Authors Posts by

ISO Update aims to provide information, resources, and updates around the Standards and Certification industry. We believe that organizational standards can help businesses of all shapes and sizes become more efficient and successful on a local, federal, or global scale.

0 352
ISO and Agriculture -

This document, originally posted on details the role ISO standards have within the agricultural industry, the benefits seen, and technology available. We have summarized the key points for you to digest. View the full document on

ISO and Agriculture

“ISO Standards are used in agriculture to ensure sustainable practices are used to efficiently make use of farmland by providing guidance and best practices for farming methods, machinery and tools.
ISO standards for agriculture cover all aspects of farming, from irrigation and global positioning systems (GPS) to agricultural machinery, animal welfare and sustainable farm management. They help to promote effective farming methods while ensuring that everything in the supply chain – from farm to fork – meets
adequate levels of safety and quality. By setting internationally agreed solutions to global challenges, ISO standards for agriculture also foster the sustainability and sound environmental management that contribute to a better future”.

ISO Standards facilitate global trade by providing internationally agreed best practices and specifications for the agricultural industry processes, thus ensuring production is seamless. A common language is also provided in the standards, ‘widening opportunities for cross-border trade of foodstuffs and farm animals’.

This helps increase efficiencies for industries, and benefits the end consumer who receives higher-quality and more selection.

“ISO standards help organizations meet legal and industry requirements by setting benchmarks for the functional safety, traceability and quality of everything from the machinery and materials used in agriculture to the final food products. Developed through international expertise and consensus, they provide a sound basis for implementing public policy”.


The introduction of drones can potentially revolutionize farming with cost and time savings. Fitted with technology, cameras and sensors, drones are able to rapidly access farmland, assess and measure conditions, and map land accurately. ISO 21384 series ” ISO technical committee ISO/TC 20/SC 16, Unmanned aircraft systems, is working on the world’s first set of formalized International Standards in this area – the ISO 21384 series, which will define general specifications, product systems and operational procedures. They ill support the development of safe and effective drones for use in all settings, including agriculture, providing a platform for even better technology in this area”.

Source: Read more about technological advances, and a more detailed look into ISO and Agriculture.

0 763
Understanding the Process Approach -

What is the Process Approach? The Process Approach is the methodology of identifying inputs, expected outputs, and the process in each action. After identification, a relationship between all of these items is determined.

Quality assurance departments and manufacturing personnel perform processes every day. For example, approving suppliers, running quality control checks, shipping products, accepting and delivering products are all processes.

As per the 7 principles of quality management set forth by ISO, using the process approach allows organizations to plan processes to achieve their expected outcomes in the most effective and efficient manner, thereby improving the productivity and effectiveness of the organization.

Importance of the Process Approach

Understanding how the different elements of a process interact and depend upon each other can be a crucial step towards streamlining the entire process. The steps in one process may have a direct or indirect impact on the outcome of another process; therefore, the ISO 9001:2015 standard continues to emphasize the process approach.

For example, an organization operates an existing complaint portal and also sets up a customer feedback portal. Lack of a proper system in place to filter calls and then forward them accordingly to the concerned department, would result in chaos for both departments, and as a result, for the organization. The process approach encourages proper planning, which in turn helps avoid such problems.

Implementing the Process Approach

To apply the process approach, it is important to first understand the Plan, Do, Check, Act (PDCA) cycle, which helps identify processes and the different ways in which they interact and encourages problem-solving.

The PDCA cycle consists of four steps, namely Plan, Do, Check, and Act.

  1. Plan: Identify the main players and members involved in the process and identify the inputs and outputs of the process.
  2. Do: Execute the plan.
  3. Check: Ensure that the process is achieving the desired outcomes in the most effective manner.
  4. Act: Modify or upgrade the plan to improve efficiency and effectiveness.

Envision the Process Approach: Process Maps

To help envision how processes interact and to map them out, process maps can be a useful aide.

1. SIPOC Diagram

Envision your process in detail by identifying Suppliers, Inputs, Procedures, Outcomes, and Customers. This is only suitable for non-complex, linear processes. For more complex processes, the SIPOC diagram can be used alongside flowcharts to show dependency and interactions.

2. Turtle Diagram

This diagram adds to the SIPOC diagram by allowing the attachment of relevant documents and links to each process that may interact. Turtle diagrams also identify the equipment, owners and evaluation, and quality assurance criteria.

3. Swim Lane Flowchart

The Swim Lane Flowchart allows identification of all the individual actions and responsibilities, making it particularly useful for multiple members or departments involved in the process.


Defining their processes using the process approach and process mapping allows organizations to better define ownership, dependencies, risks, and opportunities for growth or improvement in an easy and efficient manner. This is essential information for the continuous improvement of any organization’s quality management system and for ensuring compliance with the requirements set out by ISO 9001:2015.

2 5971
4 Steps to an Effective Internal Audit

An Internal audit is one of the most important aspects within any management system. It is through audits that gaps, potential problems and possible solutions will be identified in order to maintain and improve the effectiveness of the management system.

However, not all audits add value to the system and in order. Follow these 4 steps to ensure your audits are effective. 

1. Be Planned & Programmed

Your organization needs to carefully determine which processes will be audited – not all systems have to be audited at once or with the same frequency. In order to do this,  consider the results of previous audits, the complexity and risk of its processes and the maturity of each process.

Auditors should consider the natural rhythm of the process being audited, including the synchronization of processes and time and the availability of trained and experienced auditors.

Specific timetables should be elaborated and these must be informed in advance within the organization, detailing which processes are to be audited – and when.

2. Use Competent Auditors

Auditors must be competent, objective and impartial. They must demonstrate comprehensive knowledge of the processes and the standard which they are auditing against.

3. Objective Communication

The findings and their details, i.e., non-conformities, positive areas, and areas for improvement – should be communicated during the audit’s closing meeting to everyone involved. These findings should also be discussed with the auditee during the audit and before recording it.

Information must be communicated in an objective and friendly manner and any suggestions should be informed in a constructive manner.

4. Record & Monitor Results

The results and the corrective actions encountered during the audit must be recorded and monitored in order to ensure that non-conformities are taken care of and improvements are made.

It is also important to establish who will be responsible for monitoring the actions necessary for closing a non-conformity or implementing an improvement.

For an internal audit to be effective, it is essential for this process to be carried out together with auditors and auditees. The planning and programming of internal audits must be consider information given by all involved.

Understand that the purpose of an internal audit is to identify possible weaknesses and areas for improvement in order to ultimately increase the effectiveness of the organization’s processes and its management system in general.

0 2510
Risk Management in Your Organization -

Risk Management (RM) is the process of identifying, quantifying, evaluating and managing the exposure to all kinds of dangers, damages or losses faced by an organization in pursuit of its objectives. Part of Risk Management is to coordinate, assign resources and take the appropriate measure to reduce, minimize, monitor, and control the probability and/or impact of unfortunate events, or to maximize the benefits of an investment or an action.

Assessing Threats and Opportunities

We are all exposed to threats and opportunities that can either prevent us from achieving a specific goal or, in the case of opportunities, help us meet them in an effective way. Assessing, managing and mitigating losses is a process carried out by every organization whether they are conscious about it or not. However, this process is not always carried out in the best possible way. In order to effectively manage risk, it is essential for this process to be systematic, transparent and credible.

In order to effectively manage risk, it is essential for this process to be systematic, transparent and credible.

Risk Management

Risk Management considers the identification of two types of events: negative events which are classified as risks and positive events which are classified as opportunities. This process involves the following actions:

  • Understanding of the current situation (the context of the organization).
  • Identify the types of risk and opportunities an organization is exposed to.
  • Measure the potential risks/opportunities in terms of likelihood and magnitude of impact.
  • Define actions to respond in order to avoid or minimize damage or maximize the benefits of opportunities.
  • Monitor the progress of the actions.


Risk Management also involves having a plan in place in order to get things back to normal as quickly as possible if something bad does occur.

The benefits that a successful risk management may bring to an organization include:

  • Compliance to legal requirements or other requirements.
  • Assurance and enhanced decision-making.
  • Improve the efficiency of an organization’s processes.
  • Increases the effectiveness of actions taken within a project.
  • Efficacy of the strategy of an organization.

Risks affecting organizations can have consequences in terms of economic performance and professional reputation, as well as environmental, safety and societal outcomes.

Managing risk effectively helps organizations perform well in an uncertain environment and not giving due importance to risk can result in severe consequences for organizations as well as individuals.


There are many standards and regulations that address Risk Management, some of these are:

  • ISO 31000:2009, Risk management – Principles and guidelines.
  • ISO 14971:2000 Medical devices — Application of risk
  • Management to medical devices
  • ISO 17776:2000 Petroleum and natural gas industries — Offshore production installation — Guidelines on tools and techniques for hazard identification and risk assessment
  • CSA Q 850:1997 Risk Management Guidelines for Decision Makers
  • JIS Q 2001:2001 Guidelines for development and implementation of risk management system

0 2716
How Does ISO 45001 Differ to OHSAS 18001? -

The new ISO 45001 standard has been published and supersede OHSAS 18001. It is a truly international standard as scores of countries will agree to it.

Note: Companies already certified to OHSAS 18001 will have 3 years’ to become certified to the new standard.

The new standard applies the ISO High Level Structure and is compatible with ISO 9001:2015 and ISO 14001:2015 thus easily integrated with these management systems and give more value to the organizations.

What are the Differences Between ISO 45001 and OHSAS 18001?

Context of Organization

Companies will have to define the Context of their Organizations, meaning the External and Internal Issues in the environment in which they operate. The Context will have to be systematically determined and monitored.

The organization shall have to look the conditions affecting the operations such as regulations, stakeholders and governance. They have to understand the drivers of their organizational culture.

Needs and Expectations of Workers

The Needs and Expectations of Workers and other Interested Parties such as Shareholders, Customers and Board Members have to be defined. From this step the requirements and deliverables of the Management System will be further developed.

Risks and Opportunities

Organizations will be required to determine the Risks and Opportunities that may impact its ability to deliver planned results which shall include enhancement of health and safety of employees during the job. Legal and other requirements have also got to be identified and considered.


There is increased emphasis on the Leadership of the company to become engaged in and be responsible for the management system to be more effective.

Objectives and Performance Reviews

There is an increased focus on the Objectives determined by the organization as improvement drivers and their achievement shall be evaluated during Performance Review. The Objectives should support the Policy and shall be considered within the available resources. The responsibility for achieving Objectives, the time frame and measures to establish progress has to be decided and should evaluate whether Objectives have been achieved. Documented information has to be retained about objectives and plans to achieve them.

Communication Requirements

Communications requirements have been enhanced in terms of defining the objective of communication and if it was effective in addition to Who, What and When it should take place.

Removal of Preventive Action

Preventive Action has been removed from Corrective and Preventive Actions. The Preventive Actions are now undertaken in the Risk Management Processes while determining the risks and opportunities and ways to reduce or eliminate risks and undertake opportunities.

Health and Safety

It also allows the participation and consultation of workers to a higher degree in the Health and Safety Management System.

The new standard has requirements for taking care of and monitoring the health and safety of workers in the Contractor’s organizations and in Outsourced Processes and during Procurement Processes.

Risk Control

For the reduction of OH&S risks and eliminating Hazards the new standard specifies hierarchy of controls in an order of preference with reference to risk management. Hazards and risk controls are required to be planned in the operational controls. The standard introduces requirements for management of planned changes in operations such as working conditions, work force, equipment as well as changes in risks and known hazards.

Implementation of the new ISO/FDIS 45001 standard will result on overall better Health and Safety of Workers and reduced accidents.

Learn more about ISO 45001 Standard

Read more about Monitoring and Measurement in ISO 45001

0 4069
Tips and Tricks for ISO 9001 -

Ready to implement ISO 9001 in your organization? Here are some ISO 9001 tips that will help make the process easier, and tricks to the process to be aware of and prepare for.

Tip: Implement ISO 9001 for the Right Reason

When implementing a quality management system (QMS) for ISO 9001, management should be clear about the purpose of the QMS. If the only driver is to get on customers’ tender lists or because a competitor has already got one, it’s highly likely that the QMS will remain a set of documents for certification purposes only.

Management should aim for a QMS that will help the organization produce quality products or services, continuously improve its process, and provide confidence to customers that the organization is capable of meeting their requirements all the time.

Tip: Motivate your Workforce

In order for organizations to achieve a desired level of quality, people need to get involved. People are the essence of organizations and their full involvement is essential to implement and maintain ISO 9001.

Employees can be motivated by:

  • Ensuring that everyone knows and understands the organization’s quality policy;
  • Defining and communicating responsibilities and authorities within the organization;
  • Building the competence of employees;
  • Providing adequate infrastructure and work environment;
  • Initiating improvements, e.g. by implementing employees’ suggestions.

Trick: Only Hire a Consultant if…

If an organization’s staff does not have the time or skills to develop the QMS by themselves, a good consultant will make possible a speedy transfer of knowledge and skills. If the staff does have the time, there are enough published materials available from the web that will help staff obtain the necessary skills to develop the QMS.

Tip: Take the Necessary Time

All too often organizations are in a hurry to obtain certification and do not spend the time needed to implement the system effectively. Before applying for certification, your QMS needs to be in place and its effectiveness checked through an internal audit, followed by corrective actions on audit findings.

Trick: Define SMART Objectives

Many organizations set quality objectives that are impossible to meet. Objectives need to be specific and relevant to the process or task to which they are being applied. They also need to be measurable and achievable within the resources that can be made available in a realistic and timely manner. It’s helpful to have a start and completion date.

Tip: Go Easy with the Paperwork

Many believe that everything in the system needs to be elaborately documented. ISO 9001 only requires one quality manual, six procedures, and approximately 20 records.

Often, organizations are better off sticking to what is required and keeping those documents simple; additional procedures and records should be considered only if they add value to the system.

Tip: Set the Example

Some employees may find it difficult to change their ways of doing and may have a tendency to deviate from defined procedures. To change this, top management should ‘walk the talk’, i.e., should not allow deviations from set procedures or permit the release of materials with deviations.

Under such an approach, employees will start respecting system requirements and everyone will take account of their responsibilities for the success of the QMS.

Learn more about ISO 9001 and how to engage top-level management to ensure the success of your QMS.

0 965

ISO 45001 is the first International Standard for occupational health and safety written by ISO. Formerly OHSAS 18001; ISO 45001 was published in March 2018 and encompasses work safety in Global supply chains that are effectively and accurately improved through the set of processes. You might be wondering, “Do I need ISO 45001 Certification?”

You might consider the need of an effective organizational health and safety management system vital for your companies growing success. But, is certification worth your effort?

Who needs and will benefit from ISO 45001?

Does your small business need ISO 45001?

The key feature of ISO 45001 is that no matter what size is the organization, it is designed to aid all. The aim of ISO 45001 is to reduce workplace injuries and illnesses globally, and companies of all sizes can benefit from the proactive approach outlined in ISO 45001.

Does demonstrating that your company is fully compliant matter to you?

ISO management systems are designed to aid organizations in creating and enforcing best practice. However, in order to endorse complete compliance and demonstrate impeccable reliability to the external parties, Certification is an absolute must. Simply following the standard is not enough to prove to external parties you are compliant, you must maintain active certification. ISO 45001 certification will allow other parties to trust you on acting upon the best practices of health and safety at workplace. Once certified, you can also advertise your certification to future clients and employees, giving them added trust in your capabilities and forward thinking.

Does your company wish to improve performance?

Through ISO 45001 Certification, your company will benefit from a structured guide, step-by-step, that will enhance your organizations performance. ISO audits goal is to not only find non-compliances, they actively seek to improve inefficiencies, with the end goal of making your organization more productive, improve performance, and satisfy your bottom line.

Does employee protection matter to you?

The standard set out by ISO 45001 management allows company owners and higher ups to determine what requirements need to be achieved to provide a safe and reliable environment for their workers and contractors. Once ISO 45001 is implemented, the Certification availed by the company thus proves the company to be safe to work at for the outer sources. Moving forward as ISO 45001 becomes more integrated into companies and their best practices, this standard could become a requirement for suppliers, contractors, etc. to do business. Like ISO 9001, companies may demand your compliance to ensure your organization is treating employees with similar standards to theirs, as are the goal of international standards.

Are you focused on improving productivity?

The implementation of ISO 45001 management allows a way towards less workplace injuries and illnesses through a proactive approach to organizational health and safety. By being proactive, a company can improve its productivity by manifolds. With ISO 45001 Certification, companies prove that they have taken every necessary measure to protect the workers, eliminating inefficient practices, and proactive measures and guides in place, employees deliver more in less time due to effective systems in place.

Do you wish to prove a commitment towards employee health and safety?

The acquirement of ISO 45001 Certification demonstrates a company’s interest towards their workers and their safety. This is a challenging aspect of many industries, especially if the work involves great physical challenges; oil refineries, factories, warehouses, etc., need to take great care to implement effective solutions to workers safety, and ensure while the job is dangerous by nature – necessary steps have and are being taken to make the workplace as safe as possible for employees and contractors.

An ISO 45001 Certification indisputably proves your company cares and will has the employees’ interest at heart, and all the precautionary measures have been taken to ensure their safety.

Do you wish to reduce workers’ insurance premiums?

With ISO 45001 implementation and Certification, companies can reduce insurance premiums. By maintaining a proactive system to reducing hazardous environments in the workplace, insurance costs will reduce, allowing your company to continue running as usual, but reducing costs associated with insurance.

The ISO 45001 Certification has several other benefits including workplace cultural change and employee job satisfaction, knowledge, and participation. ISO 45001 focuses on employee participation, and the context of Organization and Leadership points out the roles played by employees in developing occupational health and safety management system parallel to mid-level and management.

Does your company need ISO 45001?

The decision to earn your certificate for compliance with ISO 45001 is dependant on many factors, and as the decision maker in your organization, it’s your decision to make. However, it’s important to note that organizations wishing to work internationally or who want to show compliance with global standards of Health and Safety in the workplace will need to implement and obtain ISO 45001 Certification.

What are the Differences between ISO 45001 and OHSAS 18001?

0 1320
7 Quality Management Principles

This document, originally posted on introduces the 7 quality management principles that ISO 9000, ISO 9001 and other related quality management standards are based on. We have summarized the key points for you to digest. View the full document on

The 7 Quality Management Principles

“Quality Management Principles are a set of fundamental beliefs, norms, rules, and values that are accepted as true and can be used as a basis for quality management”.  ISO Standards use these rules or principles as a foundation to lead an organization to improvement of their processes. These principles were “developed and updated by international experts of ISO/TC 176, which is responsible for developing and maintaining ISO quality management standards”.

1. Customer Focus

“The primary focus of quality management is to meet customer requirements and to strive to exceed customer expectation”

This principle considers the organizations end goal of meeting, and exceed customer expectation with regards to confidence in their product or service. Sustained success is achieved by understanding the consumer and their needs; current and future; adding value at every interaction, and doing business with their needs in mind – this principle considers the companies focus is on their customer.

2. Leadership

“Leaders are all levels establish unity of purpose and direction and create conditions in which people are engaged in achieving the organization’s quality objectives”.

Leadership creates alignment. Alignment in strategies, company policies, vision and direction, processes, allocation of resources, etc. Standard within leadership are created with the purpose of achieving and succeeding company objectives.

3. Engagement of People

“Competent, empowered, and engaged people at all levels throughout the organization are essential to enhance its capability to create and deliver value”.

Simply put, organizations with engaged and empowered employees thrive.  It is essential for organizations or work effectively and efficiently, to lead and delegate by trusting their employees with the task ahead. Give recognition, empower your people and promote positivity. Facilitate the engagement of people in achieving the organization’s quality objectives.

4. Process Approach

“Consistent and predictable results are achieved more effectively and efficiently when activities are understood and managed as interrelated processes that function as a coherent system”.

By understanding how a process achieves results, an organization can optimize their systems and improve performance. One key benefit to this is achieving “consistent and predictable outcomes through a system of aligned processes”.

5. Improvement

“Successful organizations have an ongoing focus on improvement”

As the saying goes “change is the only constant”. For organizations to remain competitive and current, constant improvement is needed. Reacting to changes internally and externally; be it shift in leadership, consumer habits, or economic shifts; can create new and positive opportunities.

6. Evidence-Based Decision Making

“Decisions based on the analysis and evaluation of data and information are more likely to produce desired results”.

Correlation between variables, does not necessarily mean that a change in one variable is the cause of the change of the other variable. Ensure you are using sound and accurate measurements when you are making decisions to avoid subjective decisions that are not based on real data. “Facts, evidence, and data analysis lead to greater objectivity and confidence in decision making”.

7. Relationship Management

“For sustained success, and organization manages its relationships with interested parties, such as suppliers”.

Much like how engaging employees contributes to success, maintaining good relations with suppliers can influence the performance of an organization.  Suppliers and interested parties have an impact on your business and its success, whether you admit it or not. Maintaining relationships with such parties can contribute to sustained success by optimizing their impact on performance.

Next Steps

We’ve provided you with a general overview on the 7 quality management principles that are the baseline for ISO quality management standards, and how they can form a basis for performance improvement and organizational excellence.

Every organization is different, and how you apply these principles will be different, as the nature of your organization and the specific challenges you face differs. However, understanding the underlying principles is important to effectively implement standards.

Further Information

Download the PDF to dive further into each of the 7 principles. It will walk you through the Key Benefits of each of the 7 principles, and give you tangible ways to implement them in your organization. Download the PDF here.

Learn about the difference between Quality Management and Quality Improvement.

0 1332
ISO 17025 and ISO 9001 Main Differences and Similarities
ISO 17025 and ISO 9001 Main Differences and Similarities

ISO 17025:2017

ISO 17025: 2017 “General laboratory competency of testing calibration requirements” is the third edition of this standard. The intentions of this standard are to be used as impartiality, competence and consistent requirements of calibration laboratories of all sizes or number of employees regardless of the industry. The standard requirements include rules on impartiality and confidentiality while performing calibration (clause 4), the company’s structural requirements (clause 5) and the requirements for the resources needed to carry out calibrations such as facilities, personnel, and equipment (clause 6).

All the necessary process requirements for performing calibrations (clause 7) are also included. They include;

Quotes and contracts reviewal: How do you ensure you get exactly what the customer wants done?

Calibration methods: How do you do the selection, verification, and validation of the method used for calibrating?

Sampling: When you don’t want to do everything, how do you do the selection of samples?

Handling items: What rules requirement do you need in handling test and calibration items that are given to you?

Records: What technical record do you need in keeping calibrations done on the equipment?

Result reporting: How do you do the reporting to the customers? Do you include general and specific requirements and also updating reports?

Complaints & nonconforming: How do you deal with complaints, including calibrations handling that you’ve done that are found to be non-conforming?

Data & IT management: How do you do the management of information technology as well as data in ensuring that the data is preserved against misuse?

From these requirements, you give the details needed in managing a calibration laboratory to ensure that the certifications you give out are right and traceable to the international standards.
These requirements are very specific for this type of laboratory and they also include other further requirements for a QMS in clause 8 (Management System requirements).


The applicability of the standards differentiates ISO 17025:2017 and ISO 9001:2015. ISO 9001:2015 can be applied to any type of company and in all industries, whereas ISO 17025:2015 can only be applied to calibration laboratories in any industry. Thus, ISO 9001:2015 requirements are very generic for them to be applied in any type of industry while ISO 17025:2017 are specific on what needs to be implemented in calibration laboratories.
An example: ISO 9001:2015 general requirements on the resources as well as processes are very general for any industry but ISO 17025:2017 tells you the resources required and how every process needs to be done in a calibration laboratory.
However, if you haven’t implemented ISO 9001, there are a minimum set of QMS requirements that are needed for ISO 17025:2017 standard that is referred to as option A. Implementing ISO 9001 is nice having it, it doesn’t have to comply with ISO 17025:2017. Such minimum requirements are quite similar to those that are found in ISO 9001:2015 and they include;

  • Improvement
  • Management reviews
  • Management system documents control
  • Documentation of management system
  • Corrective actions
  • Handling risks and opportunities
  • Records control
  • Internal audits

Things missing in QMS if ISO 17025:2017 minimum requirements but are included in ISO 9001:2015 requirements include;

The context of the organization: ISO 17025:2017 doesn’t talk about identification of your internal and internal issues or on establishment a QMS scope or interested parties.

Leadership: ISO 17025:2017 doesn’t include leadership commitments list that includes the quality policy.

Quality objectives: ISO 17025:2017 doesn’t include these essential QMS goals but they are included in ISO 9001:2015.

0 1011

An organization faces many health and safety related issues despite planning and establishing various systems in place to ensure that all health and safety related requirements are addressed. Issues like more than expected health complaints, incidents resulting in serious injuries, absenteeism impacting work and deliveries to customers and many other such problems are a cause of concern to the organization at some point of time. These issues result in low worker satisfaction or motivation and may impact deliveries to customers resulting in lower customer satisfaction. It is important for an organization to keep a track of all such cases. To do this an organization needs to monitor, measure, analyze and evaluate processes to ensure that these are effective, adequate and suitable. ISO 45001 talks about this in the clause on Performance Evaluation.

Measurement and Monitoring Requirements

Measurement and monitoring requirements should be decided on the basis of risk and criticality of the process. The measurements should be in line with OH&S objectives established for the organization. The measurement and monitoring requirements should consider requirements of the standard, legal requirements and other requirements. Some examples can be:

  • observation of health of employees, work environment monitoring;
  • progress on policy declarations, objective achievement, and continual improvement;
  • competence levels of the workers
  • gaps in compliance with legal requirements, if any
  • Standards and Codes;
  • Insurance Requirements

Once you have identified your measurement and monitoring requirements, you need to establish systems to collect and consolidate these measures. To do this, you need to define criteria to compare these measurements. These criteria could be against industry benchmarks or organization’s own codes and objectives. Establish measurement devices or tools that would be required to take these measurements. Along with methods to collect and consolidation, establish methods to check that the results of measurements are valid.

Analysis and Evaluation

Analysis is the process of investigating data to determine relationships and trends. You may use various statistical tools like Pareto analysis, fish-bone analysis, 5-why analysis, etc. to draw a conclusion from data.

Evaluation is done to ensure adequacy, suitability and effectiveness of health and safety requirements. This activity is most often related to monitoring activities. Occupational health complaints, work environment monitoring and health surveillance of workers are some of the elements that need to be monitored in an organization.

The results of analysis and evaluation shall be used to take actions to eliminate root causes which are the reason for negative feedback or measurement going beyond the targets established.

Present the trend analysis in Management review meetings and Identify the need for improvements within the OH&S management system through evaluation of these processes.

Analysis and Evaluation of data may specify a number of areas of concerns or risks. Adequate actions should be taken pro-actively to ensure these risks or problems are adequately addressed before they reach severe levels and are difficult to con