ISO 9000 is a family of standards for quality management systems. ISO 9000 is maintained by ISO, the International Organisation for Standardisation and is administered by accreditation and certification bodies. The rules are updated, as the requirements motivate changes over time.
ISO 9001 is one of the standards within the range of ISO 9000 standards.
ISO 9001:2015 standard recently replaced the previous ISO 9001:2008. The 2015 edition features important changes, which is referred to as an “evolutionary rather than a revolutionary” process. The earlier versions of ISO 9001 were quite prescriptive, with many requirements for documented procedures and records. In the 2000 and 2008 editions, the focus was more on managing processes, and less on documentation.
The new standard goes further and ISO 9001:2015 is even less prescriptive than its predecessor, focusing instead on performance. This has been achieved by combining the process approach with risk-based thinking and employing the Plan-Do-Check-Act cycle at all levels in the organization.
Any organisation can benefit from implementing ISO 9001:2015 as its requirements are underpinned by eight management principles:
ISO 14001:2015 specifies the requirements for an environmental management system that an organization can use to enhance its environmental performance. ISO 14001:2015 is intended for use by an organization seeking to manage its environmental responsibilities in a systematic manner that contributes to the environmental pillar of sustainability.
ISO 14001:2015 helps an organization achieve the intended outcomes of its environmental management system, which provide value for the environment, the organization itself and interested parties. Consistent with the organization's environmental policy, the intended outcomes of an environmental management system include:
ISO 14001:2015 is applicable to any organization, regardless of size, type and nature, and applies to the environmental aspects of its activities, products and services that the organization determines it can either control or influence considering a life cycle perspective. ISO 14001:2015 does not state specific environmental performance criteria.
ISO 14001:2015 can be used in whole or in part to systematically improve environmental management. Claims of conformity to ISO 14001:2015, however, are not acceptable unless all its requirements are incorporated into an organization's environmental management system and fulfilled without exclusion.
An Occupational Health and Safety (OH&S) Management System provides a framework for an organisation to identify and control its health and safety risks, reduce the potential for accidents, comply with legislation and improve operational performance.
OHSAS 18001 is the requirement standard for an OH&S Management Systems which was recently updated and adopted as OHSAS 18001:2007. The update reflects the learnings achieved from widespread use of the standard across the world and provides more emphasis on "Health" rather than just "Safety".
The specification has been designed to be compatible with the ISO 9001 and ISO 14001 management system standards.
OHSAS 18001 requires an organisation to formally document the areas that are covered by their OH&S policy and to keep evidence that it is operating according to the requirements of the standard. It is relevant to any organisation that wants to conform to legislation and demonstrate to staff and stakeholders that it has systems in place to minimise and eliminate risks.
Over 6300 people die each day from work-related accidents or diseases - that's nearly 2.3million every year.
The burden of occupational injuries and diseases is significant, both for employers and the wider economy, resulting in losses from early retirements, staff absence and rising insurance premiums.
To combat the problem, ISO is developing a new standard, ISO 45001 Occupational health and safety management systems - Requirements, that will help organizations reduce this burden by providing a framework to improve employee safety, reduce workplace risks and create better, safer working conditions, all over the world.
The standard is currently being developed by a committee of occupational health and safety experts, and will follow other generic management system approaches such as ISO 14001 and ISO 9001. It will take into account other International Standards in this area such as OHSAS 18001.
It ensures that an organisation has the measures and controls to manage the risks associated with their activities. It will also demonstrate its commitment to stakeholders, improve operational performance through better accident management and reduced downtime with a corresponding reduction in insurance premiums and penalties for breach of legislation.
ISO 27001 specifies the management of Information Security. Applicable to all sectors of industry and commerce, it is not confined just to information held on electronic systems, but addresses the security of information in whatever form it is held.
Information is now globally accepted as being a vital asset for most organisations and businesses. As such, the confidentiality, integrity, and availability of vital corporate and customer information may be essential to maintain competitive edge, cash-flow, profitability, legal compliance and commercial image. ISO 27001 is intended to assist with this task. It is easy to imagine the consequences for an organisation if its information was lost, destroyed, corrupted, burnt, flooded, sabotaged or misused. In many cases it can (and has) led to the collapse of companies.
ISO 27001 is part of the ISO 27000 series, the generic name given to a family of international standards developed to provide a framework around which an information security management system can effectively be implemented. These standards are given below:
Gaining certification from a UKAS accredited certification body demonstrates that the security of your information has been addressed, implemented and properly controlled. But the benefits don't stop there:
ISO 50001 is the international standard that is designed to help organisations to establish the systems and processes necessary to manage energy efficiency, use and consumption. The overall objective of the standard is to reduce workplace environmental impact and reduce greenhouse gas emissions and energy costs.
At the heart of ISO 50001 is the creation and operation of an Energy Management System (EnMS) that defines an organisations energy management and use reduction objectives and puts in place systems and processes to ensure these are achieved. ISO 50001 procedurally has much in common with ISO 9001:2008 and ISO 14001:2004 and incorporates a continuous improvement philosophy based on the Plan-Do-Check-Act cycle.
This Standard is applicable to "all types and sizes of organizations, irrespective of geographical, cultural or social conditions" - even one person organisations. Clearly everyone can help – both the environment and themselves by reducing emissions and lowering energy costs.
The starting point for ISO 50001 is top management commitment to the concept of structured energy management.
With this commitment in place the Planning phase of EnMS development can begin. This will include the definition of the organisations energy policy – a statement of the organisations commitment to energy use reduction and continual improvement. This sets the strategic direction that the EnMS seeks to achieve. The energy planning phase examines current energy use and practice and uncovers opportunities for improvement. This includes a detailed energy audit which is then used as the baseline.
In addition Energy Performance Indicators (EPIs) are identified to facilitate on-going measurement of energy performance. Energy objectives (targets) are identified and action plans established to ensure these targets are met in operation.
The implementation and operation or the Do phase mirrors many of the activities that will be familiar from operation of an ISO 9001:2008 Quality Management System. Notably training, communication and awareness, documentation and document control, operational control and design and procurement – in this case specifically of energy related products and services.
The Check or review phase again shares many features with ISO 9001 including monitoring, non-conformance, corrective and preventative action. A vital element of this phase is of course auditing of the EnMS. Auditing ensures that your system continues to conform to the requirements of the standard. The output from the management review informs how your organisation will Act to ensure objectives are met and continual improvement is maintained. Any required changes are then planned as the Plan-Do-Check-Act cycle begins once more.
To ensure maximum benefit is achieved from ISO 50001 we recommend independent third party certification by a UKAS Accredited assessment body.
There are a number of benefits from the implementation of ISO 50001. Key amongst these are:
In addition the implementation process itself may lead other beneficial process improvements.
IRCA certified auditors providing support and guidance for:
