The New ISO Standards: What Can They Bring to Your Business?

Greg Elwell

Greg Elwell

Organisations and their leaders are facing change at an unprecedented speed as digital technology and increasing globalisation continues to impact businesses. The new ISO Standards are a response to these forces, allowing organisations to continue to add value, while also helping them to face the future. Here, Greg Elwell neatly summarises what the transition to new and updated ISO Standards means and goes on to outline the benefits certification can realise for today’s businesses. 

One overall change, for example, is that ISO 9001:2015 now follows the same overall structure as other ISO Management System Standards (known as the High-Level Structure), making it easier to integrate multiple management systems going forward. 

The changes in the new ISO Standards focus around three main areas: context of the organisation, leadership and risk management. In addition to these, continual improvement remains a key element of the certification process. These areas present opportunities for positive change through re-certification to the new ISO Sandards.

 Context of the organisation

The updated ISO Standards place new emphasis on an organisation’s specific context. Companies need to abandon the old precept of prioritising only product, employees and process and rethink the unique context of their activities in association with the needs and demands of a wider set of interested parties.

This can be achieved through an examination of the business environment, the current market, competitors, new technologies, prices, perceived quality and user trends, all of which are necessary to remain competitive.

By focusing on process rather than procedure, the new ISO Standards afford organisations more freedom to show how they control their risks and impact stakeholders.

Leadership

Now, the ISO Standards favour approaching change in a planned and systematic way by taking into account potential consequences, the integrity of the management system and the availability of resources or allocation of responsibilities.

A new specific requirement is embedded leadership – the concept that continuous improvement needs to be backed and led by top management, with employees now also fully understanding and taking ownership for their roles.

The level of involvement by the CEO, the Board of Directors and managers in certification, as favoured by the new ISO Standards, is ultimately designed to have a positive effect on customer satisfaction.

Risk management

There are a wide range of risks concerning an organisation’s leadership today, including inadequate infrastructure and energy costs, access to key skills, staff retention, avoiding the loss of know-how and social instability.

The new ISO Standards reflect the view that risks can be seen as opportunities or threats, as well as being part of the internal culture of prevention and improvement. They provide a guide to organisations to establish a strategy to eliminate the risks seen as threats through options for addressing risk, which include the avoidance of risk, eliminating risk, hedging the likelihood or consequences of risk or acceptance of risk by informed decision.

One strong driver for certification is managing the risks to suppliers and other interested parties for companies involved in exporting overseas. It’s a challenge to produce the same products in different countries, and certification can provide reassurance in this context. Similarly, businesses entering new sectors or sub-sectors as they look to grow can use certification to manage risk and provide security.

Continual improvement

Reviewing the ISO Standards is a good way for an organisation to identify new opportunities for continual improvement and for managing risk adequately. Key to this is re-evaluating the business and seeing the overall certification process as a guarantor of quality, not just final certification. As an organisation changes, certification needs to both accompany and accommodate this change.

Organisations that match their strategy with an improved Management System will be well placed to gain new opportunities. By revising standards and using updated standards to pursue the path of continual improvement, organisations can ensure that they remain competitive in the long term.

Timings to be observed

The new ISO 9001 was launched in September 2015, which means businesses have until September 2018 to transition from ISO 9001:2008 to the new ISO 9001:2015 if they wish to maintain their certification.

Since these revisions are classed as new versions of the ISO Standard, businesses will need to ensure that a new contract has been put in place with their certification body.

At a time of accelerated disruption, combined with a shift in the expectations of customers and other interested parties, re-certification to the updated ISO Standards is a lever which can help organisations to achieve improved customer satisfaction, engage a broader risk management approach and reflect the ever-increasing demands for accountability.

Greg Elwell is Certification UK Technical Manager at Bureau Veritas

*Bureau Veritas has developed a bespoke White Paper entitled ‘How Transition to the New ISO Standards Adds Value to Your Organisation’. Copies can be downloaded at: http://www.bureauveritas.co.uk/white-papers/iso-white-paper

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014.

Related Posts