Task 22: We conduct internal audits of the 50001 Ready energy management system at specified intervals and report the results to relevant management. We identify trends in internal audit results for consideration in management review.
Detailed Guidance: Internal Audit
Getting It Done
- Appoint an energy management system (EnMS) internal audit program manager.
- Develop a documented internal audit procedure that addresses the responsibilities, planning, and conducting of EnMS internal audits, as well as the reporting of audit results.
- Identify personnel to serve as EnMS internal auditors and train them on 50001 Ready Navigator EnMS guidance (or optionally ISO 50001 requirements and/or internal auditing of ISO 50001 including auditing of energy performance improvement), and your internal audit procedure.
- Conduct regularly scheduled EnMS internal audits to identify areas of success and areas in need of improvement.
- Record the results of your organization’s internal audits.
- Ensure that internal audit results are reported to relevant management.
An internal audit checks your energy performance and the implementation and effectiveness of your energy management system (EnMS). It is a systematic and independent process that must be documented. Internal auditors collect and objectively evaluate evidence to determine whether your organization is meeting the requirements of its EnMS and ISO 50001.
Management system audits are system-focused; they are very different from other types of audits with which you may be familiar, such as environmental compliance audits, safety audits, or financial audits. Hence, training in management system auditing is critical for internal auditors. Appropriate resources will be needed to ensure this training is provided, either in-house or by an external training provider.
The leader or other member of the energy management team often has overall responsibility for the internal audit program, but some organizations assign a separate internal audit program manager.
Searching for resources developed for other management system internal audits such as ISO 9001 and 14001 can be a great place to start. If your organization has an internal audit program in place for another management system (e.g., ISO 9001 quality, ISO 14001 environmental, ISO 45001 safety and health), leverage that existing process and the available in-house internal auditing expertise. If you do not already have an internal audit program in place, it is recommended that you attend an internal auditing or lead auditor training course to learn how to manage and conduct internal audits.
The results of internal audits, both positive and negative, must be recorded and communicated to the relevant management. These results are often recorded on an audit finding form, a corrective action form, and/or in an audit report. The report can be in any format, including a PowerPoint presentation. Regardless of the specific style and format used, the results should be communicated with two specific objectives in mind:
- providing objective evidence of effective implementation of the audit process, and
- allowing for corrective actions to be addressed and for follow-up requirements to be established and initiated.
This guidance is relevant to Section 9.2 of the ISO 50001:2018 standard.
You should document your internal audit program, including the following:
- Purpose of the audit program
- Auditor training requirements
- Planning and scheduling audits
- Criteria and scope for each audit
- Process of selecting auditors
- Conducting internal audits, including audit methods
- Recording the audit results
- Communicating the results to relevant management
- Retaining records
- Collecting and analyzing trend data on audit results
Make sure the program clearly identifies the roles and responsibilities of the personnel involved. Structuring the audit process around what needs to be done, when it needs to be done, who needs to do it, and what records will be retained helps to communicate clearly the expectations for the internal audit program.
When deciding how the audit results will be recorded, be aware that trend data on audit results are a required input for management review. This may influence what fields would be included on a form used for recording the audit findings. For example, compilation of trend data would be facilitated if recorded findings indicated the relevant 50001 Ready Navigator task number and the department or area where the finding was located. That information could be used to look at trends in findings across the various parts of the 50001 Ready Navigator guidance and trends in findings across the various departments or functional areas.
The frequency of internal audits must be defined; they are not surprise activities. The audit program manager (or other responsible personnel) prepares an energy management system (EnMS) internal audit schedule that:
- addresses auditing both energy performance and the management system.
- considers the importance of the processes concerned.
- considers the results of previous audits.
In considering the importance of the processes concerned, attention typically is given to the areas and processes associated with the following:
- Significant energy uses (SEUs)
- Energy targets
- Action plans
- Operational and maintenance controls
- Activities related to sustaining energy improvements over time
The internal audit schedule usually covers an annual period, but may be for shorter or longer periods. You may decide to conduct one internal audit per year that covers the entire EnMS. Or, you may decide to conduct a series of shorter audits that together cover all of the EnMS requirements within a defined period. Some organizations decide to conduct internal audits of energy performance separately from internal audits of the management system.
Other reasons for modifying the audit schedule include:
- New management initiatives
- Organizational changes
- Customer issues or needs
- Process changes
- Energy performance indicators (EnPIs) not being met
- New or revised energy objectives or targets
The internal audit schedule may be in any format that meets your organization’s needs. Often, the schedule identifies the processes, functions, and areas to be audited and the planned dates. Some audit schedules only indicate which EnMS processes and performance will be audited and when. In either case, ensure that:
- the importance of the processes is considered.
- all EnMS processes (or optionally ISO 50001 requirements) are audited in all applicable functions or areas within a defined period of time.
An internal audit plan or agenda is prepared for each internal audit. Typically, this plan is prepared by the internal audit program manager, a lead auditor, or audit team leader. It often includes the following basic information:
- Date(s) of the audit
- Objectives of the audit
- Scope of the audit
- Requirements (criteria) to be audited
- Processes and area(s) to be audited
- Auditor(s) responsible for auditing each process and area
Examples of common audit objectives are to evaluate the following:
- Conformity with the guidance of the 50001 Ready Navigator and additional requirements of the EnMS by the organization
- Conformity with the energy policy and the established objectives and energy targets
- Implementation and effectiveness of the EnMS
- Energy performance improvement
Examples of processes to be audited include, but are not limited to, those associated with the following:
- Leadership and commitment
- Context of the organization
- Energy review
- Significant energy uses
- Actions to address risks and opportunities
- Energy targets and action plans
- Communication and awareness
- Operational and maintenance controls
- Documented information
- Design and procurement
- Monitoring, measurement, analysis, and evaluation
- Internal audits
- Evaluation of compliance with legal and other requirements
- Corrective action
Internal audits are conducted by personnel who have been trained in internal auditing of management systems. It is recommended that the internal audit training be focused specifically on the guidance of the 50001 Ready Navigator (or ISO 50001) due to the need to demonstrate energy performance improvement. The pool of internal auditors should have cross-functional representation. The audits can be conducted by a single auditor or by one or more teams. In either case, the person(s) conducting the internal audit needs to be objective and impartial, and does not audit his or her own work. Internal auditors are usually trained by experienced internal management system auditors or by an external training course provider.
Auditor training typically consists of the following:
- Guidance of the 50001 Ready Navigator or requirements of ISO 50001
- Objectives of the audit
- How to develop and use a checklist
- How to collect and assess objective evidence
- How to document both positive and negative findings
- How to report the audit results
Internal audits identify both areas of success and areas in need of improvement. In conducting the audit, the internal auditors focus on determining if your organization is:
- Doing what it says it will do
- Conforming with its energy policy, objectives, and energy targets
- Continually improving its EnMS
- Achieving improvement in energy performance
Both the selection of auditors and the method for conducting the audits need to demonstrate that the process is objective and impartial. Each auditor is expected to carry out his or her assigned responsibilities as set out in the audit plan.
When conducting an internal audit, auditors collect objective evidence by:
- interviewing personnel.
- observing activities.
- reviewing documents.
- examining records and data.
Audit checklists are often used to help organize and document the evidence and the audit findings. It is important that the details of the evidence and findings are captured (e.g., department, activity, shift, position title, what was said, what was observed, what documented information was reviewed, what requirement was not met, the relevant section of the 50001 Ready Navigator guidance). Nonconformities need to be reproducible for purposes of corrective action and positive findings need to be reproducible for potential application in other areas.
Some organizations record internal audit findings on an audit finding form. Other organizations record negative findings directly onto a corrective action request form and list the positive findings within an audit report or other summary of the audit results.
The reporting of internal audit results to relevant management should be timely. This can be done in a closing meeting conducted by the lead auditor at the conclusion of the audit with attendance by the management whose operations were audited. Another approach is simply to distribute an audit report and/or corrective action request to each relevant manager. Corrective action on negative findings should be taken in a timely manner.
Trends in internal audit results, but not necessarily the detailed audit findings themselves, are reported into management review as part of the information on the performance of the EnMS. At the end of each audit, it is recommended that the lead auditor or the internal audit program manager collate or map the results by ISO 50001 requirements and by the areas/departments audited. The audit results matrix located in the optional Playbook worksheet can be used for this purpose. It enables trends in the results such as which requirements are presenting the greatest challenges and where (based on the number and location of nonconformities) to be identified. An audit results matrix for each internal audit can be combined to provide a single comprehensive view of the trends in overall conformity to EnMS requirements.
In addition to retaining documented information (in this case, records) on the results of audits, you should retain documented information that demonstrates the implementation of the audit program. Typically, the documented information that is retained includes:
- Audit schedule(s)
- Audit plan(s) or agenda(s)
- Auditor training records
- Audit nonconformity reports
- Positive findings
- Completed corrective action records
- Evidence that audit results have been reported to relevant management
- Trend data on audit results
|50001 Ready Playbook Task 22||Internal Audit||PB.22.01.01|