ASQ0511-201306AQSManagementSystem

8/9/2019 ASQ0511-201306AQSManagementSystem

1/31

ISO ManagementISO Management SystemsSystemsGuidance on understanding the benefts o

an ISO Management System


2/31

Welcome &Welcome &IntroductionsIntroductions


3/31

4031 University Drive, 206, Fairfax, VA 220304031 University Drive, 206, Fairfax, VA 220303 Grant Square, 243, Hinsdale, IL 605213 Grant Square, 243, Hinsdale, IL 60521

www.RadianCompliance.comwww.RadianCompliance.comSally SmoczynskiSally Smoczynski

[email protected]@RadianCompliance.com630-728-7181630-728-7181


4/31

AgendaAgenda•Brie intro to ISO

•General understanding or ISO certifcation

•Elements o an ISO Management System

•What’s the new Anne S!"

•Benefts o an ISO Management System


5/31


6/31

Who is IOS and W hat IsWho is IOS and W hat Is

ISO?ISO?

• #he International Organi$ation orStandardi$ation %IOS& is a worldwide ederationo national standards bodies'

• Wor(ing through #echnical )ommittees* it hasde+elo,ed and ,ublished o+er -.*/// di0erentISO standards that are used internationally orsub1ects ranging rom flm s,eeds to wineglasses to 2uality management systems'

• #he o3cial ,ur,ose or the issuance o ISOStandards is to acilitate world trade throughstandardi$ation'


7/31

ManagementSystems

ISO 20000-1:2011

Service Management

ISO 22301Business Continuity

Management

ISO 27001-2005InformationSecurityManagement

System

ISO 9001:2008

QualityManagement

System

ISO 31000 is!Management


8/31

Understanding theUnderstanding the

Standards - DocumentsStandards - DocumentsMost standards ha+e at least two su,,ortingdocuments4•Requirements 5 these are the 6Shalls7 and are

re2uired to be im,lemented unless e clusions canbe ta(en' #he auditor can only audit against the6Shalls7'•Code of Practice 5 these are the 6Shoulds7 and

are guidance to assist you in im,lementation'•Guidance 5 a ully im,lementable standard thatdoes not ha+e a 6certifcation scheme7' 8ou can becom,liant* but not certifed'


9/31


Standards - PDCAStandards - PDCA

Do

Plan

Check

Act


10/31


Standards - ScopeStandards - Scope

• 9etermine your Sco,e o :egistration• ;ow many ,eo,le within your organi$ation

su,,ort this Management System"• ;ow many ,rocesses are included"• ;ow many locations"


11/31

Requirements forRequirements for

CerticationCertication


12/31

Stages f or RegistrationStages f or Registration• Submit a,,lication to registrar• Stage -< Assessment o readiness• Stage =< Assessment or registration audit

• :egistration>certifcation awarded or ? years• Sur+eillance audits %at least annually&• :ecertifcation audit at the end o ? rd year


13/31

RegistrationRegistration

• @sually ta(es - or ,ossibly = auditors - to ?days

o de,ending on sco,e* si$e* locations and,ersonnel

• 8ou will be told whether or not you will berecommended or registration at thecom,letion o the Stage = audit

• )ertifcate usually arri+es a = 5 wee(s later• Maintaining your ISO )ertifcation%s& is the

frst ste, in continuous im,ro+ement


14/31

Registrar/Auditor Selection CriteriaRegistrar/Auditor Selection Criteria• Accreditation and sco,e o accreditation• :e,utation and customer acce,tance• A+ailability* cost* and location• nowledge o your business• )ulture ft with your organi$ation• Ability to audit all o your uture standards

Cote< #he e ternal auditor is hired by the :egistrarand ,resented with 2ualifcations to you u,onagreement o audits' 8ou cannot go out and hireyour own e ternal auditor'


15/31

Getting Ready for the AuditGetting Ready for the Audit

• 9etermine team* set budget• Internal auditor%s& training i using inDhouse resources• ;ire consulting frm i a,,licable• Ga, Assessment

• Im,lement re2uirements o standard to meet yourbusiness needs against the ga, assessment• GoD!i+e• ;old Management :e+iew Meeting• )onduct Internal Audit• :efne documentation

• Em,loyee in+ol+ement training• System ad1ustment• :egistration audit 5 Stage -• System ad1ustment• :egistration audit 5 Stage =


16/31

Ongoing CommitmentOngoing Commitment• Getting certifcation is only the beginning• Management :e,resentati+e must (ee, u,

wee(ly>monthly>2uarterly with tas(s• Internal audits are re2uired at least annually• Management re+iew is re2uired at least annually• #imely com,letion and u,dates to

)A:s> A:s>OFIs• Annual Sur+eillance audit by e ternal registrar


17/31

An ISOAn ISO

Management SystemManagement System


18/31

Elements of a Management SystemElements of a Management System

• Management )ommitmento #o, management shall 'o artici,ation in Management :e+iewso ro+ide in,ut or continuous im,ro+emento Accountable or resource management

• :esource Managemento Identifcation o resources including human* technical* in ormation and

fnancialo Identifcation o roles* accountability and res,onsibility %:A)I&o )om,etence* awareness H training


19/31


• Management :e+iewso :e2uired in,uts including re+iews o audits* customer eedbac(*

,er ormance measurements* im,ro+ements* changeso :e2uired out,uts including actions recorded or im,ro+ements*

documented im,ro+ements and the e0ecti+eness o thoseim,ro+ements* additional ollowDthrough o actions identifed such asresource needs or com,letion o changes identifed

• 9ocument H :ecords )ontrolo 9ocumented ,rocedure or creating* a,,ro+ing* maintaining* ,rotecting

archi+ing and destroying documents H recordso Identi ying documents o e ternal origin


20/31


• Internal Audito 9ocument an audit ,lano Identi y internal auditors* hire or traino 9ocument out,uts and act u,on fndingso #imely re,orting

• )ontinual Im,ro+emento Organi$ation shall continually im,ro+e the e0ecti+eness o the

management system through the use o the ,olicy* ob1ecti+es* audit

results* analysis o data* correcti+e and ,re+enti+e actions andmanagement re+iew

o )orrecti+e> re+enti+e Actions recorded* ,lanned and u,dated timelyo Good :oot )ause methodologyo :e+iew o e0ecti+eness o actions ta(en


21/31


22/31

A New StructureA New Structure

• Starting with ISO ==?/-* the Anne S! conce,twas introduced to standardi$e the managementsystem re2uirements or A!! management

system standards' #he ne t standards to be,ublished with the Anne S! is ISO = //- laterthis year and the much antici,ated =/-J releaseo ISO K//-'


23/31

Annex SLAnnex SL

• Introduction• -' Sco,e• =' Cormati+e re erences• ?' #erms and defnitions• L' )onte t o the organi$ation• J' !eadershi,• ' lanning•

' Su,,ort• .' O,eration• K' er ormance e+aluation• -/' Im,ro+ement


24/31

Benets of ISOBenets of ISO


25/31

Benets of theBenets of the

Management SystemManagement System• #here are ob+ious internal beneftso )om,etiti+e Ad+antageo )ommitment to detail or the sco,e4 ie< 2uality* security* ser+ices* etco

Better em,loyee engagement through training* communication andaccountabilityo Formali$ed H re,eatable ,rocesseso Accountability at all le+elso Ongoing internal and e ternal audits ensure wea(nesses are identifed

and im,ro+ements are com,letedo Better go+ernance and management o su,,liers and outsourced

,rocesseso More e3cient ability to changeo :eduction in du,licate e0ort


26/31

Customer BenetsCustomer BenetsISO K//- certifed com,anies 2ueried

• J im,ro+ed their le+els o customer satis action andloyalty• J booster their o,erational ,er ormance• - ac2uired new customers and retained e isting ones'•JJ achie+ed cost sa+ings

•Source< BSI E cellerator :esearch =/--


27/31

Reducing RiskReducing Risk• .J o in ormation security %ISO = //-& clients built

sta(eholder confdence• K e ,erienced aster reco+ery s,eeds rom incidents• .? o business continuity %ISO =JKKK& clients re,orted

enhanced re,utation as the (ey beneft• L o health H sa ety clients reduced incidents while

LK made cost sa+ings• KK o organi$ations meets their In ormation Security

ob1ecti+es once they ha+e im,lemented ISO = //-

• Source< BSI E cellerator :esearch =/-- and Erasmus

@ni+ersity Study


28/31

Organizational BenetsOrganizational Benets• L attribute direct cost sa+ing to ISO -L//-• L re,ort im,ro+ements to their cor,orate

re,utation•

im,ro+e their com,liance• - re,ort higher morale among sta0

• Source< BSI E cellerator :esearch =/--


29/31

Client InsightsClient Insights!arge rinting )om,any

• #he biggest beneft we ha+e seen o+er the course o ourISO certifcation is a reduction in s,oilage' Be ore we

were ISO certifed* we a+eraged about 'J s,oilage ,eryear' !ast year our s,oilage was -'= '

•Earnings or =/-= were J million so -'= was a,,ro 'N .L*/// +ersus 'J would be ?' million' retty

signifcant beneft'

•We ha+e also beneftted rom standardi$ation o,rocesses and im,ro+ed communication'


30/31

CreditsCredits• Google Images• )lients ,ersonal beneft stats• BSI mar(eting brochure 6Why we do what we do7

• Puality Management )PI' )MI %BSI white ,a,er&


31/31

QuestionsQuestions