Guide to ISO 14001 Clause 9 Performance Evaluation With Examples

What Is Clause 9 in ISO 14001 and Why Does It Matter?

Clause 9 of ISO 14001:2015 is titled Performance Evaluation, and it sits right at the heart of whether your Environmental Management System (EMS) is actually working or just collecting dust. A lot of organisations get their EMS set up, document their procedures, train their staff, and then wonder why auditors keep raising nonconformities at every surveillance visit. The answer is almost always found in Clause 9.

This clause covers three core activities: monitoring and measurement, internal audit, and management review. Together, they form the feedback loop that tells you whether your environmental objectives are being met, where your system is breaking down, and what leadership needs to do about it. Without a solid Clause 9 process, you are essentially flying blind.

If you are working toward ISO 14001 certification for the first time, or trying to tighten up your existing system before a surveillance audit, this guide walks through every sub-clause with practical examples so you know exactly what is expected.

Clause 9.1: Monitoring, Measurement, Analysis and Evaluation

This is where you define what you are going to measure, how you are going to measure it, and what you will do with the data. The standard breaks this into two parts: the general monitoring and measurement requirements, and a specific requirement around evaluating compliance.

Clause 9.1.1: General Monitoring and Measurement

ISO 14001 requires your organisation to determine what needs to be monitored and measured in relation to your significant environmental aspects, compliance obligations, and environmental objectives. You also need to define the methods, when measurements happen, when results are analysed, and who is responsible.

This sounds straightforward, but in practice many organisations create monitoring programs that are either too vague or too narrow. A common mistake is only measuring outputs, like energy consumption totals, without tracking the conditions or activities that drive those numbers.

What auditors look for here:

• A documented monitoring and measurement program or plan
• Calibrated equipment used for environmental measurements
• Records showing measurements were actually taken at the required intervals
• Evidence that data has been analysed, not just collected
• Linkage between what you measure and your significant environmental aspects

Practical example: A food processing facility in Queensland identifies wastewater discharge as a significant environmental aspect. Their Clause 9.1.1 response includes monthly pH and biological oxygen demand (BOD) testing of discharge water using a calibrated meter, with results logged in a spreadsheet and reviewed by the environment manager. When results approach regulatory limits, a corrective action is triggered before a breach occurs. That is a functioning monitoring program.

Compare that with a business that simply records total water usage once a quarter with no analysis or trigger points. That second approach will not satisfy an auditor, and more importantly, it will not catch problems before they become incidents.

Clause 9.1.2: Evaluation of Compliance

This sub-clause requires your organisation to establish, implement, and maintain a process for evaluating compliance with your legal and other obligations. You need to evaluate compliance at planned intervals, take action if needed, and keep documented information as evidence.

This is one of the most commonly misunderstood requirements in ISO 14001. Many businesses think that simply having a register of their legal obligations is enough. It is not. The standard requires you to actively evaluate whether you are actually complying with each obligation, not just list them.

What this looks like in practice: A construction company in New South Wales maintains a legal register covering environmental protection licences, noise regulations, waste disposal requirements, and stormwater controls. Every six months, the environment coordinator reviews each item against current operations and documents the outcome. If they find a gap, they record it and raise a corrective action. The evaluation is signed off and retained as documented information.

That evaluation process, with its documented outcomes and linkage to corrective action, is what Clause 9.1.2 is asking for. A list of laws with no evidence of evaluation against actual practice will be raised as a nonconformity.

For a broader understanding of how environmental management ties into sustainability commitments, the article on why ISO 14001 is important to achieve the climate change net-zero objective provides useful context on where this standard fits in the bigger picture.

Clause 9.2: Internal Audit

Internal audits are the mechanism by which your organisation checks whether its EMS conforms to its own requirements and to the requirements of ISO 14001. They also assess whether the system is effectively implemented and maintained.

Clause 9.2.1: General Requirements

The standard requires internal audits to be conducted at planned intervals. You need to plan, establish, implement, and maintain an audit program that considers the environmental importance of the processes concerned, changes affecting the organisation, and the results of previous audits.

The key word here is planned. A lot of organisations treat internal audits as something they scramble to complete the week before their external audit. That approach is obvious to any experienced auditor and it defeats the purpose entirely.

Clause 9.2.2: The Audit Program

Your audit program needs to define the audit criteria and scope for each audit, select auditors who are objective and impartial, and ensure results are reported to relevant management. Documented information must be retained as evidence of the audit program and audit results.

What a good internal audit program looks like:

• An annual audit schedule covering all areas of the EMS across the certification cycle
• Audit plans prepared before each audit with defined scope and criteria
• Auditors who are not auditing their own work
• Audit reports that document findings, including conformances, nonconformities, and observations
• Nonconformities linked to the corrective action process in Clause 10
• Records retained and accessible

Practical example: A logistics company with depots in Melbourne and Adelaide runs internal audits twice a year. In January they audit environmental aspects, objectives, and operational controls. In July they audit compliance obligations, emergency preparedness, and monitoring programs. Different staff members conduct each audit after completing internal auditor training. Findings are documented in an audit report and nonconformities are entered into their corrective action register. That is a functioning audit program.

If your internal audits are consistently finding nothing, that is a red flag. Either your auditors are not looking hard enough, or your audit criteria are too narrow. A good internal audit should find something, even if it is just an observation or an opportunity for improvement. If you want to build a more effective internal audit process, the guide on how to run ISO internal audits that actually find problems is worth reading alongside this clause.

Clause 9.3: Management Review

Management review is the process by which top management evaluates the continuing suitability, adequacy, and effectiveness of the EMS. This is not a task that can be delegated to the environment coordinator alone. ISO 14001 is explicit that top management must conduct this review.

What Must Be Included in the Management Review

The standard specifies a list of inputs that must be considered during the management review. These are not optional. If your management review minutes do not address these items, an auditor will raise a nonconformity.

Required inputs include:

• Status of actions from previous management reviews
• Changes in external and internal issues relevant to the EMS
• Information on environmental performance, including trends in nonconformities and corrective actions, monitoring and measurement results, fulfilment of compliance obligations, and audit results
• Adequacy of resources
• Relevant communications from interested parties, including complaints
• Opportunities for continual improvement

Required outputs include:

• Conclusions on the continuing suitability, adequacy, and effectiveness of the EMS
• Decisions related to continual improvement opportunities
• Any need for changes to the EMS, including resources
• Actions needed when environmental objectives have not been achieved

Practical example: A mining services company in Western Australia holds a formal management review every December. The CEO, operations manager, and environment manager attend. The agenda follows the ISO 14001 inputs list. They review the year's monitoring data, compliance evaluation outcomes, internal audit findings, and progress against environmental objectives. They note that their fuel consumption objective was not met due to increased project scope, and they decide to carry it forward with a revised target and additional controls. The minutes are documented, signed by the CEO, and retained. That is a compliant management review.

A management review that consists of a 15-minute chat with no agenda, no documented inputs, and no recorded decisions will not satisfy the standard. The frequency is not prescribed, but most organisations conduct it annually as a minimum, with some doing it twice a year if their environmental risks are high.

Common Clause 9 Nonconformities and How to Avoid Them

Having audited and consulted on ISO 14001 systems across a range of industries, the same Clause 9 problems come up repeatedly. Here are the most common ones and what to do about them.

Monitoring Data That Is Never Analysed

Organisations collect data but never actually look at it. Spreadsheets full of numbers with no trend analysis, no comparison against targets, and no action when results deteriorate. Fix this by building a simple monthly review step into your monitoring program where someone is responsible for reviewing data and flagging anomalies.

Compliance Evaluations That Are Just Tick-and-Flick

A legal register with a column that says “compliant: yes” next to every item, with no supporting evidence, will not satisfy an auditor. Your compliance evaluation needs to show how you verified compliance. Reference specific records, inspection dates, test results, or site observations.

Internal Audits Completed in One Day Right Before the External Audit

This is one of the most obvious signs that an EMS is not genuinely embedded. Spread your audits across the year. If something goes wrong in March, you want an internal audit finding it in April, not the certification body finding it in November.

Management Reviews With No Evidence of Top Management Involvement

If your management review minutes are written by the environment coordinator and signed by no one, or signed by someone who was not actually present, that is a problem. Top management must be genuinely involved. Document who attended, what was discussed, and what decisions were made.

Objectives Not Tracked Against Actual Results

Clause 9 requires you to evaluate whether your environmental objectives are being achieved. If you set a target to reduce energy consumption by 10% and you never report actual consumption against that target, you are not meeting the requirement. Build your objective tracking into your monitoring program from the start.

Linking Clause 9 to the Rest of Your EMS

Clause 9 does not operate in isolation. The performance data you collect feeds directly into Clause 10 (Improvement), where nonconformities are addressed through corrective action and continual improvement is driven. The management review outputs feed back into Clause 6 (Planning) when objectives need to be revised or new risks identified.

Think of it as a cycle. You plan your environmental management in Clause 6, you implement it in Clause 8, you evaluate performance in Clause 9, and you improve based on what you find in Clause 10. If Clause 9 is weak, the whole cycle breaks down because you have no reliable information to act on.

This connection between evaluation and improvement is also why checking whether your ISO management system is actually working goes beyond just passing an audit. It is about building a system that genuinely drives better environmental outcomes over time.

For organisations managing multiple standards simultaneously, the integrated management systems guide explains how Clause 9 requirements across ISO 14001, ISO 9001, and ISO 45001 can be aligned into a single performance evaluation process, which significantly reduces duplication of effort.

Documentation Requirements for Clause 9

ISO 14001 requires documented information as evidence of several Clause 9 activities. Here is a summary of what you need to retain.

• Monitoring and measurement results: Records of all environmental monitoring data, calibration records for measurement equipment
• Compliance evaluation results: Documented outcomes of each compliance evaluation, including the date, who conducted it, and what was found
• Internal audit program: The overall audit schedule and plan
• Internal audit reports: Reports from each audit including scope, criteria, findings, and conclusions
• Management review outputs: Minutes or records documenting the decisions and actions from each management review

One practical tip: do not over-engineer your documentation. A simple spreadsheet for monitoring data, a one-page audit report template, and structured meeting minutes for management review are often sufficient for small to medium businesses. What matters is that the records exist, are accurate, and are retained for the period required by your documented information control procedure.

The guide to controlled documents and how to implement them covers the broader documentation control requirements that underpin your Clause 9 records management.

Getting Clause 9 Right Before Your Next Audit

If you have a surveillance audit or recertification audit coming up, here is a practical checklist to work through for Clause 9.

1. Pull your monitoring records for the past 12 months. Is the data complete? Has it been analysed? Are there any trends that should have triggered action?
2. Review your compliance evaluation. When was it last done? Is there documented evidence of how compliance was verified for each obligation?
3. Check your internal audit schedule. Were all planned audits completed? Are reports on file? Were nonconformities raised and linked to corrective actions?
4. Review your management review minutes. Do they address all required inputs? Are outputs documented? Did top management actually attend?
5. Check that your environmental objectives have been tracked against actual performance data throughout the year.

If you find gaps, address them before the audit. Raising a corrective action internally and showing the auditor that you identified and addressed the issue is far better than having the auditor find it first.

Understanding what happens after ISO 14001 certification can also help you plan your ongoing Clause 9 activities across the three-year certification cycle, so you are not scrambling before each audit.

Working With a Consultant on Clause 9

Many organisations bring in an ISO consultant specifically to help design their monitoring programs, compliance evaluation processes, and management review templates. This can be genuinely useful, particularly for businesses that are new to environmental management or that are expanding their EMS scope.

The key is finding a consultant who understands your industry and your specific environmental aspects, rather than someone who drops generic templates and leaves. A good consultant will help you build a monitoring program that is proportionate to your actual risks and practical for your team to maintain without constant external support.

If you are looking for a consultant to help with your ISO 14001 system, CertBetter connects businesses with verified ISO consultants who have demonstrated experience in environmental management systems. You submit one form and receive up to three competing quotes from vetted providers, at no cost to your business. It is a straightforward way to compare your options before committing to anyone.