How to Conduct Management Reviews according to ISO Standards 

Part of being ready for Certification to ISO Management System Standards is making sure you have the necessary structure in place to facilitate process continual improvement and monitoring. Management reviews are a key component of both of these ongoing requirements for maintaining your Certification and your management systems.

Management Review is a requirement of Clause 9.3 of the following main ISO Management System Standards: ISO 9001:2015 for Quality, ISO 14001:2015 for Environmental, ISO 45001:2018 for Occupational Health and Safety (or WHS), and ISO for 27001:2022 Information Security.

In this article, we’ll explore the value of management reviews in greater detail, whilst also outlining how to conduct a management review. This overview of why and how to conduct management reviews will cover the following key questions and areas:

What is a Management Review?

Management reviews are a direct requirement of the ISO Management System Standards. The purpose of a management review is to assess the effectiveness and efficiency of an organisation’s management systems, providing decisionmakers with insights via data trend analysis into the particular components of the system. Using these insights, decisionmakers can then strategise on how best to continue improving the business processes, ensuring that the management systems are optimised routinely and with respect to your business goals.

Management reviews also support organisations in maintaining conformance with relevant ISO Standards, ensuring that any identified operational issues are identified and resolved promptly and that management systems are updated accordingly.

In much the same way that internal audits support continual process improvement, management reviews effectively provide a forum wherein senior management can analyse trends in audit findings and other performance indicators (i.e. customer feedback, staff insights, complaints, business data, etc.) and strategise collaboratively on ideal next steps for improving processes further. In this regard, management reviews also play an integral role in facilitating improvement.

When are Management Reviews Conducted?

There’s actually no reference to the timeframe within which management reviews must be conducted in any of the ISO Management System Standards. However, the requirement is that the review must be conducted ‘at regular and pre-planned intervals’ (i.e. quarterly, biannually, annually, etc.). 

More frequent management reviews are typically valuable for organisations within the first few years following the implementation of their management systems. For most organisations with established systems, however, an annual management review could be adequate for effectively monitoring more mature business processes and facilitating process improvements.

It often makes sense to conduct your review to conclude a financial year or calendar year, or other relevant reporting period relevant to your organisation’s operations. Both the date and timeframe of your routine management review can be determined internally and with respect to all decisionmakers who are likely to participate.

Who should attend your Management Reviews?

Ideally, all senior management team members shwould participate in your routine management reviews. This could include roles like CEOs, VPs, branch managers, department heads, and quality/production/operations managers. 

Your internal auditor, health and safety officer, and other relevant parties should also be encouraged to join your management review, as these individuals will be able to offer their own unique insights based on their experience and findings. 

Staff members with other technical skills that are relevant to points of discussion within your review could also be invited to participate. For example, engineers or ICT specialists can join management reviews in order to better understand production or digital security processes, with insights from individuals who are actively involved in those processes on a daily basis.

You may even opt to invite other staff to participate in your management review if you feel that their attendance would be beneficial to process improvement actions. Ultimately, your decisionmakers can decide who should be in attendance both on an ongoing basis, or even in a once-off capacity.

How to Conduct a Management Review

Conducting a management review for your organisation typically involves following three key steps, these being as follows:

1. Preparation for your Management Review

Establish a well-defined agenda. This agenda should outline all supporting documentation for your management review (including audit reports, customer feedback data, performance data from all relevant departments, and any other reference materials). 

Make note of any presentations that are likely to be included during your management review (for example, a presentation from your internal auditor to outline audit findings). You can also compile a list of guiding questions to ensure effective elaboration on all discussion points scheduled across your management review.

Once all attendees have received your agenda and pre-reading pack, schedule the management review.

2. Facilitating your Management Review

The results from your management reviews must be well-documented to ensure your organisation meets management review requirements as outlined in your relevant ISO Standard(s). This means recording minutes, as well as recommended improvements or changes decided upon, and all the other particulars that comprise your management review outputs.

Alongside your minutes (or similar record), you should define an improvement plan based on the decisions from the management review. This improvement plan should include the following key elements:

• Clear outline of required actions (i.e. next steps)
• Defined roles and responsibilities of key staff for facilitating improvements
• A realistic timeline for improvements
• Outline of all resources required for the improvements
• Performance metrics (KPIs) for monitoring the effectiveness of your improvement plan

3. Reporting & Post-Review Follow-Ups

Any improvement plan developed during your management review must be tracked to monitor the status/progress of that initiative. If your post-review reporting reveals that your improvement strategies aren’t delivering results that align with your business objectives, then you may opt to conduct a follow-up review. 

Ongoing underperformance may also be indicative that your decisionmakers and their teams aren’t on the same page with regards to improvements. In these instances, investing in employee training is likely to become another review output in follow-up reviews.

Speaking of subsequent reviews, the final component of your post-review follow-up process should naturally be ensuring that there’s an agreed-upon schedule for all succeeding reviews and/or follow-up reviews to be conducted.

Conduct Effective and Efficient Management Reviews for your Organisation

Conducting management reviews is not just a vital part of maintaining your Certification. By maintaining a proactive approach to introducing and implementing management review processes for your organisation, you can ensure that your decisionmakers and their departments can hit the ground running when it comes to the successful implementation and ongoing monitoring of your management system.

Alongside assisting with the implementation of management systems for Certification Readiness, our Consultants also offer ongoing support for organisations in maintaining their Certification, with management reviews being a core element of the entire Certification Process.

Our Certification consulting services are designed to provide tailored insights into how you can optimise management review processes for your organisation. Call our Consultants on 1300 614 007 or book your FREE Strategy Session online for expert insights into process development and improvement actions for your organisation.