229
All Enquiries
please call +44 (0)121 241 2299
The transition to ISO 9001:2015 is now in its final year.

When ISO 9001:2015 was introduced in September 2015, organisations were given 3 years to update to the new version.

As the three-year transition for ISO 9001 and ISO 14001 moves into its final year, IAF (the International Accreditation Forum) has passed a resolution that as of 15th March 2018, Certification Bodies must conduct all ISO 9001 and ISO 14001 initial surveillance and recertification audits to the new versions - ISO 9001:2015 and ISO 14001:2015.

ISO_9001_Review_transition_period_running_outWhat does this mean?
Any audits you have booked between March and September 2018 will need to be to the revised standards, as failure to achieve certification to the 2015 standards by the expiry deadline in September 2018 will result in your certification no longer being valid. This may affect your ability to supply to all your markets.

Time is running out, if you rely on ISO 9001 certification to maintain your supplier status with your key customers and you have not yet made the transition to the 2015 standard.

If you leave it too late you run the risk that your auditors will not be able to fit you into their increased workload.

UKAS accredited ISO 9001 certification
Not all Certification Bodies (CBs) are UKAS accredited. This means that the CB issuing your certificate has not been audited and accredited by UKAS.

This could have implications for future contracts and orders with your customers. For example, one of your customers may have won a new contract to supply a major project that requires them and their suppliers to hold UKAS approved ISO certificates. Not having a UKAS certificate could mean losing the contract or having to modify your existing procedures to comply with an audit to UKAS standards.

Many multi-national organisations and central and local government departments will require their suppliers throughout the supply chain to gain UKAS certification.

If you are thinking about the transition to ISO 9001:2015 and your current CB is not UKAS accredited, now may be a good time to move to one that is.

To find out if your certificate has been issued by a UKAS accredited CB, look for the crown and the tick.

UKAS is the sole UK national accreditation body recognised by the International Accreditation Forum (IAF) to assess against internationally agreed standards.

For more information or to get your transition started, please talk to one of our team on 0121 241 2299.
There are over 1 million ISO 9001 certificates issued worldwide. Gaining ISO 9001 certification will open up new markets and customers for your products and services and will:
  • Enhance your management systemsISO_9001_transition
  • Improve the quality of your products and services
  • Increase customer retention and loyalty
  • Minimise complaints
  • Increase profit
Some businesses may view the process of certification as a time-consuming distraction to the focus of their business; however the additional time taken to gain certification is far outweighed by the many benefits that will help your business to grow.


Can you afford not to implement ISO 9001 into your organisation?
Many businesses will gain ISO 9001 certification because their customers require proof that the organisation has an audited quality management system.

Some companies will only work with suppliers with ISO 9001 certification. Public sector tenders, for example, will require certification. It will also give you an edge on your competitors when you are tendering for private sector contracts.

To achieve certification, you will have to pass a regular audit by an accredited certification body. This provides your customers with evidence that you are doing everything required to improve and maintain quality at a high and consistent level.

Continual assessment and improvement of management systems will ensure your entire business becomes more customer focussed, resulting in satisfied customers and better retention rates.

ISO 9001:2015 revision
The standard has recently been revised and organisations currently certified have until September 2018 to complete their transition.

The changes include greater emphasis on the importance of leadership from top management. Risk assessment and risk management have been prioritised and the high-level structure is more about managing processes and less about documentation.

If you are an existing client, ACS Registrars are not charging an additional fee for any of the changes required for the revision. Your usual fee for certification will still apply.

The sooner you start the process the more time you will have to make the necessary management system changes before your audit.

We are anticipating a late dash to get certified before the transition period ends in September 2018. Get your consultation booked before the rush starts.

To discuss your transition in more detail and to find out what the main changes are, call us on 0121 241 2299.
One of the risks facing businesses in 2016 is the increase in cyber crime.

Balloon-popping-business-riskThe ISO 27001 international standard provides an effective information security management system (ISMS) focused on identifying areas of risk and developing a system for managing and minimising those risks.

Areas at risk include:
  • Computer hardware and systems
  • Data stored locally and off site
  • Intellectual property
  • Employees’ personal details
  • Data and equipment belonging to contractors
  • Suppliers’ assets
  • Customer information
Threats come from a variety of sources including natural disasters, hacker attacks, computer viruses and the consequences of stolen information.

As a result of an incident, an organisation could not only be faced with the costs of putting right the damage and coping with the effects on the business, but could face legal implications connected with the breach.

Costs can run to millions of pounds and with cyber attacks and unpredictable weather conditions increasing, it is more important than ever to manage the risks to your business.

How will ISO 27001 protect my business?
First stage is to appoint an experienced ISO 27001 consultant who will help you to set up an effective management system tailored to your business. They will identify the risks to your business and develop a process to manage those risks together with an ongoing system of monitoring and continual improvement.

Working with members of your team, your appointed consultant will be able to apply industry best practice and using their experience, provide a workable system that will:
  • Review current procedures
  • Identify risks
  • Assess threats to assets
  • Highlight gaps and areas for improvement
  • Establish a system of management and control
  • Provide processes and procedures
  • Continually improve the system with audits and reviews
ISO 27001 Certification
Once you are satisfied that your ISMS is established in line with the requirements of ISO 27001, you will be ready for auditing by an independent accredited certification body. In the UK, you should check they are UKAS accredited.

For more information contact one of our team.
The United Nations Climate Change Conference which started on 30th November and runs to 11th December 2015 will be discussing, amongst other things, the impact industrial development is having on our climate. With the aim of keeping global warming below 2°C, business and governments will be discussing climate change, reducing greenhouse gas emissions and the development of renewable energies.

On the 7th and 8th December, as part of the Conference, there will be a business focussed
event. The “Sustainable Innovation Forum” (SIF15), brings together participants from business, Government, finance, UN, NGO and civil society to “bolster business innovation and bring scale to the emerging green economy”.

To add more pressure to the talks, we hear recently that the Chinese government issued a health warning to Beijing residents to stay indoors due to heavy smog.

There would seem to be overwhelming evidence that our climate is warming, with effects such as rising sea levels and extreme weather events. A natural cycle or human impact? Whatever you believe, can we afford to do nothing?

Green_footprintEvery business can help
The recently revised ISO 14001:2015 standard can help to reduce the impact that your operations may have on the environment. This is a global standard with certifications in 171 countries. The standard provides a framework for organisations to meet the challenges of climate change.
The benefits go further than improving the environment for all of us; they can deliver tangible benefits for your organisation:
  • Meet legal obligations
  • Engage employees
  • Improve performance through efficiencies
  • Reduce waste and increasing recycling
  • Provide cost savings
  • Increase profits
  • Enhance brand image

ISO 14001 certification and implementation can have a significant effect on an organisations profitability and performance. By adopting an effective energy management system you will gain a competitive advantage and contribute towards the climate change challenges the world will face in the future.

 
ISO_CertificationCertification to any of the ISO standards provides tangible benefits for your organisation. If you want to grow your business, increase profits and operate more efficient working practices, achieving certification will help, as well as giving you an edge over your competitors.

Whether you operate locally or globally, the standards are recognised worldwide and are relevant to all sizes of business.

Other benefits include:
  • Improved internal processes and efficiency
  • Reduced waste resulting in environmental benefits and cost savings
  • Increased sales
  • Better access to new markets
  • Industry expert consultants providing guidance

Next steps

When choosing a certification body, it is worth pointing out that you should check they are UKAS accredited. UKAS has government recognition and is licensed by the Department for Business Innovation and Skills (BIS). You can be sure to receive the most appropriate advice by choosing a UKAS accredited certification body. Your long-term success could be undermined if you use an independent evaluation service.

Continual improvement

After successfully completing your first audit, your assessor will set up a process to monitor and improve systems and arrange regular (six monthly or annual) surveillance visits.

These visits will ensure your management systems remain effective and continue to meet the standard.
Ongoing checks will help to maintain your conformity and make your next certification renewal assessment run as smoothly as possible.

To find out more call ACS Registrars (a UKAS Accredited Certification Body - No. 0229).

 
What does ISO 14001 cover?
ISO_14001_environmental_managementThe standard has been developed to provide an audited management process to help organisations reduce their impact on the environment by recycling, saving energy and meeting regulatory requirements.

The ISO 14001 standard can be implemented across all industry sectors and from small businesses to multi-nationals. It will provide an Environmental Management System (EMS) that will benefit the organisation’s reputation, efficiency and customer relations as well as helping the environment.

Benefits of ISO 14001 certification
Achieving certification will establish better management systems for identifying environmental risks and minimising the impact of operations and processes carried out by the organisation. There are also economic benefits to be had from making these environmental improvements. As well as the obvious cost reductions from minimising waste, improving efficiency and lower use of natural resources, there are the intangible advantages of public, employee and customer perception of the organisation.

By communicating your commitment to achieving ISO 14001 and demonstrating a responsible attitude towards the environment, you will gain an advantage over competitors who are not certified, when tendering for new business. You will also enhance your reputation with existing clients. If you operate in global markets the standard is recognised throughout the world and will help you to meet their individual market environmental regulations.
Your organisation will benefit from a robust management system that will reduce risks, prevent incidents and increase awareness of environmental issues to your employees.

 
This is not the first time we have written about the vulnerability of businesses to cyber-attacks and the latest government survey does nothing to allay those fears. Though the statistics show that incidents of cyber-crime have reduced slightly, the costs of dealing with these breaches has almost doubled.

ISO_27001The following statement has been taken from the 2010 to 2015 government policy paper published 7th May 2015.

81% of large corporations and 60% of small businesses reported a cyber-breach in 2014.
With the cost for the worst cyber-security breach estimated between £600,000 to £1.15 million for large businesses and £65,000 to £115,000 for smaller ones, the government must look at new ways to protect businesses and make the UK more resilient to cyber-attacks and crime.”

Businesses affected by cyber crime
There have been some high profile cases:

eBay
Hackers managed to access an eBay corporate account to gather user’s personal information.

JP Morgan Chase
A neglected server provided access to contact details for its account holding customers.

Home Depot
Payment systems were infected with malware that allowed hackers to steal credit card details.

Employees’ responsibility
It is not just about server access; employees are much more mobile these days and carry around company information on laptops and mobile phones. Data is stored on removable media which can be copied or lost.
Malware can infect company computers and mobile phones. To protect against these risks, you will need to establish policies to ensure employees know what they should and shouldn’t do.

ISO 27001 information security management system
There are numerous ways an organisation can protect against cyber-crime. Choosing an internationally recognised standard that provides an auditable method of monitoring, protecting and managing information is one option.
Achieving ISO 27001 certification provides a framework of policies and procedures that will help prevent a security breach and limit the impact of a cyber-attack.

Using experienced consultants, you will be guided through the process, identifying any risks and tailoring the management process to your individual requirements. This will help to keep costs and disruption to a minimum should an incident occur.

Other benefits include:
  • Customers and business partners will have more confidence in your ability to keep their information safe.
  • Continuity of supply following an attack.
  • More reliable systems for storage of information.

ISO 27001 provides for a regular auditing procedure so you can continually improve your processes and keep up to date with the latest security measures to stay one step ahead of the criminals.