1、Designation: E 2107 06Standard Practice forEnvironmental Regulatory Compliance Audits1This standard is issued under the fixed designation E 2107; the number immediately following the designation indicates the year oforiginal adoption or, in the case of revision, the year of last revision. A number i
2、n parentheses indicates the year of last reapproval. Asuperscript epsilon (e) indicates an editorial change since the last revision or reapproval.1. Scope1.1 PurposeThis practice2identifies minimum require-ments for environmental regulatory compliance audits (audits).It also provides information on
3、the terms and proceduresassociated with audits as practiced in the United States ofAmerica (USA) and other jurisdictions subject to the lawsthereof. It provides a reference to which interested parties mayrefer for definition and description of accepted audit terms andprocedures.1.2 Background:1.2.1
4、Awareness of Benefits Associated with AuditsVarious benefits have been attributed to audits. These benefitsmay include a better understanding of the compliance status ofa facility or organization, identification of opportunities forenvironmental management systems improvements, reductionor eliminati
5、on of potential legal and financial liabilities whenimplemented as part of a comprehensive compliance manage-ment program, better communications and improved relation-ships with governmental agencies, communities, and otherstakeholders, providing information for development of bothshort-term and lon
6、g-term environmental expenditures, andeducation of employees.1.2.2 Awareness of Risks Associated with AuditsIt is alsoimportant to recognize that certain risks have been associatedwith audits. These risks may be managed and controlled bygiving thoughtful consideration to the audit process beforebegi
7、nning an audit. These risks may include increased potentiallegal and financial liabilities for the audited entity if auditfindings are not corrected in a timely manner, disclosure ofconfidential business information or trade secrets, inadvertentadmissions against interest because of the wording of a
8、uditfindings, disclosure of audit findings intended to be keptconfidential under audit privilege laws or attorney-client privi-lege or work product doctrine, and inaccurate audit findings.1.2.3 Awareness of Legal IssuesA number of importantlegal issues are associated with audits. Example legal issue
9、sinclude the qualification for one or more evidentiary privileges,the qualification for limited immunity, the protection of tradesecrets and confidential information, the application of anumber of government policies associated with environmentalaudits (including federal and state programs that prov
10、ideincentives for detecting, disclosing, and correcting potentialviolations through auditing), the form and language of auditreports, the necessity of reporting certain information to thegovernment (either federal, state, or local agencies), the poten-tial liability of auditors, and the importance o
11、f promptlyaddressing issues identified during audits. Prior to initiatingand during an audit, interested parties should consider potentiallegal issues and consult legal counsel or other experts asappropriate.1.3 OrganizationThis practice is organized in the follow-ing manner:SectionScope 1Referenced
12、 Documents 2Terminology 3Significance and Use 4Responsibilities 5Auditor Qualifications and Staffing 6The Audit Process 7Evaluation and Report Preparation 8Keywords 92. Referenced Documents2.1 ASTM Standards:3E 1527 Practice for Environmental Site Assessments: PhaseI Environmental Site Assessment Pr
13、ocessE 1528 Practice for Limited Environmental Due Diligence:Transaction Screen ProcessE 2365 Guide for Environmental Compliance PerformanceAssessment1This practice is under the jurisdiction of ASTM Committee E50 on Environ-mental Assessment, Risk Management, and Corrective Action and is the directr
14、esponsibility of Subcommittee E50.05 on Environmental Risk Management.Current edition approved Oct. 15, 2006. Published October 2006. Originallyapproved in 2000. Last previous edition approved in 2000 as E 2107 00.2As used herein, a “Standard” is a document that has been developed andestablished wit
15、hin the consensus principles of the Society and that meets theapproval requirements of ASTM procedures and regulations. A “Guide” is acompendium of information or a series of options that does not recommend aspecific course of action. A guide increases the awareness of information andapproaches in a
16、 given subject area. A “Practice” in contrast, is a definitive set ofinstructions for performing one or more specific operations that does not produce atest result. See Form and Style for ASTM Standards.3For referenced ASTM standards, visit the ASTM website, www.astm.org, orcontact ASTM Customer Ser
17、vice at serviceastm.org. For Annual Book of ASTMStandards volume information, refer to the standards Document Summary page onthe ASTM website.1Copyright ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA 19428-2959, United States.2.2 ISO Standards:ISO 14010 Guidelines for
18、Environmental AuditingGeneral Principles4ISO 14011 Guidelines for Environmental AuditingAuditProceduresAuditing of Environmental ManagementSystems4ISO 14012 Guidelines for Environmental AuditingQualification Criteria for Environmental Auditors43. Terminology3.1 Definitions of Terms Specific to This
19、Standard:3.1.1 action plana plan to address audit findings thatdescribes planned response actions, parties responsible fortheir execution, and expected completion dates.3.1.2 audit authoritythe entity or body that authorizes, orinitiates, the audit process. The audit authority may be internalor exte
20、rnal to the audited entity.3.1.3 audit criteriaenforceable environmental require-ments that are applicable to an audited entity. Examplesinclude laws, regulations, orders, and permits.3.1.4 audit datainformation obtained during an audit tosupport audit findings.3.1.5 audit findinga statement of audi
21、ted entity conditionsat the time of the audit compared to audit criteria. Auditfindings shall be based upon verifiable audit data and may beeither positive or negative with respect to audit criteria.3.1.6 audit objective(s)broad statement(s) of what theaudit intends to accomplish.3.1.7 audit plandoc
22、umentation that describes the audit.Elements that should be included or referenced in the auditplan are: the audit objective; audit scope; identities of theauditing entity, audit team, and audit authority; audit schedule;auditor health and safety issues; audit report preparation;record retention and
23、 management requirements; logistics;working papers management; a process for promptly commu-nicating auditor concerns for potential environmental or regu-latory impact including concerns requiring further evaluation;special conditions or requirements; and whatever measures, ifany, desired to maximiz
24、e audit confidentiality.3.1.8 audit purposereason for the audit.3.1.9 audit protocola list of issues or questions designedto address the audit objective(s) based upon audit criteria.3.1.10 audit reporta written summary of audit findingsthat is objective, clear, concise, constructive, and timely.3.1.
25、11 audit scopea description of what is to be audited.The audit scope shall include a description of the period underreview, the audited entity, and the audit criteria.3.1.12 audit teamone or more auditors responsible forconducting an audit. The audit team may be supported bytechnical experts and aud
26、itors-in-training.3.1.13 audited entitya facility, organization, or partthereof, that is the subject of an audit.3.1.14 auditing entitythe organization that provides audi-tors.3.1.15 auditora person qualified to conduct an audit.3.1.16 environmental regulatory compliance audit(audit)a systematic, do
27、cumented, and objective review of anaudited entity to evaluate its compliance status relative to auditcriteria.3.1.17 independencea condition characterized by organi-zational standing where an auditor is free to conduct an auditwithout being controlled or influenced by others.3.1.18 lead auditoran a
28、uditor designated to lead andmanage the audit.3.1.19 objectivitya condition characterized by the absenceof bias, influences, and conflicts of interest that affect or havethe potential to compromise audit findings.3.1.20 open issuespotential audit findings that cannot beverified or resolved without a
29、dditional information.3.1.21 period under reviewthe time interval over whichconditions at the audited entity are evaluated against auditcriteria.3.1.22 physical inspectionfirst hand observation and as-sessment of audited entity conditions.3.1.23 recordsdocumentation and other forms of recordedinform
30、ation.3.1.24 regulatory entitiesorganizations that have the legalauthority to develop, implement, administer, or enforce auditcriteria. For example, federal, state, tribal, or local government.3.1.25 working paperspaper and electronic documenta-tion developed by an auditor from observations, record
31、re-views, and interviews during an audit.4. Significance and Use4.1 Intended UseThis practice is intended for use byparties who wish to perform or direct an audit, or rely uponaudit findings or an audit report. Such use includes audits byinternal and external auditors.4.2 Other Audit CriteriaOther a
32、udit criteria may be in-cluded in the audit scope if specified in the audit plan.Examples include safety and health requirements, and techni-cal, operational, and management requirements.4.3 Related ASTM StandardsThis practice is related toPractice E 1527, which addresses CERCLA liability, andPracti
33、ce E 1528, which addresses due diligence for commercialreal estate. A number of terms and procedures from thesepractices are similar to terms and procedures associated withthis practice but they may not be the same. Guide E 2365addresses environmental compliance assessment and may bean appropriate t
34、ool for some environmental regulatory compli-ance audits. The user is advised that Guide E 2365 is not anall-encompassing compliance assessment tool.4.3.1 Not InterchangeableAlthough distantly related toPractices E 1527 and E 1528, this practice is designed toachieve different results. Therefore, th
35、ese practices shall not beused interchangeably with, or in place of, this practice.4.4 Related ISO GuidelinesThe International Organiza-tion for Standardization (ISO) has developed guidelines ad-dressing environmental auditing. These are ISO 14010,ISO 14011, and ISO 14012. A number of terms and proc
36、eduresfrom these guidelines may be similar to terms and proceduresassociated with this practice but they may not be the same.4Available from American National Standards Institute (ANSI), 25 W. 43rd St.,4th Floor, New York, NY 10036, http:/www.ansi.org.E21070624.4.1 Not InterchangeableAlthough relate
37、d to ISO guide-lines, this practice is designed for a different purpose. There-fore, these ISO guidelines shall not be used interchangeablywith, or in place of, this practice.4.5 Additional ServicesA number of issues may arise as aresult of an audit, but are outside the scope of this practice.Such i
38、ssues include, but are not limited to, development ofaction plans and cost estimates to address audit findings.4.6 ConditionsThe following conditions shall govern theapplication of this practice.4.6.1 Not ExhaustiveA audit shall not constitute an ex-haustive review of audited entity compliance with
39、all poten-tially applicable audit criteria unless explicitly intended andstated as an audit objective in the audit plan.4.6.2 Level of Review is VariableThe audit scope mayvary to meet different audit objectives. For example, the auditscope may include only selected audit criteria, selected periodun
40、der review, or selected portions of a facility or organization.4.6.3 Continued Viability of Environmental AuditAn auditcompleted in accordance with this practice shall be valid foronly the period under review. Because audit criteria andaudited entity conditions may change over time, it shall not bea
41、ssumed that an audit report is reliable, or has continuedviability, for other than the period under review.4.6.4 Usage of Prior AuditsInformation contained withinreports from prior audits should be used only if it has continuedviability and if use of that information is appropriate.5. Responsibiliti
42、es5.1 Audit Authority ResponsibilitiesThe audit authorityshall:5.1.1 Determine the need for an audit;5.1.2 Specify or approve the audit purpose;5.1.3 Select the auditing entity and/or lead auditor; and5.1.4 Support the audit process.5.2 Lead Auditor ResponsibilitiesThe lead auditor shallensure the e
43、fficient and effective completion of an audit. To dothis the lead auditor shall work through the auditing entity to:5.2.1 Develop, with the audit authority, an audit plan;5.2.2 Gather appropriate audited entity background infor-mation;5.2.3 Assemble a qualified audit team;5.2.4 Communicate with the
44、audited entity regarding auditplan issues. For example, schedule, logistics, access, availabil-ity of audited entity staff to interview, operating conditions,audit team needs, and health and safety precautions;5.2.5 Manage the audit team;5.2.6 Serve as the primary point of communication betweenthe a
45、udit team and any other entity regarding the audit plan,audit findings, and audit reports;5.2.7 Seek to prevent and resolve problems that could affectaudit quality and timeliness;5.2.8 Ensure the audit is conducted in accordance with thispractice;5.2.9 Notify the audit authority of conditions that m
46、ayprevent audit completion in accordance with the audit plan; and5.2.10 Prepare an audit report.5.3 Auditor ResponsibilitiesAuditors shall support thelead auditor in completing an audit. To do this, auditors shall:5.3.1 Understand the audit plan and their individual area ofresponsibility;5.3.2 Follo
47、w lead auditor direction;5.3.3 Review audit criteria and any protocols to be used, andestablish a personal work plan for assigned areas of responsi-bility;5.3.4 Collect sufficient relevant audit data to support auditfindings;5.3.5 Develop and document audit findings;5.3.6 Assist in preparing audit r
48、eports; and5.3.7 Maintain audit data and documentation in a securemanner.5.3.8 Disclose issues to the auditing entity that may com-promise objectivity.5.4 Audited Entity ResponsibilitiesThe audited entityshall:5.4.1 Ensure that the audit is supported, including cooper-ating with the auditors to ensu
49、re that audit objectives are met;5.4.2 Provide the auditing entity with requested backgroundinformation in a timely manner;5.4.3 Ensure audit team safe, timely and complete access;5.4.4 Inform audit team of relevant health and safety re-quirements and practices;5.4.5 Provide audit team, for the duration of the audit, withsecure and reasonable support needs;5.4.6 Provide the audit team with facility escorts knowl-edgeable of audited entity operations, to accompany auditorson physical inspections;5.4.7 Assist auditor in identifying pert
