Resources

What are (The International Organization for Standardization) (ISO) standards?


Using the standards aids in the creation of products and services that are safe, reliable and of good quality. The standards help businesses increase productivity while minimizing error and waste. By enabling products from different markets to be directly compared, they facilitate companies entering new markets and assist in the development of global trade on a fair basis. The standards also serve to safeguard consumers and end-users of products and services, ensuring that certified products conform to the minimum standards set internationally. ISO is based upon the Deming Plan-Do-Check-Act cycle.

This is a model for improvement that is sustained, rather than just a one-time quick fix, and it is for this reason that it is applied to all ISO standards. The ISO standards have, as a main goal, continual improvement within all their Management Systems.


How is Plan-Do-Check-Act (PDCA) defined in the ISO 9001 Standard Requirements?


In the introduction to ISO 9001, there is an explanation of the Process Approach and how critical it is to implementing a Quality Management System that is compliant with ISO 9001 requirements. In addition,, there is a note about the PDCA methodology application for all processes. It shows an overview of how the standard requirements fit within a PDCA cycle. Following is a description of the cycle of improvement within the QMS (with the ISO 9001 clause numbers in brackets).

Plan – Planning is one of the biggest parts of Quality Management Systems (QMS) and starts with understanding the context of the organization and the needs of parties interested in the QMS (4.1 & 4.2), which is then used to define the scope of the QMS and the QMS processes (4.3 & 4.4). This is followed by the commitment of leadership in the company to drive the organization to a customer focus by defining the organizational roles and responsibilities and by establishing a quality policy to give the overall QMS a focus (5.1, 5.2 & 5.3). The next level of planning is to identify and address risks and opportunities of the QMS, including setting and planning for quality objectives and changes to support continual improvement (6.1, 6.2 & 6.3). The final level of planning is to identify and implement the support structure to allow you to carry out your plans. This includes resources (7.1), identifying competence (7.2), awareness (7.3), communication (7.4) and to set the processes for creation and control of documented information (7.5).

Do - Planning is useless unless the plan is carried out. Controls need to be identified for the QMS operations, product or service requirements need to be identified (8.2), designs developed (8.3), controls placed on externally provided processes, products and services (8.4). The process of producing the product or service needs to be carried out with control of product and service release (8.5 & 8.6), any non-conforming products or services need to be addressed (8.7). In short, the activities of creating and providing products or services to the customers’ needs to be done.

Check – There are several requirements in the standard to check the processes of the QMS to ensure they are functioning properly and as planned. There is a need to monitor, measure, analyze and evaluate the products or services to ensure they meet requirements, the processes used are adequate and effective, and customer satisfaction is being met (9.1). Internal Audit (9.2) of the processes is key to assessing the effectiveness of the system. Further is the Management Review process (9.3), which reviews and assesses all the monitored data to make changes and plans to address the issues.

Act – Action involves the actions needed to address any issues found in the check step. “Improvement” (10.1 & 10.3) is the overall heading for these action steps (10.1). The first step to improving the system is addressing nonconformity and Corrective Actions (10.2) to eliminate the causes of actual or potential nonconformities.

Plan – As stated, this cycle starts again to ensure there are plans in place for further improvement. Findings during the Internal Audit in the “Check” phase may have led to corrective actions from the “Act” phase, which in turn will require changes in planning to meet the updated requirements in the “Do” phase. The Management Review looks at the outcomes of Internal Audit, Corrective Actions and outputs resource plans to support any changes. Resources are assessed and increased, decreased or re-assigned as the business needs dictate. This leads into another cycle of PDCA.

An example: Your company planned to reduce scrap by 5% by making certain changes to a process. The changes were made and the process ran. Checking showed that you reduced the amount of scrap by 3%, and you acted to make further changes to improve. A planning step for this process might be to make changes to reduce the scrap by an additional 4% in the following year.


Why should Organizations, Charities, Trusts, Foundations or Business’s become ISO certified?


Do you run a charity? Are you responsible for raising its profile, attracting supporters and recruiting employees or volunteers? Then you should consider our ISO certification for charities service.

Gaining ISO certification is the clearest way of demonstrating your commitment to running a safe, efficient and responsible organization. The ISO standards can help you reduce your environmental impact, improve health and safety, strengthen information security and deliver effective business continuity management.

Whether your charity opts for the ISO 9001 Quality Management standard or one of the many other standards, it will benefit from improved management processes. By improving your internal processes, you can reduce costs and use your funding more efficiently, so delivering maximum value to your frontline services.


How will ISO assist your Organizations, Charity, Trust, Foundation or Business? An example:


“NewCo” is a organization supporting homeless, vulnerable and isolated people in Alaska. At risk are children, young people and aging adults with support around housing, education and employment, and their mental health and wellbeing. Solutions need to be created for housing, waste management (garbage, sewage, and human waste treatment), electricity and reliable sources of potable water. 

To satisfy the requirements of many of their locations, governing bodies, and/or countries, NewCo was advised they needed to show their commitment to giving reliable charity services. After evaluation by the Board of Directors it was decided that the only true international solution was that the organization must be certified to several ISO standards; ISO 9001, ISO 14001, ISO/IEC 20000-1, ISO/IEC 27001, and ISO 45001. These standards provided Information Security, policy, objectives, risk management, document organization, tracking, environmental, health and safety processes to ensure the effectiveness of their efforts. 

The board adopted a program that allowed for them to address the 5 major risk and opportunity areas that they identified within their research. NewCo was able to incorporate a customized rollout schedule, implementing and certifying the five identified ISO management systems on their budget-based time-frame. This implementation process assisted the cash flow, ease of education, incorporated the desired culture and maintained a consistent and steady implementation process that incorporated the simplest ISO program to the most complex program. The 5 programs they choose were: 

· ISO 9001:2015 (Quality Management)

· ISO 14001:2015 (Environmental)

· ISO/IEC 20000-1:2018 (IT Services)

· ISO/IEC 27001:2013 (Information Security)

· ISO 45001:2018 (Health and Safety)

·

NOTE: Not all organizations require all five ISO standards. 


RISK and OPPORTUNITY

The most recent releases of the ISO standards have incorporated Risk and Opportunity requirements.

Risk management is the identification, evaluation, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives) followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.

Several risk management Standards have been developed including the Project Management Institute, the National Institute of Standards and Technology, actuarial societies, and ISO standards.

Strategies to manage threats (uncertainties with negative consequences) typically include avoiding the threat, reducing the negative effect or probability of the threat, transferring all or part of the threat to another party, and even retaining some or all the potential or actual consequences of a particular threat, and the opposites for opportunities (uncertain future states with benefits).

Types of risk?

Negative and Positive Risks. An opportunity with a positive outcome may be considered a positive risk.

Although the range of risks a business can face is wide, some common examples are:

Strategic risk

Continuity risk

Financial risk

Operational risk 

Information security risk 

HR risks 

Compliance risks 

Catastrophic      


Display real testimonials

Are your customers raving about you on social media? Share their great stories to help turn potential customers into loyal ones.

How is Plan-Do-Check-Act (PDCA) defined in the ISO 9001 Standard Requirements?


In the introduction to ISO 9001, there is an explanation of the Process Approach and how critical it is to implementing a Quality Management System that is compliant with ISO 9001 requirements. In addition,, there is a note about the PDCA methodology application for all processes. It shows an overview of how the standard requirements fit within a PDCA cycle. Following is a description of the cycle of improvement within the QMS (with the ISO 9001 clause numbers in brackets).

Plan – Planning is one of the biggest parts of Quality Management Systems (QMS) and starts with understanding the context of the organization and the needs of parties interested in the QMS (4.1 & 4.2), which is then used to define the scope of the QMS and the QMS processes (4.3 & 4.4). This is followed by the commitment of leadership in the company to drive the organization to a customer focus by defining the organizational roles and responsibilities and by establishing a quality policy to give the overall QMS a focus (5.1, 5.2 & 5.3). The next level of planning is to identify and address risks and opportunities of the QMS, including setting and planning for quality objectives and changes to support continual improvement (6.1, 6.2 & 6.3). The final level of planning is to identify and implement the support structure to allow you to carry out your plans. This includes resources (7.1), identifying competence (7.2), awareness (7.3), communication (7.4) and to set the processes for creation and control of documented information (7.5).

Do - Planning is useless unless the plan is carried out. Controls need to be identified for the QMS operations, product or service requirements need to be identified (8.2), designs developed (8.3), controls placed on externally provided processes, products and services (8.4). The process of producing the product or service needs to be carried out with control of product and service release (8.5 & 8.6), any non-conforming products or services need to be addressed (8.7). In short, the activities of creating and providing products or services to the customers’ needs to be done.

Check – There are several requirements in the standard to check the processes of the QMS to ensure they are functioning properly and as planned. There is a need to monitor, measure, analyze and evaluate the products or services to ensure they meet requirements, the processes used are adequate and effective, and customer satisfaction is being met (9.1). Internal Audit (9.2) of the processes is key to assessing the effectiveness of the system. Further is the Management Review process (9.3), which reviews and assesses all the monitored data to make changes and plans to address the issues.

Act – Action involves the actions needed to address any issues found in the check step. “Improvement” (10.1 & 10.3) is the overall heading for these action steps (10.1). The first step to improving the system is addressing nonconformity and Corrective Actions (10.2) to eliminate the causes of actual or potential nonconformities.

Plan – As stated, this cycle starts again to ensure there are plans in place for further improvement. Findings during the Internal Audit in the “Check” phase may have led to corrective actions from the “Act” phase, which in turn will require changes in planning to meet the updated requirements in the “Do” phase. The Management Review looks at the outcomes of Internal Audit, Corrective Actions and outputs resource plans to support any changes. Resources are assessed and increased, decreased or re-assigned as the business needs dictate. This leads into another cycle of PDCA.

An example: Your company planned to reduce scrap by 5% by making certain changes to a process. The changes were made and the process ran. Checking showed that you reduced the amount of scrap by 3%, and you acted to make further changes to improve. A planning step for this process might be to make changes to reduce the scrap by an additional 4% in the following year.