When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.
Certifying your organization to an ISO management system can be an involved task, no matter whether you take the route of outsourced consultancy, a toolkit, or the do-it-yourself method. The process involves creating new procedures and policies, management reviews, internal audits and of course the certification itself. The time and money spent to implement the management system can sometimes be wasted as once certified it doesn’t get used as a working system.
Here we look at the main reasons why ISO management systems fail and ways to prevent this from happening.
A management system is only as good as the people using it. If senior management do not use staff to their full advantage, or don’t know what to expect from them, the system is doomed to fail. If staff are not aware of their responsibilities and inputs to the management system again it is on the road to failure.
Any system must be driven, policed and more importantly embedded! Miss any of these three aspects and the system will just stop. Commitment across the whole business, from top to bottom is crucial for success.
We’d advise that all staff be involved during implementation so they can understand what it is all about, use their knowledge to craft their procedures and feel part of the process. During embedment the system must be tested, developed, tweaked, and accepted by staff as a core part of their roles.
Implementation and more importantly embedment are the foundations that should mould the system to the business. Many businesses think that getting all the documentation in place within a week, a month or six weeks is enough to gain certification for some management systems. And, if the certification body decide to overlook the required amount of evidence to prove the system is being used fully, then a certificate will be issued. However, the system will likely fail the next audit as it hasn’t been embedded properly, it isn’t second nature – it is a task that can be easily forgotten about.
Regular health checks of the management system are crucial. Internal audits not only check that employees are following Standard Operating Procedures (SOPs), but also highlight areas for improvement. The whole system should be looked at on a regular basis too. We’d recommend management review meetings every 6 to 12 months and these should look at the bigger aspect, involving each department to identify any issues or opportunities for improvement.
So, for those thinking of certifying to an ISO management system, or those businesses that already have one in place but the system is not working, here are more reasons why they fail to look out for:
Identifying the reason(s) your management system is failing is the first step to improvement. A management system that is fully implemented and embedded into a business will give the business all the benefits and confidence it is designed to do, and will make it worth the time and money spent to achieve compliance.
Written by Ted Spiller, Compliance Consultant. Ted is an expert in many ISO management systems; he is a Lead Auditor for ISO27001, ISO9001 and ISO14001 and Auditor for ISO45001 and ISO22301. This blog was originally published in August 2021 and was reviewed and updated for accuracy in March 2023.
Whether you’re looking to do-it-yourself with the help of our toolkits, or you need some additional assistance with our consultancy and internal auditing services.
At CertiKit, ISO standards are what we do best, and we have a range of solutions available to help businesses prepare for certification to the following standards:
Contact us to see how we can help you achieve compliance fast and efficiently.