Podcasts about Gap analysis

ISO consultancy isn't a field many aspire to enter, mostly because many don't know it exists until you're tasked with either managing an existing ISO Management System or implementing a brand new one.  We're continuing with our latest mini-series where we introduce members of our team, to explore how they fell into the world of ISO and discuss the common challenges they face while helping clients achieve ISO certification.   In this episode we introduce Sarah Ball, a Senior Isologist® at Blackmores, to learn about her journey towards becoming an ISO Consultant and what drives her to help clients on their ISO journey.   You'll learn ·      What is Sarah's role at Blackmores? ·      What does Sarah enjoy outside of consultancy? ·      What path did Sarah take to become an ISO Consultant? ·      What is the biggest challenge she's faced when implementing ISO Standards? ·      What is Sarah's biggest achievement?   Resources ·      Isologyhub ·      Productivity Ninja   In this episode, we talk about: [00:30] Episode Summary – We introduce Sarah Ball, a Senior Isologist® here at Blackmores, to discuss her journey towards becoming an ISO consultant who specialises in ISO 9001, ISO 45001, ISO 14001 and ISO 27001. [03:45] What is Sarah's role at Blackmores? Sarah is a Senior Isologist® with Blackmores, supporting companies with maintaining systems, undertaking internal audits, and supporting with implementing new systems to gain certification utilising our Isology methodology. Sarah also coordinates the development of content of our online learning platform, the isologyhub. [04:50] What does Sarah enjoy doing outside of consultancy?: Sarah has a keen interest in history, having studied it at school, she like to travel to various locations of historical interest. She also spends a lot of time researching her own family tree, learning as much as she can about the far reaching members of the past. Sarah also likes to go jogging outside, as the gym environment didn't inspire much enjoyment, she instead prefers to be in nature while exercising. She has also participated in long distance running for charity, completing the 10k Race for Life. She's taking on the more daunting muddy 5K version this year, which includes a number of obstacles, so we're wishing her luck! One of the new hobbies she's like to take up this year include mountain climbing, with Mount Snowdon on her to-do list. [06:35] What was Sarah's path towards becoming an ISO Consultant?: Sarah initially started in Customer Services, working as a customer service advisor in a company and then got promoted to manager of a team. At that point, her role became more about understanding why they were getting certain complaints and what could be done to prevent them happening rather than just resolving them. She ended up spending more time with suppliers and other departments to help prevent some of the recurring issues, and along the line it lead onto being asked to implement an ISO 9001 Quality Management System. Which was a tall request considering the fact that at the time, Sarah knew nothing about ISO 9001 outside of it's designation and area of focus. As a result, she spent a lot of time researching it, and had the help of an external consultant to Implement the Management System. This was necessary, as knowing how to apply it to a business was something that she needed support with. 2 years later, the company asked Sarah to implement an ISO 45001 Health & Safety management system and an ISO 14001 environmental management system. These two she implemented herself after getting a feel for it during the initial quality management system implementation. For the next 10 years, Sarah worked in other companies, assisting with their integrated management systems. Along the way, she also picked up on ISO 27001 Information Security, before landing in Blackmores in 2020. [09:10] A path people fall onto – Most people don't actively plan to get into ISO consultancy, it's usually a result of being tasked with managing or implementing a management system while working in another role.  [10:10] What is Sarah's favourite aspect of being a Consultant? – Sarah enjoys the variety, not just in the work and tasks but in the companies and industries that she gets to work with. Each have their own way of working, unique approaches and knowledge nuggets in the form of ways of working that can be cherry picked and applied elsewhere. She also likes to see how a management system develops and evolves overtime and how it can become part of a company's success, driving continual improvement. Sarah enjoys working with people that can see the real benefits of ISO management systems, rather than just focusing on the certificate on the wall. [13:40] Making a Management System your own – Sarah is a big proponent of making a Management system your own, giving it an identity so that it can be fully integrated into the way a business works. Businesses do it all the time, usually by naming large projects that everyone can reference by a common shorthand. A Management System can work in the same way, making it a part of the day-to-day running of the business. She's also a fan of not worrying about the terminology in Standards. Many of the terms used are meant to be general, this was due to the way international audiences referred to certain aspects of management, it wouldn't always translate correctly. So many Standards have some admittedly awkward terminology that can be applied to any business, and you by no means have to use their wording, as long as you can explain what relates to what in an audit then you're free to name things as appropriate to you.   [16:55] What Standards does Sarah specilaise in and why? Starting with: ·      ISO 9001 Quality: This is the main standard that Sarah starting working with, and is one that touches on a lot of areas within other Standards. It's a great base to build off of, and is the starting point for many venturing into the world of ISO. ·      ISO 14001 Environmental: Sarah got experience with this Standard at her first company, it's also commonly implemented alongside ISO 9001.   ·      ISO 45001 Health & Safety: Another one of the first Standards Sarah implemented, it's also a common one to see in integrated management systems.   ·      ISO 27001 Information Security: Sarah got to grips with this Standard through years of working with other companies. Sarah's favourite Standard is ISO 9001, not only because it was her first experience with implementing ISO Standards, but because it create a blueprint for success. ISO Standards are setting the minimum requirement, not the maximum, they are designed get you started so you can make continual improvements. It also acts as a foundation to build onto, you can pick aspects of other Standards to integrate into your existing system. You don't necessarily have to certify to those additional Standards, but nothing is stopping you from strengthening your Management System with the best bits from other ISO's. [21:00] Sarah's favourite clause in ISO 9001: Sarah personally favors Clause 10 – non-conformity and corrective action. The reason behind that choice is due to that clauses' importance in driving continual improvement. It's about taking something negative being turned into a positive, which is what Quality Management is at it's core. [22:05] What is the biggest challenge Sarah had faced during a project and how did he overcome it?: Molding the Standard to the business. As a consultant, the biggest challenge is understanding how to make the requirements of a Standard fit the business, and not the other way round. It's all about trying to align the ISO Standard requirements to their values and mission, and then getting people on board with understanding the true benefits of management system implementation. At Blackmores, we ensure that each management system is unique to each business. We don't operate with a copy paste model. This is another reason why Sarah encourages naming your management system, by branding it you encourage engagement. Sarah highlights the fact that we run a lot of workshops in the initial part of a project, conducting a Gap Analysis, SWOT and PESTLE ect, this helps our consultants to really get a feel for how a business ticks. From that, we can help steer the delivery of the Management System to the wider business, by building it into their existing tools, such as an intranet. [25:45] Leading by example: We revamped our own ISO 9001 Management System a few years ago, with both Rachel Churchman and Sarah Ball leading the refresh. We gave it a name, H20 (How 2 Operate) and integrated it with our Microsoft Teams channels as we'd all swapped to mostly remote work following the COVID pandemic in 2020. As Sarah points out, there are many different ways to display and deliver your management system, including: ·      Microsoft Teams ·      Intranet ·      Google / Google Drive ·      SharePoint ·      CRM's such as Monday.com The key is building it into the day-to-day tools everyone uses. Make the Management System part of your processes, so adhering and maintaining it becomes part of everyone's way of working. [28:55] What is Sarah's proudest achievement? Obtaining her degree through the Open University while still working full time. It took Sarah 8 years of hard work to obtain her honours degree in History, which was one not required by her work or career development. It was simply something she wanted to do to prove to herself that she could achieve it. Many other members of Blackmores can attest to Sarah's level of determination, and organisation, as she shares many tips and techniques learned from her years of study and work. This includes: The Productivity Ninja – Learned from Graham Allcott's book, which seeks to help reduce procrastination, and tackle tasks with efficiency. The Second Brain – A tool to help keep track of ideas / tasks that aren't an immediate priority. These tools are now used by a number of the team, and we have no doubt Sarah will be schooling us on more techniques in future. If you'd like any assistance with implementing ISO standards, get in touch with us, we'd be happy to help! We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

We're diving into a project we recently wrapped up, the Australian Extension Capacity and Capability–A Map and a Gap Analysis, funded by AgriFutures Australia. See all the details and contribute to the discussion over at our blog.

In this episode of the Treasury Update Podcast, Jonathan sits down with Paul Galloway to talk about the role of assessments in treasury and finance. Paul covers the importance of evaluating your systems, people, and processes and discusses how to use the results to make better decisions. If you have more questions or need guidance on assessments, feel free to contact us. 0:00 intro 0:18 Types of assessments 12:05 Importance of assessments 17:29 Best times to implement 21:44 Practical implementation 26:19 Key action items 28:57 Have questions?

AI usage has skyrocketed in the past 2 years, with many commonplace apps and software now featuring an AI integration in some form.  With the rapid development and possibilities unlocked with this powerful technology, it can be tempting to go full steam ahead with implementing AI use into your day-to-day business activities. However, new technologies come with new risks that need to be understood and mitigated before any potential incidents. In this episode Mark Philip, Information Security Manager at Cloud Direct, joins Ian to discuss emerging AI risks and how you can build AI resilience into your existing practices. You'll learn ·      Who is Mark? ·      Who is Cloud Direct? ·      How can you assess your current level of AI resilience? ·      What are some of the key threats that AI systems currently face, and how can you mitigate these? ·      How can you utilise AI to enhance your security? ·      What is best practice when responding to an AI related security incident?   Resources ·      Cloud Direct ·      Isologyhub    In this episode, we talk about: [02:05] Episode Summary – We invite Cloud Direct's Information Security Manager, Mark Philip, onto the show to discuss AI risks and how to build in AI resilience into your existing security practices.   [03:25] Who is Mark Philip?: While his primary role is as an Information Security Manager at Cloud Direct, a little known fact about him is that he is an amateur triathlete! At London earlier in 2024, he was lucky enough to bump into Alistair Brownlee, who is the UK's two time gold olympic medalist in triathlon. [05:10] Who are Cloud Direct? – Founded in 2003, Cloud Direct are a Microsoft Azure expert MSP that is the top of Microsoft accreditation that any partner can hold, putting them in the top 5% of Microsoft partners globally. They offer consultancy and professional managed services, specialising in Microsoft Cloud, which is all underpinned with security across the whole Microsoft stack. They also assist with digital transformation and modernisation. [06:30] Assessing the current AI risk landscape: Ian points out that a recent report from the Capgemini Research Institute found that 97% or organisations are using generative AI. With this increase in AI use, there is a correlation with an increase in security incidents related to AI. Mark adds that this technology is so new, with a lot of larger software companies such as Microsoft pushing AI elements into their tools. So there is a learning curve involved with utilising the technology. There is also a lack of Risk Assessment being done in relation to AI, not a lot of though is going into the use of AI on a day-to-day basis. If you're using an AI platform, you need to ask yourself: What is this platform actually doing with the data I'm inputting? There is also the fact that shady individuals are already leveraging this technology with the likes of deep fakes, bad bots and more sophisticated phishing schemes – and the harsh truth is that they're going to get better at it over time. [08:20] What is AI resilience and why is it so important? – AI resilience is about equipping businesses with the processes that control the use and deployment of AI usage, so that they can anticipate and mitigate any AI risks effectively. Similar to ISO Standards, this would involve a risk-based approach. However, this will look very different depending on your business and how you are using AI. For example, the risks of someone using AI to generate a transcript of meeting notes will be much lower in comparison to a healthcare company using complex sets of data with AI to synthesize new medicines. So, if you are using AI you need to consider what the inherent risks could be, and that would be dependent on the data you're processing i.e. is it sensitive data? And then factor in if the software is publicly available (such as ChatGPT), or it is a closed model under your control? Asking these types of questions will give you a more realistic outlook on the risk landscape you face. [10:35] How can a business assess their current level of AI resilience? AI is here to stay, so you won't be able to avoid if forever. So first, you need to embrace and understand it, and that includes creating a clear picture of your use cases. Mark states they did this exercise internally at Cloud Direct when they were starting to use Microsoft's Co-Pilot. They asked themselves: ·      What sort of data is the software interacting with? ·      What data are we putting into it? ·      How do Microsoft manage the program and related security? ·      Are Mircrosoft storing any of that data? It's not just about the security either, you need to understand why your using AI and if it will actually be to your benefit. A lot of people are using it because it's new and shiny, but if it's not actively helping you achieve your business goals, then it's more of a distraction than anything else. For those looking for additional guidance on AI policies, risks and resilience, there's a lot of guidance provided by both ISO and the NCSC. ISO 42001 in particular is useful for both people using AI and developers creating AI. If you're stuck on where to start, a Gap Analysis is a fantastic tool to see where you are currently and what gaps you need to bridge in your security to cover any AI usage, and to see how well you are complying with current legal requirements (the EU AI Act is now in effect!). Another tool is a Risk Assessment. You may not process what many would consider sensitive data, such as healthcare information, but even if you store and hold customer data, then you need to ensure that any AI you use doesn't pose a risk to it. [14:30] How can AI improve security and resilience? – Sticking with Microsoft as an example, as they are releasing a lot of AI driven tools, they can be used to fill gaps that humans may not have the time to do. Once example of this is monitoring and sending security alerts, previously a system may have just sent this to a human member of staff to resolve, but now AI security tools can act on those alerts on your behalf. So, if you have limited IT resources, this could be a fantastic addition to your security set-up. It also eliminates the lag of human response, and AI can look at things in a way a human wouldn't think to.   [17:55] How do people stay ahead of the curve in the evolving AI landscape? – You should be using the myriad of resources available to learn about AI, as there are webinars, social media feeds, blogs and videos released constantly. Microsoft in particular are offering a comprehensive feed of information relating to AI, the risks and new technologies in development. The key is to understand AI before integrating it into your business. Don't just jump at the new shiny toys being advertised to you, go to reputable sources such as the ICO, NCSC, Cyber Essentials and regulatory bodies to learn about the technology, the benefits it can bring in addition to the risks you need to mitigate against. Mark can vouch for Microsoft's though leadership in this field, as they keep all of their customers up-to-date with all of their AI related developments. Cloud Direct themselves are also putting out some great content, so don't forget to check out their resources. If you are already utilising Microsoft's tools, the Cloud Direct can help explain how their new tools can apply to your business. If you're looking for assistance with ISO 42001, then Blackmores can help you with implementing a robust AI Management System. [21:40] What is best practice when responding to an AI related incident? – To be honest, there's no reason to not treat it like any other security incident. We've already adapted to more sophisticated security risks as a result of the move towards home and hybrid working over the pandemic. This simply another stage along in this ever changing security landscape. You should treat it like assessing any new step, and you likely have all the processes in place for analysing risk already in place, simply apply them to the usage of AI and put in place the necessary governance based on your findings. Standards such as ISO 20000 IT Service Management and ISO 22301 Business Continuity are fantastic tools of you're new to this sort of incident response planning. If you've already been certified to these standards, then you likely have the following in place already: ·      Risk Assessments ·      Business Impact Assessments ·      Business Continuity Plans ·      Recovery Plans Simply add AI as an additional risk factor into your existing management system and update the necessary documentation to include actions and considerations for its use. If you update your Business Continuity and recovery plans, then make sure to test them! Don't just assume that they will work, put them to the test and adjust until you're comfortable that in a real incident, everyone in the business knows how to react, what to communicate and how to get back up and running. [24:00] What are Mark's predictions for the field of AI resilience? – People need to look at the opportunities in utilising AI, a lot of people are using it without really understanding it so there's a lot of learning still to do. So, he expects to see a lot of businesses fully grasping how they can use AI to their advantage in the coming years. With that comes the challenge of ensuring it's integrated safely, with the right governance embedded to ensure its safe and ethical usage across entire organisations. Another big challenge is the handling data privacy within AI. Scams are only going to get more complex as AI develops, and you need to ensure your business can protect against that as much as possible. Also businesses should carefully consider what AI platforms they choose to use. Ensure you understand what data is being input and stored, and the level of control you have over it. All of this to say, there are a lot of massive benefits of using AI and you should shy away from it. But, you need to ensure you are using it safely and ethically. [27:30] What is Mark's book recommendation? – The hunt for Red October by Tom Clancy [28:45] What is Mark's favorite quote? – “I have a bad feeling about this…” – Star Wars Want to learn more about Cloud Direct? Check out their website. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Send us a textEver felt like life was happening to you instead of for you? Like your dreams were passing by outside a window, just out of reach? In today's episode, I share my personal journey from feeling scattered and unfulfilled to creating a meaningful vision that transformed my life and leadership.Drawing on personal experience and proven research, I introduce the Three Pillars Framework and Vision Architecture Framework, practical tools that will help you move from simply setting goals to creating a compelling vision that drives real change in your life and leadership.In this episode, you'll discover:Why writing down your goals makes you 42% more likely to achieve them - and how vision takes this success even furtherThe Three Pillars Framework: Professional Legacy, Personal Growth, and Community Impact - and how they work together to create lasting changeA practical 5-step Vision Architecture Framework that turns abstract dreams into actionable plansThe crucial difference between setting goals and creating a vision - and why this distinction matters for your successThe power of community impact in creating true fulfillment and lasting successReady to take ownership of your 2025? Download the Vision Board for Leaders worksheet and join our community of visionary leaders who are creating meaningful change.Take Action Now:Download the Vision Board for Leaders worksheetShare your one-word vision for 2025 using #Vision2025 and tag Kele on LinkedIn or InstagramSubscribe to Communicate to Lead and share this episode with another aspiring visionary leader[Download Vision Board for Leaders Worksheet Here]Connect with Kele and get more leadership insights: LinkedIn:  https://www.linkedin.com/in/kele-ruth-belton/ Instagram: https://www.instagram.com/thetailoredapproach/ Website: https://thetailoredapproach.com 

In this episode of the Quality Hub podcast, Xavier Francis and Suzanne Strasser discuss year-end strategies for optimizing ISO Quality Management Systems (QMS). They emphasize evaluating resources, leveraging technology, and analyzing trends to address gaps and improve efficiency. Key points include engaging stakeholders, adapting to external changes, and more. The episode highlights the importance of employee empowerment, process optimization, and embracing tools like AI and data analytics to prepare for future challenges. Helpful Resources: What is a mature QMS? https://www.thecoresolution.com/quality-management-system-maturity   ISO 9001 Gap Analysis: https://www.thecoresolution.com/iso-9001-gap-analysis-explained   For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015   Contact us at 866.354.0300 or email us at info@thecoresolution.com   ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1   A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources   ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting    

On average, international events emit over 2,000 tonnes of greenhouse gases, which is the equivalent to what 270 UK citizens emit in a whole year.  The events industry has been under scrutiny for a number of years in regard to its sustainability, with many factors such as international and domestic travel and exhibition waste to consider, it's quite a beast to tackle! Back in 2012, to coincide with the London Olympics, a new Standard dedicated to Sustainable Events Management was launched. ISO 20121 provides a robust framework for those seeking to take actionable steps to tackle their sustainability, such as todays' guest FESPA.    In this episode Ian is joined by Graeme Richardson-Locke, Head of Associations & Technical Lead at FESPA, to discuss FESPA's journey towards achieving ISO 20121, the challenges faced along the way and benefits felt from certification. You'll learn ·      Who is Graeme Richardson-Locke? ·      Who are FESPA? ·      What was the main driver behind obtaining ISO 20121? ·      What was the biggest gap identified in the initial Gap Analysis? ·      What did FESPA learn from the experience of implementing ISO 20121? ·      What are the main benefits of ISO 20121 certification?   Resources ·      FESPA ·      FESPA Sustainability Spotlight ·      Isologyhub   In this episode, we talk about: [02:05] Episode Summary – We welcome today's guest, Graeme Richardson-Locke, Head of Associations & Technical Lead at FESPA, to discuss their journey towards achieving the best practice standard for Sustainable Event Management – ISO 20121. [02:40] Who is Graeme?: Graeme has spent 40 years in the print sector, from textiles to graphics to industrial printing. Starting from an apprenticeship in screen printing, which moved onto industrial printing and then finally into digital print. A little known fact about Graeme, he used to live on a goat farm on the Isle of Isla in the inner Hebrides. He speaks fondly of his time in a small community of just over 3,000 people, taking long walks and admiring the rich landscape. [06:00] Who are FESPA? – FESPA is the global Federation of National Specialty Print Trade Association. They work to support visual communication businesses in wide format and production of wide format products, so this includes things like garment decoration, interior décor, signage and industrial products. Their association have members across 37 countries with around 1400 businesses within their membership. They ultimately seek to reinvest their profits for the purpose of inspiring, educating and growing the industry. Their roots can be found in creativity, with some of their founding members coming from a background of screen printing. [09:55] What is the scope of FESPA's ISO 20121 certification? Currently it extends to their major European based exhibition – Global Print Expo, which also includes their European Sign Expo. They thought it best to roll out certification to the Standard against their largest event. Outside of the certification scope (so far) they do run events in Mexico, Brazil, Africa and the Middle East. It would be much too large of an undertaking trying to certify all their events initially, so they started with the European events with a view to expand their scope of certification at a later date. [11:05] What was the main driver for achieving ISO 20121? Their was a clear need for sustainability related materials to be made available to their members. So FESPA started to develop a guide on sustainability certification schemes, a glossary of terms and a calculating carbon guide. As a result, they set-up a feature on their website called Sustainability Spotlight, which highlights new sustainability produced materials coming to market. So it was clearly a topic of focus for their members. They also sought to increase the positive impact they can have within their community, reduce the negative impacts and further develop their overall value. [13:05] The ethical way forward – As an internal advocate, Graeme wanted to put forward a proposal for something that was really meaningful and not just a greenwashing exercise. This is something that seeking certification, which includes third-party verification, can provide. [13:35] How long did it take FESPA to achieve ISO 20121? – FESPA began looking into the Standard back in 2022, but it was mired with other turbulence that needed their focus. The pandemic, the war in Ukraine, supply disruption and inflation, there was a lot happening in a short space of time. They made a start on their journey in the Summer of 2022, but it was slow going as they were still building back from the pandemic. The slow burn picked up speed in 2023, with their certification being secured in May 2024. [15:45] What was the biggest Gap identified during the Gap Analysis? FESPA have a lot of talented members, with a lot of competence, but the experience of creating formalised policies, procedures and a Management System that had to meet the set requirements of the Standard was a learning curve. FESPA didn't have the benefit of other ISO certifications, and this was the first time they were implementing an audited Standard, so the whole process was very eye opening. [16:40] What impact did Implementing ISO 20121 have on FESPA? It provided a new perspective on their business, and has helped to develop a greater awareness of sustainable development opportunities. An example of this includes when they started to really dig deeper into how they build and run events, from stand materials to catering. They found that switching their stand build materials to fiber build materials reduced their carbon footprint by 90%! By simply thinking more carefully about what they were doing, they managed to make a massive carbon reduction, with an appetite to reduce this even further. They worked with a company called Quota to calculate their carbon emissions, as they didn't have that particular expertise in-house. With that massive reduction as a motivator, they are now looking at stand material lifecycle, with a view to use more recycled materials that can be reprocessed. [19:00] An eye opening experience -  Completing exercises like a SWOT and PESTLE and rolling out a risk register which is reviewed on a quarterly basis, allows them to really keep an eye on how things are changing and any available opportunities.   All of these feed into their objective setting for the next year, establishing a solid path of progression to drive the business forward. [20:10] Keeping up with an ever changing world: FESPA have molded their Management to suit the way they work, which is not linear. Venues change ever year, and it's critical that their management system assist in asking the right questions for new event locations. One of their recent events took place in The Rye in Amsterdam, and they had zero emissions relating to energy because the Rye had their own sustainability related policies and procedures in place.   [21:15] The event industry's collective effort: Many venues and other businesses involved in the events sector are large organisations with high energy consumption. Many will already fall under legislative requirements to address and reduce their energy consumption. So, everyone is working in step with each other for the most part. FESPA's own members are showing trends of steering more towards utilising more sustainable materials such as recycled fabrics, as these have less weight, less cost to ship and more opportunity for reprocessing. It's still very much a work in progress, but it's being driven in the right direction. [24:20] Graeme's Top Tip:  The power of systematic thinking, Implementing a Management System requires a new way of working. Graeme ran into trouble when first providing auditable evidence, as it was not something FESPA had ever done before. They encountered a minor non-conformance for F gas leakage in their head office air conditioning, and while they could confirm that their provider was F gas certified but they hadn't checked to make sure the certificate was in date. Little examples like this proved that they need a more systematic approach in all aspects of the business to ensure they complied with all relevant regulations, while also providing a solid framework for continual improvement. [26:15] Celebrating ISO Success: Graeme was fortunate to attend a Certificate ceremony, put on by their Certification Body, BSI. The acknowledgement of not only his effort, but others who had been through a similar experience made for a fantastic celebration of FESPA's achievements. [27:20] Graeme's book recommendation: Green Swans, The Coming Boom in Regenerative Capitalism – By John Elkington [29:15] Chris's favourite quote: The biggest threat to this planet is the belief that someone else will save it – Robert Swan If you would like to learn more about FESPA, and their sustainability initiatives, visit their website. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

AI has been integrated into almost every aspect of our lives, from everyday software we use at work, to the algorithms that determine what content is recommended to us at home. While extraordinary in its capabilities, it isn't infallible and will open up everyone to new and emerging risks. Legislation and regulations are finally catching up to the rapid adoption of this technology, such as the EU AI Act and new Best Practice Standards such as ISO 42001. For those looking to integrate AI in a safe and ethical manner, ISO 42001 may be the answer. Today Rachel Churchman, Technical Director at Blackmores, explains what ISO 42001 is, why you should conduct an ISO 42001 Gap analysis and what's involved with taking the first step towards ISO 42001 Implementation.   You'll learn ·      What is ISO 42001? ·      What are the key principles of ISO 42001? ·      Why is ISO 42001 Important for companies either using or developing AI? ·      Why conduct an ISO 42001 Gap Analysis? ·      What should you be looking at in an ISO 42001 Gap Analysis?   Resources ·      Register for our ISO 42001 Workshop ·      Isologyhub     In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:05] Episode summary: Rachel Churchman joins Steph to discuss what ISO 42001 is, it's key principles and the importance of implementing ISO 42001 regardless of if you're developing AI or simply just utilising it. Rachel will also explain the first step towards implementation – an ISO 42001 Gap Analysis. [02:45] Upcoming ISO 42001 Workshop– We have an upcoming ISO 42001 workshop where you can learn how to complete an AI System Impact Assessment, which is a key tool to help you effectively assess the potential risks and benefits of utilising AI. Rachel Churchman, our Technical Director, will be hosting that workshop on the 5th December at 2pm GMT, but places are limited so make sure you register your place sooner rather than later! [03:20] The impact of AI – AI is everywhere, and has largely outpaced any sort of regulation or legislation up until very recently. These are both needed as AI is like any other technology, and will bring it's own risks, which is why a best practice Standard for AI Management has been created. If you'd like a more in-depth breakdown of ISO 42001, check out our previous episodes: 166 & 173 [04:30] A brief summary of ISO 42001 – ISO 42001 is an Internationally recognised Standard for developing an Artificial Intelligence Management System.  It provides a comprehensive framework for organisations to establish, implement, maintain, and continually improve how they implement and develop or consume AI in their business. It aims to ensure that AI risks are understood and mitigated and that AI systems are developed or deployed in an ethical, secure, and transparent manner, taking a fully risk-based approach to responsible use of AI. Much like other ISO Standards, it follows the High-Level Structure and therefore can be integrated with existing ISO Management systems as many of the core requirements are very similar in nature.  [05:45] Why is ISO 42001 important for companies both developing and using AI? – AI is now becoming commonplace in our world, and has been for some time.  A good example is the use or Alexa or Siri - both of these are Large Language AI Models that we all use routinely in our lives.  But AI is now being introduced in many technologies that we consume in our working lives - all designed to help make us more efficient and effective.  Some examples being: ·      Microsoft 365 Copilot ·      GitHub Copilot ·      Google Workspace ·      Adobe Photoshop ·      Search Engines i.e. Google Organisations need to be aware of where they're consuming AI in their business as it may have crept in without them being fully aware.  Awareness and governance of AI is crucial for several reasons:  For companies using AI they need to ensure they have assessed the potential risks of the AI such as unintended consequences and negative societal impacts, or potential commercial data leakage.  They also need to ensure that if they are using AI to support decision making, that they have ensured that decisions made or supported by AI systems are fair and unbiased.   It's not all about risk - organisations can also use AI to streamlining processes helping to become more efficient and effective, or it could support innovation in ways previously not considered. For companies developing AI, the standard promotes the ethical development and deployment of AI systems, ensuring they are fair, transparent, and accountable.  It provides a structured approach to risk assessment and governance associated with AI, such as bias, data privacy breaches, and security vulnerabilities. And for all, using ISO 42001 as the best practice framework, organisations can ensure that their AI initiatives are aligned with ethical principles, legal requirements, and industry best practices. This will ultimately lead to more trustworthy, reliable, and beneficial AI systems for all. [10:00] Clause 7.4 Communication – The organisation shall determine the internal and external communications relevant to the system, and that includes what should be communicated when and to who. [09:00] What are the key principles outlined in ISO 42001? – ·      Fairness and Non-Discrimination - ensuring AI systems treat all individuals and groups fairly and without bias. ·      Transparency and Explainability - Making AI systems understandable and accountable by providing clear explanations of their decision-making processes. ·      Privacy and Security - Protecting personal data and privacy while ensuring the security of AI systems. ·      Safety and Security - Prioritising the safety and well-being of individuals and the environment by mitigating potential risks associated with AI systems. ·      Environmental & Social - Considering the impact of AI on the environment and society, promoting sustainable and responsible practices. ·      Accountability and Human Oversight - Maintaining human control and responsibility for AI systems, ensuring they operate within ethical and legal boundaries.  You'll often hear the term 'Human in the loop'.  This is vital to ensure that AI is sanity checked by a human to ensure it hasn't hallucinated or result ‘drifted' in any way. [11:10] Why conduct an ISO 42001 Gap Analysis? What is the main aim? – Any gap analysis is a strategic planning activity to help you understand where you are, where you want to be and how you're going to get there.  The ISO 42001 gap analysis will identify gaps and pinpoint areas where your AI practices need to meet the ISO 42001 requirements.  It aims to conduct a systematic review of how your organisation uses or develops AI to then assess your current AI management practices against the requirements of the ISO 42001 standard. This analysis will then help you to identify any "gaps" where your current practices do not fully meet the standard's requirements.  It also helps organisations to understand 'what good looks like' in terms of responsible use of AI.   It will help you to prioritise improvement areas that may require immediate attention, and those that can be addressed in a phased approach. It will help you to understand and mitigate the risks associated with AI.  It will also help you to develop a roadmap for compliance to include plans with clear actions identified that can then be project managed through to completion, and as with all ISO standards it will support and enhance AI Governance. [13:15] Does an ISO 42001 gap analysis differ from gap analysis for other standards? – Ultimately, no. The ISO 42001 gap analysis doesn't differ massively from other ISO standard gap analysis, so anyone who already has an ISO Standard and has been through the gap analysis process will be familiar with it. In terms of likeness, ISO 42001 is similar in nature to ISO 27001 in as much as there is a supporting 'Annex' of controls and objectives that need to be considered by the organisation.  Therefore the questions being asked will extend beyond the standard High Level Structure format. Now is probably a good time to note that the Standard itself is very informative and includes additional annex guidance information to include ·      implementation guidance for the specific AI controls, ·      an Annex for potential AI-related organisational objectives and risk sources, ·      and an Annex that provides guidance on use of the AI management system across domains and sectors and integration with other management system standards.  [14:55] What should people be looking at in an ISO 42001 gap analysis? – The Gap Analysis will include areas such as looking at the 'Context' of your organisation to better understand what it is that you do, or the issues you are facing internally and externally in relation to AI - both now and in the reasonably foreseeable future, and also how you currently engage with AI in your business.  This will help to identify your role in terms of AI.  It will also look at all the main areas typically captured within any ISO standard to include leadership and governance, policy, roles and responsibilities, AI Risks and your approach to risk assessment and treatment and AI system impact assessments.  It also looks at AI objectives, the support resources you have in place to manage requirements, awareness within your business for AI best practice and use, through to KPI's, internal audit, management review and how you manage and track issues through to completion in your business. The AI specific controls look more in-depth at Policies related to AI, your internal organisation in relation to key roles & responsibilities and reporting of concerns, The resources for AI Systems, how you assess the impacts of AI Systems, The AI system lifecycle (AI Development), Data for AI Systems, Information provided to interested parties of AI Systems, and the use of AI Systems and 3rd party and customer relationships. [18:10] Who should be involved in an ISO 42001 Gap analysis? – An ISO 42001 gap analysis looks at AI from a number of different angles to include organisational governance that includes strategic plans, policies and risk management, through to training and awareness of AI for all staff, through to technical knowledge of how and where AI is either used or potentially developed within the organisation.  This means that it is likely that there will need to be multiple roles involved over the duration of a gap Analysis. At Blackmores we always provide a Gap Analysis 'Agenda' that clearly defines what will be covered over the duration of the gap analysis, and who typically could be involved in the different sessions.  We find this is the best way to help organisations plan the support needed to answer all the questions required.  It's also important to treat the gap analysis as a 'drains up' review, to help get the  most benefit out of the gap analysis.  This will ensure that all gaps are identified so that a plan can then be devised to support the organisation to bridge these gaps, putting them on the path to AI best practice for their business. If you'd find out more about ISO 42001 implementation, register for our upcoming Workshop on the 5th December 2024. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

This week, Amanda Gilbert joins us to share insights into how you can build people's capability - yours, your teams, or your organisation. Avoid some common pitfalls and follow critical steps to improve capability and results.This podcast follows the recent episode where James shared a magic bullet for improving performance: building your systems' capability. People are critical to any system, so check out Amanda's advice.We also discuss the challenges of buying and maintaining cars, and James improves his productivity by listening to podcasts on double speed—perfect if you're a fan of the Smurfs!To find out more, contact Jimmy, James or Amanda.

The worst time to plan a response to a crisis is in the middle of a crisis. My guest on the show today is Stephanie Craig, the president of crisis management firm, Kith. In this episode, we talk about the importance of planning for a crisis ahead of time and how to practice the plan so that it's not forgotten when it's needed. Stephanie stresses the importance of speedily handling a crisis by knowing your core values and establishing trust in the process you create. Listen in as we talk about the tools you can use like simulations, “Oh Crap” conversations, and Gap Analysis to prepare for any crisis that may come your way.What you will learn:●The difference between crisis communication and crisis management.●Questions you should be asking to prep for a crisis.●Tips on exercising crisis plans during your regular meetings.●The impact that core values have on speedy crisis response.●Gap Reports: how they help find where you're doing well and where your crisis planning could improve.Thanks for listening!Connect with GradComm:Instagram:@gradcommunicationsFacebook:@GradCommunicationsLinkedIn:@gradcommSend us a message: GradComm.com

Welcome to another insightful episode of Oh for Foods Sake. Today, we're tackling the multifaceted nature of creativity in the food industry, inspired by Arne Dietrich's quadrant model. Lucy introduces the model featuring four types: deliberate-cognitive, deliberate-emotional, spontaneous-cognitive, and spontaneous-emotional creativity.Amy explains that creativity is not limited to artists and musicians but can also be expressed through methodical problem-solving, like using a VLOOKUP in Excel. We illustrate deliberate-cognitive creativity through the example of developing a health-focused food product called "Supernatural's." This type of creativity builds on existing knowledge and carefully iterates towards innovative solutions.Moving on to deliberate-emotional creativity, we discuss how major events like COVID-19 shifted consumer behaviour and drove the creation of nostalgic products. We emphasise the importance of emotional engagement and empathy in developing products that resonate with consumers.Spontaneous-cognitive creativity, known for its "Eureka" moments, is exemplified through stories like the invention of the microwave. Despite appearing serendipitous, these discoveries often rest on a solid foundation of existing knowledge that allows for sudden, innovative connections.Finally, we cover spontaneous-emotional creativity, the type most associated with artists and chefs. We share techniques to unlock this creativity, such as engaging in art or dance classes, and highlight the importance of allowing mental space for ideas to emerge organically.Throughout the episode, we emphasise that everyone has the potential to be creative in their unique way and we encourage listeners to tap into their inherent creativity by exploring different approaches and giving themselves the space and permission to innovate.Timestamps:0:00 – Introduction to the Episode1:19 – Explanation of Arne Dietrich's Quadrant Model2:08 – Deliberate and Cognitive Creativity3:30 – Example: Developing "Supernatural's"5:01 – The Importance of Iteration in Creativity6:37 – Using Data and Gap Analysis in Creativity7:23 – Deliberate and Emotional Creativity8:01 – Consumer Behaviour Changes During COVID-199:00 – Spontaneous and Cognitive Creativity10:11 – Example: The Invention of the Microwave12:12 – Spontaneous and Emotional Creativity13:17 – Unlocking Creativity Through Extracurricular Activities14:10 – The Neuroscience of Creativity15:30 – Methods to Foster Creativity in Teams16:20 – The Value of Diverse Thinking in Problem-Solving17:30 – Conclusion: Embracing Different Types of CreativityLinks and Resources:Website Link: https://ohforfoodssake.co.uk/FB Link: https://www.facebook.com/groups/ohforfoodsakeLinkedIn: https://www.linkedin.com/company/oh-for-food-s-sake/You can follow us here on Instagram: https://www.instagram.com/oh_forfoodssake/For industry consulting from Lucy, connect with her on Instagram or LinkedIn.Find her on Instagram or LinkedIn for further support with industry coaching and facilitation from Amy.See you next time!

Welcome to the second episode in our ESG series on the Assurance in Action podcast! Join our Vice President of Sustainability, David Muil, as he discusses the importance of gap analysis in meeting ESG (Environmental, Social, and Governance) legislation. Learn how this approach enables businesses to evaluate current performance, address compliance gaps, and strengthen their strategic planning efforts.Tune in for key insights on navigating evolving sustainability regulations.Follow us on- Intertek's Assurance In Action || Twitter || LinkedIn.

Yves Gravelle returns to the podcast to help me get stronger fingers. We talked about my current finger strength goal, how to build a 3-month training program, best joint angles for edge lifting, limiting factors, the challenge for climbers with building finger strength, forearm hypertrophy exercises, how to know when you need more rest, how to combine board sessions with finger training, repeater protocols for long boulders, process goals, and much more.Watch the Video Interview of this episode:EP 237: Yves Gravelle Returns — Uncut VideoBecome a Patron:patreon.com/thenuggetclimbing The NUG:frictitiousclimbing.com/products/the-nugCheck out my new portable hangboard design.Crimpd:crimpd.comOr download the Crimpd app for free!Rhino Skin Solutions:rhinoskinsolutions.comUse code “NUGGET” at checkout for 20% off your next order!Revival Climbing Coalition:revivalclimbing.comEP 225: Tony Bell & David Bress (my episode with the founders of Revival)Chalk Cartel:chalkcartel.comUse code "NUGGET" at checkout for 20% off your next order. We are supported by these amazing BIG GIVERS:Michael Roy, Craig Lee, Mark and Julie Calhoun, Yinan Liu, and Matt WalterShow Notes:  thenuggetclimbing.com/episodes/yves-gravelle-returnsNuggets:(00:00:00) – Intro(00:03:59) – The 200 lb grip goal(00:07:31) – How Yves makes a training program, the Gap Analysis, & benchmarking(00:11:28) – Limiting factors(00:12:15) – The Sport Audit(00:15:13) – Joint angles for edge lifting(00:19:19) – Specializing(00:20:36) – The challenge for climbers with building finger strength(00:21:18) – More on specialization(00:22:51) – Forearm hypertrophy exercises(00:24:58) – Lifting vs. hanging vs. overcoming isometrics(00:30:33) – Grip positions for different goals(00:36:07) – 20mm vs. 25mm edge training(00:38:29) – How to build a 3-month grip training program(00:45:56) – Yves' edge lifting protocols(00:53:35) – When to progress weight(00:54:50) – Wellness questionnaire & readiness test(00:56:20) – When to change your training schedule(00:58:23) – When to push out of your comfort zone (i.e. The Shock Week)(01:00:08) – Hypertrophy & long-term finger strength gains(01:04:27) – Lazy athletes get strong(01:05:29) – Repeaters(01:07:44) – Changing your schedule or program(01:10:48) – My takeaways so far(01:12:02) – How to combine board sessions with finger training(01:20:04) – Training for a 23-move boulder(01:22:44) – Pacing & effeciency(01:25:37) – Summary of my example training plan(01:35:12) – More about repeaters(01:40:46) – How to maintain finger strength in season(01:48:05) – Yves' recent grip comp & climbing goals(01:55:22) – Yves' gap analysis for comps(01:57:15) – Planning & process goals(01:59:05) – Yves' job as a special effects artist(02:01:06) – Yves' YouTube channel(02:01:54) – Climbers getting into grip sports(02:02:47) – Outdoor rock goals & his last Hueco trip(02:05:45) – Wrap up & EXTRA teaser for Patrons

There have been a reported 9,478 publicly disclosed data incidents in 2024 alone, with that amounting to over 35 million known records breached. It has become clear in recent years that information security isn't just a ‘nice to have', it's a necessity to ensure you and your client's data are protected. Which is especially the case for those processing personal and financial data, such as today's guest, Mintago. In this episode, Tom Catnach, Head of Product and Information Security Officer for Mintago, explains their journey towards ISO 27001, the challenges faced and benefits felt from certification to the leading Information Security Standard. You'll learn ·      Who are Mintago? ·      Who is Tom Catnach? ·      What was the main driver behind achieving ISO 27001? ·      What was the biggest ‘gap' identified in the Gap Analysis? ·      What have they learned from the experience? ·      What are the benefits of certification to ISO 27001? ·      What does the threat horizon for information security look like?   Resources ·      Mintago ·      Isologyhub     In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:15] Episode summary: Today we welcome guest Tom Catnach from Mintago to discuss their journey towards ISO 27001 certification. [02:20] Who are Mintago? – Mintago are an employee benefits company, who work with companies to help their employees be financially better off. They do this in a number of ways, including: ·      Finding lost pension pots ·      Help to save money through finding discounts ·      Retirement planning ·      Offering various salary sacrifice products ·      Helping companies to be more financially efficient with pension salary sacrifice or other national insurance savings ·      Helping people to be more financially literate [05:10] Who is Tom Catnach?: Tom has a split role at Mintago, his primary role being Head of Product and secondary being Information Security Officer. Through both roles he looks after all the products and offerings as well as the information security across the business, he was also the driving force behind achieving ISO 27001. Outside of work, Tom likes to travel via motorbike, preferring to stay away from the screens and enjoying the sights. [06:30] What was Mintago's main driver to Implement ISO 27001?: Mintago, and most other businesses by their nature, are required to hold a lot of sensitive data and so have a responsibility to their clients and employees to ensure it's security. Mintago were looking for a robust framework to base their Information Security around, and what better option that the leading Information Security Standard, ISO 27001. ISO 27001 also offers the assessment of general business practice, and allows for growth and scaling. As a start-up, they wanted to have a solid base for policies, training ect to roll out to new hires as they expand. [08:30] Aligning Standards with core values: Trust is one of Mintago's core values and they want to give their clients the assurance that they can be trusted to protect their data. ISO 27001 can be compared to the likes of Bcorp as it's an on-going process. It doesn't just stop at getting the certificate, you have annual surveillance to ensure you are still compliant year on year. [10:15] What was the scope of Mintago's certification?: For the initial implementation, Mintago opted to just scope in Product and Customer Service. This was because all of the sensitive data is handled in those departments and they don't allow access to any other teams, so it made sense to start there with a view to expand the scope after certification. That being said, they still rolled out Information Security training to all staff, and everything has been set-up to allow for an easy business wide roll-out when they're ready. [11:50] How long was Mintago's certification journey?: They started their journey in September 2023, in fact it was Tom's first project with Mintago! Mintago enlisted Blackmores help to implement ISO 27001, and after nine months they have been successfully certified. Tom attributes their ease of implementation to the fact that they are currently a small business, citing that it's an advantage to implement ISO Standards early while your agile so that your management system grows with you.   [14:25] What was the biggest ‘gap' identified at the Gap Analysis?  Mintago are lucky in the fact that they are a new business so are using modern tech, and don't have the burden a larger site or other physical elements such as rack mounted servers. However, policy, procedure and evidence to ensure they were doing the right thing were lacking at the start of their journey. They did have a good 70% in place and that last 30% was mostly down to having the ability to evidence their compliance. There was also some additional work to do to improve existing policies and procedures. One example of this was having a solid Business Continuity Plan in place. [16:35] Did Mintago experience any significant barriers in addressing identified gaps?  Being a smaller business, they were able to adapt a lot quicker than a larger organisation may have been able to. One of the biggest struggles for Tom was getting the necessary technology to aid with Information Security. They needed to show that they had a competent Mobile Device Management Solution (MDM), antivirus and anti-phishing in place. When trying to buy some software solutions, Tom encountered a lot of companies simply not replying to his requests due to Mintago's size. Many organisations sadly prioritize bigger potential clients, and so it took a while to finally get all the required software. [18:45] Engagement is key -  Getting everyone involved with the management system is critically important. Especially with information security as the people most often targeted are frontline workers, so they need to be actively engaged in security. Mintago also has the advantage of being a smaller business, so getting communication out isn't a hardship and resulted in high engagement. This was benefitted from a top-down initiative via their ‘C-Suite'. Tom also states that you can make any necessary training more lighthearted, team based or interactive, as that's something that people would want to engage in.   It's also important to stress that any information security training can be beneficial for personal use too to avoid being a victim of fraud or a scam. It can be something people take away to their family members to ensure they stay safe online. [23:10] Did the adoption of ISO 27001 highlight any issues not already considered by Mintago? -  The biggest thing was how their internal process could be improved. For example, looking at the scenario of ‘what if our back-ups don't work?', ISO 27001 drilled down to ask specifics such as: ·      How do we recover from that scenario? ·      Are we 100% confident in our back-ups? ·      Will they work near instantaneously? ·      What's Mintago's availability like in that scenario? ·      How do we prevent disruption to our clients during that scenario? So, while they did have back-ups they weren't necessarily considering the whole scenario, especially if those back-ups were to fail. ISO 27001 ultimately helped to flesh out existing plans to make a much more robust system. In regards to threat horizons, Mintago do practice OWASP and keep the team informed via e-mail, newsletters and GitHub repositories. [25:00] Internal Auditing – A beneficial tool -  Tom found the internal auditing process to be very beneficial for Mintago, currently they do a few monthly on average. Blackmores assisted with the audits during implementation to ensure they were in the right place for assessment. Of course, the Certification Body audits were a bit more nerve wracking for Stage 1 and 2 as they would determine if they would be certified. Mintago passed their Stage 1 (documentary review) with flying colours, their Stage 2 (evidence checking) highlighted a few non-conformities that were quickly addressed. Following the Stage 2, they were recommended for ISO 27001 certification. [27:20] Minor Non-conformities aren't the end of the line – There's a common misconception that getting a certain number of minor non-conformities during a Stage 2 assessment means you can't be certified, but that's simply not true! If an Assessor is comfortable that you are in a good position for certification, they will recommend you. ISO Standards are all about continual Improvement, which is something Mintago are embracing as they continue to address issues raised at audits. [29:00] Benefits of ISO 27001 certification – Benefits Mintago are already experiencing include: Internal Stakeholders – The Team worked hard to achieve the Standard and have embraced it's core qualities to the benefit of their own Information Security practices. Positive Market Response – Much larger clients who are also ISO 27001 certified now have a mutual understanding of each other's commitment to information security. Gaining certification early – As a start-up, Mintago are agile and will be able to develop and mature their ISMS (Information Security Management System) as they grow. [31:10] Any concerns on the threat horizon?:  As the Information Security Officer, Tom is concerned about new emerging trends in AI led scams. They're going to be a lot more sophisticated and harder to spot and deal with. Thankfully, even if they are impacted, it will be rather isolated. Tom raises concerns for vital services such as Air Traffic Control which could have dire consequences if they were to be affected by a data incident. However, with ISO 27001 Mintago are in a good place to keep on-top of their threat horizon and have the processes in place to mitigate potential incidents and continually improve their own security. [34:30] In Summary: Mintago are a shining example of gaining certification for the right reasons. It's not just about getting a badge, they have truly embraced a culture of continual improvement and are utilising ISO 27001 to ensure they have a robust information security management system in place. If you would like to learn more about Mintago and their financial services, check out their website.   We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Internal promotions are a great way to reward deserving employees at your organization! Ensuring their transition is seamless is critical to building a foundation for their long-term success. Here's the what, why, when, and how of internal promotions.Payroll + HR + Benefits in an all-in-one solution. Request a BerniePortal demo today!https://www.bernieportal.com/get-a-demo/Find us at https://www.bernieportal.com/hr-party-of-one/BerniePortal: The all-in-one HRIS that makes building a business & managing its people easy. http://bit.ly/2NEQ5QbWhat is an HRIS?https://www.bernieportal.com/hris/BernieU: Your free one-stop shop for compelling, convenient, and comprehensive HR training and courses that will keep you up-to-date on all things human resources. Approved for SHRM & HRCI recertification credit hours. Enroll today!https://www.bernieportal.com/bernieu/Join the HR Party of One Community!https://www.bernieportal.com/community/▬ Episode Resources & Links ▬▬▬▬▬▬▬▬▬▬How Does Succession Planning Work? https://youtu.be/KhCgxIxw2ho?si=Q6TTBqQXynTBUzN-What Is a Levels Document?https://youtu.be/LVfWDGj5UsM?si=1m-LY9J7vfSAeem75 Key Ways to Avoid Proximity Biashttps://blog.bernieportal.com/5-key-ways-to-avoid-proximity-biasDo Employees Want Pay Transparency? https://blog.bernieportal.com/employees-compensation-transparency-surveyHow Do You Interview Internal Job Candidates?https://blog.bernieportal.com/interviewing-internal-job-candidatesWhat is a GAP Analysis?https://youtu.be/4smHOblfWgg▬ Social Media ▬▬▬▬▬▬▬▬▬▬▬► LinkedIn: https://www.linkedin.com/company/bernieportal▬ Podcast▬▬▬▬▬▬▬▬▬▬▬▬► Apple Podcasts: https://podcasts.apple.com/us/podcast/hr-party-of-one/id1495233115► Spotify: https://open.spotify.com/show/5ViQkKdatT40DPLJkY2pgA► Amazon Music: https://music.amazon.com/podcasts/1874beb8-2a68-4310-8816-e704e6850995/HR-Party-of-One► iHeartRadio:

Join me as I walk through the practical steps I took after my conversation with Erika Varangouli, an expert in content marketing, SEO, and branding at Riverside.fm.Key Takeaways:Integrating SEO with Branding:Erika emphasized the importance of aligning SEO with branding. Inspired by her advice, I started using customer reviews in ChatGPT to create better product descriptions.Customer-Centric Content:One new idea is to include a section in my thank-you emails that addresses potential issues, like delayed deliveries, to reassure customers and reduce their stress.SEO Strategy Evaluation:Erika's suggestion to regularly evaluate and adjust SEO strategies led me to create a monthly data day for the SEO Squad. Keyword Gap Analysis:After Erika mentioned the importance of competitor analysis, I used Ubersuggest to identify keyword gaps between my website and competitors. Data-Driven Adjustments:I'm now more committed to making data-driven decisions, regularly searching for new keywords and staying open to refining my strategy.Listener Action Items:Use customer feedback to enhance your product descriptions and align them with your brand's voice.Set aside time each month to review your SEO data and make strategic adjustments.Perform a keyword gap analysis to discover new opportunities to rank in search results.Connect with Me:Website: Simple and Smart SEO ShowEmail: hello@simpleandsmartseo.comSend me a text!Support the Show.Search the Simple and Smart SEO Show podcast for something you heard! It's free!Apply to be my podcast guest!

In today's episode, I share a free diagnostic tool that you can use to improve your organisation and your leadership skills. The organisational gap analysis focuses on identifying gaps regarding psychological safety in the workplace and workplace relationships.  As leaders, it's our responsibility to reflect, identify the gaps and make the necessary changes. This might include an action plan with steps to follow, strategies to implement or training to attend. But it all starts with that gap analysis! If you are someone who shies away from reflection or analysing what is missing, then this gap analysis is perfect for you! The questions have been meticulously thought-out to stimulate your thinking and get you moving so that you don't have to shy away from reflection, but rather take action. CLICK HERE to access the free organisational gap analysis.  Next steps:  1. Navigate to https://www.womenoffaithinleadership.com where you can: Join the community of like-minded female Christian leaders. This is where I will be hanging out if I'm not on the podcast chatting to you all. Come share and support each other here.  Subscribe to my newsletter so you can stay up to date with all upcoming episodes and any other exclusive or special offers. 2. If you need any support, you can get in contact with me for a 1:1 coaching session. Just email me at support@rikawhelan.com 3. Connect with me on LinkedIn: https://www.linkedin.com/in/rikawhelan  

Last week, we discussed the first 3; go and listen to episode 66. Systems Expectations Staff performance Let's jump into the next 3: 4. Workplace Culture This truly is a huge topic, but I'm going to break some green and red flags down for you here. 7 Green flags People care about each other People feel safe People know where they stand, their role, their expectations, there is no uncertainty Low to zero stress levels - there will be some form of stress for deadlines, projects ect. But it shouldn't be about the everyday, it should be healthy Your voice matters, you're able to have a say without fear of retaliation, discrimination You can be yourself (within professional boundaries of course ;-) ) Organisation is driven by values and everybody actually sticks to these values 7 Red flags High staff turnover People feel constant frustration with one another and with management People feel as if management are to blame for everything and don't take personal responsibility There is absolutely no accountability towards anyone Performance isn't measured or rewarded People are doing the absolutely bare minimum and others constantly feel that they are carrying the weight of that person No clear expectations, policies and procedures (SOP's) or communication The Free organisational gap analysis will analyse it for you and give you some tips 5. Accountability What does accountability look like in your workplace? Is there any? Are people held accountable for their actions, behaviour, tardiness, lack of respect, gossiping etc. The best places to work are those that keep people accountable. I had the wonderful opportunity to speak to so many HR managers and so many of them agree, the best places are the ones who keep people accountable. These are people who have worked across multiple different sectors, big, medium and small businesses who know.   No accountability = a huge gap and opportunity for organisational failure 6. Staff Training & Development This does not only include professional development. That's important, for sure, but think about all the other missed opportunities. It starts with onboarding, what does that look like, are you seizing the opportunity to set that person up for success during onboarding? Then what happens after, are they just left to the wolves? Or to fend for themselves when it comes to learning and training. Or what does this look like in your organisation? Personal goals Annual goals Annual training Training days Professional development and training days Take the organisational gap analysis, diagnostic tool and work through the questions, because the questions are meant to make you think, and already give you clues as to where you can make some improvements.   It will end with a recommendation and a Free PDF download. In the download, you'll find a special link to a free 30-minutes strategy session with me to discuss your results and your way forward. Next steps:  1. Navigate to https://www.womenoffaithinleadership.com where you can: Join the community of like-minded female Christian leaders. This is where I will be hanging out if I'm not on the podcast chatting to you all. Come share and support each other here.  Subscribe to my newsletter so you can stay up to date with all upcoming episodes and any other exclusive or special offers. 2. If you need any support, you can get in contact with me for a 1:1 coaching session. Just email me at support@rikawhelan.com 3. Connect with me on LinkedIn: https://www.linkedin.com/in/rikawhelan

Free Diagnostic Tool Take our free Organisational Gap Analysis today and identify the gaps in your organisation and leadership regarding healthy work environments. ______________________ Let's discuss a healthy workplace environment. Let's flip the coin and look at the positive today. These 6 characteristics were developed through lived experience and my conversations with others. If even one of these areas is out of whack, you'll notice something isn't quite right. 1. Systems What systems do you have in place to ensure a healthy work environment? Having a healthy work environment is not all about how people feel. It's about the structures you put in place to support them to do their jobs properly. Think about your: Interviews Onboarding Job descriptions Probation periods Policies and Procedures (SOP's) Performance management Resignation process and period (how are people treated during these periods) Communication methods Client management Staff management (HR) Are these updated regularly or are they old and outdated, so no one uses them? Systems form the foundation of any business, no matter how big or how small. Without effective and efficient systems, you are setting yourself and your employees up for failure. Activity: Audit your systems, decide what needs updating! The free diagnostic tool will also give you suggestions on what you can do to make improvements. 2. Expectations What are the expectations of employees, leadership team, heads of departments, the CEO, etc? Are there any? How is this communicated? When is it communicated? How often is it communicated? Are staff expected to stay up to date with expectations with no communication from anyone? How are staff expected to give their best, if they don't know what is expected of them? Again, you are setting your employees up for failure if you fail to communicate. Suggestions: Verbal and in writing, why because of various learning styles. Some people learn or understand better with verbal, some with writing, some need both. If you've had a conversation with someone, follow it up with an email, always! Get them to reply back to say they acknowledge it. Activity: Audit the expectations in your workplace. Take the free organisational gap analysis (diagnostic tool) and find out how you score. 3. Staff Performance How are staff performance measured? Is it measured at all? Are there annual performance reviews and what is this measured against? Are staff given the opportunity to work towards an annual goal that they have chosen, something that will be motivating to them to want to achieve. Are they rewarded for exceptional performance? Here we're looking at the positive and the constructive or even the negative. What happens to a staff member if they stay performing poorly, or even have a behavioural problem? What the processes (they systems!) that you have in place to manage this. Or, will you also fall into the category where there is no process and the employee, gets away with their behaviour and makes it into a toxic workplace for everyone else If staff performance isn't managed, then the performance, will essentially manage the business. You are only as strong as your weakest link! So, what are you doing about that weakest link? Activity: Audit your current performance evaluation practices. Score yourself using the organisational gap analysis.  Free Diagnostic Tool Take our free Organisational Gap Analysis today and identify the gaps in your organisation and leadership when it comes to healthy work environments. Next steps:  1. Navigate to https://www.womenoffaithinleadership.com where you can: Join the community of like-minded female Christian leaders. This is where I will be hanging out if I'm not on the podcast chatting to you all. Come share and support each other here.  Subscribe to my newsletter so you can stay up to date with all upcoming episodes and any other exclusive or special offers. 2. If you need any support, you can get in contact with me for a 1:1 coaching session. Just email me at support@rikawhelan.com 3. Connect with me on LinkedIn: https://www.linkedin.com/in/rikawhelan

Data Centres could be considered the powerhouse of thousands of businesses globally.  Long gone are the days of small physical servers being housed on-site, instead we rely on data centres to keep all our critical data safe and secure. But how do we know they are doing just that? Many hold certifications to security-based Standards such as SOC 2 or NIST to display their commitment to data security. However, many also hold various ISO certifications that cover other aspects of the business outside of information security. Today Steph Churchman, Communications Manager at Blackmores, will be sharing the top ISO Standard trends within the UK Data Centre industry. You'll learn ·      Why did we look into the Data Centre industry specifically? ·      What are the top 5 ISO Standard Trends in Data Centres? ·      Why are these ISO Standards essential for Data Centres? ·      Other commonly adopted ISO Standards within the data centre space   Resources ·      Isologyhub ·      ISO 27001:2022 Transition Gameplan   In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:25] Episode summary: We'll be taking a look at the top ISO Standard Trends within the UK Data Centre Industry [02:30] Why did we look into the Data Centre industry specifically? – In the mid 2010's, we noticed an influx in enquiries from Data Centres in regard to Implementation of ISO Standards. That prompted a research project that led to Blackmores working with some of the top UK Data Centres. Now in 2023 and 2024 we're starting to see a similar push for ISO Standards within the same industry. So, we revived the project to get a grasp on the modern ISO landscape, and took a look at the top 100 Data Centres within the UK. [03:34] #1: ISO 27001 Information Security – Out of the 100 data centres sampled 72% of them were certified to ISO 27001. Security is of upmost importance to data centres, and the great thing about ISO 27001 is that it considers security for not only the digital environment, but also for people and physical security. This Standard is also, in most cases, a stakeholder requirement. Certification to ISO 27001 indicates that you're adhering to best practice in information security, and through the creation of an ISO 27001 compliant Management system, you will have documentation in place such as an information security policy and data retention policy, that often get requested by potential clients. If you'd like to learn more about the Implementation process for ISO 27001, we've got a helpful 3-part podcast series that summarises the entire process from Gap Analysis to Assessment preparation. anyone currently certified to ISO 27001:2013 that you have just over 1 more year to complete your transition to ISO 27001:2022. If you don't do so by October 31st 2025, you'll risk losing your ISO 27001 certification. That's not the only reason you should be transitioning though. The new version of the Standard includes 11 new controls, which cover some newer technologies which really weren't around when the 2013 version was published. So regardless of the risk of losing your certification, it's in your best interest to ensure that you're adhering to the latest version. If this is all news to you, then you can also go back and check out episodes 128 through to 133. This was a little mini-series we did to summarise the key changes to ISO 27001 and what actions you need to take to transition. We also have a Transition Gameplan available on the isologyhub if you'd like a more guided approach, including document templates and training videos covering those new controls. [06:25] #2: ISO 9001 Quality Management – The Quality Management Standard is as popular as ever, even within the data centre space, with 51% of the 100 sampled data centres being certified. ISO 9001 is considered the leading ‘Quality mark' for businesses and is often the starting point for many diving into the world of ISO implementation. ISO 9001 creates a well-rounded base Management system to help you manage your risks and opportunities, as well as ensuring you drive a culture of continual Improvement. Its guidance can help you establish your core policies, processes and procedures to ensure everyone is singing from the same song sheet. The fact that this one is popular among data centres isn't too much of a surprise, it's a universally adopted Standard that isn't limited by industry or organisational size. Currently, there are over 1 million ISO 9001 certificates issued worldwide, and that trend shows no signs of slowing down. [08:25] #3 ISO 14001 Environmental Management  – A surprising 25% of the sampled data centres were certified to ISO 14001. From an objective point of view, it makes sense for data centres to consider their environmental footprint. But a lot of that would fall under energy usage rather than just general environmental management, so this likely means it's mainly driven by stakeholder requirements. ISO 14001 is being requested more and more for the likes of large Government contracts, so If you want a chance at bidding for these, ISO 14001 is a must. Now don't get me wrong, I'm sure a lot of data centres have implemented this Standard in an earnest effort to monitor and measure their impact holistically. After all ISO 14001 asks businesses to consider how they can prevent environmental impacts such as pollution and degradation of nature. And the additional guidance provides some helpful starting points for those that may not be sure where to start, for example making commitments to recycling, protection of biodiversity and climate change mitigation. For data centres specifically, this may come into effect when we think of the amount of electronic waste that they could potentially produce. Obviously, this can't just be thrown out in a standard green lidded bin, it'll need to be taken to a dedicated electronic waste facility for processing, disposal and recycling. Racking, shelving and cables will all also need to be replaced at some point, and it's up to each data centre to ensure they have the appropriate processes and policies to ensure this is done correctly and more importantly legally, which again, is where ISO 14001 can help put those frameworks in place. [10:30] Join the isologyhub and get access to limitless ISO resources  – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [12:45] #4: ISO 50001 Energy Management – With just 13% of the 100 sampled data centres certified! This one is a shocker because, typically, data centres highest cost is in relation to their energy usage. They require enormous amounts of energy to keep their facilities running and to cool down their equipment 24/7. Which I imagine they'd be quite keen to reduce if only to save on running costs. This is where ISO 50001 can come in, to help create a structured approach to effectively monitor that energy usage, so you can identify key trends and opportunities to reduce overall energy consumption, which in turn will save a lot of money. With a healthier proportion being certified to ISO 14001, it seems a shame that so many are missing out on the additional benefits that ISO 50001 can bring, especially when it can very easily be integrated with ISO 14001. In fact, if you're already certified to ISO 14001, then you've already done half the work to implement ISO 50001. Both frameworks are based on that Annex SL format, and both have a lot in common in terms of what documentation is required. It can also help with compliance with some UK and EU based energy initiatives. For example, here in the UK we have ESOS (The Energy Savings Opportunities Scheme) which applies to large organisations that fit within its criteria. They're usually required to provide a report once every 4 years, however as of 2023, Phase 3 now requires organisations to provide an Energy Action Plan which details what actions they plan to take to reduce their energy consumption. There are likely a few data centres that would fall into ESOS's criteria, and if you're sick of going through the ESOS song and dance every few years, then ISO 50001 may be the answer for you, as being certified means that you're going above and beyond ESOS's requirements and will be considered compliant. Meaning no more pesky reporting, or having to locate an ESOS assessor to sign off on those reports. [15:10] #5 ISO 22301 Business Continuity Management – With 12% of the 100 sampled data centres being certified. ISO 22301 is the Standard for Business Continuity, and provides a basis for planning to ensure your long-term survivability following a disruptive event. That 12% may not be truly reflective of all the data centres that have business continuity plans in place however, as according to a recent Business Continuity institute survey, 56% of surveyed businesses use ISO 22301 as a framework but aren't certified to it. There will be a fair few data centres in our sample list that fall under that category. Why should this Standard be a priority for Data Centres? Well, the answer should be simple, if a disaster were to knock out a data centre, that has a massive knock-on effect. Many house servers used by hundreds if not thousands of businesses and users. If they're unable to provide services, that will in-turn cause multiple other businesses to grind to a halt. The true cause of failures at data centres can be many things such as hardware failure, human error or a disaster such as flooding or fires. However, the advantage of utilising ISO 22301 is the ability to be able to effectively deal with these incidents and restore services, which is essential for an industry which is quite literally the powerhouse for millions of other business and people. If you fail to plan, you plan to fail Having a robust business continuity plan should be a top priority for any business, especially data centres, seeing as so many rely on them to keep their own services running. Even if you don't want to go through the full certification process, it's worth grabbing a copy of the Standard, as it provides a lot of helpful guidance. If you'd like to learn more about ISO 22301 in general, go back and check out episode 42 where we go over the Standard in more detail and it's many benefits. [17:45] Runner up: ISO 20000 Service Management – Saw 11% of our sample data centres certified to this Standard. This actually used to be known specifically as the IT Service Management Standard, so that probably clues you into why this would be adopted by many with in tech spaces. However, it truly is applicable to any business offering services. The aim of ISO 20000 is to provide a framework for an effective end-to-end service management system which encompasses the entire lifecycle of a service from concept and design, through to service removal and end-of-life. [18:55] Runner up: ISO 27017 information security controls for cloud services – With just 5% of our sampled Data Centres certified. This one is fairly self explanatory in it's relation to data centres, which operate solely on cloud based services. This Standard was introduced after the 2013 version of ISO 27001 was published, as the main standard didn't really address cloud security controls specifically. Mostly because cloud computing and its related security weren't as widely adopted as they are now. So ISO 27017 was created to try and bridge those gaps. In the latest 2022 version of ISO 27001, there's now a new control for cloud security. So, we may see less interest in ISO 27017 certification going forward. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Working towards a sustainable future is going to require a joint effort from everyone if we're to reach our 2030 and 2050 targets.  Several initiatives have come out in recent years to try and address one of our biggest challenges, energy consumption. Many of us in the UK will be familiar with ESOS (The Energy Savings Opportunities Scheme), which involves regular reporting from those that fit its criteria. It's also recently updated to include a stipulation to include an ESOS Energy Plan, which requires you to detail a route to reduce your energy consumption. However, many businesses would prefer a more consistent approach to energy management, such as today's guest – Daisy Corporate Services. Today Mel is joined by Damian Edwards, ISO Standards Manager at Daisy Corporate Services, to discuss why they Implemented ISO 50001, what they've learned from the experience and the benefits gained from implementing an Energy Management System You'll learn ·      Who is Damian and who are Daisy Corporate Services? ·      Why did they decide to Implement ISO 50001? ·      What was the biggest gap identified during their Gap Analysis? ·      What lessons did they learn from Implementing ISO 50001? ·      What benefits did they gain from ISO 50001 certification?   Resources ·      Isologyhub ·     Daisy Corporate Services ·     Daisy Corporate Services ESG   In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:30] Episode summary: Mel is joined by guest Damian Edwards, ISO Standards Manager at Daisy Corporate Services, to discuss their journey towards ISO 50001 certification. Daisy are not strangers to ISO Standards, already having achieved: ISO 9001, ISO 14001, ISO 27001, ISO 45001, ISO 20000 and ISO 22301! They have also recently won the Sustainability and Tech Awards 2024 and the Green Shoots Awards too. [04:15] Who is Damian Edwards? – Damian has worked at Daisy as their ISO Standards Manager for the past year. A little known fact about Damian: He listens to classical music as a way to focus. [05:25] Who are Daisy Corporate Services? – The are primarily a provider of IT and Communications. They currently supply a range of services including: ·      Unified Communications ·      Connectivity ·      Modern Workplace ·      Cyber Security ·      Cloud services ·      Managed Services ·      Operational Resilience [06:25] What were the main drivers behind obtaining ISO 50001 Certification? – In addition to the office spaces Daisy controls, they also have a number of data centres, which use massive amounts of energy. Finding ways to monitor, measure and potentially reduce that energy use, and subsequently cost, was essential.  The second main driver is mainly for commercial reasons. Without Standards like ISO 50001, you can't bid for larger contracts or Government frameworks. [08:30] Daisy's commitment to ESG  – Daisy have a made a solid commitment to ESG, explained further on their website as they break it down into 10 key focus areas. Energy Management is one of the logical steps to tackle reducing carbon emissions. Data centres can be very inefficient, so being able to consistently monitor, measure and improve their energy consumption is a key part of tackling some of their ESG related goals. Also being certified means you have the certificate to back up your claims. It's not you just making a statement, it has to be verified by a third-party. [10:30] How long did it take to Implement ISO 50001? – It took between 8 – 11 months. For a Standard like ISO 50001, it's important to do it properly. Some organisations may request it in 6 months, but for larger organisations, that would be a tough ask, and you run the risk of rushing into certification without having those processes embedded in. [11:45] Did having existing ISO Standards make the process smoother? – Yes, as it was a case of integrating ISO 50001 with our existing systems rather than starting from scratch. Though, having so many ISO's can water the message down a bit, to combat that we've got a single statement that gets across everything you need to know about Daisy. [12:55] What was the biggest gap identified during the Gap Analysis? – Because we already have so many ISO's, we can be a bit big headed and say there weren't many gaps at all, however, there were still some things we could do. One of the biggest areas for improvement was Clause 7, Documentation, as all ISO Standards have their own required documentation. Another was putting in place a plan for monitoring and measuring our energy usage. We have a Property Director who did do that, but he wasn't really documenting it, so we've put in place some proper processes to help show that we're actively monitoring it, looking at the trends and putting in actions to reduce and improve on that.   [14:55] Join the isologyhub and get access to limitless ISO resources  – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [17:10] Did closing those gaps make a big difference? – We did have a lot of help from Blackmores in order to address those gaps. Out consultant advised us to combine elements of out Management Review with out monthly Team Meetings, as our Director is involved with those, and we avoid another meeting for meeting's sake. We now also produce a pack of all the monitoring and measuring that's done throughout the month, which makes it easy for us to analyse and identify trends in energy use. Any actions from reviewing this are then recorded and followed up on. So, in essence it's just made everything a lot smoother. [19:55] What did Daisy learn from Implementing ISO 50001? – It takes a team to achieve this – you can't do it on your own. You also can't rush it! Another key take away is that the whole project needs to be driven by top management, without all of those elements combined, it's probably not going to work (or be a lot slower and more painful!) It's also really helped with our commitment and messaging around ESG too. So within those monthly Management Review meetings we have a representative from the energy efficiency team, the ESG team and our bids team. They're then all communicating what the customer message is, that they expect of us, in turn they're kept in the loop about our energy usage and related actions and can communicate that outwards. [21:15] What other benefits are there from achieving ISO 50001? – Having our management system verified by a third-party means that we can confidently say we're adhering to best practice. It also just validates that we are doing things correctly! It also means that we can monitor opportunities for improvement. If we identify more gaps in future, we have the processes in place to address them. ISO 50001 has also helped to put some context behind the energy data we're collecting. Thanks to the new processes we can accurately identify key trends and explain why energy usage may be going up and down. [23:25] Damian's top tip – Ensure that your project is driven by top management. They're involvement means it's a lot easier to communicate that message that you're doing the right thing. Also, ISO 50001 helps with your regulatory compliance too. If you're a larger organisation, then you likely have to adhere to schemes like SECR or ESOS. If you're certified to ISO 50001, then you're already complying with both. [24:35] Damian's book recommendation – Beryl in search of Britain's greatest athlete. [26:45] Damian's favorite quotes – “Hard work beats talent when talent doesn't work hard” and “You miss 100% of the shots you don't take.” If you'd like to learn more about Daisy Corporate Services, visit their website. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Send us a Text Message.In this episode of The Social Media Takeaway, I'm excited to share my insightful conversation with Andy Crestodina, a world-renowned AI content marketing speaker, who is also the CMO and co-founder of Orbit Media Studios. With more than twenty years leading the way in digital marketing, Andy is a seasoned expert in using Artificial Intelligence (AI) to enhance and innovate content creation and marketing strategies. Here are amazing key takeaways: AI-Enhanced Content Quality: Explore how AI can be used to dramatically surpass competitor content quality, making every piece more engaging and impactful.Persona-Driven AI Utilization: Discover the benefits of tailoring AI to produce hyper-targeted content that resonates deeply with specific audience profiles, enhancing both relevance and response rates.Gap Analysis through AI: Learn about the strategic use of AI for gap analysis to critically assess and refine content, filling in the missing pieces to meet and exceed audience expectations.AI as a Skills Leveler: Understand how AI democratizes content creation, enabling both novices and experts to efficiently produce high-quality content.Customizing AI for Authenticity: Andy discusses the importance of customizing AI outputs to maintain a brand's unique voice and avoid generic content, thus preserving authenticity and personal touch.This episode offers valuable insights into integrating AI into your strategy effectively. If you want to learn new innovative techniques in how you can use ChatGPT and AI to stand out in a competitive landscape, you won't want to miss this episode! More about Andy: LinkedInWebsiteIf you enjoyed this episode, be sure to subscribe to my podcast because more like this is on the way!If you'd like to book a call to see how I can support you head over to my website here. www.sellonsocialmedia.academy/helloAnd please connect on social media and let me know what you thought of this episode!LinkedInInstagramFacebookFacebook GroupCheck out my 2024 Social Media Content Planner & Guide on Amazon (Amazon UK) (Amazon USA)

This process can be used by individuals to determine their progress whether they are Dynamic or Static in action utilizing various resources effectively to meet expectations. You don't want to live 1/10 of your life and found out you have wasted 9/10 of your life.  Allow curiosity to drive your life. Find out all you can do.  Remember, your personality creates your personal reality. Become conscious of your unconscious behavior.   Catch yourself making the excuses, be aware so that you don't become unconscious to create the same old experiences.Support the showBreaking free from limitations, making a conscious change, shaping our destiny and co-creating our world.

Lori Mazan is a the co-founder, president, and chief coaching officer of Sounding Board, Inc., which offers a tech-driven, human-centric approach to leadership development to customers including Chevron, Sprint, and Citibank. In her new book Leadership Revolution: The Future of Developing Dynamic Leaders - Mazan describes how to develop capabilities in leaders that produce immediate, positive business results. In this episode, Paul an Lori discuss the major findings from her book, and look at how leadership is evolving as work environments transform.Humanity Working is brought to you by BillionMinds - the company that makes employees ready for the Future of Work.BillionMinds helps companies be ready for the future of work by developing adaptable, resilient employees. You can learn more about them on LinkedIn or by visiting billionminds.com.

We have over 18 years experience of implementing various ISO's, covering a wide range of topics such as Quality, Sustainability, Information Security and Risk. With a 100% success rate, we're confident in our consistent approach to implementing ISO's, so much so that we've coined our own unique methodology.   Our regular listeners may be familiar with the term ‘isology' from previous episodes referencing our online platform – the isologyhub. But what is isology exactly? Put simply, isology is our 7-step method for implementing any ISO Standard. Join Mel this week as she breaks down each of the 7 steps, including the planning, creation and review of an ISO Management System. You'll learn ·       Our experience implementing ISO's ·       The origin of isology ·       What is isology? ·       The seven steps of isology   Resources ·       Isologyhub ·       Isology synopsis   In this episode, we talk about: [00:25] Episode Summary – Mel Blackmore will be explaining our world leading methodology to implement any ISO Standard, which we've affectionately named ‘Isology'. [00:45] The creation of isology: We've been implementing ISO Standards for 18 years, starting with ISO 9001 and have since expanded our repertoire to over 20 ISO Standards covering risk, sustainability, quality and Information Security. The creation of the isology methodology has been a team effort from all of the consultants who have worked with Blackmores over the years, and is primarily built on best practice. [01:35] Step 1: Plan – Get a copy of the Standard, determine your scope, timescales, leadership commitment, resources and selecting a Certification Body. Timescales: This is typically around 6 months, but could be longer or shorter depending on your specific requirements. Resources: As an example, if you were looking to obtain ISO 14001 certification, you may need to appoint a sustainability champion. For ISO 27001 you'll need a representative from the IT department. Selecting a Certification Body: Ensure whichever Certification Body you choose is UKAS accredited. You can check this on the UKAS website. International listeners will need to verify on your country's national accreditation body website.   [03:45] Step 2: Discover – Time to understand what you have in place already and what you're missing – this is done through a Gap Analysis. This will often involve an initial meeting with the leadership team to establish what you already have in place, i.e. relevant policies and procedures or any relevant objectives. We break this down step-by-step and document it all in a Gap Analysis, which will deduce your current level of compliance. From this an action plan can be created to indicate what needs to be done to become fully compliant, including assigning roles to assist with the Implementation. [05:30] Step 3: Expose - This is where we look at risks and opportunities related to your desired Standard (both internally and externally). This is typically done through a SWOT (Strengths, Weaknesses, Opportunities and Threats) and PESTLE (Policital, Economic, Social, Technological, Legal and Ethical). In this stage you will also need to understand the key requirements of any relevant stakeholders, so this can include clients, subcontractors, regulatory bodies ect. A Risk Register may be created to capture the findings to be addressed later. Some ISO's require a Risk Register, others don't, but in our experience it's beneficial to have one regardless. Companies are also encouraged to create a Legal Register to keep track of all their statutory, regulatory and contractual requirements. [07:50] Step 4: Create – Time to review the requirements of the Standard in terms of documentation – and create what's needed. This includes capturing your way of working with documented Procedures, so make sure you have the relevant staff involved in their creation. Something to remember, you can have additional policy statements that aren't required by the Standard. If they are important to you, add them in! We're in a modern age now, gone are the days of paper manuals gathering dust on an office shelf. Software and applications may be where the bulk of your Management System documentation lives. For example, at Blackmores we use a combination of Monday.com and SharePoint to manage all of our day-to-day activities, including our own ISO 9001 compliant Management System. The key here is to make your Management System accessible for everyone. [10:20] Step 5: Launch  – Once the Management System has found its home, you need to communicate it. Consider the type of launch you want and who will be involved. Make sure you encourage engagement with the Management System. Why should you Launch your Management System? Quite simply, there isn't much point in having controls in your business if no one knows about them! We have 2 key ways of supporting you with the launch of your Management system: 1)    We can run an awareness session on your Management System either in person or via Teams. It can then be recorded and used as refresher / induction training. 2)    Get access to the isologyhub – out online platform with a suite of over 200 ISO courses, training, tools and templates. [12:15] Step 6: Engage - After the launch you want to ensure that employees are fully engaged and they actually not only are aware of the policies and procedures that you've got in place, but they're actively using them. The only way to verify this is through Internal Audits – that's not just our opinion, that's a mandatory requirement of any ISO Standard. We can assist with conducting these Internal Audits, which double up as a dummy run ahead of your assessment visits. These audits are essentially a show and tell exercise to gather evidence that you're doing what you say your doing. [13:55] Step 7: Review - Time to take a step back and look at what's been achieved and what's been highlighted as areas for improvement through your Internal Audits. This is done at what we call a Management Review. These are typically conducted as meetings, but they don't have to be a meeting specifically. We've done a podcast covering other ways to conduct this review. At this Management Review you will collate data on the performance of your business in relation to the ISO Standard. The minutes must be recorded, as your Assessor will expect to see these as it's a mandatory requirement of any ISO Standard. If you'd like to learn more about what's involved with a Stage 1 and 2 Assessment, go back and listen to a previous episode. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●      Share the ISO Show on Twitter or Linkedin ●      Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

The deadline is looming over the horizon as October 2025 marks end of the validity of ISO 27001:2013 certificates. Have you made a start on your transition journey? If not, you really should make a start in 2024 to ensure you're all set well before that final deadline. The first step is to decide if you want to do it yourself or enlist the help of a professional consultant. For those that want to tackle it yourselves, you're in luck! As we have just the tool to help: The ISO 27001:2022 Transition Gameplan. In this weeks' episode, Steph Churchman, Communications Manager at Blackmores, explains why you need to transition to the 2022 version of the Standard and outlines the 7-step ISO 27001:2022 Transition Gameplan available on the isologyhub. You'll learn ·       Why do you need to transition to ISO 27001:2022? ·       What happens if you don't transition? ·       What is the ISO 27001:2022 Transition Gameplan? ·       An overview of the 7-step Gameplan   Resources ·       Isologyhub ·       ISO 27001 Transition Gameplan   In this episode, we talk about: [00:25] A different host – Steph Churchman, Communications Manager at Blackmores, steps in to cover today's episode. She's heavily involved with the development and updating of the isologyhub, and will be explaining one of the latest Gameplan's: The ISO 27001:2022 Transition Gameplan [01:15] Why do you need to transition to ISO 27001:2022? The October 2025 deadline is fast approaching, so you really should be making a start in 2024 if you've not already. [01:45] Who needs to transition to ISO 27001:2022? – Basically, anyone who is currently certified under ISO 27001:2013 will have to transition to the updated Standard. One of the main reasons why we recommend getting a head start on this is , Certification Bodies will undoubtedly have a large demand for transition audits in 2025, when everyone's rushing to get it done last minute. This results in a shortage of resources from the CB's,  and you may end up struggling to get booked in time. [02:35] What happens if you don't transition in time? – The harsh truth is you will lose your ISO 27001 certification. This then means you'll be required to go through another Stage 1 and 2 Assessment against the latest version of ISO 27001, which can be costly. Another key reason is the latest version of ISO 27001 also considers a lot of new technologies that weren't around back when the last version was published. You can imagine now that there are a lot more cybersecurity risks to consider with all the latest technology that has been released in that time. Put simply, it's for the benefit of your Information Security to ensure you are adhering to the most recent best practice Standards. [03:40] What is the ISO 27001:2022 Transition Gameplan? This Gameplan will walk you through the stages of transition, which align to our proven isology® approach. Isology being our methodology for implementing any ISO Standard, based on our 18+ years of experience. In this Gameplan we provide training videos on the changes to ISO 27001, along with specific training videos covering each of the new Annex A controls that you will need to be familiar with, along with templates and workbooks to take you through the process from beginning to end.  [04:20] Step 1: Plan – Before you begin on your journey, it's advised to understand the main changes to the standard. We've summarised the high-level changes in a previous podcast, and included a quick summary in the first step of the Gameplan. In this first step, you'll also find guidance on how to prepare for your Certification Body visit. You really do need to do this early on to help establish a realistic timeline to complete your transition work. [04:55] Step 2: Discover  – At this stage, you need to get to grips with the changes to the Standard. There have been a number of controls changed, and 11 completely new ones added. We did cover a select few of these new controls in a few previous podcasts: #111, #112, #113, #114 In this Discover step we provide a number of awareness videos to explore these new controls and changes in detail, including how they may apply to your business. We've also included a downloadable PDF guide to these changes, in case you'd like to share this information internally. [05:40] Step 3: Expose - In this step we've included an ISO 27001:2022 transition workbook, which will act as a guide for all your transition activities. The first being the conducting of a Gap Analysis against the latest version of the Standard. After completing this, you will have a much better idea of where your main gaps and vulnerabilities are, so you can start putting the necessary controls in place to ensure compliance with ISO 27001:2022. We've also included a summary of the main Management System documentation that will need to be updated ahead of your transition visit. [06:20] Step 4: Create - This is the step where you will be implementing those changes as a result of your Gap Analysis. This will also be guided by that workbook, and we have provided some additional templates and resources to aid you. These include: ·       A Statement of Applicability Template ·       Annex A Control Mapping ·       ISO 27001 Management Review Template [07:15] Step 5: Launch – It's not just about updating your documentation, you will obviously need to communicate these changes to the wider business. In this step we go over a few options for your launch plan – including guidance for both a soft launch and an all-in launch. To help you decide which one would be the best fit for you, we've included a full summary of each method in addition to a pro's and con's list for each. [08:30] Step 6: Engage – The last stages are all about gathering evidence of compliance against new and updated clauses and controls. In this step we provide some insight into what's required from your Internal Audits and Management Review ahead of your transition visit. If you wanted to get some more tips on carrying out internal Audits within your business – we also offer a full Internal Auditor course on the hub that covers the core skills needed to complete those. If you become a member of the hub, you'll get access to our whole library of resources – which includes a wealth of ISO related tools, templates and training videos. [09:20] Step 7: Review – This last step will help you prepare for the transition visit with your certification body. We touch on what you should expect from your Certification Body ahead of the transition visit, and include guidance on carrying out a final Document and evidence check to make sure you're all good to go. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●      Share the ISO Show on Twitter or Linkedin ●      Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Permission to Be Free to Be with Omozua IsiramenOmozua and I have known each other over the course of our entrepreneurial journey and we have seen the resistance in our clients and ourselves. In a recent conversation we decided to dissect what it takes for 'us' to have permission to be free!She breaks down:15:00 what fear looks like in the brain and how to reroute and extinguish it. 25:15 How love looks in the brain and how to increase more of itAlthough we are specifically talking to women of African Diaspora even if you are not a woman or of African Diaspora this episode is your permission to be free!The science of thoughts:Is it resourceful or non resourceful?Before caring what anyone thinks about you and reflecting on what you think about you?Empowering or diminishing thoughts?Omozua Isiramen is a certified Neuroscience Transformation and High-Performance Specialist who helps Ambitious and Self-led Leaders Accelerate Their Careers By Decoding Their Unique Brain Signature Without Relying On Outdated Strategies So They Get Results Within 90 Days and elevate their personal and professional lives in all areas by attaining neuro agility and emotional mastery.She coaches and consults internationally, created the Brainification Program and the Manyoufest Code, and fuses her deep understanding of neuroscience with a burning passion to help individuals and teams develop brain agility and mental flexibility to have a fast, flexible, and focused mind that can learn, think and solve problems quickly and easily.She has spent over 20 years working and helping both women and men live more fulfilled and richer lives. Using proven techniques, tools, skills, years of coaching experience and training, she helps her clients transition from an undesired state A to a desired state B. Her approach is one based on the human first, and is driven to help her clients step out of their comfort or pain zones by understanding their brains - how it serves us in any given situation, navigating their emotions, and to start aiming for the things that truly matter to them with ease and confidence. If you truly need long-lasting change and professional help with gaining clarity, building confidence, or living a fulfilling life; book a Gap Analysis session with her. She will work with you to look specifically at the things that may be undermining your confidence and chart a way forward for you starting from wherever you are in the process.Power Phrase Be CEO of Your Brain, Life, and ResultsOmozua A. Isiramen M.A.Neuroscience Transformation, Neuro Agility & Peak Performance SpecialistWebsite: www.omozua.comLinkedIn: https://www.linkedin.com/in/omozuaisiramen/Cordelia Gaffar, the Ultimate Joy Goddess and CEO of Workout Around My Day Inc. As a bestselling author, speaker, and host of The Free to be Show podcast, Cordelia guides women on a transformative journey. Her unique methodology, The Four Mind Alignment (TM), unveiled in November 2022, empowers women to embrace a Multiorgasmic existence through ancient wisdom. Cordelia's holistic approach, including the Replenish Me (™) process, documented in "Detached Love" (2020), invites women to nurture themselves with food, movement, and sleep. Explore joy, enlightenment, and transformative wisdom with Cordelia on The Free to Be Show!​

Jonathan Crossland, software architect, author, and business owner, joins host Jeff Doolittle for a conversation about the AMMERSE framework of design principles. They start by discussing the agile manifesto as a statement of values, and Jonathan shares his perspective based on his experience as a software developer and business owner. They then explore the three layers of the AMMERSE framework and how they help business and engineering leaders to align their values, thereby improving their ability to collaborate and reach common goals. Brought to you by IEEE Computer Society and IEEE Software magazine.

In this episode of CISO Tradecraft, host G. Mark Hardy guides listeners on how to refresh their cybersecurity strategy. Starting with the essential assessments on the current state of your security, through to the creation of a comprehensive, one-page cyber plan. The discussion covers different approaches to upskilling the workforce, tools utilization, vulnerability management, relevant regulations, and selecting the best solution for your specific needs. The show also includes tips on building a roadmap, creating effective key performance indicators, and validation exercises or trap analysis to ensure the likelihood of success. At the end of the discussion, G. Mark Hardy invites listeners to reach out for any help needed for implementing these strategies. Big Thanks to our Sponsors Risk3Sixty - https://risk3sixty.com/ ISACA Event (10 Jan 2024) With G Mark Hardy https://engage.isaca.org/centralmarylandchapter/events/eventdescription?CalendarEventKey=fe87901b-e80e-471f-94dd-018c12694fd7&CommunityKey=09fbd761-fd3f-4fea-bc56-dab054e25430&Home=%2fcentralmarylandchapter%2fevents%2frecentcommunityeventsdashboard CIO Wisdom Book - https://a.co/d/bmmZEAC Transcripts - https://docs.google.com/document/d/1_bHsRtaRdlRJ9e9XXVh3GU7k3MbBLcHs Chapters 00:00 Introduction 02:21 Building a Tactical and Strategic Plan 02:58 Assessing Your Current Cybersecurity Posture 03:11 Workforce Assessment and Rating 06:31 Understanding Your Cybersecurity Tools 08:29 Performing a Business Requirements Analysis 10:13 Defining the Desired Future State 12:03 Creating a Gap Analysis 14:14 Analyzing Current Options and Building a Roadmap 17:11 Presenting the New Plan to Management 21:36 Recap and Conclusion

The use of AI within business is starting to become more common place. With major applications like Microsoft Teams and Word integrating many new features designed to make our lives easier.  However, we still need to exercise caution with this new technology and consider what we can put in place to mitigate any potential security risks while developing or utilizing it. Which is precisely what today's guest, Monolith, has done. Monolith provide a machine learning program that engineers can adopt to build highly accurate self-learning AI models that instantly predict the performance of systems in a wide variety of operating conditions. In this weeks' episode Mel is joined by Æsc George, Senior Software Engineer at Monolith, to discuss why they have adopted ISO 27001, explain their implementation journey and the benefits of having an Information Security Management System.  You'll learn ·       Who are Monolith AI? ·       What was their main driver behind obtaining ISO 27001? ·       What was the biggest Gap identified in the initial Gap Analysis? ·       What benefits did Monolith AI gain from implementing ISO 27001?   Resources ●      Monolith ●      ISO 27001 Transition Gameplan   In this episode, we talk about: [00:25] An introduction to Monolith and Æsc George – Monolith AI is all about empowering engineers to develop self-learning models from their engineering test data. With this they can develop machine learning models to really accelerate new product introductions and get these new products to market much more quickly, primarily by using these models to accelerate and streamline their testing. They are currently recommended for ISO 27001 certification, and are eagerly awaiting the arrival of their physical certificate. Æsc George is a Senior Software Engineer of this web browser based software. He is also the interim security officer, which is why he was tasked with obtaining ISO 27001. Fun fact about Æsc: He was a proud owner of a colony of 8 rats! He currently takes care of 4 cats, which have access to a plethora of enrichment in his home

In this episode of CyberIntel, VikingCloud Security Consultant Ehab Badawi discusses the benefits of a PCI DSS Gap Analysis in achieving compliance. If you have any questions you want answered on CyberIntel, email us at cyberintel@vikingcloud.com and our experts will be in touch - we may even make it the subject of a future episode! CyberIntel provides a deep dive into the world of cybersecurity and compliance. Hosted by Brian Odian, VikingCloud's Director of Managed Compliance Services APAC, amongst other cybersecurity and compliance expert advisors, we explore the nuances of various compliance standards and the latest in cybersecurity news, trends and threats. New episodes every two weeks! CyberIntel is presented by VikingCloud. VikingCloud is leading the Predict-to-Prevent cybersecurity and compliance company, offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions - faster. VikingCloud is the one-stop partner trusted by 4+ million customers every day to provide the predictive intelligence and competitive edge they need to stay one step ahead of cybersecurity and compliance disruption to their business. 

On this week's episode, Andy and Adam talk about how to think about your conditional access policy design to avoid some common gaps that attackers can take advantage of. ------------------------------------------- Youtube Video Link: https://youtu.be/ULO9oRqJaV4⁠⁠⁠⁠ ------------------------------------------- Documentation: https://danielchronlund.com/2022/01/07/the-attackers-guide-to-azure-ad-conditional-access/ https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/workbook-conditional-access-gap-analyzer https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/workbook-mfa-gaps ---------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threads: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.threads.net/@bluesecuritypodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitch: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.twitch.tv/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Andy Jaw Mastodon: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://infosec.exchange/@ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

Often seen as the poor cousin to ISO 9001, ISO 20000 Service Management largely gets ignored in favor of the more popular Quality Management Standard. To be fair, it's title may have done it a disservice in the past. Being known as the IT Service Management Standard prior to 2018, it was often perceived as only applicable to IT service providers, when in actuality it could be adopted by any business! So, what is ISO 20000 exactly? The aim of the standard is to provide a framework for an effective end-to-end service management system which encompasses the entire lifecycle of a service from concept and design, through to service removal and end-of-life. It's best adopted by businesses who provide a service, particularly those that operate a help / service desk system. In this weeks' episode, Steve Mason joins Mel to discuss what ISO 20000 is, who can use and benefit from the Standard and how it fits in with other more widely adopted ISO Standards. You'll learn ●      What is ISO 20000? ●      Who is ISO 20000 designed for? ●      What are the benefits of ISO 20000? ●      A brief overview of the Standard ●      How ISO 20000 integrates with other ISO Standards   Resources ●      isologyhub ●      ISO 20000   In this episode, we talk about: [00:50] Why are we talking about this Standard? We've had a lot of interest in a few of our informative videos available on YouTube over the past year, with ISO 20000 content constantly ranking in our top 5 most watched videos every month. [01:00]  ISO 20000-1 was previously known as the ‘IT Service Management Standard', but since it's most recent update in 2018, it's simply known as the ‘Service Management Standard' now. [03:10] Why is ISO 20000 one of Steve's favourite Standards? – It takes some of the aspects of quality a step further and actually gives you much clearer detail on how you can improve your management systems. So, if you've got a Service Management System in any way, shape or form, this is the standard to go. It's also one of the easiest standards to audit because there's some very simple questions to ask that can highlight some very obvious weaknesses. This can lead to significant improvement when compared to the likes of ISO 9001. [04:05] What Is ISO 20000? –  ISO20000-1:2018 is a Service Management standard which has evolved from the IT industry and the ITIL Framework for Service Management; but today it can be used in all types of Service Industries particularly where there is a need for a Help Desk / Service Desk system. Some may ask, isn't this what ISO 9001 can do? In short, no. ISO 9001 will give you a bare framework of how to create a Quality Management System, but it won't give you the fundamental details of how to improve that Service Management System, and that's where ISO 20000 comes in. [05:39] Who is ISO 20000 applicable to? – Any business that provides a service, but more specific examples include: IT Service provider, call centres, gas / electricity providers, retail ect. [07:15] A high level overview of ISO 20000 – This Standard follows the Standard structure that many other ISO Standards follow. The first 3 clauses are all informative, starting from clause 4 we have: ·       4.0 Context of the Organisation ·       5.0 Leadership ·       6.0 Planning ·       7.0 Support of Service Management System ·       8.0 Operation of the Service Management System ·       9.0 Performance Evaluation ·       10.0 Improvement Clause 8.0 is where ISO 20000 fills in the gaps for other Standards, as it covers topics such as: ·       Service Portfolio ·       Relationship and Agreement ·       Supply and Demand ·       Service Design, Build and Transition ·       Resolution ·       Service Assurance [08:20] Familiar to some – Those in Service Management may recognise some of those terms, but may not use that exact wording. For example ‘relationships and agreements' may be more commonly known as Service Level Agreements and Operating Level Agreements – which can be a business critical area for some. [10:45] What are the benefits of ISO 20000? -  Improve the planning and introduction of services: This standard would help you understand what it is you need to do to introduce that new service, go through the planning, testing through a proper change management system and launch through a release and deployment management system. SLA's and OLA's - Achieve Service Level Agreements (SLAs) and Operating Level Agreements (OLAs) will be achieved consistently month on month. Reduce Stress - It will help to reduce employee stress as service request, incident and problem queues become manageable. Knowledge articles can be created to document incidents and solutions for future reference. Improved quality of service through continual improvement gained from Incidents and Problem fixes resulting in both time and financial savings. [12:30] ISO 20000 to the rescue -  Steve recounts an experience he had at a company that had an outstanding issue ticket queue of 800. With the introduction of elements of ISO 20000, they we able to reduce this ludicrous amount down to 30! [14:05] A top recommendation -  We'd highly recommend that you consider doing a Gap Analysis against ISO 20000. Even if you have no plans to implement it, you can still benefit from the findings. [14:40] Further resources -  You can purchase the Standard directly from the ISO website. We also have a number of short courses covering specific clauses in ISO 20000, available in the isologyhub. [15:55] How does ISO 20000 fit in with other ISO Standards?-  ISO20000-1:2018 has now been remodelled using the High Level Standard (HLS) framework so that clauses 4 to 7 and 9 to 10 can all be interconnected with only minor differences due to the nature of each standard. Essentially, if you already have ISO9001:2015 or ISO27001:2013 most of the framework for ISO20000-1:2018 will have already been done; all that would be required is to address the service aspects in those six clause before tackling the main work in clause 8. [18:20] Business Continuity -  ISO 20000 specifies a section on ‘service continuity management' which can neatly slot in with ISO 22301 – the Standard for Business Continuity. While ISO 22301 focuses on the bigger picture, the ISO 20000 element focuses on how a service can continue for a customer during an incident or accident occurring. We'd love to hear your views and comments about the ISO Show, here's how: ●      Share the ISO Show on Twitter or Linkedin ●      Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

In this episode, Brett and I discuss the Risk Management Gap Analysis - what it is, how you go about it, what are the key focus areas and why all organisations need to do it periodically.The key takeaway is that this is not putting a specific risk under the microscope but actually reviewing the Risk Management Program itself and comparing how its performing compared to the ambitions you set for the program.If you aren't achieving all you were hoping to out of your Risk Management Program, this is the episode for you!As always, we welcome your feedback on the episode, the podcast generally or on broader risk topics that you'd like us to discuss in the program.Thanks for listening - enjoy the episode!Contact ABM Risk Partnership to optimise your risk management approach: email us: info@abmrisk.com.au Tweet us at @4RiskCme Visit our LinkedIn page https://www.linkedin.com/company/18394064/admin/ Thanks for listening to the show and please keep your guest suggestions coming!

Quality and environmental management are top priorities for many organisations, backed up by the increasing number of ISO 9001 and ISO 14001 certificates being issued every year. Aside from being a popular requirement on tenders, ISO 9001 and ISO 14001 provide a robust framework for businesses to ensure they follow Best Practice, enhance their businesses performance and put measures in place to reduce their environmental impact. We often see these two Standards being implemented in tandem, as is the case with todays' guest, Asynt. Asynt is a global provider of world leading technologies and services for scientific research, developed by chemists for chemists, their laboratory equipment responds to the real demands of industry and academia across the globe. Today we welcome Siobhan Ellwood, Sales Support at Asynt, as she explains their journey towards ISO 9001 Implementation, and how they embedded ISO 14001 along the way using our online learning platform – the isologyhub. You'll learn ●      Who are Asynt? ●      How did Siobhan get involved with ISO Standards? ●      What was Asynt's main driver for obtaining ISO 9001 and ISO 14001? ●      What did Asynt learn while implementing ISO 9001 and ISO 14001? ●      Siobhan's experience using the isologyhub to implement ISO 14001   Resources ●      Asynt ●      ISO 9001 ●      ISO 14001 ●      isologyhub   In this episode, we talk about: [00:55] An Introduction to Asynt - A global provider of world leading technologies and services for scientific research. Based just outside of Ely in Cambridgeshire, they just celebrated 20 years in business! [02:10] Siobhan's role and how she got involved with ISO Standards: Siobhan is the Sales Support Manager for Asynt, she assist with raising quotations, managing sales orders and providing support for the warehouse. In January 2023, 3 members of the Asynt Team were tasked with researching and obtaining ISO 9001, with a view to adopt ISO 14001 later on. Siobhan had experience working with Quality Standards thanks to her previous work in aviation and automotive companies, and had even previously implemented the Standard. Naturally, she was a perfect fit to head the ISO 9001 and ISO 14001 project at Asynt. [05:40] What did Siobhan enjoy most about Implementing ISO Standards? Initially, realising that she had a lot more knowledge about ISO than she gave herself credit for. Also, making use of the 5 Why's to identify where something has gone wrong, implement a solution and preventing it from recurring. [06:40] What were the main drivers behind Implementing ISO 9001 and ISO 14001?: For ISO 9001 – Top Management saw the need to have proper procedures in place, to ensure that everything was written down and could be communicated and conducted by other staff if needed. Ultimately, they wanted a cohesive system where everything, included roles and responsibilities, were documented and managed. For ISO 14001 – Customers often ask for ISO 9001, but ISO 14001 was also starting to pop up in conversation more. Top Management at Asynt wanted to get ahead of the curve and make the move towards becoming more environmentally friendly. It was also seen as a stepping stone towards being in a position to calculate their Carbon Footprint and make further improvements. [09:50] The ISO 14001 Coaching Programme – Asynt were one of the first companies to go through our ISO Coaching Programme, hosted via the isologyhub. This programme combined the DIY digital platform with group coaching sessions, allowing all participants to work collaboratively towards creating their own Environmental Management System.   [10:20] Siobhan's experience with the ISO 14001 Coaching Programme:  Overall Siobhan had a very positive experience in the coaching programme, a few highlights include: Sharing ideas: Other participants come from a wide range of industries, and each brought their own unique ideas to the table, encouraging others to look at things from many different points of view. Support: If another participant is struggling with something, there is a group of people to support and provide possible solutions. Siobhan gave an example of where she provided an Excel guide to another member who was looking for a solution. Resources: Siobhan had previous experience with implementing ISO Standards, so she was aware of what type of documentation was required. She found the resources on the hub useful to refer to outside of coaching sessions, to enhance Asynt's own ISO Standard Implementation.   [12:20] What was the biggest Gap identified during Asynt's Gap Analysis? Mostly it was the lack of documentation, which required a lot of work to get everything written down in cohesive processes and procedures. For ISO 14001, Asynt are fortunate enough to own the buildings that they operate in. So, gathering the initial information required where potential energy and environmental improvements could be made was fairly easy. [15:00] What differences did Asynt see after addressing the identified gaps? For ISO 14001 – Some elements were already in place (recycling waste ect), but weren't being monitored in any meaningful way. Now Siobhan has got processes in place to ensure the recycling is being separated correctly and weighed so they can properly gauge their impact. For ISO 9001 – It was the introduction of the 5 Why's, which Asynt have used to great effect to identify problems and implement solutions. An example of this can be found in their warehouse, lanes and shelves weren't labelled, causing confusion. It was a quick fix that could have been implemented years ago, but the 5 Why's forced a much needed change. [18:00] What did Siobhan learn from the experience of Implementing ISO 9001 and ISO 14001?  Integrating a Management System can save on a lot of paperwork! Initially the plan was to have just an ISO 9001 System, with ISO 14001 implemented at a later date. Going through the process of Implementing them as the same time highlighted how much easier it would be to combine them, thanks in part to how many elements overlap between the two. It also makes the system a lot easier to interact with, having everything in one place rather than spread between two separate systems means staff don't have to waste time digging for policies and Procedures. [20:00] Certification plans: Asynt are well on their way towards ISO 9001 and ISO 14001 certification with their Stage 1 in October and Stage 2 in November 2023. With just under 2 months before the Stage 1, Siobhan plans to continue working through some opportunities for Improvement, raised by Blackmores in some recent Internal Audits. [21:41] Siobhan's top tip: Trust in the process and make sure that you have the right person in your business to lead the ISO project. Also being open to change, being honest with yourself about where the gaps are and trying to get those closed but also manage expectations within the business. [23:50] Siobhan's book recommendation:  Salt path by Raynor Winn. [26:05] Siobhan's favorite quote: “Personal growth is not a matter of learning new information, but unlearning old limits” – Alan Cohen If you'd like to learn more about Asynt check out their website! We'd love to hear your views and comments about the ISO Show, here's how: ●      Share the ISO Show on Twitter or Linkedin ●      Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

The UK events industry accounts for 35% of the UK visitor economy and is estimated to be worth £42 billion, yet it is still incredibly wasteful, with 68% of waste going directly to landfill. Haymarket Media Group is a global media data and information company, who offer a wide range of digital print, tech and live event services. Haymarket UK had been certified to ISO 14001 (Environmental Management) and ISO 50001 (Energy Management) for a few years prior to 2019, covering most aspects of their business from a sustainability point of view. However, their live events still had many sustainability opportunities that were not being taken into consideration by their existing certifications. So, in early 2022 they embarked on their journey to gain ISO 20121 (Sustainable Event Management) certification.  Today, Gary Charlton and Natalie Harris from Haymarket join Mel to discuss exactly why they added ISO 20121 to their portfolio, the challenges faced with Implementing the Standard, and the benefits gained from certification. You'll learn ●      Who are Haymarket? ●      What is ISO 20121 Sustainable Event Management? ●      Why did Haymarket choose to Implement ISO 20121? ●      What challenges did they face? ●      What are the benefits of ISO 20121?   Resources ●      Haymarket Media ●      ISO 20121 ●      isologyhub   In this episode, we talk about: [00:50] An Introduction to Haymarket Media Group - A global media data and information company, with offices in the UK, US, Germany, India and Asia. They produce live events (including award ceremonies, conferences and exhibitions), digital print, education data and tech services. [02:25] Gary Charlton is the Head of Procurement for the UK -  Part of his role includes supporting the Haymarket approach towards sustainability, to ensure their products and services are as environmentally and socially sustainable as possible. [02:45] Natalie Harris is the Procurement Executive at Haymarket – A lot of her role revolves around live events in addition to purchasing our products and services. Additionally, she advises the wider team on buying legally, sustainably and ethically. Both Natalie and Gary form a team, and were the main driving force behind the creation of their Sustainable Event Management System. [03:40] What is ISO 20121?: ISO 20121 was launched for, and named after, the 2012 Olympics, making it the worlds first sustainable Olympics!  The Standard provides a framework for managing events sustainably, that includes having the policies, procedures, registers and records to demonstrate that the events are being run in a sustainable manner. Being certified indicates that a company is not just paying lip service to sustainability, it's actually practicing what they preach. If you'd like to learn more about ISO 20121, go back and listen to episode 38. [05:30] What was the main driver behind Haymarket achieving ISO 20121?: Haymarket first contacted Blackmores about assisting with ISO 20121 Implementation in 2019. At the time, they were already certified to ISO 14001 and ISO 50001, so they understood the benefits that came with ISO certifications - including the framework to start making better decisions and accurately measure what you're doing. Their head of facilities had started the process of evaluating other areas they could improve with ISO Standards, particularly around sustainability. Live events are a large service offering for Haymarket, which has a significant environmental footprint, so a case was put forward for the benefits if reducing that impact with the help of ISO 20121. The team running their live events were very positive about the potential benefits presented, and the go ahead was given. [07:20] Sustainability is central to how Haymarket wants to operate – Implementing ISO 20121 would ensure that there was more standardisation across their processes. This would introduce some uniformity that could apply to all types of events, which was very important to the Live event lead - Donna Murphy. Natalie was in the right place at the right time, already in the position of working in collaboration with Haymarket's Live events team on sustainable procurement, ensuring that due diligence was followed with suppliers and their accreditations. So, it was a no-brainer getting her on board with the ISO 20121 project! [09:30] How long did it take to implement ISO 20121?:  Haymarket engaged in Blackmores services in February 2022 and were accredited by July 2023. In total, it took 18 months for the planning, creation and development ahead of the assessment. They ensured the system was refined to ensure it worked efficiently, encouraging continual improvement and a harmonious approach for the whole business. [11:15] Above and beyond: Haymarket received a lot of praise from their Assessor – highlighting their thoroughness, including the involvement of top management and many others within the organisation in the creation of the Management System. Also for ensuring that the system would be applicable for the 4 main types of events that Haymarket runs. [12:00] ISO 20121 requires an audit to be conducted during a live event – So Haymarket had a lot to consider when selecting the event to be audited.   [13:30] Haymarket's key insights on Implementing ISO 20121: #1: The Gap Analysis was an integral part of the process – by highlighting the gaps you can clearly see where improvements can be made. While they may have been a bit crestfallen and daunted by the gaps presented, they came out if knowing they already had around 27% of a Sustainable Event Management system already in place – partly due to their existing certifications.  This soon bumped up to 59% at the half-way checkpoint! This assured them that ISO 20121 was within reach, and simply required at bit of time and effort to achieve. #2 Having leadership involvement and backing – They were quick to involve their live event lead, Donna Murphy, in key decision making and with the roll-out of the Management System. She was instrumental in ensuring the Standard was in place and being followed. [18:45] What were some of the gap identified and how did Haymarket bridge them?  Required documentation – Many ISO standards have required documentation. A lot of times companies do have a lot of it place, but it's simply just not formalised. Natalie highlights that this was the case with a Risk Register. It's not a universal company need to have, but as part of the Procurement Team it's simply a part of who they are and what they do. For live events, they need to do the appropriate health and safety checks, but it wasn't formalised in any way. Thankfully their facilities and environment specialist, who assisted with the existing ISO 14001 and ISO 50001 certifications, was on hand to help with the creation of risk procedures based on procedures from the existing Management System. With this collaborative approach, using elements from the exiting Management System, they created 31 brand new documents consisting of Procedures, Registers, Log and Records that are continuously used, monitored and updated. This new documentation, while a lot of work to create, ultimately helps Haymarket track, measure and set parameter's for continuous Improvement. It ensured they have a really visual system, with a clear view of what needs to be done to run sustainable events.  [23:00] What difference has Implementing ISO 20121 made?: There was a big amount of short-time work for a long term gain. It's not simply a stack of useless documents sitting in a corner, it's a living, breathing system that is injected into the business. The Management system is of benefit to everyone, including those new to Haymarket's team as it provides a structured and standardised approach to sustainable event delivery. It's provided knowledge and helped to develop new skills that will stick with all those that interact with the Management system, whether they stay with Haymarket or move elsewhere. Ultimately, it's all about ensuring they are doing the right thing for the planet. By creating more sustainable events, they are reducing their impact as a whole. [26:00] What is the main achievement from being certified to ISO 20121?: Morale and confidence that they can say they really do practice what they preach. They could hold a mirror up and say, right, we've created this system and we're confident in it – with internal audits conducted by third-parities to confirm they're on the right track with their intended goals. Certification is not the end goal. You have annual Surveillance Audits to check-in, so the system must be a long-term feature in your business, and it must drive continual improvement. [27:50] What top tip would Gary and Natalie give for ISO 20121 Implementation? Gary: Make sure you're resolute in your reasoning for Implementing the standard and the implications of doing so. Also, enlist the help of someone with Implementation experience! Natalie: Don't underestimate the amount of work required. Select someone in-house to manage the project and when / if you can, use external resources such as a consultant to assist. They can also provide unbias, reflective feedback to ensure you're on the right track. [30:10] What's a favorite quote? “The greatest threat to our planet is the belief that someone else will save it” – Robert Swan If you'd like to learn more about Haymarket check out their website! We'd love to hear your views and comments about the ISO Show, here's how: ●      Share the ISO Show on Twitter or Linkedin ●      Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

In this episode of the Duct Tape Marketing Podcast, I'm doing a solo show, and I'm gonna talk about a new tool that we've created, the marketing a gap analysis. This guide will help you understand the complex world of marketing and create a roadmap for success by improving your marketing strategies.  Get your Duct Tape Marketing Gap Analysis.   Learn More About The Agency Intensive Certification: Learn more Take The Marketing Assessment: Marketingassessment.co   This Duct Tape Marketing Podcast episode is brought to you by the HubSpot Podcast Network.

On this episode of Career Chat, Tedi welcomes special guest Beth Batts, Founder & Owner of BB Consulting LLC, located in Grand Rapids, MI.   Tedi and Beth talk about all the incredible services Beth and her team offer at BB Consulting.  Beth shares with us what Change Management, Gap Analysis and Learning Modalities are and how these can assist a business with different strategies that can help them grow.  Beth also shares with us her passion for Neurodiversity and why this is important, helping us to learn how people work.  You can connect with Beth at:Beth Batts, Founder & OwnerBB Consulting, LLCWebsite:  https://www.bb-consultingllc.com/Facebook:  https://www.facebook.com/profile.php?id=100089918557298 LinkedIn:  https://www.linkedin.com/in/beth-batts-b489a514/Phone: (616) 581 6715Email:   beth@bb-consultingllc.comThe opinions and statements made by guests on RTWT Career Chat are/or do not necessarily reflect those of  Career Chat  podcast on the Real Talk Network  Learn more  at:    https://www.teditalks.comThe music used for this podcast was provided by: Funky Logo 12 by TaigaSoundProd.  Check them out at: https://filmmusic.io/song/8045-funky-logo-12.  License (CC BY 4.0): https://filmmusic.io/standard-license.   Artist Website: https://linktr.ee/taigasoundprod.

In this episode ... We interview Brandon Hawkins, Chief Revenue Officer at CFO Hub. CFO Hub solves turnover in accounting departments nationwide and in London. They provide strategic CFOs for M&A and growth companies as well as support for Government contractors large and small. Check out this episode to learn more about CFO Hub, and how offline marketing and networking helped grow a multi-million dollar company. Special offer from the guest: A free GAP Analysis of your accounting infrastructure, data room, and readiness for audit or sale. Contact Brandon at bhawkins@cfohub.com. --- Send in a voice message: https://podcasters.spotify.com/pod/show/rebl-marketing/message

A Requirements Gap Analysis (RGA) can increase your competitive edge and help you win more federal government contracts.Today, Neil McDonnell presents a more advanced training to help small businesses, especially 8(a) firms learn how using a Requirements Gap Analysis (RGA) for better capture management of opportunities. ✅ CAPTURE Management is the process of shaping the technical requirements and acquisition approach on a single opportunity.✅ In today's training, Neil explains –

In this episode of Label Free Podcast, host Deanna Radulescu interviews Ken Paskins, CEO and co-founder of ShiftSpot, an online destination for CEOs and business owners. Paskins shares his journey into entrepreneurship and the services his company offers to help CEOs solve problems and identify areas of opportunity in their companies. The episode also features discussions on human capital and marketing, as well as the importance of accountability and surrounding oneself with experts. Tune in for valuable insights and advice on living label free and achieving success in business. To connect with Ken or to learn more, head to the links below:https://www.theshiftspot.com/ken/https://www.linkedin.com/in/kenpaskins/00:02:49 Takeaway: Leaving corporate can be liberating.00:05:21 Learn from mistakes, plan ahead.00:10:48 Surround yourself with experts.00:15:55 ShiftSpot offers affordable CEO support.00:21:15 Shift Spot offers affordable business solutions.This episode is brought to you by Supapass: For 10 years we've enabled entrepreneurs & content makers to afford the type of technology that previously only big tech platforms like Netflix or Spotify could provide to audiences ...on your own website and app!No coding, tech or design expertise needed. We empower you to keep 100% of your money, share your content on the best technology, and own the relationship with your customers.‍Grow your business, without it costing the earth. Use the code: LFG20 for 20% off at the link ⬇️:https://www.supapass.comAs always thank you for the support, to contact me directly follow the link below:https://www.labelfreepodcast.com​ Stay Healthy, Stay Ready- Deanna Marie Radulescu#podcastguest #labelfreepodcast #supapass

In this episode of Label Free Podcast, host Deanna Radulescu interviews Ken Paskins, CEO and co-founder of ShiftSpot, an online destination for CEOs and business owners. Paskins shares his journey into entrepreneurship and the services his company offers to help CEOs solve problems and identify areas of opportunity in their companies. The episode also features discussions on human capital and marketing, as well as the importance of accountability and surrounding oneself with experts. Tune in for valuable insights and advice on living label free and achieving success in business. To connect with Ken or to learn more, head to the links below:https://www.theshiftspot.com/ken/https://www.linkedin.com/in/kenpaskins/00:02:49 Takeaway: Leaving corporate can be liberating.00:05:21 Learn from mistakes, plan ahead.00:10:48 Surround yourself with experts.00:15:55 ShiftSpot offers affordable CEO support.00:21:15 Shift Spot offers affordable business solutions.This episode is brought to you by Supapass: For 10 years we've enabled entrepreneurs & content makers to afford the type of technology that previously only big tech platforms like Netflix or Spotify could provide to audiences ...on your own website and app!No coding, tech or design expertise needed. We empower you to keep 100% of your money, share your content on the best technology, and own the relationship with your customers.‍Grow your business, without it costing the earth. Use the code: LFG20 for 20% off at the link ⬇️:https://www.supapass.comAs always thank you for the support, to contact me directly follow the link below:https://www.labelfreepodcast.com​ Stay Healthy, Stay Ready- Deanna Marie Radulescu#podcastguest #labelfreepodcast #supapass

This week Ian Truscott stops by the Marketing Studio to join Rockstar CMO Strategy Advisor and former Forrester Research Director Jeff Clark as he shares seven steps for conducting a marketing capability gap analysis. Ian then goes backstage with Riaz Kanani, the Founder and CEO of Radiate B2B who, as you'll hear, has a habit and track record of building and scaling successful businesses, including creating one of the world's largest video advertising networks and as DigitalOxygen building data-centric marketing campaigns before being acquired by Silverpop, a leader in B2B marketing automation, which he scaled internationally, positioning it for acquisition by IBM. Riaz has sat on the DMA email marketing council, has appeared on the BBC, was nominated for Entrepreneur of the Year in 2019 and was recognised in the Top 100 Asian Stars in UK Tech, and now he's on Rockstar CMO FM! Ian and Riaz discuss the challenges of B2B lead generation, the dark funnel, the opportunity for mid-market technology vendors, and his fascination with what we throw into the Rockstar CMO Swimming Pool. Finally, Ian grabs a cocktail in the Rockstar CMO virtual bar with Robert Rose, Chief Troublemaker at The Content Advisory, who, over an unnamed cocktail (CEX in Cleveland?), he wonders if B2B marketing is becoming a bit inadvertently indifferent. Enjoy! The Links The people: Ian Truscott on LinkedIn and Twitter Jeff Clark on LinkedIn and Twitter Riaz Kanani on LinkedIn  Robert Rose on LinkedIn, Twitter and his website As mentioned in this week's episode: Radiate B2B The Dark Funnel - Riaz's article on the Radiate B2B blog Gallup Employee Engagement Survey Robert's article in his Content Marketing Institute column - When Did Your B2B Team Stop Caring Robert's Experience Advisors Community Robert's podcast with Joe Pulizzi This Old Marketing Rockstar CMO: The Beat Newsletter Rockstar CMO on the web, Twitter, and LinkedIn Previous episodes and all show notes: Rockstar CMO FM Track List: Piano Music is by Johnny Easton, shared under a creative commons license We'll be right back by Stienski & Mass Media – on YouTube Mind the Gap by Nabiha – on YouTube Aufstehn by Seeed - on YouTube Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of Keep Up With PACE, Al'Asia Powell, Director of Quality and Patient Safety, Inspira LIFE, outlines the process of preparing for a CMS audit. Her outline consists of a five phased approach a PACE program should follow – (1) complete a gap analysis, (2) create a plan, (3) execution, (4) implementation, and (5) resolution. In addition to audit preparation, Ms. Powell shares insights on creating a strong culture of compliance and effective communication within a PACE team. About our Guest: As Director of Quality and Patient Safety for Inspira LIFE, Al'Asia is responsible for the development and implementation of the annual quality improvement (QI) plan, provides oversight of QI workgroups and communicates quality metrics to regulatory agencies, the board of directors, the Participant Advisory Committee (PAC), providers and other stakeholders. Additionally, she provides oversight for CMS audit engagement activities and participant satisfaction surveys. Al'Asia is a fellow of the Advisory Board, a Certified Professional in Healthcare Quality and completed the LEAN Six Sigma Black Belt course.  Episode Breakdown: Intro: 00:00 – 01:30 • Background in PACE: 01:53 – 3:19 • Role as Director of Quality and Patient Safety: 03:20 – 04:03 •  Culture of Compliance: 05:37 – 12:55 • Phase 1 (Gap Analysis):12: 56 – 16:57 • Phase 2 (Planning): 16:58 – 26:05 • Phase 3 (Execution) 26:06 – 29:18 • Phase 4 (Implementation): 27:19 – 29:02 • Phase 5 (Execution): 29:03 – 32:00 • Creating a Non-Punitive Environment: 32:01 – 33:15 • Continuing Improvement: 33:16 – 38:56 •  Tips for Preparation: 38:57 – 41:19 • Success Story/Inspiration: 41:20 – 44:20 • Rapid Fire Round: 44:26 – 46:58 •  Outro: 46:58 - End  Learn More: careventionhc.com • linkedin.com/company/carevention-healthcare • https://www.inspirahealthnetwork.org/ • https://www.linkedin.com/company/inspira-health-network-life-inc/ 

See the episode resources in the show notes on:https://emjpodcast.com/garret-french-discusses-link-building-link-gap-analysis.Check out more episodes of our SEO Podcast.

The Agile Coach with Vivek and Pabitra chats with Andrej Dzidic, Director of Project Management - Technical at Mastercard. He defines what product management is and how his team sets up strategies with buy-in from engineering leadership.Andrej also shares how he builds teams by performing a gap analysis and prioritizing a potential product manager's communication skills. He talks about mentoring others using prioritization strategies and clarifies that a degree is not needed to enter a product; so be aware that competition is tough but not impossible to break through.HIGHLIGHT QUOTESProduct management is about creating synchronicity - Andrej: "When I think about product management, you really don't have a successful product if you don't meet product market fit, right? So when you're thinking about it initially, you might think, okay, how quickly are we actually pushing things to the market and are we meeting that equilibrium point? But for me, what I really started to care about was predictability. So how in sync are our product managers with our business stakeholders?"Become great at the product by creating your own product - Andrej: "If you've never been a product owner or product manager, go out and build a product. Go and find someone on Fiverr who can do some light work for you that's relatively cheap. Make some wireframes, put together a backlog, and let's see you build a product. I mean, I do it in my free time, so even though I'm working in product, I'm trying to figure out how can I build something so that I can just go work because I love product management." Get to know Andrej and what he's up to:About AndrejConnect with Vivek and Pabitra to find out more about what they're up to:About VivekAbout PabitraAbout The Agile CoachAgile Coach WebsiteIf you enjoy The Agile Coach and are interested in learning more, you can check us out at the link below:LinkedIn: https://www.linkedin.com/company/the-agile-coach-llc

If you're not already part of our ELITE program, you should be! So far, we've helped over 20,000 veterans with our process, and our success rate is unrivaled. There's a reason we have over 1,000 five star reviews! Here are just a few of the benefits of joining our program: ⭐ You'll have an expert Veteran Coach to lead you through the complicated and frustrating VA disability claims process. They'll create a personalized strategy and game plan just for you! ⭐ You'll be welcomed into a fantastic family of fellow veterans and get access to exclusive resources and LIVE daily group classes! ⭐ You'll earn access to heavily discounted rates for nexus letters, and more! Are you Stuck, Frustrated, and Underrated? If you need some help with your VA disability claim, join VA Claims Insider Elite TODAY and get started on your VA disability claim for FREE: https://vaclaimsinsider.com/elite-membership/ ***Audio Timestamps*** ⏩ 00:00 VA Claims Insider Introduction ⏩ 05:20 VA Claims Insider Elite Process ⏩ 10:16 8 Steps Overview ⏩ 15:50 Step 1 - Welcome and Overview ⏩ 17:25 Step 2 - Strategy Session and Gap Analysis ⏩ 19:31 Step 3 - Independent Psych Evaluation + IMO/Nexus ⏩ 21:34 Step 4 - Medical Team Evaluation + IMO/Nexus ⏩ 25:25 Step 5 - Claim Building and Submission ⏩ 27:08 Step 6 - C & P Exam Prep and Coaching ⏩ 28:59 Step 7 - VA Claim Submission and Review ⏩ 30:47 Step 8 - HLR or Supplemental Claim ⏩ 33:13 - Tip 1 ⏩ 34:54 - Tip 2 ⏩ 38:12 - Tip 3 ⏩ 39:49 - Stay Connected ⏩ 42:38 - Q&A ⏩ 60:02 - Wrap-Up

This is part 2 of the series on using the Gap Analysis to develop and implement an effective compliance program in your organization... Do not miss this episode because Sean delivers the punchline!

In this episode Sean takes on the critical aspects tied to GAP analysis and what they are, how to perform one and how it impacts your ability to build an effective compliance program, which leads to demonstrating a "Culture of Compliance"! Don't miss this one!

Why is a skills gap analysis helpful? How can it make your company more efficient? What does the process look like? In this episode of MakingChips, we define a seven-step process you can use to help you run a skills gap analysis on your manufacturing business. Special guest Crystal Van Vleet shares how she's brought the process to life in her role with Advanced Machine & Engineering (and at MakingChips). The bottom line is, if you don't have skills, you're not making chips, and if you're not making chips, you're not making money! — Nick Segments [2:06] Why a skills gap analysis can help your business [4:56] Manufacturing News: Skills Gap Analysis for the Future of Work [12:43] Learn all about our guest Crystal Van Vleet [17:59] Step #1: Make a plan for the skills gap analysis [22:09] Step #2: Define your organization's future goals [24:58] Why Crystal got her CMTSE certification [26:47] Step #3: Catch up on the future of work trends  [28:04] Step #4: Determine key skills needed for the future [30:18] Step #5: Measure your current skills [33:16] Crystal's experience with self-assessment tools [35:03] Step #6: Find out where the gaps are [39:23] Step #7: Put a plan into action Resources mentioned on this episode Skills Gap Analysis for the Future of Work Don't miss IMTS 2022! ProShop ERP Connect With MakingChips www.MakingChips.com On Facebook On LinkedIn On Instagram On Twitter On YouTube