This is the story of Astrid who was asked by the management team at Starship Enterprises Ltd if she would like to conduct internal audits, as the company is looking to acquire the ISO 9001:2015 quality management certificate.
Astrid was quite interested but was unsure of what was involved so she asked about whether there would be any training. She was then given the freedom and budget to go and find a suitable training course. After some desktop research she discovered that a 1-day Foundation course followed by a 2-day Internal Auditor course was the recommended route.
She also discovered that CQI IRCA certified courses carried more weight and credibility, so she chose Batalas Ltd as they also had several good testimonials. The course went well, and she began to conduct internal audits quite successfully and was surprised to discover how much she enjoyed the process; preparing checklists, chatting to colleagues, learning more about other company processes and assessing how the company activities compared to the Standard.
After about 6 months, the management team called her in for a meeting to say how delighted they were with the results that were coming in and were ready for their external audit. They mentioned that they were now considering gaining certification to ISO 14001 environmental management; Astrid was very interested in this as she had become concerned about the climate emergency. They were also considering ISO 27001 information security management certification since the recent release of GDPR.
They had a meeting and drew up a 4-year plan which included the launch of a phased certification programme of the 2 new ISO Standards – they appointed Astrid to lead the programme. She was sent on ISO 14001 and ISO 27001 foundation courses to give her the basic knowledge.
When she returned to the office to consolidate on her learning, she really appreciated the similarities between the three Standards as they are all structured in the same way. This prompted her to attend an Integrated Management System auditing course; enabling her to design an integrated audit programme, where for some elements she could combine the discussions with the various members of staff. That would save three separate visits to each area!
An integrated management system is where some documented info is combined to include different aspects of a company’s requirements; this means staff can access documents with multiple purposes in one place.
An integrated management system audit is where an auditor can cover some elements of more than one ISO Management System Standard in one audit session. Although the audit takes longer to prepare and longer to carry out, it should still be less than having separate audits to each area. Other advantages are that conversations about different elements can be brought together in one discussion and issues that potentially cross over multiple standards can be dealt with in one hit.
If like Astrid, you would like to manage an Integrated Management System, take a look at our training course…
