27 ELR 10622 | Environmental Law Reporter | copyright © 1997 | All rights reserved


The ISO 14001 Environmental Management Systems Standard: A Modest Perspective

Christopher L. Bell

The author is a partner in the law firm of Sidley & Austin in Washington, D.C. He is one of the lead negotiators for the U.S. delegation on ISO 14001, and is assisting a number of clients in the United States, Asia, and South America on ISO 14001 implementation issues.

[27 ELR 10622]

Since the final publication in late 1996 of the International Organization for Standardization's (ISO's) environmental management systems (EMSs) standard, ISO 14001, the cacophony of claims and counterclaims about the standard has grown louder. The commentary is wide-ranging, with some of the more noteworthy claims being that ISO 14001:

. is a "green passport" signifying environmental excellence;

. is a plot by industry to undercut more deserving international environmental initiatives;

. is a plot by consultants to make money off of industry;

. is a plot by governments and nongovernmental organizations (NGOs) to push a "green agenda";

. is a basis for eliminating environmental regulations;

. is irrelevant to compliance assurance;

. is useless as a tool for improving environmental performance;

. does not represent the "leading edge" of thinking in the EMS area;

. represents a completely "new paradigm" for thinking about environmental issues;

. is too complicated and expensive for implementation by small and medium-sized enterprises;

. will be used as a nontariff trade barrier; and

. will facilitate trade.

But the range of opinion on ISO 14001 provides public and private organizations with little useful advice on fundamental questions such as why, whether, where, when, and how to implement ISO 14001, and what decisions about ISO 14001 might mean for purposes of environmental protection, public policy, and trade.

This Dialogue is an effort to sort out what ISO 14001 is and what it is not. The perspective taken is as neither proponent nor opponent of ISO 14001. ISO 14001 is not something to support or oppose, any more than one would support or oppose a hammer. Rather, just as one would do with any tool, one should clearly understand the standard and what it can and cannot do. Where it is useful, use it; where it is not, don't. Zealous proponents go too far when they imply that ISO 14001 is the answer to all the world's environmental problems, and harsh critics overreact when they claim that the standard has no use and will somehow undo decades of environmental progress.

A fundamental point that seems to be lost in the debate about ISO 14001 is that it is only a framework for identifying and managing performance criteria that are set elsewhere. It is not the function of an EMS standard to set or replace performance criteria, and it is not the function of ISO—an international NGO—to supplant the role of sovereign governments or the public in setting such criteria. ISO 14001 by itself will not improve environmental performance—it must be understood and evaluated in the overall context in which it will be implemented. Correctly used in the proper context, however, ISO 14001 can be part of a strategy to improve environmental performance.1

This Dialogue begins with a short review of EMSs in the United States, follows with an analysis of each of the major provisions of ISO 14001, and concludes with some general observations about the nature of ISO 14001.

An Overview of EMSs in the United States

Organizations in the United States have decades of very practical experience designing and implementing environmental management systems.2 This experience is based largely on the need to establish systems to assure compliance with the law, manage potential environmental liabilities and costs, and respond to public concerns regarding environmental issues. Failure to systematically identify and manage environmental obligations increases a company's exposure to significant penalties, public pressure, potential criminal action, and burdensome cleanup costs.

Initially, these systems were not based on any formal standards or requirements. Rather, companies applied normal management practices to environmental issues and developed EMSs that were integrated into and consistent with their existing management systems. The issue of external verification of these systems also was not an issue: the proof was in the measurable performance (generally as measured by legal compliance), not whether the EMS conformed to a particular standard.

The absence of formal EMS standards in the United States has led to the incorrect conclusion that the United States has very limited EMS experience. This misperception appears to be based on the narrow view that unless there is a standard covering an activity, that activity could [27 ELR 10623] not have been taking place. This is the standards equivalent to an old metaphysical question: if an EMS has been implemented in the absence of a standard and third-party verification, does that EMS really exist? Apparently, some would say "no." From this narrow perspective, EMS is a recent invention, perhaps dating back to the publication of the British Standards Institute's BS 7750 EMS standard in 1992, or the European Union's Environmental Management and Audit Regulation (EMAR) and Environmental Management and Audit Scheme (EMAS), both of which were published in 1993.3 This view, of course, is clearly incorrect: the degree to which EMS is actually practiced cannot be equated with the presence or absence of EMS standards. Nor can the degree of EMS implementation be equated with the number of third-party registrations to published EMS standards.

EMS is simply the application of well-accepted business principles to environmental protection. Stripped of their "environmental" language, the basic principles of EMS are well-recognized by any business person: figure out what you want to do (policy and objectives), figure out how you want to do it (programs, procedures, and instructions), tell people what you want them to do (communication and training), make sure they do it (implementation, measurement, and auditing), and periodically review the entire process to identify opportunities for improvement. Management has been applying these principles to functions such as inventory, finance, quality, and production for decades. Long before formal EMS standards were written, companies were also applying these management principles to enhance compliance assurance and manage potential environmental liabilities.

The experience of industry in managing their environmental obligations is reflected in voluntary EMS initiatives and guidance documents that preceded the creation of formal EMS standards by a number of years.4 The federal government also has long recognized the relationship between a systems approach and environmental performance—at least performance as measured in terms of compliance. The result has been several documents, most of which preceded the publication of any EMS standards, outlining what the U.S. government believes the key elements of a legal compliance assurance program should be.5

The U.S. Environmental Protection Agency's (EPA's) first formal foray into the environmental management arena was its 1986 audit policy, setting forth general guidelines for auditing programs.6 EPA revised its audit policy in late 1995, suggesting that companies that discover, promptly disclose, and correct noncompliance may, under certain circumstances, qualify for significant penalty mitigation.7 Among the criteria that EPA will consider is whether a company has exercised "due diligence" in addressing its environmental obligations. The elements of due diligence are consistent with the basic principles of EMS, including ISO 14001.

On July 1, 1991, the U.S. Department of Justice (DOJ) issued a policy entitled Factors in Decisions on Criminal Policy Prosecutions for Environmental Violations in the Context of Significant Voluntary Compliance or Disclosure Efforts by the Violator. The DOJ policy views self-auditing, self-policing, and voluntary disclosure of environmental violations as "mitigating factors" when deciding whether to bring a criminal enforcement action.8 That same year, the U.S. Sentencing Commission issued amendments to the Sentencing Guidelines for U.S. Courts, which established mandatory criteria used by courts when imposing criminal penalties on companies. These criteria include incentives that encourage companies to implement systematic compliance assurance programs, to report detected violations, and to cooperate affirmatively with the government investigators.9 In addition to these long-standing policies, EPA and many states have been exploring the design and implementation EMS through a variety of recently launched pilot programs.10

The primary elements of the compliance assurance programs set forth in the government documents are familiar [27 ELR 10624] to those involved with EMS: a top management policy committed to environmental protection, procedures to implement that policy, auditing programs, and the ability to demonstrate to the authorities that one has such a program in place. These governmental policies also call for the disclosure of violations to the government as well as full cooperation with the government in investigating violations. But these are policies, not full-blown management systems standards. Therefore, in comparison to documents such as ISO 14001, they are quite short and give companies significant flexibility in how to design and implement their programs.11

The government policies do not require registration or verification by third parties, nor is conforming to the policies a legal requirement. However, companies that wish to use their compliance assurance programs to take advantage of whatever benefit the policies offer can expect that their systems will be subjected to government scrutiny. This is particularly true in the case of actual or potential criminal situations, where the documentation and implementation of the compliance assurance systems will be very closely reviewed if it is expected that the government will consider them in determining what, if any, enforcement action may be taken. However, the fact that the government has not required companies to have third-party verification of their compliance assurance systems in order to "qualify" for enforcement discretion or penalty mitigation should give pause to those who assume that third-party registration is a necessary element of a credible and effective EMS.

As a result of this history, many facilities in the United States have been practicing EMS for years. A survey of Standard & Poor's 500 companies in the United States conducted in 1996 by the Investor Responsibility Research Center revealed that with respect to the respondents in the manufacturing sectors:

. 94 percent had written environmental policies;

. 65 percent indicated that environmental performance is a factor in senior executive compensation, and 72 percent indicated it was a factor in operating manager compensation;

.56 percent were applying total quality management approaches to environmental issues;

. 39 percent subscribe to voluntary codes of conduct developed by NGOs;

. over 80 percent have a board of directors committee responsible for addressing environmental issues, and the senior executive responsible for environmental affairs was a vice president at 59 percent of the companies;

. 96 percent reported that they evaluated environmental factors when selecting suppliers;

. 56 percent publish an annual environmental report; and

. over 96 percent had environmental auditing programs in place, with 75 percent of their U.S. facilities and 59 percent of their non-U.S. facilities audited in the last two years (the average age of the auditing programs was eight years).

Therefore, formal EMS standards such as ISO 14001 do not represent a radical new approach to environmental protection for many leading U.S. companies.

This is not to say that the nonregulatory and quality systems origins of ISO 14001 do not have a slightly different emphasis than the compliance assurance systems strategies common in the United States. The primary focus of the governmental policies and programs related to EMS has been on compliance rather than on unregulated elements of environmental performance.12 This emphasis, combined with the historical "command-and-control" approach to environmental protection in the United States, has resulted in an approach to systems that is heavily weighted toward auditing, particularly compliance auditing. It is not unusual for companies to use their auditing programs as an implementation rather than a verification tool. For example, the corporate environmental function may create programs and requirements and "drive them" through the company via the auditing program. In addition, many regulators commonly evaluate the strength of a company's compliance assurance program.

In quality terms, the traditional emphasis on compliance auditing would be viewed as an effort to "inspect quality into the product," a strategy long-abandoned in the quality area. This is because once a defective part has been manufactured, inspecting it will not change the defect; it will only create an opportunity to detect and correct it. Decades ago, the emphasis in the quality world shifted to "doing it right the first time" so that fewer deficiencies are detected at the inspection phase. ISO 14001 reflects a similar approach in the environmental arena.

ISO 14001—A Review of the Key Provisions

Many of the claims about ISO 14001 appear to be based on a misunderstanding of what the standard is and what it is intended to achieve. Therefore, it is useful to assess the potential uses and abuses of ISO 14001 in light of what the standard actually requires.

ISO 14001 is a comprehensive systems standard that calls for organizations to conduct their environmental affairs within a structured management system. In its concept, ISO 14001 is not complex or challenging; it is simply good management. In its implementation, though, ISO 14001 (and any EMS) presents a challenge—making sure that what you want to get done is actually getting done. Or in one of the basic phrases of ISO 14001: say what you do, do what you say, and be sure that you did it.

Before reviewing the key provisions of ISO 14001, a few points should be made about how to understand the standard. Great sport can be had identifying the potential "loopholes" [27 ELR 10625] that might be exploited by "bad actors." This is a common context in which to discuss regulations. However, this is not a useful analytical approach to ISO 14001.

A significant focus of the regulatory process is on maintaining the capability of deterring potential bad actors, with many major statutory programs written in response to well-publicized crises or incidents. This approach, while certainly effective in a number of contexts, has led to the perception that it often forces well-intentioned actors (who make up the vast majority of the population) to comply with requirements that are probably more onerous and detailed than necessary. This situation has encouraged the practice of very fine and close reading of what are often perceived as unreasonable or impractical regulatory requirements.

ISO 14001 was not written in that context. It is a voluntary, nonregulatory, largely market-driven standard that was written under the assumption that those who choose to implement it are doing so voluntarily and in good faith. The drafters did not spend any time engaged in speculative "what if" discussions, creating redundant layers of requirements to ensure that the "bad guys" would not abuse the standard.13 This approach would have produced a much more detailed, prescriptive, inflexible, and therefore expensive EMS standard. This would have destroyed its utility for the vast majority of organizations in the world—small and medium-sized enterprises.

ISO 14001 was not intended to be a regulation. It was intended to assist companies to better identify and manage their environmental obligations in order to improve their environmental performance.14 If, however, an organization chooses to conform to ISO 14001, it must implement an EMS that includes several core elements.

Top Management Level Environmental Policy

The top management of the organization must establish an environmental policy.15 This policy must include commitments to compliance, pollution prevention, and continual improvement. It must also be the framework for setting and reviewing objectives and targets. It must be written, implemented, and communicated to all employees. And it must be made available to the public.

This policy must be top management's expression of its desires with respect to the environment. It cannot be just a "trophy" policy that sits on the shelf: it must be implemented. The balance of ISO 14001 essentially involves the deployment of this policy in ever greater levels of detail through the organization, including setting objectives and targets, establishing defined programs to achieve those targets, and translating those programs into specific and practical work instructions.

Commitment to Compliance. Since legal compliance has been at the heart of EMS in the United States for two decades, the relationship between compliance and ISO 14001 has been the topic of much discussion and debate. ISO 14001 was not intended solely as a comprehensive compliance detection and enforcement tool. It has a broader focus than that. Nevertheless, government and NGOs are interested in determining whether ISO 14001 conformance brings with it an acceptable level of performance, which many stakeholders typically, though not always correctly, equate with compliance.

Typically, companies in the United States will commit to full compliance. Since the policy must be in writing and be made available to the public, it will generally be viewed as risky for top management to commit to anything less. Given the liability regime in the United States, it is unlikely that ISO 14001 top management policies will contain a commitment to only 85 percent compliance. Existing government policies expect a commitment to full compliance, and regulators would likely look askance at a commitment to anything less. Indeed, long before any environmental standards were written, a commitment to full compliance was common in the United States.

Since ISO 14001 requires organizations to implement their top management policies, what does it mean to implement the commitment to compliance? There is general agreement that ISO 14001 does not require 100 percent compliance 100 percent of the time. Such a requirement would transform it from a systems standard into a performance standard, and ISO expressly directed Technical Committee (TC) 207 not to set performance standards. Such a requirement would also imply that conforming to ISO 14001 is a guarantee of a particular level of performance, which it is not.

Demanding 100 percent compliance 100 percent of the time as a condition of conforming to ISO 14001 would also have international competitive implications. The United States is unique in the breadth, depth, and level of detail of its environmental requirements and the seriousness with which these requirements are taken. Given the number and complexity of U.S. laws and regulations, it is extremely difficult, if not impossible, for many facilities in the United States to be in 100 percent compliance with every regulatory requirement 100 percent of the time. Making "perfect" compliance a condition of conforming to the standard would create a major barrier to ISO 14001 implementation that does not exist in other countries.16 In any event, such a [27 ELR 10626] level of compliance cannot necessarily be equated with an acceptable level of environmental performance because not every breach of a regulatory requirement has an impact on the environment.

Nevertheless, although "perfect" compliance is not an ISO 14001 requirement, it is clear that the EMS must be able to achieve a certain level of compliance in order to demonstrate that the top management commitment to compliance has been implemented through it. Major undetected and uncorrected noncompliance may be an indication of major systems flaws, just as any major performance shortcomings would be. An organization's commitment to compliance and the associated implementing systems cannot be evaluated without at least a sampling of how the commitment is actually implemented and how the systems actually perform. Another relevant consideration in determining conformance to ISO 14001 will be the degree to which the EMS' measurement, auditing, and corrective action programs have detected and are addressing the noncompliance, factors that are also present in the government's various compliance assurance policies. The ultimate balance between compliance and ISO 14001 will be worked out over time.

Another compliance-related issue is the difference in levels of stringency of legal requirements between various regions, and perhaps the even greater differences in how those laws are being enforced. Indeed, the latter is probably the primary concern for those worried about a "level playing field." As an NGO made up of national standards bodies, ISO does not have the authority to change the laws of individual countries. However, while it cannot change laws, ISO 14001 may have a positive effect on the degree to which existing laws are implemented.

Most countries have laws on the books, but in many areas they are unevenly, if ever, enforced. It will be interesting to see what effect ISO 14001 will have on this situation. Though the standard does not demand 100 percent compliance and does not itself contain legal standards, it requires companies to demonstrate their commitment to compliance through their policies, which must be implemented; objectives and targets that must be consistent with those policies; a procedure to measure the degree of legal compliance; and operational controls to ensure that the policy commitment to comply is not deviated from. There is no exception for countries that do not typically enforce their laws. Therefore, while ISO 14001 will not change legal requirements, it may have a positive effect on the degree of compliance with those laws.

Interestingly, some critics take both sides of this issue simultaneously: criticizing ISO's inability to strengthen the laws in some countries while at the same time expressing the fear that ISO 14001 might override stringent laws in other countries. For example, ISO is criticized for not including "real" environmental performance requirements that would put "teeth" in the standard. Apparently, ISO is supposed to trample on the sovereignty of those countries with "weak" environmental laws, while respecting the sovereignty of those with "strong" environmental laws. This is a curious view given that some are concerned that ISO's procedures are not sufficiently democratic and do not ensure broad enough participation. Those who would give ISO the authority to set legally enforceable requirements should seriously consider the consequences of doing so.

Prevention of Pollution. ISO 14001 is not limited to compliance assurance: its scope extends beyond what is regulated by law. In addition to a commitment to comply, top management must also commit to prevent pollution. The U.S. delegation championed the inclusion of this concept in the standard, reflecting in part the input from EPA as a participant in the U.S. delegation.

Continual Improvement. In addition to the commitments to compliance and prevention of pollution, organizations must also commit to continual improvement. Continual improvement is defined as improving the EMS in order to improve environmental performance. In other words, organizations that implement ISO 14001 cannot rest on their laurels: they must constantly seek to improve their EMSs. It is hoped that improving the management system will also improve the outputs of the system, i.e., environmental performance.

This core element of the standard reflects the belief that there is a reasonable connection between systematically managing an activity and the performance related to that activity. It is well accepted that it makes sense to systematically manage other elements of a business, such as finance, production, inventory, human resources, or quality. It is generally accepted among both private and public organizations that improved management practices will result in improved performance. There is no reason that it should be any different for the environment. Indeed, the suspicion directed at ISO 14001 and EMS generally is curious. Does anyone really believe that not managing environmental protection is the better path?

The drafters of ISO 14001 rejected the definition of continual improvement established in EMAS, which purports to drive environmental performance to the level achieved by economically viable best available technology (EV-ABAT). ISO 14001 is not a technology-driven standard because in many instances technology-based approaches are extremely expensive, resulting in "treatment for treatment's sake" and are not always suitable for application in lesser developed countries or by small and medium-sized enterprises. In ISO 14001, technology-based solutions are one of many options available under the concept of pollution prevention, but are not the only option.17

The discussion of continual improvement takes us to the more general question of environmental performance. Certainly "end-of-pipe" or "fenceline" performance is a key [27 ELR 10627] element of evaluating the efficacy of ISO 14001, as is its ability to identify and implement pollution prevention opportunities. But what is often lost in the discussion is its promise to increase efficiency. Good management systems should assist organizations in achieving the same or better levels of performance at a lower cost. This outcome is in everyone's interest. Indeed, it is peculiar that some who are interested in environmental protection profess that the cost side of the equation is not relevant to them, when it should be clear that the inefficient use of resources means that less money is available for purposes of protecting the environment. It is even more troubling when this view emanates from the government, implying that somehow environmental issues are in the "public interest" while economic issues are simply some sordid private matter that has nothing to do with environmental protection. It seems clear that if ISO 14001 can assist companies to achieve acceptable levels of environmental protection at less cost, the standard should be deemed a success—not just from the standpoint of the organization, but also from a public policy perspective. Money freed up from inefficient applications is money that can be applied to a variety of matters of interest to the organization's many stakeholders, such as additional environmental projects, increased employment, or added value to shareholders. One would hope that there is general agreement that efficient, rather than inefficient, environmental protection is good public policy.

Significant Environmental Aspects

Organizations also must have a procedure to review those aspects of their operations, products, and services that are related to the environment in order to identify the aspects that have or may have significant environmental impacts.18 The defined significant aspects will form the core of the EMS, as they are what the EMS must manage: they become the subject of objectives and targets, management programs, operational controls, measurement, and auditing.

Environmental aspects are those elements of an organization's activities, products, or services that can interact with the environment. Identifying them is basically a process of compiling an inventory of the organization's environmentally related inputs and outputs. For example, energy use, water consumption, raw materials inputs, air emissions, and water discharges are environmental aspects.

It is important to note that this procedure must cover an organization's services and products as well as facility-based aspects, assuming that the organization engages in service or product-related activities. This may present some new challenges for companies in industries whose products have not been subject to significant environmental controls. There are, however, some reasonable limitations on this requirement. The standard requires organizations to address only those aspects of their activities, products, and services over which they have control and are likely to exert an influence. This means that an organization does not have to address speculative environmental aspects associated with the potential misuse or abuse of their products. Further, organizations are not required to conduct life-cycle assessments of their product systems. Lastly, organizations are not required to go offsite and identify the significant environmental aspects of their suppliers. The language of the standard is veryclear that the organization is required to identify "its" environmental aspects, not those of other organizations.

The use of the term "aspects" rather than "effects" or "impacts" has been incorrectly criticized as shifting the focus of the EMS away from actual environmental performance.19 The term "aspects" was used to be consistent with what most facilities can reasonably accomplish. Most facilities are not in a position, either financially or technically, to conduct scientific environmental impact assessments. To demand an "effects" or "impacts" analysis would severely limit the viability of the standard. What facilities can do is measure and understand their inputs (e.g., natural resource use, energy use) and outputs (e.g., air emissions, water discharges, product energy use). It should be clear, however, that data on air emissions is not impact data: air emissions data simply tell a facility what it emits, not what impact that emission has had on the environment.20 Of course, ISO 14001 does not prohibit an organization from conducting a full-scale risk assessment if it has the capability, desire, or need to do so.

The standard has been fairly criticized for not providing sufficient practical guidance on how to conduct the review of environmental aspects. The difficulty faced by the drafters was agreeing on auditable requirements that would be applicable to a wide variety of organizations around the world. In the United States, many of the significant environmental aspects of most companies are already subject to strict regulation and data collection and reporting requirements. Accordingly, the environmental aspects identification process can take advantage of existing data and records. That is why the United States opposed the inclusion of the concept of "environmental registers" in the standard: there was a concern that this would require the unnecessary creation of additional records for environmental aspects when existing records would be adequate.21

The exception to this observation is that there is a tendency in the United States not to pay as much attention to inputs or outputs that are not regulated, even if they may be environmentally significant. Given the broad definition of environmental aspects, it would be difficult to conclude that an element of an organization's activities that touches on the environment is not an aspect merely because it is not regulated. Therefore, ISO 14001 may have the effect of broadening the perspective of many U.S. companies to take unregulated environmental aspects into account.

[27 ELR 10628]

The purpose of the aspects review procedure is to determine which of the aspects are significant and thus worthy of further attention in the management system. Significance is assessed in terms of actual or potential environmental impact. The standard does not establish baseline criteria for what constitutes significance: creating an internationally acceptable definition of this term simply was not possible. That will be done by the organizations implementing the standard. Those who criticize this outcome should be cautious about encouraging an international NGO such as ISO to set such substantive criteria. Such an effort almost certainly would have resulted in a firestorm of protest: from those who would have asserted that the criteria were too weak, thereby threatening the sovereignty of countries with more stringent requirements, and from those who would have asserted that the criteria were too stringent, evidence that ISO is a developed country dominated organization that threatens the sovereignty of less-developed countries.

This leaves the standard open to potential "abuse" by organizations that might define "significant" in a self-serving manner that would exclude important issues from their EMSs. The requirement that organizations must take legal and other requirements into account in their EMSs may provide at least one driver to avoid this result. Particularly in the United States, it may not be prudent to define regulated aspects as "insignificant." If an aspect is "significant" to the government, as reflected by regulations, it is likely to be considered "significant" by the implementing organization.

Legal and Other Requirements

Organizations must have a procedure in place to identify their legal obligations. Legal requirements may range from local ordinances to applicable international treaties (e.g., the Montreal Protocol or the Basel Convention), and also include those applicable to the activities, services, and products of the implementing organization. A clear understanding of legal requirements has always been at the heart of EMS in the United States. As noted above, however, the United States opposed the inclusion of a requirement to maintain "registers" of legal requirements in ISO 14001 similar to the requirement in BS 7750. This opposition did not arise because of an aversion to knowing what one's legal obligations are, but because legal requirements in the United States are so extensive, well-developed, and well catalogued that a register requirement was viewed as a paperwork requirement that would not add value to the EMS.

The organization's procedure must also address any other obligations to which they voluntarily subscribe (e.g., the International Chamber of Commerce (ICC) Charter on Sustainable Development, Responsible Care (R)).22 Companies that voluntarily subscribe to various initiatives will, if they implement ISO 14001, have to take those commitments seriously in their EMSs.

Since the standard requires companies to identify the legal requirements that apply to them, it is pointless to complain that ISO 14001 does not list certain international treaties.23 The standard cannot possibly list every legal requirement that could potentially apply to any organization seeking to conform to ISO 14001, and it would be inappropriate for ISO to attempt to create a limited list of "the most important" legal requirements.

There is also no reason for ISO 14001 to list all potentially interesting nonbinding documents regarding the environment (e.g., Agenda 21, the ICC Charter on Sustainable Development, etc.). These are useful source documents that contain often laudable goals; however, ISO 14001 should not transform a subset of such documents into auditable requirements.24 This would be an inappropriate intrusion by ISO into the public policy realm, effectively picking "winners and losers" in the universe of nonbinding international environmental documents. It would also assume that all of these documents are consistent with each other and that there is true international agreement on their content and applicability. Further, such a listing would always be incomplete and out-of-date. Lastly, ISO 14001 focuses on requirements that will be auditable at the organizational level. Many of the nonbinding international environmental documents are written in a very general way and were not intended to be auditable at the individual organizational level.

ISO 14001 also has been misunderstood as being inconsistent with the efforts of multinationals that may wish to apply uniform performance standards worldwide.25 Quite to the contrary, companies in the United States with international operations and worldwide standards have tended to be among the most receptive to ISO 14001 as a tool to further this approach. If a company wants to establish worldwide performance standards, ISO 14001 will support that strategy, though it does not mandate it. A company that claims to have worldwide standards will, under ISO 14001, have to demonstrate that it actually operates pursuant to those standards. That is why the reference to "other requirements" is included in the standard. "Other requirements" include requirements that are set by the organization and that may not be legally required. The broad definition of the term "organization" also supports this result.

Unlike other EMS approaches, such as EMAS, ISO 14001 is not site- or facility-based. ISO 14001 is based on the broadly defined concept of the "organization," which can be a site, a division, or an entire multinational with all of its sites.26 Thus, some organizations have already publicly announced their intention to seek ISO 14001 certification on a companywide basis, applying their corporate performance criteria on a worldwide basis. ISO 14001 also does not require organizations to design and maintain several systems to address different legal requirements around the world. This would be the outcome only for companies that wanted to do this.

It is also argued that ISO 14001 is inconsistent with some "other requirements" that may arguably be more stringent than ISO 14001 or that contain explicit performance requirements.27 [27 ELR 10629] This concern is misplaced. A systems standard can be a framework for meeting any performance criteria that an organization has chosen to meet. Further, if an organization chooses to adopt a particular approach to environmental matters, ISO 14001 demands that the organization actually implement the commitment—ISO 14001 will not accept "trophy" policies that only sit on the shelf. Thus, ISO 14001 is completely consistent with programs such as the Chemical Manufacturers Association's Responsible Care (R) or the ICC Charter on Sustainable Development, and in fact encourages their concrete implementation by organizations that subscribe to them.

Objectives and Targets

Organizations must establish documented and quantifiable environmental objectives and targets, taking into account the organizations' policies, legal obligations, significant environmental aspects, and the views of interested parties.28 Setting objectives and targets is essentially the process of translating the generalities of an organization's policy into defined and measurable goals.

A legitimate concern is that it may be possible under ISO 14001 for companies to set objectives and targets that can be relatively easy to met.29 It was not possible to reach international agreement on a set of defined baseline objectives and targets in the standard. Including generalities such as "sustainable development" would not have added any practical substance to the standard because it still would have left organizations with the discretion to set whatever specific targets they believed were consistent with this broadly defined concept.

There are some constraints in the standard: as noted, the objectives and targets must take significant environmental aspects and the views of interested parties into account, and must be consistent with an organization's policy, which itself must include commitments to compliance, pollution prevention, and continual improvement.30 Most companies in the United States already commit to compliance with the law and already have related objectives and targets set to implement that policy (e.g., no permit violations). While ISO 14001 does not require explicit compliance-related objectives and targets, the objectives and targets must be consistent with the commitment to compliance.31 An EMS that allowed systemic noncompliance would not conform to ISO 14001. Of course, a company that has that level of noncompliance is likely to have bigger problems than worrying about conforming to ISO 14001. The more interesting issue will be the extent to which implementing ISO 14001 might push companies to set defined objectives and targets for significant aspects that are not heavily regulated, such as energy or water use.32 However, given that setting objectives and targets in this area typically results in cost savings, this may be an attractive option.

The requirement to take the views of interested parties into account is stated succinctly. The general nature of this requirement has been, sometimes quite fairly, criticized. But it was not possible to reach agreement at the international level on a more precise formulation on issues such as the definition of interested parties and their role. For example, while the "take into consideration" language is vague, it is unrealistic to replace it with language requiring interested party approval of objectives and targets. That would give interested parties veto power over company decisions. Providing more detailed guidance on the process of obtaining interested party input proved difficult due to the vast differences between regions in how the public participates in the environmental affairs of individual organizations. To make it work, however, one would at a minimum need to identify the interested parties whose views will be taken into account, determine what those views are, and establish some process to take them into account. It is also important to note that interested parties are broadly defined so as to potentially include neighbors, employees, customers, regulators, and shareholders—the concept is not limited to environmental activists.

Critics should be cautious in concluding that any EMS that has limited external party involvement is by definition deficient. For example, if an organization implemented an EMS that produced demonstrably superior environmental performance, yet managed to do so with little or no input from external parties, should that EMS be deemed a failure? Would an EMS with substantial public participation but weaker environmental performance be better? Proponents of increased external participation in an organization's internal affairs are in a somewhat similar position as proponents [27 ELR 10630] of EMS: they believe that this will increase environmental performance, but they really do not have much data yet to support the belief. It is somewhat ironic that many of those who are suspicious about relying on systems take it as an article of faith that increased public participation will improve environmental performance, even though that is simply just another systems concept. It will be interesting to see if increased external participation indeed improves the effectiveness of an EMS.

It may be that this view is in part the result of the unfortunate identification of ISO 14001 with regulatory change: since public participation is viewed by many as a necessary element of any alternative approaches to regulation, ISO 14001 must also include that level of public participation. De-coupling ISO 14001 from the regulatory change debate might result in a more measured evaluation of the standard. It would be unfortunate if ISO 14001 was deemed a failure even if it resulted in improved environmental performance just because it did not conform to certain political criteria unrelated to the standard itself. This is not to say that interested party involvement in an EMS is a bad idea—ISO 14001 requires it. It is only that one hopes that observers will be open minded about the nature and degree of that involvement.

The debate about external party involvement in EMS typically centers around a relatively narrow concept of who those parties might be. Again, this is probably due to the perceived connection between ISO 14001 and potential changes to the regulatory structure. As mentioned above, the concept of "interested party" in ISO 14001 is not limited to community or national environmental groups or activists. While these groups come within the definition of the term, so do employees, customers, government officials, and local organizations of all types. For example, an organization might significantly decrease its use of packaging material by working together with its customers—i.e., interested parties. That improvement might be more significant than any that organization could achieve based on input from local interested parties or environmental groups. In that case, one would hope that ideology would not get in the way of the facts and lead to a conclusion that there was no "real" interested party involvement just because particular categories of interested parties were not involved. On the other hand, those in the regulated community should be open to the possibility that direct participation by those they perceive as "environmental activists" may make a very positive contribution to the efficacy of their EMS. Just as there should not be a presumption that interested party involvement will always improve performance, there also should not be a presumption that it cannot help.

In one respect, the standard does go beyond virtually all law and most other standards by mandating interested party input into the decisionmaking process, not merely after-the-fact reporting. Currently, in the United States, there is no requirement for any public participation in an organization's internal processes for setting objectives and targets. Public participation is limited to commenting on documents such as draft permits, which are typically very complicated, involve only a small subset of an organization's environmental aspects, and are not widely commented on. The criticism that ISO 14001 does not require sufficient public participation is interesting given that it goes beyond what is currently required by law.33

In the final analysis, however, the primary drivers for setting aggressive objectives and targets will not come from ISO 14001 itself. This pressure will depend on an organization's commitment to environmental issues, customer demands, and public and governmental inputs. Any effort by ISO, an NGO, to set specific performance standards would effectively have been an effort to override the sovereignty of national governments that set such requirements. Any performance requirements set by ISO would inevitably have been more stringent than those set in some countries but less stringent than those set in others, resulting in cries that ISO was violating sovereignty and either too soft or too tough. This underscores the point that ISO 14001 needs to be evaluated and implemented in the overall context in which organizations operate and that it is not intended to be a stand-alone document.

Environmental Management Program

Organizations must establish programs for achieving their objectives and targets, including designating responsibility for achieving the objectives and targets and the time frame within which those objectives and targets will be met.34 This is the translation of the objectives and targets into concrete programs for action: the who, what, when, and where. Objectives and targets that are not accompanied by defined programs for achieving them are not acceptable under the standard. ISO 14001 explicitly encourages management to focus on the results, or performance, of the EMS. The criticism that ISO 14001 does not focus organizations on results is plainly wrong.35 That is precisely the point of the standard. It demands that organizations create defined programs to implement their policy commitments to compliance, pollution prevention, and continual improvement.

Structure and Responsibility

Management must provide adequate resources to implement and control the EMS.36 Further, roles and responsibilities within the EMS must be defined and documented, including the role of reporting on the performance of the EMS to top management. This is a practical requirement: who is doing what and where, and do they have sufficient technical and financial resources to carry out their responsibilities? A "shell" program that is not adequately supported will not pass muster under the standard.

This is a key issue in the existing governmental policies regarding compliance assurance systems. The federal government, consistent with ISO 14001, firmly believes that a key to environmental performance is top management commitment [27 ELR 10631] as reflected in having senior management directly involved in the design and implementation of the system.37 ISO 14001 fleshes out this concept, seeking defined roles and responsibilities throughout the organization, as well as highlighting the importance of financial and technical resources. "Unfunded mandates," i.e., programs that are merely paper shells without the real financial backing to make them realities, are not acceptable under ISO 14001.

Operational Control

Organizations must establish documented procedures to control operations and activities associated with the identified significant environmental aspects.38 These procedures, which include maintenance and must stipulate operating criteria, must cover situations where their absence could lead to deviations from an organization's policy (including the commitment to comply) or objectives and targets.

This is the next step in deploying the top management policy: after objectives and targets have been set and implementation programs developed, they must be transformed into specific operating controls and work instructions that direct employees as to what they must do so that the program will be followed, objectives and targets achieved, and the policy implemented. These instructions and controls may apply to a narrow or wide range of employees, depending on the aspects to be controlled and the objectives and targets that have been set. For example, if packaging waste is a significant aspect and waste reduction is an objective and target, instructions might range from directions to engineers that design packaging to directions to individuals responsible for managing waste. In the more traditional compliance context, instructions on how to manage hazardous waste or operate a wastewater treatment plant would be considered operational controls in ISO 14001.

This is perhaps one of the most important and difficult elements of ISO 14001. It involves cutting through all of the rhetoric about environmental protection and sustainable development and figuring out what individuals must do, on a regular and practical basis in their everyday jobs, to implement an organization's policy and achieve its objectives and targets. It is an example of where ISO 14001 differs from the audit focus of the typical compliance assurance systems approach. Rather than just create big binders of requirements and programs, and audit facilities against them, ISO 14001 encourages organizations to give their people the tools and practical instructions on how to accomplish what is expected of them and then train them on how to use them.

This is a very simple concept: on every single day, every person needs to know the correct thing to do at the right time, and what to do differently in a timely fashion if circumstances change (e.g., change in law, product mix, etc.). It can be very challenging to actually pull off. This is another example of the deceptively mundane nature of ISO 14001, which does not contain many dramatic statements or technically challenging concepts. Only those who have not actually had to work through these issues at the facility level would underestimate this requirement.

Emergency Preparedness and Response

Organizations must have procedures for identifying and responding to accidents and emergencies.39 These procedures must be reviewed periodically, particularly after incidents, to determine if they need to be revised. This is one element of ISO 14001 that should not pose particular challenges in the United States, other than that of coordinating the multiplicity of emergency planning requirements established by law.

Training

Organizations must establish procedures for training their employees on the importance of conforming to the EMS, the importance of the significant environmental impacts (actual or potential) associated with their work activities, the importance of their roles and responsibilities within the EMS, and the importance of the potential consequences of the failure to follow operating procedures.40 The progression is straightforward: employees must be trained in the operational controls or work instructions that are necessary for following the management program, in order to meet the objectives and targets and implement the policy. However straightforward conceptually, this is another of the deceptive requirements of ISO 14001 that typically involve a considerable amount of work. Elegant binders full of programs that people either have not or cannot be trained to implement practically will not pass muster under ISO 14001.

Communication

Procedures must be established for internal communication, as well as for receiving, responding to, and documenting relevant communications from interested parties.41 Relevant environmental procedures and requirements should also be communicated to suppliers and contractors. This standard does not require publication of an organization's EMS, nor does it require the publication of environmental statements, though organizations must consider whether to have programs for external communication.

Much is made of the limited public communications requirement in ISO 14001, particularly in comparison to the requirement of a verified public report in the EMAS.42 This was a difficult issue during the negotiations due to the wide variety of approaches to public involvement in environmental issues based on political and cultural differences. For the United States, this issue is largely irrelevant due to the existing requirements for public reporting and communication that exist under a variety of federal and state statutes, including "community right-to-know" statutes, the Resource Conservation and Recovery Act, and the Clean Water Act. Requirements for public access to environmental information in the United States are far greater than any [27 ELR 10632] public reporting requirements that currently exist elsewhere in the world or in EMAS.43 Indeed, many in the United States prefer this type of raw data to the information typically contained in formal annual reports, which usually contain aggregated and selected data. There is little evidence that formal reports have much impact on performance. In the United States, not only is there an unprecedented degree of access to environmental data, but individual citizens also have the virtually unique right, frequently exercised, to bring enforcement actions based on that data.

It is quite remarkable that other regions of the world, particularly Europe, are somehow perceived as being more open about citizen access and action regarding environmental data when precisely the opposite is true. It would have been inappropriate, however, to impose the U.S. approach through the ISO standards-writing process. This is an unsettled issue that should be resolved in arenas more appropriate for setting public policy.

Monitoring, Measurement, Auditing, and Corrective Action

Organizations must have procedures for regularly monitoring and measuring the key characteristics of those operations that can have a significant impact on the environment.44 These procedures must include tracking the implementation of operational controls, tracking performance against objectives and targets, and evaluating compliance with the law.45 Regular and comprehensive audits of the EMS itself must also be conducted.46 This is the "what gets measured gets done" element of the system. These processes must cover more than simply compliance with legal requirements: they must also measure conformance with the organization's EMS procedures and work instructions, performance against objectives and targets, and environmental aspects.

The standard has been criticized because it measures conformance and inputs, not performance.47 The clear language of the standard refutes these assertions.48 While implementing ISO 14001 is not a guarantee of a particular level of performance (and what is?), it has been explicitly designed as a tool to assist companies in setting performance targets and measuring their performance against them. Without a measurement program linked directly to an organization's significant environmental aspects and objectives and targets, an organization will not be in conformance with ISO 14001.

Corrective action procedures, including defining responsibility and authority for handling and investigating non-conformance and initiating corrective and preventive action, must also be established.49 This points to the breadth of the concept of conformance: corrective action must be initiated when any nonconformance is detected, not just nonconformance with legal requirements. ISO 14001 demands that an organization take nonconformance with its own procedures and expectations just as seriously as noncompliance with the law. Any changes to procedures resulting from corrective action must be documented.

The robustness of the corrective action procedures will be a crucial component of evaluating an ISO 14001 EMS. Problems that have been detected and are being dealt with adequately by the corrective action program typically should not create problems under ISO 14001. The only exception would be where there is a major systems defect that must be remedied before the EMS can be determined to be complete. Such a result would parallel government policies that suggest enforcement relief for violations that have been detected by an audit or due diligence, are promptly reported to the government, and are being corrected.

The audit and corrective action requirements of ISO 14001 are distinct from the third-party certification audits that must be conducted if an organization desires to be certified as an ISO 14001 organization. These certification audits will be conducted by nationally accredited and qualified independent auditors. The concern that these auditors will not be truly independent is legitimate, but does not recognize the effort by most national accreditation bodies to prohibit certifiers from offering both consulting and auditing services to the same organization.50 The statement that certification is an internal audit, however, is incorrect on its face: certifiers must by definition be independent of the organization being audited.

Management Review

Top management must periodically review the EMS to ensure its continuing adequacy and effectiveness.51 This review, based on all of the information collected by the EMS, must consider changes to the policy, objectives, and elements of the EMS. This review must be conducted by top management of the organization, not just environmental professionals. This is one of the "continual improvement" elements of ISO 14001 and emphasizes the importance of top management commitment and involvement in the standard.

Documentation and Recordkeeping

The EMS must be documented.52 Organizations must have defined procedures describing the function of their EMS. Typically, such procedures will have to define who is responsible, what they will do, and how they will do it. In addition, sufficient records must be created and maintained to demonstrate that the system is in place and operating.

A document control system must be maintained to ensure that documents are accessible, kept current, and periodically reviewed. This presents another major practical challenge: making sure that when procedures or requirements [27 ELR 10633] (including laws) change, the older and newly incorrect versions are retrieved and the new procedures are made available to the correct people at the correct time, combined with the appropriate training. These procedures must also cover environmental records, such as training records and audit results. ISO 14001 is, in part, an information management system, encouraging the vertical and horizontal flow of environmentally relevant information throughout the organization.

Many organizations in the private sector in the United States, particularly small and medium-sized businesses, are concerned about the potential red tape that may be generated by ISO 14001. This is a legitimate concern that is based on the negative experiences that many companies have had with the ISO 9000 quality management standards. The fundamental function of an EMS is to manage environmental issues systematically in order to achieve defined goals, not create unnecessary paperwork. An effort was made in writing ISO 14001 to provide some flexibility on documentation issues. Organizations implementing ISO 14001 could consider a practical test when developing their EMS documentation: will new, well-qualified employees be able to understand what they are supposed to do by reading the procedure?

Organizations will have to be vigilant not to turn ISO 14001 implementation into a paper storm. ISO 14001 implementation can be used as an opportunity to weed out procedures and programs that are too cumbersome or complex. If you cannot realistically expect people to do something, do not write it down. Particular attention will have to be paid to the certification process to ensure that excessive documentation requirements are not imposed that would serve only to make the job of the certifier easier, but would not actually help the company do its job. However, if the EMS is properly designed and implemented and the registration process is properly carried out, registration should not add any significant documentation requirements.

The focus on the documentation elements of ISO 14001 sometimes leads to the mistaken impression that documentation is the primary implementation challenge. It is not. Writing policies, programs, and procedures is relatively easy. Following them is what is difficult. The real, and sometimes unappreciated, challenge of ISO 14001 is not in its concept or in creating the paperwork. It is in figuring out what you want to do, doing it, and being sure that you did it. If this challenge is met, the paperwork side of ISO 14001 should not be too difficult.

Some General Observations About ISO 14001

This review of the standard reveals that ISO 14001 provides a framework within which companies can establish and identify their obligations, set their objectives and targets, and create a comprehensive system to achieve those objectives and targets. It encourages companies to include environmental considerations throughout the organization, integrating environmental issues with normal business operations. This approach enhances a company's ability to operate in an environmentally protective manner and to comply with applicable laws.

It is important to understand that ISO 14001 provides a framework and is not the only possible approach to developing an EMS. Equally important, ISO 14001 is not self-contained: as a systems standard, the EMS measures itself against performance criteria that are outside of the standard. This is not a weakness; it is a statement of fact. Some additional general observations can be made.

ISO Is an NGO

ISO is not an international legislative body.53 The primary participants in ISO standards writing are national standards-writing bodies. The U.S. ISO member body is the American National Standards Institute. ISO standards are not negotiated by governmental ministries, though there was significant government participation in the development of ISO 14001.

Many of the major participating standards-writing organizations, particularly from Europe, are quasi-governmental organizations. Many of the delegations included government representatives (e.g., Germany, the United States). Further, as the vigorous EMAS-ISO debate demonstrated, there was significant input from the European Union in the ISO 14001 development process.54

Statements that ISO has member firms are inaccurate and misleading: individual private companies are not members of ISO.55 Similarly inaccurate is the description of ISO as an industry body. U.S. industry certainly does not view ISO 14001 as "its standard": it is evaluating the standard with equal portions of interest and suspicion. Given the cautious attitude of most industry to ISO 14001, the implication that industry somehow initiated the standards-writing process [27 ELR 10634] as a conscious strategy to undercut other international initiatives is quite remarkable.56

This is not to say that the ISO standards-writing process reflects a representative democracy. While participation is open to all ISO member national standards bodies from over 100 countries, as well as liaison bodies such as NGOs, it does take resources and time to participate—no different than any other process. This is not because of any requirements imposed by ISO, but because of the simple fact that attending meetings costs money and takes time. Therefore, standards setting bodies from lesser developed countries and organizations with limited resources were not able to play as active a role as they may have wished—a limitation that applies to virtually any activity of this type.57

Those who are concerned about the difficulties of participation by lesser developed countries often appear to be the same parties that criticize ISO 14001 for not being stringent enough. This is rather ironic, since more stringent standards can only be met by countries or companies with significant resources. Increased participation at recent ISO meetings by lesser developed countries has revealed a significant concern that ISO 14001 is a standard written by the developed nations as a trade barrier. As lesser developed and newly industrialized countries have increased their participation, there has been increased resistance to including more stringent or technically based requirements inthe standards. This was borne out by the very vocal complaints from developing countries at the 1995 TC207 plenary sessions in Oslo, Norway, regarding the life-cycle assessment standards. Increased participation in the ISO process by lesser developed countries is unlikely to result in more stringent standards.

Nevertheless, at least in the United States, the process is relatively open: anyone can attend U.S. delegation meetings, and good-faith efforts are made to take the views of the participants into account when developing the U.S. positions. Once the U.S. positions are developed, the international negotiators for the United States are obligated to advocate those positions, regardless of the extent to which the U.S. positions reflect their own personal views or the views of the organizations to which they belong. For example, an "industry" negotiator for the U.S. delegation must represent the views of the U.S. delegation, not the views of his or her industrial sector. Therefore, it is not necessary to travel to all of the international negotiations to have a significant impact on the development of the U.S. positions and thereby the final international result.

ISO 14001 Is an International Voluntary Standard, Not a Law

ISO 14001 is not a law unless some governmental entity decides to make it such. Further, ISO itself does not and cannot require conformance with the standard. The decision on whether or not to conform to ISO 14001 involves considerations wholly outside of ISO (e.g., commercial, governmental, or public pressure; a desire to improve environmental performance; etc.). A key concern of industry in the United States is to avoid governmental actions that might compromise the voluntary and market-driven nature of the standard.

ISO 14001 is not for everyone. Some organizations may legitimately decide to take other approaches to implementing EMSs. Some U.S. organizations are already concluding that their existing programs already meet or exceed the standard's requirements. Other U.S. organizations might legitimately continue to model their EMSs after the existing compliance-oriented policies of the U.S. government. Nevertheless, ISO 14001 does represent an internationally agreed on baseline for designing and implementing EMSs around the world at a very practical, though not utopian level. ISO 14001 is a legitimate EMS model that may facilitate improved environmental performance, though the question of whether to implement an ISO 14001 EMS is a completely separate issue from whether to seek third-party certification that one conforms to the standard.

Organizations that decide to use ISO 14001 have considerable flexibility in that use. ISO 14001 does not require third-party registration or certification and does not require any publicity regarding an organization's conformance to the standard. Organizations may decide to use it for wholly internal purposes and not make any public statement about it. This would be consistent with how many companies have implemented compliance assurance programs based on the Sentencing Guidelines: they typically do not accompany the implementation with a public announcement.

A myth has developed that any EMS implementation must by definition be accompanied by some kind of publicity or public declaration if it is to be considered effective. Indeed, there is a danger that the degree of EMS implementation will begin to be measured by the number of ISO 14001 certifications, carrying with it the implicit (and inaccurate) assumption that without certification one cannot have an effective EMS. This can lead to the unproductive practice of "keeping score" of ISO 14001 certificates, which distracts from the more important questions of EMS implementation and environmental performance.

Third-party certification is not directly relevant to improved environmental performance: an effective EMS (including one that conforms to ISO 14001) does not become more effective just because a third party looked at it. Certification is merely one of many ways to communicate about an EMS that has been implemented. An effective EMS that conforms to ISO 14001 should not require any extra effort to obtain certification, other than the time and cost associated with the certification process itself. If significant additional effort is required to certify an ISO 14001 EMS, that can only mean two things: the certification process is inappropriately adding requirements that do not exist in the standard itself, or the organization in question was not really in conformance with the standard. Since certification is [27 ELR 10635] supposed to determine conformance to the text of the standard, there should be no question of the certifying bodies making any additional demands on organizations. Further, certifying bodies should not demand any greater level of proof of implementation than an organization should ask of itself in its own ISO 14001 measurement and auditing programs.

Many companies are highly skeptical about the value of third-party certification other than as a tool for bringing money into the coffers of consulting firms. Thus, many companies have adopted a strategy of implementing an EMS that is consistent with ISO 14001, but declining to seek certification unless demanded by commercial, public, or governmental pressure. It will be important that this decision be made based on facts rather than fear or rumor. Generic or unsupported statements that a particular industrial sector or the public will "demand" certification should not be accepted. Some companies that are implementing ISO 14001 are also considering making public declarations regarding conformance with the standard without third-party verification, the self-declaration option that is explicitly endorsed in ISO 14001. These declarations will carry with them whatever intrinsic credibility accompanies any other public statement made by these organizations.

ISO 14001 Is Not the "State-of-the-Art" in EMS Thinking

Aggressive claims that imply that ISO 14001 represents the leading edge of EMS thinking are misleading. Some companies already have EMSs in place that are more sophisticated than ISO 14001. It would have been inappropriate, however, for ISO to standardize such programs. ISO is a standards body, not a research institution. The function of ISO is to harmonize national and regional standards, not serve as a think tank to create leading edge documents. While this may disappoint some, it is what standards organizations do. ISO standards must be applicable to all types of organizations, large and small, throughout the world. Further, standards should reflect what is demonstrably practical for a cross-section of organizations, not what some would hope could be or might be done. To do otherwise would transform standards writing into an interesting exercise in social experimentation.58

If the standards are written to reflect the most recent "best practices," the standards would be capable of implementation by only a relatively few very advanced organizations—precisely the companies that need ISO's help the least. Small and medium-sized companies would be completely left behind and many organizations in developing and less-developed countries would also be severely disadvantaged. A leading edge standard might bring some personal satisfaction to some parties and provide good fodder for press releases, but will not achieve the stated goal of improved environmental protection if most organizations in the world cannot implement it.

The point of ISO 14001 is not to create a "leadership program" to reward the few leaders who need neither the help nor the recognition. It is to improve the environmental performance of the larger mass of companies, most of which are smaller, less sophisticated organizations. A modest, practical, and widely implemented EMS model is more likely to improve overall environmental performance than a tough "leadership" program intended for the "elite."

Ironically, the criticism that ISO 14001 does not sufficiently reflect the latest thinking on EMS is sometimes coupled with a complaint that ISO 14001 does not sufficiently take the concerns of small businesses and developing countries into account.59 This view does not recognize the fact that the primary concern of small businesses and developing countries about ISO 14001 is that the standard may be too advanced, expensive, and complex to implement. To review this issue, ISO TC207 has formed a small and medium-sized enterprises (SME) task force, which gave its first report at the April 1997 TC207 meetings in Kyoto, Japan. At an SME workshop held in Kyoto, the universal concern expressed was that ISO 14001 may be difficult for SMEs to implement unless they are provided technical and financial assistance.

Another criticism of ISO 14001 is that it discourages the continuation of work on advancing the state-of-the art of EMS. This criticism, however, is unfounded. There is absolutely no contradiction, for example, between ISO 14001 and documents such as Agenda 21.60 Indeed, an organization implementing ISO 14001 could adopt Agenda 21 as an "other requirement" that it would then be required to implement. But transforming the general aspirational recommendations of documents such as Agenda 21 into immediately auditable requirements would limit ISO 14001 registration to a very small group of sophisticated companies that are likely already good environmental performers. Simply pointing to the fact that a document such as Agenda 21 exists and that it has garnered some support in public policy circles is not a sufficient factual basis to conclude that it has been and can be implemented by a wide range of organizations, or that individual companies should be audited against it. Indeed, it is unlikely that documents such as Agenda 21 were intended to create auditable requirements at the individual organizational level. As the state-of-the-art is developed, implemented, and demonstrated to be practical for international application for a broad range of organizations, ISO 14001 can be revised.

ISO 14001 Supports, But Does Not Set or Replace Performance Criteria

ISO 14001 does not establish substantive performance obligations for organizations. ISO 14001 certification is not a performance certification, nor is ISO 14001 a performance guarantee. Actual technical environmental compliance or performance obligations are set by the countries within which particular facilities operate, by international agreements, [27 ELR 10636] or by other nonlegal obligations to which an organization might subscribe.

ISO TC207, which is writing the ISO 14000 standards, is barred by the terms of its own mandate from setting such obligations. This makes the allegation that measurable performance standards were written out of the ISO 14000 standards absurd—the participants were not allowed to consider them in the first place.61

It would also be an unacceptable intrusion on national sovereignty for ISO TC207 to set specific performance criteria. It is precisely because ISO is not an international legislative body that it should not establish specific environmental performance requirements. Some of those who have complained about the alleged undemocratic character of ISO proceedings for setting public policy-sensitive environmental requirements have in the same breath complained that ISO 14001 did not set specific technical or engineering standards.62 The one time that TC207 came close to working on specific technical requirements—the rejected initiative to write a standard on sustainable forestry—it provoked massive participation and resistance from the environmental NGOs, which, incidentally, coincided with the position taken by many industrial sectors.63

The U.S. government and U.S. NGOs would have been deeply concerned if ISO had attempted to establish technical performance standards. Given how stringent the U.S. standards are, it is likely that the performance criteria set by ISO would have been less stringent. ISO is simply not the appropriate forum for setting public policy-sensitive environmental performance criteria. In addition, countries with less stringent environmental requirements would have been very upset if ISO, an NGO, presumed to set more stringent requirements that would override their sovereignty. Binding international environmental performance criteria should be set through the appropriate international bodies that involve official government participation, such as those that have created the Basel Convention or the Montreal Protocol.

Since ISO 14001 does not set specific performance criteria, it obviously cannot replace performance criteria that are set by the organizations themselves, by trade associations, or by laws and policies. Therefore, claims that conforming to ISO 14001 should eliminate the necessity for government oversight are silly. ISO 14001 is not, by itself, a guarantee of performance, nor is it a certification of any particular level of environmental performance. Proponents who make such claims do the standard a disservice. ISO 14001 is only one part of the puzzle—it is a framework that can be used to meet performance criteria that are set outside the standard.

This is not to say that ISO 14001 does not have any potential role in setting public policy on environmental issues. Several countries, including the United States, the Netherlands, Germany, and Canada, are exploring the relationship between environmental management systems and regulatory regimes. These initiatives include, among other things, examining the relevance of compliance assurance systems to enforcement policies and exploring whether EMSs can be part of an overall effort to create regulatory systems that protect the environment while at the same time providing organizations with more flexibility. The idea here is not that ISO 14001 would replace performance criteria but that a credible EMS might be a basis for providing organizations with more flexibility on how those requirements are to be met.

Regulators should be cautious, at this early phase of ISO 14001 implementation, in establishing ISO 14001 policies or making pronouncements about the efficacy of ISO 14001 in meeting or exceeding performance requirements. The standard is new. It is based on the assumption that the systematic identification and management of environmental obligations will result in improved or more efficient environmental performance. But the ability of ISO 14001 to deliver on its promise still needs to be demonstrated.

Premature judgments based on an abstract reading of the standard, rather than on empirical data, could result in erroneous policies that launch public policy in a direction from which it would be difficult to retreat. For example, regulators might decide, without a record based on ISO 14001 implementation over time, that additional elements or requirements need to be added to ISO 14001 in order for an EMS to meet government expectations: in other words, "ISO 14001 Plus." This outcome could put companies in the difficult situation of facing two standards: ISO 14001 to satisfy commercial and international pressures, and some modified "ISO 14001 Plus" to satisfy governmental expectations. This outcome would defeat the point of national and international standardization. It might also be inconsistent with the National Technology Transfer and Advancement Act of 1995, which creates a presumption in favor of the federal government operating in a manner consistent with national and international standards.64 This is not the time for governments to write their own EMS standards or criteria.

Whatever role ISO 14001 may eventually play in setting public policy, it is incorrect to fear that ISO 14001 is inconsistent with or will somehow supplant environmental performance criteria that have been set at the national or international level, whether by legislation, regulation, formal treaty (e.g., the Basel Convention or the Montreal Protocol) or less formal agreements (e.g., Agenda 21 or the ICC Charter on Sustainable Development). Quite the contrary, ISO 14001 may be used as a foundation for systematically identifying and managing such obligations.

One of the more remarkable criticisms of ISO 14001 is that stringent national environmental laws could be "overridden" by a "weak" ISO 14001.65 ISO 14001 demands precisely the opposite: a policy commitment to compliance that must be implemented by identifying legal requirements, setting objectives and targets, reviewing compliance status, etc. A facility cannot use ISO 14001 as the basis for setting standards for itself that are lower than those that apply in the nation where it operates. The theory underlying this criticism is particularly troublesome: that each element of the ISO 14001 standard should have been based on the most stringent equivalent legal requirement that could be found. This would have created a "super standard" consisting of legal requirements that [27 ELR 10637] do not actually exist in any one country. Since one would have to conform to all of these requirements in order to obtain certification, this would effectively trump the sovereignty of nations by imposing, on an international level, the legal requirements of selected countries. Thus the claim that ISO 14001 overrides national law is not only incorrect, it is also based on an approach that if implemented would itself violate sovereignty.

The concern that ISO 14001 may require changes to national environmental standards due to concerns relating to the General Agreement on Tariffs and Trade (GATT) and the World Trade Organization (WTO) is equally misplaced.66 A national law imposing a specific requirement on facilities operating in that country is not a nontariff trade barrier. The issue of nontariff trade barriers arises where there is an attempt to apply requirements extraterritorially or if facially domestic requirements have significant extraterritorial effects. For example, ISO 14001's relatively limited requirements on public disclosure or emergency planning cannot be the basis for a GATT/WTO attack on the much more stringent requirements that U.S. law imposes on facilities operating in the United States. GATT/WTO would come into play only if the United States attempted to impose these requirements outside the United States by affecting production or processing methods in other countries.

This is not to say that there are no potential GATT/WTO issues that apply to ISO 14001. For example, if a country attempted to impose EMS requirements extraterritorially (e.g., demanding that products sold in that country come from facilities that operate in a particular manner, regardless of where the facilities are located), that could raise GATT/WTO issues. GATT/WTO generally prohibits countries from imposing extraterritorial requirements on how products are manufactured. A significant exception to this rule, however, is that requirements based on international consensus technical standards will be accorded a presumption of validity: the burden shifts to the challenger. This is the Technical Barriers to Trade (TBT) provision of GATT. For example, a government that demands that all defense contractors, wherever located, must be certified as complying with ISO 14001 might seek the benefit of the TBT presumption if challenged.67

Critics have to decide what they want. They cannot complain that ISO 14001 does not set any substantive performance criteria, then claim that ISO 14001 as written may override the performance criteria set by individual nations, go on to attack the standard as allowing organizations to choose to conform to the laws of countries with requirements less stringent than those the critics prefer, and on top of all that assert that ISO is not sufficiently democratic to make public policy decisions anyway.

ISO 14001 Can Be "Abused"

ISO 14001 is not a fail-safe system. It is a voluntary standard written with the intent that it will be used by organizations sincerely wishing to improve the management of their environmental affairs. It was not written as many laws and regulations are drafted, with the intent to "catch wrongdoers" and plug all potential loopholes contained in applicable requirements. It does not contain its own performance criteria. Therefore, it is possible that some companies may attempt to design and implement EMSs that are relatively ineffective, simply to get the certificate. ISO 14001 should not be evaluated based on its ability to control "bad actors."

While this is certainly a limitation of the standard, it is a limitation that applies to any voluntary standard and is not a fatal flaw. This limitation should be explicitly recognized and taken into account when evaluating some of the more ambitious claims that are being made on the standard's behalf. It will also be important for those involved in environmental issues in both the public and private sectors to guard against such abuses.

This limitation does not support the criticism that the standard cannot be used as a basis for improving and measuring performance.68 ISO 14001 is constructed on the premise that organizations should systematically identify and manage their environmental obligations and measure their performance against defined criteria. ISO 14001 does not provide those criteria—it simply establishes a framework to implement them. Any organization that in good faith implements ISO 14001 will find a framework for setting performance criteria and measuring its performance against them.

Conclusion

ISO 14001 is a voluntary EMS standard that is intended to assist organizations in identifying and meeting requirements that are set elsewhere. While this may appear to be too modest a goal for some, the importance of systems approaches to managing an organization's affairs should not be underestimated. Simply creating performance criteria or standards without providing mechanisms for achieving them may satisfy ideological needs but will not be of much practical assistance to the organizations whose environmental performance we all want to improve. Equally clear is that systems standards without meaningful performance criteria are empty shells.

ISO 14001 is based on the concept that better and more efficient environmental performance can be achieved when environmental obligations are systematically identified and managed. Just as managers learned that product quality can be improved if quality objectives and systems are fully integrated into all aspects of a company's operations, there is a growing consensus that environmental protection and compliance can be best achieved if environmental factors are integrated into industrial operations in a systematic way: from design, raw materials selection, manufacture, and sale, to the ultimate disposition or disposal of the product. The ISO 14001 standard provides an internationally accepted framework for this approach. However, ISO 14001 is not "the answer" to environmental protection and is not the only legitimate approach to EMS—it is only one more piece of the much bigger puzzle of attempting to improve environmental performance in a practical and cost-effective manner that is likely to actually achieve progress.

What many of the proponents and opponents of ISO 14001 have done is create a caricature of the standard, forming the basis for exaggerated and uninformed claims and criticisms. Some proponents claim that ISO 14001 is the answer to the world's environmental problems, thus creating a target that is too easy to resist. The opponents who cannot resist the easy shots are usually shooting not at the standard itself, but rather at the uninformed opinions of others.

Proponents of ISO 14001 need to be more modest in their claims. ISO 14001 is intended for broad application by a wide range of organizations and is not a "state-of-the-art" standard. ISO 14001 will not, by itself, improve environmental performance. It is only one tool in the environmental protection toolbox, and must be implemented in the legal and public policy context that sets applicable performance criteria. ISO 14001 is a framework for supporting the implementation of performance requirements and criteria, but does not replace them. Proponents should also recognize that ISO 14001 is not for everyone: organizations may choose not to implement ISO 14001 for a number of legitimate reasons.

Opponents of ISO 14001 should be more precise in their analysis of the standard's text and more cautious in making claims about the motivation of those who drafted the standard and about the standard's relationship to other environmental initiatives. There are certainly legitimate criticisms that can be made of ISO 14001 (and of the claims that are being made by some proponents), but these do not include sweeping claims that ISO 14001 undercuts and preempts virtually all positive environmental initiatives of recent memory. This line of reasoning builds a false image of ISO 14001 and then, all to easily, knocks it down.

The rhetoric (on both sides) about ISO 14001 needs to be toned down and the standard should be evaluated on its own merits as a voluntary, nongovernmental initiative. ISO 14001 reflects a simple, yet at the same time ambitious, vision: more effective and efficient protection of human health and the environmental through the widespread adoption of practical environmental management tools by organizations of all types and sizes.

1. An analogy can be drawn to the computer world: a personal computer must have (at least) two types of software to be of any practical use to the average user—operating systems software (e.g., MS-DOS or Windows(R)) and applications software (e.g., word processing programs). ISO 14001 is the equivalent of systems software that is useless without applications software, but makes the effective use of the applications software possible.

2. Parts of this section are drawn from Christopher L. Bell, Environmental Management Systems and ISO 14001: A U.S. View, EUR. W. WATCH, Dec. 1, 1995, and Christopher L. Bell, ISO 14001: Application of International Environmental Management Systems Standards in the United States, 25 ELR 10678 (Dec. 1995).

3. The European Standardization Organization (CEN) has adopted ISO 14001 as the European Union's (EU's) voluntary EMS standard, denominated as EN14001. Pursuant to an agreement between the EU's national standards bodies, once CEN has adopted a standard, the corresponding national standards must be withdrawn and replaced with the CEN standard. For example, the United Kingdom's standard, BS 7750, has been withdrawn and organizations with BS 7750 certificates must be reviewed to verify that they conform to EN 14001. With respect to EMAS, the EU recently issued a document describing what it believes are the differences between EMAS and ISO 14001 and how ISO 14001 can be used as a foundation for also obtaining EMAS verification. See EMAS Bridging, Comparison Documents Issued by European Standardization Unit, 20 Int'l Env't Rep. (BNA) 911 (Oct. 1, 1997). Interestingly, it appears that ISO 14001, not EMAS, is rapidly becoming the EMS standard of choice in Europe. See CHEMICAL WK., Sept. 29, 1997, at 84.

4. These include the Chemical Manufacturers Association's "Responsible Care(R)" program in 1988, the American Petroleum Institute's STEP (Strategies for Today's Environmental Partnership) initiative in 1990, the International Chamber of Commerce's Business Charter on Sustainable Development in 1991, and guidance documents produced by organizations such as the Global Environmental Management Initiative (GEMI) and the Public Environmental Reporting Initiative (PERI).

5. One of the first formal government statements regarding management systems came in the area of occupational safety, with the Occupational Safety and Health Administration's (OSHA's) Voluntary Protection Program in 1982. See 47 Fed. Reg. 29025 (July 2, 1982); 50 Fed. Reg. 43804 (Oct. 29, 1985); 51 Fed. Reg. 33669 (Sept. 22, 1986); 52 Fed. Reg. 7337 (Mar. 10, 1987).

6. 51 Fed. Reg. 25004 (July 9, 1986).

7. 60 Fed. Reg. 66706 (Dec. 22, 1995).

8. The New Jersey Prosecutor's Office has also issued Voluntary Environmental Audit/Compliance Guidelines (May 15, 1992), which resemble the DOJ policy. The New Jersey guidelines provide great detail about what a compliance program must look like. Such programs will be viewed as "mitigating factors" in the exercise of the prosecutor's criminal environmental enforcement discretion.

9. 56 Fed. Reg. 22762 (May 16, 1991) (§ 8A1.2, cmt. K). Though the Sentencing Guidelines for U.S. Courts do not formally apply to companies convicted of environmental crimes, they have nonetheless been commonly used by companies as a guide in the development of compliance assurance programs in the environmental area. EPA has modeled its policy for "delisting" government contractors with criminal convictions on the Sentencing Guidelines. 56 Fed. Reg. 64785 (Dec. 12, 1991).

10. 59 Fed. Reg. 32062 (June 21, 1994) (Environmental Leadership Program); id. at 55117 (Nov. 3, 1994) (Common Sense Initiative); 60 Fed. Reg. 27282 (May 23, 1995); 62 Fed. Reg. 19872 (Apr. 23, 1997) (Project XL). The Environmental Leadership Program initiative has resulted in the creation of some guidance documents on EMS and auditing. In addition to these efforts, EPA's National Environmental Investigation Center has also developed an EMS guidance document. COMPLIANCE FOCUSED ENVIRONMENTAL MANAGEMENT SYSTEM—ENFORCEMENT AGREEMENT GUIDANCE, EPA-330/9-97-002 (Aug. 1997).

11. Regulations are also increasingly reflecting a systems approach. For example, many facilities are subject to the detailed accidental release prevention regulations, promulgated pursuant to § 112 of the Clean Air Act, which are intended to ensure that regulated companies have operating and maintenance systems in place to reduce the likelihood of chemical accidents and releases. See 59 Fed. Reg. 4478 (Jan. 31, 1994); 61 Fed. Reg. 31668 (June 20, 1996); 62 Fed. Reg. 45134 (Aug. 25, 1997).

12. EPA has launched initiatives (such as the 33/50 Voluntary Toxics Reduction, Wastewi $ e and Green Lights programs) aimed at encouraging companies to look beyond the traditional "end-of-pipe" control technology approach to controlling pollution and move toward pollution prevention strategies that avoid creating the pollutants in the first instance. See 56 Fed. Reg. 7849 (Feb. 26, 1991) (regarding the 33/50 Voluntary Toxics Reduction program); 62 Fed. Reg. 24914 (May 7, 1997) (for a brief description of the Wastewi $ e program); 59 Fed. Reg. 38288 (July 27, 1994) (for a description of the Green Lights program).

13. However, ISO 14001 may, in a manner consistent with the Sentencing Guidelines, be a very useful tool in creating comprehensive compliance assurance systems that discourage individuals within organizations from intentionally violating the law.

14. This point cuts both ways, however. While regulators should not read ISO 14001 as if it were a regulation and therefore find it wanting, proponents should be very cautious in claiming that ISO 14001 should replace the regulatory framework in a wholesale manner. The latter assertion can invite precisely the type of analysis that ISO 14001 might not survive.

15. ISO 14001, § 4.2 (1996). It is suggested that readers focus on the requirements section of the standard, § 4, along with the definitions in § 3, when reading the standard. These are the auditable requirements. The introduction to the standard is not auditable and is not a significant component of the standard. The Annex to the standard also is not auditable. In addition, ISO 14004, an EMS guidance standard, does not contain auditable requirements.

16. Though BS 7750 and EMAS appear to have a more stringent compliance requirement, it is the understanding of the author of this Dialogue that, as a practical matter, 100 percent compliance is not a prerequisite to conforming with these documents. This reflects a more general issue: the different ways documents are read and interpreted in different countries. In the United States, perhaps due to our adversarial and litigious context, documents are read in an extremely literal manner. But in Europe, it appears that many documents, particularly standards, are read though a filter of reasonableness. Many of the debates that took place during the drafting of ISO 14001 can be traced to these differences. Many of the European negotiators appeared to be quite comfortable with "stringent" language because they assumed that however stringent, the language would be interpreted in a reasonable and logical manner. The U.S. delegation, however, wanted the language of the standard to reflect with some precision the intent of the drafters and what was to be expected when the standard was implemented. As a practical matter, the two approaches generally end up in the same place in their respective contexts. Unfortunately, this debate was often misunderstood as the Europeans being "more stringent" and the Americans wanting a "softer" standard. This was not the case: what the United States opposed was stringent language that might not be applied literally outside the United States but would probably be applied inflexibly in the United States. This was more a struggle over "optics" than over substance. Claims that EMAS is more stringent than ISO 14001 are not supported by what actually happens at the facility level.

17. This is another of the situations where EMAS is incorrectly held out as more stringent. The canonization of EVABAT is not more stringent—it is just wrong. Surprisingly, some who claim to speak in the interests of developing countries have lauded the technology-based approach of EMAS. See, e.g., Roht-Arriaza, Environmental Management Systems and Environmental Protection: Can ISO 14001 Be Useful Within the Context of APEC?, 6 J. ENV'T & DEV. 292 (1997).

18. ISO 14001, supra note 15, § 4.3.1.

19. BENCHMARK ENVIRONMENTAL CONSULTING, ISO 14001: AN UNCOMMON PERSPECTIVE: FIVE PUBLIC POLICY QUESTIONS FOR PROPONENTS OF THE ISO 14000 SERIES 4 (1995) [hereinafter UNCOMMON PERSPECTIVE]. An abridged version of Uncommon Perspectives was published in the April 1996 issue of Greener Management International by Harris Gleckman and Riva Krut under the title Neither International Nor Standard: The Limits of ISO 14001 as an Instrument of Global Corporate Environmental Management. A revised version of this article has reappeared in the form of a draft United Nations Conference for Trade and Development (UNCTAD) report entitled ISO 14001: International Environmental Management Standards—Five Key Questions for Developing Country Officials (1996).

20. Despite the use of terms such as impacts and effects in BS 7750 and EMAS, the ISO 14001 negotiations revealed that those standards are implemented in precisely the manner intended by ISO 14001, and that they do not intend that organizations conduct technical or formal risk assessments.

21. Both BS 7750 and EMAS require the creation of such registers.

22. ISO 14001, supra note 15, § 4.3.2.

23. UNCOMMON PERSPECTIVE, supra note 19, at 7.

24. The ISO EMS guidance document, ISO 14004, does contain references to several of these documents. See, e.g., ISO 14004: 1996, General Guidelines on Principles, Systems and Supporting Techniques, Annex A. This is appropriate because ISO 14004 does not contain auditable requirements. ISO should not lightly transform the "recommendations" of Agenda 21 into "requirements."

25. UNCOMMON PERSPECTIVE, supra note 19, at 23.

26. ISO 14001, supra note 15, § 3.12.

27. UNCOMMON PERSPECTIVE, supra note 19, at 9.

28. ISO 14001, supra note 15, § 4.3.3.

29. There is a concern in some organizations that ISO 14001 actually discourages aggressive objectives and targets for fear that failure to meet "stretch" goals will result in the failure to obtain or the loss of ISO 14001 registration. This concern is misplaced. The failure to meet an objective or target does not result in a loss of registration. The key issue in ISO 14001 is not the fact that the target was not met, but how the organization's corrective action process responded to that fact (assuming that the shortfall was detected). In some cases, it may be that the target was unreasonable or that conditions have changed since the target was set, in which case the appropriate response may be to change the target. In other cases, the target may be appropriate and it may be necessary to implement some program improvements to achieve the target (e.g., improved training). Neither of these situations should be a threat to registration.

30. ISO 14001 is different from ISO 9000 in this regard. In the ISO 9000 quality systems series of standards, the level of acceptable quality is set wholly outside the standard in the buyer-seller relationship. See, e.g., ISO 9001: 1994, Quality Systems—Model for Quality Assurance in Design, Development, Production, Installation, and Servicing. ISO 14001, on the other hand, does contain some minimum substantive criteria.

31. Some companies that are implementing ISO 14001 limit their objectives and targets to "improvement" objectives and targets. For those areas where the goal is to maintain existing programs and activities, these companies will not set discrete objectives and targets but rather manage these activities through the operational control, measurement, and auditing elements of the standard. For example, some companies do not set discrete objectives and targets for every significant aspect that has an associated regulatory requirement, and instead have an overall policy commitment to compliance that is then reflected in specific programs, controls, measurements, and auditing components of the EMS.

32. This concept is sometimes given the misleading label of "beyond compliance," implying that compliance is a baseline that one goes beyond when dealing with unregulated areas. This is incorrect. Improving performance in an unregulated area is not going beyond compliance, because there are no compliance requirements to go beyond. Further, it is not necessary to be in full compliance in order to improve environmental performance in unregulated areas. Indeed, such a presumption could mask significant improvements in overall environmental performance by companies that may still be out of compliance in environmentally less significant areas. "Beyond compliance" is really only an appropriate term for performance in regulated areas that goes beyond what is required by law.

33. This criticism might have more force in the context of claims that ISO 14001 should be a basis for regulatory flexibility. For example, if it is asserted that an "ISO 14001 company" should be given flexibility with respect to a legal requirement that currently involves public participation (e.g., a permit renewal), then one would expect that the ISO 14001 EMS would somehow ensure that the flexibility provided did not result in a decreased amount of public participation.

34. ISO 14001, supra note 15, § 4.3.4.

35. See UNCOMMON PERSPECTIVE, supra note 19, at 17.

36. ISO 14001, supra note 15, § 4.4.1.

37. See, e.g., U.S. Sentencing Guidelines § 8A1.2, cmt. (k)(2).

38. ISO 14001, supra note 15, § 4.4.6.

39. Id. § 4.4.7.

40. Id. § 4.4.2.

41. Id. § 4.4.3.

42. In criticizing ISO 14001 for not requiring the publication of audits or registers of environmental aspects, one commenter points with approval to EMAS. See Roht-Arriaza, supra note 17. However, EMAS also does not require the publication of such information.

43. There is a misimpression that the United States opposed EMAS-type public reporting requirements in ISO 14001 because of liability considerations. That is not accurate—the United States opposed it because it is only one way, and a limited one at that, to encourage performance.

44. ISO 14001, supra note 15, § 4.5.1.

45. Though ISO 14001 explicitly requires evaluating compliance, it has been criticized for not requiring compliance audits. Roht-Arriaza, supra note 17.

46. ISO 14001, supra note 15, § 4.5.4.

47. UNCOMMON PERSPECTIVE, supra note 19, at 15-17.

48. Indeed, the term "inputs" does not even appear in the section of the standards on measurement.

49. ISO 14001, supra note 15, § 4.5.2.

50. UNCOMMON PERSPECTIVE, supra note 19, at 21.

51. ISO 14001, supra note 15, § 4.6.

52. Id. §§ 4.4.4, 4.4.5, 4.5.3.

53. To demonstrate the level at which the discussion of ISO 14001 takes place, one commenter has claimed that labeling ISO as the "International Standards Organization," rather than, correctly, as the "International Organization for Standardization" is an inaccurate "translation of the acronym 'ISO' into English" and is a "crucial obfuscation!" UNCOMMON PERSPECTIVE, supra note 19, at 4. It is indeed uncommon to assert that the public will perceive significant differences between an organization that works on "standardization" and one that works on "standards." The correct name for ISO has nothing to do with the proper "translation" of the acronym, because ISO is not an acronym for the name of the organization in any of its three official languages (French, Russian, or English). For example, the official French name is Organisation Internationale De Normalisation, which certainly does not produce the acronym ISO. The reason for dwelling on this issue is not because it is a critical matter, but because it is an example of how a simple misunderstanding about ISO rapidly escalates into allegations of "crucial obfuscations" that have absolutely no factual basis.

54. The European Union recently determined that implementing ISO 14001 will satisfy many, but not all, elements of EMAS. Unfortunately, some of the elements of EMAS that the European Commission decided are not satisfied by ISO 14001 indicate a misunderstanding of both ISO 14001 and EMS generally. For example, the Commission has determined that ISO 14001 does not satisfy the "initial review" element of EMAS, which requires an initial assessment of a site's legal and environmental status. The United States successfully opposed mandatory initial reviews because many companies in the United States have been implementing EMSs for years and do not need an initial review. Further, ISO 14001 requires that companies identify their environmental aspects and their legal requirements. If it is the first, or "initial," time that a company undertakes these tasks, it is the equivalent of an initial review. If it is not the first time a company does it, there is no reason for an initial review. This practical point was not grasped by the Commission, and continues to be misunderstood by many commenters. See, e.g., Pierre Hauselmann, ISO Inside Out: ISO and Environmental Management, WWF INT'L, Jan. 1997, at 9. Interestingly, Hauselmann also identified making the environmental policy public as an EMS element added by EMAS, which is puzzling given that this is also an explicit requirement of ISO 14001.

55. UNCOMMON PERSPECTIVE, supra note 19, at 11.

56. See id. at 4.

57. Some characterizations of the process are misleading. One commenter has asserted that ISO has not followed its own "consensus principles" during the development of the ISO 14000 standards. Hauselmann, supra note 54, at 5. ISO operates on a consensus basis, which is defined by the absence of "sustained opposition." Where a vote is necessary, the ISO practice, in all standards-writing activities, is that a two-thirds affirmative vote indicates the absence of "sustained opposition." This was the procedure that was followed by TC207. Therefore, the assertion in Hauselmann that ISO departed from its regular practices during the ISO 14000 negotiations is factually incorrect. In any event, this criticism is irrelevant with respect to ISO 14001, since the document was approved with an affirmative vote of well over 90 percent.

58. One critic even refers to many of the initiatives it claims ISO 14001 will discourage as "experimentation." UNCOMMON PERSPECTIVE, supra note 19, at 6. The entire point of experiments is to test propositions to determine if they are correct, so that a catastrophe will not result if they are incorrect. What would discourage experimentation would be to test initiatives under ISO standards that cannot easily be rescinded where the consequences of discovering the initiatives' flaws are severe. Experimentation means that there are a variety of potential solutions and approaches to a problem that remain to be tested. This, almost by definition, means that the time is not yet ripe for a standard. ISO 14001 supports such experimentation by creating a systems framework within which organizations can implement leading edge approaches.

59. UNCOMMON PERSPECTIVE, supra note 19, at 7-13.

60. Id. at 7-14.

61. Id. at 17.

62. See, e.g., id. at 9, 12.

63. The controversial work in the forestry area continues in the form of a working group laboring to create a guidance document on the topic.

64. Pub. L. No. 104-113, 110 Stat. 775 (codified at 15 U.S.C. § 272).

65. UNCOMMON PERSPECTIVE, supra note 19, at 20-21.

66. Id. at 21.

67. The most recent incarnation of the Uncommon Perspective article, the draft UNCTAD report, continues the misunderstandings of the relationship between the ISO 14000 standards and international trade. The draft UNCTAD report suggests that the ISO 14000 labeling standards (which will be designated as ISO 14020-24) would inappropriately prevent a government from establishing a labeling and market preference for facilities that improve their environmental performance. ISO 14001: International Environmental Management Systems Standards: Five Key Questions for Developing Country Officials (Draft for Comment) (1996). This scenario would be true only if the government policy was inconsistent with the ISO standards. The current drafts of the ISO 14000 labeling standards are attempting to ensure that environmental labeling programs are based on good science, consensus, and transparency. Assuming that these principles prevail, a governmental program that is consistent with these principles would be presumptively acceptable under the TBT provisions of GATT. Therefore, the scenario in the UNCTAD draft report would be accurate only if the government in question established a policy that was not based on science, consensus, or transparency: precisely the types of programs that the participants in ISO 14000 want to discourage. The draft UNCTAD report also ignores the fact that it is standards such as those being developed by ISO that make legitimate national policies possible without running afoul of GATT. Without the TBT provisions of GATT and internationally accepted standards, national policies setting extraterritorial requirements that control process or production methods have generally been held to violate GATT.

68. UNCOMMON PERSPECTIVE, supra note 19, at 14.


27 ELR 10622 | Environmental Law Reporter | copyright © 1997 | All rights reserved