A training presentation on

Integrated Management System

based on ISO standards

by
Anand Deshpande
 Index

1. ISO Standards
2. Management System Standards
3. Integrated Management System
4. New High Level Structure
5. Important Clauses of IMS standards
6. The Process approach, Risk-based thinking & PDCA
7. Some key terms used in standards

2
Pre-training assessment:

1. Full form of IMS?

2. Full form of ISO?
3. Standards of IMS ?
4. What is High Level Structure?
5. What do you understand by conformance?
6. Does ISO certify an organizations’ management system?
7. What do you understand by Interested Parties?
8. What do you understand by PDCA?

3
 ISO
International Organization for Standardization
 Started operating officially on 23rd February 1947
 ISO standards are used around the world and cover almost
every product and process imaginable
 Membership of ISO is only for national standards institutes
or similar organizations that represent standardization in
their country (one member in each country)
 BIS (Bureau of Indian Standards) – national standards body
of India

4
 An International Standard provides
rules, guidelines or characteristics
for activities or for their results
aimed at achieving
the optimum degree of order
in a given context.

 It can take many forms - product standards, test methods,

codes of practice, guideline standards and management
systems standards
 Around 22469 international standards published so far

5
 ISO
Management System Standards
 ISO 9000 family – Quality management
 ISO 14000 family – Environmental management
 ISO/IEC 17025 - Testing and calibration laboratories
 ISO 22000 - Food safety management
 ISO 26000 - Social responsibility
 ISO 31000 - Risk management
 ISO 45001 - Occupational health and safety
 ISO 50001 - Energy management
6
 What is a management system?

 A management system is the way in which an organization

manages the inter-related parts of its business in order to
achieve its objectives
 Objectives can relate to a number of different topics,
including product or service quality, operational efficiency,
environmental performance, health and safety in the
workplace and many more
 The management system can be formal / informal

7
 Management System Standards (MSS)
 Provide a model to follow when setting up and operating a
management system
 Help organizations improve their performance -
- by specifying repeatable steps that organizations
consciously implement to achieve their objectives
- In creating an organizational culture that reflexively
engages in a continuous cycle of self-evaluation,
correction & improvement of operations and processes
- through heightened employee awareness and
management leadership and commitment.
8
 Management System Standards (MSS)
 Who are benefitted ?
An Organization :
 More efficient use of resources
 Minimize errors and waste
 Improved risk management and protection of people
and the environment
 Increased capability to deliver consistent and improved
services and products, thereby increasing value to
customers and all other stakeholders
 Improved financial performance

9
 Management System Standards (MSS)
 Who are benefitted ?
Customers :
 Standardized products/services are assured
 Provides means of grievance redressing

Other stakeholders :
 Assurance about compliances
 Various types of Risks addressed
 Big picture covering functional systems & financial
health

10
 Integrated Management System (IMS)

 It is the outcome of the process of integrating

requirements from multiple management system
standards into a singular system easy for use and its
management
 Quality, Environmental, and Safety management systems
are often combined and managed as an IMS
 Similar processes are seamlessly managed and executed
without duplication
 Integrated audits (reduced disruptions from multiple
audits)

11
 Type-A & Type-B MSS
 Type A MSS contain requirements against which an
organization can claim conformance
 Type B MSS contain guidelines for
following/implementing the standard or supporting
information
 Example : ISO 14001:2015 provides requirements of the
Environment Management standard while 14004 includes
general guidelines for its implementation
 Similarly 9000:2015 describes Fundamentals &
vocabulary for Quality Management standard

12
 ISO MSS - High-Level Structure

 The High-Level Structure (HLS) - a set of 10 clauses

that all ISO management system standards are required
to use in the future.
 This is so that all management system standards will
have the same look and feel, and will enable greater
integration between systems of different disciplines.

13
 High-Level Structure

Clause 1 - Scope
Clause 2 - Normative references
Clause 3 - Terms and definitions
Clause 4 - Context of the organization
Clause 5 - Leadership
Clause 6 - Planning
Clause 7 - Support
Clause 8 - Operation
Clause 9 - Performance evaluation
Clause 10 - Improvement

14
 High-Level Structure
Clause 1 – Scope
 This International Standard specifies requirements for a -----------
management system that/when an organization ……..

9001:2015 –

 This International Standard specifies requirements for a quality

management system when an organization:
a) needs to demonstrate its ability to consistently provide products
and services that meet customer and applicable statutory &
regulatory requirements, and
b) aims to enhance customer satisfaction through effective
application of the system, including processes for improvement of
the system and the assurance of conformity to customer and
applicable statutory and regulatory requirements.
15
 High-Level Structure
Clause 1 – Scope
14001:2015 –

 This International Standard specifies requirements for an

environmental management system that an organization can use to
enhance its environmental performance. This international standard
is intended for an organization seeking to manage its environmental
responsibilities in a systematic manner that contributes to the
environmental pillar of sustainability.
 This standard helps an organization achieve the intended outcomes
of its EMS, which provide value for the environment, the
organization itself and interested parties.

16
 High-Level Structure
Clause 1 – Scope
45001:2018 –

 This International Standard specifies requirements for an

Occupational Health & Safety (OH&S) management system, and
gives guidance for its use, to enable organizations to provide safe &
healthy workplaces by preventing work-related injury and ill-health,
as well as proactively improving on its OH&S performance.

17
 High-Level Structure
Clause 4 – Context of the organization
 ISO want you to determine the issues that influence your
organization - factors which influence the organization's purpose,
objectives and sustainability - be they internal or external

 External issues will include such things as legal, technological, or

cultural, and may be international, national, or local

 Internal will include things like values, culture, and knowledge

 The needs of interested parties are also to be understood (interested

parties are those that pose significant risk to organizational
sustainability if their needs & expectations not met)

 Processes, along with their inputs and outputs are to be identified,

and documented information will be required as appropriate

18
 High-Level Structure
Clause 5 – Leadership
 Top management have to demonstrate leadership

 To do this they need to establish policies and ensure responsibilities

and authorities are communicated and understood

 Management also have to promote the discipline across the

organization, whether it is quality, environment, or OHS

19
 High-Level Structure
Clause 6 – Planning
 Organizations need to use a risk-based approach to address threats
and opportunities, and to ensure the management system actually
does what it is required to do – that it can prevent or reduce
undesired affects and achieve improvement

 Objectives and plans need to be developed to meet these objectives;

these need to be cascaded through the organization and include
responsibilities and timeframes

 Additionally, changes need to be planned and the potential

consequences (positive or negative) of any change needs to be
known

20
 High-Level Structure
Clause 7 – Support
 Resources need to be provided to support the management system,
including providing competent people, appropriately maintained
infrastructure and environment, and monitoring and measuring
equipment and its calibration

 Additionally, the knowledge necessary for the discipline is to be

determined, maintained, and made available

 Documented information - the organization determines what

documentation is necessary and the most appropriate medium for
that documentation

21
 High-Level Structure
Clause 8 – Operation
 Emphasis on organizations determining the processes required for
their operations, along with appropriate acceptance criteria and
contingency plans e.g. non-conformances, incidents and emergency
preparedness

 Change management and control of external providers (such as

contractors, outsourced processes, procurement etc.)

22
 High-Level Structure

Clause 9 – Performance Evaluation

 The organization decides what needs to be monitored, methods to
use, when to monitor/analyze/evaluate

 Means of performance evaluation :

• Evaluation of Compliance (Legal and other)

• Monitoring of Customer Satisfaction,
• Internal Audits
• Management Review

23
 High-Level Structure
Clause 10 – Improvement
 Organizations are required to react appropriately to non-
conformities and incidents, and take action to control, correct, deal
with consequences, and eliminate the cause so that it does not recur
or occur elsewhere.

[No more ‘Preventive action’ – it is replaced by the risk based process

approach and actions to address risks. The integrated management
system itself is expected to act as a preventive tool.]

 The organization is also required to improve the suitability,

adequacy, and effectiveness of the management system.

24
 IMS
The process approach, Risk‐based thinking and PDCA
 A process – set of interrelated or interacting activities
that use inputs to deliver an intended result
 In the simplest terms, Risk indicates the effect of
uncertainty. Risks that may have an impact on
objectives & results must be addressed by the
management system .
 PDCA operates as a cycle of continual improvement,
with risk-based thinking at each stage

25
 Risk‐based thinking
Risk‐based thinking throughout the process approach to:
– decide how risk (positive or negative) is addressed in
establishing the processes, to improve process outputs
and prevent undesirable results (deviations from
planned results)
– define the extent of process planning and controls
needed (based on risk)
– maintain and manage a system that inherently addresses
risk and meets objectives

26
 PDCA
PDCA stands for:
Plan: set the objectives of the system and processes to deliver
results (“What to do” and “how to do it”)
Do: implement and control what was planned
Check: monitor and measure processes and results against
policies, objectives and requirements and report
results
Act: take actions to improve the performance of processes
‘PDCA can be applied to all process and to the
management system as a whole’

27
 Key terms often used in IMS
 Policy - intentions and direction of an organization as
formally expressed by its top management
 Consistency in meeting requirements
 Customer focus / satisfaction
 Documentation – maintained & retained
ISO 9001:2015 clause 4.4 - Quality management systems and its
processes requires an organization to “maintain documented
information to the extent necessary to support the operation of
processes and retain documented information to the extent
necessary to have confidence that the processes are being carried
out as planned.”
28
 Key terms often used in IMS
 Conformance – to own requirements of the management
system & of the international standards
 Non-conformity – non-fulfillment of a requirement
- based on evidence during the audit
If there is evidence, it must be documented as NC (instead
of being softened with other classifications like observation,
opportunity for improvement, recommendation, etc.)

In the longer term, neither the organization, its customers, nor the
other stakeholders benefit by the use of softer classifications, as this
risks the nonconformity being given a lower priority for corrective
action.
29
 Key terms often used in IMS
 Audits : systematic, independent and documented
process for obtaining evidence and evaluating it
objectively to determine the extent to which specified
requirements are fulfilled. Audit findings are used to
assess the effectiveness of the management system and to
identify the areas for improvement.
 Applicable factors – frequency, methods, criteria, scope,
objectivity, impartiality, audit results, management
reporting, corrections & corrective actions without undue
delays (guidance from ISO 19011)

30
 Key terms often used in IMS
 Audits :
1st party audit - Audits conducted by the organization itself
(Internal audit)
2nd party audit - Audits conducted by customers of the
organization or by regulatory authority
or by other persons on behalf of the
customer or regulatory authority
3rd party audit - Audits conducted by external
independent organizations
(e.g. Certification audit)

31
 Key terms often used in IMS
 Management Review :
– at planned intervals, to ensure continuing suitability,
adequacy, effectiveness & alignment with the strategic
direction of the organization
– Inputs include – status of actions from earlier
reviews, feedback from customers & interested
parties, process performance, effectives of actions
taken to address risks & opportunities,
nonconformities & corrective actions, audit results,
performance of external parties
– Output – opportunities for improvements, need for
any changes to IMS, resource provisions
32
 Key terms often used in IMS
 Certification – through third party audits
An organization becomes certified on the basis that it has
effectively implemented a management system that
conforms to the requirements of relevant standards
Although ISO does not perform certification, it develops
standards that are used by independent certification
bodies, giving credibility to the service they offer and the
certificate they award

33
 Certification
For an organization, the certification to IMS is expected to
provide confidence that the organization has a management
system that conforms to the applicable requirements of the
international standards.
Criteria for becoming a certified organization is that it has
established a relevant management system that :-
 analyzes and understands customer needs and expectations
 ensures that product and service characteristics have been
specified in order to meet customer and applicable
statutory and regulatory requirements

34
 Certification
Continued :-
management system -
 has determined and is managing the processes needed to
achieve the expected outcomes
 ensures that product and service characteristics have been
specified in order to meet customer and applicable
statutory and regulatory requirements

35
 Credits and references

www.iso.org

www.bis.gov.in

Various Certification bodies

36
Thank you
Thank you