Starting Your ISO Journey: Take the First Step with “Quick Checks”

Reading Time: 5 minutes
Published on: November 28, 2023

Have you been considering getting your business Certified to one or more ISO Management System Standards, but are not sure where to start?

The Certification Process can undoubtedly seem complex and daunting. At the outset, many of our clients find themselves grappling with questions about whether their existing processes and documentation align with their chosen ISO Standard(s) requirements. This uncertainty can lead to concerns about the potential time and financial investment required to implement a robust Management System.

A lot of the time, people don’t even realise that each ISO Standard is an actual document that details the standard’s clauses and requirements. We always recommend that you purchase and read your chosen standard(s) document, to fully understand the requirements for successful implementation and audit results. Your existing processes and documentation may serve as a starting point, but it’s essential to evaluate the suitability and alignment with the particular ISO Standard(s) you aim to meet the requirements of.

A Management System is a set of processes, policies, procedures, templates, and other relevant documents that an organisation implements in order to run the business towards its objectives and goals. A Management System can conform to the requirements of one or more ISO Management System Standards. Read more about it here.

To address any concerns effectively right from the outset, we emphasise a practical and objective approach. This begins with an assessment of your organisation’s existing management system against the requirements of your chosen ISO Standard(s), or the impacts of the lack of one. This initial step provides a realistic view of your organisation’s current state in relation to the requirements stipulated by the ISO Standard(s), setting the stage for a tailored and successful certification journey.

To help you kick off your Certification project, we’ve created a set of ‘Quick Checks’, which are like quick checklists to assist you with assessing your current management system against your chosen ISO Standards.

A few example questions you’ll have to answer when going through the Quick Checks are:

  • Have you determined and documented the internal and external issues relevant to your business? (These could be in the form of your organisation’s strengths, weaknesses, opportunities and threats).
  • Are responsibilities and authorities established for each role in the business? (E.g. Organisation Chart, Position Descriptions, etc)
  • Have you set measurable objectives and targets for your business? Are these objectives and targets monitored and reviewed at regular and planned intervals?
  • Do you keep business records so they are easily identified, controlled and retrieved as required?

Below is a quick summary of each of the main ISO Management System Standards with links to download the relevant Quick Checks:

Starting Your ISO Journey: Take the First Step with “Quick Checks”

ISO 9001:2015 Quality Management Systems

Globally recognised as the most popular management system standard, ISO 9001:2015 provides a framework for world-class business growth via a risk and opportunity based process approach to managing businesses. The standard enables businesses to achieve consistent performance and service, while meeting, and sometimes exceeding, customer expectations by demonstrating that they’re committing to delivering quality products and services. 

ISO 45001:2018 Occupational Health and Safety Management Systems

The Occupational Health and Safety (OHS) Management System Standard provides a framework for managing and preventing work-related injury and illness by identifying risks and opportunities to eliminate hazards and minimise risks (including system deficiencies). ISO 45001:2018 assists organisations of any size, type, or industry in taking effective preventative actions to promote a safe and healthy workplace, while also effectively addressing legal and ethical concerns.

ISO 14001:2015 Environmental Management Systems

This standard provides a framework to facilitate continual improvement for better managing business environmental responsibilities, with the goal of reducing environmental impacts, and complying with environmental regulatory requirements. By implementing ISO 14001:2015, businesses can identify and control impact, reduce resource consumption and waste, and promote sustainable practices in operations in relation to how the organisation interacts with the environment.

ISO 27001:2022 Information Security, Cybersecurity and Privacy Protection – Information Security Management Systems

ISO 27001:2022 is a globally recognised Information Security Management System (ISMS) Standard that outlines the best practices and requirements for establishing, implementing, maintaining, and continually improving Information Security across an organisation. Implementing ISO 27001 into your business can help you identify and mitigate potential security risks and vulnerabilities, protect against cyber attacks and data breaches, and ensure compliance with regulatory requirements.

Integrated ISO 9001:2015 Quality, ISO 45001:2018 Occupational Health & Safety and ISO 14001:2015 Environmental Management Systems

An Integrated Management System (IMS) allows you to have a more consistent and streamlined system with combined tools and processes that will be easier to manage. Note that this checklist covers ISO 9001, ISO 45001, and ISO 14001 integrated, as they are the most common Management System Standards which are integrated due to their multiple overlapping requirements, but other standards can be also included. Taking an integrated approach saves time and money in the development phase, as well as in the long-term management and effectiveness of the system.

What to do after downloading the checklist?

The answers for your “Quick Checks” should be short, objective and clear. For example, there’s no need to detail which risks and opportunities were identified, only to state whether you have these documented or not (or perhaps partially). 

You may find it easiest to complete the questionnaire by setting up a small project group to cover different areas of the business, already engaging the departments/key employees that will need to be part of the Certification Process.

If you’d like to discuss a plan for your Certification Readiness journey, once you have completed the “Quick Check”, send it back to us via email. You can also book a FREE Strategy Session with one of our experts, to discuss the best approach for your business, and receive a customised quote.

We hope these Quick Checks help you get more clarity on what’s involved in the Certification Process. It’s important to highlight that the Standards clauses are generic and not prescriptive, so it’s up to the business to translate the requirements to their operations – there’s no “one size fits all”.

Call us now on 1300 614 007 or book your online FREE Strategy Session to solve any further questions about the Certification Process, or to discuss a tailored solution for your business.

About the author

Managing Director at ISO Certification Experts and ICExperts Academy

Erica is the Managing Director of ISO Certification Experts and ICExperts Academy. She has been helping businesses with their ISO Certification needs for over 20 years. Erica is also a Certified trainer, implementer and auditor for the ISO 9001, ISO 14001, ISO 45001 and ISO 27001 standards. Erica primarily heads up the day-to-day operations of the businesses, and is also a current member of the Standards Australia Committees: QR-008 Quality Systems and ISO 9001 Quality Management Brand Integrity.

All information on this blog site is for informational purposes only. As this information is based on our professional experience, opinion, and knowledge, we make no representations as to the suitability of this information for your individual business circumstances. Especiality Pty Ltd trading as ISO Certification Experts and all related businesses and brands will not be liable for any errors, omissions, legal disputes or any damage arising from its display or use. All information is provided as is, with no warranties and confers no rights.

We will not be responsible for any material that is found at the end of links that we may post on this blog site. The advice, ideas, and strategies should never be used without first assessing your own personal business situation or seeking professional and/or legal advice. Information may also change from time to time to suit industry and business needs, requirements and trends.