7.

Iso 9000 and ISO 14000

ISO 14000
ISO 14000 is a family of standards related to environmental management that
exists to help organizations (a) minimize how their operations (processes etc.)
negatively affect the environment (i.e. cause adverse changes to air, water, or
land); (b) comply with applicable laws, regulations, and other environmentally
oriented requirements, and (c) continually improve in the above.
ISO 14000 is similar to ISO 9000 quality management in that both pertain to the
process of how a product is produced, rather than to the product itself. As with ISO
9000, certification is performed by third-party organizations rather than being
awarded by ISO directly. The ISO 19011 audit standard applies when auditing for
both 9000 and 14000 compliance at once.
The requirements of ISO 14001 are an integral part of the European Union‘s Eco-
Management and Audit Scheme (EMAS). EMAS‘s structure and material
requirements are more demanding, foremost concerning performance
improvement, legal compliance and reporting duties.
Brief history of environmental management systems
In 1992, BSI Group published the world's first environmental management systems
standard, BS 7750. This supplied the template for the development of the ISO
14000 series in 1996, by the International Organization for Standardization, which
has representation from committees all over the world (ISO) (Clements 1996,
Brorson & Larsson, 1999). As of 2010, ISO 14001 is now used by at least 223 149
organizations in 159 countries and economies.
Development of the ISO 14000 series
The ISO 14000 family includes most notably the ISO 14001 standard, which
represents the core set of standards used by organizations for designing and
implementing an effective environmental management system. Other standards
included in this series are ISO 14004, which gives additional guidelines for a good
environmental management system, and more specialized standards dealing with
specific aspects of environmental management. The major objective of the ISO
14000 series of norms is "to promote more effective and efficient environmental
management in organizations and to provide useful and usable tools - ones that are
cost effective, system-based, flexible and reflect the best organizations and the best
organizational practices available for gathering, interpreting and communicating
environmentally relevant information".
Unlike previous environmental regulations, which began with command and
control approaches, later replaced with ones based on market mechanisms, ISO
14000 was based on a voluntary approach to environmental regulation (Szymanski
& Tiwari 2004). The series includes the ISO 14001 standard, which provides
guidelines for the establishment or improvement of an EMS. The standard shares
many common traits with its predecessor ISO 9000, the international standard of
quality management (Jackson 1997), which served as a model for its internal
structure (National Academy Press 1999) and both can be implemented side by
side. As with ISO 9000, ISO 14000 acts both as an internal management tool and
as a way of demonstrating a company’s environmental commitment to its
customers and clients (Boiral 2007).
Prior to the development of the ISO 14000 series, organizations voluntarily
constructed their own EMS systems, but this made comparisons of environmental
effects between companies difficult and therefore the universal ISO 14000 series
was developed. An EMS is defined by ISO as: “part of the overall management
system, that includes organizational structure, planning activities, responsibilities,
practices, procedures, processes and resources for developing, implementing,
achieving and maintaining the environmental policy’ (ISO 1996 cited in Federal
Facilities Council Report 1999).
ISO 14001 standard
ISO 14001 sets out the criteria for an environmental management system. It does
not state requirements for environmental performance, but maps out a framework
that a company or organization can follow to set up an effective environmental
management system. It can be used by any organization that wants to improve
resource efficiency, reduce waste and drive down costs. Using ISO 14001 can
provide assurance to company management and employees as well as external
stakeholders that environmental impact is being measured and improved. ISO
14001 can also be integrated with other management functions and assists
companies in meeting their environmental and economic goals.
ISO 14001, as with other ISO 14000 standards, is voluntary (IISD 2010), with its
main aim to assist companies in continually improving their environmental
performance, whilst complying with any applicable legislation. Organizations are
responsible for setting their own targets and performance measures, with the
standard serving to assist them in meeting objectives and goals and the subsequent
monitoring and measurement of these (IISD 2010).
The standard can be applied to a variety of levels in the business, from
organizational level, right down to the product and service level (RMIT
university). Rather than focusing on exact measures and goals of environmental
performance, the standard highlights what an organization needs to do to meet
these goals (IISD 2010).
ISO 14001 is known as a generic management system standard, meaning that it is
relevant to any organization seeking to improve and manage resources more
effectively. This includes:
single site to large multi-national companies
high risk companies to low risk service organizations
manufacturing, process and the service industries; including local governments
all industry sectors including public and private sectors
original equipment manufacturers and their suppliers.
All standards are periodically reviewed by ISO to ensure they still meet market
requirements. The current version of ISO 14001 – ISO 14001:2004 is under review
as of April 2012.
Basic principles and methodology
Plan – establish objectives and processes required
Prior to implementing ISO 14001, an initial review or gap analysis of the
organization’s processes and products is recommended, to assist in identifying all
elements of the current operation and if possible future operations, that may
interact with the environment, termed environmental aspects (Martin 1998).
Environmental aspects can include both direct, such as those used during
manufacturing and indirect, such as raw materials (Martin 1998). This review
assists the organization in establishing their environmental objectives, goals and
targets, which should ideally be measurable; helps with the development of control
and management procedures and processes and serves to highlight any relevant
legal requirements, which can then be built into the policy (Standards
Australia/Standards New Zealand 2004).
Do – implement the processes
During this stage the organization identifies the resources required and works out
those members of the organization responsible for the EMS’ implementation and
control (Martin 1998). This includes establishing procedures and processes,
although only one documented procedure is specified related to operational
control. Other procedures are required to foster better management control over
elements such as documentation control, emergency preparedness and response,
and the education of employees, to ensure they can competently implement the
necessary processes and record results (Standards Australia/Standards New
Zealand 2004). Communication and participation across all levels of the
organization, especially top management is a vital part of the implementation
phase, with the effectiveness of the EMS being dependant on active involvement
from all employees (Federal Facilities Council Report 1999).
Check – measure and monitor the processes and report results
During the check stage, performance is monitored and periodically measured to
ensure that the organization’s environmental targets and objectives are being met
(Martin 1998). In addition, internal audits are conducted at planned intervals to
ascertain whether the EMS meets the user's expectations and whether the processes
and procedures are being adequately maintained and monitored (Standards
Australia/Standards New Zealand 2004).
Act – take action to improve performance of EMS based on results
After the checking stage, a management review is conducted to ensure that the
objectives of the EMS are being met, the extent to which they are being met, that
communications are being appropriately managed and to evaluate changing
circumstances, such as legal requirements, in order to make recommendations for
further improvement of the system (Standards Australia/Standards New Zealand
2004). These recommendations are incorporated through continual improvement,
plans are renewed or new plans are made, and the EMS moves forward.
Continual Improvement Process
The core requirement of a continual improvement process (CIP) is different from
the one known from quality management systems. CIP in ISO 14001 has three
dimensions (Gastl, 2009):
Expansion: More and more business areas get covered by the implemented EMS.
Enrichment: More and more activities, products, processes, emissions, resources
etc. get managed by the implemented EMS.
Upgrading: An improvement of the structural and organizational framework of the
EMS, as well as an accumulation of know-how in dealing with business related
environmental issues.
Overall, the CIP-concept expects the organization to gradually move away from
merely operational environmental measures towards a strategic approach on how
to deal with environmental challenges.
Benefits
ISO 14001 was developed primarily to assist companies with a framework for
better management control that can result in reducing their environmental impacts.
In addition to improvements in performance, organizations can reap a number of
economic benefits including higher conformance with legislative and regulatory
requirements (Sheldon 1997) by adopting the ISO standard. By minimizing the risk
of regulatory and environmental liability fines and improving an organization’s
efficiency (Delmas 2009), benefits can include a reduction in waste and
consumption of resources, and operating costs. Secondly, as an internationally
recognized standard, businesses operating in multiple locations across the globe
can leverage their conformance to ISO 14001, eliminating the need for multiple
registrations or certifications (Hutchens 2010). Thirdly there has been a push in the
last decade by consumers, for companies to adopt better internal controls, making
the incorporation of ISO 14001 a smart approach for the long term viability of
businesses. This can provide them with a competitive advantage against companies
that do not adopt the standard (Potoki & Prakash, 2005). This in turn can have a
positive impact on a company’s asset value (Van der Deldt, 1997). It can lead to
improved public perceptions of the business, placing them in a better position to
operate in the international marketplace (Potoki & Prakash 1997; Sheldon 1997).
The use of ISO 14001 can demonstrate an innovative and forward thinking
approach to customers and prospective employees. It can increase a business’s
access to new customers and business partners. In some markets it can potentially
reduce public liability insurance costs. It can serve to reduce trade barriers between
registered businesses (Van der Deldt, 1997). There is growing interest in including
certification to ISO 14001 in tenders for public-private partnerships for
infrastructure renewal. Evidence of value in terms of environmental quality and
benefit to the taxpayer has been shown in highway projects in Canada.
Conformity Assessment
ISO 14001 can be used in whole or in part to help an organization, for profit or
not-for-profit, better manage its relationship with the environment. If all the
elements of ISO 14001 are incorporated into the management process, the
organization may opt to prove that it has achieved full alignment or conformity
with the international standard, ISO 14001, by using one of four recognized
options. These are:
1.make a self-determination and self-declaration, or
2.seek confirmation of its conformance by parties having an interest in the
organization, such as customers, or
3.seek confirmation of its self-declaration by a party external to the organization,
or
4.seek certification/registration of its environmental management system by an
external organization.
ISO does not control conformity assessment; its mandate is to develop and
maintain standards. ISO has a neutral policy on conformity assessment. One option
is not better than the next. Each option serves different market needs. The adopting
organization decides which option is best for them, in conjunction with their
market needs.
Option 1 is sometimes incorrectly referred to as 'self-certify" or "self-certification".
This is not an acceptable reference under ISO terms and definitions, for it can lead
to confusion in the market. The user is responsible for making their own
determination. Option 2 is often referred to as a customer or 2nd party audit, which
is an acceptable market term. Option 3 is an independent third-party process by an
organization that is based on an engagement activity and delivered by specially
trained practitioners. This option was based on an accounting procedure branded as
the EnviroReady Report, which was created to help small and medium-sized
organizations. Its development was originally based on the Canadian Handbook for
Accountants; it is now based on an international accounting standard. The fourth
option, certification, is another independent third-party process, which has been
widely implemented by all types of organizations. Certification is also known in
some countries as registration. Service providers of certification or registration are
accredited by national accreditation services such as UKAS in the UK.
ISO 14001 and EMAS
In 2010, the latest EMAS Regulation (EMAS III) entered into force; the scheme is
now globally applicable, includes key performance indicators and a range of
further improvements. Currently, more than 4,500 organisations and approximately
7,800 sites are EMAS registered.
Complementarities and Differences
ISO 14001‘s environmental management system requirements are very similar to
those of EMAS. Additional requirements for EMAS include:
stricter requirements on the measurement and evaluation of environmental
performance against objectives and targets.
government supervision of the environmental verifiers
strong employee involvement; EMAS organisations acknowledge that active
employee involvement is a driving force and a prerequisite for continuous and
successful environmental improvements.
environmental core indicators creating multi-annual comparability within and
between organisations
mandatory provision of information to the general public
registration by a public authority.
Changing from ISO 14001 to EMAS
Organizations applying ISO 14001 only have to take a few steps to become
registered under EMAS: The two main differences involve an environmental
review to identify significant environmental aspects as well as publishing an
environmental statement. Apart from that, minor changes need to be made to a
number of other elements during the process of becoming EMAS registered.
ISO 14001 Use in Supply Chains
There are many reasons why ISO 14001 should be potentially attractive to supply
chain managers including the use of the voluntary standard to guide the
development of integrated systems, its requirement for supply chain members in
industries such as automotive and aerospace, the potential of pollution prevention
leading to reduced costs of production and higher profits, its alignment with the
growing importance of corporate social responsibility, and an ISO registered
system may provide firms with a unique environmental resource, capabilities and
benefits that lead to competitive advantage.
Emerging areas of research are starting to address the use of this standard to show
that ISO 14001 registration can be leveraged across the supply chain for
competitive advantage. By looking at ISO 14001 registered firms, information
from the study compared different amounts of integration and sustainability in the
supply chain. Several research propositions and an empirical framework posit the
impacts of ISO 14001 on supply chain design.
The propositions include:
1.ISO registration leading to more proactive environmental management including
process and performance measurement related to sustainability across a supply
chain;
2.That ISO registered plants with formal environmental management systems will
have higher levels of communication required between OEMs and Tier I suppliers;
3.ISO registered plants with direct relationships to other registered plants in their
supply chain will have higher levels of waste reduction and cost efficiency than
nonregistered plants;
4.ISO registered plants with direct relationships to other registered plants in the
supply chain will have sustainable practices and projects with better ROI than
nonregistered firms;
5.ISO registered plants with direct relationships to other registered plants will have
higher levels of customer relationship management and will be positively
associated with greater expansion opportunities and image than nonregistered
plants;
6.ISO registered plants with direct relationships to other registered plants will have
fewer issues with employee health and reduced numbers of safety incidents than
nonregistered plants;
7.ISO registered plants with a direct relationship to other registered plants will
have a strong positive relationship between formal communication, training,
monitoring/control systems and firm performance; and
8.ISO registered plants with a direct relationship to other registered plants will
have higher levels of involvement and communication, which will be positively
related to more internal and external integration with supply chain members.
List of ISO 14000 series standards
ISO 14001 Environmental management systems—Requirements with guidance for
use
ISO 14004 Environmental management systems—General guidelines on
principles, systems and support techniques
ISO 14006 Environmental management systems—Guidelines for incorporating
ecodesign
ISO 14015 Environmental assessment of sites and organizations
ISO 14020 series (14020 to 14025) Environmental labels and declarations
ISO 14030 discusses post production environmental assessment
ISO 14031 Environmental performance evaluation—Guidelines
ISO 14040 series (14040 to 14049), Life Cycle Assessment, LCA, discusses pre-
production planning and environment goal setting.
ISO 14050 terms and definitions.
ISO 14062 discusses making improvements to environmental impact goals.
ISO 14063 Environmental communication—Guidelines and examples
ISO 14064 Measuring, quantifying, and reducing Greenhouse Gas emissions.
ISO 19011 which specifies one audit protocol for both 14000 and 9000 series
standards together.
ISO 9000

The ISO 9000 family of standards is related to quality management systems and
designed to help organizations ensure that they meet the needs of customers and
other stakeholders while meeting statutory and regulatory requirements related to
the product. The standards are published by ISO, the International Organization for
Standardization, and available through National standards bodies. ISO 9000 deals
with the fundamentals of quality management systems, including the eight
management principles on which the family of standards is based. ISO 9001 deals
with the requirements that organizations wishing to meet the standard have to
fulfill.[4]

Third party certification bodies provide independent confirmation that

organizations meet the requirements of ISO 9001. Over a million organizations
worldwide are independently certified, making ISO 9001 one of the most widely
used management tools in the world today. Despite widespread use, however, the
ISO certification process has been criticized as being wasteful and not being useful
for all organizations.
7.1 Reasons for use

The global adoption of ISO 9001 may be attributable to a number of factors. A

number of major purchasers require their suppliers to hold ISO 9001 certification.
In addition to several stakeholders' benefits, a number of studies have identified
significant financial benefits for organizations certified to ISO 9001, with a 2011
survey from the British Assessment Bureau showing 44% of their certified clients
had won new business. Corbett et al. showed that certified organizations achieved
superior return on assetscompared to otherwise similar organizations without
certification. Heras et al. found similarly superior performanceand demonstrated
that this was statistically significant and not a function of organization size.
Naveha and Marcus claimed that implementing ISO 9001 led to superior
operational performance in the US motor carrier industry. Sharma identified
similar improvements in operating performance and linked this to superior
financial performance. Chow-Chua et al. showed better overall financial
performance was achieved for companies in Denmark. Rajan and Tamimi (2003)
showed that ISO 9001 certification resulted in superior stock market performance
and suggested that shareholders were richly rewarded for the investment in an ISO
9001 system.

While the connection between superior financial performance and ISO 9001 may
be seen from the examples cited, there remains no proof of direct causation, though
longitudinal studies, such as those of Corbett et al. (2005) may suggest it. Other
writers, such as Heras et al. (2002), have suggested that while there is some
evidence of this, the improvement is partly driven by the fact that there is a
tendency for better performing companies to seek ISO 9001 certification.

The mechanism for improving results has also been the subject of much research.
Lo et al. (2007) identified operational improvements (cycle time reduction,
inventory reductions, etc.) as following from certification. Internal process
improvements in organizations lead to externally observable improvements. The
benefit of increased international trade and domestic market share, in addition to
the internal benefits such as customer satisfaction, interdepartmental
communications, work processes, and customer/supplier partnerships derived, far
exceeds any and all initial investment.

7.2 Background

ISO 9000 was first published in 1987. It was based on the BS 5750 series of
standards from BSIthat were proposed to ISO in 1979. However, its history can be
traced back some twenty years before that, to the publication of the United States
Department of Defense MIL-Q-9858 standard in 1959. MIL-Q-9858 was revised
into the NATO AQAP series of standards in 1969, which in turn were revised into
the BS 5179 series of guidance standards published in 1974, and finally revised
into the BS 5750 series of requirements standards in 1979 before being submitted
to ISO.

BSI has been certifying organizations for their quality management systems since
1978. Its first certification (FM 00001) is still extant and held by Tarmac Limited,
a successor to the original company which held this certificate. Today BSI claims
to certify organizations at nearly 70,000 sites globally.

7.3 Contents of ISO 9001

ISO 9001:2008 Quality management systems — Requirements is a document of

approximately 30 pages which is available from the national standards
organization in each country. It is supplemented by two other standards: ISO
9000:2005 Quality management systems — Fundamentals and vocabulary and ISO
9004:2009 Managing for the sustained success of an organization — A quality
management approach. Only ISO 9001 is directly audited against for third party
assessment purposes. The other two standards are supplementary and contain
deeper information on how to sustain and improve quality management systems;
they are therefore not used directly during third party assessment. Outline contents
for ISO 9001 are as follows:

 Page iv: Foreword

 Pages v to vii: Section 0 Intro
 Pages 1 to 14: Requirements
o Section 1: Scope
o Section 2: Normative Reference
o Section 3: Terms and definitions (specific to ISO 9001, not specified
in ISO 9000)
o Section 4: Quality Management System
o Section 5: Management Responsibility
o Section 6: Resource Management
o Section 7: Product Realization
o Section 8: Measurement, analysis and improvement
 Pages 15 to 22: Tables of Correspondence between ISO 9001 and other
standards
 Page 23: Bibliography
Before the certification body can issue or renew a certificate, the auditor must be
satisfied that the company being assessed has implemented the requirements of
sections 4 to 8. Sections 1 to 3 are not directly audited against, but because they
provide context and definitions for the rest of the standard, their contents must be
taken into account.

The standard specifies that the organisation shall issue and maintain the following
six documented procedures:

 Control of Documents (4.2.3)

 Control of Records (4.2.4)
 Internal Audits (8.2.2)
 Control of Nonconforming Product / Service (8.3)
 Corrective Action (8.5.2)
 Preventive Action (8.5.3)

In addition to these procedures, ISO 9001:2008 requires the organization to

document any other procedures required for its effective operation. The standard
also requires the organisation to issue and communicate a documented quality
policy, a Quality Manual (which may or may not include the documented
procedures) and numerous records, as specified throughout the standard.

7.4 Numbering

 4.2 Documentation requirements

 5 Management responsibility
 5.1 Management commitment
 5.2 Customer focus
 5.3 Quality policy
 5.4 Planning
 5.5 Responsibility, authority and communication
 5.6 Management review
 6 Resource management
 6.1 Provision of resources
 6.2 Human resources
 6.3 Infrastructure
 6.4 Work environment
 7 Product realization
 7.1 Planning of product realization
  7.2 Customer-related processes
 7.3 Design and development
 7.4 Purchasing
 7.5 Production and service provision
 7.6 Control of monitoring and measuring equipment
 8 Measurement, analysis and improvement
 8.1 General
 8.2 Monitoring and measurement
 8.3 Control of nonconforming product
 8.4 Analysis of data
 8.5 Improvement

7.5 Summary of ISO 9001:2008 in informal language

The quality policy is a formal statement from management, closely linked to the
business and marketing plan and to customer needs.

The quality policy is understood and followed at all levels and by all
employees. Each employee works towards measurable objectives.

The business makes decisions about the quality system based on recorded data.

The quality system is regularly audited and evaluated for conformance and
effectiveness.

Records show how and where raw materials and products were processed to
allow products and problems to be traced to the source.

The business determines customer requirements.

The business has created systems for communicating with customers about
product information, inquiries, contracts, orders, feedback, and complaints.

When developing new products, the business plans the stages of development,
with appropriate testing at each stage. It tests and documents whether the
product meets design requirements, regulatory requirements, and user needs.

The business regularly reviews performance through internal audits and

meetings. The business determines whether the quality system is working and
what improvements can be made. It has a documented procedure for internal
audits.
The business deals with past problems and potential problems. It keeps records
of these activities and the resulting decisions, and monitors their effectiveness.

The business has documented procedures for dealing with actual and potential
nonconformances (problems involving suppliers, customers, or internal
problems).

The business:

makes sure no one uses a bad product,

determines what to do with a bad product,

deals with the root cause of problems, and

keeps records to use as a tool to improve the system.

7.6 Certification

ISO does not certify organizations itself. Numerous certification bodies exist,
which audit organizations and, upon success, issue ISO 9001 compliance
certificates. Although commonly referred to as 'ISO 9000' certification, the
actual standard to which an organization's quality management system can be
certified is ISO 9001:2008. Many countries have formed accreditation bodies to
authorize ("accredit") the certification bodies. Both the accreditation bodies and
the certification bodies charge fees for their services. The various accreditation
bodies have mutual agreements with each other to ensure that certificates issued
by one of the Accredited Certification Bodies (CB) are accepted worldwide.
Certification bodies themselves operate under another quality standard,
ISO/IEC 17021, while accreditation bodies operate under ISO/IEC 17011.

An organization applying for ISO 9001 certification is audited based on an

extensive sample of its sites, functions, products, services and processes. The
auditor presents a list of problems (defined as "nonconformities",
"observations" or "opportunities for improvement") to management. If there are
no major nonconformities, the certification body will issue a certificate. Where
major nonconformities are identified, the organization will present an
improvement plan to the certification body (e.g. corrective action reports
showing how the problems will be resolved); once the certification body is
satisfied that the organisation has carried out sufficient corrective action, it will
issue a certificate. The certificate is limited by a certain scope (e.g. production
of golf balls) and will display the addresses to which the certificate refers.

An ISO 9001 certificate is not a once-and-for-all award, but must be renewed at

regular intervals recommended by the certification body, usually once every
three years. There are no grades of competence within ISO 9001: either a
company is certified (meaning that it is committed to the method and model of
quality management described in the standard) or it is not. In this respect, ISO
9001 certification contrasts with measurement-based quality systems.