229
All Enquiries
please call +44 (0)121 241 2299
The current OHSAS 18001 standard that provides an internationally recognised health and safety management system is being revised and incorporated into the new ISO 45001 standard.

Development of the new standard is getting close to completion with the final publication expected in the first half of 2018.

Health-and-Safety-to-businessOne of the advantages of moving to the ISO set of standards is that it will fall in line with the other generic management systems ISO 9001 and ISO 14001, both of which have recently been revised to provide a new high-level structure/format.

This will aid integration for businesses requiring multiple ISO standards certification.

Health and safety figures recently published by HSE (Health and Safety Executive) demonstrate the importance of having a robust health and safety management system in place.

Key figures for Great Britain (2016/17)
  • 1.3 million working people suffering from a work-related illness
  • 2,542 mesothelioma deaths due to past asbestos exposures (2015)
  • 137 workers killed at work
  • 609,000 injuries occurred at work according to the Labour Force Survey
  • 70,116 injuries to employees reported under RIDDOR
  • 31.2 million working days lost due to work-related illness and workplace injury
  • £14.9 billion estimated cost of injuries and ill health from current working conditions (2015/16)
Above taken from http://www.hse.gov.uk/statistics/

Benefits of ISO 45001 certification

•    Improved productivity with fewer disruptions through absenteeism
•    Better employee relations
•    Reduced insurance premiums
•    Lower costs connected with accidents in the workplace
•    Less risk of prosecution and HSE visits
•    Improved reputation with employees and stakeholders

Migration – what to do next
For organisations already certified to OHSAS 18001, we are expecting a 3-year migration period to enable them to update their systems to the new standard. If you have recently transitioned to ISO 9001:2015 or ISO 14001:2015, you will be familiar with the new format. This uses Annex SL to provide a common structure for smoother and quicker integration of multiple standards.

Once the new standard is published, one of the first tasks we would recommend is a gap analysis to identify the changes you will need to make to your management systems to meet the new standard.

Starting early will give you plenty of time to change current processes before you have to achieve certification to the new standard.

We will keep you informed of progress and if you need any information leading up to publication of the new standard, please call our office.
 
 
The transition to ISO 9001:2015 is now in its final year.

When ISO 9001:2015 was introduced in September 2015, organisations were given 3 years to update to the new version.

As the three-year transition for ISO 9001 and ISO 14001 moves into its final year, IAF (the International Accreditation Forum) has passed a resolution that as of 15th March 2018, Certification Bodies must conduct all ISO 9001 and ISO 14001 initial surveillance and recertification audits to the new versions - ISO 9001:2015 and ISO 14001:2015.

ISO_9001_Review_transition_period_running_outWhat does this mean?
Any audits you have booked between March and September 2018 will need to be to the revised standards, as failure to achieve certification to the 2015 standards by the expiry deadline in September 2018 will result in your certification no longer being valid. This may affect your ability to supply to all your markets.

Time is running out, if you rely on ISO 9001 certification to maintain your supplier status with your key customers and you have not yet made the transition to the 2015 standard.

If you leave it too late you run the risk that your auditors will not be able to fit you into their increased workload.

UKAS accredited ISO 9001 certification
Not all Certification Bodies (CBs) are UKAS accredited. This means that the CB issuing your certificate has not been audited and accredited by UKAS.

This could have implications for future contracts and orders with your customers. For example, one of your customers may have won a new contract to supply a major project that requires them and their suppliers to hold UKAS approved ISO certificates. Not having a UKAS certificate could mean losing the contract or having to modify your existing procedures to comply with an audit to UKAS standards.

Many multi-national organisations and central and local government departments will require their suppliers throughout the supply chain to gain UKAS certification.

If you are thinking about the transition to ISO 9001:2015 and your current CB is not UKAS accredited, now may be a good time to move to one that is.

To find out if your certificate has been issued by a UKAS accredited CB, look for the crown and the tick.

UKAS is the sole UK national accreditation body recognised by the International Accreditation Forum (IAF) to assess against internationally agreed standards.

For more information or to get your transition started, please talk to one of our team on 0121 241 2299.

Gaining certification to any of the recognised standards such as ISO 9001, ISO 14001, ISO 27001 amongst others, requires time and resources. You will want to make sure that the Certification Body (CB) issuing your certificate is suitably qualified to provide the best service for your business.

Achieving certification will benefit your entire organisation and, if done properly, can improve the prospects and profitability of your company. It is therefore, important to check that your certification body is experienced and has been through regular audits themselves, like the audits you must go through.

UKASUKAS – United Kingdom Accreditation Service
If you do not see the UKAS tick and crown logo on your certificate, this means your Certification Body (CB) has not been Accredited by UKAS for the scope of your Certification.

UKAS is the sole UK national accreditation body recognised by the International Accreditation Forum (IAF) to assess, against internationally agreed standards.

There is no legal requirement for a Certification Body to be UKAS accredited and some CBs choose to provide consultancy and certification under the same roof to streamline the process. However, UKAS and the IAF do not permit this and require UKAS accredited CBs to refrain from providing any consultancy services, to ensure that the value of Certification is kept as an impartial third-party process.

Checking that you are working with a UKAS accredited CB will ensure that your hard-earned resources are not wasted on certification that may not be recognised by your customers.

Why UKAS accreditation?
Not all certification is UKAS accredited. This means that the Certification Body issuing the certificate has not been audited and accredited by UKAS.

In the same way that you are regularly audited, UKAS is the auditor for UKAS accredited CBs who issue certificates.

By choosing a CB that has been UKAS accredited, you can be confident they are operating to recognised standards and are regularly audited to maintain compliance.

UKAS reviews the CBs management, policies and procedures for the standards they are audited on. They will only be audited on standards where they have proven industry knowledge. Any new industry standards they want to include in their portfolio have to go through the auditing process.

Benefits of UKAS accreditation
One of the many reasons for going through the process of certification is supplier demand. Many multi-national organisations and central and local government will require their suppliers to gain certification to maintain the quality of products and services throughout their supply chain.

For individual companies in the supply chain, this means establishing management systems and frameworks to meet the relevant standard, then continuously monitoring and improving processes to maintain certification.

The benefits to your business of achieving certification from a UKAS accredited CB include:

  • Quality of audit is based on recognised standards.
  • Audit will be impartial.
  • Auditor will have knowledge of your industry.
  • Management systems will be established using best practise within your industry.
  • Increased efficiency and cost savings.
  • Access to new markets at home and abroad because UKAS accredited certificates are recognised worldwide.
Contact us to find out more about ISO certification.
After 4 years of preparation the EU Parliament has finally approved the GDPR. This directive harmonises all the data protection laws across Europe and comes into effect from 25th May 2018. Heavy fines can be expected for non-compliance.

ISO_27001_and_GDPRWhat about Brexit?
If you sell goods or services to other EU members
and hold data about individuals in those countries, then you will have to comply with the new regulations. Even if you only sell within the UK, it is expected that our regulations will follow the GDPR to maintain access to the EU digital market. Some adjustments may be made once we leave the EU but the fundamental guidance is expected to remain.

What are the implications?
Organisations in breach of the regulations can be fined up to a maximum of 4% of annual global turnover or 20 Million Euros (whichever the greater). The regulations apply to both controllers and processors.

If your organisation holds personal information, you will be responsible for:
  • Identifying where the data is held
  • Managing the risks that could lead to a data breach
  • Maintaining and monitoring security
  • Implementing a robust Information Security Management System (ISMS)
Key points
There is an entire website dedicated to the new regulation and a link is provided at the bottom of this article if you need to find out more. For now, we are simply going to focus on what your business can do to help you comply with the new regulation.

The aim of GDPR is to protect all EU citizens from privacy and data breaches. That means “Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.”

Conditions for consent
“Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it. Explicit consent is required only for processing sensitive personal data - in this context, nothing short of “opt in” will suffice. However, for non-sensitive data, “unambiguous” consent will suffice.”

*Taken directly from the GDPR website (link below).

The website provides detailed information about the implications of not collecting or storing data in the correct way, but does not give much guidance on how to go about preventing a data breach.

A good starting point would be to gain ISO 27001 certification. This international management standard provides a framework for your organisation to identify the risks, implement management systems and continually monitor your procedures to minimise the impact of a security breach.

ISO 27001 certification and GDPR
This international standard covers the security and protection of data and how it is used. Loss or damage could be caused by natural disasters such as fire or flood, accidental loss or mismanagement, corrupted or stolen data. The effects of any of these losses can have catastrophic consequences for organisations.

By integrating an Information Security Management System into your organisation, you will manage the risks and minimise the effect of an incident.

This proven framework will provide the management system needed to help you comply with the new GDPR.

GDPR Website: www.eugdpr.org
 
Further information is also available from:
UK Information Commissioner’s Office ico.org.uk

 
Climate change continues to make the headlines as global temperatures break previous records. February 2016 was the warmest February in 136 years of Nasa’s modern temperature records. Average temperatures in 2017, though not expected to be as warm as 2015 and 2016, are still going to be warm again.

The effects of global warming on populations around the world are already being felt at a personal level with health problems such as:
  • Respiratory diseases caused by poor air quality.Flooded_buildings
  • Infectious diseases spreading due to climate change and insect migration.
  • Hunger and lack of clean drinking water because of extreme weather events.
  • Death and injury from natural disasters caused by flooding.
To help organisations and businesses reduce their impact on the environment and establish effective environmental and energy management systems, there are a variety of ISO standards, one of the most popular being ISO 14001.

ISO 14001 environmental management standard
ISO 14001 provides a management framework for industry to combat climate change by reducing harmful emissions.

Certification also provides benefits to your organisation by reducing waste and improving energy management together with a range of other benefits that will help to increase profits and enhance relationships with your suppliers and clients.

If your organisation is involved in the events sector, ISO 20121 has been specifically developed to support event organisers, venues and suppliers. ISO 20121 improves efficiency and provides a framework to cut costs by improving energy and waste management.

Environmental responsibility
Government policies differ from country to country. Donald Trump is planning to dismantle some of the policies that Barack Obama put in place. However, in a recent keynote speech at the "Seeds & Chips - Global Food Innovation" in Milan, Obama stated that the private sector would be key to tackling climate change with clean energy being the driver.

Ultimately, it will be industry and individuals that will act to reduce carbon emissions and start moving towards a clean energy economy. A management framework that will help identify the most efficient and effective solution will not only benefit the environment; it will improve the organisation.