The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when introducing a new chemical substance into manufacturing processes. ISO 45001:2018 Clause 8.1.3, “Management of change,” mandates that an organization shall establish a process to implement and control planned changes that affect the OH&S performance of the organization. This includes assessing the impact of new substances on worker safety, environmental considerations (ISO 14001:2015 Clause 8.1, “Operational planning and control”), and overall quality processes (ISO 9001:2015 Clause 6.1.2, “Hazard identification and risk assessment,” and Clause 8.5.1, “Control of production and service provision”).

An IMS Lead Auditor must verify that the organization has a systematic approach to identifying potential hazards and environmental aspects associated with the new chemical, evaluating their risks, and implementing appropriate control measures *before* the change is implemented. This involves reviewing documented procedures for change management, risk assessments, environmental impact assessments, and worker training. The auditor would look for evidence that the organization has considered the entire lifecycle of the chemical, from procurement to disposal, and its potential impact on all relevant aspects of the IMS.

The correct approach is to focus on the proactive identification and control of risks and impacts *prior* to the introduction of the new chemical. This aligns with the preventive nature of the standards. Evaluating the effectiveness of controls after an incident has occurred, or solely relying on post-implementation reviews without pre-change assessment, would indicate a deficiency in the IMS. Similarly, focusing only on one standard in isolation (e.g., just quality) would miss the integrated nature of the IMS. The question tests the auditor’s ability to assess the robustness of the change management process across all three standards.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system’s (IMS) response to identified risks and opportunities across ISO 9001, ISO 14001, and ISO 45001. The scenario presents a situation where a company has documented risk assessments for quality (ISO 9001), environmental aspects (ISO 14001), and occupational health and safety hazards (ISO 45001). However, the auditor observes that the planned actions derived from these assessments are not consistently implemented or monitored for effectiveness. Specifically, the quality risk mitigation plan for a supplier issue lacks follow-up, the environmental aspect control for waste segregation shows poor adherence, and the safety procedure for chemical handling has not been reviewed for efficacy after a near-miss incident.

The lead auditor’s primary responsibility is to determine if the IMS is achieving its intended outcomes and if the organization is fulfilling its commitments. This requires evaluating the *effectiveness* of the implemented controls, not just their existence. The observed disconnect between documented plans and actual practice indicates a failure in the execution and monitoring phases of the risk management process within the IMS. Therefore, the most appropriate audit conclusion is that the IMS is not effectively addressing identified risks and opportunities, leading to potential nonconformities across all three standards. This conclusion directly reflects the requirement for an effective IMS to manage risks and opportunities that can affect conformity of products and services, environmental performance, and occupational health and safety performance. The auditor must report this systemic weakness.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when a new chemical substance is introduced into a manufacturing process. ISO 9001:2015 clause 6.3 (Actions to be taken when changes are planned) and ISO 14001:2015 clause 8.1 (Operational planning and control) are highly relevant here, as is ISO 45001:2018 clause 8.1.3 (Management of change).

When a new chemical is introduced, the organization must have a documented process for managing this change. This process should encompass identifying potential hazards associated with the new chemical (ISO 45001:2018 clause 6.1.2), assessing its environmental impact (ISO 14001:2015 clause 6.1.2), and ensuring the product or service continues to meet customer requirements (ISO 9001:2015 clause 8.5.6).

An IMS Lead Auditor’s responsibility is to verify that these controls are not only in place but are also effective. This involves examining evidence of risk assessment for the new chemical, including its handling, storage, use, and disposal. The auditor would look for evidence that the organization has considered potential impacts on product quality (e.g., contamination, altered performance), environmental aspects (e.g., emissions, waste generation), and occupational health and safety (e.g., exposure risks, emergency procedures).

The most comprehensive approach for the auditor to verify the effectiveness of the IMS in managing this change is to review the entire lifecycle of the change management process for the new chemical. This includes the initial decision to introduce the chemical, the risk assessments conducted, the implementation of control measures, the training provided to personnel, the monitoring of environmental and safety performance, and the review of customer feedback or product quality data related to the change. Simply checking a single document or a specific procedure is insufficient. The auditor needs to see the integrated application of the management system principles across all relevant aspects of the organization. Therefore, examining the documented change management process, associated risk assessments, and evidence of implementation and monitoring provides the most robust assurance of IMS effectiveness.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system’s (IMS) risk-based thinking and its integration across different standards. Specifically, it tests the auditor’s ability to identify non-conformities related to the *application* of risk-based thinking, not just its mere existence. ISO 9001:2015 Clause 6.1.1 requires organizations to determine risks and opportunities related to their context and objectives, and to plan actions to address them. ISO 14001:2015 Clause 6.1.1 has a similar requirement for environmental aspects and other issues. ISO 45001:2018 Clause 6.1.1 requires identifying hazards, risks, and opportunities related to occupational health and safety.

An IMS Lead Auditor must assess how these requirements are *integrated*. This means looking for evidence that risks and opportunities identified for one standard are considered in the context of the others, and that the processes for managing them are not siloed. The scenario describes a situation where the environmental risk assessment for chemical spills (ISO 14001) is conducted separately from the OHS risk assessment for handling those chemicals (ISO 45001), and neither explicitly considers the impact on product quality (ISO 9001) or the organization’s strategic objectives. This demonstrates a lack of integration and a failure to consider the *interconnectedness* of risks across the IMS. The auditor’s finding should reflect this systemic issue.

Therefore, the most appropriate non-conformity statement would highlight the lack of integrated risk assessment and the failure to consider the interdependencies between the management systems, leading to potential gaps in managing risks that span across quality, environmental, and OHS aspects. This goes beyond simply stating that risk assessments were done; it focuses on the *effectiveness and integration* of the process as required by an IMS.

The scenario describes a situation where an organization has identified a significant environmental aspect (emissions from a new manufacturing process) and a potential occupational health hazard (exposure to a novel chemical). The integrated management system (IMS) requires a systematic approach to managing these risks. ISO 14001 mandates the identification and evaluation of environmental aspects and impacts, and ISO 45001 requires the identification of hazards and assessment of OH&S risks. For an IMS, the most effective approach is to integrate these processes. This involves a single, comprehensive risk assessment that considers both environmental and OH&S dimensions. The identified emissions are an environmental aspect with a potential impact (air pollution). The novel chemical exposure is an OH&S hazard with a risk (adverse health effects). A robust IMS would ensure that the controls implemented address both aspects simultaneously, rather than treating them as separate issues. This integrated risk assessment and control strategy aligns with the principles of Clause 6.1.2 of ISO 14001 (Actions to address risks and opportunities) and Clause 6.1.2 of ISO 45001 (Hazard identification and risk assessment of OH&S risks). The key is to avoid siloed thinking and to leverage the IMS for synergistic risk management. Therefore, the most appropriate action for the lead auditor to verify is the integration of these identified risks into a single, comprehensive risk assessment and subsequent control plan that addresses both environmental and OH&S concerns holistically. This demonstrates the maturity of the IMS in managing interconnected risks.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when introducing a new chemical substance in a manufacturing process. ISO 9001:2015 Clause 6.3 (Actions to be taken when changes are planned) and ISO 14001:2015 Clause 8.1 (Operational planning and control) and ISO 45001:2018 Clause 8.1.3 (Management of change) are relevant here. The auditor must assess if the organization has a systematic process to identify, evaluate, and control the risks and opportunities associated with the change before its implementation. This includes considering potential impacts on product quality (ISO 9001), environmental aspects and impacts (ISO 14001), and occupational health and safety hazards and risks (ISO 45001).

A robust management of change process would involve:
1. **Identification of the change:** Introducing a new chemical substance.
2. **Risk and opportunity assessment:** Evaluating potential impacts on quality, environment, and safety. This includes reviewing the Safety Data Sheet (SDS) for the new chemical, its handling procedures, storage requirements, potential emissions, waste disposal, and worker exposure.
3. **Planning and control:** Developing new or revised procedures, work instructions, training materials, and emergency response plans. This also involves ensuring necessary controls (e.g., ventilation, personal protective equipment) are in place.
4. **Communication:** Informing relevant stakeholders, including employees who will handle the substance.
5. **Verification and review:** Confirming that the implemented controls are effective and that the change has been managed as planned.

The auditor’s objective is to find evidence that the organization has proactively addressed all potential consequences of the change across all integrated management systems. This means looking beyond just the immediate operational change and considering the broader implications for the organization’s objectives and compliance obligations. The most effective approach for the auditor is to examine the documented process for managing change and then seek objective evidence that this process was followed for the introduction of the new chemical. This evidence would include risk assessments, updated procedures, training records, and records of hazard control implementation. The question tests the auditor’s ability to connect the specific change scenario to the overarching requirements for managing change within an IMS.

The core of this question lies in understanding how an integrated management system (IMS) addresses the distinct yet interconnected requirements of ISO 9001 (Quality), ISO 14001 (Environmental), and ISO 45001 (Occupational Health and Safety). When an organization integrates these standards, it aims to create a unified framework for managing its processes and risks. The question probes the auditor’s ability to discern the most effective approach for verifying the integration’s success, particularly concerning the identification and management of significant aspects and hazards.

ISO 9001 focuses on customer satisfaction and the ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements. ISO 14001 mandates the identification of environmental aspects and impacts, and the management of significant environmental aspects. ISO 45001 requires the identification of hazards and assessment of OH&S risks, and the management of significant OH&S risks. An integrated system seeks to avoid duplication and leverage commonalities.

A competent IMS lead auditor would look for evidence that the organization has a systematic process for identifying and evaluating environmental aspects and OH&S hazards concurrently, rather than treating them as separate exercises. This integrated approach should consider the interdependencies and potential cumulative effects. For instance, a process that generates waste (an environmental aspect) might also pose a risk of exposure to hazardous substances for workers (an OH&S hazard). The integrated system should capture both.

The most effective verification method would involve examining the organization’s documented procedures for aspect/hazard identification and risk assessment, and then auditing the actual implementation of these procedures in the field. This includes interviewing personnel involved in these processes, reviewing records of identified aspects/hazards and their associated risks, and observing how these are managed and controlled. The auditor needs to confirm that the integration is not merely a superficial alignment of documents but a functional, cohesive system that effectively addresses all relevant requirements across the three standards. This involves looking for a single, comprehensive register or methodology that captures both environmental and OH&S concerns, and demonstrates how controls are applied to mitigate both types of risks.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when a new hazardous substance is introduced into a manufacturing process. ISO 45001:2018 clause 8.1.3, “Management of change,” mandates that an organization shall establish a process to implement and control planned changes that affect the OH&S performance. This includes assessing the impact of introducing new materials or substances. ISO 14001:2015 clause 8.1, “Operational planning and control,” also requires controlling planned changes that affect environmental aspects. ISO 9001:2015 clause 6.3, “Changes to the quality management system,” addresses changes to the QMS.

An IMS Lead Auditor must verify that the organization has a robust process for identifying, assessing, and controlling the risks associated with such changes. This involves reviewing documented procedures for change management, evidence of risk assessments (including hazard identification and evaluation of OH&S and environmental risks), implementation of control measures, and communication to relevant personnel. The auditor would look for evidence that the introduction of the new substance was subject to a formal change control process, which included a thorough risk assessment covering potential impacts on worker safety (e.g., exposure limits, personal protective equipment requirements, emergency procedures) and the environment (e.g., waste disposal, emissions, spill containment). Furthermore, the auditor would seek confirmation that necessary training was provided and that the updated procedures were communicated effectively. The absence of a documented risk assessment for the new substance, or evidence that controls were not implemented prior to its use, would indicate a nonconformity. Therefore, the most critical aspect for the auditor to verify is the systematic identification and control of OH&S and environmental risks arising from the introduction of the new substance, ensuring compliance with the relevant clauses of all three standards.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically as it relates to the interaction between ISO 9001, ISO 14001, and ISO 45001. When an organization implements a change that could impact its quality, environmental, or occupational health and safety performance, the IMS must have robust processes to manage this.

The auditor’s objective is to confirm that the organization’s established procedures for managing change are not only documented but also effectively implemented and that the integration across the three standards is seamless. This involves checking if the change management process considers potential impacts on product conformity (ISO 9001), environmental aspects and impacts (ISO 14001), and hazards and risks to workers (ISO 45001).

A key aspect of an IMS audit is to look for evidence of integrated risk assessment and the application of controls that address risks across all relevant management system disciplines. For instance, a change in a manufacturing process might introduce new chemical substances (environmental impact), alter product specifications (quality impact), and create new ergonomic risks for operators (OH&S impact). The IMS should demonstrate a unified approach to identifying, assessing, and mitigating these interconnected risks.

Therefore, the most effective audit approach would be to examine the documented change management procedure and then trace specific instances of implemented changes. This tracing would involve reviewing records to see how the change was initiated, how its potential impacts on quality, environment, and safety were evaluated, what controls were put in place, how training was conducted, and how the effectiveness of the change was verified against all relevant system requirements. This holistic review ensures that the integration is functional and not merely a theoretical construct. The absence of evidence for integrated impact assessment or the reliance on separate, uncoordinated processes for each standard would indicate a deficiency in the IMS’s integration and effectiveness.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system’s (IMS) response to identified risks and opportunities across ISO 9001, ISO 14001, and ISO 45001. The scenario describes a situation where an organization has identified a potential environmental impact (spillage) and a safety hazard (slippery surface) stemming from the same operational activity. The IMS has implemented controls for both.

To assess the effectiveness of the IMS, the lead auditor must verify that the actions taken address the *integrated* nature of the risks and opportunities. This means looking beyond isolated controls for each standard. The auditor needs to confirm that the organization has considered the interdependencies and potential cumulative effects.

The correct approach involves examining how the organization’s documented processes and actual practices demonstrate a holistic risk management strategy. This includes:
1. **Identification and Assessment:** Confirming that the spillage risk (environmental) and the slippery surface hazard (safety) were both identified and assessed, considering their potential consequences.
2. **Integration of Controls:** Verifying that the controls implemented are not siloed. For instance, the spill containment measures should also contribute to preventing the surface from becoming slippery. Similarly, safety procedures for handling materials should also consider environmental containment.
3. **Effectiveness of Controls:** Auditing the actual implementation and effectiveness of these integrated controls. This involves observing the process, interviewing personnel, and reviewing records to ensure the controls are functioning as intended and mitigating both the environmental and safety risks.
4. **Monitoring and Review:** Checking if the organization monitors the effectiveness of these integrated controls and reviews them for continual improvement, considering feedback on both environmental performance and occupational health and safety.

Therefore, the most appropriate action for the lead auditor is to verify that the implemented controls are designed and executed to manage the combined environmental and safety risks arising from the operational activity, ensuring that the IMS effectively addresses the interdependencies. This demonstrates a mature integration of the management systems.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an Integrated Management System (IMS) in addressing identified risks and opportunities across multiple standards. ISO 9001:2015 Clause 6.1, “Actions to address risks and opportunities,” mandates that an organization shall plan actions to address these risks and opportunities. For an IMS, this means ensuring that the planning for risk and opportunity management is integrated and considers the specific requirements of ISO 9001 (quality), ISO 14001 (environment), and ISO 45001 (occupational health and safety).

An IMS Lead Auditor’s responsibility is to confirm that the organization has not only identified these risks and opportunities but has also implemented effective controls and actions to manage them, and that these actions are integrated into the overall business processes. This includes verifying that the documented information related to risk and opportunity management is consistent across all three standards and that the effectiveness of these actions is monitored and reviewed.

The scenario describes a situation where the organization has documented procedures for each standard separately. The auditor’s task is to determine if these separate processes are truly integrated and if the overall risk and opportunity management framework is cohesive. The most effective way to audit this is to examine how the organization *demonstrates* the integration and effectiveness of its risk and opportunity management actions. This involves looking for evidence of a consolidated approach, where risks and opportunities that have cross-functional impacts (e.g., a quality issue that also has environmental or safety implications) are managed holistically.

Therefore, the auditor should seek evidence of integrated risk registers, combined action plans, and documented evidence that the effectiveness of these integrated actions is reviewed. This approach ensures that the IMS is not merely a collection of separate systems but a unified framework that proactively manages potential impacts on quality, environment, and safety. The other options represent either a partial view (focusing on one standard) or a less effective method of verification (relying solely on documented procedures without evidence of implementation and effectiveness). The correct approach focuses on the *demonstrated integration and effectiveness* of the risk and opportunity management process across the entire IMS.

The core of the question lies in understanding how an integrated management system (IMS) auditor verifies the effectiveness of a company’s approach to managing risks and opportunities across its quality, environmental, and occupational health and safety systems, as mandated by ISO 9001, ISO 14001, and ISO 45001 respectively. The auditor’s objective is to determine if the organization has a systematic process for identifying, analyzing, evaluating, and treating these factors, and crucially, if these processes are integrated and contribute to the overall achievement of the organization’s objectives and the enhancement of its IMS.

When assessing the integration of risk and opportunity management, an auditor would look for evidence that the identification and assessment processes are not siloed. For instance, a quality risk related to product non-conformance might also have environmental implications (e.g., waste generation) or safety implications (e.g., operator exposure to hazardous materials). A truly integrated approach would capture these interdependencies. The auditor would examine documented procedures, records of risk assessments, action plans, and evidence of review and monitoring. They would also conduct interviews with personnel at various levels to gauge their understanding and involvement in the risk management process. The effectiveness is measured by the extent to which identified risks are mitigated, opportunities are leveraged, and the IMS itself is improved as a result. This includes ensuring that the outputs of the risk and opportunity process are used to inform strategic planning, resource allocation, and the establishment of objectives. The absence of a documented, systematic, and integrated approach, or evidence that identified risks are not being adequately addressed, would indicate a nonconformity. Therefore, the most comprehensive and effective approach for an auditor to verify this integration is to examine the documented processes and their practical application, looking for evidence of cross-functional consideration and demonstrable outcomes in improving the IMS performance.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system’s (IMS) response to identified risks and opportunities across ISO 9001, ISO 14001, and ISO 45001. The scenario presents a situation where a company has documented a risk mitigation strategy for a potential environmental spill (ISO 14001) and a workplace hazard (ISO 45001), but the audit reveals that the implemented controls are primarily focused on the environmental aspect, with minimal consideration for the occupational health and safety implications of the same underlying event.

An IMS Lead Auditor must assess whether the organization’s risk management process, as defined by the integrated system, adequately addresses all relevant aspects of the identified risk across all applicable standards. In this case, the risk of a chemical leak has both environmental consequences (spill containment, reporting) and OHS consequences (exposure to personnel, emergency response procedures for personnel safety). The audit finding indicates a gap in the integration of these responses. The organization has addressed the environmental part of the risk but not the OHS part with the same rigor or completeness.

The correct approach for the auditor is to identify this as a nonconformity against the integrated system’s requirements for risk management and the planning of actions to address risks and opportunities. Specifically, it demonstrates a failure to integrate the management of risks and opportunities across the different management system standards. The auditor would look for evidence that the organization’s risk assessment process considers all potential impacts and that the planned actions are comprehensive and address all relevant requirements of the integrated system. The finding should reflect the lack of integrated control measures for the OHS aspects of the chemical leak risk, even though environmental controls are in place. This points to a systemic issue in how the IMS handles cross-functional risks.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system’s (IMS) response to identified risks and opportunities across ISO 9001, ISO 14001, and ISO 45001. The scenario describes a situation where a company has implemented a new process for handling customer complaints (ISO 9001), identified a potential environmental impact from a new chemical storage area (ISO 14001), and established a procedure for reporting near misses related to manual handling (ISO 45001). The auditor’s task is to assess whether the IMS has effectively integrated these distinct elements into a cohesive risk management framework.

The correct approach involves evaluating the evidence of how the organization has identified, analyzed, and addressed the risks and opportunities associated with each of these specific situations, and crucially, how these actions are documented, monitored, and reviewed within the integrated system. This includes checking for documented evidence of risk assessments, the implementation of controls or corrective actions, communication of these actions, and their subsequent effectiveness. For instance, for the customer complaints, the auditor would look for evidence of root cause analysis and implemented improvements. For the chemical storage, evidence of environmental risk assessment, containment measures, and emergency preparedness would be sought. For near misses, evidence of investigation, corrective actions, and training would be examined. The integration aspect means looking for overarching policies, procedures, or management review outputs that demonstrate how these diverse risks are managed holistically, rather than as isolated incidents. The auditor must verify that the IMS provides a mechanism for learning from these events and applying those learnings across relevant aspects of the organization’s operations.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when introducing a new chemical substance into a manufacturing process. ISO 45001 Clause 8.1.3 (Management of change) mandates that an organization shall establish a process for the implementation and control of planned changes that impact the OH&S management system. This includes assessing the impact of new substances on existing controls, worker health and safety, and environmental aspects. ISO 14001 Clause 8.1 (Operational planning and control) requires controls for significant environmental aspects, and ISO 9001 Clause 8.5.6 (Control of changes) ensures that changes affecting product conformity are controlled. An IMS auditor must verify that the organization’s change management process adequately addresses all these integrated requirements.

When auditing the introduction of a new chemical, the auditor would look for evidence that the organization has:
1. **Identified the change:** The new chemical’s introduction was formally recognized.
2. **Assessed risks and opportunities:** This includes OH&S hazards (e.g., toxicity, flammability), environmental impacts (e.g., potential spills, emissions), and quality implications (e.g., effect on product performance).
3. **Reviewed legal and other requirements:** Compliance with regulations like REACH (Registration, Evaluation, Authorisation and Restriction of Chemicals) or local environmental and occupational health laws is crucial.
4. **Implemented controls:** This could involve updated safety data sheets (SDS), new personal protective equipment (PPE), revised operating procedures, emergency response plans, waste management protocols, and quality control checks.
5. **Communicated the change:** Workers involved in handling or being exposed to the new chemical must be informed and trained.
6. **Reviewed the effectiveness of controls:** Post-implementation monitoring and review are necessary.

The most comprehensive approach for the auditor is to examine the documented change management procedure and then seek evidence of its application for this specific new chemical. This involves reviewing risk assessments, training records, updated procedures, and any environmental permits or notifications related to the chemical. The auditor’s objective is to confirm that the *entire* integrated system has been considered and that the change has been managed effectively across all relevant aspects (quality, environment, and occupational health and safety). Therefore, verifying the documented change management procedure and its application to the new chemical, including all associated risk assessments and control measures, is the most appropriate audit activity.

The core of this question lies in understanding how an integrated management system (IMS) auditor verifies the effectiveness of risk-based thinking across multiple ISO standards. Specifically, it probes the auditor’s ability to identify evidence of proactive hazard identification and the implementation of controls that address both quality and safety aspects. The auditor must look for documented procedures, training records, and operational controls that demonstrate the organization’s commitment to preventing nonconformities (ISO 9001), environmental incidents (ISO 14001), and workplace accidents (ISO 45001). The most effective approach for an auditor to confirm this integration is to examine how the organization systematically identifies, assesses, and mitigates risks that could impact all three management systems. This involves reviewing the process for hazard identification and risk assessment, ensuring it encompasses potential quality deviations, environmental impacts, and occupational health and safety risks. The auditor would then seek evidence that the controls implemented are designed to address these integrated risks, rather than being siloed for each standard. For instance, a change in a manufacturing process might have implications for product quality, waste generation, and worker exposure to chemicals. An integrated approach would see a single risk assessment and control plan addressing all these facets. Therefore, the auditor’s focus should be on the *process* of risk management and the *evidence* of its integrated application, not just the existence of separate risk registers.

The core principle being tested here is the auditor’s role in verifying the effectiveness of an organization’s integrated management system (IMS) in addressing identified risks and opportunities across ISO 9001, ISO 14001, and ISO 45001. The scenario describes a situation where an organization has documented risk assessment processes for quality, environmental, and occupational health and safety aspects. However, the auditor’s observation of a recurring quality non-conformity, linked to an environmental emission incident and a near-miss safety event, suggests a breakdown in the integration and the effectiveness of the risk response.

The correct approach for the lead auditor is to investigate the root causes of these interconnected issues and assess whether the IMS’s risk management framework, as integrated, adequately controls these identified risks and opportunities. This involves examining the linkage between the risk assessment, the implementation of controls, and the monitoring of their effectiveness. A failure to prevent recurrence of quality issues, coupled with related environmental and safety incidents, points to potential deficiencies in the IMS’s ability to proactively manage and mitigate risks that span across the different management system standards.

Specifically, the auditor needs to determine if the organization’s integrated risk assessment process has:
1. **Identified** all relevant risks and opportunities that could affect the conformity of products/services, environmental performance, and worker safety.
2. **Assessed** the significance of these risks and opportunities, considering their potential impact on all three management systems.
3. **Planned and implemented** appropriate actions to address these risks and opportunities, ensuring these actions are integrated and effective.
4. **Monitored and reviewed** the effectiveness of these actions, including the performance of the IMS as a whole.

The scenario implies that the controls or the assessment process itself may be inadequate, leading to the observed failures. Therefore, the auditor’s focus should be on the effectiveness of the integrated risk management process in preventing such occurrences and ensuring continual improvement across all aspects of the IMS. This requires moving beyond simply verifying documented procedures to assessing the actual outcomes and the underlying systemic effectiveness. The auditor must probe the integration of risk management across the standards to ensure that interdependencies are understood and managed.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when introducing a new chemical substance into manufacturing processes under ISO 14001 and ISO 45001. The scenario describes a situation where a new solvent is being implemented.

To determine the correct auditor action, we must consider the requirements of both standards for managing change and hazard identification. ISO 14001 (Clause 8.1.3, Control of externally provided processes, products and services) and ISO 45001 (Clause 8.1.2, Eliminating hazards and reducing OH&S risks) are particularly relevant.

The auditor’s primary responsibility is to verify that the organization has a robust process for managing changes that could impact its environmental aspects or occupational health and safety risks. Introducing a new chemical substance necessitates a thorough risk assessment, including understanding its properties, potential environmental releases, and health hazards to workers.

The correct approach involves the auditor seeking evidence that the organization has:
1. **Identified the change:** The introduction of the new solvent.
2. **Assessed the risks and opportunities:** This includes environmental impacts (e.g., potential for spills, air emissions, waste generation) and occupational health and safety risks (e.g., inhalation hazards, skin contact, flammability).
3. **Implemented controls:** This would involve updated safety data sheets (SDS), new handling procedures, personal protective equipment (PPE) requirements, emergency response plans, and waste disposal protocols.
4. **Communicated the change:** Ensuring all relevant personnel are aware of the new procedures and hazards.
5. **Updated documentation:** Revising work instructions, risk assessments, and training materials.

Therefore, the auditor must verify that the organization has conducted a comprehensive risk assessment for the new solvent, including its environmental and OHS implications, and has implemented appropriate control measures and updated relevant documentation and training. This ensures the IMS effectively manages the risks associated with the change.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an Integrated Management System (IMS) in addressing identified risks and opportunities across ISO 9001, ISO 14001, and ISO 45001. The scenario presents a situation where a company has documented risk assessments for quality (ISO 9001), environmental aspects (ISO 14001), and occupational health and safety hazards (ISO 45001). However, the auditor observes that the actions taken to mitigate these risks and capitalize on opportunities are not consistently integrated or demonstrably linked across the different management system components. For instance, a quality improvement initiative might inadvertently increase environmental impact, or a safety procedure might overlook a potential quality deviation.

The correct approach for the lead auditor is to seek evidence of a holistic, integrated approach to risk and opportunity management. This means looking beyond siloed documentation and examining how the organization’s processes, procedures, and decision-making consider the interdependencies between quality, environmental, and safety aspects. The auditor needs to verify that the planning and implementation of actions are coordinated to prevent unintended consequences and to maximize synergistic benefits. This involves reviewing management review minutes, internal audit reports, and operational records to see if cross-functional impacts are considered. The auditor should also interview personnel from different departments to gauge their understanding of the integrated risk management process. The objective is to confirm that the IMS effectively manages risks and opportunities in a way that supports the organization’s overall strategic objectives and compliance obligations, rather than treating each standard in isolation.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an organization’s integrated management system (IMS) in addressing identified risks and opportunities across ISO 9001, ISO 14001, and ISO 45001. Specifically, it probes the auditor’s approach to assessing whether the organization has established, implemented, and maintained processes for identifying, analyzing, and responding to risks and opportunities that could affect the conformity of its products and services, its environmental performance, and its occupational health and safety.

When auditing an IMS, a lead auditor must look for evidence that the organization’s risk-based thinking is integrated across all three standards. This involves examining how potential nonconformities related to quality (e.g., product defects), environmental aspects (e.g., pollution incidents), and OH&S hazards (e.g., workplace accidents) are proactively identified and managed. The auditor needs to verify that the organization’s documented processes for risk assessment and treatment are not siloed but rather contribute to a holistic understanding of potential impacts. This includes reviewing the methodology for identifying risks and opportunities, the criteria used for evaluating their significance, and the documented actions taken to mitigate negative impacts and capitalize on positive ones. The effectiveness of these actions is then assessed through objective evidence, such as reduced incident rates, improved product quality metrics, or enhanced environmental compliance.

Therefore, the most effective approach for the lead auditor is to examine the documented risk management framework and then seek corroborating evidence of its application and effectiveness through interviews, observation, and review of records. This evidence should demonstrate that the identified risks and opportunities are systematically addressed in a manner that supports the achievement of the organization’s quality, environmental, and OH&S objectives. The auditor’s focus is on the integration and demonstrable impact of these processes, not merely their existence.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when introducing a new hazardous substance into a manufacturing process. ISO 45001:2018 Clause 8.1.3, “Management of change,” mandates that an organization shall establish a process to implement and control planned changes that affect OH&S performance. This includes assessing the impact of new substances. ISO 14001:2015 Clause 8.1, “Operational planning and control,” requires organizations to determine the environmental aspects of activities, products, and services, and to manage them to prevent pollution. Introducing a new hazardous substance necessitates a review of its environmental impact and controls. ISO 9001:2015 Clause 6.3, “Planning of changes,” requires consideration of the purpose of the change and its potential consequences, the integrity of the IMS, the availability of resources, and the allocation or reallocation of responsibilities and authorities.

An IMS Lead Auditor must verify that the organization has a robust process for managing change that integrates requirements from all relevant standards. This involves checking if the hazard identification and risk assessment for the new substance (OH&S) are conducted, if the environmental impact assessment and control measures (Environmental) are in place, and if the overall change management process considers the integrity and potential consequences for the entire IMS (Quality). The auditor would look for evidence that the introduction of the new substance was subject to a formal risk assessment covering both OH&S hazards (e.g., exposure limits, personal protective equipment) and environmental risks (e.g., spill containment, waste disposal), and that the necessary controls were implemented and communicated before the substance was put into use. The absence of a documented risk assessment specifically for the new substance, or evidence that controls were not implemented prior to its use, would indicate a nonconformity. Therefore, the most critical finding for an IMS Lead Auditor in this scenario would be the lack of a documented risk assessment and control implementation for the new hazardous substance, as this directly impacts OH&S and environmental compliance and demonstrates a breakdown in the integrated change management process.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when introducing a new chemical substance into manufacturing processes. ISO 45001:2018 Clause 8.1.3, “Management of change,” mandates that an organization shall establish a process to implement and control planned changes that affect the OH&S performance of the organization. This includes assessing the impact of new substances on worker safety, environmental considerations (ISO 14001:2015 Clause 8.1, “Operational planning and control”), and overall quality processes (ISO 9001:2015 Clause 6.1.2, “Hazard identification and risk assessment,” and Clause 8.5.1, “Control of production and service provision”).

An IMS Lead Auditor must verify that the organization has a systematic approach to identifying hazards and risks associated with the new chemical, evaluating its potential environmental impacts, and ensuring that the quality of the product is not compromised. This involves reviewing documented procedures for change management, hazard assessment (including Safety Data Sheets – SDS), environmental impact assessments, and any necessary modifications to work instructions or quality control measures. The auditor would look for evidence that the introduction of the chemical was preceded by a thorough risk assessment that considered all relevant aspects of the IMS. This includes evaluating the competence of personnel involved, the adequacy of controls implemented (e.g., personal protective equipment, ventilation, waste disposal procedures), and the effectiveness of communication and training. The most comprehensive approach for an auditor to verify this is to examine the documented risk assessment and the subsequent documented approval and implementation plan for the change, ensuring it covers all three standards.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when a significant process modification impacts both quality and environmental aspects. ISO 9001:2015 Clause 6.3 (Changes to the quality management system) and ISO 14001:2015 Clause 8.1 (Operational planning and control) require that organizations plan and control changes. For an IMS, this means ensuring that changes are reviewed for their impact on all integrated aspects.

In this scenario, the introduction of a new solvent impacts product quality (ISO 9001) by potentially altering drying times and surface finish, and it also affects environmental performance (ISO 14001) due to its volatile organic compound (VOC) content and disposal requirements. An IMS lead auditor must verify that the organization’s process for managing change adequately addresses these interdependencies.

The correct approach involves examining the documented procedure for managing change and then auditing its implementation. This includes verifying that the change request documented the potential impacts on both quality and environmental objectives, that risk assessments were conducted for both aspects, that relevant stakeholders (e.g., R&D, Production, EHS) were consulted, and that the implemented change was verified for its effectiveness against all identified impacts. The auditor would look for evidence of updated work instructions, training records, environmental permits or notifications, and quality control records post-implementation.

The question probes the auditor’s ability to assess the holistic nature of change management within an IMS. The correct answer reflects a comprehensive audit approach that considers the interconnectedness of quality and environmental considerations during a change process, ensuring that the IMS is robust enough to manage such integrated impacts effectively. The other options represent incomplete or misdirected audit focus, failing to capture the integrated nature of the management system or the specific requirements for managing change across multiple disciplines.

The core principle being tested here is the auditor’s responsibility in identifying and evaluating the effectiveness of an organization’s risk-based thinking across an Integrated Management System (IMS). ISO 9001:2015 Clause 6.1.1 requires organizations to determine risks and opportunities related to their context and objectives. ISO 14001:2015 Clause 6.1.1 similarly mandates identifying environmental aspects and associated risks and opportunities. ISO 45001:2018 Clause 6.1.1 requires identifying hazards, assessing risks to OH&S, and determining opportunities. An IMS Lead Auditor must verify that these are integrated, not treated in silos.

When auditing an organization that has integrated its ISO 9001, ISO 14001, and ISO 45001 systems, the auditor needs to assess how the organization has consolidated its risk identification and assessment processes. A key indicator of effective integration is the presence of a unified risk register or a system that cross-references risks and opportunities identified under each standard. The auditor would look for evidence that the organization considers quality, environmental, and OH&S risks and opportunities holistically, rather than maintaining separate lists or assessment methodologies for each management system. For instance, a new product introduction might present quality risks (e.g., non-conformance), environmental risks (e.g., waste generation), and OH&S risks (e.g., manual handling during production). An integrated approach would capture all these facets within a single risk assessment framework, allowing for a more comprehensive understanding and prioritization of mitigation actions. The auditor’s role is to confirm that the organization’s process for determining risks and opportunities addresses all relevant aspects of its integrated systems, ensuring that potential impacts on quality, environment, and occupational health and safety are considered concurrently. This demonstrates a mature IMS where interdependencies are recognized and managed.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system’s (IMS) response to a significant environmental incident, specifically a chemical spill impacting a local water source. ISO 14001:2015, Clause 8.2 (Emergency preparedness and response), mandates that an organization shall establish, implement, and maintain processes needed to prepare for and respond to potential emergency situations. This includes taking action to prevent or mitigate adverse environmental impacts. For an IMS Lead Auditor, the focus is not just on the immediate containment but on the systemic review of the response. This involves assessing whether the organization’s documented procedures were followed, if the response was adequate to minimize environmental harm, and crucially, if lessons learned from the incident have been incorporated into the IMS to prevent recurrence or improve future responses. This aligns with the principles of continual improvement inherent in all three standards (ISO 9001, ISO 14001, ISO 45001). The auditor must evaluate the effectiveness of the corrective actions taken, the review of the emergency plan’s adequacy, and the communication processes during and after the event. The most comprehensive approach for an auditor is to examine the evidence of these systemic improvements, which directly demonstrates the IMS’s ability to learn and adapt. This involves reviewing incident reports, corrective action records, updated procedures, training records related to the incident, and management review minutes where the incident was discussed. The other options, while potentially part of the response, do not encompass the full scope of an IMS Lead Auditor’s responsibility in verifying systemic effectiveness and continual improvement following such an event. For instance, simply confirming the spill was contained addresses only a part of the response, not the learning and improvement aspect. Similarly, focusing solely on regulatory compliance, while important, is a subset of the overall IMS effectiveness. Evaluating the financial compensation provided to affected parties is a business or legal matter, not a direct audit focus for IMS effectiveness, though it might be a consequence of non-compliance.

The core of this question lies in understanding how an integrated management system (IMS) auditor approaches the verification of an organization’s commitment to continual improvement across multiple standards (ISO 9001, ISO 14001, ISO 45001). The auditor must assess whether the organization has established processes that actively seek out opportunities for enhancement, not just react to nonconformities. This involves looking for evidence of proactive measures, such as trend analysis of performance data, benchmarking against industry best practices, employee suggestion schemes that are acted upon, and strategic reviews that identify areas for development. The auditor needs to determine if these activities are integrated and contribute to the overall effectiveness of the IMS, rather than being siloed efforts. The question tests the auditor’s ability to discern genuine commitment to improvement from superficial compliance. The correct approach involves evaluating the systematic identification, analysis, and implementation of improvements that demonstrably enhance the organization’s ability to meet its objectives and satisfy stakeholders across all integrated disciplines. This requires looking beyond documented procedures to observe actual practices and their impact.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when introducing a new chemical substance into a manufacturing process. ISO 45001:2018 Clause 8.1.3, “Management of change,” mandates that an organization shall establish a process to implement and control planned changes that affect OH&S performance. This includes assessing the OH&S risks associated with the change before its introduction. For an IMS, this process must also consider implications for quality (ISO 9001:2015 Clause 6.1.2, “Hazard identification and risk assessment” and Clause 8.5.6, “Control of changes”) and environmental aspects (ISO 14001:2015 Clause 8.1, “Operational planning and control,” which requires considering changes to planned arrangements).

An IMS Lead Auditor’s responsibility is to verify that the organization has a robust process for managing change that integrates requirements from all relevant standards. This involves examining how the organization identifies potential OH&S hazards and environmental impacts of the new chemical, assesses the risks, and implements appropriate control measures. The auditor would look for evidence that the change management process includes a documented risk assessment, consultation with workers and their representatives (as per ISO 45001 Clause 5.4), and the communication of necessary information and training regarding the new substance and its associated risks and controls. The auditor must also ensure that the change management process is integrated, meaning that the assessment covers all three management system perspectives simultaneously, rather than treating them as separate evaluations. Therefore, the most effective audit approach is to trace the introduction of the new chemical through the organization’s integrated change management process, verifying that all relevant ISO 9001, ISO 14001, and ISO 45001 requirements have been considered and addressed in a unified manner. This includes reviewing the initial risk assessment, the implementation of controls, and any subsequent monitoring or review activities.

The core of an integrated management system (IMS) audit, particularly concerning the interplay between ISO 9001, ISO 14001, and ISO 45001, lies in verifying the effectiveness of the organization’s approach to managing risks and opportunities across all three disciplines. When auditing the integration of these standards, a lead auditor must assess how the organization identifies, analyzes, and addresses risks and opportunities that have implications for quality, environmental performance, and occupational health and safety. This involves examining documented processes, interviewing personnel, and observing practices to confirm that a holistic, rather than siloed, approach is taken.

For instance, a risk related to a new chemical process might impact product quality (ISO 9001), generate hazardous waste (ISO 14001), and pose inhalation hazards to workers (ISO 45001). An effective IMS would have a single, integrated risk assessment process that captures all these facets, leading to a unified set of controls and monitoring mechanisms. The auditor would look for evidence that the risk assessment methodology considers interdependencies and that the resulting actions are coordinated. This includes verifying that the organization’s context (Clause 4 of each standard) adequately addresses these integrated risks and opportunities, and that leadership commitment (Clause 5) supports this integrated approach. Furthermore, the auditor must ensure that the internal audit program (Clause 9.2) and management review (Clause 9.3) effectively cover the integrated aspects of the system, not just individual standard requirements. The focus is on the *systemic* integration and the resulting effectiveness in achieving the intended outcomes for quality, environment, and safety.

The core of this question lies in understanding the auditor’s role in verifying the effectiveness of an integrated management system (IMS) concerning the management of change, specifically when a significant process modification impacts all three standards (ISO 9001, ISO 14001, and ISO 45001). The auditor must assess if the organization has a robust process for identifying, evaluating, and controlling changes that have potential implications across quality, environmental, and occupational health and safety aspects.

For ISO 9001, the change management process must ensure that product or service conformity is maintained and that customer requirements continue to be met. This involves reviewing the impact on design, production, and delivery processes.

For ISO 14001, the auditor needs to verify that the environmental aspects and impacts associated with the change have been re-evaluated. This includes checking if new environmental risks have been identified, if existing controls are still adequate, and if legal and other requirements related to the environment are still being complied with.

For ISO 45001, the focus is on occupational health and safety. The auditor must confirm that the change has been assessed for potential new hazards or risks to workers, and that appropriate preventive and protective measures have been implemented. This includes reviewing the impact on work procedures, training needs, and emergency preparedness.

An effective IMS requires a holistic approach to change management. Therefore, the auditor’s objective is to find evidence that the organization’s change management procedure explicitly addresses and integrates the requirements of all three standards, ensuring that no critical aspect is overlooked. This involves examining documented procedures, records of change assessments, risk evaluations, implementation plans, and post-implementation reviews that demonstrate this integrated consideration. The most effective approach for the auditor is to seek evidence of a single, overarching change management process that systematically considers the implications for quality, environmental performance, and occupational health and safety, rather than separate, uncoordinated processes for each standard.

The core of an integrated management system (IMS) audit, particularly when considering the interdependencies between ISO 9001 (Quality), ISO 14001 (Environment), and ISO 45001 (Occupational Health and Safety), lies in evaluating the effectiveness of the organization’s approach to managing risks and opportunities across all three disciplines. When an auditor identifies a nonconformity related to the control of hazardous substances under ISO 14001, the critical question for an IMS auditor is how this impacts the other management systems. Hazardous substances can pose direct risks to worker health and safety (ISO 45001) and can also affect product quality or service delivery if not managed appropriately (ISO 9001), for example, through contamination or process disruption. Therefore, the auditor must assess whether the organization’s risk assessment processes, operational controls, and emergency preparedness adequately address these cross-system implications. The most effective approach for an IMS auditor is to trace the identified environmental nonconformity through the organization’s integrated risk management framework to determine if the potential impacts on health, safety, and quality have been identified, assessed, and controlled. This involves examining documented procedures, training records, incident investigations, and management review minutes for evidence of this integrated thinking. The auditor is not just looking for compliance with individual clauses but for the systemic integration of risk management across the IMS.