ISO 9001 is the international standard that specifies requirements for a quality management system (QMS). Organizations use the standard to demonstrate the ability to consistently provide products and services that meet regulatory requirements, provide customer satisfaction and create a system for achieving continuous improvements.
ISO 9001: 2015 is the world's best known standard for quality management that can be used by any organization or company, regardless of the size of the organization or its field of activity.
ISO 45001 Certification (Occupational Health & Safety)
Certification Standard: ISO 45001:2018 (Occupational health and safety management systems)
This standard specifies requirements for an occupational health and safety (OH&S) management system, and gives guidance for its use, to enable organizations to provide safe and healthy workplaces by preventing work-related injury and ill health, as well as by proactively improving its OH&S performance.
Commitment to workplace safety standards is a industry norm as well a legal requirement. Every organisation should maintain an OHS policies and procedures manual as a basis for all safety management systems implemented within the organisation, not only because of legal compulsions, but also because vendors, contractors and potential customers will demand it. Over the years, this standard has gained universal acceptance as a gold standard when it comes to judging a company's adherence to critical safety goals across all geographical locations.
Certification standard: ISO 22000 (Food Safety Management)
ISO’s food safety management standards enable organizations to audit and certify that they have a food safety management system in place. ISO 22000 certification helps companies to identify and control food safety hazards, and provide reassurance to customers that the products meet international standards of food safety.
Certification Standard: ISO 27001:2013; ISO 27001:2018 (Information Security Management)
ISO 27001 Certification allows companies and organizations to benefit from the ISO best practices related to management of security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.
ISO/IEC 27001 standard requires a formal establishment of a management system that is intended to bring information security under explicit management control. Being a formal specification means that it mandates the fulfilment of certain specific requirements. Organizations that profess to have implemented ISO/IEC 27001 should be formally audited by an independent assessment body and certified compliant with the standard.
ISO 27001 Certification is aimed to provide the assurance to the customers with regards to information management by implementing, establishing, maintaining and managing the Information Security Management System (ISMS) based on ISO/IEC 27001 standard. ISO 27001:2013 is basically a specification of the ISMS model framework, which in turn is a set of processes and procedure to strengthen the risk management system of any applicant organisation. According to the joint IEC & ISO research publication, ISO 27001:2013 was developed to provide a sustainable model intended to establish, implement, operate, review, monitor and make further improvement to an Information Security Management System.
In practice, most organizations have already set up a number of data security controls as they have realised the importance of information security. However, in the absence of a standardised Information management system, such controls tend to be somewhat haphazard and unstructured as it is often implemented as one time solution to fix operational problems which are transient in nature. It is also a periodical routine for independent ISO 27001 Auditors to perform vendor audits for IT firms to ensure a continued effectiveness of information management system.
ISO 14001 is a systematic framework to manage the immediate and far reaching impacts of an organisation’s products, services and processes from an environmental perspective. After achieving an ISO 14001 certification, the applicant will be able to give the confidence to their customers that the organisation's environmental management system meets the relevant environmental standards as applicable to the specific sector/ industry.
The Environmental Policy provides a brief description of your organisation’s commitment to take responsible measures towards the effects on the larger environment and any regional/ national/ international legislative requirements. The policy should be formulated keeping in mind the necessary commitment to reduce air pollution, water pollution, noise pollution and any other types of pollutants like radioactive elements, plastic waste, etc and to continually improve the way your business seeks to deliver upon its environmental objectives.
Operational Control Procedures
The ISO 14001 environmental standard requires organisations to have a clearly defined objective and execute its day-to-day operational controls in a manner appropriate to the industry it operates in. Specifically, ISO does not have a guideline to prescribe those controls or any recommendations or suggestions as to how they should be implemented, but you do need to keep documented evidence to prove that your operational controls ensure that:
Legal and compliance requirements are being met at national regional and global level
Environmental goals have been rightly assessed, defined and communicated
In-house and external monitoring processes are in place for regular as well as outsourced or subcontracted activities
Requirements for training and personnel awareness have been assessed, reviewed and are being followed up with a plan of implementation.
Competence, Awareness & Training Procedure
If the nature of your business necessitates the use of an oil storage container facility, the ISO auditor may ask to see the operational control procedures being followed while filling the container or whether all the environmental concerns are being addressed during fuel transfer operations at the tanker. Documented procedures and staff training methods for cleaning up oil spills would also be verified. If your organisation deals with sea water desalination plants, the work instructions and training needed to operate the water purification plant should be made available. For a newbie organisation, implementing an Environmental Management System often requires a few drastic changes to the work methodologies or job requirements, and so can often require some amount of additional training. Recording the training and competence levels of every staff member and key members of organisation will make it easier to track the need for additional trainings. It will also ensure that every employee in your organisation is competent to handle their EMS responsibilities.
What is an environmental aspects and impacts register?
The ideal beginning is to create and maintain an environmental aspects and impacts register and note down the key controls that are in place for all of the environmental aspects. Environmental aspect is a resource that we use, utilise in the course of organisational or business conduct, that may result in consumption, discharge, emission or any kind of alteration to the natural earth, simply referred to as environment. This may include emissions of greenhouse gases, use of fossil fuels, consumption of natural resources or anything that may create global warming or affect regional climate change. Impact refers to the attribution of effect to the cause of activities. For instance, the heating and ventilation system has an impact on the quality of natural air. The use of water in manufacture of products with fluid or liquid composition (Eg: Cola, soft drink beverages, alcohol, packaged drinking water) has an impact on water resources. Construction has an impact on land resources, and use of electricity or gas will have an impact on non-renewable energy.
The easiest method to comply with these requirements is to draw up a document in the form of a spreadsheet, to document the Aspect its Impact and then formulate a scoring system. The EMS Impact register can also include the most prominent legal requirements and the internal controls that are being maintained. If those controls are not present at project and activity level, it's never too late to start!
Our small and medium business package is tailor-made for for medium sized business owners and their customers with the verification needed to offer confidence about Quality, Health, Safety(HSE) and Information Security Management. Certification proves to outsiders that the organisation meets the QMS requirements that an independent body of experts has established.
ISO 9001 certification is the world's best known Quality Management standard for organizations of any size, irrespective of the nature of operations.
ISO 14001 is the international standard that specifies requirements for an effective environmental management system (EMS). It provides a framework that helps organizations improve their environmental performance through more efficient use of resources and reduction of waste, gaining a competitive advantage and the trust of stakeholders.
ISO 45001:2018 specifies requirements for an occupational health and safety (OH&S) management system, and gives guidance for its implementation, that allows organizations to provide a safe and healthy work environment by preventing work-related accidents and health hazards, as well as by proactively improving the Health & Safety performance.
Our consultants can help companies to build and implement their management systems, and achieve ISO compliance in several combinations of ISO standards:
ISO 9001:2015, ISO 14001:2015 certification (Quality + Environment Management)
ISO 9001:2015, ISO 45001:2018 certification (Quality + Health & Safety Management)
ISO 9001:2015, ISO 27001:2015 certification (Quality + Information Security Management)
Professional Certification Package (Multiple ISO standards)
ISO has released a set of guidelines to organizations to maintain an Integrated Management Systems (IMS) by combining multiple standards. Integrated Management System (IMS) combines all aspects of the organisation's systems, processes and standards into one single framework, enabling an organisation to work as a unified system with smart objectives.
Our consultants can help companies to build and implement their management systems based on ISO standards, and achieve Integrated Management Systems(IMS) Certifications:
ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 certification (Quality + Environment + Health & Safety Management)
ISO 9001:2015, ISO 14001:2015, and ISO 27001:2018 certification (Quality + Environment + Information Security Management)
ISO starter package is tailor-made for for traders, individual entrepreneurs, sole proprietors, retail and wholesale suppliers, e-commerce sellers, procurement firms and startup businesses with the assurance needed to offer confidence to customers and sourcing agents about the quality of goods and services.
ISO 9001 is the world's most widely accepted standard that addresses the various aspects of quality management.
Our consultants can enable individual businessmen to build and implement their management systems, and empower them with the global advantage of ISO 9001 certification.
Certification standard: ISO 37001:2016 (Anti Bribery Management Systems - Requirements with guidance for use)
This standard aims to build a structured approach to towards bringing in trust and transparency, managing risks and safeguarding your business reputation.
It describes the management system requirements designed to help you prevent, detect and respond to bribery as well as comply with anti-bribery legislation and certain international regulatory requirements as required under laws such as FCPA (Foreign Corrupt Practices Act) and voluntary commitments applicable to the company’s activities.
ISO 37001 standard is specific to bribery, and the ABMS intends to improve the organization's ability to prevent, detect, and respond to corruption and comply with anti-bribery laws and commitments that the organization must adhere to. Furthermore, ISO does not specifically address fraud, cartels, money-laundering, or other activities related to corrupt practices. The anti-bribery management system can be stand-alone system or integrated into an already implemented management system such as the Quality Management System ISO 9001, Safety Management System 1SO 45001.
Certification standard: ISO/IEC 17025 (General requirements for the competence of testing and calibration laboratories)
ISO 17025 sets forth the international benchmark for a testing laboratory's technical competence. All laboratories that undertake testing, sampling or calibration tasks are advised to receive ISO 17025 accreditation in order to raise the level of trust and demonstrate confidence and reliability amongst customers. In most countries, ISO/IEC 17025 is the primary standard for which testing and inspection laboratories must hold accreditation in order to be deemed technically competent.