By Jackie Stapleton
I heard a statement recently from a student – “But I need to know all of the different types of systems that businesses have!”
My response – No you don’t and you never will!
When you are working in the ISO management systems space, every ISO management system you review will have been built using different systems.
The options I have seen over the last couple of decades are:
- Hard copy in lever arch folders
- Electronic on-network drives
- Intranet systems
- SharePoint
- Project management platforms like Monday, Asana and Trello
- Bespoke systems built specifically for the business
- Off-the-shelf ISO software programs
And I’m sure the list can go on!
While the ISO management system is ‘housed’ within these different platforms, what is built is always going to be the same or very similar. They are always going to have a policy, they are always going to have objectives, they are always going to have an internal audit programme, and so on.
You see, I’ll let you in on a secret, regardless of what the business thinks as to how different or special they are, the ISO system will always be consistent across different businesses. You will find even more consistency across the same industries.
ISO Management System Standards (MSS) defines management system standards (MSS) as a way for organizations to improve their performance by implementing repeatable steps to achieve goals and objectives. These standards create an organizational culture that engages in continuous self-evaluation, correction, and operational improvement.
The structure of many ISO MSS is similar, emphasizing terms, definitions, and requirements applicable across various sectors, organization types, and geographical areas.
Integrated Excellence Operations Model
At the intersection of these 3 business requirements lies the Integrated Business Platform. This platform is the technology or software chosen to “house” the system. It results from an analysis that considers business system requirements, ISO management standards, and legal/regulatory obligations. The selected platform should be robust, compliant, efficient, and legally sound. It acts as the backbone for managing processes, data, and interactions within the organization.
Remember, this integrated platform serves as the bridge connecting business operations, quality/safety/environment management, and legal compliance. It ensures that the system operates seamlessly while meeting industry standards and legal expectations.
Business Systems – the essential elements that a business needs to operate effectively. These requirements encompass functionalities, features, and performance criteria tailored to meet organizational goals. Think of it as the blueprint for how the business operates, manages processes, and delivers products or services.
ISO Management System Requirements – signifies the standards and guidelines set by ISO management systems. These internationally recognized frameworks ensure quality, safety, sustainability and efficiency across various sectors. ISO standards cover areas such as quality management (ISO 9001), environmental management (ISO 14001), information security (ISO 27001), and more. Organizations adopt these standards to enhance their processes, reduce risks, and demonstrate compliance.
Legal and Regulatory Requirements – the legal obligations and regulations that a business must adhere to. These requirements vary based on the industry, geographical location, and specific business activities. Examples include environmental regulations, labor laws, safety standards, data protection laws, and industry-specific compliance mandates.
This article first appeared on Auditor Training Online‘s Lead The Standard newsletter and is published here with permission.