Business Planning – An ISO requirement that will boost your business
The main ISO Management System Standards (e.g.: ISO 9001 for Quality Management, ISO 45001 for Safety Management, ISO 14001 for Environmental Management and ISO 27001 for Information Security Management) have many overlapping requirements and follow some common structures. Clauses 4, 5, and 6 are examples of this – they contain common requirements across these ISO Management Standards and focus on Business Planning (with reference to each Standard’s topic).
The Business Planning activities required by these ISO Management Standards provide considerable detail about your organisation’s context. Taking a risk-based approach, these activities determine the situation in which an organisation functions, as well as anything that affects its operations. It requires consideration of factors such as internal and external issues, positive and negative conditions, interested parties, and focuses on top management’s accountability for management system performance with emphasis on top-level company objectives being integrated into the business processes.
However, these ISO Standards do not provide a list of the specific documents, tools, or frameworks to address these ISO requirements, making it flexible but also tricky to cover them comprehensively and effectively. We’ve found that some existing frameworks are spot on in addressing these ISO requirements, and also benefit your business in many different ways – the combination of these frameworks is the core part of what the Management System Standards refer to as:
Tools and Frameworks for Effective Business Planning
Effective business planning can be achieved by using tools and frameworks that will not only help you address the requirements of the ISO Standards, but also help your organisation in many different ways, as we will explore in detail in this article.
Listed below are some of the tools we’ve been using effectively when developing Management Systems for our clients. They are well known business frameworks to help you map key factors of your organisation internally and externally, including:
The Business’ Stakeholders or Interested Parties Analysis needs to be conducted. As part of this process, Stakeholders (or Interested Parties) of a business must be identified and analysed. Analysing stakeholders involves identifying their interests or needs from the business perspective, their relationship with the business and how, as a business, you will meet their requirements or satisfy their needs.
The PESTEL Analysis is a framework to analyse and monitor the macro and external market environment and factors that can impact your business. The PESTEL acronym stands for:
The SWOT Analysis is a tool that helps you develop a strong business strategy by considering four relevant aspects that affect your business, such as your business’s strengths and weaknesses, as well as the opportunities and threats it faces in the marketplace.
Strengths and weaknesses are internal to the business, while opportunities and threats are external. For a more comprehensive SWOT Analysis, you can use the outcomes of the PESTEL Analysis. It’s also recommended to be conducted by a group of people with different perspectives and stakes in your business.
The Risk Assessment is used to identify potential hazards and their associated harm, relevant to the business. It’s good practice to consider the outcomes of the previous two analyses (PESTEL and SWOT) as inputs for this assessment.
A Risk Matrix is then used to rank and rate the potential impacts of each identified risk, via assessing their likelihood and consequence. Control measures then need to be assigned to manage or eliminate risks to prevent them from becoming issues.
The Risk Assessment methodology recommended by ISO Certification Experts follows the DMAIC Improvement Cycle which is a data-driven quality strategy for improving processes.
The Objectives, Targets and Management Plans are developed to ensure that all opportunities for the business are explored across multiple areas of the business, to achieve growth and maximise rewards. For this activity, you can use the strengths and opportunities identified during the SWOT Analysis as inspiration.
Each identified Objective and Target should define the measurement tools, required actions, responsible person, target dates, and required resources.
Defining the core business processes, their sequence and interactions is the next and last step of the Business Planning. This needs to involve all departments in the organisation, to map the core processes your business undertakes to deliver your products and/or services (usually in flow charts).
An example of core processes could be the customer order, purchasing, design, and production processes in an organisation.
Once the individual core processes have been identified, the sequence and interaction between them can be defined. Below is a flowchart exemplifying the interaction of the core processes of a business:
And the benefits?
Like we said before, these frameworks will help you not only to address the requirements of the ISO Management Standards for ISO Certification readiness, but also bring a number of benefits to your business. Here are some of the benefits:
Using these frameworks
Although most of these frameworks are quite common in the business world, it’s known that rarely organisations actually use and implement them. All these tools require time, attention and engagement of various people in the business, requiring especially the support of the top management team for it to really work and reflect the organisation’s goals and vision.
The good news is that we’re here to help. By engaging ISO Certification Experts, we can facilitate planning sessions with your team to work on these frameworks together, bringing the right tools and techniques to tackle them effectively and make the most out of them – and of course, conforming with the requirements of the ISO Management Standards for ISO Certification Readiness!
About the author
Aqueline is a Consultant with a background in process engineering and food safety management. She develops customised management systems for our clients, to meet the certification-readiness requirements of ISO 9001, ISO 14001, ISO 45001 and ISO 27001.
All information on this blog site is for informational purposes only. As this information is based on our professional experience, opinion, and knowledge, we make no representations as to the suitability of this information for your individual business circumstances. Especiality Pty Ltd trading as ISO Certification Experts and all related businesses and brands will not be liable for any errors, omissions, legal disputes or any damage arising from its display or use. All information is provided as is, with no warranties and confers no rights.
We will not be responsible for any material that is found at the end of links that we may post on this blog site. The advice, ideas, and strategies should never be used without first assessing your own personal business situation or seeking professional and/or legal advice. Information may also change from time to time to suit industry and business needs, requirements and trends.