Thea Dunmire, JD, CIH, CSP, is the president of ENLAR Compliance Services, Inc., where she specializes in helping organizations implement management systems. She can be reached on her blog about management system standards at AIHA is pleased to announce that Thea was presented with an award for Outstanding Achievement in Standards Development for her contributions to the U.S. TAG in the development of ISO 14001:2015 in August 2015. More information on the work of the U.S. TAG can be found here.
Making Sense of “Risks and Opportunities” An FAQ on ISO’s Revised Standard for Environmental Management Systems
The revised ISO 14001 standard, Environmental management systems – Requirements with guidance for use, was published in September 2015. The standard has been completely reorganized and a number of new requirements have been added. One of these is the new requirement that the organization determine the risks and opportunities that need to be addressed to:
  • give assurance that the environmental management system can achieve its intended outcomes;
  • prevent, or reduce, undesired effects, including the potential for environmental external conditions to affect the organization; and
  • achieve continual improvement.
This text had its origin in Annex SL of Part 1 of the ISO Directives. Similar requirements related to the determination of “risks and opportunities” are in or will be finding their way into all ISO management system standards, including ISO 9001:2015, the quality management system standard, which was also published in September 2015, and ISO 45001, the new OHS management system standard currently being developed within ISO. So what does the requirement that the organization “determine the risks and opportunities that need to be addressed” actually mean? The answer is not entirely straightforward. There are several ambiguities in ISO 14001:2015 that organizations will need to address. Since this “risks and opportunities” requirement is new, users will need to refer to the annex to ISO 14001 and to other reference documents developed during the drafting of ISO 14001:2015 for assistance in interpreting this requirement. This article addresses some of the questions that have already been raised. WHAT ARE “RISKS AND OPPORTUNITIES” IN THE CONTEXT OF AN ENVIRONMENTAL MANAGEMENT SYSTEM? “Risks and opportunities” is defined in ISO 14001:2015 clause 3.2.11 as potential adverse effects (threats) and potential beneficial effects (opportunities). The rationale behind this definition is to have organizations primarily focus their attention on the results related to risk determinations, including both positive and negative effects, rather than simply the uncertainty related to the occurrence of events. The key thing to remember about these new requirements is that not every risk (that is, threat) and opportunity an organization faces is required to be included in this risk determination. First, there must be a nexus, or connection, to the environmental management system. For example, hazardous waste disposal risks would have a nexus to the EMS; credit card fraud risks would not. According to ISO 14001, the organization needs to consider the relationship a particular risk has to:
  • the organization’s important environmental issues (its “context”)
  • the organization’s EMS requirements, including its compliance obligations
  • the defined scope of the organization’s environmental management system
This determination of risk (threats and opportunities) is intended to be subjective. It is to be based on the opinions, interpretations, and judgment of those within the organization. It does not have to be an objective determination. It does not have to be based on numbers, calculations, or spreadsheets—although it can be if an organization so chooses. The determination of which risks and opportunities will be addressed in the EMS is the organization’s decision. It is not required to be based on what any particular interested party or management system auditor thinks the decision should be. To conform to the ISO 14001 standard, an organization simply needs to be able to show that it considered the nexus factors listed above when it made its EMS risk determinations.
Editor's note: California followed suit in September, announcing its intention to list glyphosate as a carcinogen under Proposition 65.
Opposition to the use of Agent Orange in Vietnam was part of my motivation to move from chemistry to toxicology, and the insecticide parathion was part of my post-doctoral project. And I claim expertise (or at least experience) in this process by serving on two IARC working groups, and on National Toxicology Program (NTP) peer review groups for bioassay reports, the criteria for evaluating those bioassay reports, and the Report on Carcinogens (ROC).
- Frank Mirer
IARC Monographs Volumes 112 and 113 address insecticides and herbicides. They classify lindane as known to be carcinogenic to humans (Group 1); DDT, malathion, and diazinphos as probably carcinogenic (Group 2A); and 2,4-D, tetrachlorvinphos and parathion as possibly carcinogenic (Group 2B). Although few IHs work in agriculture, we are likely to get questions about pesticide use in homes and, regarding glyphosate, on our lawns.
- Frank Mirer