7.5 Documented Information [ISO 14001]

What is 7.5 Documented Information?

Documented information is defined by ISO 14001 as information required to be controlled and maintained by an organization, as well as the medium in which it is contained.

‘Documented information' in ISO 14001:2015 has replaced the terms ‘documented procedure’ and ‘record’ used in ISO 14001:2004.


7.5.1 General

You should ensure that you organization’s EMS includes documented information required to be maintained and retained by ISO 14001:2015, and the documented information identified by your organization to demonstrate the effective operation of its EMS.

Should I use a Documented Procedure?

It should be noted that there is no need to maintain a documented procedure but your organization may still choose to operate one.

Document files

The organization needs to determine the level of documented information necessary to control its EMS.

‘Access’ can imply a decision regarding the permission to view the documented information only, or the permission and authority to view and change the documented information.

Examples of Documented Information

  • Organizational charts
  • Process maps, flowcharts, Turtle Diagrams
  • Process descriptions
  • Operational procedures
  • Work instructions
  • Test instructions
  • Inspection plans
  • Signs
  • placards
  • Container markings
  • Labels
  • Specifications
  • Internal communications
  • Production schedules
  • Approved supplier lists
  • EMS plans and manuals
  • Strategic plans
  • Forms

Documented Information Media

Documented information can be in any format and media and from any source.

  • Paper
  • Electronic/computer disc
  • Photographs
  • Master samples

man writing document with information

7.5.2 Documents - Creating and Updating

You should seek to confirm:

  • Date when the documented information is created
  • When it is updated,
  • It is appropriately identified and described (e.g., title, date, author, reference number).
  • It must be in an appropriate format (e.g., language, software version, graphics)
  • On appropriate media (e.g., paper, electronic).
  • Confirm that the documented information is reviewed and approved for suitability and adequacy

All external documents need to be handled in a similar fashion where control is concerned. The viewing and handling of documents should be access controlled.

Control of Documents - Post Room

7.5.3 Control of Documented Information

A robust document control process invariably lies at the heart of any compliant management system; almost every aspect of auditing and compliance verification is determined through the scrutiny of documented information. With this in mind, it becomes apparent that the on-going maintenance of an efficient document management system must not be overlooked.

Your organization must control the documented information required by the EMS.

Process Control

A suitable process must be implemented to define the controls needed to:

  • Approve
  • Review
  • Update
  • Identify changes
  • Identify revision status, and
  • Provide access

The documented information process should define the scope, purpose, method and responsibilities required to implement these parameters.

In order to comply with the documented information requirements, it is essential that all personnel understand what types of information that should be controlled and more importantly, how this control should be exercised.

To get the most out of your documented information process, it must communicate to ensure that staff and other users of the documentation information understand what they must do in order to manage that information effectively and efficiently.

Departmental managers should always be responsible for promoting good documented information practices in their area whilst supporting overall compliance to the requirements.

Individuals and their line managers should be responsible for the information that they create, as well as being responsible for their retention and disposal in line with legislative requirements and organizational needs.

EMS Documentation Requirements

We suggest that you maintain and retain the following ‘documented information’:

Clause Documentation Requirement
4.3 The scope of the EMS is maintained as documented information and available to interested parties.
5.2 The environmental policy is maintained as documented information
6.1.1 Maintain documented information relating to; (a) risks and opportunities that need to be addressed, and (b) processes needed in Section 6 to the extent necessary to have confidence they are carried out as planned.
6.1.2 Maintain documented information relating to; (a) environmental aspects and associated environmental impacts, (b) criteria used to determine significant environmental aspects, and (3) significant environmental aspects.
6.1.3 Maintain documented information concerning compliance obligations.
6.2.1 Maintain documented information on the environmental objectives.
7.2 Retain appropriate documented information as evidence of competence.
7.4.1 Retain documented information as evidence of communication, as appropriate.
7.5.1 The EMS must include: (a) documented information required by 14001:2015, and (b) documented information determined by the organization as being necessary for the effectiveness of the EMS.
8.1 Maintain documented information to the extent necessary to have confidence that processes have been carried out as planned.
8.2 Maintain documented information to the extent necessary to have confidence that processes are carried out as planned.
9.1.1 Retain appropriate documented information as evidence of the monitoring, measurement, analysis and evaluation results.
9.1.2 Retain documented information as evidence of the compliance evaluation result(s)
9.2.2 Retain documented information as evidence of the implementation of the audit programme and the audit results.
9.3 Retain documented information as evidence of the results of management reviews.
10.2 Retain documented information as evidence of: (a) the nature of the non-conformities and any subsequent action taken, and (b) the results of any corrective action.

Retention Period for Records

We suggest the following retention periods for your retained EMS documented information:

Document Type Suggested Retention Period
Management review minutes 2 Years
Internal and external audit reports 5 Years
Environmental monitoring and inspection records 5 Years
Legal and compliance records and registers 10 Years
Environmental aspects and impact registers 10 Years
Emergency preparedness plans and records of drills 10 Years
Environmental incident records 10 Years
Risk and opportunity assessments and/or registers 10 Years
Business plans 5 Years
Swot analysis records 5 Years
Pestle analysis records 5 Years
Corrective action reports 5 Years
Complaint records 2 Years
Nonconformance reports 5 Years
Design review records 5 Years
Training and competence records 10 Years
Calibration results and certificates 5 Years


Learn More

Updated: 27th October 2021
Author: Richard Keen

Richard Keen

Richard Keen

Richard is our Compliance Director, responsible for content & product development.
But most importantly he is ISO's biggest fanboy and a true evangelist of the standards.
Learn more about Richard

ISO Checklist

Don’t Try to Manage It All Alone!


Our ISO Auditors and Quality Manager Trainers have been in this industry for years, and since 2002 we’ve been providing thousands of small businesses and large corporations with the tools they need to get certified.

Instead of trying to create everything you need to follow this process from scratch, use ours. We have procedures, templates, checklists, process maps, forms and gap analysis tools to help your documentation without missing a single input or output.

Before you invest all the hours reinventing the wheel, before you spend countless dollars outsourcing the task — try our templates.

Start with expert templates, then make them yours


ISO Procedures