8/9/2019 ASQ0511-201306AQSManagementSystem
1/31
ISO ManagementISO Management SystemsSystemsGuidance on understanding the benefts o
an ISO Management System
8/9/2019 ASQ0511-201306AQSManagementSystem
2/31
Welcome &Welcome &IntroductionsIntroductions
8/9/2019 ASQ0511-201306AQSManagementSystem
3/31
4031 University Drive, 206, Fairfax, VA 220304031 University Drive, 206, Fairfax, VA 220303 Grant Square, 243, Hinsdale, IL 605213 Grant Square, 243, Hinsdale, IL 60521
www.RadianCompliance.comwww.RadianCompliance.comSally SmoczynskiSally Smoczynski
[email protected]@RadianCompliance.com630-728-7181630-728-7181
8/9/2019 ASQ0511-201306AQSManagementSystem
4/31
AgendaAgenda•Brie intro to ISO
•General understanding or ISO certifcation
•Elements o an ISO Management System
•What’s the new Anne S!"
•Benefts o an ISO Management System
8/9/2019 ASQ0511-201306AQSManagementSystem
5/31
8/9/2019 ASQ0511-201306AQSManagementSystem
6/31
Who is IOS and W hat IsWho is IOS and W hat Is
ISO?ISO?
• #he International Organi$ation orStandardi$ation %IOS& is a worldwide ederationo national standards bodies'
• Wor(ing through #echnical )ommittees* it hasde+elo,ed and ,ublished o+er -.*/// di0erentISO standards that are used internationally orsub1ects ranging rom flm s,eeds to wineglasses to 2uality management systems'
• #he o3cial ,ur,ose or the issuance o ISOStandards is to acilitate world trade throughstandardi$ation'
8/9/2019 ASQ0511-201306AQSManagementSystem
7/31
ManagementSystems
ISO 20000-1:2011
Service Management
ISO 22301Business Continuity
Management
ISO 27001-2005InformationSecurityManagement
System
ISO 9001:2008
QualityManagement
System
ISO 31000 is!Management
8/9/2019 ASQ0511-201306AQSManagementSystem
8/31
Understanding theUnderstanding the
Standards - DocumentsStandards - DocumentsMost standards ha+e at least two su,,ortingdocuments4•Requirements 5 these are the 6Shalls7 and are
re2uired to be im,lemented unless e clusions canbe ta(en' #he auditor can only audit against the6Shalls7'•Code of Practice 5 these are the 6Shoulds7 and
are guidance to assist you in im,lementation'•Guidance 5 a ully im,lementable standard thatdoes not ha+e a 6certifcation scheme7' 8ou can becom,liant* but not certifed'
8/9/2019 ASQ0511-201306AQSManagementSystem
9/31
Understanding theUnderstanding the
Standards - PDCAStandards - PDCA
Do
Plan
Check
Act
8/9/2019 ASQ0511-201306AQSManagementSystem
10/31
Understanding theUnderstanding the
Standards - ScopeStandards - Scope
• 9etermine your Sco,e o :egistration• ;ow many ,eo,le within your organi$ation
su,,ort this Management System"• ;ow many ,rocesses are included"• ;ow many locations"
8/9/2019 ASQ0511-201306AQSManagementSystem
11/31
Requirements forRequirements for
CerticationCertication
8/9/2019 ASQ0511-201306AQSManagementSystem
12/31
Stages f or RegistrationStages f or Registration• Submit a,,lication to registrar• Stage -< Assessment o readiness• Stage =< Assessment or registration audit
• :egistration>certifcation awarded or ? years• Sur+eillance audits %at least annually&• :ecertifcation audit at the end o ? rd year
8/9/2019 ASQ0511-201306AQSManagementSystem
13/31
RegistrationRegistration
• @sually ta(es - or ,ossibly = auditors - to ?days
o de,ending on sco,e* si$e* locations and,ersonnel
• 8ou will be told whether or not you will berecommended or registration at thecom,letion o the Stage = audit
• )ertifcate usually arri+es a = 5 wee(s later• Maintaining your ISO )ertifcation%s& is the
frst ste, in continuous im,ro+ement
8/9/2019 ASQ0511-201306AQSManagementSystem
14/31
Registrar/Auditor Selection CriteriaRegistrar/Auditor Selection Criteria• Accreditation and sco,e o accreditation• :e,utation and customer acce,tance• A+ailability* cost* and location• nowledge o your business• )ulture ft with your organi$ation• Ability to audit all o your uture standards
Cote< #he e ternal auditor is hired by the :egistrarand ,resented with 2ualifcations to you u,onagreement o audits' 8ou cannot go out and hireyour own e ternal auditor'
8/9/2019 ASQ0511-201306AQSManagementSystem
15/31
Getting Ready for the AuditGetting Ready for the Audit
• 9etermine team* set budget• Internal auditor%s& training i using inDhouse resources• ;ire consulting frm i a,,licable• Ga, Assessment
• Im,lement re2uirements o standard to meet yourbusiness needs against the ga, assessment• GoD!i+e• ;old Management :e+iew Meeting• )onduct Internal Audit• :efne documentation
• Em,loyee in+ol+ement training• System ad1ustment• :egistration audit 5 Stage -• System ad1ustment• :egistration audit 5 Stage =
8/9/2019 ASQ0511-201306AQSManagementSystem
16/31
Ongoing CommitmentOngoing Commitment• Getting certifcation is only the beginning• Management :e,resentati+e must (ee, u,
wee(ly>monthly>2uarterly with tas(s• Internal audits are re2uired at least annually• Management re+iew is re2uired at least annually• #imely com,letion and u,dates to
)A:s> A:s>OFIs• Annual Sur+eillance audit by e ternal registrar
8/9/2019 ASQ0511-201306AQSManagementSystem
17/31
An ISOAn ISO
Management SystemManagement System
8/9/2019 ASQ0511-201306AQSManagementSystem
18/31
Elements of a Management SystemElements of a Management System
• Management )ommitmento #o, management shall 'o artici,ation in Management :e+iewso ro+ide in,ut or continuous im,ro+emento Accountable or resource management
• :esource Managemento Identifcation o resources including human* technical* in ormation and
fnancialo Identifcation o roles* accountability and res,onsibility %:A)I&o )om,etence* awareness H training
8/9/2019 ASQ0511-201306AQSManagementSystem
19/31
Elements of a Management SystemElements of a Management System
• Management :e+iewso :e2uired in,uts including re+iews o audits* customer eedbac(*
,er ormance measurements* im,ro+ements* changeso :e2uired out,uts including actions recorded or im,ro+ements*
documented im,ro+ements and the e0ecti+eness o thoseim,ro+ements* additional ollowDthrough o actions identifed such asresource needs or com,letion o changes identifed
• 9ocument H :ecords )ontrolo 9ocumented ,rocedure or creating* a,,ro+ing* maintaining* ,rotecting
archi+ing and destroying documents H recordso Identi ying documents o e ternal origin
8/9/2019 ASQ0511-201306AQSManagementSystem
20/31
Elements of a Management SystemElements of a Management System
• Internal Audito 9ocument an audit ,lano Identi y internal auditors* hire or traino 9ocument out,uts and act u,on fndingso #imely re,orting
• )ontinual Im,ro+emento Organi$ation shall continually im,ro+e the e0ecti+eness o the
management system through the use o the ,olicy* ob1ecti+es* audit
results* analysis o data* correcti+e and ,re+enti+e actions andmanagement re+iew
o )orrecti+e> re+enti+e Actions recorded* ,lanned and u,dated timelyo Good :oot )ause methodologyo :e+iew o e0ecti+eness o actions ta(en
8/9/2019 ASQ0511-201306AQSManagementSystem
21/31
8/9/2019 ASQ0511-201306AQSManagementSystem
22/31
A New StructureA New Structure
• Starting with ISO ==?/-* the Anne S! conce,twas introduced to standardi$e the managementsystem re2uirements or A!! management
system standards' #he ne t standards to be,ublished with the Anne S! is ISO = //- laterthis year and the much antici,ated =/-J releaseo ISO K//-'
8/9/2019 ASQ0511-201306AQSManagementSystem
23/31
Annex SLAnnex SL
• Introduction• -' Sco,e• =' Cormati+e re erences• ?' #erms and defnitions• L' )onte t o the organi$ation• J' !eadershi,• ' lanning•
' Su,,ort• .' O,eration• K' er ormance e+aluation• -/' Im,ro+ement
8/9/2019 ASQ0511-201306AQSManagementSystem
24/31
Benets of ISOBenets of ISO
8/9/2019 ASQ0511-201306AQSManagementSystem
25/31
Benets of theBenets of the
Management SystemManagement System• #here are ob+ious internal beneftso )om,etiti+e Ad+antageo )ommitment to detail or the sco,e4 ie< 2uality* security* ser+ices* etco
Better em,loyee engagement through training* communication andaccountabilityo Formali$ed H re,eatable ,rocesseso Accountability at all le+elso Ongoing internal and e ternal audits ensure wea(nesses are identifed
and im,ro+ements are com,letedo Better go+ernance and management o su,,liers and outsourced
,rocesseso More e3cient ability to changeo :eduction in du,licate e0ort
8/9/2019 ASQ0511-201306AQSManagementSystem
26/31
Customer BenetsCustomer BenetsISO K//- certifed com,anies 2ueried
• J im,ro+ed their le+els o customer satis action andloyalty• J booster their o,erational ,er ormance• - ac2uired new customers and retained e isting ones'•JJ achie+ed cost sa+ings
•Source< BSI E cellerator :esearch =/--
8/9/2019 ASQ0511-201306AQSManagementSystem
27/31
Reducing RiskReducing Risk• .J o in ormation security %ISO = //-& clients built
sta(eholder confdence• K e ,erienced aster reco+ery s,eeds rom incidents• .? o business continuity %ISO =JKKK& clients re,orted
enhanced re,utation as the (ey beneft• L o health H sa ety clients reduced incidents while
LK made cost sa+ings• KK o organi$ations meets their In ormation Security
ob1ecti+es once they ha+e im,lemented ISO = //-
• Source< BSI E cellerator :esearch =/-- and Erasmus
@ni+ersity Study
8/9/2019 ASQ0511-201306AQSManagementSystem
28/31
Organizational BenetsOrganizational Benets• L attribute direct cost sa+ing to ISO -L//-• L re,ort im,ro+ements to their cor,orate
re,utation•
im,ro+e their com,liance• - re,ort higher morale among sta0
• Source< BSI E cellerator :esearch =/--
8/9/2019 ASQ0511-201306AQSManagementSystem
29/31
Client InsightsClient Insights!arge rinting )om,any
• #he biggest beneft we ha+e seen o+er the course o ourISO certifcation is a reduction in s,oilage' Be ore we
were ISO certifed* we a+eraged about 'J s,oilage ,eryear' !ast year our s,oilage was -'= '
•Earnings or =/-= were J million so -'= was a,,ro 'N .L*/// +ersus 'J would be ?' million' retty
signifcant beneft'
•We ha+e also beneftted rom standardi$ation o,rocesses and im,ro+ed communication'
8/9/2019 ASQ0511-201306AQSManagementSystem
30/31
CreditsCredits• Google Images• )lients ,ersonal beneft stats• BSI mar(eting brochure 6Why we do what we do7
• Puality Management )PI' )MI %BSI white ,a,er&
8/9/2019 ASQ0511-201306AQSManagementSystem
31/31
QuestionsQuestions