ISO 14001 Documents Required for Your Environmental Management System
ISO 14001:2015 is the international standard for environmental management systems. Like ISO 9001 and ISO 27001 it follows the Annex SL high-level structure, so the documented information falls under clauses 4 to 10. The standard deliberately reduced the number of mandatory documents from the 2004 version, but the ones it keeps are the backbone of a certifiable system.
ISO 14001 distinguishes between documents you must maintain, meaning standing information such as your policy and scope, and records you must retain, meaning evidence that the system is working, such as audit results and monitoring data. An auditor will ask for both.
This guide lists the documented information ISO 14001 requires clause by clause, so you can see exactly what an external auditor will expect to find before recommending certification.
Documents You Must Maintain
Scope of the Environmental Management System (Clause 4.3)
A documented statement of the boundaries and applicability of your EMS: the sites, activities, products and services it covers. This frames everything else, so auditors check it first.
Environmental Policy (Clause 5.2)
A documented environmental policy signed by top management, committing to protection of the environment, fulfilment of compliance obligations and continual improvement. It must be appropriate to the nature and scale of your environmental impacts.
Environmental Aspects and Impacts (Clause 6.1.2)
Documented information on the environmental aspects of your activities, products and services, those you can control or influence, and the criteria you use to judge which are significant. This is the analytical heart of the standard.
Compliance Obligations (Clause 6.1.3)
A documented record of the legal and other requirements that apply to your environmental aspects, such as waste, emissions and discharge duties, and how they apply to your organisation.
Environmental Objectives and Plans (Clause 6.2)
Documented environmental objectives and the plans to achieve them: what will be done, the resources, who is responsible, the timescale and how results will be evaluated.
Operational Control and Emergency Preparedness (Clauses 8.1 and 8.2)
Documented information to the extent needed to show operational processes are carried out as planned, together with documented procedures for the emergency situations you have identified, such as spills or fire.
Records You Must Retain
| Record | Clause |
|---|---|
| Evidence of competence (training, qualifications, experience) | 7.2 |
| Evidence of communications, internal and external | 7.4 |
| Monitoring, measurement, analysis and evaluation results | 9.1.1 |
| Evaluation of compliance results | 9.1.2 |
| Internal audit programme and audit results | 9.2 |
| Management review results | 9.3 |
| Nonconformities and corrective actions taken | 10.2 |
The standard does not demand a documented procedure for every clause. Where it once required six procedures, the 2015 version asks you to retain evidence that the activity happens and is effective, leaving the format to you.
What Auditors Look For
Certification auditors test whether the documents describe a system that genuinely runs, not a folder written for the audit. The aspects and impacts register should connect to real objectives, the compliance register should be current, and the internal audit and management review records should show the cycle has actually turned at least once.
Common Gaps
- An aspects and impacts register that lists generic impacts rather than those specific to the business.
- A compliance obligations register that is out of date or missing sector-specific permits.
- Environmental objectives with no measurement or no named owner.
- No documented emergency preparedness for identified risks such as spills.
- Internal audits or a management review that have not yet taken place before applying.
How Policy Pros Can Help
We write the documented information ISO 14001 auditors expect to find. Our environmental policies service produces the environmental policy, aspects and impacts register and operational controls at the centre of the standard, written for your sites and activities.
For organisations reporting to clients and investors, our ESG documents service aligns your environmental management system with wider sustainability and governance reporting.
If you are certifying to more than one standard, our ISO 9001 documented information guide and ISO 27001 mandatory documents guide set out the same clause-by-clause treatment, and our ISO policy writing service covers the integrated management system as a whole.
Frequently Asked Questions
What documents are mandatory for ISO 14001:2015?
The documents you must maintain are the EMS scope (clause 4.3), the environmental policy (5.2), the environmental aspects and impacts (6.1.2), compliance obligations (6.1.3), environmental objectives and plans (6.2), and operational control and emergency preparedness information (8.1 and 8.2). You must also retain records of competence, communications, monitoring results, compliance evaluation, internal audits, management reviews and corrective actions.
Does ISO 14001 still require six documented procedures?
No. The 2004 version required specific documented procedures, but ISO 14001:2015 reduced these. It now asks you to maintain certain documents and retain certain records as evidence the system works, and largely leaves the format to you, so a single procedure can cover several activities if that suits your organisation.
What is the difference between an environmental aspect and an impact?
An aspect is an element of your activities, products or services that can interact with the environment, such as energy use or waste. An impact is the resulting change to the environment, such as resource depletion or pollution. ISO 14001 requires a documented register of your aspects and the criteria you use to decide which are significant.
Can I integrate ISO 14001 with ISO 9001 and ISO 27001?
Yes. All three share the Annex SL high-level structure, so clauses 4 to 10 line up across the standards. Many organisations run a single integrated management system with combined scope, policy, internal audit and management review documents, which reduces duplication and audit time.
