All Enquiries
please call +44 (0)121 241 2299
Waste-products-and-recycling-with-ISO-14001Waste is a global issue. The major world economies have long recognised that the amount of waste being produced has reached crisis levels. With developing nations producing more waste as they grow, global waste could increase by 70% by 2050 according to the World Bank.

Plastic waste has been identified as a major problem for our seas and environment with steps now being taken to limit the use of plastic containers across all sectors of the economy. Initiatives by supermarkets to remove plastic packaging from their shelves. Other moves by facilities to make water fountains and taps available for drinking water instead of using bottled water are just two of the changes that are gradually altering the way we shop and think about managing waste.

Food waste is one of the world’s largest contributors to carbon dioxide emissions. Waste from our own dining tables, commercial kitchens and throughout supply chains are one of the largest contributors towards global climate change according to the United Nations. Ways are being investigated to redistribute, recycle and reduce the amount of food waste that goes to landfill.

Tackling the problem will need global cooperation. ISO standards can help organisations to implement management systems that will help reduce the impact of their waste and emissions on the environment and improve performance and profits.

Being an independent, non-governmental international organisation, ISO can provide organisations, in the 164 countries where they have national standard bodies, with management frameworks that provide solutions to the challenges facing us in the fight against climate change.

ISO 14001 environmental management system

Commercial enterprises are under pressure to reduce the amount of waste produced and find ways to re-use, remanufacture, repair and recycle. The government announced in their policy paper published in December 2018 that their strategy will:
  • preserve our stock of material resources by minimising waste, promoting resource efficiency and moving towards a circular economy
  • minimise the damage caused to our natural environment by reducing and managing waste safely and carefully
  • deal with waste crime.
Their plan is to move society away from the inefficient linear economic model of “take, make, use, throw” to a more circular economy of “re-use, remanufacture, repair, recycle”. This will see us keeping resources in use for as long as possible. It will allow us to extract maximum value from them, then recover and regenerate products and materials at the end of their lifespan.

Their aim is to make the UK the G20 nation with the highest level of ambition for the environment.

Businesses will be expected to play their part, supermarkets are already moving to reduce packaging, restaurants are being encouraged to reduce wasted food or find ways of re-distributing excess food. Manufacturers are minimising and providing recyclable packaging.

Tackling the issue will require a management framework that encompasses the whole organisation. ISO 14001 provides an environmental management system that will make your organisation as efficient as possible to help you to meet any new or existing regulations, reduce waste and reduce costs.

What is ISO 14001

ISO 14001 certification involves a dedicated internal resource or an external consultant providing the necessary experience to identify where your organisation can improve waste management within your overall environmental management strategy.

Implementing ISO 14001 will demonstrate to your suppliers, employees and customers that you have an internationally recognised management system in place to minimise the impact of your operations on the environment.

Some of your customers may require certification before they ask you to tender for business. We are expecting this to become more common as we enter an era of planning to improve our environment.

ISO 14001 certification

The process of certification and the management framework implemented is unique to every business and your consultant will bring their expertise and knowledge to provide best practice and solutions to your particular needs.

The process will include a complete waste audit to determine the amount of waste you are generating and where savings could be made. Can any of your waste be recycled or re-used?

Working through this process, the benefits of using ISO 14001 will save money, help meet your legal responsibilities, reduce your environmental impact and, if implemented effectively, lead to increased profits.

Training employees and including your entire organisation in the process will help the implementation of ISO 14001 and aid the cycle of continual improvement that is required to achieve a successful audit.

Talk to one of our team about implementing ISO 14001 to meet your environmental goals as the government rolls out their 25-year plan to improve the environment. Request a callback or get an ISO 14001 quote.
Motorway-sign-ready-for-Brexit-with-ISO-9001There has been a lot of talk in the media recently about the possibility of the UK falling into recession following the contraction of the economy in the second quarter of 2019.

With the proposed Brexit date of 31st October looming there is speculation that the economy could shrink further if we crash out without a deal. Some forecasters are warning that if we exit without a deal, the pound would plummet, stock markets would fall and GDP could shrink by 2% by the end of 2020.

With so much uncertainty around, whether these scenarios become reality or not, businesses need to be taking steps to ensure their products and services are competitive and looking at every area of their operations to find cost savings and increase efficiency.

Are you ISO 9001 certified already?

If you have achieved ISO certification to ISO 9001, you will already have a quality management system in place that will constantly improve your performance and drive down costs. This will provide the perfect framework to identify and carry out further improvements before the effects of a downturn start to bite.

Have you recently reviewed every area of your business or carried out a risk assessment to identify the negative effects that a recession or leaving the EU without a deal would have?

If your last annual surveillance visit was over 6 months ago and you have not carried out a company review or internal audit since then, don’t wait until your next surveillance visit before you carry out a company-wide review that includes recession proofing and Brexit planning.

Acting early before the effects of a recession start to have an impact on your sales and profits, will help you to reduce costs and minimise waste to keep your prices competitive. As an ISO 9001 certified company, you will already have an advantage over competitors who have not achieved ISO 9001 certification. This will keep your current customers on board and make it easier to win new business from around the world.

Opening new markets could be an option for some sectors after Brexit. With a probable devaluation of the pound, UK exports will be cheaper. Depending on the Brexit deal (or no deal), opportunities outside Europe may offer a solution, mitigating any loss of trade within the EU because of increased tariffs or customs delays. Additional bureaucracy and delays disrupting supply chains are expected and will mean more work for your management teams that may require changes to your management framework and structure.

ISO standards are internationally recognised and certification to ISO 9001 will demonstrate to new customers your commitment to maintain high quality standards.

Not ISO 9001 certified yet?

If you have been considering gaining ISO 9001 certification, now is a good time to prepare your organisation for the step change that will help you to grow by implementing a quality management system that will improve every area of your operations.

A quality management system regularly audited by a third-party Certification Body (CB) will provide proof that you have processes in place to continuously improve your business to recognised standards.

Implementing ISO 9001 will provide improvements that will help you survive and thrive during a recession:
  • Increase productivity and profit
  • Make it easier to build relationships with new customers and keep existing customers
  • ISO standards are recognised globally and will help you to enter new markets
  • Maintain your competitive pricing when tendering for new business
  • Improve your management systems to adapt quickly to economic changes.
Give your business the best chance of surviving the next recession, whether it comes next year or in the future, talk to one of our team on 0121 241 2299 or get an ISO 9001 quote by completing our short enquiry form.
For businesses and organisations to be successful over the long term, focusing on providing and maintaining quality products or services will help to ensure the growth and survival of the enterprise.

Quality is often defined as a product or service that meets or exceeds customer expectations.

Maintaining product and service quality will keep your existing customers coming back and help you to win new business by:
  • Improving customer satisfaction and referrals
  • Reducing returns and complaints
  • Helping to gain access to new markets
  • Building trust
  • Increasing sales and profitability.
Quality management is an ongoing process of continuous incremental improvements that will keep you ahead of your competitors.

To do this effectively your organisation could implement a quality management system that provides a method of controlling, measuring, tracking and continually improving processes.

One of the most internationally recognised quality management systems is ISO 9001:2015. Implementing a system such as ISO 9001 provides a framework of documented processes, procedures and controls to continually improve quality management.


ISO 9001:2015 Quality Management System (QMS)

A Quality Management System should encompass the strategic goals of the organisation and therefore needs the backing and leadership from top management.

Documentation provides the framework that will lead to performance-based measures and controls to keep track of progress against your objectives. For certification to ISO 9001 some documentation is mandatory. Your own internal auditor or ISO consultant will identify what is needed and will probably suggest a quality manual because this provides a logical template to help implement your QMS. Some organisations prefer their own documentation method and providing it has the necessary information, is logical and is communicated across the entire organisation, this can be just as effective.

Your own quality manual or documentation will reflect the size of your organisation and type of business and sector you are in. The important factor is that it works for you and becomes an integral part of your business not just a tick box exercise. To emphasise this, the recent ISO 9001:2008 to ISO 9001:2015 revision has prioritised managing processes over documentation.

Making your QMS more effective

iso9001-ukasMany organisations obtain ISO 9001 because their customers demand certification as a prerequisite of working with you. Gaining ISO 9001 certification saves a lot of time in the pre-qualification process of a tender by demonstrating that you have a recognised quality management system in place. Especially if it is audited by a certification body that has been accredited by UKAS. The benefit of having the UKAS crown and tick on your certification identifies that your QMS meets the high standards that will be expected by your customers. Some organisations will not accept your certification without it.

ISO 9001 QMS registration mark

Regardless of whether you have been asked to gain certification or not, your organisation will benefit from the structured approach to every aspect of your business to help it improve and grow.

Because the ISO 9001 quality manual is based on a general template, it provides a guide that can be tailored by individual organisations to meet their own requirements. For example, progress through your quality manual will provide processes and actions that when completed will give you an edge over your competitors.

These are some examples of the content sections that will help you do this:
  • Policy documentation
  • Internal influences, SWOT (strengths, weaknesses, opportunities and threats) analysis
  • External influences, PESTLE (Political, Economic, Social, Technological, Legal and Environmental) analysis
  • Leadership
  • Management planning
  • Risk analysis, disaster recovery and continuity planning
  • Working procedures
  • Performance evaluation
  • Continual improvement.

Key stakeholders

Getting your key stakeholders involved in the quality management process through questionnaires and consultations will ensure their buy-in to establish and improve your quality management system.

Customer requirements will be paramount to quality objectives, finding out what their expectations are will be a priority for your quality policy document.

The organisation’s Directors and managers need to be fully behind the implementation of ISO 9001. One of the other changes in the ISO 9001 revision was the importance of leadership from top management.

Your employees, contractors and sub-contractors will play an important role in your implementation of quality procedures, monitoring and reporting. Gaining their support and feedback for your quality management processes will make the implementation more effective.

Suppliers play a key role in ensuring your products or services are reliable and available when your customers need them. Involving them in your quality management procedures will ensure continuity of supply to your expected standards.

To find out more about implementing a quality management system, or the revision from ISO 9001:2008 to ISO 9001:2015, request a callback or get a quote.
If you produce components for manufacturers who expect their suppliers to deliver on time and consistently to recognised standards, they will often insist on certification to one or more of the ISO standards such as ISO 9001.

These manufacturers recognise that businesses face risks from sources beyond their control and in today’s global economy the risks are greater, more varied and can happen more quickly. Businesses face physical, virtual, regulatory, political, reputational and financial events that can have devastating effects on business operations.

Gaining ISO 9001 certification for your business demonstrates that you have documented the risks and implemented controls to minimise the effects of a disruptive event so that you can maintain continuity of supply to your clients.

Disaster-recovery-with-ISO-9001Typical risks to a business include:
  • Extreme weather events affecting property, transport and power supplies that can have an impact on global supply chains
  • Cyber-attacks and disruption to IT systems
  • Changes to regulations and the political landscape
  • Loss of customer confidence due to negative publicity
  • Financial losses.
Business continuity requires management systems that can identify risks, manage disruption and limit the effects of these events to ensure business gets back to normal as quickly as possible.

Implementation of ISO 9001 Quality Management System (QMS) will give your business a framework to help manage these risks. It may also lower your insurance premiums.

Business Interruption Insurance

You can rely on your business insurance to provide cover in case of an insured event. Policies that include Business Interruption Insurance will provide financial support for insured losses resulting from some of the above events. However, relying on insurance alone will not help your customer who wants a regular supply of products to fulfil their production deadlines.

Additionally, demonstrating that you have a management system in place to minimise risks and providing evidence to your insurance provider could reduce your insurance premiums.

ISO 9001 Quality Management System

The recent revision to ISO 9001:2015 prioritises a culture of risk-based thinking across the whole organisation. The standard provides a framework to evaluate risk and implement controls and processes to minimise the damage from an unexpected event.

Implementing business continuity planning and disaster recovery will help your organisation to resume services as quickly as possible when recovering from an event.

Benefits of certification to your customers are evident when you are tendering for new business or retaining existing clients. Being able to show a documented process for recovery from sudden events will give your customers confidence that you can maintain continuity of supply through all but the most catastrophic events that you have identified in your risk analysis.

Other benefits include increases in productivity and efficiency that will keep your prices competitive.

Methods used to identify risk

Your ISO 9001 consultant will provide guidance on methods that can be used to identify the risks associated with your operations including techniques such as:
  • Interviews with employees
  • Brainstorming
  • Identifying previous events
  • Risk survey
  • SWOT analysis
  • Your consultant’s industry knowledge of best practice within your industry sector.
If you want to take your disaster recovery and continuity management a step further, call one of our team on 0121 241 2299 to discuss how you can make your business more resilient to today’s fast-moving events. Alternatively, you can request a callback or a quote via our online forms.
Following investigation by the Information Commissioner’s Office (ICO) of last year’s British Airways data breach, where credit card details, travel bookings and logins for customers were accessed, the airline has recently been fined a massive £183 million. BA has 28 days to appeal the ruling which is the largest issued so far by the ICO.

A similar case of stolen records from the Marriott hotel group has resulted in a fine of £100 million subject to appeal by the company.

This shows how seriously the ICO is taking the new GDPR regulations and enforcement of fines to companies that have not demonstrated their commitment to data security. In British Airways’ case “poor security arrangements” at the company were cited by the ICO.

Business man after a cyberattackBusinesses of all sizes must be prepared
Your business may not be in the same league as BA or some of the other giants that have been caught out and suddenly find themselves in the headlines for the wrong reasons. However, the fines are levied on a percentage of turnover. Could your organisation survive a fine of this size?

Copied from: https://eugdpr.org/the-regulation
“Organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). This is the maximum fine that can be imposed for the most serious infringements e.g. not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors – meaning ‘clouds’ are not exempt from GDPR enforcement.”

The following podcast is from Reuters and Barclays bank and discusses some of the fines mentioned above and ways to reduce exposure to cybercrime.

One of the points to come out of the above interview from Paul Henley is that organisations should take matters into their own hands by analysing attacks, managing the process and having a programme in place to fix any vulnerabilities that are identified.

ISO 27001 will provide a management framework to manage and fix vulnerabilities
ISO 27001 is one of a range of internationally recognised ISO standards such as ISO 9001, that organisations can implement to make them more efficient, productive and robust.

Gaining certification to ISO 27001 will provide a management system to help protect your organisation from a cyberattack and a variety of other risks such as natural disasters, mismanagement, human error and corrupted or stolen data.

Risk assessment and risk management is a fundamental part of the assessment process to gain certification. This will entail an expert from within or outside your organisation identifying where vulnerabilities in your network exist and implementing controls, policies and procedures to minimise the risk of a breach.

Another point made in the above interview by Paul Henley was that he would have liked “someone to come up with a whole list of things to consider”. Your ISO 27001 consultant will have been selected for his experience and knowledge of working with other organisations in your industry sector and will be able to implement best practice using the latest information available.

A large proportion of cyberattacks are down to human error which is very difficult to eliminate completely. A management system will help to mitigate the chances of an attack taking place and provide a recovery process should the worst happen by implementing:
  • Risk assessment and management
  • Employee training
  • System monitoring
  • Access control
  • Regular reviews
  • Continuous improvement
This will demonstrate your commitment to minimise risk and limit your exposure to regulatory fines or adverse publicity that could be catastrophic to your organisation.

Call 0121 241 2299 to discuss how ISO 27001 can protect your organisation from the effects of cybercrime.