MENU

The handbook was originally designed for SMEs, but all other organizations, irrespective of their size, can find this information helpful when implementing or upgrading their environmental management system to ISO 14001:2015.

In a statement by the acting ISO Secretary-General, Nicolas Fleury, he expresses:“We hope that this new edition destined to help achieve the benefits of ISO 14001 will be of practical use to small businesses, whatever their activity and wherever they may be in the world, but especially in developing countries and economies in transition. ISO 14001:2015 is a tool that helps support the Paris climate agreement and the 17 Sustainable Development Goals that make up the United Nations’ 2030 Agenda for Sustainable Development. It is our hope that this handbook will encourage further uptake of the standard, helping organizations to mitigate their environmental impact.”

Apart from the ISO 14001, there are other International Standards that help to promote improved environmental management and address issues of climate change. Some of these other ISO standards are geared toward the management of greenhouse gas (GHG) emissions and the aiding of organizations’ efforts in reporting their GHG emissions or reductions as compliance with applicable national regulatory requirements, participate in the carbon emissions trading market or demonstrate their commitment to corporate social responsibility.

Other standards in the family that might help

Some of the standards in the ISO 14000 family that may complement ISO 14001 are listed below. More details can be found in the brochure: Environmental management – The ISO 14000 family of International Standards, a basic introduction to the ISO 14000 series of standards.

  • ISO 14004 offers guidance on the establishment, implementation, maintenance and improvement of an environmental management system and its synchronization with other management systems.
  • ISO 14006 is meant for organizations that have implemented an environmental management system in accordance with ISO 14001. It helps to integrate eco-design into other management systems.
  • ISO 14064-1 stipulates principles and requirements at the organizational level for the quantification and reporting of greenhouse gas (GHG) emissions and removal.

There is no doubt that small businesses often find it difficult to implement an effective environmental management system for their operations. The ISO’s new handbook was designed to help these SMEs improve their environmental performance with the aid of the ISO 14001 standard.

Truth is, the benefits of addressing environmental issues are not limited to the protection of the environment alone; it can also help companies to improve performance and increase profitability. The handbook (ISO 14001:2015), Environmental management systems – A practical guide for SMEs was updated to include the latest edition of the standard, which was published in 2015.

The ISO 14001:2015 in figures

  • Implemented in over 180 countries
  • Over 300,000 certificates issued worldwide at end 2015
  • About 8% increase in certifications when compared with 2014

According to Susan L. K. Briggs, the handbook’s author and leader of the ISO/TC 207/SC 1/WG 5 (the group that led the revision of this standard), the update to the revised version can be summarized thus: “With the revised standard being issued, several new requirements were incorporated such as a focus on the organizational context, risks and opportunities, and leadership requirements. To facilitate expanded uptake of this standard, it was important to demystify these concepts for small and medium-sized enterprises that are by far the most numerous organizations in most economies, particularly as many companies increasingly insist that ISO 14001 requirements are respected within the supply chain.”

The implementation of an environmental management system can be a real challenge for SMEs due to limited technical and financial resources, as well as limitations in terms of staff hours. Briggs, therefore, adds “I hope this handbook, which contains technical expertise, tools, templates and lessons learned from implementing these systems myself, will support SMEs in conforming to the requirements. The hope is to reduce the financial burden of hiring technical experts… but SMEs will still need to invest time.

She continues, “The key for SME success is to leverage their informal management structures and decision-making processes, not replace them with overly complex and bureaucratic methods.” Briggs concludes by saying: “The standard provides the ‘what’, while the handbook provides the ‘how’. ISO 14001 is a set of environmental management requirements that an organization must satisfy. The handbook provides practical help, examples and guidance on how to meet those requirements.”

In order for ISO 14001 to be fully operational with the desired impacts on environmental performance, there is need for a greater leadership commitment.

What Are the Key Improvements?

ISO 14001:2015 requires the following to be fully operational:

  • Organizations should place greater priority on environmental management in its strategic direction.
  • A greater leadership commitment.
  • Establishment of proactive measures like sustainable resource use and climate change mitigation with the aim of protecting the environment from harm and degradation.
  • A deliberate attention on life-cycle thinking with genuine consideration for understanding environmental aspects from development to end-of-life.
  • The implementation of a stakeholder-inclusive communication strategy.

Due to the fact that ISO 14001 is sharing the same structure, terms and definitions with other management systems, issue of integration becomes easier.

I am certified to ISO 14001:2004. What does this mean for me?

Organizations are allowed a 3-year transition period to migrate to the new standard after its publication. Once the window lapses, you will have to seek certification to the new version. For additional information and guidance, you can consult the International Accreditation Forum’s transition planning guidance document at http://www.iaf.nu.

Should I be certified to ISO 14001?

You don’t have to be certified for your organization to benefit from using the ISO 14001 standard. However, having a third-party certification puts your organization in the good books with your buyers, customers, suppliers and other stakeholders as an establishment that have properly implemented the standard. Your certification comes in handy as an attestation for the proper implementation of the standard where an independent certification body audits your practices against the requirements of the standard. Additionally, certification helps to show how well organizations comply with the regulatory or contractual requirements.

Does ISO perform certification?

ISO develops and publishes system standards, it does not perform certification. If you need information about the certification process and how to find a certification body by visiting our ISO14001 Environmental Management page.

How do I get started with ISO 14001:2015?

There are lots of resources out there including the ISO 14001 checklist for small businesses that provide detailed guidance on how to use the standard. We, however, provide the following tips to get you started:

Tip 1: Define your objectives. Ask yourself what you want to achieve by using the standard.

Tip 2: Get the support of senior management. It is important that the decision-makers in your organization support and commit to the objectives of effective environmental management system.

Tip 3: Have a sound overview of existing processes and systems relevant to your environmental impact. Doing this will give you a better understanding of your environmental management system requirements as well as being able to identify any systemic gaps easily.

Internationally, ISO 14001 is the acceptable standard for determining the requirements for an environmental management system. It offers greater capacity for organizations looking to improve their environmental performance by being able to use resources more efficiently as well as reducing waste in a way that guarantees competitive advantage and trust from stakeholders.

What Is an Environmental Management System?

An environmental management system is the process through which organizations use a holistic approach to identify, manage, monitor and control issues in their environment. There are other ISO standards which use High-Level Structure for managing different types of systems. These include ISO 9001 and ISO 45001 which are use for quality management and occupational health and safety management respectively. The best part is that ISO 14001 can easily be integrated into any of the already existing ISO management system.

The ISO 14001 can be used by different types of organizations be it small or large, government, private, or not for-profit. All that is required is for an organization to put all environmental issues into consideration in its operations. For instance, environmental issues like air pollution, water and sewage issues, waste management, soil contamination, climate change mitigation and adaptation, as well as resource use and efficiency must all be considered.

ISO 14001, just like all other ISO management system standards, supports the continuous improvement on an organization’s existing systems and approach to environmental issues. Recently, the standard has been revised, with key improvements toward the increased dominance of environmental management with input from organization’s strategic planning processes and leadership that commit strongly to proactive initiatives for boosting environmental performance.

What Benefits Will ISO14001 Bring to My Business?

Obviously, organizations adopt a strategic approach for the improvement of its environmental performance for many different reasons. Some of the reports by users about benefits of the standard are provided below:

  • Shows conformity with current and future statutory and regulatory needs
  • Enhances leadership involvement as well as the engagement of employees
  • Elevates a company’s reputation and the confidence of all stakeholders through strategic communication
  • Guarantees the achievement of strategic business aims through the incorporation of environmental concerns into the management of business.
  • Offers competitive and financial advantages based on improved efficiencies and reduced costs
  • Promotes a better environmental performance of suppliers by making them integral part of the organization’s business systems

Why Was ISO 14001 Revised?

Of course, all ISO standards are regularly updated so they can remain relevant to the marketplace. With the update, the ISO 14001:2015 will respond more to the latest trends. This will include the increasing recognition by companies on the need to consider both the external and internal elements that may influence their environmental impact. This can be as result of the climate volatility and the competitive context in which these organizations work. Also, the changes made to the revised version make it easier for the standard to be more compatible with other management system standards.

In an encounter with Edward Humphreys, the Convener of the working group responsible for the development and maintenance of ISO/IEC 27001, information was provided to find out some of the ways the revision of the process will affect the standard users. Here are a few of some of the responses we got from the discussion:

What are the major benefits of the new edition?

The new edition is updated with the experiences of people who have sought and implemented the ISO/IEC 27001:2005 in mind. Our dream is to make the approach more flexible, with higher potentials for a more effective risk management.

More also, there are a sizeable number of improvements made to the security controls listed in Annex A, which is meant to ascertain that the standard remains relevant in dealing with today’s risks, in areas such as identity theft, risks related to mobile devices, and other online threats.

Lastly, we’ve modified the new ISO/IEC 27001 to fit the new high-level structure now used in all management system standards. The goal is to make the new ISO/IEC 27001 integrate easily with other management systems.

What are the benefits of modifying the new edition to fit the new high level structure for management system standards?

The integration of ISO/IEC 27001 with the new structure makes it easy for organizations to implement more than one management system at the same time. This alignment between the standards will help organizations to save money and time, as it is easier to adopt the integrated policies and procedures.

For instance, it is now possible for an organization to integrate their information security system (ISO/IEC 27001) with other management systems like the business continuity management (ISO/IEC 22301), IT service management (ISO/IEC 20000-1) or quality management (ISO 9001).

What is the next step in the revision process?

At the moment, the revision of the 2005 edition is at the stage of FDIS (Final Draft International Standard). It should be completed by early September, and a thorough typographical edits will be conducted afterward in readiness for the October launch. Upon the launch, the new edition of ISO/IEC 27001 will be made available for purchase, while the older version will be withdrawn from the public.

If I’m certified to ISO 27001:2005, what will this update mean for me?

If your organization is certified to the 2005 edition of the standard, you will be required to upgrade your information security management system so it can comply with the requirements of the new version. Although the transition period for the upgrading has not been decided yet, it should not be more than two to three years after the publication of the new edition. Therefore, all accredited certifying establishments should take the transition period as a grace to ensure their activities conform to the requirements of the new version. It is only those who comply with the new requirements that will have valid certificates at the end of the transition period.

What does it take to transit from the old version to the new one?

The process of upgrading to the new edition of ISO/IEC 27001 should not be problematic. Of course, the transition period provides the opportunity to perfect the upgrading process through continual improvement activities and planned surveillances audits.

Clean Energy Ministerial (CEM8) is an advanced global forum with a mandate to promote clean energy globally. The main goal was to mitigate the energy challenges facing the international community and to boost the energy management systems through the revision of ISO 50001.

Major stakeholders in clean energy, including energy ministers, technical experts and leading private-sector decision-makers, gathered in Beijing, China, for the CEM8 with the purpose of discussing the practical ways to scale renewable energy, improve efficiency and collaborate on clean energy initiatives. There were other series of side events, forums and workshops organized for the same purpose. One of these events includes an International Workshop on Improving Green Consumption, which features the benefits of ISO 50001.

After six years of ISO 50001’s existence, its developers also met in Beijing at the annual meeting of ISO technical committee ISO/TC 301, Energy management and energy savings, with a mandate to update the ISO 50001. The goal is to ensure that the ISO 50001 remains a useful tool for various businesses and organizations globally.

A great deal of progress was made which lead to the moving of the revised edition of ISO 50001 to a Draft International Standard. It is expected to be released within three months of its completion. The new edition of ISO 50001, as an International Standard, is expected to be published between November and December 2018.

According to Deann Desai, the convenor of the working group revising the energy standard, “One of the main changes for the 2018 version is in the incorporation of the High-Level Structure which provides for improved compatibility with other management systems standards. There are other improvements in the 2018 version to help ensure that the key concepts related to energy performance are clear for small and mid-size businesses.”

Since its publication in 2011, the ISO 50001 has transformed the way organizations manage their energy by providing them a comprehensive approach to continually improve energy performance, its sustainability, as well as their bottom line. The standard has been established as a best-practice model and a global benchmark for climate and clean energy action. As of 2015, about 12,000 organizations were already certified in accordance with the standard. The statistics shows an upward of 77% compared to the previous year.

In fact, analysis from CEM reveals that a global implementation of the ISO 50001 standard across the commercial and industrial sectors could help promote a cumulative energy savings of approximately 62 exajoules by year 2030. This can help save up to USD600billion in terms of energy costs, as well as help in avoiding close to 6500 million metric tonnes of CO2 emissions. Simply put, the initiative equals the removal of an equivalent of 215 million passenger vehicles from the road – that is, in terms of annual emissions savings.

The leading objectives of the global climate change agenda are to reduce energy consumption and improve energy efficiency. This explains the latest updates to the ISO 50001, which denotes the International Standard for improving energy performance.

In reality there has been increased energy consumption despite its contribution to about 60% of the world’s greenhouse gas emissions. Also, over a billion people are yet to have access to electricity, while a sizeable number of individuals still rely heavily on harmful and polluting energy sources. So it isn’t surprising that a key part of the 17 Sustainable Development Goals of the United Nations’ 2030 Agenda focuses on addressing issues of energy efficiency and climate change challenges.

Upon its publication in 2011, the ISO 50001, Energy management systems – Requirements with guidance for use, was able to transform the energy performance of organizations worldwide by providing them the strategic tool through which they can use energy more efficiently and effectively.

The ISO 50001 flagship helps provide a framework that allows for effective energy performance management as well as addresses the energy costs. This encourages many more companies to work toward meeting emissions reduction targets by reducing their negative environmental impacts.

According to Roland Risser, the Chair of the ISO technical committee that developed the standard, the ISO 50001 has just been updated so it can become more effective at tackling the world’s energy challenges. This newly updated version of ISO 50001 provides improved terms and definitions that offer better clarification of some energy performance concepts.

He says, “There is a stronger emphasis on the role of top management as well, as it is important to instilling an organizational culture change.” He then explained further that “It is also now aligned with ISO’s requirements for management system standards, making it easier to integrate into an organization’s existing management systems.”

Since its release seven years ago, the ISO 50001 has become increasingly important in energy performance management. According to the ISO Survey, a total of 20,216 ISO 50001 certificates have been issued as of 2016. The survey reveals that the number of certifications issued increased by 69% during 2016.

The ISO 50001:2018 was developed by ISO technical committee ISO/TC 301, Energy management and energy savings. The secretariat is under the joint control of ANSI, the ISO’s member for the USA, and SAC, the ISO’s member for China.

A handbook providing practical advice for small and medium-sized enterprises (SMEs) has been launched by ISO and the International Electrotechnical Commission (IEC). The handbook is meant to provide a guide on ways to achieve the benefits of implementing an information security management system (ISMS) in accordance with the International Standard ISO/IEC 27001.

The ISO/IEC 27001 was published in 2005 and it remains one of the fastest growing management system standards that are being implemented by thousands of different organizations in over 100 countries around the world.

ISO/IEC 27001 for Small Businesses – Practical advice provides a practical guide and a step-by-step explanation on information security approach for SMEs on the implementation of an ISMS strategy based on the ISO/IEC 27001 standard.

The comment in the foreword to the handbook by Rob Steele states thus: “An information security management system based on ISO/IEC 27001:2005 can empower the small business to compete successfully on today’s globalizing markets. This handbook is intended to provide the key to the door.”

The information in the handbook is like an asset that needs to be protected since it adds value to the organization. Obviously, information security protects data from different threats to a business. It promotes business continuity, minimizes business damage, as well as maximizes the return on investments and business opportunities. The ISMS is a dynamic system built to manage and make sensitive information secure within the company. It covers a wide range of business aspects including people, processes and information technology systems.

Whatever the form of information, be it sensitive data about an organization’s customers, suppliers or stakeholders, they must be protected. Information can be stored in paper form or most likely digital form. The goal is to ascertain safety of an organization’s products, processes or markets.

There is no doubt that information is power. Hence, any organization that failed to protect it’s information can render itself powerless. This is because a breach of data can ruin an organization’s reputation. This can result in financial losses and can cause havoc in business operations.

The ISO/IEC 27001:2005 provides the processes, through which an organization can establish, implement, review, monitor, manage, and maintain an effective ISMS. The implementation of state-of-the-art processes like the ISO 27001 will give customers and suppliers the reassurance that the organization they are dealing with takes issues concerning threats to information security seriously.

QMP 6 – Evidence-Based Decision Making

 

Statement

Basing decisions on the outcomes of data analysis and evaluation guarantee improved capacities to arrive at the desired results.

Rationale

Decision making is a complex process that often involves a lot of uncertainties. This may involve multiple sources of inputs, some of which may have subjective interpretations. Therefore, it is important to understand cause-and-effect relationships and the potential unintended consequences of decision making. Ultimately, facts, evidence and data analysis are the necessary ingredients for achieving greater objectivity as well as develop the confidence needed in decision making.

Key Benefits

  • Improved decision-making processes
  • Improved assessment of performance processes as well as the required ability to achieve objectives
  • Help improve operational efficiency and effectiveness
  • People’s Increased ability to review, question and change opinions and decisions
  • Increase the ability to measure the effectiveness of past decisions

Expected Actions

  • Ascertain, measure, and monitor the organization’s key performance
  • Allow suitable methods for the analysis and evaluation of relevant data and information.
  • Enable competent employees to analyse and evaluate data as needed.
  • Make decisions and take action based on available evidence, supported with experience and a certain level of understanding.
  • Ensure all necessary data and information is available and accessible to all the relevant people.
  • Be certain that all data and information is accurate, reliable and secure.

QMP 7 – Relationship management

 

Statement

Every organisation must learn to manage its relationships with interested parties – including suppliers, partners, customers, and distributors if they plan to have sustained success.

Rationale

Interested parties often influence the performance of an organization. Sustained success is more likely to be achieved when the organization manages relationships with all of its interested parties to optimize their impact on its performance. Relationship management with an organisation’s suppliers and partner networks is of great importance. 

Key Benefits

  • The organisation’s improved performance through positive responses to opportunities
  • Collective understanding of goals and values among interested parties
  • Better capability to build increased value for interested parties through resource sharing as well as increasing competence and management of quality-related risks
  • Properly managed supply chain that guarantees a stable flow of goods and services for the organisation

Expected Actions

  • Identify all relevant and interested parties (such as suppliers, partners, distributors, customers, investors, employees, and the society as a whole) and how their relationships affect the organization.
  • Measure performance and offer feedback to interested parties so as to enhance improvement initiatives.
  • Identify and prioritize interested party’s relationships that need better attention.
  • Create relationships that support short-term gains with long-term considerations.
  • Appreciate improvements and achievements by suppliers and partners.
  • Share information, expertise and resources with relevant interested parties.
  • Create collaborative development and improvement activities with suppliers, partners and other relevant interested parties.

 

 

 

QMP 4 – Process Approach

 

Statement

Results are achieved with more precision and effectiveness when activities are well understood and managed through interrelated processes that work as a coherent system.

Rationale

The processes of quality management system are interrelated. An organisation can optimize the system and its performance if they have better understanding of how results are produced by the system.

Key Benefits

  • It enhances the capacity to channel efforts toward the fundamental processes as well as opportunities that drive improvement.
  • It guarantees a system of aligned processes that supports precise and consistent outcomes.
  • It scales up performance by leveraging effective process management, efficient use of resources, and reduced cross-functional barriers.
  • It gives an organization the ability to boost interested parties’ confidence concerning its consistency, effectiveness and efficiency.

Expected Actions

  • Provide suitable definition of the system as well as the processes involved to achieve them.
  • Have a good perspective of the organization’s capabilities and identify some of the resource constraints prior to action.
  • Identify all the factors involved in the interdependencies of processes and provide the analysis of the effect of any modifications to each process on the entire
  • Coordinate and manage the various processes including system interrelations so as to effectively and efficiently achieve the organization’s quality objectives.
  • Ascertain the availability of relevant information needed to operate and improve the processes as well as ensure the monitoring, analyzing and evaluation of the performance of the overall system.
  • Ensure proper management of risks that can affect outputs of the processes as well as the overall outcomes of the quality management system.

QMP 5 – Improvement

 

Statement

Constant and consistent focus on improvement is the secret of successful organizations.

Rationale

Improvement is essential in an organization that wants to maintain its ongoing levels of performance, manage changes in the conditions of its internal and external environment, as well as create new opportunities.

Key Benefits

  • Creates better process of performance, organizational capabilities and customer satisfaction
  • Increases focus on the investigation and determination of root-cause, as well as the support by prevention and corrective actions
  • Increases the ability to predict and respond to internal and external risks and opportunities
  • Promotes and supports both incremental as well as breakthrough improvements
  • Enhances the use of learning for improvement purposes
  • Promotes and supports the drive for innovation

Expected Actions

  • Facilitate the development of improvement objectives at all levels of the organization.
  • Educate and train all levels on relevant tools and methodologies needed for achieving improvement objectives.
  • Ascertain that people have the capacities to successfully launch and complete improvement projects.
  • Create implementable processes to drive improvement projects all through the organization.
  • Track, review and audit all the processes including planning, implementation, completion and results on improvement projects.
  • Recognize and acknowledge improvement.