1、Designation: E2107 06 (Reapproved 2014)Standard Practice forEnvironmental Regulatory Compliance Audits1This standard is issued under the fixed designation E2107; the number immediately following the designation indicates the year oforiginal adoption or, in the case of revision, the year of last revi
2、sion. A number in parentheses indicates the year of last reapproval. Asuperscript epsilon () indicates an editorial change since the last revision or reapproval.1. Scope1.1 PurposeThis practice2identifies minimum require-ments for environmental regulatory compliance audits (audits).It also provides
3、information on the terms and proceduresassociated with audits as practiced in the United States ofAmerica (USA) and other jurisdictions subject to the lawsthereof. It provides a reference to which interested parties mayrefer for definition and description of accepted audit terms andprocedures.1.2 Ba
4、ckground:1.2.1 Awareness of Benefits Associated with AuditsVarious benefits have been attributed to audits. These benefitsmay include a better understanding of the compliance status ofa facility or organization, identification of opportunities forenvironmental management systems improvements, reduct
5、ionor elimination of potential legal and financial liabilities whenimplemented as part of a comprehensive compliance manage-ment program, better communications and improved relation-ships with governmental agencies, communities, and otherstakeholders, providing information for development of bothsho
6、rt-term and long-term environmental expenditures, andeducation of employees.1.2.2 Awareness of Risks Associated with AuditsIt is alsoimportant to recognize that certain risks have been associatedwith audits. These risks may be managed and controlled bygiving thoughtful consideration to the audit pro
7、cess beforebeginning an audit. These risks may include increased potentiallegal and financial liabilities for the audited entity if auditfindings are not corrected in a timely manner, disclosure ofconfidential business information or trade secrets, inadvertentadmissions against interest because of t
8、he wording of auditfindings, disclosure of audit findings intended to be keptconfidential under audit privilege laws or attorney-client privi-lege or work product doctrine, and inaccurate audit findings.1.2.3 Awareness of Legal IssuesA number of importantlegal issues are associated with audits. Exam
9、ple legal issuesinclude the qualification for one or more evidentiary privileges,the qualification for limited immunity, the protection of tradesecrets and confidential information, the application of anumber of government policies associated with environmentalaudits (including federal and state pro
10、grams that provideincentives for detecting, disclosing, and correcting potentialviolations through auditing), the form and language of auditreports, the necessity of reporting certain information to thegovernment (either federal, state, or local agencies), the poten-tial liability of auditors, and t
11、he importance of promptlyaddressing issues identified during audits. Prior to initiatingand during an audit, interested parties should consider potentiallegal issues and consult legal counsel or other experts asappropriate.1.3 OrganizationThis practice is organized in the follow-ing manner:SectionSc
12、ope 1Referenced Documents 2Terminology 3Significance and Use 4Responsibilities 5Auditor Qualifications and Staffing 6The Audit Process 7Evaluation and Report Preparation 8Keywords 92. Referenced Documents2.1 ASTM Standards:3E1527 Practice for Environmental Site Assessments: Phase IEnvironmental Site
13、 Assessment ProcessE1528 Practice for Limited Environmental Due Diligence:Transaction Screen ProcessE2365 Guide for Environmental Compliance PerformanceAssessment1This practice is under the jurisdiction of ASTM Committee E50 on Environ-mental Assessment, Risk Management and Corrective Action and is
14、the directresponsibility of Subcommittee E50.05 on Environmental Risk Management.Current edition approved May 1, 2014. Published July 2014. Originally approvedin 2000. Last previous edition approved in 2006 as E2107 06. DOI: 10.1520/E2107-06R14.2As used herein, a “Standard” is a document that has be
15、en developed andestablished within the consensus principles of the Society and that meets theapproval requirements of ASTM procedures and regulations. A “Guide” is acompendium of information or a series of options that does not recommend aspecific course of action. A guide increases the awareness of
16、 information andapproaches in a given subject area. A “Practice” in contrast, is a definitive set ofinstructions for performing one or more specific operations that does not produce atest result. See Form and Style for ASTM Standards.3For referenced ASTM standards, visit the ASTM website, www.astm.o
17、rg, orcontact ASTM Customer Service at serviceastm.org. For Annual Book of ASTMStandards volume information, refer to the standards Document Summary page onthe ASTM website.Copyright ASTM International, 100 Barr Harbor Drive, PO Box C700, West Conshohocken, PA 19428-2959. United States12.2 ISO Stand
18、ards:ISO 14010 Guidelines for Environmental AuditingGeneral Principles4ISO 14011 Guidelines for Environmental AuditingAuditProceduresAuditing of Environmental ManagementSystems4ISO 14012 Guidelines for Environmental AuditingQualification Criteria for Environmental Auditors43. Terminology3.1 Definiti
19、ons of Terms Specific to This Standard:3.1.1 action plana plan to address audit findings thatdescribes planned response actions, parties responsible fortheir execution, and expected completion dates.3.1.2 audit authoritythe entity or body that authorizes, orinitiates, the audit process. The audit au
20、thority may be internalor external to the audited entity.3.1.3 audit criteriaenforceable environmental require-ments that are applicable to an audited entity. Examplesinclude laws, regulations, orders, and permits.3.1.4 audit datainformation obtained during an audit tosupport audit findings.3.1.5 au
21、dit findinga statement of audited entity conditionsat the time of the audit compared to audit criteria. Auditfindings shall be based upon verifiable audit data and may beeither positive or negative with respect to audit criteria.3.1.6 audit objective(s)broad statement(s) of what theaudit intends to
22、accomplish.3.1.7 audit plandocumentation that describes the audit.Elements that should be included or referenced in the auditplan are: the audit objective; audit scope; identities of theauditing entity, audit team, and audit authority; audit schedule;auditor health and safety issues; audit report pr
23、eparation;record retention and management requirements; logistics;working papers management; a process for promptly commu-nicating auditor concerns for potential environmental or regu-latory impact including concerns requiring further evaluation;special conditions or requirements; and whatever measu
24、res, ifany, desired to maximize audit confidentiality.3.1.8 audit purposereason for the audit.3.1.9 audit protocola list of issues or questions designedto address the audit objective(s) based upon audit criteria.3.1.10 audit reporta written summary of audit findingsthat is objective, clear, concise,
25、 constructive, and timely.3.1.11 audit scopea description of what is to be audited.The audit scope shall include a description of the period underreview, the audited entity, and the audit criteria.3.1.12 audit teamone or more auditors responsible forconducting an audit. The audit team may be support
26、ed bytechnical experts and auditors-in-training.3.1.13 audited entitya facility, organization, or partthereof, that is the subject of an audit.3.1.14 auditing entitythe organization that provides audi-tors.3.1.15 auditora person qualified to conduct an audit.3.1.16 environmental regulatory complianc
27、e audit(audit)a systematic, documented, and objective review of anaudited entity to evaluate its compliance status relative to auditcriteria.3.1.17 independencea condition characterized by organi-zational standing where an auditor is free to conduct an auditwithout being controlled or influenced by
28、others.3.1.18 lead auditoran auditor designated to lead andmanage the audit.3.1.19 objectivitya condition characterized by the absenceof bias, influences, and conflicts of interest that affect or havethe potential to compromise audit findings.3.1.20 open issuespotential audit findings that cannot be
29、verified or resolved without additional information.3.1.21 period under reviewthe time interval over whichconditions at the audited entity are evaluated against auditcriteria.3.1.22 physical inspectionfirst hand observation and as-sessment of audited entity conditions.3.1.23 recordsdocumentation and
30、 other forms of recordedinformation.3.1.24 regulatory entitiesorganizations that have the legalauthority to develop, implement, administer, or enforce auditcriteria. For example, federal, state, tribal, or local government.3.1.25 working paperspaper and electronic documenta-tion developed by an audi
31、tor from observations, recordreviews, and interviews during an audit.4. Significance and Use4.1 Intended UseThis practice is intended for use byparties who wish to perform or direct an audit, or rely uponaudit findings or an audit report. Such use includes audits byinternal and external auditors.4.2
32、 Other Audit CriteriaOther audit criteria may be in-cluded in the audit scope if specified in the audit plan.Examples include safety and health requirements, andtechnical, operational, and management requirements.4.3 Related ASTM StandardsThis practice is related toPractice E1527, which addresses CE
33、RCLA liability, and Prac-tice E1528, which addresses due diligence for commercial realestate. A number of terms and procedures from these practicesare similar to terms and procedures associated with thispractice but they may not be the same. Guide E2365 addressesenvironmental compliance assessment a
34、nd may be an appro-priate tool for some environmental regulatory complianceaudits. The user is advised that Guide E2365 is not anall-encompassing compliance assessment tool.4.3.1 Not InterchangeableAlthough distantly related toPractices E1527 and E1528, this practice is designed to achievedifferent
35、results. Therefore, these practices shall not be usedinterchangeably with, or in place of, this practice.4Available from American National Standards Institute (ANSI), 25 W. 43rd St.,4th Floor, New York, NY 10036, http:/www.ansi.org.E2107 06 (2014)24.4 Related ISO GuidelinesThe International Organiza
36、-tion for Standardization (ISO) has developed guidelines ad-dressing environmental auditing. These are ISO 14010, ISO14011, and ISO 14012. A number of terms and proceduresfrom these guidelines may be similar to terms and proceduresassociated with this practice but they may not be the same.4.4.1 Not
37、InterchangeableAlthough related to ISOguidelines, this practice is designed for a different purpose.Therefore, these ISO guidelines shall not be used interchange-ably with, or in place of, this practice.4.5 Additional ServicesA number of issues may arise as aresult of an audit, but are outside the s
38、cope of this practice.Such issues include, but are not limited to, development ofaction plans and cost estimates to address audit findings.4.6 ConditionsThe following conditions shall govern theapplication of this practice.4.6.1 Not ExhaustiveA audit shall not constitute an ex-haustive review of aud
39、ited entity compliance with all poten-tially applicable audit criteria unless explicitly intended andstated as an audit objective in the audit plan.4.6.2 Level of Review is VariableThe audit scope mayvary to meet different audit objectives. For example, the auditscope may include only selected audit
40、 criteria, selected periodunder review, or selected portions of a facility or organization.4.6.3 Continued Viability of Environmental AuditAn auditcompleted in accordance with this practice shall be valid foronly the period under review. Because audit criteria andaudited entity conditions may change
41、 over time, it shall not beassumed that an audit report is reliable, or has continuedviability, for other than the period under review.4.6.4 Usage of Prior AuditsInformation contained withinreports from prior audits should be used only if it has continuedviability and if use of that information is a
42、ppropriate.5. Responsibilities5.1 Audit Authority ResponsibilitiesThe audit authorityshall:5.1.1 Determine the need for an audit;5.1.2 Specify or approve the audit purpose;5.1.3 Select the auditing entity and/or lead auditor; and5.1.4 Support the audit process.5.2 Lead Auditor ResponsibilitiesThe le
43、ad auditor shallensure the efficient and effective completion of an audit. To dothis the lead auditor shall work through the auditing entity to:5.2.1 Develop, with the audit authority, an audit plan;5.2.2 Gather appropriate audited entity background infor-mation;5.2.3 Assemble a qualified audit team
44、;5.2.4 Communicate with the audited entity regarding auditplan issues. For example, schedule, logistics, access, availabil-ity of audited entity staff to interview, operating conditions,audit team needs, and health and safety precautions;5.2.5 Manage the audit team;5.2.6 Serve as the primary point o
45、f communication betweenthe audit team and any other entity regarding the audit plan,audit findings, and audit reports;5.2.7 Seek to prevent and resolve problems that could affectaudit quality and timeliness;5.2.8 Ensure the audit is conducted in accordance with thispractice;5.2.9 Notify the audit au
46、thority of conditions that mayprevent audit completion in accordance with the audit plan; and5.2.10 Prepare an audit report.5.3 Auditor ResponsibilitiesAuditors shall support thelead auditor in completing an audit. To do this, auditors shall:5.3.1 Understand the audit plan and their individual area
47、ofresponsibility;5.3.2 Follow lead auditor direction;5.3.3 Review audit criteria and any protocols to be used, andestablish a personal work plan for assigned areas of responsi-bility;5.3.4 Collect sufficient relevant audit data to support auditfindings;5.3.5 Develop and document audit findings;5.3.6
48、 Assist in preparing audit reports; and5.3.7 Maintain audit data and documentation in a securemanner.5.3.8 Disclose issues to the auditing entity that may com-promise objectivity.5.4 Audited Entity ResponsibilitiesThe audited entityshall:5.4.1 Ensure that the audit is supported, including cooper-ati
49、ng with the auditors to ensure that audit objectives are met;5.4.2 Provide the auditing entity with requested backgroundinformation in a timely manner;5.4.3 Ensure audit team safe, timely and complete access;5.4.4 Inform audit team of relevant health and safety re-quirements and practices;5.4.5 Provide audit team, for the duration of the audit, withsecure and reasonable support needs;5.4.6 Provide the audit team with facility escorts knowl-edgeable of audited entity operations, to accompany auditorson physical inspections;5.4.7 Assi
