are already in existence, but to review these critically

against the relevant documents previously identified. In this way, time can be saved in using them as a foundation without detracting from effectiveness.

The Audit Report In ISO 14001

The Audit Report In ISO 14001

Once agreement has been reached, both among the audit team and with the auditee, it is time to prepare the audit report. Note that ISO 14001 does not require a documented audit report. However, it is very difficult to verify that the auditing requirement has been satisfied without a supporting record, which is typically a documented audit report.

The audit report is prepared by the lead auditor, although he or she may have other team members prepare portions. The content of the audit report is determined by the audit plan and the organization’s EMS audit procedures. Having completed the examination phase and evaluated the collected data observations, etc., the assessor is faced with the problem of documenting any deficiencies he or she may have found. There are many different methods of documenting deficiencies, ranging from inclusion in the body of the audit report to producing non-conformance notes or corrective action requests. Irrespective of which method is adopted, the basic principles to be followed are similar. ISO 14001 does not dictate what should be in the report, and ISO 14011 only suggests contents. ISO 14011 indicates that at a minimum, the findings need to be in the report. The findings appear as a statement that the EMS is or is not in conformance with the criteria, and states what the criteria and supporting evidence are for the statement. ISO 14011 also lists other optional items to include such as:

• the identification of the organization audited and of the client;

• the agreed objectives, scope and plan of the audit;

• the agreed criteria, including a list of reference documents against which the audit was conducted;

• the period covered by the audit and the date(s) the audit was conducted;

• the identification of the auditee’s representatives participating in the audit;

• the identification of the audit team members;

• a statement of the confidential nature of the contents;

• the distribution list for the audit report;

• a summary of the audit process including any obstacles encountered;

• audit conclusions such as:

- EMS conformance to the EMS audit criteria;

- whether the system is properly implemented and maintained;

- whether the internal management review process is able to ensure the continuing suitability and effectiveness of the EMS.

The format of such reports can vary considerably and may range from completion of a simple pro-forma to expansive documents describing all aspects of the audit performance and findings. However, irrespective of the style and format, the audit report should cover the key topics already identified as being essential for discussion and presentation at the opening and closing meetings. In constructing the report two specific objectives must be borne in mind.

(1) The report has to provide objective evidence of effective implementation of the audit procedure.

(2) The report has to allow for corrective action to be addressed and that the follow-up requirements can be established and initiated.

Where there are non-conformances, there are various options regarding deficiency reporting. One option is to describe each of the deficiencies identified in the main body of the report along with any supporting evidence, and if requested, corresponding recommendations. Although this may result in a comprehensive report of audit findings, it has the disadvantage that the individual

deficiencies are often difficult to locate, particularly when trying to monitor follow-up actions.

This can be partly overcome by writing separate corrective action requests for this purpose. A useful alternative that is less time consuming is to restrict the description of deficiencies in the body of the report to general summaries only. Details of deficiencies can then be included in non-conformance notes. Ideally, the non-conformance note should also provide space for agreeing corrective actions and recording subsequent monitoring of that corrective action. In this manner, any duplication of effort with respect to audit reporting is minimized, thus producing a more easily managed system. It is important that however non-conformances are handled, it be constant with the EMS correction action process (ISO 14001, Section 4.5.2).

Before considering the steps in preparing the non-conformance note we must be clear about their purpose.

• To convey to the auditee the findings in a clear and accurate manner so that they know what to do next.

• To advise the EMS personnel or other auditors what you have found so that he can follow it up.

• To present a record that can be reviewed remotely from the scene and be understood.

All non-conformance notes must contain certain basic information.

• The physical area being audited.

- Failure to record this often results in great confusion 3 to 6 months later when a follow up visit is carried out to review corrective action implementation.

• The specific clause(s) of the assessment standard(s) against which the non-conformance is issued.

- If the auditor is unable to readily identify the applicable section of the EMS manual or the procedure against which to issue the non-conformance, he must question whether or not he is justified in writing the non-conformance. It is good practice to re-read the

requirements of the relevant system documentation to confirm that these can be interpreted as supporting the non-conformance. If they do not, then the non-conformance cannot be issued.

• The detailed nature of the non-conformance including the specific identity of documents/procedures/material, etc.

Earlier we considered the requirements for recording observations during the assessment and emphasized the need for them to be factual and to contain objective evidence that the system requirements were not being satisfied. Although this appears to be fairly straightforward, in practice this is often not the case. It is not unusual for inexperienced auditors to identify a deficiency only to fail to communicate the findings in a manner that facilitates implementation of the appropriate corrective action. The non-conformance note, while not being over long, must contain sufficient information to enable a person not present during the audit to be able to gauge the seriousness or otherwise of the observation.

The use of descriptive terms such as extensive, several, isolated, etc… is essential to communicate accurately the nature and extent of the deficiency, but care must be taken to ensure that their use does not result in a lack of objectivity; e.g., the term extensive can only be included if there is irrefutable evidence to justify its use. The auditor must also take care to ensure that the description is not only accurate but it is also fair, e.g., a statement that 50% of manifests were incorrectly signed may be accurate but is hardly fair if only two manifests were sampled.

Having documented the nature of the deficiency, some audit systems require the auditor to grade the deficiency or non-conformance, e.g., major and minor. It is not intended to discuss grading systems in detail since there are many potential variations that companies may wish to adopt. Irrespective of what system is being adopted, the auditor must ensure that the grading given and

the text describing the deficiency are completely compatible.

Distribution of the audit report and nature of documentation are decided between the auditor and auditee, although this too is usually addressed in the audit plan. An audit is considered successful when the auditee and client feel that they have useful, constructive feedback that allows them to improve the system.

ISO 9000 Document Management Software System

ISO 9000 Document Management Software System

Today’s manufacturing companies that seek ISO 9001 compliance-(regardless of their motivation to do so) probably don’t find it that difficult to create intelligent documentation. After all, a few days with a good consultant or a quality manager can take care of document creation. The problem lies in the gap between what employees are doing and what employees are supposed to be doing (in terms of adhering to documentation) and the gap between the manner in which processes are being implemented and the manner in which they should be implemented ( in accordance with documentation). In other words, the problem lies in the way processes are strategized and applied and in the way employees commit to standards when compared against existing documentation. How can a company overcome these issues? The answers may be simpler than you think.

Automation is the Answer for ISO Control
If your underlying processes are poorly strategized then an automated document management software system won’t be of much use. However, once the processes have been effectively planned (and applied) a document management software system can speed process-to-process management by leaps and bounds. Companies that automate not only to comply with ISO standards but to generate more revenue by performing less administrative labor save weeks and even years worth of time just by automating their processes and documentation control with a document management software system.

Making Amends
The right document management software system and ISO document control would also allow companies to find deviations and nonconformance events faster and move those events to resolution phases in a small fraction of the time they were originally routed—if they were routed at all. Some ISO 9000 document management software systems may even be combined with a CAPA QMS solution. This is especially valuable when determining the root cause of major to minor deviations.

A Document Management Software System and Employee Training
ISO standards do not require any type of automation but ISO standards lend themselves to automation in a way that’s quite remarkable. Take for instance the following document management requirements from the official ISO 9001 International Standard.

ISO 9001 Section 4.2.3
ISO standards make it clear that ISO 9001 “approved” companies must define (i.e., document) how they will approve documentation, how they will identify documentation changes, how they will update/reapprove revised documentation, how external documentation will be managed and how assurance will be provided that documentation will be available when it is required. 1 And that’s only a shadow of things to come! A document management software system designed for strict compliance can automate the approval of documentation, the identification of document changes, updates and reapproval notifications, external documentation management and high-level document security. Some solutions also integrate training and online exams as well.

How Much Could You Save?
Chances are high that automation will save you thousands, tens of thousands or even hundreds of thousands of dollars annually depending on the size of your company. Just foregoing a typical document routing process (a manual process) can save many employees fruitless trips back and forth from one office to another. Who wouldn’t want to avoid those time consuming searches through 3-ring binders and lost documentation due to employee absence or neglect?

Conclusion
Regulation and control are the future for manufacturing. Gone are the days of free experimentation and a blind eye toward material waste. Today is the day of premeditated design, quality assurance and web-based automation. If your company plans to be, or already is, compliant with ISO 9001 standards why not consider automating those ISO 9001 controls with a document management software system.

ISO 9000 Standards – Retention Of Records

ISO 9000 Standards – Retention Of Records

It is important that records are not destroyed before their useful life is over.
There are several factors to consider when determining the retention time for records.
The duration of the contract – some records are only of value whilst the contract is in force.
The life of the product – access to the records will probably not be needed for some considerable time, possibly long after the contract has closed. On defence contracts the contractor has to keep records for up to 20 years and
for product liability purposes, in the worst-case situation (taking account of
appeals) you could be asked to produce records up to 17 years after you made the product.
The period between management system assessments – assessors may wish to see evidence that corrective actions from the last assessment were taken. If the period of assessment is three years and you dispose of the evidence after 2 years, you will have some difficulty in convincing the assessor that you corrected the deficiency.
You will also need to take account of the subcontractor records and ensure
adequate retention times are invoked in the contract.
Where the retention time is actually specified can present a problem. If you
specify it in a general procedure you are likely to want to prescribe a single
figure, say 5 years for all records. However, this may cause storage problems – it may be more appropriate therefore to specify the retention times in the procedures that describe the records. In this way you can be selective.
You will also need a means of determining when the retention time has
expired so that if necessary you can dispose of the records. The retention time doesn’t mean that you must dispose of them when the time expires – only that you must retain the records for at least that stated period. Not only will the records need to be dated but the files that contain the records need to be dated and if stored in an archive, the shelves or drawers also dated. It is for this reason that all documents should carry a date of origin and this requirement needs to be specified in the procedures that describe the records. If you can rely on the selection process a simple method is to store the records in bins or computer disks that carry the date of disposal.
While the ISO 9000 requirement applies only to records, you may also need to retain tools, jigs, fixtures, test software – in fact anything that is needed to repair or reproduce equipment in order to honour your long-term commitments.
Should the customer specify a retention period greater than what you
prescribe in your procedures, special provisions will need to be made and this is a potential area of risk. Customers may choose not to specify a particular time and require you to seek approval before destruction. Any contract that requires you to do something different creates a problem in conveying the requirements to those who are to implement them. The simple solution is to persuade your customer to accept your policy. You may not want to change your procedures for one contract. If you can’t change the contract, the only alternative is to issue special instructions. You may be better off storing the records in a special contract store away from the normal store or alternatively attach special labels to the files to alert the people looking after the archives.

Develop Quality Management System Documentation In ISO 9000 Standards

Develop Quality Management System Documentation In ISO 9000 Standards
Documentation is the most common area of non-conformance among organizations wishing to implement ISO 9000 quality management systems. As one company pointed out: “When we started our implementation, we found that documentation was inadequate. Even absent, in some areas. Take calibration. Obviously it’s necessary, and obviously we do it, but it wasn’t being documented. Another area was inspection and testing. We inspect and test practically every item that leaves here, but our documentation was inadequate”.
Documentation of the quality management system should include:
1. Documented statements of a quality policy and quality objectives,
2. A quality manual,
3. Documented procedures and records required by the standard ISO 9001:2008, and
4. Documents needed by the organization to ensure the effective planning, operation and control of its processes.

Quality documentation is generally prepared in the three levels indicated below that follows. Use ISO 10013:1995 for guidance in quality documentation.

Level A: Quality manual
States the scope of the quality management system, including exclusions and details of their justification; and describes the processes of the quality management system and their interaction. Generally gives an organization profile; presents the organizational relationships and responsibilities of persons whose work affects quality and outlines the main procedures. It may also describe organization’s quality policy and quality objectives.

Level B: Quality management system procedures
Describes the activities of individual departments, how quality is controlled in each department and the checks that are carried out.

Level C: Quality documents (forms, reports, work instructions, etc.)
1. Work instructions describe in detail how specific tasks are performed; include drawing standards, methods of tests, customer’s specifications, etc.
2. Presents forms to be used for recording observations, etc.

ISO 9000 Standards – Document control procedures

ISO 9000 Standards – Document control procedures

The ISO 9000 Standards requires that a documented procedure be established to define the controls needed.

This requirement means that the methods for performing the various activities required to control different types of documents should be defined and documented.

Although the ISO 9000 standards implies that a single procedure is required, should you choose to produce several different procedures for handling the different types of documents it is doubtful that any auditor would deem this noncompliant. Where this might be questionable is in cases where there is no logical reason for such differences and where merging the procedures and settling on a best practice would improve efficiency and effectiveness.

Documents are recorded information and the purpose of the document
control process is to firstly ensure the appropriate information is available
where needed and secondly to prevent the inadvertent use of invalid
information. At each stage of the process are activities to be performed that
may require documented procedures in order to ensure consistency and
predictability. Procedures may not be necessary for each stage in the process.

Every process is likely to require the use of documents or generate documents and it is in the process descriptions that you define the documents that need to be controlled. Any document not referred to in your process descriptions is therefore, by definition, not essential to the achievement of quality and not required to be under control. It is not necessary to identify uncontrolled documents in such cases. If you had no way of tracing documents to a governing process, a means of separating controlled from uncontrolled may well be necessary.

The procedures that require the use or preparation of documents should also specify or invoke the procedures for their control. If the controls are unique to the document, they should be specified in the procedure that requires the document. You can produce one or more common procedures that deal with the controls that apply to all documents. The stages in the process may differ depending on the type of document and organizations involved in its preparation, approval, publication and use. One procedure may cater for all the processes but several may be needed.
The aspects you should cover in your document control procedures, (some
of which are addressed further in this chapter) are as follows
Planning new documents, funding, prior authorization, establishing need
etc.

- Preparation of documents, who prepares them, how they are drafted,
conventions for text, diagrams, forms etc.
- Standards for the format and content of documents, forms and diagrams.
- Document identification conventions.
- Issue notation, draft issues, post approval issues.
- Dating conventions, date of issue, date of approval or date of distribution.
- Document review, who reviews them and what evidence is retained.
- Document approval, who approves them and how approval is denoted.
- Document proving prior to use.
- Printing and publication, who does it and who checks it.
- Distribution of documents, who decides, who does it, who checks it.
- Use of documents, limitations, unauthorized copying and marking.
- Revision of issued documents, requests for revision, who approves the
request, who implements the change.
- Denoting changes, revision marks, reissues, sidelining, underlining.
Amending copies of issued documents, amendment instructions, and
amendment status.
- Indexing documents, listing documents by issue status.
- Document maintenance, keeping them current, periodic review.
- Document accessibility inside and outside normal working hours.
- Document security, unauthorized changes, copying, disposal, computer
viruses, fire and theft.
- Document filing, masters, copies, drafts, and custom binders.
- Document storage, libraries and archive, who controls location, loan
arrangements.
- Document retention and obsolescence.

With electronically stored documentation, the document database may provide many of the above features and may not need to be separately prescribed in your procedures. Only the tasks carried out by personnel need to be defined in your procedures. A help file associated with a document database is as much a documented procedure as a conventional paper based procedure.

ISO 9000 Standards – Document Approval

ISO 9000 Standards – Document Approval

The ISO 9000 Standards requires that documents be approved for adequacy prior to issue.

Approval prior to issue means that designated authorities have agreed the document before being made available for use. Whilst the term ade-
quacy is a little vague it should be taken as meaning that the document is judged as fit for the intended purpose. In a paper based system, this means approval before the document is distributed. With an electronic system, it means that the documents should be approved before they are published or made available to the user community.

The ISO 9000 Standards document control process needs to define the process by which documents are approved. In some cases it may not be necessary for anyone other than the approval authority to examine the documents. In others it may be necessary to set up a panel of reviewers to solicit their comments before approval is given.
It all depends on whether the approval authority has all the information
needed to make the decision and is therefore ‘competent’. One might think that the CEO could approve any document in the organization but just because a person is the most senior executive does not mean he or she is competent to perform any role in the organization.

Users should be the prime participants in the approval process so that the
resultant documents reflect their needs and are fit for the intended purpose. If the objective is stated in the document, does it fulfil that objective? If it is stated that the document applies to certain equipment, area or activity, does it cover that equipment, area or activity to the depth expected of such a document? One of the difficulties in soliciting comments to documents is that you will gather comment on what you have written but not on what you have omitted. A useful method is to ensure that the procedures requiring the document specify the acceptance criteria so that the reviewers and approvers can check the document against an agreed standard.

To demonstrate documents have been deemed as adequate prior to issue,
you will need to show that the document has been processed through the
prescribed document approval process. Where there is a review panel, a simple method is to employ a standard comment sheet on which reviewers can indicate their comments or signify that they have no comment. During the drafting process you may undertake several revisions. You may feel it
necessary to retain these in case of dispute later, but you are not required to do so. You also need to show that the current issue has been reviewed so your comment sheets need to indicate document issue status.

Identifying and Recording Design Changes In ISO 9000 Standards

Identifying and Recording Design Changes In ISO 9000 Standards

The documentation for design changes in ISO 9000 Standards should comprise the change proposal, the results of the evaluation, the instructions for change and traceability in the changed documents to the source and nature of the change. You will therefore need:
- A Change Request form which contains the reason for change and the
results of the evaluation – this is used to initiate the change and obtain
approval before being implemented.
- A Change Notice that provides instructions defining what has to be changed this is issued following approval of the change as instructions to the owners of the various documents that are affected by the change.
- A Change Record that describes what has been changed – this usually forms part of the document that has been changed and can be either in the form of a box at the side of the sheet (as with drawings) or in the form of a table on a separate sheet (as with specifications).
Where the evaluation of the change requires further design work and possibly experimentation and testing, the results for such activities should be documented to form part of the change documentation.
At each design review a design baseline should be established which identifies the design documentation that has been approved. The baseline
should be recorded and change control procedures employed to deal with any changes. These change procedures should provide a means for formally
requesting or proposing changes to the design. For complex designs you may prefer to separate proposals from instructions and have one form for proposing design changes and another form for promulgating design changes after approval. You will need a central registry to collect all proposed changes and provide a means for screening those that are not suitable to go before the review board, (either because they duplicate proposals already made or because they may not satisfy certain acceptance criteria which you have prescribed). On receipt, the change proposals should be identified with a unique number that can be used on all related documentation that is subsequently produced. The change proposal needs to:
- Identify the product of which the design is to be changed
- State the nature of the proposed change identify the principal requirements, specifications, drawings or other design documents which are affected by the change
- State the reasons for the change either directly or by reference to failure
reports, nonconformity reports, customer requests or other sources
- Provide for the results of the evaluation, review and decision to be
recorded.

Role of Governments In ISO 14001 Standards

Role of Governments In ISO 14001 Standards

Although ISO 14000 is a set of voluntary standards that individual companies may or may not choose to adopt, governments can clearly have a role in providing information, establishing the necessary framework and infrastructure, and, in some cases, helping companies to develop the basic capabilities to adopt ISO 14000. There are two particular areas in which government action would be useful: (a) providing information on the sectors and markets where ISO 14001 certification is a significant issue and assisting sector organizations to develop appropriate responses, and (b) helping to establish a certification framework, based on strengthening national standards organizations and encouraging competitive private sector provision of auditing and certification services. At present, the World Bank is having discussions with a number of countries about how assistance could be provided with these issues.

Governments should see EMS approaches as part of a broad environmental strategy that includes regulatory systems, appropriate financial incentives, and encouragement of improved industrial performance. Such encouragement can really only be effective where there is cooperation at the government level between the relevant departments, including industry and trade, as well as environment. There is a growing interest in integrating environmental management issues into productivity or competitiveness centers designed to promote SME performance, but little information exists on experience to date.

Environmental Policy In iSO 14001 Standard

Environmental Policy In ISO 14001 Standard

The company or organisation must write an environmental policy

statement which is relevant to the business activities and approved by

top management. Their full commitment is essential if environmental

management is to work. The ISO 14001 Standard clearly sets out

what to cover in the policy. Often a one page document is sufficient.

Produce a first issue and expect to amend it several times before

assessment and registration as knowledge grows in the company.

About ISO 14001:2004 Standards

The ISO 14001 aims to reduce the environmental carbon footprints that many businesses leave behind today because of not taking the right steps to be environmental sustainable. This standard promotes the decrease in the waste of necessary business resources and also reduces the pollution that can sometimes be a by product of a business.

About ISO 14001

The most updated version of the ISO 14001 was released in the year 2004 by the International Organisation of Standardization (ISO), which was attended by members from all the committees from around the world. In order for a company to be awarded the ISO 14001 standard certificate, an external auditor has to audit the company by an audit body that has been accredited by an accreditation body. The certification auditors are required to be accredited by the International Registrar of Certification Auditor and the certification body has to be accredited by the Registrar Accreditation Board in the USA or by the National Accreditation Board in Ireland.

The structure of ISO 14001 is very much like the ISO 9000, which is management standard, so these two standards can be implemented side by side to achieve the best results. As a part of the ISO 14000 family, which deals with different aspects of environmental issues, ISO 14001:2004 and ISO 14002 deal with environmental management system (EMS). ISO 14001 gives the requirements for the

EMS and ISO 14002 gives the basic guidelines for EMS.

Environmental Management System with ISO 14001:2004

The EMS, as per the requirements of the ISO 14001, enables the company, may it be of any size, location and income to:

• It helps the company improve its environmental strategy and this positively affects their environmental performance.
• It helps in identifying and controlling the environmental impact that the activities, services or products of the company might have.
• And it helps in carrying out a systematic approach to set environmental targets and objectives, to achieve these and also to demonstrate that they have been achieved.

How does it work?

ISO 14001 does not specify or chalk out a definite level that each business has to reach. If the performance was determined, then it would have to be done for every specific business. But that is not how it works and has a very different approach, like:

• The ISO has various standards dealing with environmental issues. ISO 14001 deals with a framework provided for a strategic and holistic approach to the businesses environmental policy, actions and plans.
• It gives the general requirements for the EMS.
• This also states the reference to the communication requirements for the communication of the environmental management issues between the company, stakeholders, the public and the regulators.
• As these standards are not company specific, any and every business can undertake them as long as they are dedicated to the continued and improved environmental performance and they have a commitment to comply with the set norms.