Mangement System

The ISO 9001 standard provides guidance and tools for organisations that want to ensure their products and services consistently meet customer requirements while enabling continual improvement.

Advantages

1. Creates a more efficient, effective operation
2. Increases customer satisfaction and retention
3. Reduces audits (when processes are well controlled)
4. Enhances marketing opportunities
5. Improves employee motivation, awareness and morale
6. Promotes international trade
7. Increases profit potential
8. Reduces waste and increases productivity
9. Provides a common tool for standardization

The ISO 14000 family addresses aspects of environmental management and gives practical tools for organisations to identify and control their environmental impact, and to improve performance continually.

Requirement of ISO 14001 — 17 elements

1. An environmental policy supported by senior management;
2. The identification of environmental aspects and impacts, and the identification of significant environmental impacts that the organization may cause;
3. Identification of environmental compliance requirements;
4. The development of objectives and targets, and their environmental management programs;
5. Defined resources, roles, responsibilities and authorities for environmental management;
6. The development of competence, training and awareness procedures;
7. A communication process of the EMS to all stakeholders and interested parties;
8. The development of EMS documentation as required by the standard;
9. The development of document control procedures;
10. The development of operational control procedures;
11. The development of emergency preparedness and response procedures;
12. The development of procedures to monitor and measure operations that can have significant impact to the environment;
13. An evaluation of compliance procedure;
14. Procedures developed for the management of non-conformance, corrective and preventative actions;
15. The development of a records management procedure;
16. A program for completing internal EMS audits and corrective actions; and
17. The development of procedures for management review by senior management.

Advantages

• Reduced cost of waste management
• Savings in consumption of energy and materials
• Lower distribution costs
• Improved corporate image among regulators, customers and the public

ISO 45001 (and the earlier OHSAS 18001) define occupational health & safety management systems to protect employees and stakeholders. Adoption should be a strategic decision and implementation time depends on several factors.

Factors affecting design & implementation

• Willingness to implement, maintain & continually improve OHS management system & policy
• Organizational environment & occupational risks associated
• Products or services the organization handles
• The process adopted
• Size & organizational structure
• Applicable legal & regulatory requirements

Benefits

• Helps reduce accidents and disturbance in production
• Focuses on employee safety
• Improves legal & regulatory compliance
• Minimises administrative cost
• Improves brand building and attraction of good manpower
• Potential reduction in insurance costs (public liability and others)
• Demonstrates a forward-thinking approach

ISO 45001/OHSAS 18001 certification services are often offered alongside ISO 9001 and ISO 14001 to provide integrated management system benefits.

ISO 13485 specifies requirements for a comprehensive quality management system for the design and manufacture of medical devices. It supersedes earlier standards and is tailored to industry expectations and regulatory requirements. Organizations do not need to be actively manufacturing devices to seek certification to this standard.

ISO/IEC 27001 specifies requirements for establishing, implementing, maintaining and continually improving an information security management system in the context of the organization. It includes requirements for the assessment and treatment of information security risks tailored to organisational needs.

Core domains

1. Security policy — management direction
2. Organization of information security — governance of information security
3. Asset management — inventory and classification of information assets
4. Human resources security — security aspects for employees joining, moving and leaving
5. Physical and environmental security — protection of computer facilities
6. Communications and operations management — management of technical security controls
7. Access control — restriction of access rights
8. Information systems acquisition, development and maintenance — building security into applications
9. Information security incident management — anticipating and responding to incidents
10. Business continuity management — protecting and recovering business-critical processes
11. Compliance — conformance with information security policies, standards, laws and regulations

ISO 28000 focuses on security within the supply chain, helping organisations standardise security measures and demonstrate resilience. It provides a framework for managing security risks across the supply chain and interfaces.

Note: The original reference material also included text related to standardisation in shipbuilding and marine equipment; when applying ISO 28000, ensure you reference the correct sector-specific standards if your operations include maritime elements.

Benefits

• Integrated enterprise resilience
• Systematized management practices
• Enhanced credibility and brand recognition
• Aligned terminology and conceptual usage
• Improved supply chain performance
• Benchmarking against internationally-recognised criteria
• Stronger compliance processes

The CE mark is a symbol affixed by a manufacturer to a product to declare conformity with applicable European health, safety, performance and environmental requirements. It is mandatory for products covered by relevant EU directives and enables free movement in the European Single Market.

What is a directive?

A directive is an EU legislative act requiring member states to adapt national laws to meet harmonised results within an area. For example, the Electromagnetic Compatibility (EMC) Directive limits emissions and regulates immunity of equipment to interference so that devices operate without disturbing other equipment.

Examples of directives (historical list)

• 73/23/EEC — Low voltage
• 87/404/EEC — Simple pressure vessels
• 88/378/EEC — Safety of toys
• 89/336/EEC — Electromagnetic compatibility
• 89/686/EEC — Personal protective equipment
• 90/384/EEC — Non-automatic weighing instruments
• 90/385/EEC — Active implantable medical devices
• 90/396/EEC — Appliances burning gaseous fuels
• 93/15/EEC — Explosives for civil uses
• 93/42/EEC — Medical devices
• 94/9/EC — Equipment for potentially explosive atmospheres
• 94/25/EC — Recreational craft
• 95/16/EC — Lifts
• 96/48/EC — Interoperability of Trans-European high-speed rail
• 97/23/EC — Pressure equipment
• 98/37/EC — Machinery
• 98/79/EC — In vitro diagnostic medical devices
• 99/5/EC — Radio and telecommunications terminal equipment
• 89/106/EEC — Construction products
• 88/378/EEC — Hot water boilers fired with liquid or gaseous fuels
• 2000/9/EC — Cableway installations

CE mark benefits

• Indicates legal saleability within EU & EFTA countries
• Ensures free movement across the European Single Market
• Signals to customers that the product meets designated safety standards
• Promotes public health and safety and enhances product credibility
• Can lead to improved sales and greater customer satisfaction

RoHS restricts the placement on the EU market of new electrical and electronic equipment containing more than agreed levels of certain hazardous substances: lead, cadmium, mercury, hexavalent chromium, polybrominated biphenyls (PBB) and polybrominated diphenyl ethers (PBDE). It is closely linked with the Waste Electrical and Electronic Equipment Directive (WEEE), which sets targets for collection, recycling and recovery.

Manufacturers must understand RoHS requirements to ensure compliance of their products and components. The RoHS Directive and the UK RoHS regulations came into force on 1 July 2006.

RoHS benefits

• Assurance of product quality and reduced hazardous waste
• Better environmental performance and safer end-of-life handling

How can TSI help? TSI provides guidance on CE marking, RoHS certification, product certification, and quality management certification services to help companies achieve compliance.

HACCP is a risk-based approach to food safety that can be used by any organisation involved in the food chain or the pharmaceutical industry.

Who is HACCP applicable to?

• Farms, fisheries and dairies
• Processors of meats, fish and feed
• Manufacturers of bread, cereals, beverages, canned and frozen food
• Food service providers such as restaurants, hospitals, hotels and mobile caterers
• Manufacturers of prescription and non-prescription drugs and remedies

Immediate benefits of HACCP approval

• Improved food safety and increased awareness of food risks
• Greater product and raw ingredient traceability
• Increased buyer and consumer confidence
• Consistency in inspection criteria and internal review of processes
• Supports leadership through targeted resource allocation to safety-critical elements
• Compliance with food law
• Reduced complaints and risk of negative publicity
• Improved responsiveness to problems via corrective actions

Halal means ‘permitted’ or ‘lawful’ in Islamic Sharia law. Halal certification confirms that food and products comply with Islamic ritual and observance requirements.

What is Halal certification?

Halal certification is issued by an authorised certifying body after assessment. The certificate assures consumers that nothing in the product contains forbidden components according to Sharia.

Benefits of Halal certification

• Access to a global Halal market of approximately 2 billion people
• An authoritative logo that supports Halal claims
• Increased marketability in Muslim-majority countries
• Potentially large revenue growth compared to small certification costs
• Improves food hygiene systems and aligns with global standards

ISO 50001 specifies requirements for establishing, implementing, maintaining and improving an energy management system (EnMS) to enable continual improvement of energy performance, including energy efficiency, use and consumption.

ISO 22000 specifies requirements for a food safety management system where an organisation in the food chain must demonstrate its ability to control food safety hazards to ensure food is safe at the time of consumption.

Objectives

• Plan, implement, operate, maintain and update a food safety management system
• Demonstrate compliance with statutory and regulatory food safety requirements
• Evaluate customer requirements and demonstrate conformity to mutually agreed requirements
• Effectively communicate food safety issues to suppliers, customers and interested parties
• Seek certification, self-assessment or self-declaration of conformity

ISO/TS 29001 defines the quality management system requirements for product and service supply organisations in the petroleum, petrochemical and natural gas industries.

ISO/TS 16949 applies to sites where customer-specified parts for production and/or service are manufactured within the automotive supply chain.

GMP are practices required to ensure that products are consistently produced and controlled according to quality standards. Many countries require pharmaceutical and medical device companies to follow GMP procedures.

Core principles

1. Manufacturing processes are clearly defined and controlled; critical processes are validated to ensure consistency and compliance.
2. Any changes to processes are evaluated; changes impacting quality are validated.
3. Instructions and procedures are written in clear, unambiguous language (good documentation practices).
4. Operators are trained to carry out and document procedures.
5. Records are made during manufacture demonstrating that required steps were taken and quality was as expected; deviations are investigated and documented.
6. Batch history records are retained and comprehensible to enable traceability.
7. Distribution systems minimise risks to product quality.
8. A recall system exists to remove any batch from sale or supply if required.
9. Complaints are examined, causes of defects investigated, and corrective measures taken to prevent recurrence.

ISO 15378 specifies requirements for a quality management system where an organisation must demonstrate the ability to provide primary packaging materials for medicinal products that consistently meet customer, regulatory and international standard requirements. It is an application of ISO 9001 principles with reference to GMP.

ISO 10002 provides guidance on complaints handling processes related to products, aiming to enhance customer satisfaction and provide a consistent, open and effective complaints process.

Key aspects covered

• Top management involvement and allocation of resources
• Recognising and addressing complainants' needs and expectations
• Providing an open, effective and easy-to-use complaints process
• Analysing complaints to improve products and services
• Auditing the complaints-handling process
• Reviewing effectiveness and efficiency of the process

ISO 10002 is not intended to alter statutory rights or obligations and is suitable for organisations of all sizes and sectors. Annex A provides guidance specifically for small businesses.

ISO 30000 specifies requirements for a management system enabling ship recycling facilities to develop and implement procedures, policies and objectives to undertake safe and environmentally sound ship recycling operations. The standard considers relevant legal requirements and safety standards.

Applicability

It helps facilities demonstrate conformity either by self-declaration or by external confirmation and is suitable for certification/registration purposes.

SA 8000 is a social accountability standard applicable to companies of any size that wish to address social and ethical aspects of business. It is the first auditable standard in this field and is based on ISO 9001 structure, ILO conventions, the Universal Declaration of Human Rights and the UN Convention on the Rights of the Child.

The standard helps organisations demonstrate provisions for protection of workers' rights and ethical production.