CSA Z773-2003 Environmental Compliance Auditing (First Edition).pdf

1、Z773-03(reaffirmed 2013)Environmental Compliance AuditingLegal Notice for StandardsCanadian Standards Association (operating as “CSA Group”) develops standards through a consensus standards development process approved by the Standards Council of Canada. This process brings together volunteers repre

2、senting varied viewpoints and interests to achieve consensus and develop a standard. Although CSA Group administers the process and establishes rules to promote fairness in achieving consensus, it does not independently test, evaluate, or verify the content of standards.Disclaimer and exclusion of l

3、iabilityThis document is provided without any representations, warranties, or conditions of any kind, express or implied, including, without limitation, implied warranties or conditions concerning this documents fitness for a particular purpose or use, its merchantability, or its non-infringement of

4、 any third partys intellectual property rights. CSA Group does not warrant the accuracy, completeness, or currency of any of the information published in this document. CSA Group makes no representations or warranties regarding this documents compliance with any applicable statute, rule, or regulati

5、on. IN NO EVENT SHALL CSA GROUP, ITS VOLUNTEERS, MEMBERS, SUBSIDIARIES, OR AFFILIATED COMPANIES, OR THEIR EMPLOYEES, DIRECTORS, OR OFFICERS, BE LIABLE FOR ANY DIRECT, INDIRECT, OR INCIDENTAL DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES, HOWSOEVER CAUSED, INCLUDING BUT NOT LIMITED TO SPECIAL OR CONSEQUE

6、NTIAL DAMAGES, LOST REVENUE, BUSINESS INTERRUPTION, LOST OR DAMAGED DATA, OR ANY OTHER COMMERCIAL OR ECONOMIC LOSS, WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE), OR ANY OTHER THEORY OF LIABILITY, ARISING OUT OF OR RESULTING FROM ACCESS TO OR POSSESSION OR USE OF THIS DOCUMENT, EVEN IF CSA

7、GROUP HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, INJURY, LOSS, COSTS, OR EXPENSES.In publishing and making this document available, CSA Group is not undertaking to render professional or other services for or on behalf of any person or entity or to perform any duty owed by any person or en

8、tity to another person or entity. The information in this document is directed to those who have the appropriate degree of experience to use and apply its contents, and CSA Group accepts no responsibility whatsoever arising in any way from any and all use of or reliance on the information contained

9、in this document. CSA Group is a private not-for-profit company that publishes voluntary standards and related documents. CSA Group has no power, nor does it undertake, to enforce compliance with the contents of the standards or other documents it publishes. Intellectual property rights and ownershi

10、pAs between CSA Group and the users of this document (whether it be in printed or electronic form), CSA Group is the owner, or the authorized licensee, of all works contained herein that are protected by copyright, all trade-marks (except as otherwise noted to the contrary), and all inventions and t

11、rade secrets that may be contained in this document, whether or not such inventions and trade secrets are protected by patents and applications for patents. Without limitation, the unauthorized use, modification, copying, or disclosure of this document may violate laws that protect CSA Groups and/or

12、 others intellectual property and may give rise to a right in CSA Group and/or others to seek legal redress for such use, modification, copying, or disclosure. To the extent permitted by licence or by law, CSA Group reserves all intellectual property rights in this document.Patent rightsAttention is

13、 drawn to the possibility that some of the elements of this standard may be the subject of patent rights. CSA Group shall not be held responsible for identifying any or all such patent rights. Users of this standard are expressly advised that determination of the validity of any such patent rights i

14、s entirely their own responsibility.Authorized use of this documentThis document is being provided by CSA Group for informational and non-commercial use only. The user of this document is authorized to do only the following:If this document is in electronic form:sLOADTHISDOCUMENTONTOACOMPUTERFORTHES

15、OLEPURPOSEOFREVIEWINGITsSEARCHANDBROWSETHISDOCUMENTANDsPRINTTHISDOCUMENTIFITISIN0$ (b) provide an explanation of circumstances surrounding the actual field condition; and (c) be phrased where possible to permit a specific “yes” or “no” answer. Committee interpretations are processed in accordance wi

16、th the CSA Directives and guidelines governing standardization and are published in CSAs periodical Info Update, which is available on the CSA Web site at www.csa.ca. Canadian Standards Association Environmental Compliance Auditing September 2003 1 Z773-03 Environmental Compliance Auditing 0 Introdu

17、ction 0.1 Purpose The purpose of an environmental compliance audit (ECA) is to collect and assess evidence to determine an organizations level of compliance with environmental statutes, regulations, local laws, and other identified criteria. 0.2 Uses of ECAs 0.2.1 Corrective Action An ECA can assist

18、 the user in identifying areas that are, or may become, out of compliance so that corrective or remedial action can be taken. 0.2.2 Benchmarking An ECA can provide benchmarks for environmental performance that can be used as part of an organizations environmental management system or for the purpose

19、 of reporting environmental performance to third parties, such as lenders, community stakeholders, and customers. 0.2.3 Preventive Action Applied proactively, compliance audits can reduce the potential for environmental harm or risk, government enforcement action, or other consequences of inadequate

20、 environmental policy by eliminating the circumstances that give rise to non-compliance. ECAs act as a proactive mechanism to avoid non-compliance by providing the organization with the knowledge necessary to meet legal requirements. 0.2.4 Due Diligence Used proactively, ECAs can assist in demonstra

21、ting that a party has acted with reasonable care and can, therefore, be an element of a due diligence defence in response to legal action. 0.2.5 Risk Management Organizations are faced with a variety of risks related to environmental compliance and performance, including risk to their financial, env

22、ironmental, legal, and public accountability and reputation. An ECA provides a mechanism to identify risks so that the audit client can make informed decisions for risk management and control in property management, facility operations, and investment decisions. 0.3 Interrelationship between Environ

23、mental Compliance Audits and Environmental Management Systems Environmental management systems, such as those in conformity with CAN/CSA-ISO 14001, can provide a framework for managing environmental issues. While the existence of an environmental management system does not ensure compliance with leg

24、islation, and demonstrated compliance is not required to register a management system with a third party, a management system provides a mechanism to identify and respond to legal requirements. Since CAN/CSA-ISO 14001 requires periodic evaluation of compliance, an ECA can provide evidence Z773-03 Ca

25、nadian Standards Association 2 September 2003 that the organization has met certain elements of the ISO, CSA, or other EMS standards. Examples of these elements include (a) identifying significant aspects and establishing objectives; (b) monitoring and measuring; (c) establishing policy commitments

26、to regulatory compliance; and (d) determining the organizations need to ensure compliance with environmental legislation and regulations. 1 Scope 1.1 General This Standard establishes the principles and practices of an environmental compliance audit. It is intended to provide a consistent framework

27、and minimum requirements for conducting ECAs in order to ensure that the ECAs address regulatory and liability requirements, as well as site-specific requirements. 1.2 Application This Standard can be applied to any organization, its sites or operations, or processes or parts thereof, regardless of

28、size or sector. The Standard can be applied to ECAs conducted by internal personnel or by external auditors. 1.3 Limitations This Standard does not include a specific audit protocol. This Standard does not attempt to provide direction for the decision-making that can follow an ECA. These business de

29、cisions are based on case-specific details that cannot be generalized for the purposes of this Standard. Decisions of this nature are best addressed on a case-by-case basis, in consultation with the appropriate environmental, legal, and business counsel. 2 Reference Publications This Standard refers

30、 to the following publications, and where such reference is made, it shall be to the edition listed below. CSA (Canadian Standards Association) CAN/CSA-ISO 14001-96 (R2001) Environmental Management Systems Specification with Guidance for Use CAN/CSA-ISO 19011-01 Guidelines for quality and/or environ

31、mental management systems auditing 3 Definitions The following definitions apply in this Standard: Audit client a person or business entity commissioning an auditor to perform an environmental compliance audit. Auditee a person or business entity whose undertaking is the subject of an ECA. Canadian

32、Standards Association Environmental Compliance Auditing September 2003 3 Audit evidence verifiable records, statements of fact, or other information relevant to the audit criteria. Note: Audit evidence may be qualitative or quantitative. Audit findings results of the evaluation of the conformance of

33、 collected audit evidence to audit criteria. Auditor a person or business entity carrying out an ECA according to the requirements of this Standard. Audit plan description of the activities and arrangements for an audit. Audit team one or more auditors conducting an audit, supported, if needed, by t

34、echnical experts. Notes: (1) One auditor of the audit team is appointed as audit team leader. (2) The audit team can include auditors-in-training. Competence demonstrated personal attributes and demonstrated ability to apply knowledge and skills. Criteria the provisions of environmental legislation

35、and other requirements against which the auditor compares collected audit evidence about the undertaking. Note: See Clause 6.2.4 for a discussion of typical audit criteria. Environment surroundings in which an organization operates; it includes air, water, land, natural resources, flora, fauna, and

36、humans, and the interrelations of these elements. Environmental aspect an element of an organizations activities, products, or services that can interact with the environment. Environmental compliance audit (ECA) a systematic and documented verification process that involves objectively obtaining an

37、d evaluating evidence to determine whether an organizations activities conform to applicable statutes, regulations, and local laws. Environmental legislation applicable environmental statutes, regulations, bylaws, and local laws. Scope the extent and boundaries of the audit in terms of factors such

38、as physical location and organizational activities and also the manner of reporting on them. Technical expert a person who provides specific knowledge or expertise to the audit team. Notes: (1) Specific knowledge or expertise is that which relates to the organization, the process or activity to be a

39、udited, or the language and culture of the audit client. (2) A technical expert does not act as an auditor in the audit team. Undertaking the businesses, operations, processes, products, and sites of an audit client that are the subject of the ECA. User an audit client or a third party other than th

40、e audit client who uses the information obtained and presented in an ECA. Z773-03 Canadian Standards Association 4 September 2003 4 Principles 4.1 General The conduct of an ECA is characterized by reliance on a number of principles. These make the audit an effective and reliable tool for determining

41、 the undertakings level of compliance with identified criteria. Adherence to these principles is a prerequisite for (a) providing audit conclusions that are relevant and sufficient; and (b) enabling auditors working independently from one another to reach similar conclusions in similar circumstances

42、. 4.2 Confidentiality and Legal Liability The audit client has a reasonable expectation of confidentiality and does not expect disclosure of the ECA findings or even of the fact that an ECA has been carried out. The audit clients express written consent shall be obtained before any such disclosure i

43、s made. In some circumstances, disclosure can be by compulsion of law (e.g., where the auditors report has been subpoenaed or required by regulatory authorities in the course of an investigation). In circumstances where the ECA is undertaken to provide information to legal counsel to assist the audi

44、t client in obtaining legal advice, it is possible that the parties intend solicitor/client privilege to attach to communications with the auditor and to the report. The privilege is lost if the report and other communications are not treated at all times as confidential. Note: A discussion of the c

45、ircumstances in which solicitor/client privilege applies is beyond the scope of this Standard. An ECA can identify information that, if disclosed, could result in liability or an assertion of liability. The information can also affect existing or future commercial relations. The auditor and the audi

46、t client shall jointly consider the purpose of the ECA, the information that will be obtained, and the potential legal and commercial implications. The auditor shall advise the audit client of any potential reporting responsibilities and describe the circumstances in which they would arise. Legal co

47、unsel should be consulted if an issue arises as to potential legal liabilities as a result of conducting an ECA. 4.3 Objectivity and Independence The auditor shall be objective and free from bias throughout the ECA process. The relationship of the auditor to the organization and to the undertaking b

48、eing audited shall be clearly described in the ECA report. The auditor should be independent of the audit client. Where in-house personnel of an organization perform an ECA, there should be a clear separation between the functions of the auditor and those of the auditee. 4.4 Conflict of Interest The

49、 auditor shall disclose any conflict of interest to the audit client in advance of commencing the ECA and shall note any such conflict in the ECA report. The auditor shall not have any undisclosed direct or indirect interest in the undertaking or the client. Except for remuneration and the information required for performance of the audit, the auditor shall not