You should document your internal audit program, including the following:

• Purpose of the audit program
• Auditor training requirements
• Planning and scheduling audits
• Criteria and scope for each audit
• Process of selecting auditors
• Conducting internal audits, including audit methods
• Recording the audit results
• Communicating the results to relevant management
• Retaining records
• Collecting and analyzing trend data on audit results

Make sure the program clearly identifies the roles and responsibilities of the personnel involved. Structuring the audit process around what needs to be done, when it needs to be done, who needs to do it, and what records will be retained helps to communicate clearly the expectations for the internal audit program.

When deciding how the audit results will be recorded, be aware that trend data on audit results are a required input for management review. This may influence what fields would be included on a form used for recording the audit findings. For example, compilation of trend data would be facilitated if recorded findings indicated the relevant 50001 Ready Navigator task number and the department or area where the finding was located. That information could be used to look at trends in findings across the various parts of the 50001 Ready Navigator guidance and trends in findings across the various departments or functional areas.

The frequency of internal audits must be defined; they are not surprise activities. The audit program manager (or other responsible personnel) prepares an energy management system (EnMS) internal audit schedule that:

• addresses auditing both energy performance and the management system.
• considers the importance of the processes concerned.
• considers the results of previous audits.

In considering the importance of the processes concerned, attention typically is given to the areas and processes associated with the following:

• Significant energy uses (SEUs)
• Objectives
• Energy targets
• Action plans
• Operational and maintenance controls
• Activities related to sustaining energy improvements over time

The internal audit schedule usually covers an annual period, but may be for shorter or longer periods. You may decide to conduct one internal audit per year that covers the entire EnMS. Or, you may decide to conduct a series of shorter audits that together cover all of the EnMS requirements within a defined period. Some organizations decide to conduct internal audits of energy performance separately from internal audits of the management system.

Other reasons for modifying the audit schedule include:

• New management initiatives
• Organizational changes
• Customer issues or needs
• Process changes
• Energy performance indicators (EnPIs) not being met
• New or revised energy objectives or targets

The internal audit schedule may be in any format that meets your organization’s needs. Often, the schedule identifies the processes, functions, and areas to be audited and the planned dates. Some audit schedules only indicate which EnMS processes and performance will be audited and when. In either case, ensure that:

• the importance of the processes is considered.
• all EnMS processes (or optionally ISO 50001 requirements) are audited in all applicable functions or areas within a defined period of time.

An internal audit plan or agenda is prepared for each internal audit. Typically, this plan is prepared by the internal audit program manager, a lead auditor, or audit team leader. It often includes the following basic information:

• Date(s) of the audit
• Objectives of the audit
• Scope of the audit
• Requirements (criteria) to be audited
• Processes and area(s) to be audited
• Auditor(s) responsible for auditing each process and area
• Timing

Internal audits are conducted by personnel who have been trained in internal auditing of management systems. It is recommended that the internal audit training be focused specifically on the guidance of the 50001 Ready Navigator (or ISO 50001) due to the need to demonstrate energy performance improvement. The pool of internal auditors should have cross-functional representation. The audits can be conducted by a single auditor or by one or more teams. In either case, the person(s) conducting the internal audit needs to be objective and impartial, and does not audit his or her own work. Internal auditors are usually trained by experienced internal management system auditors or by an external training course provider.

Auditor training typically consists of the following:

• Guidance of the 50001 Ready Navigator or requirements of ISO 50001
• Objectives of the audit
• How to develop and use a checklist
• How to collect and assess objective evidence
• How to document both positive and negative findings
• How to report the audit results

Internal audits identify both areas of success and areas in need of improvement. In conducting the audit, the internal auditors focus on determining if your organization is:

• Doing what it says it will do
• Conforming with its energy policy, objectives, and energy targets
• Continually improving its EnMS
• Achieving improvement in energy performance

Both the selection of auditors and the method for conducting the audits need to demonstrate that the process is objective and impartial. Each auditor is expected to carry out his or her assigned responsibilities as set out in the audit plan.

When conducting an internal audit, auditors collect objective evidence by:

• interviewing personnel.
• observing activities.
• reviewing documents.
• examining records and data.

Audit checklists are often used to help organize and document the evidence and the audit findings. It is important that the details of the evidence and findings are captured (e.g., department, activity, shift, position title, what was said, what was observed, what documented information was reviewed, what requirement was not met, the relevant section of the 50001 Ready Navigator guidance). Nonconformities need to be reproducible for purposes of corrective action and positive findings need to be reproducible for potential application in other areas.

Some organizations record internal audit findings on an audit finding form. Other organizations record negative findings directly onto a corrective action request form and list the positive findings within an audit report or other summary of the audit results.

The reporting of internal audit results to relevant management should be timely. This can be done in a closing meeting conducted by the lead auditor at the conclusion of the audit with attendance by the management whose operations were audited. Another approach is simply to distribute an audit report and/or corrective action request to each relevant manager. Corrective action on negative findings should be taken in a timely manner.

Trends in internal audit results, but not necessarily the detailed audit findings themselves, are reported into management review as part of the information on the performance of the EnMS. At the end of each audit, it is recommended that the lead auditor or the internal audit program manager collate or map the results by ISO 50001 requirements and by the areas/departments audited. The audit results matrix located in the optional Playbook worksheet can be used for this purpose. It enables trends in the results such as which requirements are presenting the greatest challenges and where (based on the number and location of nonconformities) to be identified. An audit results matrix for each internal audit can be combined to provide a single comprehensive view of the trends in overall conformity to EnMS requirements.

In addition to retaining documented information (in this case, records) on the results of audits, you should retain documented information that demonstrates the implementation of the audit program. Typically, the documented information that is retained includes:

• Audit schedule(s)
• Audit plan(s) or agenda(s)
• Auditor training records
• Audit nonconformity reports
• Positive findings
• Completed corrective action records
• Evidence that audit results have been reported to relevant management
• Trend data on audit results

If you have an existing 50001 Ready-based EnMS and want to adapt it to manage energy-related GHG emissions, you should:

1. Review your internal audit procedure to ensure GHG emissions are considered in all relevant areas, including the following:
   • Purpose of the audit program
   • Auditor training requirements
   • Planning and scheduling audits
   • Criteria and scope for each audit
   • Process of selecting auditors
   • Conducting internal audits, including audit methods
   • Recording the audit results
   • Communicating the results to relevant management
   • Retaining records
   • Collecting and analyzing trend data on audit results

There are very few differences between the structure and management of internal audit programs for ISO 50001:2018 and those required for ISO 9001:2015 and ISO 14001:2015. The ISO 9001 and ISO 14001 standards actually have a few more specific program requirements (e.g., taking into consideration changes affecting the organization) than those included in ISO 50001. Even if an organization chooses not to conduct integrated management system audits, the ISO 9001, ISO 14001, and ISO 50001 systems can share common procedures for internal audit planning, conducting, and reporting. Or, alternatively, if the systems are to be maintained separately, the structure and requirements of those existing ISO 9001 or ISO 14001 internal audit processes, procedures, methods, and responsibilities can be easily copied and adapted for an ISO 50001 EnMS.

The key difference in internal audit requirements between ISO 50001 and the ISO 9001 and ISO 14001 standards is related to the intent of an internal audit. In addition to ensuring conformance and effective implementation and maintenance of the management system, ISO 50001 internal audits are conducted to provide information on whether energy performance improvement can be demonstrated. One practical implication of this ISO 50001 requirement relates to the training and competency of the internal auditors. The pool of internal auditors for ISO 50001 must include personnel who are comfortable with, and preferably experienced with, evaluation of data and data analyses. These skills may already be included among the members of the existing internal auditor pool; for example, where internal auditors for ISO 9001 are experienced with evaluating quality data. In ISO 14001 systems, environmental performance must also be evaluated; however, this could be implemented only through the processes for monitoring, measurement, analysis, and evaluation, not through the internal audit process itself. Some adjustments to the skills of the internal auditors may be needed to effectively audit energy performance in an ISO 50001 system. Existing internal auditors for quality and environmental management systems would need training in the requirements of ISO 50001 and the energy topics addressed in that standard in order to conduct internal audits of the EnMS effectively.

Like ISO 9001:2015 and ISO 14001:2015, the updated version of ISO 50001 now requires reporting of internal audit results to “relevant management.” The change from “top management” in ISO 50001:2011 to “relevant management” in ISO 50001:2018 further aligns the internal audit requirements across these three standards.

This guidance is relevant to steps 5.1, 5.2, 5.5, 6.1, and 6.2 of the ENERGY STAR^® Guidelines for Energy Management. You can leverage and modify elements of these ENERGY STAR guidelines in developing an EnMS internal audit program, however additional work will be needed to meet ISO 50001 requirements for conducting EnMS internal audits based on documented internal audit procedures, schedules, and plans. The ENERGY STAR guidelines recommend creating a communications plan and raising awareness across the site. ISO 50001 specifically requires retaining records to demonstrate the implementation of the internal audit program, as well as records of the audit results. Audit results are communicated to the relevant management.