Podcasts about iso9001

We share a lot of success stories here on the ISO Show, along with hints, tips and updates to Standards, including insights from our consultants who work with Standards day in and day out.  In our latest mini-series, we're taking a step back to introduce members of our team, to explore how they fell into the world of ISO and discuss the common challenges they face while helping clients achieve ISO certification.   In this episode we introduce Darren Morrow, a Senior Consultant at Blackmores, to learn about his journey towards becoming an ISO Consultant and what drives him to help clients on their ISO journey.   You'll learn ·      What is Darren's role at Blackmores? ·      What does Darren enjoy outside of consultancy? ·      What path did Darren take to become an ISO Consultant? ·      What is the biggest challenge he's faced when implementing ISO Standards? ·      What is Darren's biggest achievement?   Resources ·      Isologyhub ·      Engagement Amplifier Gameplan   In this episode, we talk about: [00:30] Episode Summary – We introduce Darren Morrow, a Senior Consultant here at Blackmores, to discuss his journey towards becoming an ISO consultant who specialises in ISO 9001, ISO 45001, ISO 14001 and ISO 50001.   [03:45] What is Darren's role at Blackmores? Darren is a Senior Consultant with Blackmores, supporting companies with maintaining systems, undertaking internal audits, and supporting with implementing new systems to gain certification. A key part of his role is translating ISO Standards into plain English, and guides clients on how to apply them in practice. [04:55] What does Darren enjoy doing outside of consultancy?: Darren moved to Norfolk back in 2021 ans has since found the relaxed way of life there to be a great fit. It also offers a lot of good walking opportunities for his 2 Leonberger's (giant breed dogs), who mostly enjoy the local parks and beach walks. Darren is also an avid reader, clocking in a whopping 343 weeks' worth of reading on his kindle. His favourite genres include:- ·      Crime, thriller, adventure types - Clive Cussler, Michael Connelly, David Baldacci, CJ Box, Dan Brown, James Carol ·      Horror - James Herbert, Stephen King ·      Supernatural, urban fantasy, fantasy - Ben Aaronvitch, Jim Butcher, Raymond E Feist, C S Lewis & Tolkien ·      Historical - CJ Sansom, SJ Parris ·      And Terry Pratchett for a weird dose of reality. He's also a movie buff, with a collection of over 1,000 films ranging from the 1930's all the way to modern era. Recently he took on the challenge of watching all the Marvel films in chronological order, which took a few weeks! [10:35] What was Darren's path towards becoming an ISO Consultant?: Before Blackmores, Darren was the Quality Manager for a company that worked within the Highways Maintenance sector, working there for 8 years. For the first 18 months he was primarily the Quality Manager for a specific contract on the Olympic Park, as that contract came to an end, he moved into the main company Quality Manager role supporting multiple highway term maintenance contracts along with various smaller projects that the business won. Prior to that, he was a SHEQ Advisor within the Rail industry, working for a signaling company. Darren worked there for about 5 years, within head office support roles for quality and health and safety, moving to working on supporting the project teams and project delivery for signaling schemes. Overall, looking back, he's worked with standards within a quality, health & safety, environmental for around 25 years now.  [13:20] What is Darren's favourite aspect of being a Consultant? – Darren likes the variety. As an ISO Consultant, he gets to work with lots of different people, companies and industries, so he gets to learn a lot about how they work and how Standards apply to different industries. He also enjoys the fact that after working with clients for a number of years, he becomes just another member of the team.   [15:15] What Standards does Darren specilaise in and why? Starting with: ·      ISO 9001 Quality: This is the main standard that Darren starting working with back in 1999 ·      ISO 45001 Occupational Health and Safety: While working within rail, Darren was given the opportunity to do some training and proceeded to complete NEBOSH courses - general and construction, this proved invaluable in future roles. ·      ISO 14001 Environmental: Darren ended up working with this Standard as part of on-going development. His role as a Quality Manager expanded, and at the time, all external audits with our certification body were coordinated through him. So, for on-going development he completed the NEBOSH environmental managed certificate. ·      ISO 50001 Energy Management: This is one of Darren's favourites. He's taken on this standard since working with Blackmores and seemed like a natural progression with the work he was already doing. He likes how this standard helps companies think more about their impacts on the environment in terms of energy consumption. In terms of companies climate change impacts, Darren likes how ISO 50001 can support deep dives into data that is available or not clearly available in many cases to support improvement and reduction in energy consumption. This also can pave the way for those companies that take it more seriously, and progress to newer standards like ISO14064-1 for quantification and reporting of greenhouse gases, but also part 3 for the verification and validation of greenhouse gases. This is where our sister company, Carbonology Ltd, really excel. Darren does his bit with ISO 50001 clients to educate and prepare them for taking more proactive steps towards meaningful energy and carbon reporting. For example, if they grow sufficiently or fall within the parameters of mandatory schemes such as ESOS or SECR reporting, or they just want to do their bit and demonstrate their commitment to minimising their impact on the environment and overall energy consumption. [23:10] What is the biggest challenge Darren had faced during a project and how did he overcome it?: He doesn't have a single one that stands out, but common issues are usually either down to availability or commitment of the individuals within the company he's supporting. For example, the company may decide that they require certification to a standard or multiple standards. There will be commitment from some within the business, and there are those that may not see the importance or feel it's not important to them and what they do.  Darren's job is to support the company in achieving its main goal in gaining certification. His work with the company involved explaining what is to be done and why. He's found that most of any resistance is because individuals do not know the why and how it impacts them, etc. The other aspect is to make it clear that he is not there to tell them what to do, or that they're doing it wrong. He works with people to either document the process (where required), help them find improvement in the process and continue to search for improvement. [27:00] What is Darren's proudest achievement? Darren states that there's no one definitive achievement to highlight, rather he would say supporting clients who are new to the standards. Working with them and providing knowledge so that they know the 'why' and understand the standards and their processes, and finally seeing the end result with being recommended for certification. The ones that he's particularly happy with are those that go for multiple standards, that result in recommendation for certification with little or no significant findings from the certification body, it shows that the company has been fully engaged and embedded the overall process into how they work. If you'd like any assistance with implementing ISO standards, get in touch with us, we'd be happy to help! We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Does the ISO 9001 require a quality manager? Obtain answers and understand why you need one. Click now! https://www.quality-assurance.com/blog/discover-why-the-iso-9001-requires-a-quality-manager.html/

A well implemented ISO Management System can improve efficiency, customer satisfaction and drive continual improvement for a business. On the flip side, a poorly implemented Management system will yield little to no results, so what makes the biggest difference between good and bad implementation?  Communication is the key. If no one knows about your Management System, then how can it benefit the business as a whole? In this episode Ian Battersby discusses the importance of effective communication of your Management System, why it's vital to reap the full benefits of ISO Implementation and gives some examples of how you can communicate elements of your Management system to the wider business. You'll learn ·      Why do you need to communicate your management system? ·      What do you need to communicate? ·      Why is it important to communicate your Management system? ·      Different ways you can communicate your management system ·      How can you measure effective communication?   Resources ·      Isologyhub ·      How can ISO Standards Support ESG Compliance Workshop   In this episode, we talk about: [00:30] Episode Summary – Ian talks discusses elements of communicating a management system including, why you need to communicate and what needs to be communicated, the importance of doing so and how you can go about doing it. [02:45] Why do you need to communicate your Management System? In every ISO Standard, communication is a requirement. The levels and information specified will vary depending on the Standard, but the principles remain consistent. Ian cites ISO 9004 as providing further guidance to improve on what's initially required. In Clause 7.4 it states: “The effective communication of policies, strategy, relevant objectives is essential to the sustained success of an organisation.” Going on to state that communication should be “Meaningful, timely and continual” and that there should be some form of feedback within it to be able to address changes in the organisation's context. So, it's not just a one time exercise. It also states that: “communication processes should be both vertical and horizontal and be tailored to the differing needs of its recipients, whether internal or external.” So you also need to consider the external communication needs too. [04:35] Empowering through communication: ISO 9004 also talks about engaged, empowered and motivated people and their value as a key resource. These types of people help organisations to create and deliver value, so you should have processes in place for engaging those people, to gather feedback and drive continual improvement. [05:40] Where is Communication referenced in Standards?: Typically, communication is Clause 7.4 in most ISO Standards. Additionally there are elements of communication included in Clause 7.3. Awareness. The Awareness clause focuses on employees knowledge of the Management System, and is more focused on internal communications rather than with external interested parties. [06:25] What should be communicated internally? Under Clause 7.3 Awareness, it requires you to share: ·      Policies ·      Objectives ·      The consequences of non-conformance Other Standards may have additional communication requirements such as ISO 45001, which also highlights the need to share risks, hazards, incidents and the outcomes of investigations.   [07:10] Clause 7.4 Communication – This clause is more about determining internal and external communications. This includes considerations for: ·      What communications are relevant? ·      When should they be communicated? ·      Who should they be communicated to? ·      Who should be the one to communicate this information? Some Standards may also include specifications for communicating legal requirements, such as ISO 14001 and ISO 45001. [08:20] Nuance in effective communication:  One key element of communication is ensuring that it's understood and applied by the wider business. This doesn't mean that every employee should be able to parrot a specific policy within a business, but rather they should at least know where to find it and understand the implications for them. [09:40] A link between Communication and Leadership: Leadership plays a key role in communications, and ISO Standards specify that certain elements can't be delegated to another individual. Clause 5 Leadership specifically states: ·      They shall promote the use of the process approach and risk-based thinking, not delegating that promotion. ·      They should communicate to the importance of the management system and of conforming to that management system. ·      They should engage directly and support persons to contribute to the effectiveness of the system. ·      They should promote continual improvement. ·      They should support other relevant managers to demonstrate their leadership in their areas of responsibility. We've stressed the importance of Leadership in the success of a Management System in a previous episode, and their support with communication is a big part of that. [11:20] Communicating Objectives: Clause 6.2 Objectives states that they must be established and communicated. This doesn't have to be to everyone, so you can be selective and communicate certain objectives relevant to select people. [11:40] How to effectively communicate your management system  – Management systems can be vast, and it can be tricky to know exactly how much to communicate and to who. The first tip is to keep it simple. Translate the ‘Standard speak' into something recognisable for your business, which may not always be easy if you're familiar with the Standards terminology. However you need to relate these elements to how people in the business work. Try to keep it brief to avoid confusion. Next, ensure you are assuaging fears. Many are firstly opposed to the introduction of things like Operational Procedures if they've not worked with a Management System in place previously. However, all this is in practice is a written format for how they work, it shouldn't drastically change the way in which they work. Make sure they know this and describe what elements will change i.e. documentation updates. Lastly, they need awareness of the consequences of non-conformance and the need to look for opportunities to improve. [15:25] Communicating Policies – This is a part of all ISO Standards, a Policy can't just be hidden away in a rarely visited folder. A Policy communicates the intent of top management in an organisation, and is something that should be communicated to everyone, which could include external parties. So, you should try to keep this concise. On one page ideally. As long as you've encompassed the vision, values, strategy and top management commitment, and for certain standards a commitment to legal requirements, then you will meet an ISO Standards requirements. Some businesses like to include links to all their procedures within a policy, which by all means, you can, but don't expect people to read a 48 page policy and understand it enough to apply to their daily working lives.   [17:00] How can you communicate your Management System? – One key objective of communication is to ensure people understand and apply what's being communicated. To help achieve this, you may want to use multiple methods of communication, including: ·      Feedback options on content i.e. a yes or no check / options to provide feedback ·      Training sessions ·      Intranet page – quick links to relevant content such as policies or audit findings ·      Regular briefings ·      Notice boards ·      Electronic displays ·      Company briefs ·      Team meetings [20:25] How can you measure effective communication? There's a lot of ways you can assess this, including: ·      E-mail voting – to clarify when people have read specific documents ·      LMS Systems ·      Through SharePoint systems ·      Conduct surveys ·      During Internal Audits All of these can be used as methods of feedback where you can identify further opportunities for improvement from various levels of the business. [21:35] When should you consider external communications? – Clause 4.2 is where you're required to consider the needs and expectations of interested parties. When going through an anaylsis of these interested parties, you determine what they expect out of your Management System. Standards don't specify the need to write a communication plan, but they do say who's going to communicate what to whom, including how and when. In combination with that analysis of interested parties, it creates a solid basis for an effective communications plan. Again, some discretion will be required as not every external party will need to be privy to your internal policies and procedures. Just communicate what's relevant to them. If you'd like any assistance with implementing ISO standards, get in touch with us, we'd be happy to help! We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

In this episode of "The Quality Hub," host Xavier Francis is joined by Norm Verbeck, a consultant from Core Business Solutions, to explore the distinctions between ISO 9001 certification and compliance. Norm discusses the rigorous process of certification, and contrasts it with compliance, where companies internally manage adherence to ISO standards without external audits. This episode sheds light on the practical steps for achieving compliance, the cost-effectiveness of compliance versus certification, and the significant boost in reputation and marketability that certification offers. Norm also highlights how certification is often required, and how it can be a crucial step for businesses looking to enhance their international recognition. Helpful Resources: ISO 9001 Certification VS. Compliance Article: https://www.thecoresolution.com/iso-compliance-vs-certification For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting

On this episode of the Quality Hub: Chatting with ISO Experts, host Xavier Francis continues the discussion with Suzanne Weber-Smatko and Murphy Shaw on quality management methodologies beyond ISO 9001. They explore Total Quality Management (TQM) as a culture-driven framework for continuous improvement, Lean as a waste-reduction methodology focused on efficiency, and the importance of management and employee engagement in sustaining quality initiatives. The episode highlights how integrating methods like Six Sigma, TQM, or Lean can enhance ISO 9001 systems, fostering a culture of continuous improvement. The conversation emphasizes leadership's role in driving these improvements and how businesses can strategically adopt different approaches for better efficiency and quality. Helpful Resources: What is a Mature QMS?:  https://www.thecoresolution.com/quality-management-system-maturity Compliance vs. Certification:  https://www.thecoresolution.com/iso-compliance-vs-certification For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting

In this episode of the Quality Hub: Chatting with ISO Experts, host Xavier Francis discusses ISO 9001 vs other Quality Management Systems - What's the Difference (Part 1) with Suzanne Weber-Smatko and Murphy Shaw from Core Business Solutions. They explore ISO 9001's role in standardizing processes for consistency and improvement, comparing it to industry-specific standards like ISO 13485 for medical devices, AS 9100 for aerospace, and 21 CFR Part 820, an FDA regulation. The discussion also covers Six Sigma, a data-driven methodology for reducing defects, highlighting its individual certification structure versus ISO 9001's organizational certification. The episode emphasizes how businesses can integrate multiple quality systems for better efficiency and compliance, setting the stage for Part 2.   Helpful Resources:   What is a Mature QMS?:  https://www.thecoresolution.com/quality-management-system-maturity Compliance vs. Certification:  https://www.thecoresolution.com/iso-compliance-vs-certification For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

Zertifizierungen wie die ISO 9001 sind für viele Unternehmen ein wichtiger Schritt, um Prozesse zu optimieren, Vertrauen zu schaffen und sich im Wettbewerb abzuheben. Doch wie läuft so eine Zertifizierung eigentlich ab? Und ist der Aufwand wirklich gerechtfertigt?In dieser Folge spricht Robert Kirs mit Marcel Spitzel, Geschäftsführer der IFDQ Audit GmbH, über die wichtigsten Fragen rund um das Thema Qualitätsmanagement und Zertifizierungen.Inhalt der Episode:✔️ Was steckt hinter der ISO 9001 und warum ist sie so relevant?✔️ Welche Vorteile bringt eine Zertifizierung für Unternehmen?✔️ Wie läuft eine Zertifizierung ab – vom ersten Schritt bis zum Audit?✔️ Warum Prozesse der Schlüssel zur Skalierung und Qualitätssicherung sind✔️ Typische Vorurteile & Missverständnisse rund um ISO-Normen✔️ Warum eine Zertifizierung einfacher ist, als viele denken

In this episode of The Quality Hub, Chatting with ISO Experts, host Xavier Francis welcomes back Suzanne Strasser, VP of Consulting and Development, to explore the PDCA Cycle (Plan-Do-Check-Act) and its vital role in ISO 9001. They discuss how this structured, iterative method drives continuous improvement by aligning with key ISO 9001 clauses. From setting goals and testing solutions to analyzing outcomes and implementing changes, PDCA helps businesses enhance efficiency, mitigate risks, and meet customer expectations. They also emphasize the importance of focusing on real outcomes rather than rigidly following methodologies. Tune in to learn how applying PDCA within ISO 9001 can strengthen your quality management system and drive meaningful improvements in your organization! Helpful Resources: Compliance vs. Certification:  https://www.thecoresolution.com/iso-compliance-vs-certification   For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015   Contact us at 866.354.0300 or email us at info@thecoresolution.com   A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources   ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting      

If you've ever implemented an ISO Standard, then the term Management Review will be familiar to you.  It's a mandatory part of the implementation process, and a crucial tool for monitoring continual improvement. Somewhere down the line, it's become a bit of a myth that a Management Review needs to be an annual meeting. That is simply not the case, while required by the Standard, it's very flexible on how this could be achieved. In this episode Ian discusses the purpose of Management Review, including what you should be including and getting out of the review and breaks down the fallacy of the annual event. You'll learn ·      What is the purpose of a Management Review? ·      What are the common misconceptions about Management Review? ·      How Management Review supports other clause requirements ·      What are the inputs for Management Review? ·      What are the outputs of a Management Review?   Resources ·      Isologyhub ·      How to conduct a Management Review   In this episode, we talk about: [02:05] Episode Summary – Ian discusses the real purpose of Management Review, and dispels the myth of the annual event. [02:35] What is the purpose of a Management Review?: Management Review is a requirement of all ISO Standards. It's main purpose is to check if your Management System is fit for purpose, and what needs to be updated to ensure it aligns with your businesses objectives and strategic direction. In short, it's there as a check to see what's working well and what's not working well, in addition to continual improvement considerations. [03:30] What are some common misconceptions about Management Review?: Some common misconceptions include:- ·      That it's simply a formality – Rubber-stamping things and missing out on the opportunity to effectively monitor management system progress ·      That It must be once a year ·      Having to review everything in excruciating detail i.e. all audit findings ·      The need to update the risk assessment and re-jigging scores ·      That you must review and update your SWOT/PESTLE ·      Or review and update all management system documentation ·      That it's the perfect opportunity to re-write a policy There is a time and place for all of these, and you could tackle some of this in a Management Review if you really want to, but that is not the main purpose of a Management Review. [04:50] How Management Review supports other clause requirements - Leadership: If we take ISO 9001 as an example, the Leadership clause states: “Top management shall demonstrate leadership and commitment with respect to the quality management system by: a) taking accountability for the effectiveness of the quality management system e) ensuring that the resources needed for the quality management system are available g) ensuring that the quality management system achieves its intended results” These requirements at first glance may seem like they'd require a lot of effort and monitoring of many different factors, but in actuality they can all be satisfied through effective Management Review. [05:55] What involvement is required from top management? As stated in ISO Standards:- “Top management shall review the organization's management system, at planned intervals, to ensure its continuing suitability, adequacy, effectiveness and alignment with the strategic direction of the organization.” Top management also have involvement in the following elements of implementing and maintaining a management system: ·      Context ·      IPs ·      Risks/Ops ·      Objectives ·      Policy ·      Support ·      Operation ·      Performance monitoring Management Review relates specifically to ‘performance monitoring', but that in of itself will include elements of all the other clauses within the Standard, and many of those require top managements involvement on some level. [07:45] The fallacy of the annual event – The Management Review clause specifically states that a Management Review should be ‘carried out at planned intervals'. Many had interpreted that as once a year, which has been the prevailing myth for decades. Looking at the Standard, no where does it say ‘once a year', planned intervals means it could be once a month, it could be once a week, it could be a set points during the summer. When deciding on these planned intervals, take into consideration the nature of your business, the size of your business, the risks associated with it and the maturity of your Management System. This will determine how frequent the Management Review should be, as it will differ for every business. [09:10] Examples of Management Review frequency – Ian has worked in an organisation where they had a rather grand Management Review process, where top management and other relevant individuals meet to review the past year and set the scene for the following year. That same organisation also had monthly meetings with the same members of top management to keep on top of new and on-going issues. That isn't to say this is the only way to run Management Review. Some opt to have quarterly meetings, others once every 6 months and some even leave it to once a year. [10:40] What is required of Management Review? Inputs – Clause 9.3 details the requirements of Management Reivew in most Standards (some swap 9.3 and 9.2 around, but the contents remains the same). First, the inputs required for Management Review include: The status of actions from previous management reviews - If you said you were going to do something before, how's that going? Changes in external and internal issues that are relevant to the quality management system - this doesn't mean that every meeting should consider the SWOT/PESTLE/IP tables, but there must be some determination of when that's done in detail and when a senior mgt discussion should include the key aspects of that and its impact. There is a need to review these things when required anyway, so doing it only at pre-defined times can be problematic. Information on the performance and effectiveness of the quality management system, including tends in:- ·      Customer satisfaction and feedback from relevant interested parties; ·      The extent to which objectives have been met; ·      Process performance and conformity of products and services; ·      Nonconformities and corrective actions; ·      Monitoring and measurement results; ·      Audit results; ·      The performance of external providers; ·      The adequacy of resources; ·      The effectiveness of actions taken to address risks and opportunities; ·      Opportunities for improvement. [20:45] What is required of Management Review? Outputs – You will also have a number of outputs from Management Review, including:- Opportunities for Improvement – This could be as a result or reviewing audit findings and discussing the OFI's found and how you can address and implement these. You could also use the Management Review to review and set new objectives for the year ahead. Any need for changes to the management system – You may need to review policies and procedures and see if they're still fit for purpose, if they're not then this is a good venue to discuss and update them. Other aspects that may have changed or will have a need to change include: ·      Interested parties – have their needs and expectations changed? ·      People – Do you need to change the people involved with certain processes? ·      Awareness – Do you need to raise more awareness around a specific topic? Resource needs – You may need to raise the need for more resourcing in regard to the management system or related processes. If you'd like to learn about alternative ways to host a Management Review, listen to one of our previous episodes. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Damit unsere Produkte auch weiterhin eine hohe Qualität haben, ist es sinnvoll, unsere Lieferanten zu managen. Inhalt der Folge: * Verschiedene Lieferanten * Auswahl und Bewertung von Lieferanten * Vertragsmanagement * Leistungsüberwachung * Risikomanagement * Beziehungsmanagement * Kostenmanagement * Ort der Aufgabe * Pflegt den Kontakt mit den Lieferanten * ISO9001 Trage Dich auch gerne in meinen Newsletter ein. Du findest eine Möglichkeit auf der Webseite zu dieser Folge. Der Beitrag IF226 – Lieferantenmanagement erschien zuerst auf Ingenieurbüro David C. Kirchner.

On this episode of the Quality Hub Podcast hosted by Xavier Francis, guests Brian Smith and Joe Hill discuss ISO 9001, Clause 7.1.5. They explore how calibration frequency should be determined based on risk levels, such as manufacturer's guidelines, regulatory requirements, and other factors. They stress the need for frequent calibration in high-risk scenarios and discuss the importance of using accredited services for calibration. The episode emphasizes the consequences of neglecting proper calibration and highlights the difference between verification and certification of equipment. Helpful Resources: ISO 9001 Clause 7.1.5:  https://www.thecoresolution.com/clause-7-1-5-iso-9001-explained   ISO 9001 Clause 7:  https://www.thecoresolution.com/iso-9001-clause-7   For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015   Contact us at 866.354.0300 or email us at info@thecoresolution.com   A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources   ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting

The importance of setting key objectives can't be understated. They help drive continual improvement and reflect a business's key metrics for success in various areas. They are also a key aspect of implementing an ISO Standard, with most specifying a dedicated Objectives clause. While most businesses will have objectives irrespective of any ISO certification, many may fall into the familiar trappings of having separate objectives for different departments, which only serves to fragment your measurement of success. In this episode Ian discusses the importance of setting key business objectives, and why you should be aligning these with your strategic direction.   You'll learn ·      What is the Annex SL format and why was it introduced? ·      What is meant by ‘Strategic Direction'? ·      The importance of risks and opportunities in objective planning ·      Who are setting key business objectives important? ·      How can you align objectives with a businesses strategic direction?   Resources ·      Isologyhub     In this episode, we talk about: [02:05] Episode Summary – Ian discusses how to align objectives with the strategic direction of the business, and why it's important to do so.    [02:55] What is the Annex SL format and why was it introduced?: The Annex SL format refers to the standard 10 clause structure that we now see in most ISO Standards. Introduced back in 2015, it sought to address the issues with integrating multiple Standards, in addition to making them more accessible to every sector. Prior to 2015, many ISO standards were designed with specific sectors in mind, using terminology that would make sense to them, but perhaps not to others. The Annes SL format now uses the same language across all ISO's, making It easy to integrate multiple ISO compliant Management Systems. [06:10] What is meant by the term Strategic Direction? Leadership: This is a term that appears in ISO 9001 5 times. We first see it in Clause 5 – Leadership, where it states: “Top management shall demonstrate leadership and commitment with respect to the management system by ensuring that the policy of objectives are established for the management system and are compatible with the context and strategic direction of the organisation.” This is where it's made explicitly clear that leadership / management are responsible for ensuring the Management System aligns with the way their business runs, in addition to integrating it into existing processes. [07:05] What is meant by the term Strategic Direction? Management Review: It also appear in clause 9.3 Management Review, where it states: “Top management shall review the organisation system at planned intervals to ensure its continuing suitability adequacy, effectiveness and alignment with the strategic direction of the organisation.” Again, this reinforces the need for top management to be involved to ensure that the Management System is in alignment with their overall goals. [08:40] What is meant by the term Strategic Direction? Context of the Organisation: It also appears at the very start of the auditable clauses, in Clause 4 – Context of the organisation, where it states: “The organisation shall determine the external and internal issues which are relevant to its purpose and its strategic direction.” This involves looking at issues from a legal, technical, competitive, cultural and economic point of view, and many of these will be determined by top or broader management within the business. They ultimately have the most influence in how a Management System is built, therefore have the most influence on how the policies and objectives are created. [10:45] The importance of risks and opportunities in Objective planning – Clause 6 (Planning) is where we address risks and opportunities raised in clause 4. It states that ‘Objectives must be established at relevant functions, levels and processes.” For us at Blackmores, we directly relate the findings from a risks and opportunities assessment (such as a SWOT & PESTLE), and link these to our objectives to try and minimise those risks. We also leverage the opportunities, by making them real tangible goals to work towards – seems obvious but we often see businesses missing the link between these exercises! [12:00] How can you set Objectives in alignment with Strategic Direction?: Many businesses now build their mission, values and strategic direction around sustainability and general ESG. When building a management system, you need to consider how it affects those sustainability / ESG goals, because that is essentially the context of your organisation. So, you'd need to consider: How does environmental performance, health & safety performance or legal compliance contribute to the success of the management system as a whole? You don't have to be going for ISO 14001 or ISO 45001 for these things to matter, even a quality management system can contribute to sustainability goals. This can be through improving economic performance by reducing waste ect. Also, don't be afraid to relate economic performance to your management system. If you have a turnover goal of X, mention that in your context documentation, and also consider how the management system can contribute to achieving that goal i.e. through processes, controls, monitoring and improvement activity. Also consider your client requirements, they may require an accident rate below X which can also be included in context documentation and can then be factored into your management system measures and objectives if need be to achieve that. [16:55] How do you establish your objectives? – First you must establish context, and that context must be relevant to the purpose and strategic direction of the business. The context setting must include those who understand that context, strategic direction and the purpose of the business, the risks and opportunities must be assessed in relation to that context, which in turn is already aligned with strategic direction. Finally the objectives must be set in relation to those risks and opportunities. It's all about having the right people to identify the relevant issues affecting the organisation, and setting concrete objectives in order to improve that. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Why is the ISO 9001 used? The global quality management standard is the benchmark for satisfying customer needs. Click now! https://www.quality-assurance.com/blog/why-is-the-iso-9001-used-does-this-certification-offer-help-with-employee-training.html/

On this episode of the Quality Hub Podcast hosted by Xavier Francis, guests Brian Smith and Joe Hill discuss ISO 9001 Clause 7.1.5 on calibration within a Quality Management System (QMS). They elaborate on the importance of calibration in ensuring the accuracy of tools and equipment used in monitoring and measuring product quality. They discuss the specifics of the clause, including requirements for monitoring resources, measurement traceability, and the responsibilities organizations have towards calibration. They also cover how organizations should handle equipment that is out of calibration, and the proper management and retention of calibration records. The episode aims to clarify the clause's provisions and offer practical advice on maintaining compliance and ensuring measurement reliability within a QMS. Helpful Resources:   ISO 9001 Clause 7.1.5:  https://www.thecoresolution.com/clause-7-1-5-iso-9001-explained   ISO 9001 Clause 7:  https://www.thecoresolution.com/iso-9001-clause-7   For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015   Contact us at 866.354.0300 or email us at info@thecoresolution.com   A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources   ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

Ganze 88 Mal taucht das Wort Kunde im Text der ISO 9001:2015 auf. Kein Wunder, denn Qualität ist im Kontext der Norm gleichbedeutend mit der Erfüllung von Kundenanforderungen. Dennoch wird die Kundenzufriedenheit häufig vernachlässigt oder zu oberflächlich betrachtet. In der aktuellen Podcast-Episode der QM-Impulse spreche ich mit Jan Jörgensmann (QMB, Zertifizierungsauditor und ISO-Nerd) über die Herausforderungen rund um das Thema Kundenzufriedenheit. Dabei analysieren wir den Prozess und beleuchten praxisnahe Lösungsansätze. Vernetze Dich gerne mit Jan und mir auf LinkedIn:

with Hosts Simile Miller and Jeremy Gibson-Roark

The end of another year has rolled around in the blink of an eye! We've managed to publish a whopping 42 episodes this year, pushing us over the 200 episode mark.  We want to thank all our listeners, both old and new, for allowing us to continue to share both ISO tips and success stories from our wonderful clients. We hope you'll follow along as we continue our podcasting journey in 2025. To close out the year, Ian Battersby and Steve Mason share some of their stories of misadventures during audits, from common mistakes, to broom battles and forklift mishaps, they really have seen it all! Listen, laugh and learn what not to do during an audit. You'll learn ·      What not to do in an audit   Resources ·      Isologyhub   In this episode, we talk about: [02:05] Episode Summary – Ian and Steve share some of their experiences from their time as auditors. From common mistakes to outlandish situations that you'd have to see to believe, listen and learn what shouldn't happen during an audit.  [03:40] Lazy Copycats: Steve recounts a time where a company had copy and pasted their Management Review for years, which rightfully earned them a non-conformity. Ian shares a similar story where a construction company submitting a tender had copy pasted the content and included the wrong company name! The copying doesn't stop there, as Steve remembers a company Quality Manual that managed to include multiple company names. It was found that they'd simply copy and pasted example pages they'd found online that looked good, but didn't bother to update any of the content to be relevant to them. [06:30] Training Troubles – Ian recounts a time where he was auditing a subcontractor for a construction company that required a record of training. The induction was very important and obviously needed to be documented. When he checked the documents, though all the forms had different names, all the signatures suspiciously had the exact same handwriting! Turns out the Director was signing them all off, which is obviously in breach of a number of health and safety related regulations. [08:00] IT Security slip-ups – Steve recounts a time where a Finance Director had good intentions, but poorly implemented his idea. The Finance Director didn't trust their IT system back-up and instead backed-up all his information on a memory stick. Steve had pointed out the flaws with this, such as losing the memory stick, data getting corrupted ect. It just simply isn't a safe or reliable way to store such important information. [09:05] Disconnected Leadership – Ian shares a time where an auditor caught the lack of leadership commitment to their management system. Despite it being a very nice looking management system by all accounts, the cracks showed enough for an outsider to spot the flaws. Steve adds that sometimes, you can over engineer a management system to a point past useful. It needs to work for your business, otherwise people will work around it to get what they need done. Steve had a rather obvious example if this when he required a chat with a member of leadership, who refused on the day initially, despite it being scheduled for 6 months. The person relented a few minutes over lunch where he posed his complete commitment to BS 5750 – A standard that existed 20 years ago and had since been replaced by ISO 9001. Very telling for his level of ‘commitment'. As we have covered in a previous episode – Leadership commitment is imperative to a successful management system. [11:40] Skip Diving for Secrets – Steve shares his experience of conducting a skip diving exercise, which is following a document waste trail. At a certain company, they ended up looking in an actual skip only to find what looked like a lot of confidential documents, when questioned someone had said that they looked like they belonged in the CEO's filing cabinet. When questioned, the CEO remarked ‘I didn't want you to catch me with anything that I shouldn't have, so I threw it all out last night'. This warranted a non-conformity as anyone could have gone past and fished out that confidential information just as Steve had. Ian also adds a time where he worked in the NHS and a local hospital had an accident where a lot of confidential medical files ended up scattered across the floor. These were documents that should have been disposed of securely. [14:05] PPE? You've got to be kidding me! – Ian recounts a time working for a manufacturing company that was part of a large international firm. Their UK operation had to abide by strict PPE requirements, proper shoes, eye protection ect. It was something that everyone on the premises had to adhere to. One day, a Director walked in with none of the PPE which was clearly labelled on many of the signs decorating the shop floor. He had incorrectly assumed that because of his position, he could walk around with no PPE whatsoever. Fortunately the shop floor supervisor set him right and sent him to get properly suited up. [15:35] Data Centre security says no – Steve recalls a time when a member of top management went to visit one of their own data centre's, on getting to the gate the security had told him ‘I don't care who you are, your name isn't on the list so you're not getting in.' That person hadn't gone through the process of being approved for entry. Yet, predictably, they sent complaints everywhere, but the head of the UK branch had quite rightly praised the security personnel for simply following protocol. [16:55] Private bank details? Don't mind if I do! – While Steve was auditing physcial security for an office, a printer ended up printing the payroll of every employee at the business. This wasn't in a private room, this was in the middle of the office, so anybody could walk up and see bank account details and salaries! When questioned, it turned out their Finance Director was working from home, and hadn't bothered to contacts anyone to retrieve the documents. So unsurprisingly, they received a non-conformity. [19:55] Do not goad the auditor -  A bit of advice from Steve “Never say ‘this is our most secure room' to an auditor” – that is essentially a challenge, and one that you'll likely lose if you don't follow your own processes. Steve put this to the test when someone had claimed only 3 people had access to a certain room. Out of curiosity, Steve used his visitor badge to gain entry, and asked if he was included in that 3. Obviously he wasn't, and this was simply down to access control being a bit muddled at that particular company. [21:25] Mistaken Identity: Steve recalls a time when he was given a visitors badge with a completely different person as the photograph. It had no effect on the correct access rights, but amusing all the same. He shares another story where he shared a waiting room with another Steve. When they called only the first name, the other Steve was taken into that business and questioned on ISO, to which the poor man had to inform them that he had no idea what they were talking about! Shortly after, the correct Steve was collected. But it goes to show how important it is to ensure you're giving access to the right people. [24:20] Battle of the Broomsticks: Ian recalls another time when working in construction, when he had the opportunity to work at a horse racecourse. They were looking to achieve what was OHSAS 18001 at the time (now known as ISO 45001), and it was going so well until a few new hires came running across the stable yard wielding 2 brooms, battling like gladiators in view of their auditor. Thankfully they weren't really harming each other, but it was enough for the auditor to raise a few questions about subcontractor controls. You really couldn't write the timing any better (or worse, I suppose!). [26:15] Clearly a certified forklift driver:  While Steve was working at a warehouse, the manager there stressed how well trained all of their forklift drivers were, how sensible they all were. Though, Steve could see a person dancing, speeding and popping wheelies with his forklift over the managers shoulder. After he'd been alerted to the wannbe stunt driver, the manager went to have a word with them. [27:30] Accidents don't happen after 5pm: Ian was working at a company that highly valued the use of PPE on-site, everyone did a good job of abiding by that, until it came to the end of the day. One person leaves across the shop floor in just a normal t-shirt and jeans, waving them all off happily as he leaves for the day. He still had to cross the shop floor, and being off the clock doesn't make you invincible. [29:10] Fire Door Dramas: Steve recalls a time during an ISO 9001 audit where he spotted a fire door had been blocked by pallets in a warehouse. Another time he saw a fire door that was actually chained and padlocked! On another occasion, a local council had put their rubbish bins outside the fire door for the building, and during a fire drill, they couldn't get out.   Ian states how many times he's seen signs ignored by drivers who park in front of fire exits. All this to say that a little awareness goes a long way. [31:10] Emergency Plans for the avid reader: During an incident at an NHS hospital where they'd suffered a long term major power outage, Ian and the staff had found that the emergency plans were 144 pages long! With Senior responsibilities hidden away in an Appendix on the last few pages. Well thought out plans are necessary, but the actual procedure needs to be something that can be followed in the event of an emergency. A little common sense should be applied when deciding what needs to be communicated. [34:00] Risk Assessment disaster: While working with a team in a manufacturing plant, Ian helped them to streamline their risk assessment process as their previous one needed too many signatures to actually go anywhere. This bottleneck was resolved with months of hard work, or so they thought… When it came to being audited, the auditor asked the team manager what happened to all of the risk assessments, he'd then pointed towards the Health & Safety Management and claimed they had them all, who had to admit that he didn't. Later that evening a director called the administration and asked to hide all of the documentation, to which she rightly refused to do. This also linked back to when the auditor had asked about how the apprentices were trained, and it happened that the apprentice supervisor was on holiday and so they were just let onto the shop floor. Suffice to say, this didn't reflect well on the resulting audit results. [36:30] Against the wire: Ian states that manufacturing companies are not famous for admin. He had one experience while trying to get a recertification booked in, which went up against the wire for their current certification running out. The CB obliged and sent a very qualified Health & Safety assessor there, who took them to pieces. It didn't take long for him to point out that they had a really nice management system with no commitment from managers to use it. A word to the wise – don't leave your recertification up until the last minute! If a CB tried to move your recertification past that expiry date, you can and should push back.   [39:00] Password palavers: Steve shares an experience when he interviewed a very organised PA who managed 7 Directors. At the end of the audit he pointed out a folder on her computer called ‘passwords', to which she obliged to show him the contents. Predictably it contained all the usernames and passwords for various accounts the Directors owned. She knew about the secure passwords policy, but no one could realistically remember that many! When Steve questioned the technical team, they states only selected people needed one, and she wasn't one of them. Steve pointed out that she did, and had done the best she could with the tools available, and gifted them a non-conformity as a result as they hadn't done a good job of ascertaining who should get additional security tools. By the end of that day, the PA had their own password vault. [41:30] A fire extinguisher as useless as a chocolate teapot: In another company Steve had noted that they still had a black fire extinguisher. When asked, the staff replied that they were all up-to-date as of 2007. On checking, it was revealed that it had last been serviced in August 1997 – so no, it was not in fact ‘up-to-date'. It may be innocuous to some, but when it comes to safety equipment, that could be the difference between life and death in an emergency. [42:40] Technophobes in a modern age: Ian recounts a past quality audit he did for an engineering company. They require a lot of specific ISO Standards for that industry, and so the company paid a subscription service to ensure they had digital copies of all these Standards to refer back to. One such standard was on verification, and on asking a particular quality engineer about how he verifies a specific product, he pulls out a printed hard copy of a standard from 1993. Ian was interviewing him in 2017, there had been at least 2 updated versions of the Standard out by that point. When probed about why he wasn't using the online standards library paid for by the company, he simply stated ‘I don't like computers'. [45:00] The case of the mysterious ghost file: Steve once had an audit with a relatively nervous member of staff, after explaining that all he has to do is explin how he works, the interview went rather smoothly. At one point he photocopied a bit of paper, hole punched it and filed it away on a shelf in the corner. Steve initially thought ‘good admin, he's clearly following a process', so when he returned Steve asked why he filed that particular bit of information away, to which the staff member said ‘I don't know, I've just been told to do it'. Steve then questioned the Quality Manager there about that document and they replied with the same. He then questioned the warehouse personnel to get the same answer. So, you have this document being photocopied over and over, filed away each time and no one knows why! Steve politely pointed out that it might be a good idea to rethink that pointless process. [47:50] Useless numbering systems: Ian had a similar experience with a numbering system that nobody knew the origins of. The staff involved simply shrugged it off and stated it was simply just what they used. Ian decided to put something to the test, by getting rid of it. He removed an entire archive system from a company's network folder, as back then file space was a big cost and concern. He kept the files and waited to see if anyone actually needed them. After months, he only had 2 requests for documents. It's important to ask both what is and isn't working well. Getting input from all levels of staff can be eye opening, and empower those employees who can help shape up company processes to work more efficiently. [49:50] Allergic to Audits: Ian shares a secondhand story where a trainer for the HSE was conducting a site visit, where he needed to question the shop supervisor on a few things. He asked him for something he couldn't see, and the guy agreed to go get it, and just never came back. Apparently he was so scared of the auditing process that he just went home!   [54:00] Shady police and stolen cars: One of Steve's previous clients had an experience where what they thought was a policeman asked about a hire car the company owned, stating it had been involved in a crime. They didn't think much of letting him take it for his ‘investigation'. Later when the hire company asked about getting their car back, the staff let them know what happened, rightly confused this led to a lot of discussion. As you can probably tell, the man was not a policeman and had made off with a nice shiny BMW simply by asking for it. If something like this happens to you, always ask for documentation from the police. [55:00] The Great Computer Caper: Ian recalls a training centre incident where a lot of computer equipment is stored in one suite. One day a few  guys came in and started lifting stuff out, people were holding doors open for them, not at all thinking them to be thieves. Low and behold, they were and took everything. Steve recounts a very similar experience where the thieves posed as a computer service company, stripping the entire office on a Friday afternoon. It wasn't until Monday when everything was still gone that people thought to question who those people really were. Thank you all for a great 2024, we look forward to bringing you more ISO tips and success stories in 2025. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Aneesa Muthana, president of M&M Quality Grinding and Pioneer Service, Inc., discusses the difference between her two companies, the importance of being AS9100 and ISO9001:2015 certified, her best sales channels, and the countries where she sells.

This episode of the Quality Hub is Part 2 of Context of the Organization with host Xavier Francis and Suzanne Weber-Smatko. They highlight strategies to align quality objectives with broader business goals through regular strategic reviews and more. By identifying internal and external risks and implementing specific mitigation actions, organizations can ensure continuous improvement. Periodic management reviews help adapt to changing business environments, stakeholder needs, as well as others. The episode also stresses the importance of leveraging innovations, like AI, to stay competitive and highlights the need for clear communication, both internally and externally. Ultimately, organizations are encouraged to document and implement plans to manage risks and opportunities, creating a culture of adaptability, collaboration, and continuous improvement. Helpful Resources:   https://www.thecoresolution.com/iso-9001-clause-4   https://www.thecoresolution.com/iso-9001-clause-4-1-explained   For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015   Contact us at 866.354.0300 or email us at info@thecoresolution.com   ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1   A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources   ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting    

How to maintain the ISO 9001 certification? If you are considering this certification that resolve all doubts now. Read our blog now! https://www.quality-assurance.com/blog/hire-our-consultants-and-learn-how-to-maintain-iso-9001-certifications.html

Ya han pasado casi 10 años desde que ISO 9001 y 14001 publicaron su última versión en 2015 y uno de los principales cambios propuestos fue la consideración del pensamiento basado en riesgo. Hoy en día, como consultor experto en gestión de riesgos, sigo viendo cantidad de sistemas que no incorporan de forma apropiada ese concepto de pensamiento basado en riesgo. En esta sesión abordaremos las prácticas habituales y cómo podrían mejorarse para maximizar la utilidad del concepto. – Acerca del ponente, Sergi Simón – Coordinador del Área de Gestión de Riesgos y Sostenibilidad de EALDE Business School Licenciado en Biología, Máster en Consultoría Ambiental, Postgrado en Estadística aplicada, Técnico Superior en Dinámica de Sistemas, Certified Trainer por G31000, y actualmente cursando el Grado en Data Science.

One of the biggest contributors to a stagnating ISO Management System is a failure to communicate. This has certainly been true in our experience with implementing ISO Standards for over 18 years, and as a result, we make sure to highlight awareness and communication as an integral step of the Implementation process. It's a wasted effort only to have your management system gathering dust in a rarely visited folder on your server. If you want to reap the benefits of ISO implementation, it's in your best interest to make everyone aware of their role in relation to your management system and its continual improvement. Today Ian Battersby explains what ISO Standards mean by awareness and communication, why they are so integral to a successful management system and how you can effectively communicate your management system.   You'll learn ·      What does awareness and communication mean in relation to ISO Standards? ·      Why should you communicate your management system? ·      The benefits of management system awareness ·      How can you effectively communicate your ISO management system?   Resources ·      Isologyhub   In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:05] Episode summary: Ian Battersby will be explaining what ISO Standards mean by awareness and communication, and why they are so integral to a successful Management System. [02:30] What is awareness and communication so important?– The success and failure of a management system depends on it's existence being known and understood within an organisation. Staff have a key part to play, and they need to know their part in the Management System and how it aligns with the organisations direction. [03:20] Extra guidance available for awareness and communication – There is a Standard that accompanies ISO 9001, called ISO 9004:2018 – Quality of an Organisation: Guidance to achieve sustained success. This is a great companion to any Standard, as it provides general guidance on how to properly embed a management system within your business. It talks at length about people and the need to ensure that they are competent, engaged, empowered and motivated. These are crucial as: Engagement of people enhances the organisations ability to create value for interested parties. Empowerment motivates people to take responsibility for their work and the results of their work. These can be achieved by providing people with necessary information with authority and the freedom to make decisions related to their own work. People should understand the significance and importance of their role, specifically in creating that value to meet and exceed customer expectations. [05:30] What should be communicating according to ISO Standards? – Taking ISO 9001 as the example, because it is the basis for most ISO Standards, it has a specifies the following: 5.2.2 Quality Policy - The policy should be available and maintained as documented information, so must be issued somewhere so that people can see it. But it also, quite importantly, must be communicated, understood and deployed within the organisation. It also needs to be made available to other relevant and trusted parties. 5.3 Organisational roles, responsibilities and authorities - Top management have a responsibility here. They must ensure that responsibilities and authorities for relevant rules are assigned, communicated and understood within the organisation. There's a lot to consider here as this will also take into account for ensuring processes are delivering expected outputs, the reporting of system performance and improvement and the promotion of customer focus throughout the organisation. 6.2 Objectives - The organisation should establish objectives. These will be targeted at relevant functions, levels and processes and should be communicated to the relevant people affected by those objectives. 7.3 Awareness – Includes the specification that anyone working under the organisations control, so this could include indirect workers, must be aware of your quality policy. Also included is the awareness of objectives and staff's contribution to the effectiveness of the management system. People aslo have to be aware of the implications of not conforming to the requirements of the management system or standard. [09:30] The implications of not following requirements – You need to consider what happens if someone doesn't follow a process. For Standards such as ISO 45001 Health & Safety management, following processes could be a matter of someone getting hurt or breaking the law. [10:00] Clause 7.4 Communication – The organisation shall determine the internal and external communications relevant to the system, and that includes what should be communicated when and to who. [10:30] When should you deliver ISO Management System awareness and communication training? – If you're just starting out on your ISO Implementation journey, it's crucial to communicate at the outset the importance of the process of achieving certification. The level of awareness will vary depending on people's roles, i.e: Top Management: Top management must understand the role of the management system in relation to the strategic direction of the organisation as part of context, they must understand what the management system contributes to the overall business outcomes. While top management don't need to know standards inside out, they must be aware and must have understanding of the overall purpose of the standard and the benefits that standard will bring to the organisation. To gauge the level of awareness top management need, ask yourself, would you be happy to let them be interviewed in private by a third-party assessor in regards to all of their responsibilities in relation to the management system? [13:20] General awareness for the workforce– While leadership require a greater level of awareness, there is still a need for general staff to have a certain level of management system awareness. For those on their first implementation journey, you should bring people in from the very beginning, this includes all staff and those working indirectly under your organisation. You will want to make them aware of the following: What is a quality management system? – Define what it is and what it means What's important about the Standard? – People don't need to know the intricacies of standard subclauses, so just select important aspects such as the Plan Do Check Act (PDCA) cycle If you're integrating Standards, what are some common requirements? – If you're integrating a new standard, what requirements specific to that new standard need to communicated? [15:15] Join the isologyhub and get access to limitless ISO resources – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [17:20] General awareness for the workforce continued – You will also need to make sure people are aware of: What do they need to know in relation to certification? – This can include the date you're working towards, what might be expected of them during an ISO assessment, what does the certification actually mean for the business? Accessing the Management system – How can people find your management system? What documents does it hold? How do you use it? And how does this impact on staff's day to day activities? Staff's role in relation to the Management system – How do staff contribute to the management system on a daily basis? How do they contribute to business objectives? How does the management system benefit them? – Your management system will include tools and guidance on how to carry out certain activities. It explains how improvements can be suggested and made and how audits work. Ultimately it provides a structured approach to ensure everyone is singing from the same song sheet. The importance of complying with policies, processes and procedures – including the consequences of not complying with them. Raising issues relating to non-conformity, the effectiveness of the management system and any potential improvements – You can't have eyes everywhere, and the people working in alignment with your processes can better highlight where something may not be working. This also increases engagement as people will have a real impact on how your business operates.   [20:15] Specific standard considerations for communication – The focus of elements of your communication will be tied to the specific ISO Standard you're implementing. I.e. A Health & Safety management system will include communication of key risks and hazards, how to report safety issues and abiding by Health & Safety law Environmental management systems may include awareness of the need to protect the world we live in, how each person can help lessen their impact on an individual scale ect.   [21:00] Other key roles and related communication – There are other key roles within the organisation which will have specific communication requirements. These will be people like operational functional managers with key roles in processes they may be involved in, i.e. sales, design, purchasing, calibration ect. If they've got specific functions in the organisation with respect to the management system, they need to understand them as much as top management needs to know theirs and the general workforce need to know theirs. [21:50] Communicating key changes to the Management system – You need to continually communicate to the workforce when changes occur to the management system. That communication doesn't stop as soon as you're certified! For first time implementation, you'll want to communicate when you've achieved certification.   [22:30] The importance of communication within a Management System – If people are aware of their role and importance to a management system, they will be more engaged with its operation. This can include reporting on objectives progress during team briefs, raising potential issues and non-conformities or opportunities for improvement, highlighting customer complaints, monitoring number of incidents at work ect All of these contribute to the success of the business and need to be reported on continually. These can turn into lessons learned, which could lead to major system changes where documentation or processes need to be updated and communicated. [24:30] What's the best way to communicate your ISO management system? – Not all organisations are the same, so there is no right or wrong way to do so. A few suggestions include: ·      SharePoint ·      Teams Channel ·      E-mail / internal newsletters ·      Bulletins ·      In-person training ·      Videos For any of the above you may need to consider how to record who has completed set awareness training. [25:30] A final thought  – If an auditor stops and asks a worker about your quality policy, what will that person say to that auditor? We understand that the quality policy must be communicated, but how does each person understand it? Your awareness raising needs to capture methods of ensuring that that happens, which is a tricky task! They do not need to know a Standard verbatim, but they should know the importance of complying with it, what a non-conformity within that system means, and what are the consequences are if they don't follow the rules. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

A crucial part of Implementing any ISO Standard is addressing your risks and opportunities.  This is a key part of Clause 4 Context of the organisation, which expresses and explicit need to review and assess what internal and external factors could help and hinder in achieving your business goals. While ISO Standards don't define a definitive method of doing so, many have adopted the practice of carrying out a SWOT and PESTLE analysis.   Today Ian Battersby explains what a SWOT and PESTLE analysis is, the key questions you should be asking and the importance of continually reviewing and updating the results as your management system matures.    You'll learn ·      What is a SWOT analysis? ·      What is a PESTLE analysis? ·      Examples of questions you should be asking during a SWOT and PESTLE ·      How often should a SWOT and PESTLE be conducted? ·      Examples of SWOT and PESTLE in practice   Resources ·      Isologyhub   In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:05] Episode summary: Ian Battersby will be explaining what a SWOT and PESTLE exercise is, it's role in fufilling key requirements in Clause 4 of any ISO Standard, and the key questions you should be asking during the exercise.   [02:30] What is a SWOT and PESTLE analysis? – This is one is the tools you can use to look at various factors that affect your organisation. SWOT standards for: ·      Strengths ·      Weaknesses ·      Opportunities ·      Threats PESTLE standards for: ·      Political ·      Economical ·      Social ·      Technological ·      Legal ·      Environmental And in recent years, people have added ethical into PESTLE too. Whether that's on its own or integrated within the other elements is up to the organisation and how they want to run the exercise. Both analysis are fundamental in helping organisations understand the benefits and pitfalls of a project, management system implementation included. [05:05] Where in the Standard is there a need for a SWOT and PESTLE? – Clause 4 in all ISO Standards is known as ‘Context of the organisation', which you need to establish early on in order to set the foundations for building your management system. Context is the world in which an organisation works, it is the considerations of the internal and external factors that affect what you do. SWOT and PESTLE, while not specifically referenced in the Standard, is a highly recommended tool as it directly assesses multiple internal and external factors and can fulfil the requirements of any ISO Standard. [06:20] Addressing Context of the Organisation – Clause 4, Context of the organisation states: “The organisation shall determine external and internal issues that are relevant to its purpose and its strategic direction, and that affects its ability to achieve the intended results of its management system. The organisation shall monitor and review information about these external issues.” There are also 3 additional notes: #1: Issues can include positive and negative factors or conditions #2: Understanding the external context can be facilitated by considering issues arriving from legal, technological, competitive, market, cultural, ect 3#: Understanding the internal context can be facilitated by considering Issues related to values, culture, knowledge and performance of the organisation.   So, there's a lot to consider! [08:10] How SWOT and PESTLE address Context of the Organisation – Taking a look at SWOT, strengths and weaknesses would refer to factors internal to your organisation, while the opportunities and threats would be external. Depending on the focus of your management system, you may also want to complete this exercise through a certain lens. That could be information security, health & safety or environmental. The Standard requires you to align your management system with the strategic direction of the organisation, so even if you are viewing this exercise through a certain lens, don't do so in complete isolation. [09:55] How to conduct a SWOT and PESTLE – The people involved in completing this exercise are important, not just the questions you ask. Senior management should be included as they will have key insight to the strategic direction of the business. You should also include operational managers or other functional managers as they will have more context for how things actually work in practice. The point of a SWOT and PESTLE is to ascertain where you stand in terms of your risks and opportunities, and issues relating to resources, people, information, process, technology, equipment, laws, markets, environment, finance, economy ect from both an internal and external lens. This will give you a solid foundation to build your management system on, which will ultimately help you achieve your intended outcomes and lead to a cycle of continual improvement. [11:55] Considerations for Strengths – Strengths is an internal factor. Questions you could ask include: ·      What do we control through good processes? ·      What are we known for? ·      What does our marketplace and competitors say about us? ·      What are we good at? ·      What assets do we have? ·      What resources and knowledge do we have readily available? ·      What's the strength in our products and in the processes for delivering those products and the people that run those processes and deliver those products, their skills, their knowledge, their strengths, their weaknesses and their expertise? ·      What areas in our organisation are already at a high standard and don't necessarily need improvement?   ·      Do we have objectives and targets that we measure against, i.e. KPIs, metrics, success factors and service level agreements, that demonstrate we're good? [13:10] Considerations for Weaknesses – Weakness is another internal factor, one that you have to be brutally honest conducting. Questions you could ask include: ·      What could you improve? ·      Where is money being spent poorly, or being lost? ·      What do your competitors do better than you? ·      What resources / knowledge / people / expertise do you lack? ·      What processes do you lack? ·      Where can your products or services be improved? ·      What are the constraints on your ability to meet changes in market need or demand? ·      What does your customer feedback look like? ·      Do your suppliers meet your requirements or the requirements of your clients? [14:45] Considerations for Opportunities – Opportunities are considered an external factor. Questions you could ask include: ·      What new opportunities are available in your market? ·      What data do you have available on market trends, and how can you leverage that? ·      How changes in compliance requirements in your specific industry or your locality might provide you with opportunity to gain an edge? ·      What are past identified opportunities that we've not acted on? ·      What is the competition not taking advantage of that you could? ·      How can you increase customer satisfaction based on both positive and negative feedback received? [16:00] Considerations for Threats – Threats are also considered an external factor, they are obstacles for you achieving your goals. Questions you could ask include: ·      What new environmental effects may affect you? Note: there is a new climate change amendment added to many commonly adopted ISO Standards, so this is something you will need to address. ·      What competitors are a threat to you? ·      Are other competitors taking advantage of markets that you have not accessed? ·      Why might competitors be getting ahead? ·      Are the habits of customers changing, and if so, how? ·      Are there other interested parties other than customers who present obstacles to you? ·      Are there any foreseeable resource issues? i.e. loss of experienced staff, lack of relevant talent in the pool of available people ect ·      Are you adapting to changes in the world? [16:00] PESTLE: Addressing political factors – When you're looking at political factors affecting your intended outcomes, consider the following: ·      What is happening politically in your environment? - That could be international or local on scale ·      What is the impact of policy or tax? ·      What is the impacts of employment trends / trade restrictions / tariffs? ·      What is the impact of unemployment rates on your organisation? ·      What is the impact of workforce shortages that may affect you? ·      Is there any form of Government intervention in your specific market? ·      Would this government intervention be considered an opportunity or threat? i.e. offering grants [19:20] Join the isologyhub and get access to limitless ISO resources – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [21:25] PESTLE: Addressing economic factors – When you're looking at economic factors affecting your intended outcomes, consider the following: ·      What is the impact of interest rates / exchange rates / inflation? ·      What is economic policy doing to you and your industry and your clients? ·      What are the impacts on wage rates / minimum wage changes /affordable living cost of living? [21:50] PESTLE: Addressing social factors – When you're looking at social factors affecting your intended outcomes, consider the following: ·      What's the impact of changes in the cultural landscape? ·      What's the impact of the expectation of people? ·      What's the impact on working people's lives and what their expectations are for working life in general? i.e. working hours and career aspirations ·      What is the and the emphasis on ethics, safety, Environmental Protection and data privacy for your clients / workforce / suppliers?   [22:50] PESTLE: Addressing technology factors – When you're looking at technological factors affecting your intended outcomes, consider the following: ·      What is happening technology wise which impacts on what you do? ·      How does this affect the equipment you use? i.e. automation, the age of your equipment ect ·      What's the impact of emerging technology? ·      How you decide on the costs and benefits of investing in new technology? ·      How do you use your website / blogs / social media to interact with your marketplace? ·      Have you got intellectual property you need to protect? i.e copyright pins that need consideration. [23:40] PESTLE: Addressing legal factors – When you're looking at legal factors affecting your intended outcomes, consider the following: ·      How does the law affect how you do business? i.e company law, health & safety law, HR law, trade law? ·      What changes in legislation have occurred recently that you need to have considered? ·      How do you horizon scan for changes in legislation that affect you in your market? ·      What's the impact on employment on imports, exports, labour departments? ·      Have you considered other compliance obligations, such as certification to certain standards? [24:50] PESTLE: Addressing environmental factors – When you're looking at environmental factors affecting your intended outcomes, consider the following: ·      How do environmental aspects impact you, and how does the way you operate affect the environment? This includes consideration for air, water, land, natural resources, flora, fauna. ·      How do changes in the energy and utilities markets affect you? ·      How does your organisation fit in with any carbon reduction targets that your Government may have in place? ·      Are you required to create a carbon reduction plan? ·      Do you need to comply with certain environmental reporting requirements? i.e. here in the UK we have schemes like ESOS and SECR [24:50] PESTLE: Addressing ethical factors – This one is optional, but many are choosing to include it as part of their PESTLE now. When you're looking at ethical factors affecting your intended outcomes, consider the following: ·      How do you stay on the right side of the law with respect to the use of money? ·      Have you considered human rights / labour / children in the workforce / slavery / health & safety and well-being of local populations? ·      What charitable contributions do you make as an organisation? [27:15] Assigning significance  – The next part of a SWOT and PESTLE requires you to assign significance to the various factors affecting your organisation. So, make sure you document every factor and how those factors affect your ability to achieve what you intend. Ensure that this all remains in alignment with the strategic direction of the business, as ultimately, you want your Management System to help drive those goals forward. [30:25] Frequency of a SWOT and PESTLE: This isn't just a one-off exercise. You should be continually monitoring these internal and external factors, and only updating the exercise during a management review meeting will do you a disservice. This is an ever-changing world, it's the one in which you operate, and you need to ensure you're keeping up with it. You could look at various factors in monthly or even weekly meeting with the appropriate parties, and see if circumstances have changed. [31:25] Examples of why you should continually update your SWOT and PESTLE: Ian recounts an experience he had with a client where they had failed to disclose where they had switched to a digital system for competence related documentation, but it had not met their needs and so they needed to return to manual documentation. This switch made finding the required documentation for internal audits difficult. None of this was recorded in their SWOT and PESTLE. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

In this episode of the Quality Hub Podcast, it's Part 2 of ISO 9001 Clause 6.3. Host Xavier Francis speaks with Brian Smith, and Brian Smatko on effective change management, focusing on communication and avoiding common pitfalls. They emphasize the importance of involving stakeholders early, assigning clear responsibilities, and updating documentation to ensure smooth implementation. Engaging employees who will be directly affected by changes helps reduce resistance, while managing leadership expectations prevents unrealistic goals. Proper communication, both during and after decision-making, is key to ensuring changes are understood and effectively integrated. Helpful Resources: https://www.thecoresolution.com/iso-9001-clause-6-3-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

Purchasing goods and services is a necessity for any business, whether that's simply stocking up on office supplies, or looking for someone to manage your IT environment. Procurement has a key role to play in keeping things running smoothly, along with facilitating the core values of businesses as priorities change, such as a commitment to ESG compliance.   In this episode, Ian is joined by Philip Ideson, Founder & Managing Director of Art of Procurement, to discuss procurement's role in ESG compliance, the challenges procurement faces with ESG, and learn about their mission to 10X the impact of procurement. You'll learn ·      Who is Philip Ideson and the Art of Procurement? ·      What are the current trends in procurement? ·      What is procurement's role in relation to ESG? ·      How do ESG deliverables fit in with the other results procurement is expected to deliver? ·      What are the greatest challenges procurement currently faces with ESG? ·      What is Art of Procurement's mission to 10X the impact of procurement? ·      What are the 6 principles of this mission?     Resources ·      Art of Procurement ·      Art of Procurement Podcast ·      The Art of Procurement philosophy ·      ESG Compliance     In this episode, we talk about: [00:25] Episode Summary – We welcome today's guest, Philip Ideson, Founder and Managing Director of the Art of Procurement, to discuss the role procurement has in ESG compliance. Additionally we will dive into Philip's mission to increase the impact of procurement. [03:00] Who is Philip?: Philip has been in the procurement space for almost 25 years now! He started at Ford Motor company, in direct Procurement where he was purchasing parts for car manufacture. He later moved into indirect Procurement, which is essentially everything you need to operate on a day-to-day basis i.e. office supplies, childcare facilities ect. Philip has worked in the UK, Europe, India and has been based in the US for the past 19 years. To get a perspective on the other side, he joined a Service Provider who provided outsourced procurement, that company later got bought out by Accenture, which was when Philip decided to go out on his own and started ‘Art of Procurement. His podcast has been running for 9 years, and has the aim to share inspiring stories of companies who think differently about procurement. [06:05] Hard Truth: Inside the Football Industry Podcast – Philip also co-hosts another podcast in his spare time, which was awarded the EFL podcast of the year in 2023! Hard Truth delves into the behind the scenes aspects of football, co-hosted by the owner and Chairman of Peterborough United, it also gives an owner perspective of the football season. [07:05] What are some of the top trends and priorities in procurement currently? Digitisation: Procurement was an area where technological change happened relatively slowly, at least up until around 5 years ago there weren't many tech solutions built specifically for procurement. However, a lot of money has been poured into the space, so now there's the challenge of ‘How can we digitise?' The problem with a lot of technology solutions is that they often become obsolete quickly, and with the rise of AI it's trickly to keep up, let alone get ahead.   [08:10] What is something about procurement that might surprise people who don't work in the field? Procurement gets a bad rep for trying to save every last penny at the cost of bullying suppliers. However, they are a lot more passionate around the role that suppliers can play in the growth of a business. It's all about marrying together the capabilities of supply chains with the needs of a business, rather than trying to squeeze every last penny's worth out of suppliers. [09:15] Procurement put into a box: In a lot of businesses, procurement kind of professionalised the profession based on an ROI which was tied to cost savings, because procurement sold that value proposition to get the investment, it means that that's the only thing businesses think they can do. Procurement gets put in this box within a business of when I need to save money, you know break the glass, bring out procurement and they can do that. Where you actually get a much better result by working more collaboratively with your procurement team. There's a lot more tied to business objectives than with procurement objectives, instead of focusing on what procurement can do to save you money, look at what other objectives they can help you achieve. [10:35] What is procurement's role with regard to ESG? – Philip was involved in a  research study that was done by The Economist, where they surveyed approximately 2300 C-Suite executives, procurement and non-procurement individuals. It was revealed that ESG was the number 2 priority right now, specifically where sustainability was concerned. Modern slavery is also becoming more of a concern. [12:00] A fad or long term change? Priorities like this for any business are subject to the politics of the day. They are important now as that's where a lot of focus in from many different sources, but they are likely temporary and will be dependent on geographical location and available investment. However, the impact of emissions reporting as a result of ESG will have a longer term affect as scope 3 emissions include supply chains. More businesses will be expecting their supply chains to meet their emissions reporting requirements going forward. [13:20] How long has procurement been doing ESG/CSR type work?: Back 14 years ago, when they had to report back on supplier diversity spend, they had very little data. It involved a lot of extrapolating data so that you have something to report back with. More accurate data reporting has picked up in the last 6 years, and is more on an organisation by organisation basis. The key driver for procurement involvement in any aspect of sustainability is due to regulatory requirements. [15:00] Innovation for a better future: The digitisation and other technological advancements will allow for better ESG support, with more accurate data and reporting capabilities. Back in the day, it may have been a case of sampling some 100 suppliers out of a pool of 10,000 listed on a simple spreadsheet, and then googling them to see which ones would be considered diverse suppliers. It short, it used to involve a lot of manual data gathering, which is rapidly getting replaced by new tech tools. [26:20] What are the greatest challenges procurement currently faces with ESG? One of the challenges is internal. When ESG is brought to the table, decisions have to be made about selecting suppliers who would align with their ESG requirements, which is a decision that is ultimately made by the budget holder. Procurement can do everything they can to mitigate any additional cost, but they do not decide who spends the money with who. A lot of the role procurement can play in supporting ESG is dependent on the organisational focus on those initiatives and how well everything is communicated to all involved. [17:20] Looking to the future of procurement: Procurement was once seen as a cost management function, now professionals like Philip are looking at how they can demonstrate the additional value they can bring to an organisation, including supporting ESG compliance. Procurement has shifted more towards risk management, with a greater focus on risk factors such as cost and sustainability. There's still a lot of uncertainty around what the next 10 years will look like. Philip predicts that procurement will become a smaller, yet more impactful area than it is today. The operating model will likely shift to a more service-based approach with a more nuanced approach to supporting businesses. Philip can see a world where sustainability and supply chains merge as third-party suppliers will have an increased effect on an organisations ability to meet its sustainability goals. [20:30] What is Art of Procurements' mission to 10X the impact of procurement?: Philip aims to change the mindset of procurement leaders, and get them to think outside of the box. Procurement can have a significant impact on organisations, in the form of additional support like ESG, but also because they have a much wider field of view regarding potential suppliers. It's about going back to basics, asking: ·      What is procurement? ·      How should it operate? ·      How can procurement best support businesses? Their mission aims to rethink how procurement works, and refining how to best work with organisations to achieve their goals. [22:25] What are the principles of this mission?: Philip highlights a few that he's passionate about, including: Focus on driving business outcomes: How can procurement build their capabilities around what the business truly needs? There can be conflict between an organisation and its procurement, whether that be with stakeholders or selecting suppliers. So, it's about finding a balance between doing what can be done to further an organisations goals while also saving them money. Procurement facilitating differentiated decision making: Procurement can offer some crucial insight into potential suppliers for organisations, but they can only do so if they have the correct data to help make those decisions. When it comes to measurable data, like many aspects of how sustainable a supplier may be, this is where procurement can help businesses make smarter decisions. Overseeing not managing spend: Procurement should not necessarily have complete control over the spend of an organisations, but using technology they should be able to understand what is being spent and with who. It's keeping an eye on potential risk factors with suppliers and helping organisations decide who to continue to work with. [28:00] How are the Art of Procurement philosophically different? They see procurement as a journey, where many organisations are on a different part of the maturity curve and may need help bridging those gaps to keep moving forward. Art of Procurement seek to accelerate that speed of maturity by working smarter with new technology, and in alignment with an organisations goals. Procurement is facing a battle currently, where if they don't adapt, they run the risk of losing out to purely AI driven tools. This is of course, not a concern unique to the world of procurement, it's actively affecting HR, IT support and the creative industry in a huge way. [30:40] Connect over common goals: Procurement professionals often want to be more collaborative than people may think. Don't be afraid to reach out to your procurement team to see what common goals you can try to achieve. They are there to work with you, not against you. [32:45] Procurement and ISO: Philip has seen a lot of instances where an internal audit finding will lead to procurement success. In some cases, this may be from an identification of a need for investment in procurement, it's seen as necessary tool for the organisation and so they approach it with that mindset in mind. Internal Audits, a staple in the world of ISO, offer the opportunity to highlight where improvements can be made. They also compile credible evidence to put a case forward to relevant individuals, who may have not listened to previous grievances. If you would like to learn more about the Art of Procurement, check out their podcast available on their website. If you'd like to hear more from Philip, he also co-hosts the hard truth - inside the Football Industry podcast. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Die AHA-Momente sind kurze Solo-Episoden mit erlebten Geschichten und Erkenntnissen. In dieser Episode wird die Frage erörtert, ob wirklich niemand unersetzlich ist. Anhand einer wahren Geschichte wird aufgezeigt, wie ein Unternehmen nach dem plötzlichen Weggang eines Mitarbeiters nicht nur überlebte, sondern sich auch weiterentwickelte. Die Episode beleuchtet das Thema der Unersetzlichkeit und gibt hoffentlich ein paar Anregungen.   Vernetze Dich gerne mir auf LinkedIn:  

In this episode of the Quality Hub podcast, Xavier Francis discusses ISO 9001 Clause 6.3 on Change Management with Brian Smith and Brian Smatko both from Core Business Solutions. The conversation emphasizes the importance of planning and managing changes within a Quality Management System (QMS) to avoid unintended consequences and maintain consistency. They highlight that major changes, such as new equipment or process modifications, should be addressed in management reviews, considering multiple factors like and potential impacts on other processes. Proper documentation, communication, and addressing resistance to change are crucial to ensure smooth transitions and maintain the integrity of the QMS. Helpful Resources: https://www.thecoresolution.com/iso-9001-clause-6-3-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

Mirko Kloppenburg verwendet sein langjähriges Wissen über Prozesse bei der Lufthansa, um seinen Kunden eine sinnvolle Herangehensweise an Prozesse zu vermitteln. Zu diesem Zweck hat er einen Prozesslebenszyklus entwickelt, den wir in dieser Episode detailliert besprechen. Freue Dich auf praxisnahe Impulse für Deine Prozesse.   Vernetze Dich gerne mit Mirko und mir auf LinkedIn:

Han pasado varios meses desde que la Organización Internacional de Normalización ISO emitió la enmienda en relación al cambio climático para varias de sus normas de sistemas de gestión, entre ellas ISO 9001. ¿Cómo vienen abordando las organizaciones esta enmienda? En este Webinar revisaremos los cambios clave introducidos por esta enmienda y su impacto en el sistema de gestión de la calidad de organizaciones que lo vienen implementando. – Acerca de la ponente, María Altamirano – Asesora, Facilitadora y Auditora en Sistemas de Gestión. Máster en Calidad Total, Auditora Principal QMS certificada y registrada en IRCA. Auditora para Bureau Veritas Certification. Docente invitada en EALDE Business School.

Learn about the difference between ISO 17025 and ISO 9001. Understand the individual clauses and benefits of getting certified by each. Click here! https://www.quality-assurance.com/blog/what-is-the-difference-between-iso-17025-and-iso-9001-what-do-the-consultants-say.html

In the final episode of “Purchasing” on the Quality Hub podcast, Xavier Francis, along with Murphy Shaw and Matthew Pilley conclude their discussion on ISO 9001 Clause 8.4.3, focusing on ensuring the adequacy of requirements communicated to external providers. Matthew emphasizes the importance of clearly defining and documenting all supplier requirements, while Murphy highlights that at Core, they help clients establish effective purchasing processes using formal documentation. They stress the need for clear, formal communication and outline the essential information to include, as well as discuss managing changes to requirements. Finally, they touch on the complexities of purchasing in different industries, including service and tech companies, and the criticality of clear communication to ensure quality and compliance. Helpful Resources: https://www.thecoresolution.com/clause-8-4-3-iso-9001-2015-explained https://www.thecoresolution.com/8-4-purchasing-iso-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting

In the second part of “Purchasing” on the Quality Hub podcast, Xavier Francis, along with Murphy Shaw and Matthew Pilley from Core Business Solutions, delve into Clause 8.4.2 of the ISO 9001 standard, focusing on supplier controls. Murphy explains the importance of controlling supplier quality to prevent negative impacts on the organization and its customers. Matthew describes Core's approach, which includes drafting a supplier management process within the quality manual and defining purchasing as a key process. They discuss best practices for supplier controls including clear contracts, performance evaluations, and more and how to foster effective communication of expectations and capacities to suppliers. Murphy and Matthew also discuss methods for monitoring supplier performance and handling non-conforming products. They also state how CORE helps to manage these processes efficiently. Helpful Resources: https://www.thecoresolution.com/clause-8-4-2-iso-9001-2015 https://www.thecoresolution.com/8-4-purchasing-iso-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

In part 1 of "Purchasing" on the Quality Hub podcast,  hosted by Xavier Francis, Murphy Shaw and Matthew Pilley from Core Business Solutions discuss the intricacies of ISO 9001 Clause 8.4.1. They explain the necessity of having a structured approach to supplier selection, evaluation, and monitoring to ensure consistent quality and compliance with standards. Key practices include creating an approved supplier list, documenting evaluations, and regularly reviewing supplier performance. The conversation highlights the importance of having multiple suppliers to mitigate risks, particularly in challenging situations like supply chain disruptions. They also discuss how CORE offers electronic tools to streamline these processes for their clients, ensuring efficient management and compliance. Helpful Resources: https://www.thecoresolution.com/what-is-clause-8-4-1-of-iso-9001-2015-about https://www.thecoresolution.com/8-4-purchasing-iso-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 A Plethora of Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting

In July 2024, A logic error in an update for CrowdStrike's Falcon software caused 8.5 million windows computers to crash. While a fix was pushed out shortly after, the nature of the error meant that a full recovery of all effected machines took weeks to complete. Many businesses were caught up in the disruption, regardless of if this affected them directly or by proxy due to affected suppliers. So, what can businesses learn from this? Today, Ian Battersby and Steve Mason discuss the aftermath of the CrowdStrike crash, the importance of good business continuity and what actions all businesses should take to ensure they are prepared in the event of an IT incident. You'll learn ·      What happened following the CrowdStrike crash? ·      How long did it take businesses to recover? ·      Which ISO management system standards would this impact? ·      How can you use your Management System to address the affects of an IT incident? ·      How would this change your understanding of the needs and expectations of interested parties? ·      How do risk assessments factor in where IT incidents are concerned?   Resources ·      Isologyhub ·      ISO 22301 Business Continuity     In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:05] Episode summary: Ian Battersby is joined by Steve Mason to discuss the recent CrowdStrike crash, the implications on your Management system and business continuity lessons learned that you can apply ahead of any potential future incidents.   [03:00] What happened following the CrowdStrike crash?– In short, An update to CrowdStrike's Falcon software brought down computer systems globally. 8.5 million windows systems, which in reality is less than 1% of windows systems, were affected as a result of this error. Even still, the damage could still be felt from key pillars of our societal infrastructure, with a lot of hospitals and transportation like trains and airlines being the worst affected. [04:45] How long did it take CrowdStrike to issue a fix? – CrowdStrike fixed the issue in about 30 minutes, but this didn't mean that computers affected would be automatically fixed. In many cases applying the fix meant that engineers had to go on site to many different locations which is both time consuming and costly. In some cases Microsoft said that some computers might need as many as 15 reboots to clear the problem. So, a fix that many were hoping would solve the issue ended up taking a few weeks to fully resolve as not everyone has IT or tech support in the field to issue a manual reboot. A lot of businesses were caught out as they don't factor this into their recovery time, some assuming that an issue like this is guaranteed to be fixed within 48 hours, which is not something you can promise. You need to be realistic when filling out a Business Impact Assessment (BIA). [07:55] How do you know in advance if an outage will need physical intervention to resolve? – There is a lesson to be learnt from this most recent issue. You need to take a look at your current business continuity plans and ask yourself: ·      What systems to you use? ·      How reliable are the third-party applications that you use? ·      If an issue like this to reoccur, how would it affect us? ·      Do we have the necessary resource to fix it? i.e. staff on site if needed? Third-parties will have a lot of clients, some may even prioritise those that pay a more premium package, so you can't always count on them for a quick fix. [09:10] How does this impact out businesses in terms of our management standards? – When we begin to analyse how this has impacted our management systems, we can't afford to say ‘We don't use CrowdStrike therefore it did not impact us' – it may have impacted your suppliers or your customers. Even if there was zero impact, lessons can be learned from this event for all companies. Standards that were directly affected by the outage were: ·      ISO 22301 – Business Continuity: Recovery times RPO and RTO; BIA; Risk Assessments ·      ISO 27001 – Information Security: Risk Assessment; Likelihood; Severity; BCP; ICT readiness ·      ISO 20000-1 – IT Service Management; Risk Assessment of service delivery; Service continuity; Service Availability Remember, our management systems should reflect reality and not aspiration [11:30] How do we use our Management Systems to navigate a path of corrective action and continual improvement? – First and foremost an event like this must be raised as an Incident – in this case it would no doubt have been a Major Incident for some companies. This incident will typically be recorded in the company's system for capturing non-conformities or continual improvement. You could liken this to how ISO 45001 requires you to report accidents and incidents. From the Incident a plan can be created which should include changes to be considered or made to the management system. The Incident should lead us to conducting a lessons learned activity to determine where changes and improvements need to be made. We are directed in all standards to Understanding the Organisation and its context The key requirement here is to determine the internal and external issues that can impact your management system, and prevent it from being effective. Whatever method a company uses for this, perhaps a SWOT and PESTLE; the CrowdStrike/Microsoft Outage should be included in this analysis as a threat and/or Technical issue. [15:15] What are the lessons learned from our supply chain? – In many ISO Standards, such as ISO 9001 and ISO 27001, there is a requirement to review your suppliers and the effectiveness of the service they're delivering. So you could send them an e-mail to ask how they have dealt with the issue, what actions did they take and how long did it take to fully restore services. This is a collaborative process that you can factor into your own risk assessments, as you can make a better judgement on future risk level if you are privy to their recovery plans. Many people still think of that requirement only in relation to goods and products. i.e. has my order been delivered ect. However, it relates to services such as IT infrastructure as well. You rely on that service, so evaluate how well it's being delivered. [17:35] Join the isologyhub and get access to limitless ISO resources – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [19:50] Once you have established lessons learnt, what's next?  – The Standards provide a logical path to work through. One of the first steps is to conduct a SWOT and PESTLE, and doing so after a major incident is recommended, as your threats and weaknesses may have changed as a result. Do not simply put the sole blame on a third-party who an incident may of originated from. This is about your response and recovery, your plans coming into effect to deal with the situation, not about who is at fault. One such finding may be your lack of business continuity plans, in which case, looking at implementing aspects of ISO 22301 may be an action to consider. It's also important to note down any positives from the incident too. You may have dealt with something very fast, communicated the issue effectively and worked with clients to ensure that their level of service was minimally impacted. If a team dealt with a situation particularly well, they should be recognised for that, as it really does go a long way. [23:55] The importance of revisiting your SWOT and PESTLE: These exercises shouldn't just be a one time thing. You should be addressing these after incidents and any major changes within the business. Ideally, you should be looking at these in all your meetings, as many actions may need to be escalated to a strategic level. If you'd like to learn about how one of our clients embraced SWOT and PESTLE, and used it to their advantage, check out episode 53. [25:20] How has our understanding of the needs and expectations of Interested Parties been changed? - How has the Outage impacted the needs and expectations of interested parties? Understanding this might lead companies to ask questions about the robustness and effectiveness of different parts of the management system: ·      Risk Assessment ·      BIA for BCP ·      Recovery Plans ·      DR plans ·      Service Continuity [27:50] What should you be considering with your risks assessments? - Risk Assessments, if they follow the traditional methodology, with have Likelihood and Impact/Severity scores an in the light of this outage, and any event, the likelihood and Impact scores should be updated. If a company has set the likelihood as ‘once every 5 years' it should seriously consider changing this to ‘once every 6 months' or 'once every year' to understand if this poses any new risks to the business. The likelihood score would of course be updated every year until it has recovered to ‘once every 5 years'. The impact is important to look at. If a company has been impacted by this outage, what has it cost the company to recover – talk to finance and other departments to understand the cost and change the scoring accordingly. [33:20] Why should a business carry out a risks assessment as part of lessons learnt? - Our risk assessments are not a one-off, but should be living documents that reflect the status of threats to the business. In ISO 27001 there is a statement to identify the ‘Consequences of  unintended changes,' and it could be argued that an Outage on the level of the CrowdStrike/Microsoft outage was an ‘unintended change that led to consequences in many businesses. So, use your risk assessments as live tools to report on the reality facing the organisation. Similarly, BIA assessments for BCP should be reviewed to determine if the assumed impact reflects the real impact; also look at the recovery plans to see if they are effective. If a recovery plan has stated that this type of incident could be recovered in 48 hours, and in reality it has taken 2 weeks, it means that recovery times in terms of RPO and RTO should be reviewed. Remember - your management system should reflect reality and not aspiration. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Continual Improvement is at the heart of every ISO Standard.  The cyclical nature of ISO Standards lends itself to regular review and update of your Management System, to ensure it's working efficiently and to address any issues or opportunities that inevitably crop up. However, Integrating these improvements can be challenging, even for mature systems. Today Ian Battersby explains the concept of Improvement as defined in ISO Standards, how to find root cause for non-conformities and integrating improvement actions from multiple sources.   You'll learn ·      What is meant by ‘Improvement' in ISO Standards? ·      Common misconceptions about Improvement in ISO Standards ·      How to address non-conformities in your Management System ·      Finding the root cause of a non-conformity ·      Integrating Improvement actions   Resources ·      Isologyhub   In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:05] Episode summary: Ian Battersby will be explaining what Improvement means in relation to ISO Standards, how to address non-conformities and integrating the required Improvement actions. [02:30] What is meant by ‘Improvement' in ISO Standards? – One of the requirements of all Management System standards is to determine and select opportunities for improvement (Clause 10). This is the fundamental aim of Management Systems: to make things better In the words of the standards, it is so that an organisation can: “Implement any necessary actions to meet customer requirements and enhance customer satisfaction These shall include: a) improving products and services to meet requirements as well as to address future needs and expectations; b) correcting, preventing or reducing undesired effects; c) improving the performance and effectiveness of the management system.” An organisation going through certification for the first time may never have had in place a system for planning improvements.  Some organisations are dealing with improvements, but not necessarily through a single, consistent route. While you can meet the requirements of the standards without a single route, the standard is not prescriptive in how you go about this. [04:45] Common misconceptions about non-conformities – the standard does go on to cover nonconformity and corrective action (10.2); is it suggesting these as the main source of non-conformities (NC).  It isn't really explicit about other sources, other than specifically including customer complaints as a form of NC. However, there's a strong argument for consolidating data from different sources, so it's worth considering how complaints data is handled. Other sources of non-conformities can include your Internal Audit findings, addressing where you may not be meeting client expectations, addressing failure to meet legal obligations ect. As a reminder, ISO 9000 (Fundamentals and vocabulary) includes the definition of nonconformity: non-fulfilment of a requirement: need or expectation that is stated, generally implied or obligatory i.e. Legal / client expectation. [10:00] Addressing non-conformities – You need to evaluate the need for action to eliminate the cause of the nonconformity, to ensure that the issues doesn't recur, or pop-up elsewhere. When a non-conformity does occur, you need to: ·      Determine the causes ·      Determining if similar nonconformities exist, or could potentially occur; Any corrective actions should be appropriate to the effects of the nonconformities encountered. So, you don't need to commit a huge amount of resource to minor issues. [11:40] Join the isologyhub and get access to limitless ISO resources – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [13:40] Finding the cause of non-conformities  – Without removing the cause, repetition may occur, and this is where integrating improvement data from multiple sources comes into its own. The idea of Common cause is - a single cause may manifest itself in very different outcomes. For example, a lack of competence could lead to a process being delivered wrongly, leading to reducing level of quality in service or product, which would be picked up as an NC. Competence is an area which can also lead to NC's, through the result of a helath & safety incident or environmental incident if people aren't trained to use equipment or follow set procedures.   It can also lead to a customer complaint where the failed process is apparent to a customer. If a product NC isn't spotted until after the product delivered/in service it could lead to a warranty claim Or even a claim for damages should it lead to harm/loss to the customer It could lead to regulatory breach or even enforcement or legal action Some of these outcomes may not be apparent until they have impacted upon a customer or other interested party, so would not be recorded internally through a nonconformity system. All this to say, finding the root cause will require looking in a lot of different places. Having a common methodology in place to address non-conformities, including considerations for different types of issues, makes life a lot easier. [15:55] Integrating Improvements from multiple sources: There are many sources which can highlight opportunities for Improvement, including: Internal Audit – This is a conformity assessment, so any gaps or issues identified will be NC's that need addressing. Surveillance Audit / Certification Audit – Your Certification Body will also be conducting a third-party conformity assessment, which may highlight something you've missed in your own internal audits. Supply Chain Audit – Auditing your supply chain can also highlight NC's that you can encourage them to address, both for your benefit and theirs. Client Audit – You may be audited by clients, especially where there may be specific technical industry related issues. Management Review – This is the perfect platform to identify Opportunities for Improvement. You can highlight NC trends from Internal Audits here and define if they need to be addressed separately. You will often have members of senior management present at a Management Review, so there is a greater chance for you to plan tangible actions to address issues, especially if they are business critical. SWOT / PESTLE – This usually happens early on in the Implementation phase, but there's no reason why you can't repeat the exercise on an annual basis. This exercise directly identifies your risks and opportunities, both from internal and external sources. Getting input from all levels of staff as they may also shed light on potential NC's and opportunities other departments may not even be aware of. Accident reporting / Safety observations – Any incident should be viewed as an opportunity to improve. Some accidents are unavoidable, but many are a result of someone not following instructions, equipment being left unattended or in the wrongs location ect. Addressing these will help you to ensure a safer environment. Site inspections – Just walking around your site can yield new insights. Ask other departments that may not visit your area to do a sweep and report any findings. Sometimes all you need is a fresh pair of eyes to highlight issues you've missed.   Complaint / Other customer feedback – Allow clients and stakeholders to have input. Regulatory requirements – You may discover you are breaching a regulation, which needs to be addressed ASAP. Consider a legal register to keep track of all your legal and regulatory requirements. Enforcement (HSE, EA, professional body) – You may have opportunities for improvement enforced by professional bodies such as the HSE or Environment Agency. Management Action – Any management meetings should take opportunity suggestions from both management and the general workforce. Product NC's – If you're in the manufacturing industry, you likely already have a system in place for monitoring any product related non-conformities. This process can be applied on a broader scale, as it embodies the same principles: Identify the problem, find the root cause, address the root cause, put preventative measures in place to stop recurrence.  If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

In this episode of the Quality Hub podcast, host Xavier Francis is joined by Suzanne Strausser and Suzanne Weber-Smatko to delve deeper into Non-conformances and Corrective Actions, with a focus on Trends and Analysis. The discussion covers the essential elements of documenting Corrective Actions, including problem statements, immediate containment, and long-term solutions. They highlight the importance of verifying the effectiveness of Corrective Actions and the cost implications of poor quality. The hosts emphasize the value of engaging staff in root cause analysis to foster a quality culture. By examining customer feedback and other metrics, they illustrate how to make data-driven decisions for continuous improvement, ultimately enhancing business efficiency and profitability. Non-Conformities and Corrective Actions: https://www.thecoresolution.com/clause-10-2-iso-90012015-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting

In this episode of the Quality Hub podcast, host Xavier Francis, Susan Weber-Smatko, and Suzanne Strausser delve into the topic of Corrective Actions and root cause analysis. They define Corrective Actions as measures to address the root causes of Non-Conformities to prevent their recurrence, stressing the importance of a thorough process evaluation rather than just fixing surface issues. The discussion covers the steps in implementing effective corrective actions, including documentation, management involvement, and continuous improvement. They also explain the methodologies for root cause analysis. Real-world examples illustrate how these principles can be applied in both manufacturing and customer service contexts to enhance overall quality and efficiency. Helpful Resources: Clause 10.2 of ISO 9001:2015 - https://www.thecoresolution.com/clause-10-2-iso-90012015-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

In this episode of the Quality Hub podcast, host Xavier Francis discusses Non-Conformances and Corrective Actions with Suzanne Strausser and Suzanne Weber-Smatko from Core. They explore the nature of Non-Conformances, emphasizing the importance of timely documentation and addressing the underlying issues they indicate. In addition, they explain the difference between Non-Conformances and Corrective Actions, noting that not all Non-Conformances necessitate Corrective Actions, which are reserved for more significant problems. The episode sets the stage for the next part of the series, which will delve deeper into Corrective Actions and root cause analysis. Helpful Resources: Clause 8.7.2 of ISO 9001:2015 - https://www.thecoresolution.com/clause-8-7-2-iso-9001-2015-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

ISO Standards provide a framework to help businesses manage various aspects of their activities. Whether that's quality, risk, environmental or Information Security management, they provide invaluable guidance to establish an effective Management System. One element that is key, no matter the Standard or subject area, is Leadership. Without this driving force, your Management System will not get the momentum it needs to truly benefit your way of working. Today Ian Battersby will explain the integral role of leadership within the Implementation and maintenance of an ISO Management System, and how their active participation benefits the whole business. You'll learn ·      What is Leadership? ·      Where is Leadership referenced in ISO Standards? ·      How do Leadership get involved with the Implementation and Management of ISO Standards? ·      How does Leadership participation benefit the business?   Resources ·      Isologyhub     In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:05] Episode summary: Ian will be discussing the role of Leadership within ISO Management Systems and how their active participation can benefit the business as a whole. [02:30] What is Leadership? – Leadership is central to success in achieving any goal in business. It involves motivating a group of people toward a common pursuit, and it certainly isn't straightforward without leadership believing in what it's doing. Without showing that belief, why would the workforce sit up and take note: ‘If it's not important to you, why should it be to me?' [03:30] Why should Leadership get involved? – The need for leadership has been recognised by Standards bodies, hence why it's been made central to all Management System Standards. For many years, Management Systems were separate from the day-to-day activities of running a business, often boiled down to just a person in a room with manuals, getting through certifications and earning a nice shiny badge.But this had little to no impact on the bottom line (be honest)! But, a well-run Management System can have huge impacts and benefits on all types of organisation, and updated ISO standards aim to deliver that impact more readily, so leadership gets its own clause (Clause 5 – Leadership)  [05:25] Clause 5.1 Top management shall demonstrate leadership & commitment – This boils down to taking accountability for effectiveness of the system, but how do you do this? Firstly, the system can only be effective if it is designed correctly, so leadership must ensure it fits with its context of the organisation, which is required in Clause 4. There are ways of doing this, but we favour a SWOT and PESTLE. This is simply to ensure that those establishing context don't do it in a vacuum, opening up the floor to get input from everyone effected by the Management System. This is key because Senior Managers need active involvement to understand how the system works, its resource needs and its performance. [07:25] Ensuring quality policy and objectives are established and compatible with context and strategic direction – The quality objectives must contribute to the business, so there's a role for senior managers to ensure that they are aligned and have a measurable contribution to the business. What measures are included in your objectives which can demonstrably show that they affect the business in some way in a good way? That's what senior management have to do to link quality objectives with strategic organisational business objectives. [08:20] Ensuring integration into the organisation's business processes – The quality objectives must contribute to the business, so there's a role for senior managers to ensure that they are aligned and have a measurable contribution to the business. They must ensure integration into the organisations' business processes, which in turn must be aligned with the context. They must also be relevant to the way the organisation runs and senior management needs to oversee a system which allows processes to do that. [05:20] Promoting use of the process approach and risk-based thinking – This requires senior management to actually do some promotion – which is stipulated as ‘Shall Promote'. For those that don't know, whenever the word ‘Shall' is used in an ISO Standard, that essentially means you MUST do it. In this instance, that means actually contributing the communications and raising of Management System Awareness. Senior Management have to be involved in the process of describing to people what's important, why the standards are important and that risk and process are central to the organisations operations. [09:35] Providing resources for the system – There's a number of resources that Senior Management need to consider, including: ·      People - Need to be enlisted to run a system and to operate the system throughout the organisation. ·      Competence – You may need to invest in training if required. ·      Expertise in the standard – Do you have expertise in-house on the Standard you're certifying to? If not, you will have to invest in training or additional help from a third-party. ·      Systems / Access and Documented Information – Do you have a place for hosting of documentation, workflows, forms? Further considerations are needed for required authorization and controlled access. ·      Time – Implementing and maintaining a Management System is a big task, whether done by an individual or a team, they will need time to complete necessary Management System activities. [10:30] Communicating the importance of an effective system and conforming to its requirements – Everyone looks up to Senior Management in regard to what their priorities are. It's up to them to effectively communicate the importance of the Management System, it's processes, their role in relation to the Management System and how to confirm with it's requirements. Key points to get across: ·      How this system makes your workplace a better place. ·      How it contributes to success of the organisation – I.e. happier customers, safer working conditions, ect ·      How it can make their daily routine more fulfilling – i.e. having a complete picture of their place in the business, how they contribute to its success. ·      What could nonconformity bring if people choose to step outside a management system? – I.e. With ISO 45001, nonconformance could risk someone getting injured. [13:50] Engaging/directing/supporting persons to contribute to effectiveness of the system – Team managers should be harnessing the people at all levels to be able to fulfil the requirements of the Management System. They should do that by providing clear expectations, which can be done via so communications and objective setting. [14:30] Promoting improvement – Continual Improvement is absolutely key to every management system. When something does go wrong, senior management must provide the resources for actively asking why things may have underperformed, so you can get to the cause of why it's underperforming and put it right. It's also an opportunity to highlight when things have improved and celebrate those that contributed to that success. [15:30] Join the isologyhub and get access to limitless ISO resources  – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [17:40] Supporting other management to demonstrate leadership in their areas – Leadership drives top to bottom. Everybody can have a role in leadership. Roles and responsibilities are assigned by senior management, and this offers the opportunity for individuals to provide their own leadership in their specific areas.   [18:15] 5.2 Policy – The definition of Policy in ISO Standards is: The overall intentions and direction of the organisation, expressed by senior management.  A policy exists to govern the behaviour of an organisation and its employees in order to provide the best outcomes.  It also provides the basis for the establishment of objectives.  It does not explain how the policy is to be delivered through individual tasks.  This may not be a detail for top management. What's the requirement?: Top management must ensure its appropriate to the purpose and context of the organization and supports its strategic direction It's not simply just a piece of paper to sign once a year. [19:25] 5.3 Organizational roles, responsibilities and authorities – What does the Standard say:  ‘Top management shall ensure that responsibilities and authorities for relevant roles are assigned, communicated and understood within the organization' What does this actually mean?: ·      Ensuring the Management system conforms to your ISO Standard(s) ·      Ensuring processes deliver desired results ·      Performance reporting including opportunities for improvement ·      Promotion of customer focus ·      Ensuring integrity of the management system through change and continual improvement [21:30] Leadership in practice – Ian recounts an experience where senior management did regular safety checks in an organisation he worked with previously. Senior Management took an hour out each month to do a floor walk and actually talk to those on the ground floor to ask them about risk, equipment and just generally get a feel for how everything really worked. In turn, they were challenged by their staff on safe working systems and this proper conversation led to better understanding on both parts. The staff got to see their Senior Management genuinely care about their work and well-being, and Senior Management got much needed insight into the actual day-to-day activities and see first hand where improvements could be made. Those familiar with ISO 45001 will know that worker participation is a requirement of the Standard, but there's no reason why you can't apply this to other Standards. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

This episode Of the Quality Hub podcast, it's Part 2 of Customer Communication ISO 9001 Clause 8.2.1. Xavier Francis discusses with Bruce Newman and Kaitlin Wierzbach the importance of leadership in fostering effective customer communication. Bruce highlights the need for leaders to set clear expectations, allocate resources, and provide training to support communication while incorporating feedback into management reviews with actionable metrics. Kaitlin emphasizes using surveys and continuous monitoring to gather and analyze customer feedback, and both stress the significance of formalizing the feedback process and setting KPIs. They agree on the need for consistent feedback collection and formalized data analysis to drive continuous improvement and meet ISO standards, concluding with advice to make the process easy and use all customer communication to enhance internal practices. Helpful Resources: Clause 8.2: https://www.thecoresolution.com/clause-8-2-iso-90012015-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

In the Quality Hub podcast, Xavier Francis hosts Bruce Newman and Kaitlin Wierzbach from Core to discuss customer communication based on ISO 9001, clause 8.2.1. They highlight the importance of understanding customer requirements, formalizing communication, and maintaining accurate documentation. Core's approach involves tailoring client communication methods to meet ISO standards. Bruce underscores the need for secure handling of customer property and managing changes effectively, while Kaitlin outlines strategies for collecting and analyzing feedback, emphasizing staff training and closing the feedback loop. The discussion previews the next episode on leadership and metrics in customer communication. Helpful Resources: Clause 8.2: https://www.thecoresolution.com/clause-8-2-iso-90012015-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting

ISO Standards provide a framework to help businesses manage various aspects of their activities. Whether that's quality, risk, environmental or Information Security management, they provide invaluable guidance to establish an effective Management System.  However, for those who are new to ISO Standards, the Standards themselves can seem rather intimidating to interpret. Back in 2015, the Annex SL format was introduced to provide a common high-level structure for Management Systems. With 10 clauses now common in most widely adopted ISO Standards, it can still be a bit difficult to understand exactly how these all work together. Today Ian Battersby will explain how ISO Standard clauses work in tandem to create a cohesive cycle, from context of the organisation through to Improvement.    You'll learn ·      What is the high-level structure? ·      What are ISO Standards structured this way? ·      How do ISO Standard clauses interconnect? ·      How does this apply to Quality Management?   Resources ·      Isologyhub     In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:05] Episode summary: Ian will be discussing the interconnectedness of clauses, which basically just means explaining the key links between the clauses and how that applies to your management system.     [02:40] High level structure – 10 years ago, Annex SL was introduced to create a common framework for ISO Standards. Today, Ian will focus on ISO 9001 as that really is the grandfather of all Management System Standards. ISO 9001 includes elements which are applied to most commonly adopted ISO Standards, and sets the scene in terms of how the clauses link together. [03:20] Why are ISO Standards structured this way? – On their surface, ISO Standards can seem very repetitive in the way that they're written, but there is a good reason for that. There are all based around the Plan-Do-Check-Act cycle. [04:10] What is the Plan Do Check Act cycle? – This is a simple process that all Management System Standards adhere to. So you start with a ‘Plan' to establish objectives, the resources which you need to deliver results, you identify risks and opportunities. From that point you fulfil the ‘Do' part through Implementation and using the Management System. From there you ‘Check' so you monitor against the policies, objectives and any other requirements. Basically monitor against what you said you'd do and then you ‘Act' if you find anything that needs to change, you make that change and you improve as an organisation and you improve that management system. [05:00] A logical path – Management System Standards are designed in such a way that they flow from one clause to the other. One cannot exist without the other. [05:20] How does Clause 4 Context of the Organisation link with Clause 6 Planning? – As clause 4 Context of the Organisation states:  ‘external and internal issues relevant to your purpose and strategic direction… …and that affect your ability to achieve intended results' The scope of your management system depends entirely on this. The world in which you operate - what you buy, the people you employ, what you make, who you sell to, the laws you follow… Clause 4 also requires us to identify all interested parties (which we'll address later!). With careful planning, you can align documentation you develop for one clause with other clauses. Clause 4 doesn't tell us how we should work out our context, but it provides some very good clues ·      NOTE 1 Issues can include positive and negative factors ·      NOTE 2 Understand the external context by considering issues arising from legal, technological, competitive, market, cultural, social and economic environments So they're not saying how to do it, but they've said what you can consider This sounds a lot like a traditional SWOT/PESTLE analysis… If we skip to Clause 6, Planning, the first thing we must do when we plan is to identify actions to address risks and opps A SWOT will mean you've covered these elements, consider the following = ·      Weakness = Risk ·      Threat = Risk ·      Opportunity = Opportunity We can similarly view the PESTLE in the same light. So you can see that with careful planning, as mentioned you can align documentation for one clause with other clauses. [10:00] How does Clause 6 link with Clause 7 & 8? – Skipping from Clause 6.1 If you've identified what might go wrong (aka - risk), you need to plan to ensure it doesn't happen again. That may involve a single improvement action, which is linked to clause 10 (funnily enough, Improvement) It may be that you need something bigger, involving many steps, over a period of time, say an objective (clause 6.2)? So, the planning of objectives links directly to the context of the organisation, the world in which you operate. It may be that you need an operational control to mitigate risk, a process or procedure that helps to manage the situation as a business as usual situation (clause 7 documented info and clause 8, operation) So the planning of processes and procedures links directly to the context of the organisation, the world in which you operate. In all these circumstances, it's the same for opportunities, except you're putting in place measures to take advantage of the opportunities. [13:05] Join the isologyhub and get access to limitless ISO resources  – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [15:10] Clause 7 Support and related links – Moving through the standard, clause 7.4 relates to Communications. You need to determine internal and external communications relevant to the QMS (for 9001). In clause 4, you would have looked at interested parties (i.e. stakeholders). You need to determine who affects the way in which you operate and what they need/expect from you. Parties to consider include: ·      Customers ·      Employees ·      Shareholders ·      Suppliers ·      Regulators ·      Neighbours ·      Media So, by Clause 7 you will have already identified who's interested and what interests them, so it's only a small step to add to this the communications plan.  ISO 9001 doesn't ask for one specifically, but it's a good way to fulfil the requirements of clause 7.3. Clause 7 also mentions Monitoring and measuring resources (7.1.5).  This is a very brief clause, but central to establishing the means for demonstrating performance. We need reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements, i.e. do we do what we say we do? Clause 7.5 requires us to document how we do things.  Again it's very brief in its requirements (leaves it up to you to decide), but clause 8 is all about operation – which is the way you do things. It's much more specific about understanding what the customer wants, designing it correctly, controlling changes, making it, delivery and addressing issues.   This is what you measure: 7.1.5 requires you to ensure you can measure, 7.5 requires you to document how you do things, 8 requires you to do things according to the way you've said you will. [20:10] Clause 9 Performance Evaluation and related links – Moving onto Clause 9, Performance Evaluation, again risk appears.  We've already assessed risk right at the start, now we evaluate whether we've successfully controlled risk. We decide what to audit based on the level of risk attached to certain controls (policies, procedures, processes…). We've set objectives based on risks and opportunities and now we must measure performance. We've put in place operational controls to mitigate risk (clause 8) and now we measure whether those controls work. [21:30] Clause 10 Improvement and related links – This one is fairly self-evident. If something goes wrong, find out why and put it right and make sure it doesn't happen again. Look at your system and continually improve based on your evaluations in Clause 9. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

After 5 years of hosting the ISO Show, Mel Blackmore will be taking a step back as she focuses on her sustainability related endeavors. She's passing the baton onto our new host – Ian Battersby. Ian is a Senior isologist at Blackmores, and while relatively new to the team, he has a wealth of Standard and ISO related knowledge to share with you all. Today we Introduce Ian Battersby as the new host for the ISO Show and learn about his background in Standards and ISO.     You'll learn ·      Taking a step back ·      Introduction to Steph Churchman ·      Introduction to Ian Battersby ·      What Standards has Ian worked with? ·      What Sectors has Ian worked in?   Resources ·      Isologyhub     In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:05] Episode summary: After 5 years of the ISO Show, Mel Blackmore is handing the hosting baton over to Ian Battersby    [02:25] Interim host – Ian will be the main host going forward, but there will be additions from Blackmores' Communication Manager – Steph Churchman. You may recognise her from recent episode such as: ·      Top 10 Reasons to use ISO 42001 AI Management ·      Top ISO Standard Trends in the Data Centre Industry Steph will be sharing findings from our own research, standards updates and conducting interviews with our isologists. [03:35] An Introduction to Ian Battersby – Ian has been working for Blackmores since August 2023. Although he is meant to be part-time, he's had a very busy first few months here! Ian began working in British Aerospace, specifically manufacturing, in 1984. He later decided to return to university to study electrical and electronic engineering, which was promptly dropped. His return to BAE lasted a few years before he moved onto the civil service for the Department of Health, working with them to conduct safety investigations and helped to create a broader risk profile. When he moved to work with the NHS, firstly, with the litigation authority setting up governance and risk standards and then as a risk manager. Surprisingly, after moving up a few levels, he decided to move onto run a restaurant! A Curry House to be specific, but after a year of rather stressful work that ended up costing a lot more than expected, he returned to work within the construction industry which is where he became more involved with ISO Standards. From there he went onto work in manufacturing of high pressure pumps for a while before moving onto an organisation who rant he estate for the Department of Work and Pensions. In the end, Ian left them due to being unable to live the life he wanted to live. [05:15] What Standards has Ian worked with? – He started with ISO 9001, ISO 14001 and OHSAS 18001 (now ISO 45001). [06:00] Digital Nomad – Ian currently splits his time between Leeds in the UK and Malaga in Spain. Having a lot of experience working remotely in previous industries, this leap didn't impede on his work in any way. [07:15] What other Standards has Ian worked with? – He has assisted with ISO 44001 (Collaborative Business Management), but admittedly it was not his favorite ISO Standard to work with. It's one of the rare instances in ISO where the Standard doesn't quite align with others. [08:00] What Sectors has Ian worked in – Ian's extensive work history has afforded him the opportunity to work in a number of sectors, including: ·      Construction and Fit out ·      Manufacturing ·      Estate Management ·      Private enterprise ·      Healthcare / NHS ·      Facilities With this list growing at a rapid pace since his introduction at Blackmores! [09:45] What's a big challenge that Ian's had to overcome in the past? – In terms of ISO, it has to be Leadership. Ian's found that to always be an issue within businesses attempting to implement ISO Standards. A good looking Management System will only go so far without leadership commitment. While working in facilitating Standards for an organisation, you won't be implementing the whole system yourself. It's more a case of delivering through others, the organisation controls and delivers their own processes and improvements, and so it's imperative that Leadership are also embedding and encouraging these actions. Ian will be going more in-depth on this topic in a future episode. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

In this podcast episode of the Quality Hub, host Xavier Francis chats with Erin Finnegan and Suzanne Weber-Smatko from Core about training within the framework of ISO 9001, clause 7.2. They discuss the importance of developing and implementing effective training programs within organizations. Erin highlights the need to identify training needs, set objectives, design interactive training, and deliver it through various methods. Suzanne emphasizes the significance of a training matrix, feedback, and evaluating the effectiveness of training through observation, metrics, and employee performance. They stress the importance of tailoring training to individual learning styles and documenting training records for accountability and liability purposes. Overall, they provide insights into how organizations can ensure competence and training in alignment with ISO standards. Helpful Resources: Clause 7.2: https://www.thecoresolution.com/clause-7-2-iso-90012015-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting      

Data Centres could be considered the powerhouse of thousands of businesses globally.  Long gone are the days of small physical servers being housed on-site, instead we rely on data centres to keep all our critical data safe and secure. But how do we know they are doing just that? Many hold certifications to security-based Standards such as SOC 2 or NIST to display their commitment to data security. However, many also hold various ISO certifications that cover other aspects of the business outside of information security. Today Steph Churchman, Communications Manager at Blackmores, will be sharing the top ISO Standard trends within the UK Data Centre industry. You'll learn ·      Why did we look into the Data Centre industry specifically? ·      What are the top 5 ISO Standard Trends in Data Centres? ·      Why are these ISO Standards essential for Data Centres? ·      Other commonly adopted ISO Standards within the data centre space   Resources ·      Isologyhub ·      ISO 27001:2022 Transition Gameplan   In this episode, we talk about: [00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo. [02:25] Episode summary: We'll be taking a look at the top ISO Standard Trends within the UK Data Centre Industry [02:30] Why did we look into the Data Centre industry specifically? – In the mid 2010's, we noticed an influx in enquiries from Data Centres in regard to Implementation of ISO Standards. That prompted a research project that led to Blackmores working with some of the top UK Data Centres. Now in 2023 and 2024 we're starting to see a similar push for ISO Standards within the same industry. So, we revived the project to get a grasp on the modern ISO landscape, and took a look at the top 100 Data Centres within the UK. [03:34] #1: ISO 27001 Information Security – Out of the 100 data centres sampled 72% of them were certified to ISO 27001. Security is of upmost importance to data centres, and the great thing about ISO 27001 is that it considers security for not only the digital environment, but also for people and physical security. This Standard is also, in most cases, a stakeholder requirement. Certification to ISO 27001 indicates that you're adhering to best practice in information security, and through the creation of an ISO 27001 compliant Management system, you will have documentation in place such as an information security policy and data retention policy, that often get requested by potential clients. If you'd like to learn more about the Implementation process for ISO 27001, we've got a helpful 3-part podcast series that summarises the entire process from Gap Analysis to Assessment preparation. anyone currently certified to ISO 27001:2013 that you have just over 1 more year to complete your transition to ISO 27001:2022. If you don't do so by October 31st 2025, you'll risk losing your ISO 27001 certification. That's not the only reason you should be transitioning though. The new version of the Standard includes 11 new controls, which cover some newer technologies which really weren't around when the 2013 version was published. So regardless of the risk of losing your certification, it's in your best interest to ensure that you're adhering to the latest version. If this is all news to you, then you can also go back and check out episodes 128 through to 133. This was a little mini-series we did to summarise the key changes to ISO 27001 and what actions you need to take to transition. We also have a Transition Gameplan available on the isologyhub if you'd like a more guided approach, including document templates and training videos covering those new controls. [06:25] #2: ISO 9001 Quality Management – The Quality Management Standard is as popular as ever, even within the data centre space, with 51% of the 100 sampled data centres being certified. ISO 9001 is considered the leading ‘Quality mark' for businesses and is often the starting point for many diving into the world of ISO implementation. ISO 9001 creates a well-rounded base Management system to help you manage your risks and opportunities, as well as ensuring you drive a culture of continual Improvement. Its guidance can help you establish your core policies, processes and procedures to ensure everyone is singing from the same song sheet. The fact that this one is popular among data centres isn't too much of a surprise, it's a universally adopted Standard that isn't limited by industry or organisational size. Currently, there are over 1 million ISO 9001 certificates issued worldwide, and that trend shows no signs of slowing down. [08:25] #3 ISO 14001 Environmental Management  – A surprising 25% of the sampled data centres were certified to ISO 14001. From an objective point of view, it makes sense for data centres to consider their environmental footprint. But a lot of that would fall under energy usage rather than just general environmental management, so this likely means it's mainly driven by stakeholder requirements. ISO 14001 is being requested more and more for the likes of large Government contracts, so If you want a chance at bidding for these, ISO 14001 is a must. Now don't get me wrong, I'm sure a lot of data centres have implemented this Standard in an earnest effort to monitor and measure their impact holistically. After all ISO 14001 asks businesses to consider how they can prevent environmental impacts such as pollution and degradation of nature. And the additional guidance provides some helpful starting points for those that may not be sure where to start, for example making commitments to recycling, protection of biodiversity and climate change mitigation. For data centres specifically, this may come into effect when we think of the amount of electronic waste that they could potentially produce. Obviously, this can't just be thrown out in a standard green lidded bin, it'll need to be taken to a dedicated electronic waste facility for processing, disposal and recycling. Racking, shelving and cables will all also need to be replaced at some point, and it's up to each data centre to ensure they have the appropriate processes and policies to ensure this is done correctly and more importantly legally, which again, is where ISO 14001 can help put those frameworks in place. [10:30] Join the isologyhub and get access to limitless ISO resources  – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo. [12:45] #4: ISO 50001 Energy Management – With just 13% of the 100 sampled data centres certified! This one is a shocker because, typically, data centres highest cost is in relation to their energy usage. They require enormous amounts of energy to keep their facilities running and to cool down their equipment 24/7. Which I imagine they'd be quite keen to reduce if only to save on running costs. This is where ISO 50001 can come in, to help create a structured approach to effectively monitor that energy usage, so you can identify key trends and opportunities to reduce overall energy consumption, which in turn will save a lot of money. With a healthier proportion being certified to ISO 14001, it seems a shame that so many are missing out on the additional benefits that ISO 50001 can bring, especially when it can very easily be integrated with ISO 14001. In fact, if you're already certified to ISO 14001, then you've already done half the work to implement ISO 50001. Both frameworks are based on that Annex SL format, and both have a lot in common in terms of what documentation is required. It can also help with compliance with some UK and EU based energy initiatives. For example, here in the UK we have ESOS (The Energy Savings Opportunities Scheme) which applies to large organisations that fit within its criteria. They're usually required to provide a report once every 4 years, however as of 2023, Phase 3 now requires organisations to provide an Energy Action Plan which details what actions they plan to take to reduce their energy consumption. There are likely a few data centres that would fall into ESOS's criteria, and if you're sick of going through the ESOS song and dance every few years, then ISO 50001 may be the answer for you, as being certified means that you're going above and beyond ESOS's requirements and will be considered compliant. Meaning no more pesky reporting, or having to locate an ESOS assessor to sign off on those reports. [15:10] #5 ISO 22301 Business Continuity Management – With 12% of the 100 sampled data centres being certified. ISO 22301 is the Standard for Business Continuity, and provides a basis for planning to ensure your long-term survivability following a disruptive event. That 12% may not be truly reflective of all the data centres that have business continuity plans in place however, as according to a recent Business Continuity institute survey, 56% of surveyed businesses use ISO 22301 as a framework but aren't certified to it. There will be a fair few data centres in our sample list that fall under that category. Why should this Standard be a priority for Data Centres? Well, the answer should be simple, if a disaster were to knock out a data centre, that has a massive knock-on effect. Many house servers used by hundreds if not thousands of businesses and users. If they're unable to provide services, that will in-turn cause multiple other businesses to grind to a halt. The true cause of failures at data centres can be many things such as hardware failure, human error or a disaster such as flooding or fires. However, the advantage of utilising ISO 22301 is the ability to be able to effectively deal with these incidents and restore services, which is essential for an industry which is quite literally the powerhouse for millions of other business and people. If you fail to plan, you plan to fail Having a robust business continuity plan should be a top priority for any business, especially data centres, seeing as so many rely on them to keep their own services running. Even if you don't want to go through the full certification process, it's worth grabbing a copy of the Standard, as it provides a lot of helpful guidance. If you'd like to learn more about ISO 22301 in general, go back and check out episode 42 where we go over the Standard in more detail and it's many benefits. [17:45] Runner up: ISO 20000 Service Management – Saw 11% of our sample data centres certified to this Standard. This actually used to be known specifically as the IT Service Management Standard, so that probably clues you into why this would be adopted by many with in tech spaces. However, it truly is applicable to any business offering services. The aim of ISO 20000 is to provide a framework for an effective end-to-end service management system which encompasses the entire lifecycle of a service from concept and design, through to service removal and end-of-life. [18:55] Runner up: ISO 27017 information security controls for cloud services – With just 5% of our sampled Data Centres certified. This one is fairly self explanatory in it's relation to data centres, which operate solely on cloud based services. This Standard was introduced after the 2013 version of ISO 27001 was published, as the main standard didn't really address cloud security controls specifically. Mostly because cloud computing and its related security weren't as widely adopted as they are now. So ISO 27017 was created to try and bridge those gaps. In the latest 2022 version of ISO 27001, there's now a new control for cloud security. So, we may see less interest in ISO 27017 certification going forward. If you'd like to book a demo for the isologyhub, simply contact us and we'd be happy to give you a tour. We'd love to hear your views and comments about the ISO Show, here's how: ●     Share the ISO Show on Twitter or Linkedin ●     Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one. Subscribe to keep up-to-date with our latest episodes: Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

On this episode of the Quality Hub podcast, Xavier hosts experts Stephanie Dawson and Suzanne Weber-Smatko from Core, discussing competence and training in ISO 9001, specifically clause 7.2. They emphasize the importance of defining competencies, assessing them during performance reviews, and providing ongoing training. Steph details Core's approach, including job description breakdowns and regular performance evaluations, while Suzanne highlights the need for feedback and engagement of employees, including subcontractors. They stress the significance of documentation, clear communication, and continuous improvement in meeting ISO standards. Helpful Resources: Clause 7.2: https://www.thecoresolution.com/clause-7-2-iso-90012015-explained For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting    

with Simile Miller as host

In this lively episode of the Quality Hub podcast, host Xavier Francis engages in a conversation with Suzanne Weber Smatko, Manager of Consulting Services at Core Business Solutions, exploring the world of ISO 9001 for the newbie. Suzanne, with over 30 years of experience in quality, introduces the concept of a Quality Management System (QMS) and its application in achieving quality objectives and enhancing business performance. The discussion covers the return on investment, employee engagement, and more. Suzanne dispels common misconceptions about time and cost, emphasizing the reasonable nature of the process. The episode concludes with a call to businesses to recognize the value of ISO 9001 for organizational efficiency and continuous improvement. Helpful Resources: For All Things ISO 9001:2015: https://www.thecoresolution.com/iso-9001-2015 Contact us at 866.354.0300 or email us at info@thecoresolution.com ISO 9001 Standards: https://www.thecoresolution.com/iso-90012015-standard-1 Articles: https://www.thecoresolution.com/free-learning-resources ISO 9001 Consulting: https://www.thecoresolution.com/iso-consulting  

With host Simile Miller, Director of Education, DNV Healthcare

Join us for a spirited chat with Jenny Ford, a leading light in the circular economy movement, who brings a wealth of hands-on experience and innovative insights. What can we learn from her journey in sustainable development, from her masters to her current project with Snug Homes? Buckle up for a fascinating exploration of green construction, from low carbon modular designs to tiny homes.Episode linksMaterials In Mind - https://materialsinmind.org/Ellen MacArthur Foundation - https://www.ellenmacarthurfoundation.org/LETI circular economy - https://www.leti.uk/circulareconomy1pagerSnug Homes - https://www.snughomes.co.uk/LM3 - https://www.lm3online.com/Denim Insulation - https://www.soprema.co.uk/en/article/sopravoice/soprema-blue-jeans-sustainable-insulationASBP - https://asbp.org.uk/ISO9001 - https://www.iso.org/iso-9001-quality-management.htmlDigital Shoestring - https://www.ifm.eng.cam.ac.uk/research/dial/research-projects/digital-manufacturing-on-a-shoestring/ACAN natural materials - https://www.architectscan.org/naturalmaterialsWRAP - https://wrap.org.uk/Stormboard - https://stormboard.net/Ikea air quality sensor - https://www.ikea.com/gb/en/p/vindstyrka-air-quality-sensor-smart-40498234/Em Appleton - 100 ways - http://emappleton.com/culture/Em Appleton - Episode BS003 - https://www.buildingsustainabilitypodcast.com/how-to-create-an-anti-capitalist-building-site-emma-appleton/Duncan Baker Brown - Circular economy Building Sustainability podcast - https://www.buildingsustainabilitypodcast.com/circular-economy-in-the-built-environment-duncan-baker-brown-bs061/Connect with me:IG - @jeffreythenaturalbuilderSupport this podcast - https://www.patreon.com/buildingsustainability Support the show and get bonus content on Patreon Hosted on Acast. See acast.com/privacy for more information.