Certification audits vs. surveillance audits in ISO 14001

Advisera John Nolan John Nolan
July 11, 2016

If you have recently achieved ISO 14001 certification, you will be aware of what the certification audit entails and the preparatory work that needs to be done on the lead up to it. You will also have had the auditor explain the process for the future; that is, you can expect a similar re-certification audit in three years’ time and a surveillance audit normally once per annum in the two years between. In effect, the surveillance audit will be the next external audit your organization will need to prepare for, so in light of that – what is the difference between the certification and surveillance audits, and is there anything we need to be aware of to help prepare?

What is an ISO 14001 surveillance audit?

With your EMS (environmental management system) now established and operational, you need to know what to expect from your surveillance audit. Fundamentally, the surveillance audit will attempt to confirm the following elements:

  • Your EMS is still operational and effective
  • Conformity to the standard is still being achieved
  • That continual improvement is being achieved
  • To check on any areas of concern, suggestions, or that minor non-conformities fixed at the certification audit remain compliant



So, while your certification audit may have taken three days to complete, it is likely that the surveillance audit may take between one and two days, depending on your auditor. So, given that the above elements are not totally descriptive, is there anything from experience we can expect the auditor to concentrate on? Let’s examine:

  • Evidence of continual improvement and progress to your EMS: Have any improvement initiatives been started since last year that allow results and performance to improve? Are your processes supported by new documentation that provides extra support and value? Can you demonstrate positive progress and change to your EMS and its component parts since the certification audit?
  • Evidence of corrective action and risk-based thinking: These are elements that are central to the EMS and its performance, and it is highly likely that the auditor will want to see evidence of both at your surveillance audit. You can read more about risk in the article The role of risk management in the ISO 14001:2015 standardCorrective action evidence will also be needed, so it is wise to remember that some solid records of each process with inputs and outputs will be critical as evidence to the auditor.
  • Areas of concern, suggestions, and corrections: Check the certification report you were given after that audit. If you were given any minor non-conformities or suggestions for improvement at that time, it is wise to check that these were undertaken and evidence exists for the auditor.
  • EMS operation: It is wise to check the basics here – are your KPIs up to date? Are training records updated? Are employees updating any defined records you have on the EMS? Also, some coaching of employees will be of benefit, to remind your employees of how you prepared for the certification audit and the basics of how to interact with the auditor in terms of what may be asked and their expected knowledge.

So, we can see that there both differences and similarities between the certification and surveillance audits, so is there anything else we should take note of?

Certification and surveillance audits: Are they so different? 

Once you have navigated the full certification audit, then you really should be able to prepare for the surveillance audit with a minimum of fuss. In fact, if you find that this is not the case, then it is a sign that your EMS is not operating in the way it actually should be and you may need to investigate further. Our article 5 tips to help you prepare for your ISO 14001 surveillance audit can help you with this.

Making an internal audit checklist may well help you to ensure you have checked all the correct elements, which we examined in the earlier article How to make an ISO 14001 internal audit checklist. In the case of non-conformities arising from your certification audit, you can read more in the article Dealing with non-conformities from the ISO 14001 audit.

It could be argued that the surveillance audit is in fact a diluted version of the certification audit, and in fact you should find that if you meet the terms of the standard, strive for improvement, and use your internal audit to ensure all the processes are operational and work together, then passing your surveillance audit should be achievable. It is always worth remembering that the less effort you need to update your EMS for the surveillance audit, the better it is performing – and that can only be good news when the recertification audit comes around again.

Why not try our  ISO 14001 Online Foundations Course to improve your knowledge?

Advisera John Nolan
Author
John Nolan
John Nolan is a Fellow of the Institute of Leaders and Managers in the United Kingdom, and Prince 2 accredited with a background in Engineering and Electronics and Data Storage and Transfer. Having studied and qualified as both a Mechanical and Electronic Engineer, he has spent the last 15 years designing and delivering Quality Systems and projects across many sectors in the UK, including both national and local government.
Tags: #audit, #Certification, #compliance, #corrective action, #risk, #surveillance
PREVIOUS POST How to define environmental KPIs for sport events
NEXT POST What competences should an ISO 14001 internal auditor have?

Upcoming free webinar

Advisera Dejan Kosutic
Presenter
Dejan Kosutic
How to use Experta AI for ISO 27001, 9001, and 14001 implementation
Wednesday – May 22, 2024
Register now

SUGGESTED READING

Demystification of legal requirements in ISO 14001
by Robert Verbanac
Environmental performance evaluation
by Strahinja Stojanovic
ISO 14001 Competence, Training & Awareness: Why are they important for your EMS?
by Mark Hammar