Tags Posts tagged with "ISO Standards"

ISO Standards

by -
ISO-Right-For-You

Product, Place, Price, Promotion. AKA, The Marketing Mix. This tool developed by J. McCarthy is a business basic model “used to pursue its marketing objectives in the target market”.

The Marketing Mix is one tool that can help you as an organization understand how to promote yourself and your product in a way that makes sense for your customer and their needs.

One thing you may learn during your analysis is your customers’ need for quality for example, or perhaps they care deeply about the environment and spending their dollars with environmentally conscious companies.

Researching your customer and their purchasing decisions can lead you to a new growth avenue – but can you achieve these?

In this article, you will learn how the adoption of standards, like ISO 9001, ISO 14001 or ISO 45001 can not only help your organization and its longevity, but it can also show your commitment to your customers through certification.

Why ISO Standards?

Part of ISO Guidelines is a framework for successguiding requirements that have been created by industry professionals and evaluated by a committee. They have been approved as an internationally adopted and recognized framework to build a business upon.

For example, if you work in the Aerospace industry, you have a different framework than those in the Automotive industry because you have different unique challenges.

The generic quality framework, ISO 9001:2015, was designed as a foundation for success with generic business principles and frameworks to allow organizations to create or improve an organization at its most basic roots to ensure efficiency and quality of work.

Implementing ISO 9001 into your business allows you to take time to look deep into the organization, and evaluate what you do great, what you do well, and what needs improvement.

Standards are not only a great foundation to grow a business upon though. These guiding requirements allow you to look within your organization, find your strength and allow them to shine and identify possible areas for improvement, places that need help to grow to their full potential.

The nature of ISO Standards audit processes allows unbiased reviews to truly see the organization without judgement. This is a great marketing opportunity to showcase your strengths.

Promote your certificate, your congratulatory statements from auditors, and what you are proud of.

Part of ISO 9001 is also measuring and monitoring. If you are interested in learning about how much productivity has gone up each quarter, or the number of sales per year, you are encouraged to do so in ISO 9001.

This is a great opportunity to learn real facts about your organization, in an effective manner, that you can then share with your customers. These are real, tangible numbers than can really impress prospective clients.

If you are looking to attract new people to your organization, you might want to look into obtaining ISO 14001:2015 certification. “Of those born between 1981 and 1996, 62% want to work for a company that makes a positive impact”. 

Companies with an active interest in sustainable practices, and the certification to prove that, can gain a lot of edge in the competitive hiring market place. Not only that but showcasing your commitment to sustainability and quality of goods and workplace safety with certification to ISO 45001, the standard for occupation health & safety, can prove to prospective hires how committed to their wellbeing you are.

Standards help you as an organization navigate best practises while allowing you to thrive as a unique organization and culture.

ISO Certification does not ask you to subscribe to a one size fits all approach to business. But it does show you how to eliminate inefficiencies and set you on a path for growth and longevity with a base set of tools for success.

by -
iso50001-energy-management

Written by Jorine Bibi

With people and companies around the world growing steadily more conscious of the need to conserve energy and protect our environment, ISO certifications are becoming all the more relevant. With this in mind, let’s take a fresh look at the ISO 50001 standard, and how companies today can address energy management and the benefits of pursuing certification.

ISO 50001 is an international standard that sets forth requirements companies need to meet in order to establish effective energy management systems (or EnMS). Effective EnMS under ISO 50001 entails meeting expectations with regard to energy performance, energy efficiency, and reduced environmental impact — all of which can be brought about in a variety of ways, depending on a company’s functions and practices.

In other words, while ISO 50001 outlines general ways for companies to achieve meaningful progress, different companies can set different specific goals for their system, its success rate and scope.

To offer a glimpse of how companies can go about the process, here are a few steps that can help to spark progress toward measurably improved EnMS.

Establishing Energy Data Transparency

It is important to track and analyze energy data to reliably report and measure success and failure. A company hoping to demonstrate meaningful progress toward improved EnMS will need to establish greater transparency regarding its energy consumption, use, and change. This way, the company can not only offer a clear picture of its energy management but also conduct the analysis necessary to identify potential areas of improvement. You can’t effectively know if a change was successful if you don’t have accurate measurements to prove otherwise.

Improving Electrical Efficiency

Before looking to bigger and bolder technologies or methods, companies can also address energy performance on a more granular level, by assessing any relevant electrical functions. In today’s highly capable electronic devices, more is demanded of the printed circuit boards that actually communicate electrical signals. This demand can sometimes lead to lost or incomplete signals, which can result in a sort of hidden energy waste. It’s for this reason that more advanced PCBs can now be designed with impedance calculators that effectively ensure reliable connections and smooth signals. Transitioning to electronics using more reliable PCBs can be a means for a company to revamp its electronic functions in a way that moves in the direction of greater energy efficiency. It’s not just your lightbulbs that can be updated to be more efficient, take a look at all your technology and see where improvements can be made, the timeline needed for these changes, and measure these changes inefficiencies for evidence for your ISO 50001 certification audits.

Adjusting Spending Priorities

To some extent, the idea of adjusting spending priorities is present in all other relevant suggestions. Companies may have to spend on ways to establish energy data transparency, as well as on assessing and replacing electronics, for example. It’s worthwhile to consider this as a specific step toward better EnMS. Energy management can save a company money, but the process of establishing new processes and obtaining more efficient technology can require some adjustment of company’s spending priorities, however, demonstrating that adjustment will prove to your auditor of your commitment and continual improvement which will help in achieving ISO 50001 certification.

Seeking Out Energy-Efficient Tech

We discussed addressing energy management on a granular level, through internal electrical designs. However, companies striving for meaningful change in these areas should also seek to identify bigger changes they can make in favor of energy-efficient technology. One way to do this can be to look to clean-tech companies and the products and services they provide. For instance, a company conducting this sort of search might be inspired to install solar panels or implement water-waste monitors at office locations. This can make for a good general start, though it’s also wise for companies working on energy efficiency to find ways to improve that specifically relate to their primary functions as well – look internally at where there are opportunities and risks that can be a chance for real change!

Any company can achieve ISO 50001 certification. Through establishing clear progress toward better energy management and efficiency, companies can prove to stakeholders, the community, new customers, and current customers of their commitment to a better tomorrow.

About The Author

Jorine Bibi Author LogoJorine Bibi is an environmental blogger. She hopes that her articles provide her readers with information on what the world can do to reduce its energy use. She also believes that if we don’t address the issue of climate change soon it will be too late. In her free time, she likes to tend to her garden.

by -
ISO 9001 as a Strategic Planning Model - ISO Update

Written by Kashif Mumtaz

Regardless of the other terms used in ISO 9001:2015, the term, Strategic Direction has not been defined in ISO 9000:2015 Quality Management Systems – Fundamentals and Vocabulary. However, ISO 9001:2015 contains the following strong linkages to the strategic direction of the organization:

  • Clause 4.1 – External and internal issues must be relevant to the Strategic Direction of the organization.
  • Clause 5.1 – The Quality Policy and Quality Objectives must be compatible with the Strategic Direction of the organization.
  • Clause 5.2 – The Quality Policy must support the Strategic Direction of the organization.
  • Clause 9.3 – Management Review Process must ensure the suitability, adequacy effectiveness and alignment of the Quality Management System with the Strategic Direction of the organization.

Strategic Direction as we believe is the organization vision of where the organization wants to be in the future and the development of an overall Strategic Plan is affected by various internal and external factors. Refer to the clause 4.0 of ISO 9001:2015 Context of the Organization which states that the organization shall determine external and internal issues relevant to its purpose and its strategic direction and those affect its ability to achieve the intended results of its Quality Management System. ISO 9001:2015 further elaborates in Notes (1 – 3) of the clause 4.1 that issues can include positive and negative factors or conditions for consideration – Understanding the external context can be facilitated by considering issues arising from legal, technological, competitive, market, cultural, social and international, national or regional economic environments. Understanding of the internal context can be facilitated by considering issues related to values, culture, knowledge and performance of the organization.

The strategic planning process is a continual process and if we look at the traditional strategic planning process, it very much resembles with the Plan-Do-Check-Act (PDCA) Cycle of which ISO 9001:2015 is a big promoter to apply this cycle to all organizational processes and the Quality Management System as a whole to implement plans to achieve objectives including strategic.  In addition, various functions within the organization having their own strategies can closely be aligned and integrated within the Context of the Organization which is basically overall strategic plan of the organization highlighting all internal and external factors with their resulting impact on the organization along with the approaches to managing risk(s) at the functional and company-wide levels for the achievement of larger mission of the organization.

Having said that, we can say that framework provided by ISO 9001:2015 can be used by the organizations for strategic planning but when the management rejects QMS as strategic planning model and make intuitive decisions then ISO 9001:2015 cannot address or contribute in the overall strategic planning process.

About the Author

Kashif Mumtaz is serving as QA Manager at Omrania in Riyadh, Saudi Arabia and has more than 17 years’ experience in quality assurance & management systems. He is Chartered Quality Professional (CQP) and holds a master’s degree in Quality Management from UK

by -
Predict, Survive, Grow - ISOUpdate.com

ISO 31000 is a standard on risk management developed by the International Organization for Standardization firstly in 2009 and updated in 2018. It is the international codification of the principles and guidelines of risk management, which emerged as a necessity to have one international standard which applied to all industries and organizations of all sizes. In other words, because there were a number of standards on risk management that different organizations in different industries were implementing, experts deemed it necessary for a new family of standards to emerge and to unify all the concepts in one single standard which would provide guidelines and strategies for implementing risk management. Later on, we will discover how ISO 31000 and ISO 22301 can be intertwined, and how can ISO 31000 deepen the risk management control in an organization that has already implemented ISO 22301 – business continuity management system.

Uncertainty is an inseparable part of every business, and as such, every company has to tackle the risks associated with uncertainty in every dimension of business operations. First, risks have to be identified, after which they are categorized and preventive and responsive measures for each identified risk are implemented. The nature of risk nowadays has evolved into unprecedented complexity, because the amount of data that goes in and out of companies is rapidly increasing. As such, unsurprisingly, contracts and insurance companies require mechanisms in place which make sure that the company is identifying and tackling risks.

ISO 31000 helps organizations protect their assets as well as increase the likelihood of achieving objectives by providing direction and risk management strategies. It is adaptable to the context of every organization and it helps mitigate risk within the organization by implementing risk-based decision-making and risk-based corporate culture. That is to say that both employees and stakeholders make decisions by always bearing in mind the risks associated with each decision, but at the same time, apart from seeing negative consequences, it helps a company also identify positive opportunities.

On the other hand, one of the most famous international standards which deal with the continuation of business operations and business security is ISO 22301. This is a standard on business continuity management and it is widely-implemented in organizations of all sizes and all industries. Differing from ISO 31000, ISO 22301 does lead a company to certification if the latter proves to have implemented the standard and its requirements.

The main goal of this standard is to offer a management system which makes sure that in case of incidents, of every nature, an organization can continue its crucial business operations – in other words, it can survive. Incidents can have a very different nature from each other, ranging from natural disasters to cyber-attacks, and ISO 22301 includes all of these kinds of incidents. It also helps a company to mitigate risk and to evaluate which risks are more imminent and more probable.

Based on these factors, and a proper understanding of the organization and its context, a Business Continuity Plan should be developed (BCP). This plan includes actions and measures to be taken in case of different scenarios, the persons in charge of every scenario and how to contact these persons in case that one of the scenarios happens. In other words, a BCP should be composed, but there should also be instruments to activate the BCP and responsible managers should be appointed for every situation, and the information should be communicated clearly so that every employee is aware of who to contact in different scenarios.

So, among other things, risk assessment and risk management are integral parts of business continuity, and this is where ISO 31000 and ISO 22301 intersect. In ISO 22301 there are two important clauses which deal specifically with risk: close 6.1 on “Actions to address risks and opportunities” and clause 8.2 on “Business impact analysis and risk assessment”.

Every business is exposed to risk, ranging from market risks, investment (or stock) risks, natural risks, cyber risks and so on. Depending on the scale of risk exposure, a company might choose to implement and get certified against ISO 22301, but at the same time have ISO 31000 as a guiding tool for risk-based thinking, risk strategies and risk-based corporate culture. It is a very good integration (but not an integrated management system, since ISO 31000 does not offer requirements but guidance) of two standards which can produce a very detailed and accurate platform, that can serve a business well in difficult times – and as history has often proved, it can help a company stay in business when faced with risks and challenges.

It is often argued that civilization started when the first humans learned to domesticate plants and were able to farm and harvest. In order to be able to farm, one must at least be able to recognize and know seasons, humidity and temperature as minimum requirements to be successful. So, in other words, it was the event of being able to predict which marked the beginning of civilization and its continuation and evolution to this point. We have developed immaculate methods (e.g. scientific method) to predict and forecast in order to survive, thrive and evolve. The same concepts apply to a business if you see it as thinking, living organism which is striving to evolve and thrive, but which also has to deal with the bad days where survival is the main objective. We can consider standards such as ISO 22301 and ISO 31000 as the scientific methods of the world of management, which help a business as a living organism to survive in these bad days while helping them reach their objectives and grow in good times.

About PECB

PECBpecb logo is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, PECB offers its expertise on multiple fields, including but not limited to Information Security, Business Continuity, Resilience and Recovery, Governance, Risk Management, and Compliance, Quality Management, IT Governance & Service Management, Health, Safety, and Sustainability.

About the Author

Julian Kuci is the Marketing Quality Assurance Manager at PECB. He is an honour graduate of RIT in Economics & Statistics and Public Policy & Governance. Julian holds a diploma in Transitional Justice from the Regional School of Transitional Justice and is certified against ISO 9001 – Quality Management and ISO/IEC 27001- Information Security Management.

by -
AS9100 & The Importance of OASIS - ISOUpdate.com

As competition grows, the need for quality management is becoming more and more critical for every industry. Many industries have taken the backbone to all quality management system standards, ISO 9001, and added elements to ensure it works perfectly for them. The Aviation, Space and Defence industry was one of the first to do this when they released their own unique management systems standard in 1999. If you have been working in the aerospace industry, you understand the importance and criticality that the AS9100 standard now plays.

Defining AS9100

AS9100, which can also be written as EN 9100, was released in October of 1999, by the Society of Automotive Engineers and the European Association of Aerospace Industries. The intent was to create an aerospace standard that would ensure the safety of the consumer and provide the best quality to the customer. Almost all major aerospace companies have adopted these standards in their operations as well as throughout their supply chains.

AS9100 has also been endorsed by the major regulators in the industry: The Federal Aviation Administration (FAA), The U.S. Department of Defense (DoD) and National Aeronautics and Space Administration (NASA).

The AS9100 series of quality standards adds over 100 requirements to the ISO 9001 standard that apply specifically to the aerospace industry, including the following:

  • Additional configuration management
  • Special risk management
  • Industry-critical items
  • Increased focus on timely delivery
  • Focus on product management
  • Approval process and scope for suppliers
  • Prevention of counterfeit parts

Did you know? The AS9100 document was originally introduced by the American Society of Automotive Engineers and the European Association of Aerospace Industries. The document was subsequently picked up by the IAQG as a method of maintaining industry quality levels on a global scale. – Source

What are the Benefits of AS9100 to you as a Business Owner?

AS9100 is an effective way to promote that your organization is consistently capable of providing products and services that meet customer requirements and comply with all relevant and regulatory requirements. AS9100 also demonstrates your organization’s ability to enhance customer satisfaction and improve both processes and practices, and products and/or services.

Engagement in Employees

Understanding the value of engaging employees and having conversations directly about QMS and quality can improve not only the processes they are actively involved in but also the quality of their workmanship. ISO 9001 and AS9100 work to make the most efficient improvements throughout your organization, but engaging employees creates employees who are fully absorbed by and enthusiastic about their work and so take a positive action to further the organization’s reputation and interests. – Source

Engaged employees are more likely to: positively influence other employees; be more productive and profitable; provide better customer service; be more enthusiastic about their work; be comfortable staying in their role; offer positive suggestions for the organization, and offer word of mouth promotion for your organization.

Read a more detailed look into employee engagement.

Customer Satisfaction

Being customer-centric means you are able to extract and fulfil customer requirements and then follow up with feedback and steps that act upon that feedback. Happy customers are repeat customers, and in a study by Bain & Company detailing e-commerce shoppers, the study demonstrated that repeat customers can actually increase their profitability by attracting more clients to your organization through referrals.

Lower Costs

A study undertaken through the American Society for Quality (ASQ) showed that for every $1 spent on your QMS, you could expect to see an additional $6 in revenue, a $16 reduction in costs, and a $3 increase in profits. On average, they saw that quality management systems reduced costs by 4.8%.

Another study undertaken by the Harvard Business School showed that companies that adopted ISO 9001 had the following benefits:

  • Higher rates of survival
  • Increased Sales
  • Growth in employment
  • Increased wages
  • Less waste
  • Improved worker productivity

Read more about the ROI of Quality


The AS9100 Certification Process

AS9100 certification is conducted through an external and impartial audit by an accredited certification body. AS9100D certification is for 3 years, with your first audit being the certification audit, and 2 surveillance audits happening each consecutive year after certification. Every 3 years, if your organization wishes to continue to be certified to AS9100, your certification body will conduct a recertification audit and 2 surveillance audits in this same order.

It is important to note that before the certification audit can take place, your organization will need to internally assess that all AS9100 requirements are met. Consider this in layman’s, the period your organization needs to prepare for and study for a test.

You should also note that because of the complementary nature of ISO 9001 and AS9100, any organization seeking AS9100:2016 certification must first comply with ISO 9001:2015.

More on the Relationship Between ISO 9001 and AS9100

Some of the most important alterations between the 2008 and 2015 iterations of ISO 9001 that directly relate to AS9100 include:

  • A 10 clause structure based on the Annex SL formatting model
  • An increased focus on external processes, products and services
  • An expanded focus on stakeholder satisfaction and company performance
  • An improved approach to risk-based thinking and risk mitigation

Source

The AS9100 Certification Process starts with your organization understanding the guidelines that have been set out by AS9100 and ensuring the requirements are being met. Your organization might want to consider looking for a Consultant to help implement processes. To remain impartial, your AS9100 auditor and your Certification Body cannot offer suggestions to help you pass requirements, you will need to work with a third party to ensure success for your certification.


Find a Consultant here.


After you’re satisfied that your efforts will meet AS9100 requirements, your organization will then appoint an internal auditor that periodically checks whether those standards are being conformed to or not. In the case that an internal employee with the capability or experience does not exist, outsourcing to an auditor should be considered.

After your organization is satisfied with your capacity to achieve certification, you will want to start finding quotes from AS9100 Certification Bodies. Consider your choice of Certification Body carefully as you will be working with them consistently through the certification process, and at least once per year during recertification and surveillance audit periods.

It is important to note that if you are dissatisfied with your current CB, you can transfer your certificate to a different Certification Body at any time during the process. There is a transfer fee involved in moving your certificate, and to transfer your data in OASIS. However, you might find it is worth the investment.


You can find a Registrar here.  


What is OASIS

OASIS or Online Aerospace Supplier Information System, is an online directory of members of the IAQG that houses information on certified suppliers and their audits, accredited certification bodies, AQMS auditors, accreditation bodies, and participating National Aerospace Industry Associations (NAIA). – Source

The IAQG website defines themselves as “a cooperative organization within the aerospace & defence industry comprised of 3 sectors (Americas – AAQG, Asia/Pacific – APAQG and Europe – EAQG)” … and their purpose is defined to “establish and maintain a dynamic cooperation based on trust between aerospace & defence companies on initiatives to make significant improvements in quality performance and reductions in cost throughout the value stream”. – Source

The Importance of OASIS

Online Aerospace Supplier Information System (OASIS) is a database used to assist in the management and transparency of AS9100. OASIS is free to join and provides organizations with access to a list of CB’s, training providers, and accreditation bodies. OASIS can also be used to find other certified organizations or auditors who can perform AS audits.

Did you know? Through OASIS, you can check other organizations’ certification status and additional information regarding their certification such as approval status and the date of their last audit. The results of an organization’s audit can also be requested through OASIS.

While OASIS is a free database, it is mandatory. If any aerospace certified supplier refuses to be a part of OASIS or refuses to set up an OASIS administrator, Certification Bodies are required by the IAQG to revoke their certificate of registration. Your CB will be responsible for collecting and uploading information, including certificates, pertaining to individual aerospace companies into OASIS.


Why is AS9100 and its regulation so important? Consider the relationship you have and want to portray to your customers, suppliers, clients, and major interested parties. Certification to AS9100 is a way to demonstrate to these bodies that you are taking an active interest in promoting quality and efficiency in your industry. AS9100 is a cost-effective ROI, a confidence builder, and employee engaging solution to your inefficiency problems.

Get a Quote for AS9100D Certification

by -

If your organization implements multiple ISO Standards and Quality Systems, automating and integrating these systems with an Integrated Management System is critical for maximizing business efficacy and eliminating workload duplication.

When an organization does not utilize an Integrated Management System the following issues may arise:

  • No simple and automated system to raise a finding which results in:
    • Recurrence of non-conformities
    • Products and services losing quality and credibility to stakeholders
    • Management systems losing all their preventive and corrective efficacy
  • Delays in the management and consolidation of indicators leading to:
    • A loss in productivity
    • A loss of credibility of information reporting systems
    • Erroneous decision making through incorrect data
  • Workload duplication causing:
    • Management Coordinators spends too much time managing the system.
    • A reduction in time-oriented improvement
    • Low motivation due to excessively bureaucratic work
  • Limited communication of system changes which leads to:
    • A lack of control, disorganization, lack of communication
    • Non-conformity in the system produced by documentary errors.
    • Low credibility of our management system against employees, management, customers, suppliers and other stakeholders.
  • Little control of the information generated in the different locations resulting in:
    • Decrease in control by the manager of the management system.
    • Inability to integrate information
  • Excessive time to apply surveys to customers
  • Revenue loss due to reoccurrence of errors
  • Lack of exhaustive analysis of the records and information generated by the system

    Automating and integrating ISO management systems have extensive business benefits including:

    • Simplifies document management which facilitates the deletion of redundant information and prevents duplication of documents and tasks.
    • Facilitates unification of the methods defined by the organization both for internal and external communication,
    • Unification of Training Plan methodologies
    • Streamlines processes for assessments and certification
    • Strengthens the foundations of continuous improvement
    • Reduction of the time spent in conducting audits

    To find a consultant who can assist your business with the integration of multiple standards into an Integrated Management System visit the Consultants Listings page on ISO Update http://isoupdate.com/consultant-listing