ISO 9001 is a Quality Management System (QMS) which gives organisations a systematic approach for meeting customer objectives. ISO 14001 is an Environmental Management System (EMS) which provides a framework for measuring and improving an organisation’s environmental impact.

ISO 45001 is an Occupational Health and Safety Management System (OHSMS) which requires organisations to protect workers from injury and ill-health and provide a safe workplace. ISO 45001 replaces OHSAS 18001 which will be phased out by March 2021.

Together they can be combined into an integrated management system, using the ISO Annex SL high level structure. This provides a common framework, so that each clause of each standard uses the same process.

PRODUCT TO HELP

Why should management systems be integrated? Integrated Management Systems allow organisations to conduct integrated audits and assessments, as well as optimise processes and resources. When these systems are integrated it can help reduce the resources it takes to plan, implement, measure and control activities. It eliminates the amount of time interruption and therefore reduce costs.

PRODUCT TO HELP

Implementing an integrated management system in nine steps using the mandated plan do check act process

Step 1: Plan – Awareness and training: top management included
Step 2: Plan – Policy and objectives: include control of supply chain, procurement
Step 3: Plan – Internal gap analysis: thorough PESTEL analysis
Step 4: Plan – Documentation and process design
Step 5: Do – Documentation and process implementation
Step 6: Check – Internal audit
Step 7: Check – Management review of management system performance: hold regular reviews
Step 8: Check – Identify non-achievements and areas for continual improvement
Step 9: Act – Define new objectives

PRODUCT TO HELP

What is Annex SL in relation to ISO 9001, 14001, 45001. It is the document that defines the high-level structure for all ISO
management systems standards. Annex SL is designed to better facilitate the use of
integrated management systems, providing organisations with the tools they need to
streamline current protocol, encourage standardisation and transform existing
management systems into an integrated model.
The common structure, Annex SL, has been introduced in the latest ISO 9001, 14001 and 45001
standard (the replacement of OHSAS 18001). This will make the standards compatible and
enable more effective integration. Aside from the other benefits of consolidation, adopting
integrated management systems now will ease the transition into this model.

PRODUCT TO HELP

What is a gap analysis for ISO 9001, 14001, 45001? A gap analysis involves the comparison of actual performance with potential or desired performance. If an organisation does not make the best use of current resources, or forgoes investment in capital or technology, it may produce or perform below an idealised potential. The reason to perform to ISO 9001, 14001 or 45001 is that these are now the benchmark performance expectations that Global good governance expects. So to establish current performance, use the Standards’ requirements to define the expected performance.  Against each clause rate your own organisation either yes or no, or better still use the plan do check act (PDCA) scale so you can better understand how much further improvement is required to reach the compliance level. For these standards that level will be if you have reached the check step.  In other words your performance is being checked and any continual improvement actions identified in the management review. That will provide a gap analysis for ISO 9001 14001 45001 and provide the basis for an action plan for implementation of an integrated management standard.

PRODUCTS TO HELP: ONLINE or HARDCOPY

What is IMS documented information for an integrated management system? The Standards’ ISO 9001 14001 45001 require evidence of performance for critical elements of the system. You have to show the evidence in the form of documented information. The definition of IMS documented information is that it “can be from any source or in any media”.

In other words digital information is acceptable, for instance cell phone photographs, audio recordings or emails. Also you can provide traditional hard copy documents, records or photographs. There are specific clauses requiring (mandatory) documented information as below:

4.3 Scope of the management system
5.2 Policies
5.3 Organisational roles, responsibilities, accountabilities and authorities
6.1.1 Risks and opportunities and the processes needed to address
6.1.2. Methodologies and criteria for the assessment of environmental aspects & OH&S risks
6.1.3 Applicable legal requirements and other requirements
6.2.2 Objectives and plans to achieve them
7.1.5.1 Monitoring and measuring equipment calibration records
7.2 Evidence of competence, records of training, skills qualifications
7.4 Evidence of relevant communication
7.5.1 Documented information required by this standard and that determined by the organisation
7.5.3 Documented information of external origin determined by the organisation
8.1.1 Processes to meet requirements have been actioned
8.2 Process and plans for responding to potential emergency situations
8.2.3.2 Product/service requirements review record
8.3 Records of design and development
8.4.1 Criteria for evaluation and selection of suppliers
8.5.3 Records about customer property
8.5.6 Production/service provision change control records
8.6 Record of conformity of product/service with acceptance criteria
8.7.2 Record of nonconforming outputs
9.1.1 Evidence of monitoring, measurement, analysis and evaluation results and calibrating equipment
9.1.2 Evidence of compliance with legal and other requirements results
9.2.2 Evidence of the implementation of the audit programme and the audit results
9.3 Evidence of the results of the management reviews
10.1 Results of corrective actions
10.2 Information on incidents or nonconformities and the results of any
corrective action taken including their effectiveness
10.3 Evidence of the results of continual improvement

These are a combination of the mandated documents for ISOs 9001, 14001, 45001

PRODUCT TO HELP

An integrated management system for ISO 9001, 14001, 45001 consists of a manual with policies, processes, report forms, audits, including checklists, management review and continual improvement information.  Our tools provide all the documented information required for verification, certification or registration.  They are a complete tool kit.

PRODUCT TO HELP

The hierarchy of controls is intended to provide a systematic approach to enhance occupational health and safety, eliminate hazards, and reduce or control OH&S risks. Each control is considered less effective than the one before it. It is usual to combine several controls in order to succeed in reducing the OH&S risks to a level that is as low as reasonably practicable.

1. Elimination: Redesign the job or substitute a substance so that the hazard is removed
   or eliminated, e.g. avoid working at height, by pre fabricating at ground level.
2. Substitution: Replace the material or process with a less hazardous one, e.g. use water based products rather than solvents.
3. Engineering controls: Use work equipment to prevent falls where you cannot
   avoid working at height. Install or use additional machinery such as local
   exhaust ventilation to control risks from dust or fume. Separate the hazard
   from operators by methods such as enclosing or guarding dangerous items
   of machinery/equipment. Give priority to measures which protect
   collectively over individual measures.
4. Administrative controls: Identify and implement procedures, e.g. safe systems of work, permits to work. Or, e.g. reducing the time workers are exposed to
   hazards (eg by job rotation); increasing safety signage, and performing risk assessments.
5. Personal protective equipment: Only rely on PPE after all the previous measures have been tried and found ineffective in
   controlling risks, e.g. where you cannot eliminate the risk of a fall use a harness to minimise the
   distance and consequences of a fall

PRODUCTS TO HELP: Guide to ISO 45001 or our IMS Manual with guidance

Read more Hierarchy of controls on wiki

Internal Audits

An integrated internal audit can take place when a client has the requirements of three or more management standards in a single system, and is being audited against more than one standard.  Audit objectives will include: determining the extent of conformity of the system, evaluation of the capability of the processes; an assessment of the effectiveness of the system in meeting specified goals and identification of areas for potential improvement.

We provide a comprehensive formatted internal audit system which simplifies the process enabling you to collect and collate audit evidence and present it to top management.
The questions (500+) in the audit checklist tool are aligned to the clauses of the Standards.  This allows internal and third party auditors to evaluate compliance to the three sets of requirements in an efficient manner. A detailed 94 page guide is also included.

Certification Audits

The external certification audits consist of a programme of an initial two-stage audit, surveillance audits in the first and second years, and a recertification audit in the third year prior to expiration of certification. The three year cycle begins with the certification or recertification decision. The determination of the audit programme and any subsequent adjustments will consider the size of the clients organization, the scope and complexity of its management system, products and processes as well as demonstrated level of management system effectiveness and the results of any previous audits.

PRODUCT TO HELP