What is ISO 14001

and Should I Care?

DNV Certication

DNV Certication
www.dnvcert.com
877.DNV.3530
16340 Park Ten Place
Houston, TX 77084

MANAGING RISK

The role of standards

The objective of any standard, whether it
relates to the manufacture of cars, airplanes,
machinery, or the delivery of a service transportation, hospitals, etc. - is the same.
Standards are designed to promote,
facilitate and enable consistency in a process
or product; to provide assurance that the
process or product output will meet
requirements, to provide a uniform and
predictable output every time a set of
procedures are executed. It is important to
understand that standards, in and of
themselves, do not necessarily produce a
quality process or product.
The ISO 14001 standard was published by
ISO in September 1996, and subsequently
revised in 2004. It was developed to allow
organizations to formulate a policy,
objectives and targets and implement
programs within a structured management
systems framework. Simultaneously,
legislative requirements, important public
issues and plant-specific environmental
concerns shall be considered and included
where applicable within the framework of
the environmental management system.

What is an Environmental
Management System?
An EMS is the management system that
addresses the environmental impact of a
companys processes, products and services
on the environment. The EMS provides a
formalized structure for ensuring that
environmental concerns are addressed and
met, and works to both control a companys
significant environmental effects and
achieve regulatory compliance.

The ISO 14000 series

of standards
ISO 14000 is a series of international
environmental management system
standards. They can be divided into
process related standards and product
oriented standards.

Standards

ISO 14001 is the auditable standard

against which certificates of compliance
are issued.
The ISO 14000 series of standards is one of
more than 15,000 different standards which
are maintained by the International
Organization for Standardization in Geneva,
Switzerland. The reference to ISO comes
from the Greek word Isos meaning equal
or the same - isobars, isotherms, etc. The
concept is one of consistency, predictability
and repeatability of processes.

The structure of the

ISO 14001 standard
The structure of ISO 14001 is complimentary
to the clause structure of ISO 9001:2000.

General requirements of
ISO 14001:2004
4.1 General Requirements
4.2 Environmental Policy
4.3 Planning

Evolution of the ISO 14000

series of standards

Organization or
process standards

Product oriented standards

14001 Environmental management systems.

Specification and guidance for use.
14004 Environmental management systems.
General guidelines on principles, systems
and supporting techniques.
19011 Guidelines for Quality and/or
Environmental Management
System Auditing.
14015 Environmental site assessments.
14031 Evaluation of the environmental
performance of the management system
and its relationship to the environment.

14020 Goals and principles of all

environmental labeling.
14021 Environmental labeling - self declaration
environmental claims. Terms & definitions.
14022 Environmental labeling - symbols.
14023 Environmental labeling - testing and
verification methodologies.
14024 Environmental labeling - practitioner
programs. Guiding principles, practices
and certification procedures for
multiple-criteria programs.
14040 Environmental management - life cycle
assessment. General principles
and guidelines.
14041 Environmental management - life cycle
assessment. General principles
and guidelines.
14042 Environmental management - life cycle
assessment.
14043 Environmental management - life cycle
assessment. Interpretation.
14050 Terms and definitions.
14060 Guide for the inclusion of environmental
aspects in product standards.

As a result of the United Nations conference

on Environmental Development held in
Brazil in June 1992, the International
Organization for Standardization in Geneva
made a commitment to support the
development of a set of environmental
management system standards. ISO
Technical Committee TC 207 was formed
in 1993. Members of TC 207 and its subcommittee were drawn from all over the
world. A consensus process agreement was
first reached through these committees
and ISO 14001 (the auditable standard)
was first released in 1996.
The standards are revised through review
and revision recommendations made by ISO
member countries or national bodies. There
are approximately 140 member countries
and national bodies. Each member, through
its committees and sub-committees, provides
input on suggested changes to the standards
back through a hierarchy to ISOs
headquarters in Geneva, Switzerland.

4.3.1 Environmental Aspects

4.3.2 Legal and Other Requirements
4.3.3 Objectives, Targets and Programs
4.4 Implementation and Operation
4.4.1 Resources, Roles, Responsibility
and Authority
4.4.2 Competence, Training
and Awareness
4.4.3 Communication
4.4.4 Documentation
4.4.5 Control of Documents
4.4.6 Operational Control
4.4.7 Emergency Preparedness
and Response
4.5 Checking
4.5.1 Monitoring and Measurement
4.5.2 Evaluation of Legal Compliance
4.5.3 Non-Conformity and Preventive
and Corrective Action
4.5.4 Control of Records
4.5.5 Internal Audit
4.6 Management Review

Requirements

Should ISO 14001 certification

be in my plans?
There are costs associated with
implementing an ISO 14001 compliant
environmental management system. If
companies are to make this investment then
it is important that they are able to derive a
benefit and a return on that investment.
There are really only four reasons why
anyone would consider ISO 14001
certification:

What does ISO 14001 - related

registration/certification
require?
Registration requires evidence of
implementation of ISO 14001, which also
includes: procedures to maintain
compliance to applicable laws, commitment
to continual improvement (in a broad
sense), and commitment to prevention of
pollution (e.g. recycling, process changes,
energy efficiency, materials substitution).
Whether a company decides to seek thirdparty registration or certification to ISO
14001 will be dependent on the objectives
the company has in conforming to ISO
14001, as well as the market and public
context in which the company operates.
For some companies, third-party
certification may be the most reasonable
option. For example, companies selling
products to markets in Europe might face
considerable pressure to obtain third-party
certification. However, even in Europe,

companies should not presume certification

will be necessary. It is very important to
understand that either third-party
certification or self-declaration are
available options. Third-party certification
may or may not be mandated by the
suppliers customers.

Acceptance of the standards

The ISO 14000 series of standards has
been accepted and adopted throughout
the world. There are an estimated 40,000
certificates that have been issued in more
than 80 countries. Certificates issued in
Europe now exceed 20,000.
There are currently more than 4,000
certificates in the U.S., 1,500 in Canada and
approximately 600 in Mexico. It is estimated
that an additional 2,500 companies in North
America are actively in the process of
implementing an ISO 14001 compliant
environmental management system.

1) For the value of an ISO 14001 compliant

system to identify and reduce potential
aspects and impacts that result from a
companys process. This will facilitate
reducing the likelihood of an environmental
impact occurring and can also reduce the
magnitude of the impact. It can also
improve processes and increase the
productivity and effectiveness of the
system. These attributes can in turn result
in reduced scrap and rework, more efficient
handling and disposal of waste and
by-products and therefore increased
profitability. This has the potential to
increase customer satisfaction and raise
stakeholder confidence in the company.
Stakeholders include shareholders,
employees, customers, suppliers and the
local community.
So how do you determine if certification will
have value for you and your company? The
key is to benefit from those who have
already gone through the certification
process. Most companies that have become
certified are usually proud of their
achievement and happy to share their
experience with others. Lists of certified
companies are available from the registrars
or certifying bodies. By selecting companies
who are in similar businesses to yours (your

direct competitors are probably not going to

share much information with you) and
asking them a few pertinent questions, you
can get a pretty good feel for the value of
certification to these companies.
Questions like: What have been the benefits
of certification? Can you measure these
benefits and express them in dollars - i.e.
return on investment? What was the single
biggest barrier to certification? What would
you do differently if you had to do this over
again? How much did it cost and how long
did it take?
2) From a sales and marketing point of view,
would certification make a difference? With
a like price, product or service as your
competitors, would ISO 14001 certification
make a difference in your customers
decision process in selecting a supplier?
Does certification represent a means of
differentiating you from your competition?
Are you losing business because your
competitors are already certified?
Talk to your sales and marketing people;
ask these questions on a regular basis things change. Talk to your major customers
and find out if ISO 14001 certification has
value to them.
3) Are one or more of your largest
customers likely to require that you have
ISO 14001 certification in order to continue
to be a preferred supplier, or worse, require
certification to even be allowed to bid on
contracts? Once again you need to get
your sales and marketing people to ask
these questions of your customers on a
regular basis.
4) Are there regulatory requirements for
you to have ISO 14001 certification? The
American Chemistry Council (ACC),
formerly the Chemical Manufacturers

The Certication Process

Association, is now requiring compliance

with RC14001. The RC14001 standard
combines Responsible Care with ISO
14001 requirements. It is important to
note that certification will not remove your
obligation to comply with federal, state and
local environmental requirements. The ISO
14001 implementation methodology will
generally serve to facilitate implementation
of other mandatory environmental
compliance requirements.
Some states are providing incentives to
encourage companies to implement
an EMS or to become certified to ISO
14001. Examples, Texas and Wisconsin are
lining up bipartisan support for so called
green programs (e.g. Clean Texas)
designed for a company to voluntarily
exceed regulatory compliance through ISO
14001 or an equivalent program.
Texas legislation provides for regulatory
incentives, among them reduced
inspections, on-site technical assistance,
and, in certain situations even modification
of state or federal regulatory requirements.
The answers to these four questions should
provide you with a strong basis to make an
informed decision as to whether ISO 14001
should be in your companys plans. One
thing is key, if based on the answers to the
above questions you make a determination
that ISO 14001 should be in your companys
future, put plans in place to do it at your
speed not someone elses. Do not wait until
your best customers, a governmental agency
or an industry association, give you an or
else ultimatum requiring you to be certified
in six or nine months in order to continue
to do business.

The certification process

The basic steps to certification involve a
review by an external company - the ISO
14001 certification body or registrar. It is a
two stage on-site audit process. An optional
pre-assessment may be selected in addition
to the two stage audit.
The size of the audit team is a function of
the number of employees within the scope
of the audit but would typically be two
people.
During the stage one audit, the team will
look to make sure that the company has
identified all of the applicable federal, state
and local environmental requirements and
statutes and that applicable permits and
environmental licenses have been secured.
The effectiveness of the management review
process for identifying and defining aspects
will be looked at. A review of how the
significance of these aspects is determined
will also be conducted.
Both ISO 9001:2000 and ISO 14001:2004
are based on a plan, do, check, act model.
The stage one audit of the EMS is focused
on ensuring that the plan aspect of the
model has been effectively implemented.
Areas of non-conformity will be noted and
corrective actions will be required.
The stage two audit is typically scheduled 4
to 6 weeks after the stage one audit The
focus of stage two is the do, check, act
elements of the model. The auditors are
looking to verify that the organization
adheres to its policy, objectives and
procedures as they relate to the
requirements of ISO 14001. The
recommendation for certification is based
on the number of major and minor nonconformances that have been documented

during the course of the audit.

After certification, periodic audits will
normally be conducted every six months.

How long does it take and how

much will it cost?
The time to implement an ISO 14001
compliant system is a function of the size
of the company, the number of people
involved under the scope of the
certification, the complexity of the
processes, the number and significance
of the aspects and impacts, and the degree
to which the existing EMS meets the
requirements of the standard. A typical
time line for implementation would be six
to twelve months. Certification costs, that is
those fees paid to the registrar, are small
compared to the internal costs of
implementation. The fees are a function of
the audit days required to verify compliance
which is a function of the number of
employees and the number and complexity
of the processes which relates to the aspects
and impacts. Most registrars will provide a
no obligation quotation on request.

Selecting a Registrar
If you are planning on becoming certified
to ISO 9001:2000, QS-9000, ISO 14001:2004,
or any other accredited management system
scheme, the selection of your certifying
body is an important decision.
Everything being equal, it is a relationship
that will be in place for a very long time.
That is why it is so important that your
choice is one which will provide you with
a partnership approach to certification,
provide you with value-added services
and result in a certification that is

recognized and accepted by your customers

and prospects.
In the ISO 14001 market place there are a
large number of registrars in North America
offering certification services. It is an
unregulated market - that is anybody can
set themselves up as an ISO 14001 registrar,
perform audits and issue certificates. It is
very much a buyer beware market place.
So how do you go about making an
informed decision when selecting
your registrar?
Areas to consider when evaluating registrars:

Technical competencies
Interpretation of the standards
and overall philosophy
Price
People factors

Technical competencies
The rules that registrars operate under are
largely governed by the accreditation bodies.
Most of the countries that have adopted the
ISO 14000 series of standards have their
own national accreditation body. In the U.S.
that body is the American National
Accreditation Board (ANAB formerly the
RAB). Accreditation is an important attribute
when selecting a registrar and a key factor in
making your initial short list of candidates.
In order to become accredited a registrar
has to undergo a rigorous audit and review
process. Very similar to the ISO 14000
certification process, in order to maintain
their accreditation, they are subject to ongoing surveillance or periodic audits. But
not all accredited registrars are created
equally. There are considerable differences
between them.

Interpretations
and Philosophy

If you call these companies and ask the

challenging questions - What was your
experience with XYZ registrar? What
impressed you most about the registrar?
What did you least like about your dealings
with them? Would you recommend them to
others? If you ask these questions of six or
seven companies, you will get a pretty good
picture of the overall character and
the philosophy of the registrar.
Everything being equal, this is a relationship
that will be in place for a long time and it is
therefore imperative that you make a
decision based on sound information.

Price
Money is important to most of us as
individuals, as employees and as managers
and owners of businesses. Most of the
major registrars have an overall cost of
certification which is very similar. Auditor
day rate might appear to be a convenient
indicator to compare registrar costs - but it
will not give you the basis for an apples-toapples comparison.

Interpretation of the standards

and overall philosophy
There are variances in how registrars
interpret the standards, their general
audit philosophy - are they auditing to the
letter of the standard or do they adopt a
more pragmatic approach of auditing to
the intent of the standard? What kind of
customer service response can you expect
if you select a particular registrar? What is
their track record on customer satisfaction?
What experience does this particular
registrar have in your industry sector how many certificates have they issued
to businesses like yours?

These questions are best answered by talking

to clients who have selected and become
certified by the registrar you are
considering. Reference accounts are fine
but are generally selected or pre-screened
by the registrar. A more effective and
potentially unbiased approach is for you to
make the customer selection yourself. If a
registrar is accredited they are obligated to
produce and maintain a list of all companies
that they have certified. The list may be in
hard copy or part of their web page. Get
access to the list and then pick six or seven
certified companies. Select companies who
are either in similar businesses to yours or
who may be geographically close to you or
just select companies whose judgement
you trust.

An important thing to keep in mind is

that registrars have many different ways of
actually structuring their quotations. There
are some registrars that have application,
listing and administration fees, additions to
travel expenses, cancellation and deferment
fees. There are almost as many pricing
schemes as there are registrars. How they
price is not nearly as important as the
overall cost for certification - having said
that, keep a look out for cancellation and
deferment charges which can be
particularly unfriendly.
Irrespective of how a quotation is structured
the important thing is that you are able to
determine the exact cost-of-ownership.

Most registrars will have certificates which

are valid for three years. However the
pricing is structured, ask for quotations in a
format that will allow you to determine the
full costs for a three year period. This will
enable you to make an apples-to-apples
comparison of registrar charges.
When making a registrar selection price is
important but should not be your primary
selection criteria. If you make a decision
based solely on price you are probably
making a decision that you may regret later.
Certification is a free market service. This
means that there is no requirement for a
registrar to be accredited (some industry
specific standards may require
accreditation). If a registrar is unaccredited
there are no rules or requirements for
auditor training and qualifications, industry
experience, the methodology for the
certification process and more. Compliance
with accreditation requirements costs money
- but has value to you as a customer.
Look for registrars that offer value added
services beyond the structured certification
process. Your company listing on their web
site, electronic access to your audit reports
and audit schedule.
The external fees that you will pay to
registrars for your certification are small
compared to money you will have invested
internally in putting your system in place.
Most estimates will show that the internal
costs are at least 10 times the costs that you
will pay the registrar. Having made the
commitment and investment to implement
a compliant system - keep cost in mind when
making your registrar selection but make
sure that you take into account the other
important factors listed here.

10

Summary

11

Summary
Selecting a registrar is an important
decision, everything being equal, it is a
relationship which will ideally be in place
for a long time. Taking the time to evaluate
registrars based on the above criteria will be
a good investment of your time.

About DNV
DNV is one of the worlds leading
management system certification bodies
having issued more than 50,000 ISO 9000,
ISO 14000 and other management system
related certificates across a very broad
spectrum of manufacturing and
service industries.

Additional information
People Factors
Most registrars who are accredited have
very similar technical competencies,
because these competencies are defined
and are requirements of the accreditation
bodies. Some registrars will have the right
philosophical approach described above
and most will be about the same
price range.

Ask yourself the following questions about

your initial experiences when dealing with a
potential registrar candidate. They will give
you a pretty good indication where the
registrar is on the people factor scale:
What was and has been the response
to your requests?
Were the responses timely?

So all these things being equal - how do you

make an informed decision?

What was the general attitude of the people

you had to deal with?

The registration process is a people

business - outside of the certificate itself,
there is no physical product. The product
consists of a series of interfaces from initial
requests for information, requests for
quotations, answers to questions, visits
and presentations.

Do they really act like they would want and

work to keep your business?
Are these the kind of people that you would
look forward to having a long term business
relationship with?

Copies of the ISO 14000 series of standards

can be purchased from the American
Society for Quality (ASQ) at
http://qualitypress.asq.org
For additional free copies of this leaflet,
to request a quotation or for additional
information about certification, please call:
Toll Free:

1.877.DNV.3530 or
1.877.368.3530

E-mail:

ContactUs@dnv.com

Web Site:

www.dnvcert.com

12

Additional Information

Printed in United States of America

Published by

DNV Certication
www.dnvcert.com
877.DNV.3530
16340 Park Ten Place
Houston, TX 77084

DNV is an independent foundation

established in 1864 whose objective is
safeguarding life, property and
the environment.
DNV is a world-class provider of risk
management services including safety,
health, quality and environmental
protection for business, government
and industry.
Worldwide publishing and distribution
rights held by Det Norske Veritas
Certification, Inc. (DNV Certification),
16340 Park Ten Place, Houston, Texas,
77084. No part of this document may be
reproduced by any means, nor
transmitted, nor translated into a machine
language without prior written permission
of the publisher.
The information contained in this
reference material is distributed as a guide
only; it has been compiled from sources
believed to be reliable and to represent
the best current opinion on the subject.
No warranty, guarantee or representation
is made by DNV Certification, as to the
absolute correctness or sufficiency of any
representation contained in this reference
material, and DNV Certification assumes no
responsibility in connection therewith; nor
can it be assumed that all acceptable safety
measures are included herein, or that other
measures may not be required in particular
or exceptional conditions or circumstances.
While DNV Certification does not undertake
to provide a revision service or guarantee
accuracy, we shall be pleased to respond to
your individual requests for information at
any time.
2005 Det Norske Veritas Certification, Inc.
All rights reserved.