- ISO 9001 overview
- Why is ISO 9001 so popular?
- ISO 9001 – the facts
- Why choose ISO 9001?
- The benefits of ISO 9001
- Choosing a Certification Body
- How long does certification take?
- What’s involved in certification?
- Ongoing certification
- 10 reasons to have ISO 9001
- 10 steps to certification
ISO 9001 Overview
- It’s a Quality Management Standard (QMS)
- Published by the International Organization of Standards (ISO)
- Provides guidelines for the development, implementation and management of a QMS
- It’s the world’s most popular ISO Standard
- 6 million ISO 9001 certificates have been issued across 178 countries
- It’s updated every 5 years, and 2015 is the most up-to-date Standard
- It’s applicable to any business, of any size, anywhere!
RECOMMENDED READ: Who are ISO and why do they exist?
Why is ISO 9001 so Popular?
Quite simply, because the standard has the reputation of being the way that an organisation proves its quality credentials. That’s why ISO 9001 is requested in so many public and private sector tender situations and is so important to become certified, especially in the UK.
The British Assessment Bureau’s (BAB) own research in the 2016 Client Satisfaction Survey revealed that ISO 9001 had in fact over-delivered. When asked for their motivation for implementing the standard, 43% of clients said their motivation for ISO 9001 certification was to win more business. Having achieved certification, 62% said ISO 9001 had successfully led them to winning work.
A breakdown* of the benefits of ISO 9001 is below:
- 76% improved internal processes and efficiency
- 62% qualified for, or won new business
- 24% could tender for more new business
- 13% retained contracts with existing clients
*Percentages equal more than 100% as some clients cited more than one benefit
ISO 9001 – the facts
Many have heard about ISO 9001, but still aren’t sure about the relevance to them. Simply put, it can improve your management systems and help you win new business! ISO introduced ISO 9001 in 1987 to replace British Standard BS 5750.
It’s a truly international standard, having had input from 159 national standard institutes. Committees within these institutes have representatives from all sectors and industries. Their aim is to keep standards fresh and, on average, ISO standards are updated every 5 years – requiring 75% support from the world network to make changes.
RECOMMENDED READ: Business growth tips
ISO 9001 is a QMS and is a generic Standard. This means it can be applied to any organisation, across any sector, large or small and irrespective of whether it produces products or is a service related business.
It has already been implemented by more than 1.6 million organisations across 178 countries. Unlike many industry or national standards, ISO 9001 is recognised worldwide and is especially popular with public sector and large companies.
RECOMMENDED READ: ISO 9001 helps opens doors
Why choose ISO 9001?
It would be fair to say that most organisations’ motivation for gaining ISO 9001 is to win new business. But once organisations start, they quickly find huge benefits in terms of improved internal processes, more consistent delivery and less re-work. Successful implementation can result in a dramatic reduction in costly errors and the resulting consequences for clients.
“We sought ISO certification to improve the quality and consistency of the services we offer to the people we serve.” – Stephen Hawkins, Age Concern Hounslow
“Implementing ISO certification has improved our internal processes and awareness of how we operate.” – Peter Keast, ADA Network
We find a lot of organisations apply for ISO 9001 certification because it is a stipulation for public contracts. It’s government policy to define standards in central and local government tenders to make sure that the supplier is fit for purpose. As you’d expect, it’s particularly important that government bodies are able to show they are spending taxpayer’s money wisely.
ISO 9001 is often a requirement in the private sector too, particularly when applying to become part of a large supply chain, where the main contractor has ISO 9001 in place. It’s clear that many organisations, who originally sought ISO 9001 to qualify for work, are pleasantly surprised to find just how much of a positive influence it had on their whole organisation.
“The value that our clients hold of ISO is really quite huge – in all of our tenders there is now a requirement for ISO certification and some quite specifically ask for ISO 9001. Although we previously had quality systems in place, there were processes that were often ‘lost’ and we maybe weren’t as organised as we could be. ISO 9001, in particular, has allowed us to really develop our existing processes and as a result we are much more organised and ready for our planned growth.” – Lawrence Hargreaves, Nicoll Curtin.
The Benefits of ISO 9001
Benefits can be huge; improving internal processes, achieving greater consistency and happier customers! These benefits mean improved profitability as efficiency and productivity increases.
Virtually all businesses point to dramatic changes for the better. Even small companies benefit from implementing ISO 9001. It helps their growth, as it lays the ideal foundations for the future.
RECOMMENDED READ: ISO 9001 is a proven business winner
Improving your processes and the way your organisation works boosts not only productivity, but employee motivation too. Replacing bad, or even non-existent methods with functional, documented processes invariably leads to a more confident and driven workforce. ISO 9001 instils a model for continuous improvement.
Apart from bidding for public sector work, the credibility of ISO 9001 throughout the business world gives a clear competitive advantage to companies who have the standard. It’s not just about winning new business, it’s about added value to your clients too. Attracting and keeping hold of clients is more important than ever.
Did you know that ISO 9001 is part of a group of management standards? As well as quality, covered by ISO 9001, there is a standard for Environmental Management (ISO 14001), Information Security Management (ISO 27001) and Health and Safety Management (OHSAS 18001). They share many principles, so choosing an integrated management system can save you money as well as provide across-the-board benefits.
RECOMMENDED READ: Make time for ISO 9001
“We have received recognition from business partners on the quality of our products and services and feel our reputation has been enhanced as a result!” – Mario Theodosiou, Omega Lettings
“In more and more commercial situations, having ISO certification has helped us to differentiate ourselves from competitors.” – Peter Keast, ADA Networks
RECOMMENDED READ: A business lesson from the NHS
Choosing a Certification Body
When you achieve ISO 9001 certification through a Certification Body, you have proven that an independent third party has verified that you meet all requirements of the standard. This is a powerful message to both new clients and current clients.
RECOMMENDED READ: Relax with guaranteed certification
Not all Certification Bodies are equal. It’s important to compare costs carefully. Pay particular attention to ongoing fees. Some will charge ‘annual management or administration fees’, others don’t. An annual re-audit is mandatory but some Certification Bodies may insist on visiting (and charging) you more than once a year.
RECOMMENDED READ: Why is UKAS important?
Certification Bodies, like BAB, carrying out certification to ISO management standards will be following ISO 17021:2011 – requirements for bodies providing audit and certification of management systems. In order to remain objective and impartial, this means they cannot
write documentation for you or provide consultancy in conjunction with certification. What they can do is provide ISO training, which can be a useful exercise before committing to the implementation of a standard.
RECOMMENDED READ: ISO certificates aren’t all equal
How Long Does Certification Take?
- As you might expect, implementation of ISO 9001 can take longer depending on the size of the organisation
- You’ll need a designated representative who takes responsibility within the organisation and will drive you to success
- You don’t have to appoint a designated ‘Quality Manager’; just someone who is the main co-ordinator
- In most cases, the principles of ISO 9001 will soon become integrated within the organisation
- Before you know it, the processes in ISO 9001 will just become the way you do things
- For most organisations, the process will take 3 – 6 months from the first visit to the awarded certificate
What’s Involved in Certification?
The process starts with what’s known as a ‘Stage 1 Audit’. This is where your Lead Assessor will review your business and prepare a gap analysis report. This identifies the actions required to meet the standard. This becomes your helpful action plan, so don’t worry if you think you’re under prepared.
Some organisations find they already have lots of required processes in place; they just need better documentation and communication of what processes are mandatory and who has responsibility for what.
RECOMMENDED READ: The ISO certification cycle explained
“Externally we’ve built a better reputation with clients. Internally we have a much stronger structure, and valuable processes to find areas to improve the business.” – Martyn Redstone, G4S Policing Solutions
Once you’ve filled the gaps highlighted in the Stage 1 report, your Auditor will come back to carry out the ‘Stage 2 Audit’. This will reveal the effectiveness of your QMS and whether it meets all the requirements of the standard. If you are fully compliant, you will be recommended for certification by your Auditor. The Auditors’ report will then be checked via an approvals process and if no anomalies are identified, certification is officially awarded. If you’re not quite ready, you’ll receive a free re-audit from BAB.
Now you’ve worked hard to get your certification you’ll want to make sure you keep it! It is mandatory to have at least one surveillance audit visit per year to ensure you are continuing to meet the requirements. They sample the ongoing effectiveness of your quality management system. You’ll receive a written report with the results. These might include major or minor non-conformities and observations. Should a major non-conformity be identified, you’ll be given a set time period to rectify the situation.
Every 3rd year a full re-certification audit is undertaken. This will identify key strengths and weaknesses, and we will work with you to identify opportunities for improvement. These third year audits are more extensive than annual surveillance audits and some certification bodies may charge extra to undertake them.
Whilst we work with our clients, UKAS – the United Kingdom’s official, government approved accreditation service – insists we maintain our objectivity and impartiality. So, we can’t undertake improvements for you but we can, and will point you to recognised best practice and answer questions with sensitivity and understanding.
Ultimately, BAB want to help you gain the most from certification and reap the benefits that a commitment to continuous improvement can offer.
RECOMMENDED READ: The ISO certification cycle explained
10 Reasons to Have Certification
- IT INCREASES CHANCES OF WINNING PUBLIC SECTOR TENDERS
Government bodies continue to stipulate Quality Management Systems in their tenders. ISO 9001 is an internationally recognised standard, with certification ensuring organisations meet a high level of quality. By asking for ISO 9001 from contractors, the public sector can prove it is spending tax payer’s money wisely, whilst not having to waste time checking an organisation’s credentials. With ISO 9001 certification from a UKAS accredited body, the certificate does the talking!
ISO 9001 is revered within government. It’s no surprise that without ISO 9001, many clients simply wouldn’t have won the work.
- IT INCREASES CHANCES OF WINNING PRIVATE SECTOR TENDERS
It’s not just the public sector that deems ISO 9001 so important. As major organisations realised the benefits of ISO 9001, they started to demand it of their suppliers too. By making ISO 9001 a requirement throughout the supply chain, it ensures quality is at a consistent high level, reducing risk.
- IT HELPS MEET LEGAL AND REGULATORY REQUIREMENTS
Many industries have specific legal and regulatory requirements that you must adhere to; some you may not be aware of. Going through ISO 9001 implementation ensures you meet all current legislation, saving any potential embarrassment.
- IT CAN LOWER INSURANCE PREMIUMS
Complying with legislation of course lowers your potential risks. Many companies find that their insurance premiums are therefore reduced when they have ISO 9001, partly thanks to the additional aspect of having third party verification for their quality management.
- IT IMPROVES CUSTOMER SATISFACTION
An integral aspect of ISO 9001 is customer satisfaction. It focuses on the customer instead of purely business goals by gaining feedback and analysing it. The standard will help you improve the quality of your service, adopting a ‘right first time’ attitude.
The message ISO 9001 certification sends out to customers is an important one too. An independent verification of your quality management system demonstrates your commitment to quality, customer service and continuous improvement.
- IT IMPROVES OPERATIONAL EFFICIENCY
Over the years, organisations can develop a variety of processes and ways of doing things. ISO 9001 encourages well defined and documented procedures that improve the consistency of your organisation’s output, by replacing any current practices that are obsolete or inefficient. With procedures in place for when problems occur, corrective action is then taken. Over time, this efficiency of process leads to fewer mistakes, and those that do occur, are caught earlier.
- IT REDUCES RE-WORK
Greater efficiency means fewer errors, which means less re-work, product scrap and rejections. You may find you already had processes in place for many business functions, but ISO 9001 helps improve or eradicate obsolete processes that are counter-productive. The standard introduces better process control and flow, improves documentation of processes, and creates awareness of quality amongst employees.
- PROMOTE CONTINUAL IMPROVEMENT
A fundamental part of all ISO management standards is continual improvement, challenging you to strive to make regular improvements.
- IT INCREASES PROFIT MARGINS
With improved management processes, the greater efficiency gained from implementing ISO 9001 can lead to an improvement to the bottom line. With improved processes leading to less overall work, this results in cost savings when delivering the product/service.
- INCREASE EMPLOYEE MOTIVATION
It is fair to say, that with proper processes in place, staff will feel more at ease with their job roles, leading to greater job satisfaction and motivation, especially when they are made aware of how quality and overall success depends on them.
Of course, achieving certification to an internationally recognised quality management standard is something to be proud of, so becoming certified should be celebrated! Including your staff throughout the process is key to getting both buy-in and motivation.
10 Steps to Certification
- MAKE THE RIGHT CHOICE
The first step for any organisation is making sure that the standard you’ve chosen is the right fit for your organisation, right now. It’s worth noting that you must have been operating for at least 3 months to become certified. This is so you have some processes in place that can be assessed.
We recommend engaging with any industry or professional associations that you may be actively involved in, to see how ISO certification has worked for other members. You could also speak to certified clients or suppliers, as well as using local and national government resources for a wealth of information on ISO standards.
- REVIEWING THE STANDARD
As part of the standard requirements, you’ll need to purchase a copy of the standard from ISO themselves, which includes all of the requirements you must adhere to. Along with the support from your Account Manager and Assessor, this will help you on your way to learning the internationally recognised quality management system.
- COMMUNICATING THE GOAL
Implementing an ISO quality management system needs to be an organisation-wide target developed by senior management. Ongoing effort will be needed to ensure good habits are maintained throughout the process, so a ‘champion’ will be needed – or a dedicated team if you work in a larger organisation. This person or team will also need to be responsible for developing the actual Quality Management System.
Getting buy-in is one of the biggest challenges whilst on the route to achieving certification. We have published numerous articles focusing on the benefits of all of the main standards which can help communicate exactly why your organisation is taking these steps.
- ESTABLISH TRAINING REQUIREMENTS
If you’re completely new to ISO standards, then a training course could be beneficial to improve confidence and skills to help in the implementation process. Even if you are fairly experienced, a refresher course ensures you’ll get the most out of the standard. External and bespoke in-house courses are available. Our open ISO training courses are held throughout the UK on a monthly basis.
- USING A CONSULTANT
We cannot provide consultancy services as it would affect their impartiality. It is acceptable to independently source a consultant to help you along the process. They can help on an implementation strategy, and a good consultant should increase the value of the process. The use of a consultant doesn’t remove your responsibility for establishing and implementing your ISO standard. It is in your own interest that you and your management are actively involved with the consultant throughout. Beware of any ‘ready-made’ management systems which may not suit your organisation.
- SELECT A CERTIFICATION BODY
It’s important to know what you’re signing up to when agreeing to proceed with a Certification Body. The popular ISO management standards are based on a 3-year cycle. Some CB’s will expect you to sign up to a minimum 3-year contract to suit. Whilst only an annual visit is required, there are some who will insist on seeing you more frequently. It’s important you clarify this when obtaining quotes and check for other hidden costs such as ‘registration’ and travel fees.
- DEVELOPING A MANAGEMENT SYSTEM
The ISO management standards are designed to be generic, applicable to organisations of all sizes and industry sectors. While the standards provide a framework for good management practice, specifying things that need to be included, they do not tell you how to do them.
The fundamental part of achieving certification to an ISO standard is forming a Management System; a Quality Management System (QMS) for ISO 9001. The Management System is formed of processes for management activities, provision of resources, production realisation, measurement, analysis and improvement.
- THE STAGE 1 AUDIT
The process starts with a ‘Stage 1 Audit’. This is when your Auditor reviews your business and provides a gap analysis report identifying the actions required to meet the standard. This can be used as a helpful action plan, so don’t worry if you think you’re under prepared. Some organisations find they already have some required processes in place; they just need better documentation and communication of them. It’s important to remember, with BAB you can’t fail!
- THE STAGE 2 AUDIT
Once your organisation is ready and has filled the gaps highlighted in the Stage 1 report, your Auditor will visit you again to carry out the ‘Stage 2 Audit’. This will reveal the effectiveness of your management system and whether it meets all the requirements of the specific ISO standard you wish to be certified to (e.g. ISO 9001). If you are fully compliant, you will be recommended for certification. The auditor’s report will then be checked via an approvals process, and if no anomalies are identified; certification is officially awarded.
- MAINTAINING THE MANAGEMENT SYSTEM
The maintenance of your management system is where the hard work really starts. Continued buy-in from everyone is important for implementation to succeed, and for you to gain the true benefit of becoming certified.
In-house communication and training should be carried out regularly to ensure ongoing awareness and engagement with staff. More formally, internal audits should also be carried out to ensure the requirements of the standard are continually met. A management review should then be held to set out corrective actions as required.
MARK0001 | V1 | 01.06.2016 | ISO 9001: The Ultimate Beginners Guide
This White Paper will teach you…
- WHAT ISO 14001 is, how it works and the benefits certification brings organisations
- WHY ISO 14001 is so popular and how it’s recently been updated
- HOW organisations can become ISO 14001 certified
- WHO the most suitable Certification Body is to work with
- WHAT costs you can expect when becoming ISO 14001 certified
1. 60 Seconds on ISO 14001
1.1 What’s ISO 14001?
ISO 14001, first launched in 1996, is a standard with a set of requirements to help organisations create an effective Environmental Management System (EMS), allowing them to benchmark their current environmental performance (e.g. energy use, recycling rate, waste created) and set out ways to improve on it.
1.2 What are the benefits?
It’s not surprising that if you use less, you tend to spend less! ISO 14001 has been proven to save organisations a considerable amount of money by getting them to think harder about how they might reuse and recycle materials and equipment.
Creating an EMS can also prove to be an exercise to foster teamwork through working towards a common goal. When an organisation obtains third-party certification to ISO 14001, it’s proven to provide a competitive advantage.
RECOMMENDED READ: The benefits of ISO 14001
1.3 How does it work?
ISO 14001 must be clearly supported by management, while the task of creating the Environmental Management System will normally fall to a dedicated member of staff or team. They will ideally have a good understanding of the business as a whole.
An action plan will be created following an environmental review, where the results must be measured. ISO 14001 encourages a positive ethos of continual improvement, so an organisation’s EMS won’t stop evolving.
1.4 How do I get it?
The standard itself is a 44-page document of requirements. However, what you really need is certification. This involves engaging with a Certification Body who’ll assess whether or not you’ve met the requirements on an annual basis. This will be done through the creation of an Environmental Management System. This demonstration of compliance is what’s required when ISO 14001 is requested in tender contracts and supply chains.
RECOMMENDED READ: The ISO 14001 process
2. Overview of ISO 14001
In the last 20 years, the subject of climate change has evolved from academic debate, to a conversation held at the dinner table with our friends and families. Improved education on issues such as air pollution and waste of resources means cynical consumers have evolved to become ever-more conscious of their purchasing decisions, and how that impacts the environment.
Over time, the motivation to be a ‘green’ business has become more compelling, as the status has developed from representing a nod towards corporate responsibility, to an essential component for winning and retaining business.
RECOMMENDED READ: Green employees work harder
This vast change in motivation has grown, from the constant environmental debates which have resulted in both revised and strengthened regulations. As a result, targets agreed by government have trickled down the public sector supply chains, to the point where even a sub-contracted sole trader needs to demonstrate a commitment to improving their environmental performance.
Similarly, with fingers pointed at multi-national companies for being major polluters, the response has been to put pressure on the global supply chain to ensure everyone plays their part in reducing environmental impact and adhering to legislation.
In 1996, the International Organization for Standardization (ISO) published its Environmental Management Standard, ISO 14001. Its purpose was to help organisations of any size create a management system to help improve environmental performance through the efficient use of resources and reduction of waste.
RECOMMENEDED READ: Who are ISO?
Since then, certification to the ISO 14001 standard has been specified in pre-qualification and tender processes in order for the bar to be raised across the supply chain. 20 years after being first published, ISO argue the standard is just as relevant and effective as ever, and still helps organisations reduce their environmental impact.
This White Paper will help you decide whether ISO 14001 is right for you – as we delve into the research-backed benefits, explain the decisions involved in achieving certification and the challenges you could face when creating an effective Environmental Management System.
For more in-depth guides and papers for ambitious small businesses, visit our Knowledge Bank.
3. Overview of ISO 14001
There’s no doubt that many businesses choose to become ISO 14001 certified, but many more are forced to achieve certification in order to access new work, or retain existing business.
In recent research from the British Assessment Bureau (BAB), 58% of respondents said their motivation to become certified to ISO 14001 was that their client(s) were demanding evidence of compliance to ISO 14001 before they would trade with them. This is a 42% increase on the previous year’s results.
RECOMMENDED READ: ISO 14001 helps sales
A quarter of companies have been successful in winning more business once they had achieved ISO 14001; with a further 15% then being able to tender for work that was previously unavailable to them. A fifth of respondents were more successful at winning tenders, as a result of becoming ISO 14001 certified.
Improved internal processes, more efficient systems, reducing costs and waste are all additional benefits of achieving ISO 14001. Gaining certification is also a feel good factor for owners, employees and customers:
- The FD is happy as costs have reduced, and the bottom line figures are better;
- The marketing team are happy as customers love to buy from a company that’s green;
- The sales team are happy as they can now tender for more new work from the public sector and large companies;
- Your customers are happier because you are ‘greener’;
- Your owners, shareholders, investors and employees are happy because the company is more efficient (and makes more money!);
- Not to mention, the planet is happier too!
RECOMMENDED READ: Guide to reducing waste
It’s fair to say that smaller organisations may question the significance of their environmental impact, given some of the world’s largest companies emit levels of pollution that rival whole countries.
Understandably, at first glance, ensuring the company demonstrates green credentials isn’t going to top the priority list of many small business owners, as any investment has to show a clear return in those formative years, in order to stay afloat.
However, while not immediately obvious, ISO 14001 has been shown to make a clear, positive difference to the bottom-line.
3.1 A business winner
During 2010, the UK’s Prime Minister David Cameron announced he wanted to create the “greenest government ever”, declaring the environment as a top priority. There was a big reaction to this, with public sector departments requesting suppliers to show evidence of environmental management, with ISO 14001 cited as an example.
RECOMMENDED READ: ISO 14001 wins new business
In the UK, at least, the number of awarded ISO 14001 certifications spiked, with a 31% growth in 2010 – according to ISO’s annual survey which takes data from Certification Bodies worldwide.
The Department of Environmental, Food and Rural Affairs (Defra) conducted a study in 2012 which showed a link between Environmental Management Systems and sustainable growth among SMEs.
The purpose of this study was to deliver robust evidence on the environmental and financial benefits of having an EMS, and included organisations from both manufacturing and service sectors.
The key findings of the research were:
- Implementation and certification cost c£1,300 per £m turnover;
- Two thirds of businesses increased sales, or expected to, since implementing an EMS;
- New business sales attributed to the EMS represented c£15,000 per £m turnover;
- Cost and efficiency savings were calculated at c£5,000 per £m turnover.
The research found that commercial and marketing reasons were the dominant triggers for implementing an EMS. This is something reflected in a customer survey carried out by BAB during 2016:
- 90% sought ISO 14001 certification to win business;
- 34% sought to improve environmental performance;
- 16% sought to improve their corporate image.
3.2 Cutting costs
Whatever the size of your organisation, you can achieve improved efficiency by implementing ISO 14001. This means you waste less, so you spend less! Naturally the bigger the company, the greater the likelihood that efficiencies can multiple.
The manufacturing sector holds a significant advantage over the service sector when it comes to cutting costs, which is illustrated by an academic study. It shows how 90% of the manufacturing sector experience operational cost savings as a result of ISO 14001 certification, compared to 50% of the service sector. As a much bigger consumer of energy and materials, the scale of consumption of the manufacturing sector meant improvements were easier to achieve, and much more noticeable too!
That’s not to say an SME won’t make efficiency gains; as the Defra study clearly showed smaller organisations were able to progress too. The result was that it took, with implementation and certification costs considered, only 3 months for ISO 14001 to make a return on investment.
RECOMMENDED READ: Hilton save $550million with ISO
“As a result of having the ISO 14001 we have maintained a couple of contracts that we wouldn’t have without it.” – DMS Property Maintenance
4. ISO 14001:2015 Revision
ISO 14001 has existed for 20 years now. Usually, ISO review their standards every 5 years in order to remain relevant and up to date. With technology and business practices moving on significantly since ISO 14001 was last revised, the process to engage with users of the standard began back in 2011. An updated ISO 14001 will now remain applicable for the next 10 years – or more – across the world.
With Environmental Management Systems being part of both sustainability and social responsibility in today’s world, they help organisations optimise environmental performance while meeting legal requirements. ISO 14001:2015, which was published in September 2015, has built on the basic principles of the previous ISO 14001:2004, but with a number of key differences.
For those with existing ISO standards in place, a positive step was to follow ISO’s new high level structure, Annex SL, which provides a common framework with other management system standards. This makes it considerably easier to create an integrated Management System, which is both easier to manage and incorporate into core business processes. This reduces the risk of an ISO 14001 EMS becoming an extension. The new version helps to forge stronger integration between environmental issues and an organisation’s strategic action planning and thinking.
RECOMMENDED READ: ISO 14001:2015 asks managers to lead the way
To assist in ensuring the EMS is truly at the heart of the organisation, revised requirements strengthen strategic factors, communication and leadership involvement.
When it comes to environmental performance, the latest ISO 14001:2015 shifts to identifying lifecycles, with the aim of getting organisations to consider their wider impact, from cradle to grave, by using their environmental influence throughout their supply chains.
Shouldn’t you insist that your suppliers are ISO 14001 certified as well?
4.1 Requirements Overview
Simply put, ISO 14001 sets out requirements for building an Environmental Management System. By providing a way to organise people, resources and processes, it aims to meet organisational goals. This results in increased resource efficiency, a reduction of waste, and it therefore aids profitably.
The standard is not prescriptive. Ultimately, what an organisation gets out of implementing an EMS is down to the aims and intentions they set, combined with their commitment to deliver on them; and on time!
The latest version of ISO 14001 – ISO 14001:2015 – has an entire clause dedicated to Leadership, helping to foster commitment from the top, down. This clause also includes setting out responsibilities and the establishment of an Environmental Policy.
It’s important to remember that ISO 14001 doesn’t have to apply to your whole organisation. It isn’t unusual for larger companies to start with certain sites or departments where they envisage they’ll see the biggest rewards.
The standard asks you to explain the Context of the EMS, where you need to consider the issues, factors, and conditions that could influence or be influenced. It asks you to identify relevant interested parties and to consider the compliance obligations you’re expected to meet, so they can be appropriately managed.
Planning is a substantial clause in the standard. It involves developing a process to consider the risks that could affect your EMS’ objectives. You’ll need to define actions on how you’ll address your environmental impact, compliance obligations, risks, and any opportunities.
To ensure this happens, your actions will need to turn into defined processes. This will need to be broken down to relevant departments so it’s clear where responsibility lies.
Implementing an EMS successfully requires Support. Once you’ve figured out how extensive your documentation needs to be, you need to define who’s responsible for what, and ensuring they’re competent to do it. You’re also required to review how you communicate on matters concerning your EMS.
The Operations clause is about setting out the plans on how you’re going to meet the actions you have set, and control how they operate. There’s also a consideration of risk expected, where you need to establish a procedure to respond to emergency situations.
Once things are in place, Evaluation needs to begin. This clause is for setting up the monitoring and measurement of your performance. These are carried out as Internal Audits, and the results need to be shown at management reviews to demonstrate involvement.
This is followed by Improvement. With lessons learnt from checking how well you’ve done, ISO 14001 then expects you to commit to making enhancements for a better performing environmental management system.
RECOMMENDED READ: ISO 14001 increases competitiveness
5. Certification process
Once you have the basis of an ISO 14001 Environmental Management System, you’re ready to begin the certification journey.
Outside of the various training courses and seminars held by Certification Bodies, many offer a ‘Pre Assessment’ or ‘Gap Analysis’ service ahead of the formal certification process, to identify any omissions or weaknesses. Alternatively, some choose at this point to use a consultant to give added confidence. Again, many Certification Bodies have an answer to this, in the form of a consultant register. While they’re not permitted to recommend consultants, they can provide details of specialists who are known to them.
5.2 Stage 1 Audit
The 1st assessment, referred to as a ‘Stage 1’ Audit is a document review, with the aim being to establish that – on paper at least – you’re conforming to all of the requirements of ISO 14001.
The length of the Audit is determined by factors such as your organisations size and the industry you’re in. This will entirely influence the cost, so you’ll be informed of the amount of time required in the form of an Audit Plan in advance.
Once the Stage 1 Audit is finished, there’ll be a closing meeting to round-up the findings. You’ll then be provided with a report detailing what happened during the Audit, with an overview of any non-conformities.
5.3 Stage 2 Audit
In order to be recommended to advance to the ‘Stage 2’ Audit, you’ll need to close out any non-conformities by establishing a Corrective Action Plan. Much like a driving test, non-conformities are separated by minor and major variants. Whereas major variants need to be acted on immediately, minor non-conformities can be reviewed at the next Audit.
The Audit itself is about demonstrating that your organisation’s living and breathing what you’ve documented. Your Auditor will therefore need to meet with managers and staff, as well as see evidence of your Internal Audits and management reviews, as documented in the requirements of the standard.
All being well, you’ll be recommended by the Auditor for certification. However, this’ll require final sign off by the Certification Body’s compliance department. You’ll then receive a report and any non-conformities will need to be acted on before certification is formally awarded.
5.4 Annual Audit
During Audits, Auditors are encouraged to share Opportunities for Improvement (OFIs) in the spirit of establishing an ethos of continuous improvement.
These are reviewed at Surveillance Audits, which must occur at least annually. In the meantime, you should maintain a schedule of Internal Audits and management reviews.
Most Certification Bodies issue certificates in-line with the 3-year certification cycle. Every 3rd year, a ‘Re-Certification’ audit is carried out. Whereas a Surveillance Audit will focus on improvement areas found in previous audits, the Re-Certification Audit must cover all of the standard’s requirements.
RECOMMENDED READ: The 3 year certification cycle explained
6. Using a Consultant
The alternative for seeking representation is to look for a specialist consultant in ISO 14001. There’s an extensive network working in the field of Environmental Management Standards.
Consultants are used for very different reasons, depending on the size of the organisation. While a small business may require the hands-on help from being resource limited; a larger organisation may have the required manpower, but feel expertise is required to maximise efficiency opportunities and ensure the organisation meets more complex legal requirements.
Being in a position of reliance has its dangers – while a consultant may help overcome short-term challenges, there’s a risk that long-term dependency could negate the cost-benefit from implementing ISO 14001.
It could become attractive to simply leave all things related to environmental management to the consultant. The downside is that while this may ensure your organisation continues to meet the requirements of the standard, you’ll fail to reap the rewards due to a lack of team participation.
Your decision will ultimately be based on your motivation to implement ISO 14001. The potential issue described may not be considered a problem if certification will lead to lucrative work. However, ensuring your consultant works to engage, involve, train and empower your staff means you’ll avoid ISO 14001 becoming a cost to the business if the valuable contracts dry up.
When seeking a consultant, sector-specific experience is likely to be the most key factor for choosing the most appropriate person for the job. In combination with an impressive CV and collection of testimonials, it’s a notable advantage for the consultant to have auditing experience. With some requirements of ISO 14001 coming down to interpretation, having a qualified auditor acting on your behalf means you can have confidence if challenged by the auditor of your Certification Body.
When establishing credentials of an ISO 14001 consultant, qualifications from the IRCA and IEMA are respected within the industry. These are usually delivered by approved training centres, which frequently include Certification Bodies.
It’s not unusual for consultants to also work as sub-contractors for Certification Bodies. However, there are rules in place to maintain impartiality so that a consultant cannot perform both consultancy and auditing roles to the same company.
7. Choosing a Certification Body
The financial industry has the FCA, holiday companies have ABTA, but there’s no such mandated regulatory body for Certification Bodies. As a result, there’s no protection for those who mistakenly choose the wrong path. It’s critically important to make the right choice before signing on the dotted line.
RECOMMENDED READ: ISO certificates aren’t all equal
Driven by government contracts requiring certification, the UK represents a significant proportion of worldwide ISO 14001 certificates. This demand has created an environment for opportunists to take advantage of those organisations who require certification urgently in order to qualify for a contract.
While the majority of Certification Bodies seek to demonstrate their competence and credibility through “accreditation” from UKAS, the UK’s National Accreditation Body, others have sought accreditation from alternative bodies. Whereas UKAS is recognised and supported by Government, the alternatives are recognised only by themselves.
The long-term issue with this is that, once spotted, non-UKAS certificates are often rejected and – just as importantly – the credibility of ISO standards as a whole is diminished by those not implementing them in the intended spirit.
UKAS’ role is to ensure Certification Bodies meet the ISO 17021 standard for conformity assessment. Achieving accreditation from UKAS involves a rigorous head office review of management, policies and procedures. Certification Bodies must also pass a test of their competence via Witnessed Assessments undertaken by UKAS.
Often, Certification Bodies without UKAS accreditation claim to be a ‘one stop shop’ for consultancy and certification, in an effort to market themselves as the most convenient option. However, this is in direct violation of ISO 17021’s requirements – Certification Bodies must remain impartial and can only provide certification, and not consultancy.
7.1 Certification or Accreditation?
For most, certification and accreditation are interchangeable terms. However, in the world of ISO standards, there is a hierarchy – Certification Bodies are accredited by National Accreditation Bodies. As a result, an organisation can only be ISO 14001 certified, not ‘accredited’.
8. The Cost of ISO 14001
Costs of implementation have been left until last, as the chosen approach will have a significant impact. It’s a realistic ambition for an SME to implement and achieve certification to ISO 14001 without external assistance, and costs will be much reduced as a result.
It’s important to assess the impact of the resources required, and it’s vital a cost-benefit assessment is carried out against other potential initiatives and investments the organisation could be making.
RECOMMENDED READ: Budgeting for ISO certification
All Certification Bodies follow a similar approach, as cost is ultimately influenced by the time required to Audit, the amount which is derived from an industry-agreed calculator that takes into account:
- Staff numbers;
- Complexity and risk;
- Number of sites.
A small company in the service industry may require just a couple of days of Auditing for the whole certification process, thanks to the relative simplicity of its processes. On the other hand, days required to Audit a large multi-site organisation could move into weeks.
As long as a site duplicates activities of another, it can be ‘sampled’. Rather than Audit every site at great cost, visits can be rotated within the 3-year certification cycle.
The organisation’s industry sector and complexity will mean only certain Auditors have the appropriate knowledge, experience and qualifications to Audit. This’ll have a knock-on effect for costs, with Certification Bodies typically charging between £600 – £900 per day.
Beware of hidden costs on top of the Auditing! Management and travel fees are often excluded from quotations. It’s also important to check the length of a contract, as a lower fee may indicate less flexibility in the form of a lengthy agreement; where 3 years is typical.
Increasingly, Certification Bodies will quote a package cost inclusive of the Stage 1 and Stage 2 Audits, as well as the compliance and administration aspects. Despite this trend, it’s still important to check for hidden costs – for example, some will exclude costs of travel.
These same principles can be applied loosely to the cost of using a consultant. With day rates ranging from £400 – £1000 per day, it’ll be important to balance the level of support required with the value it will deliver.
8.1 Ongoing costs
Maintaining certification to ISO 14001 is subject to an Annual Surveillance Audit. Some Certification Bodies will expect to see an organisation at more regular intervals based on their size and complexity – but this isn’t mandated by the standard.
The same calculation of days for Auditing will be required. However, with no Stage 1 required, a small business will find costs are typically less than 50% of the 1st year’s. Adding sites, a significant amount of staff or developing new services will mean the time required to Audit the organisation will have to be reviewed.
9. Making it a Success
9.1 Ensuring successful implementation
Studies on employee engagement show that it’s imperative organisations share their vision and disseminate core values throughout their teams. Implementing an ISO 14001 EMS is no different in this respect – it’s essential employees understand why the organisation wishes to implement the standard and crucially, they’ve got to believe it!
RECOMMENDED READ: 10 employee engagement ideas that get serious results
In the past, some criticism has been levied at ISO 14001 as it doesn’t specify targets. Instead, the requirements simply state that the organisation must set its own targets, and build a plan to successfully meet them. As a result, the application of ISO 14001 follows the age-old truism – you only get out what you put into it.
9.2 Who’s responsible?
An SME would question who should be responsible for the implementation of ISO 14001. With larger organisations, it’s quite usual to have a dedicated person or team working on the ‘project’. For a smaller business, there isn’t the need or justification to have a dedicated role focusing on environmental management.
An SME would question who should be responsible for the implementation of ISO 14001. With larger organisations, it’s quite usual to have a dedicated person or team working on the ‘project’. For a smaller business, there isn’t the need or justification to have a dedicated role focusing on environmental management.
As with all of their management standards, ISO emphasise the point of ensuring management involvement; in fact, it’s a requirement within ISO 14001.
In truth, ISO have recognised that for any initiative to be successful – buy-in from the top is essential for engagement to filter throughout the organisation. This is why one of the first exercises within the ISO 14001 standard is to develop an Environmental Policy in order to set out the direction and objection of the management system. In other words, the setting out of the vision and aspirations behind implementing ISO 14001 in the first place.
Of course, it’s not realistic for the Board of Directors of a company to be responsible for the day-to-day activities involved in establishing and maintaining the organisation’s EMS. Instead, a designated ‘management representative’ can be appointed to fulfil this role.
RECOMMENDED READ: How to create a green office
As this role isn’t specifically described, common sense would dictate that the ‘representative’ has a good overall understanding of how the organisation functions. They should also be able to communicate with, and influence, top-level management.
If your organisation doesn’t have a dedicated Environmental, Sustainability, HSEQ Manager or similar, it’s quite often the Office Manager, HR Manager or Finance Manager who takes on the role. This is often due to – disregarding certification leading to securing new business – ISO 14001 being categorised as a ‘business improvement’ or cost-saving initiative.
9.3 What skills are required?
Various research has shown ISO 14001 can prove a beneficial initiative for engaging employees. Over the last decade, the issue of climate change has risen in the global agenda, which has resulted in people taking more interest in their personal impact on the environment.
For any organisation implementing ISO 14001, it should be a realistic ambition to build a working group to implement and maintain the EMS, as they’ll likely derive satisfaction from the initiative’s success.
Training isn’t essential, but can help put into the context the requirements of the standard and give confidence when engaging with an Auditor at a Certification Body. Most Certification Bodies will provide familiarisation, implementation and Internal Auditing courses. For more formal qualifications, organisations such as IEMA and IRCA can help develop people into Auditors.
A lone voice returning from a training course full of enthusiasm is more likely to be an irritant rather than an effective agent of change. Serious consideration should therefore be given to encouraging more involvement, as a team of people can support each other in a more sustained approach.
“We gave employees ownership of the EMS by appointing ‘Green Champions’ across each of our sites…we never felt like we were fighting employees – everyone was keen to be involved and could see that what we were doing was positive.” – Nuneaton and Bedworth Leisure Trust
RECOMMENDED READ: ISO 14001 is shown to improve reputation
We hope that you’ve found this White Paper not only interesting, but informative too! We’re on a mission to make sure that businesses have great management systems in place so they can operate more effectively and efficiently, have happier customers who buy again and again, and new customers clamouring to buy too. In the end, if businesses make more money and organisations are able to reduce costs, then we’re proud to have helped.
The British Assessment Bureau works with a wide and diverse range of clients, from sole traders to government departments. Each one of our clients has unique requirements and we relish each challenge. However, we never forget that it’s your baby and that you’ll always want the reassurance of a safe pair of hands.
We have over 40 years’ experience in the certification industry, winning multiple awards along the way to help demonstrate our commitment to delivering the best service possible. We certify organisations to ISO 9001, ISO 27001, OHSAS 18001 and of course, ISO 14001.
11. Sources and additional reading
MARK0002 | V1 | 01.08.2016 | Why ISO 14001 is right for you
Free Introduction to ISO 9001 course