In this article, I’m going to cover clause 6.1.1 generously 😀 called general which falls under Clause 6.1 Actions to address risks and opportunities.
I’m going to break this clause down and turn it into something you can all understand. You’ll then be able to apply this to your own organization's system and understand what the requirements will look like for you. No more guessing!
Clause 6.1.1 General falls under Actions to address risks and opportunities which is the first clause in the Planning section of ISO 14001. I know that the clause title of general doesn’t really explain much does it? What on earth does a clause titled “General” mean?
To be honest I don’t know what the ISO 14001 technical committee was thinking when they named quite a few clauses throughout the standard as General. I can see that clauses called General are always the first clauses in a subclause section which sort of explains it a bit, I guess? A general clause normally explains an overall expectation of what’s coming up.
Now, there are quite a few different elements to this subclause so I will break them down into smaller chunks and explain each part as I go.
This is an interesting clause as I think it’s actually pulling everything that you’ve learned and applied in two previous clauses to now take action – do something about it. As well as looking forward to what you will learn in clauses that are still coming up in Clause 6.
ISO 14001 isn’t just all talk and no action!
The sub-clause 6.1.1 starts off by stating that:
The organization shall establish, implement and maintain the process(es) needed to meet the requirements in 6.1.1 to 6.1.4.
This is now saying it is expected that you will identify risks and opportunities as a result of working through the requirements of these clauses that you’re yet to come across in the standard – clauses that follow this one, which is – and I’ll repeat them for you:
- Clause 6.1.2 Environmental aspects
- Clause 6.1.3 Compliance obligations
- Clause 6.1.4 Planning action
Now I’m not going to go into the requirements of these clauses here, but you can certainly take a look on ATOL.tv to find out what I have to say about each of these clauses.
So all of these risks and opportunities that you identify as a result of actions from other clauses in ISO 14001 now need actions to address them. These actions may look like new processes, new equipment, training, new technology, setting objectives, and putting on new team members or contractors. Whatever is needed to action these risks and opportunities will just be a part of your business and environmental management system.
This subclause also then states that
When planning for the environmental management system, the organization shall consider:
- a) the issues referred to in 4.1
- b) the requirements referred to in 4.2,
- c) the scope of its environmental management system
I want to reflect back on exactly what this statement is saying. What I do want to point out, is that this is referring back to clause 4.1 Understanding the organization and its context, clause 4.2 Understanding the needs and expectations of interested parties, and clause 4.3 Determining the scope of the environmental management system.
Now, before you can action any of these requirements you should have implemented the requirements for clauses 4.1, 4.2, and 4.3 so you do have an understanding of the requirements identified. I’ve covered these requirements in previous videos so be sure to check these out on ATOL.tv if you need a refresher.
As a result of completing the requirements for clauses 4.1, 4.2, and 4.3 you will have identified risks and opportunities to the business and to the quality management system. So now clause 6.1.1 wants you to recognize those risks and opportunities and put some actions in place to manage them so as to (as per the rest of this clause):
- - give assurance that the environmental management system can achieve its intended outcomes.
- - prevent, or reduce, undesired effects, including the potential for external environmental conditions to affect the organization and then finally
- - achieve continual improvement.
These actions we put in place are so we can improve our performance within the environmental management system and manage risks to mitigate any impacts but also leverage the opportunities all the while moving towards continual improvement.
This clause then goes on to state that:
Within the scope of the environmental management system, the organization shall determine potential emergency situations, including those that can have an environmental impact.
Of course, this makes total sense! While you work through the requirements and identify risks or potential risks to the business this will naturally result in the identification of what could potentially go wrong – so potential emergency situations. You will identify high-risk areas that you do want to proactively acknowledge and then put some emergency response plans in place. I’m not going to go into detail about this here as this is all covered in clause 8.2 Emergency preparedness and response.
Now to finish off this clause it is stated that
The organization shall maintain documented information on:
- - risks and opportunities
- - process(es) needed in 6.1.1 to 6.1.4 to the extent necessary to have confidence they are carried out as planned.
Which leads me to ask the question - What would this look like in your environmental management system? Now that I’ve broken this clause down, what are we looking for in this documented information requirement? I mentioned some of these actions earlier on as examples which were new processes, new equipment, training, new technology, setting objectives, and putting on new team members or contractors.
So as auditors, we would see these actions as documented or visible evidence as part of the audit.
Now, is that normally all that you would see? To be honest no. What is quite common to see is a risk register of some description. The risks and opportunities identified as part of the output from clause 4 and clause 6 (all of the clauses referenced so far) could be documented in the risk register and then a risk assessment completed in the register followed by the planned actions. Having a risk register does help to define the highest risks and the most productive opportunities to focus your time and effort on.
Now that I’ve explained all of these requirements, can you see more clearly how you could act and demonstrate these actions in your management system? Most importantly - keep it real. Follow a process that aligns most with how your business works currently.
If you are interested in learning more about ISO 14001, head over to our website and learn more today!
