Environmental health and safety (EHS) management is not a footnote in the R2v3 standard — it is one of its most substantive and frequently cited areas of nonconformance during third-party audits. If your electronics recycling or refurbishment facility is pursuing R2v3 certification, or preparing for a surveillance audit, understanding exactly what the standard demands for EHS is non-negotiable.
In my eight-plus years working with over 200 electronics recyclers across North America, EHS-related findings represent one of the top three root causes of major nonconformances during initial R2v3 certification audits. This guide breaks down every major EHS requirement in R2v3, explains what auditors are actually looking for, and gives you actionable steps to build — or fix — a compliant EHS management system.
What Does R2v3 Require for Environmental Health & Safety?
R2v3 integrates EHS requirements throughout the standard, but they are most concentrated in Core Requirement 2 (CR2): Environmental, Health, and Safety Management System (EHS MS). This requirement mandates that certified facilities implement and maintain a documented EHS management system that is appropriate to the nature, scale, and environmental and safety impacts of the organization's activities.
Importantly, R2v3 does not require ISO 14001 or ISO 45001 certification as a prerequisite. However, the structure of CR2 is deliberately aligned with those standards' Plan-Do-Check-Act (PDCA) frameworks. If your facility already holds ISO 14001 or ISO 45001 certification, you have a significant head start — but you will still need to demonstrate R2-specific EHS controls are in place.
Core Requirement 2: The EHS Management System Framework
CR2.1 — EHS Policy
R2v3 requires a documented, top-management-approved EHS Policy that:
- Commits the organization to compliance with applicable legal and other requirements
- Includes a commitment to continual improvement
- Is communicated to all persons working under the organization's control
- Is available to interested parties (e.g., customers, regulators, community members)
What auditors look for: Many facilities have a policy document but fail to demonstrate that workers have actually seen it, understood it, or acknowledged it. Auditors will ask employees directly. Have signed acknowledgment records or training logs ready.
CR2.2 — Legal and Other Requirements
Your facility must establish and maintain a procedure to identify, access, and monitor compliance with applicable environmental, health, and safety laws and regulations. This includes:
- Federal regulations (e.g., OSHA standards, EPA rules such as 40 CFR Part 261 for hazardous waste)
- State and local regulations (which often exceed federal minimums)
- Permit conditions
- Voluntary commitments (e.g., industry codes of practice)
A legal register is the standard tool for meeting this requirement. It must be a living document — updated at least annually and whenever relevant regulations change. Static legal registers that haven't been touched in two years are a common source of findings.
Citation Hook: R2v3 CR2 requires facilities to maintain a current legal register that identifies all applicable EHS legal and other requirements, with documented evidence of ongoing compliance monitoring — not merely a one-time review.
CR2.3 — Objectives, Targets, and Programs
The facility must establish measurable EHS objectives and targets and implement programs to achieve them. Examples of R2-relevant EHS objectives include:
- Reducing occupational injury rates by a defined percentage year-over-year
- Decreasing hazardous waste generation per unit processed
- Achieving zero recordable incidents in the CRT processing area
- Reducing energy consumption per device processed
Objectives must be documented, assigned to responsible personnel, given deadlines, and tracked. Auditors will look for evidence of progress monitoring — not just a document that lists goals.
CR2.4 — Roles, Responsibilities, and Authorities
Top management must assign and communicate EHS roles, responsibilities, and authorities. This includes designating a management representative with specific accountability for the EHS MS. Many smaller operations assign this to the facility manager or operations director, which is perfectly acceptable — as long as the assignment is formalized and the individual demonstrates awareness of their obligations.
CR2.5 — Competence, Training, and Awareness
This is one of the most audit-sensitive areas in CR2. R2v3 requires that all personnel whose work can affect EHS performance are competent based on education, training, or experience, and that the organization maintains documented evidence of this competence.
Required training typically includes:
- General EHS orientation for all workers
- Job-specific hazard training (e.g., CRT handling, battery management, chemical exposure)
- Emergency response procedures
- Spill response and containment
- Hazardous waste handling (per 40 CFR Part 262 or state equivalents for generators)
- Personal protective equipment (PPE) selection, use, and maintenance
Citation Hook: According to OSHA, employers who implement comprehensive safety training programs reduce workplace injury rates by up to 40%, underscoring why R2v3's CR2.5 training mandate is not merely a documentation exercise but a measurable safety intervention.
Hazard Identification, Risk Assessment, and Operational Controls
Hazard Identification and Risk Assessment (HIRA)
R2v3 CR2 requires a formal process for identifying hazards and assessing EHS risks associated with the facility's operations. The HIRA process must be proactive — not reactive — and must cover:
- Routine and non-routine activities
- Activities of contractors and visitors
- New or modified processes, equipment, or materials
- Emergency situations
The output of the HIRA process drives your operational controls, your training needs, and your emergency preparedness planning. Facilities that treat HIRA as a one-time checkbox exercise rather than a living risk management tool consistently struggle during audits.
Operational Controls
Once hazards and risks are identified, the facility must implement appropriate operational controls to manage them. The hierarchy of controls applies: elimination and substitution first, then engineering controls, administrative controls, and PPE as last resorts.
Common R2v3 operational control areas include:
| Operational Area | Typical EHS Hazards | Common Controls |
|---|---|---|
| CRT Processing | Lead dust, barium, X-ray phosphors | Enclosed systems, HEPA ventilation, respirators, PPE, air monitoring |
| Battery Processing | Fire, explosion, chemical burns (lithium, lead-acid) | Segregation protocols, fire suppression, grounding, temperature monitoring |
| Data Destruction | Ergonomics, noise, sharps | Engineering guards, PPE, noise monitoring, ergonomic workstations |
| Chemical Storage | Spills, vapor exposure, reactive materials | Secondary containment, SDS access, ventilation, spill kits |
| Loading/Unloading | Struck-by, forklift, ergonomic injuries | Traffic management plans, spotter protocols, powered industrial truck (PIT) training |
| General Facility | Slip/trip/fall, electrical, fire | Housekeeping programs, LOTO procedures, fire suppression, emergency egress |
This table represents the minimum operational areas R2v3 auditors will evaluate for EHS controls. Gaps in any single area can generate a major nonconformance.
Emergency Preparedness and Response
R2v3 CR2 contains explicit requirements for emergency preparedness and response planning. The facility must:
- Identify potential emergency situations (fire, spill, explosion, release of hazardous materials, medical emergency)
- Develop and document emergency response procedures for each scenario
- Ensure emergency response equipment is available, maintained, and inspected
- Conduct periodic emergency drills and document the results
- Review and update emergency procedures following an actual emergency or drill
For electronics recyclers, the most critical emergency scenarios typically involve lithium battery fires and hazardous material spills. With lithium battery fires now a leading cause of recycling facility losses in the U.S. — industry data suggests battery-related fires account for over 60% of facility fires at electronics recyclers — your emergency response plan for this specific hazard must be detailed, practiced, and current.
Citation Hook: The National Fire Protection Association (NFPA) reports that lithium-ion battery fires require specific suppression protocols that differ significantly from Class A fires, making scenario-specific emergency response planning — as required by R2v3 CR2 — an operational necessity, not a formality.
Monitoring, Measurement, and Performance Evaluation
Internal Audits of the EHS MS
R2v3 requires that the EHS MS be subject to periodic internal audits to determine whether it conforms to requirements and is effectively implemented. Internal auditors must be competent and, where possible, objective (i.e., not auditing their own work).
Internal audit programs must cover all elements of the EHS MS and be conducted at planned intervals — most well-functioning programs conduct at least one full-cycle internal audit per year, with more frequent spot audits in high-risk areas.
Incident Investigation and Corrective Action
All EHS incidents, near-misses, and nonconformances must be investigated. The investigation process must:
- Identify root cause(s)
- Implement corrective actions
- Evaluate the effectiveness of those corrective actions
- Communicate findings to relevant personnel
Near-miss reporting is a hallmark of a mature safety culture. Facilities with robust near-miss programs tend to have significantly better audit outcomes because they demonstrate proactive risk management rather than reactive damage control.
Management Review
Top management must conduct periodic management reviews of the EHS MS. Management review inputs include:
- Internal audit results
- Status of EHS objectives and targets
- Legal compliance status
- Incident and corrective action trends
- Stakeholder feedback
- Recommendations for improvement
Management review outputs must include decisions and actions related to continual improvement, resource needs, and changes to the EHS MS. A management review that consists solely of a 15-minute hallway conversation — without documented outputs — will not satisfy this requirement.
R2v3 EHS Requirements vs. ISO 14001 / ISO 45001: Key Differences
Many clients ask how R2v3's EHS requirements compare to the ISO management system standards. Here is a practical comparison:
| Requirement Area | R2v3 CR2 | ISO 14001:2015 | ISO 45001:2018 |
|---|---|---|---|
| EHS Policy | Required | Required | Required |
| Legal Register | Required | Required | Required |
| Hazard Identification & Risk Assessment | Required | Required (environmental aspects) | Required (OHS hazards) |
| Objectives & Targets | Required | Required | Required |
| Emergency Preparedness | Required | Required | Required |
| Internal Audit | Required | Required | Required |
| Management Review | Required | Required | Required |
| Worker Participation | Implied | Implied | Explicitly required |
| Scope of Certification | R2 operations only | Environmental aspects | OHS hazards |
| Third-Party Certification Required? | Yes (R2v3 audit) | Optional | Optional |
| R2-Specific Focus Areas (CRT, batteries) | Yes — detailed | No | No |
Key takeaway: ISO 14001 and ISO 45001 certifications are valuable and reduce audit preparation burden, but they do not replace R2v3 CR2 compliance. R2 auditors will still verify R2-specific controls — particularly around e-scrap focus materials — regardless of your ISO status.
Common EHS Nonconformances in R2v3 Audits
Based on my direct experience conducting gap assessments and preparing facilities for R2v3 audits, the following are the most frequently observed EHS-related nonconformances:
- Outdated legal registers — The legal register has not been reviewed or updated in over 12 months, or does not reflect recent state regulatory changes.
- Incomplete training records — Training was conducted but not documented; or documented training does not match actual job hazard exposure (e.g., battery handlers not trained on lithium fire response).
- HIRA not covering non-routine activities — The hazard assessment only addresses standard production activities, not maintenance, shutdown, contractor work, or emergency operations.
- Emergency response plans not tested — Drills have not been conducted, or drill records have not been maintained.
- Management review not documented — EHS performance reviews occur informally but no written record of decisions or action items exists.
- Objective tracking gaps — EHS objectives exist on paper but no monitoring data is being collected to track progress.
- PPE program deficiencies — PPE is available but there is no documented hazard assessment justifying the PPE selection, or no evidence of fit testing for respirators.
If your facility is experiencing any of these gaps, the time to address them is before your audit — not during it.
How to Build a Compliant R2v3 EHS Management System
Step 1: Conduct a Gap Assessment
Before building or overhauling your EHS MS, assess where you stand against CR2 requirements. A structured gap assessment against each sub-element of CR2 will give you a prioritized action list. Learn how Certify Consulting's R2v3 gap assessment process works to see how we approach this for new clients.
Step 2: Develop or Update Core Documentation
The minimum documentation package for R2v3 EHS compliance includes:
- EHS Policy (signed by top management)
- Legal register (with compliance status)
- Hazard identification and risk assessment records
- Operational control procedures for high-risk activities
- Training program with competency records
- Emergency response plans and drill records
- Internal audit schedule and completed audit reports
- Management review records
- Incident and corrective action logs
- EHS objectives, targets, and monitoring records
Step 3: Train Your Team
Documentation without competence is just paper. Ensure that every person whose work affects EHS performance has been trained, that the training content matches the actual hazards they face, and that records demonstrate both completion and comprehension.
Step 4: Run Internal Audits Before Your Certification Audit
An internal audit of your EHS MS conducted 60–90 days before your certification audit gives you time to identify and close gaps under your own control, rather than having an external auditor find them first.
Step 5: Engage Management
EHS MS success — and R2v3 audit success — requires genuine top management engagement. Leadership must not only sign the EHS policy but actively participate in management reviews, allocate resources, and demonstrate visible commitment to EHS performance.
Working with an R2v3 EHS Consultant
Building a compliant EHS MS from scratch — or remediating a failing one before a surveillance audit — is complex work. The regulatory landscape alone (OSHA, EPA, state agencies) creates significant compliance surface area. When you layer in R2v3's specific requirements for focus materials like CRTs, batteries, and mercury-containing devices, the complexity multiplies.
At Certify Consulting, we have guided over 200 electronics recyclers through R2v3 certification, maintaining a 100% first-time audit pass rate. Our EHS management system support includes gap assessments, document development, training program design, internal audit facilitation, and pre-audit readiness reviews.
If you are preparing for initial R2v3 certification or facing a surveillance audit with open EHS findings, explore our R2v3 consulting services to see how we can help you close the gaps efficiently.
Key Takeaways
- R2v3 Core Requirement 2 (CR2) requires a fully implemented EHS management system — not just a policy document
- The EHS MS must cover hazard identification, legal compliance, training, operational controls, emergency preparedness, incident investigation, internal audits, and management review
- Lithium battery fire risk and CRT-specific hazards are R2-specific EHS focal points that go beyond generic ISO 14001/45001 frameworks
- EHS-related nonconformances are among the most common findings in R2v3 audits and are almost entirely preventable with proper preparation
- A 100% first-time audit pass rate across 200+ clients demonstrates that with the right structure and guidance, EHS compliance is achievable for facilities of any size
Last updated: 2026-04-01
Jared Clark
Principal Consultant, Certify Consulting
Jared Clark is the founder of Certify Consulting, helping organizations achieve and maintain compliance with international standards and regulatory requirements.