ISO 14001 - Environmental Management -

When discussing about environmental management, ISO 14001 represents the common language around the world.

As awareness of environmental problems is growing, the world starts to understand that the current development patterns cannot be sustained in the long term. Organizations are required by both authorities and customers to incorporate best practices and demonstrate compliance with environmental requirements.   

ISO 14001 sets the requirements for an environmental management system and is meant to serve as a tool by an organization seeking to manage its environmental responsibilities in a systematic manner.

ISO 14001 can be implemented and certified in any organization regardless of its size and activity. The first edition of this standard was published in 1996, the second in 2004 and the current version of ISO 14001 is the one published in 2015.

ISO 14001 has proved to be quite succesful as more than 300.000 organizations from 159 countries have decided to implement it and become certified as proof of their efforts to improve their environmental performace by controlling emissions, reducing waste, conservation of natural resources and avoiding the use of polluting materials.

RIGCERT is accredited for the certificaton of environmental management systems according to ISO 14001:2015. Our accreditation certificate is available here.

ISO 14001 includes requirements that an organization has to fulfil in order to develop and implement an environmental management system that can be audited and certified as evidence of conformity. Below we explain the requirements of ISO 14001:2015 but it's important to add that, although the requirements are generic, they need to be understood and implemented according to the specifics of every organization and the environmental aspects associated to its activities, products and services.

The requirements are grouped into 7 chapters (from chapter 4 to chapter 10 of the standard) and they are: context of the organization, leadership, planning, support, operation, performance evaluation and improvement.


The organization is required to determine the internal and external issues that are relevant to its purpose and that affect its ability to achieve the intended outcomes of the environmental management system. Examples of internal issues can be: structure and governance of the organization, infrastructure, contractual relations/ partnerships, requirements of interested parties, etc; while external issues can include among others: the political system, environmental legislation, competition, the availability of technology that supports sustainable development, eco-design, eco-labelling, availability of key resources (fuel, water, etc.). Environmental conditions being affected by or capable to affect the organization should be taken into consideration also as part of the context (e.g. climate change, extreme weather, natural disasters, etc.).
ISO 14001 asks for the identification of interested parties as well as their relevant needs and expectations. Some examples of interested parties applicable to most organizations are: authorities, customers, employees, suppliers, local community, partners, NGOs, etc.
The organization must define the scope of its environmental management system – activities and locations covered by the system.


Top management is required to support the environmental management system and demonstrate commitment for its continual improvement.
Also, top management has to establish and communicate inside the company an environmental policy. Using the environmental policy the organization demonstrates the commitment to protect the environment and prevent pollution, to fulfill compliance obligations and to continually improve its environmental performance.
Top management needs to define roles, responsibilities and authorities for personnel, including here responsibilities with regards the administration and improvement of the environmental management system.
In order to have a functional environmental management system the involvement and support from top management are key.


The organization shall identify and treat the risks and opportunities related to its environmental aspects, its compliance obligations and its context. The aim of this process is to give assurance that the environmental management system achieves intended results, undesired effects are prevented or reduced and continual improvement is achieved.
The standard requires to determine environmental aspects associated to activities, products and services (that the organization can control or influence), as well as the impacts associated, considering the life cycle perspective.
An environmental aspect represents the interaction of activities/ products/ services of the organization with the environment. The environmental impact is the result of this interaction (it can be negative or positive).
Examples of environmental aspects can be: emissions to air, releases to water or land, use of raw materials or natural resources, use of energy, energy emitted (noise, vibration, heat, etc.), generation of waste or by-products, use of space, etc.
Examples of environmental impacts: pollution/ reducing pollution, affecting/ protecting biodiversity, climate change, global warming, etc.
The company needs to quantify environmental aspects in order to establish those considered significant and implement controls to reduce or eliminate the environmental impacts associated.
There is no specific requirement of ISO 14001:2015 on using a certain methodology for the assessment/ quantification of environmental aspects. It is the choice of the organization to use the methodology that suits its needs best.
The standard asks the organization to identify compliance obligations related to the environmental aspects. Compliance obligations include legal requirements and other requirements to which the organization subscribes (e.g. requirements of the local community, environmental requirements agreed with associations/ organizations, etc.).
The organization shall establish environmental objectives and to plan actions to achieve them. Of course the fulfilment of environmental objectives has to be monitored.


Needed resources for the implementation of the environmental management system as well as for the operation and control of processes have to be provided by the organization.
The company is required to determine the necessary competence for personnel doing work under its control that can affect its environmental performance. ISO 14001 asks the organization to ensure that personnel is competent and, whenever needed, competence is acquired through different methods (e.g. training).
The organization shall ensure the awareness of persons doing work under its control with regards to its environmental policy, significant environmental aspects and associated impacts, their contribution to the environmental management system as well as the implications of not conforming to environmental requirements.
ISO 14001:2015 asks for effective communication (internal and external) processes on environmental related issues.
The environmental management system shall include documented information. The extent of the documentation differs depending on the structure and size of the organization, on its activities, its environmental aspects, its products and services. The standard requires rules for creating and updating the management system documented information (defining a format for the documents, the media – paper and/ or electronic, controls for the review and approval of documents). Also controls of documented information are needed, with regards to access, distribution, retrieval, use, storage, preservation, control of changes, retention and disposition. Those controls refer to both documents elaborated inside the organization and documents of external origin (e.g. documents from clients, external suppliers, etc.).


ISO 14001:2015 requires the organization to plan, implement, control and maintain the processes needed to meet environmental management system requirements.
Planned changes have to be controlled while the consequences of unintended changes need to be reviewed in order to mitigate adverse effects of change, is any.
The organization is required to ensure that outsourced processes are controlled or influenced, in line with their impact on the environmental performance.
ISO 14001:2015 asks the organization to ensure that environmental requirements are taken into consideration for all stages in the lifecycle of its products and services, starting from design and development to recycling or final disposal.
The organization has to determine environmental requirements for purchased products and services and communicate those requirements to its suppliers.
Also ISO 14001 requires that the organization provides information about potential significant environmental impacts associated with the transportation or delivery, use, end-of-life treatment and final disposal of its products and services (when this information is relevant, of course).
The company needs to implement needed processes to prepare for and respond to emergency situations. ISO 14001 requires organizations to ensure they have the capacity to respond in time to an emergency. Procedures for emergency situations have to be tested periodically and improved as needed.


ISO 14001:2015 requires organizations to evaluate their environmental performance and the effectiveness of the environmental management system. If environmental monitoring requires specific equipment then it should be maintained, calibrated and/ or verified as per requirements. The organization has to evaluate its compliance with applicable environmental legislation and other environmental requirements that it decided to comply with. At planned intervals the organization is required to perform internal audits of its environmental management system, to ensure that it conforms to ISO 14001:2015, it is effectively implemented and maintained. Top management is required to review periodically the environmental management system to ensure its continuing suitability, adequacy and effectiveness.


The organization is required to determine opportunities for improvement and implement necessary actions to achieve the intended outcomes of its environmental management system.
When nonconformities are identified (including here nonconformities following complaints that refer to environmental issues), the organization has to react and implement corrections (aimed at controlling the nonconformity and its consequences) and corrective actions (meant to eliminate the root cause of the nonconformity).

Those are at a glance the requirements of ISO 14001:2015. They need to be understood and adapted in relation to the specifics of the activities, products, services and environmental aspects of each organization.

The certification of the environmental management system represents the confirmation of the organization's commitment for protecting the environment and the recognition of its efforts in this direction.
ISO 14001:2015 can be implemented as a stand-alone standard or can be integrated with other popular management system standards like ISO 9001 or ISO 45001 into an integrated management system.

If you are looking for a better understanding of the requirements of ISO 14001:2015 we have prepared an online course that you can access below.
For certification purposes please contact us by e-mail at


asked questions

It is a set of elements (policies, processes and procedures) used by an organization to fulfil its objectives and perform its tasks. A management system can address a single discipline (e.g. quality management system or information security management system) or several disciplines at the same time, in what is referred to as an integrated management system. It is the choice of the organization what type of management system it chooses to implement and certify.

For every discipline there are specific standards that define the requirements for a management system (e.g. ISO 9001, ISO 14001 or ISO/IEC 27001). An organization wishing to obtain the certification of its management system has to demonstrate during an initial certification audit that it fulfils the requirements of the specific standards used as reference for certification.

Regardless of the discipline all management systems generally require organizations to define roles, responsibilities and authorities for personnel, document policies, establish objectives and actions to achieve them, demonstrate operation in controlled conditions, monitor, measure, analyze and evaluate performance and act to continually improve the system.

A management system can be implemented by the organization using internal resources or with the help of external consultants . The management system needs to be maintained and continually improved.

To be useful, a management system should become an integral part of the organization’s activities and not a set of requirements separated from operational routine.

The support from top management is vital for the success of a management system in the organization.

Certification is an attestation from a third party (usually called registrar or certification body) that the management system implemented by an organization fulfills the requirements of applicable standard(s).

So, in fact, not the organization is the subject of certification but its management system.

The certification process begins with the application sent by the organization looking to obtain certification. It has to be a written application and its useful to the certification body for understanding what is required and to plan the resources needed to provide the certification services.

A contract for the certification is signed.

The certification audit is done to evaluate how the requirements of the standard(s)/ reference documents are implemented. The audit team is made of one or several members and the audit duration depends on a series of factors like the standards for certification involved, the size of the organization, its activities. locations, etc.

In case the conclusions of the audit are positive and there are no other elements that may affect the certification, the certification body issues the conformity certificate(s).

The document General rules for the certification of management systems contains detailed information about how the certification process works, what are the requirements for obtaining and maintaining certifications.

Management system certifications are valid for 3 years, with the condition that successful yearly surveillance audits are performed (in the first and second year after certification). Surveillance audits are meant to evaluate if the management system certified continues to respect applicable requirements.

The certification program is the document that specifies the planning of surveillance audits and it is communicated to the organization at certification date.

In the third year the recertification audit takes place and the organization enters another 3-year certification cycle in similar conditions as the previous.

In case surveillance audits are not performed as scheduled the certification may be suspended. During suspension the certification is temporarily invalid. If during suspension the situation is not corrected the certification is withdrawn.

Appeals refer to decisions of RIGCERT with regards to a certain certification (e.g. not granting, suspending, withdrawal, etc) while complaints may refer to a series of aspects like: the personnel working on behalf of RIGCERT, activities of the organizations certified by RIGCERT, activities of third parties connected to RIGCERT, etc.

Appeals and complaints should be sent at and are treated confidentially.

RIGCERT personnel involved in the review and decision regarding a certain appeal or complaint have not been involved in the case being reviewed.

The review can include actions like performing special audits, request of information from the parties involved and is concluded with a formal decision communicated to the appellant and/ or complainant.

Detailed information on the appeals and complaints handling process are available in the document General rules for the certification of management systems.

do you

Want to work with us

Complete the form below with your personal information and we will contat you as soon as possible.