229
All Enquiries
please call +44 (0)121 241 2299
2015 saw revisions to the ISO 9001 and ISO 14001 standards. The next revision will be to OHSAS 18001 which is due to take place towards the end of 2016. The new standard for occupational health and safety management will be renamed ISO 45001.

One of the fundamental changes being made in these revisions is to the top level structure. These changes aim to deliver advantages by aligning various aspects of the different management systems to improve integration between standards. This structure is called Annex SL and was introduced by ISO to provide consistency throughout all of the ISO standards.

ISO 19001 and ISO 14001 are, for many organisations, the core of their management system and integration will save both time and costs.
  • Other benefits include:
  • Improved efficiency throughout the organisation
  • Less documentation
  • Better risk management
  • Involvement of all levels of the organisation
  • Adding value by maximising performance
  • Reducing duplication

Cogs_integrationAnnex SL
Annex SL will provide a common structure, text and definitions to make integration of multiple standards - ISO 9001, ISO 14001 and ISO 45001 (later this year), smoother and quicker to implement.

By taking an integrated approach, documentation, training, audits and reviews will take up less resources and result in a more efficient and effective management system.

ISO 45001
Publication of the standard is expected around the end of 2016 when the transition from OHSAS 18001 can start.

Certification to the new standard will provide all of the integration efficiencies along with the existing OHSAS 18001 benefits to reduce accidents in the workplace and meet legal and regulatory requirements.

Other benefits of ISO 45001 certification include:
  • Improved productivity with fewer disruptions through absenteeism
  • Better employee relations
  • Reduced insurance premiums
  • Lower costs connected with accidents in the workplace
  • Less risk of prosecution and HSE visits
  • Improved reputation with employees and stakeholders
To find out more please contact us.
 
One of the risks facing businesses in 2016 is the increase in cyber crime.

Balloon-popping-business-riskThe ISO 27001 international standard provides an effective information security management system (ISMS) focused on identifying areas of risk and developing a system for managing and minimising those risks.

Areas at risk include:
  • Computer hardware and systems
  • Data stored locally and off site
  • Intellectual property
  • Employees’ personal details
  • Data and equipment belonging to contractors
  • Suppliers’ assets
  • Customer information
Threats come from a variety of sources including natural disasters, hacker attacks, computer viruses and the consequences of stolen information.

As a result of an incident, an organisation could not only be faced with the costs of putting right the damage and coping with the effects on the business, but could face legal implications connected with the breach.

Costs can run to millions of pounds and with cyber attacks and unpredictable weather conditions increasing, it is more important than ever to manage the risks to your business.

How will ISO 27001 protect my business?
First stage is to appoint an experienced ISO 27001 consultant who will help you to set up an effective management system tailored to your business. They will identify the risks to your business and develop a process to manage those risks together with an ongoing system of monitoring and continual improvement.

Working with members of your team, your appointed consultant will be able to apply industry best practice and using their experience, provide a workable system that will:
  • Review current procedures
  • Identify risks
  • Assess threats to assets
  • Highlight gaps and areas for improvement
  • Establish a system of management and control
  • Provide processes and procedures
  • Continually improve the system with audits and reviews
ISO 27001 Certification
Once you are satisfied that your ISMS is established in line with the requirements of ISO 27001, you will be ready for auditing by an independent accredited certification body. In the UK, you should check they are UKAS accredited.

For more information contact one of our team.
The United Nations Climate Change Conference which started on 30th November and runs to 11th December 2015 will be discussing, amongst other things, the impact industrial development is having on our climate. With the aim of keeping global warming below 2°C, business and governments will be discussing climate change, reducing greenhouse gas emissions and the development of renewable energies.

On the 7th and 8th December, as part of the Conference, there will be a business focussed
event. The “Sustainable Innovation Forum” (SIF15), brings together participants from business, Government, finance, UN, NGO and civil society to “bolster business innovation and bring scale to the emerging green economy”.

To add more pressure to the talks, we hear recently that the Chinese government issued a health warning to Beijing residents to stay indoors due to heavy smog.

There would seem to be overwhelming evidence that our climate is warming, with effects such as rising sea levels and extreme weather events. A natural cycle or human impact? Whatever you believe, can we afford to do nothing?

Green_footprintEvery business can help
The recently revised ISO 14001:2015 standard can help to reduce the impact that your operations may have on the environment. This is a global standard with certifications in 171 countries. The standard provides a framework for organisations to meet the challenges of climate change.
The benefits go further than improving the environment for all of us; they can deliver tangible benefits for your organisation:
  • Meet legal obligations
  • Engage employees
  • Improve performance through efficiencies
  • Reduce waste and increasing recycling
  • Provide cost savings
  • Increase profits
  • Enhance brand image

ISO 14001 certification and implementation can have a significant effect on an organisations profitability and performance. By adopting an effective energy management system you will gain a competitive advantage and contribute towards the climate change challenges the world will face in the future.

 
Companies continue to be vulnerable to hackers with the latest cyber attack affecting TalkTalk. This follows a number of other high profile incidents in 2015.

Breaches like these are not limited to large companies; small businesses are just as vulnerable. The latest report from the Department for Business Innovation and Skills - “2014 Information Security Breaches Survey” found that although security breaches were slightly down from 2013, the overall costs to deal with incidents was up:

81% of large organisations had a security breach (down from 86%* a year ago)

60% of small businesses had a security breach (down from 64%* a year ago)


£65k - £115k is the average cost to a small business of its worst security breach of the year (up from £35 - £65k a year ago)

Full survey available from https://www.gov.uk/government/uploads

Cyber_security_policyISO 27001 Information Security Management System (ISMS)
Every business should be taking precautions and assessing the risks of cyber crime by putting in place a written security policy.

The ISO 27001 information security standard is one way of protecting your business from future attacks. Certification will introduce a management structure to identify risks to your business. It will also establish a plan to recover from a breach should the worst happen.

Taking precautions to prevent a breach before it happens is more cost effective than recovering from an incident given the fact that costs for dealing with events are continuing to increase.

Direct costs to get your business back on track after a breach are not the only implications. Reputation with clients, compensation pay outs and, as in the case of TalkTalk, a drop in their share value, could have a devastating effect on the future of a business.

Certification provides peace of mind and demonstrates your company’s commitment to security of information.

 
ISO_CertificationCertification to any of the ISO standards provides tangible benefits for your organisation. If you want to grow your business, increase profits and operate more efficient working practices, achieving certification will help, as well as giving you an edge over your competitors.

Whether you operate locally or globally, the standards are recognised worldwide and are relevant to all sizes of business.

Other benefits include:
  • Improved internal processes and efficiency
  • Reduced waste resulting in environmental benefits and cost savings
  • Increased sales
  • Better access to new markets
  • Industry expert consultants providing guidance

Next steps

When choosing a certification body, it is worth pointing out that you should check they are UKAS accredited. UKAS has government recognition and is licensed by the Department for Business Innovation and Skills (BIS). You can be sure to receive the most appropriate advice by choosing a UKAS accredited certification body. Your long-term success could be undermined if you use an independent evaluation service.

Continual improvement

After successfully completing your first audit, your assessor will set up a process to monitor and improve systems and arrange regular (six monthly or annual) surveillance visits.

These visits will ensure your management systems remain effective and continue to meet the standard.
Ongoing checks will help to maintain your conformity and make your next certification renewal assessment run as smoothly as possible.

To find out more call ACS Registrars (a UKAS Accredited Certification Body - No. 0229).