ISO Standards provide a framework to help businesses manage various aspects of their activities. Whether that’s quality, risk, environmental or Information Security management, they provide invaluable guidance to establish an effective Management System.

However, for those who are new to ISO Standards, the Standards themselves can seem rather intimidating to interpret.

Back in 2015, the Annex SL format was introduced to provide a common high-level structure for Management Systems. With 10 clauses now common in most widely adopted ISO Standards, it can still be a bit difficult to understand exactly how these all work together.

Today Ian Battersby will explain how ISO Standard clauses work in tandem to create a cohesive cycle, from context of the organisation through to Improvement.

You’ll learn

· What is the high-level structure?

· What are ISO Standards structured this way?

· How do ISO Standard clauses interconnect?

· How does this apply to Quality Management?

Resources

· Isologyhub

In this episode, we talk about:

[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.

[02:05] Episode summary: Ian will be discussing the interconnectedness of clauses, which basically just means explaining the key links between the clauses and how that applies to your management system.

[02:40] High level structure – 10 years ago, Annex SL was introduced to create a common framework for ISO Standards. Today, Ian will focus on ISO 9001 as that really is the grandfather of all Management System Standards. ISO 9001 includes elements which are applied to most commonly adopted ISO Standards, and sets the scene in terms of how the clauses link together.

[03:20] Why are ISO Standards structured this way? – On their surface, ISO Standards can seem very repetitive in the way that they’re written, but there is a good reason for that.

There are all based around the Plan-Do-Check-Act cycle.

[04:10] What is the Plan Do Check Act cycle? – This is a simple process that all Management System Standards adhere to.

So you start with a ‘Plan’ to establish objectives, the resources which you need to deliver results, you identify risks and opportunities. From that point you fulfil the ‘Do’ part through Implementation and using the Management System.

From there you ‘Check’ so you monitor against the policies, objectives and any other requirements. Basically monitor against what you said you'd do and then you ‘Act’ if you find anything that needs to change, you make that change and you improve as an organisation and you improve that management system.

[05:00] A logical path – Management System Standards are designed in such a way that they flow from one clause to the other. One cannot exist without the other.

[05:20] How does Clause 4 Context of the Organisation link with Clause 6 Planning? – As clause 4 Context of the Organisation states:

‘external and internal issues relevant to your purpose and strategic direction…

…and that affect your ability to achieve intended results’

The scope of your management system depends entirely on this.

The world in which you operate - what you buy, the people you employ, what you make, who you sell to, the laws you follow…

Clause 4 also requires us to identify all interested parties (which we’ll address later!).

With careful planning, you can align documentation you develop for one clause with other clauses.

Clause 4 doesn’t tell us how we should work out our context, but it provides some very good clues

· NOTE 1 Issues can include positive and negative factors

· NOTE 2 Understand the external context by considering issues arising from legal, technological, competitive, market, cultural, social and economic environments

So they’re not saying how to do it, but they’ve said what you can consider

This sounds a lot like a traditional SWOT/PESTLE analysis…

If we skip to Clause 6, Planning, the first thing we must do when we plan is to identify actions to address risks and opps

A SWOT will mean you’ve covered these elements, consider the following =

· Weakness = Risk

· Threat = Risk

· Opportunity = Opportunity

We can similarly view the PESTLE in the same light.

So you can see that with careful planning, as mentioned you can align documentation for one clause with other clauses.

[10:00] How does Clause 6 link with Clause 7 & 8? – Skipping from Clause 6.1

If you’ve identified what might go wrong (aka - risk), you need to plan to ensure it doesn’t happen again. That may involve a single improvement action, which is linked to clause 10 (funnily enough, Improvement)

It may be that you need something bigger, involving many steps, over a period of time, say an objective (clause 6.2)?

So, the planning of objectives links directly to the context of the organisation, the world in which you operate. It may be that you need an operational control to mitigate risk, a process or procedure that helps to manage the situation as a business as usual situation (clause 7 documented info and clause 8, operation)

So the planning of processes and procedures links directly to the context of the organisation, the world in which you operate. In all these circumstances, it’s the same for opportunities, except you’re putting in place measures to take advantage of the opportunities.

[13:05] Join the isologyhub and get access to limitless ISO resources – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo.

[15:10] Clause 7 Support and related links – Moving through the standard, clause 7.4 relates to Communications.

You need to determine internal and external communications relevant to the QMS (for 9001). In clause 4, you would have looked at interested parties (i.e. stakeholders). You need to determine who affects the way in which you operate and what they need/expect from you. Parties to consider include:

· Customers

· Employees

· Shareholders

· Suppliers

· Regulators

· Neighbours

· Media

So, by Clause 7 you will have already identified who’s interested and what interests them, so it’s only a small step to add to this the communications plan. ISO 9001 doesn’t ask for one specifically, but it’s a good way to fulfil the requirements of clause 7.3.

Clause 7 also mentions Monitoring and measuring resources (7.1.5). This is a very brief clause, but central to establishing the means for demonstrating performance.

We need reliable results when monitoring or measuring is used to verify the conformity of products and services to requirements, i.e. do we do what we say we do?

Clause 7.5 requires us to document how we do things. Again it’s very brief in its requirements (leaves it up to you to decide), but clause 8 is all about operation – which is the way you do things.

It’s much more specific about understanding what the customer wants, designing it correctly, controlling changes, making it, delivery and addressing issues.

This is what you measure: 7.1.5 requires you to ensure you can measure, 7.5 requires you to document how you do things, 8 requires you to do things according to the way you’ve said you will.

[20:10] Clause 9 Performance Evaluation and related links – Moving onto Clause 9, Performance Evaluation, again risk appears. We’ve already assessed risk right at the start, now we evaluate whether we’ve successfully controlled risk.

We decide what to audit based on the level of risk attached to certain controls (policies, procedures, processes…). We’ve set objectives based on risks and opportunities and now we must measure performance.

We’ve put in place operational controls to mitigate risk (clause 8) and now we measure whether those controls work.

[21:30] Clause 10 Improvement and related links – This one is fairly self-evident. If something goes wrong, find out why and put it right and make sure it doesn’t happen again. Look at your system and continually improve based on your evaluations in Clause 9.

If you’d like to book a demo for the isologyhub, simply contact us and we’d be happy to give you a tour.

We’d love to hear your views and comments about the ISO Show, here’s how:

● Share the ISO Show on Twitter or Linkedin

● Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List