Blackmores ISO Consultancy Service: The creators of isology®

isology® is a world-leading proven step by step roadmap. Work with our ISO consultants to achieve your certification.

Our ISO consultants have worked with over 600 organisations with a 100% success rate. We take you from the planning and creation of your bespoke ISO System though to certification with our 7 step ISO Consultancy process.

AI has been integrated into almost every aspect of our lives, from everyday software we use at work, to the algorithms that determine what content is recommended to us at home.

While extraordinary in its capabilities, it isn’t infallible and will open up everyone to new and emerging risks. Legislation and regulations are finally catching up to the rapid adoption of this technology, such as the EU AI Act and new Best Practice Standards such as ISO 42001.

For those looking to integrate AI in a safe and ethical manner, ISO 42001 may be the answer.

Today Rachel Churchman, Technical Director at Blackmores, explains what ISO 42001 is, why you should conduct an ISO 42001 Gap analysis and what’s involved with taking the first step towards ISO 42001 Implementation.  

You’ll learn

  • What is ISO 42001?
  • What are the key principles of ISO 42001?
  • Why is ISO 42001 Important for companies either using or developing AI?
  • Why conduct an ISO 42001 Gap Analysis?
  • What should you be looking at in an ISO 42001 Gap Analysis?

Resources

In this episode, we talk about:

[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.

[02:05] Episode summary: Rachel Churchman joins Steph to discuss what ISO 42001 is, it’s key principles and the importance of implementing ISO 42001 regardless of if you’re developing AI or simply just utilising it.

Rachel will also explain the first step towards implementation – an ISO 42001 Gap Analysis.

[02:45] Upcoming ISO 42001 Workshop– We have an upcoming ISO 42001 workshop where you can learn how to complete an AI System Impact Assessment, which is a key tool to help you effectively assess the potential risks and benefits of utilising AI.

Rachel Churchman, our Technical Director, will be hosting that workshop on the 5th December at 2pm GMT, but places are limited so make sure you register your place sooner rather than later!

[03:20] The impact of AI – AI is everywhere, and has largely outpaced any sort of regulation or legislation up until very recently. These are both needed as AI is like any other technology, and will bring it’s own risks, which is why a best practice Standard for AI Management has been created.

If you’d like a more in-depth breakdown of ISO 42001, check out our previous episodes: 166 & 173

[04:30] A brief summary of ISO 42001 – ISO 42001 is an Internationally recognised Standard for developing an Artificial Intelligence Management System.  It provides a comprehensive framework for organisations to establish, implement, maintain, and continually improve how they implement and develop or consume AI in their business. It aims to ensure that AI risks are understood and mitigated and that AI systems are developed or deployed in an ethical, secure, and transparent manner, taking a fully risk-based approach to responsible use of AI.

Much like other ISO Standards, it follows the High-Level Structure and therefore can be integrated with existing ISO Management systems as many of the core requirements are very similar in nature. 

[05:45] Why is ISO 42001 important for companies both developing and using AI? – AI is now becoming commonplace in our world, and has been for some time.  A good example is the use or Alexa or Siri – both of these are Large Language AI Models that we all use routinely in our lives.  But AI is now being introduced in many technologies that we consume in our working lives – all designed to help make us more efficient and effective.  Some examples being:

  • Microsoft 365 Copilot
  • GitHub Copilot
  • Google Workspace
  • Adobe Photoshop
  • Search Engines i.e. Google

Organisations need to be aware of where they’re consuming AI in their business as it may have crept in without them being fully aware.  Awareness and governance of AI is crucial for several reasons: 

For companies using AI they need to ensure they have assessed the potential risks of the AI such as unintended consequences and negative societal impacts, or potential commercial data leakage.  They also need to ensure that if they are using AI to support decision making, that they have ensured that decisions made or supported by AI systems are fair and unbiased.   It’s not all about risk – organisations can also use AI to streamlining processes helping to become more efficient and effective, or it could support innovation in ways previously not considered.

For companies developing AI, the standard promotes the ethical development and deployment of AI systems, ensuring they are fair, transparent, and accountable.  It provides a structured approach to risk assessment and governance associated with AI, such as bias, data privacy breaches, and security vulnerabilities.

And for all, using ISO 42001 as the best practice framework, organisations can ensure that their AI initiatives are aligned with ethical principles, legal requirements, and industry best practices. This will ultimately lead to more trustworthy, reliable, and beneficial AI systems for all.

[10:00] Clause 7.4 Communication – The organisation shall determine the internal and external communications relevant to the system, and that includes what should be communicated when and to who.

[09:00] What are the key principles outlined in ISO 42001? –

  • Fairness and Non-Discrimination – ensuring AI systems treat all individuals and groups fairly and without bias.
  • Transparency and Explainability – Making AI systems understandable and accountable by providing clear explanations of their decision-making processes.
  • Privacy and Security – Protecting personal data and privacy while ensuring the security of AI systems.
  • Safety and Security – Prioritising the safety and well-being of individuals and the environment by mitigating potential risks associated with AI systems.
  • Environmental & Social – Considering the impact of AI on the environment and society, promoting sustainable and responsible practices.
  • Accountability and Human Oversight – Maintaining human control and responsibility for AI systems, ensuring they operate within ethical and legal boundaries.  You’ll often hear the term ‘Human in the loop’.  This is vital to ensure that AI is sanity checked by a human to ensure it hasn’t hallucinated or result ‘drifted’ in any way.

[11:10] Why conduct an ISO 42001 Gap Analysis? What is the main aim? – Any gap analysis is a strategic planning activity to help you understand where you are, where you want to be and how you’re going to get there.  The ISO 42001 gap analysis will identify gaps and pinpoint areas where your AI practices need to meet the ISO 42001 requirements. 

It aims to conduct a systematic review of how your organisation uses or develops AI to then assess your current AI management practices against the requirements of the ISO 42001 standard. This analysis will then help you to identify any “gaps” where your current practices do not fully meet the standard’s requirements.  It also helps organisations to understand ‘what good looks like’ in terms of responsible use of AI.  

It will help you to prioritise improvement areas that may require immediate attention, and those that can be addressed in a phased approach.

It will help you to understand and mitigate the risks associated with AI. 

It will also help you to develop a roadmap for compliance to include plans with clear actions identified that can then be project managed through to completion, and as with all ISO standards it will support and enhance AI Governance.

[13:15] Does an ISO 42001 gap analysis differ from gap analysis for other standards? – Ultimately, no. The ISO 42001 gap analysis doesn’t differ massively from other ISO standard gap analysis, so anyone who already has an ISO Standard and has been through the gap analysis process will be familiar with it.

In terms of likeness, ISO 42001 is similar in nature to ISO 27001 in as much as there is a supporting ‘Annex’ of controls and objectives that need to be considered by the organisation.  Therefore the questions being asked will extend beyond the standard High Level Structure format.

Now is probably a good time to note that the Standard itself is very informative and includes additional annex guidance information to include

  • implementation guidance for the specific AI controls,
  • an Annex for potential AI-related organisational objectives and risk sources,
  • and an Annex that provides guidance on use of the AI management system across domains and sectors and integration with other management system standards. 

[14:55] What should people be looking at in an ISO 42001 gap analysis? – The Gap Analysis will include areas such as looking at the ‘Context’ of your organisation to better understand what it is that you do, or the issues you are facing internally and externally in relation to AI – both now and in the reasonably foreseeable future, and also how you currently engage with AI in your business.  This will help to identify your role in terms of AI. 

It will also look at all the main areas typically captured within any ISO standard to include leadership and governance, policy, roles and responsibilities, AI Risks and your approach to risk assessment and treatment and AI system impact assessments.  It also looks at AI objectives, the support resources you have in place to manage requirements, awareness within your business for AI best practice and use, through to KPI’s, internal audit, management review and how you manage and track issues through to completion in your business.

The AI specific controls look more in-depth at Policies related to AI, your internal organisation in relation to key roles & responsibilities and reporting of concerns, The resources for AI Systems, how you assess the impacts of AI Systems, The AI system lifecycle (AI Development), Data for AI Systems, Information provided to interested parties of AI Systems, and the use of AI Systems and 3rd party and customer relationships.

[18:10] Who should be involved in an ISO 42001 Gap analysis? – An ISO 42001 gap analysis looks at AI from a number of different angles to include organisational governance that includes strategic plans, policies and risk management, through to training and awareness of AI for all staff, through to technical knowledge of how and where AI is either used or potentially developed within the organisation.  This means that it is likely that there will need to be multiple roles involved over the duration of a gap Analysis.

At Blackmores we always provide a Gap Analysis ‘Agenda’ that clearly defines what will be covered over the duration of the gap analysis, and who typically could be involved in the different sessions.  We find this is the best way to help organisations plan the support needed to answer all the questions required. 

It’s also important to treat the gap analysis as a ‘drains up’ review, to help get the  most benefit out of the gap analysis.  This will ensure that all gaps are identified so that a plan can then be devised to support the organisation to bridge these gaps, putting them on the path to AI best practice for their business.

If you’d find out more about ISO 42001 implementation, register for our upcoming Workshop on the 5th December 2024.

If you’d like to book a demo for the isologyhub, simply contact us and we’d be happy to give you a tour.

We’d love to hear your views and comments about the ISO Show, here’s how:

  • Share the ISO Show on Twitter or Linkedin
  • Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

There’s no escaping it, AI is here to stay. Over the course of 2023 we’ve seen more general and public use of popular AI tools such as ChatGPT and Gemini (previously Google Bard).

It’s now even being integrated into everyday applications such as Microsoft Word and Teams. There is no doubt that there are a lot of benefits to using AI, however, with new technology comes new risks.

So how do we address the growing concerns around AI development and use? That’s where the new Standard for AI Management Systems, ISO 42001 comes in!

Join Mel this week as she explains exactly what ISO 42001 is, who it’s applicable to, why it was created and how ISO 42001 can help businesses manage AI risks.

You’ll learn

  • What ISO 42001 AI Management Systems is
  • Who it’s applicable to
  • Why it was created
  • How ISO 42001 can help businesses manage AI risks

Resources

In this episode, we talk about:

[00:30] Join the isologyhub – To get access to a suite of ISO related tools, training and templates. Simply head on over to isologyhub.com to either sign-up or book a demo.

[02:05] Episode summary: Today we’re touching on a very topical subject – AI, and more specifically the brand new AI Management System Standard – IS0 42001. We’ll also be exploring who it’s applicable to, why it was created and how it can help businesses manage AI risks.

[03:30] What is AI? – AI – otherwise known as Artificial intelligence, as it’s most simplest description is the science of making machines think like humans.

We’ve seen a lot of AI tools be released to the public over the last year or so, tools such as ChatGPT and Google Bard. It’s already being integrated with some of the most commonly used apps and programs like Microsoft word and Teams.

In short, AI integration is here to stay, so we may as well get to grips with it and make sure we’re using it responsibly.

[05:10] What is ISO 42001? – , ISO 42001 is the first International Standard for Artificial Intelligence Management Systems, designed to help organisations implement, maintain, and improve AI management practices.

It was jointly published in December 2023 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

The emphasis of ISO 42001 is on integrating an AI Management System with an organisations existing management system – i.e. ISO 9001 or ISO 27001 compliant management systems.

Interestingly, a lot of the specific mentions of Artificial Intelligence and Machine Learning are within the Annexes rather than the body of the Standard. The Standard itself is very similar to ISO 27001 in that it’s mostly about what organisations should be doing to manage computer systems regardless of any AI components.

[08:00] The 4 Annexes of ISO 42001:

Annex A: This acts as a Management guide for AI system development, with a focus on trustworthiness.

Annex B: This provides implementation guidance for AI controls, with specific measures for Artificial intelligence and Machine Learning – if you’d like to learn more about the difference between the two, go back and listen to episode 135.

Annex C: Which addresses AI-related organisational objectives and risk sources.

Annex D: This one is about the domains and sectors in which an AI system may be used. It also addresses certification, and we’re pleased to see that it actively encourages the use of third-party conformity assessment. This just ensures that your AI claims have more validity.

[09:15] Who is ISO 42001 applicable to? – Those annex descriptions may have you assuming that this Standard is only applicable to organisations developing AI technology but in actuality it’s applicable to any organisation who is involved in developing, deploying OR Using AI systems.

So if you’re a company who is only utilising AI in your day to day activities, it’s still very much applicable to you!

[10:20] Join the isologyhub and get access to limitless ISO resources  – From as little as £99 a month, you can have unlimited access to hundreds of online training courses and achieve certification for completion of courses along the way, which will take you from learner to practitioner to leader in no time. Simply head on over to the isologyhub to sign-up or book a demo.

[12:25] Why was ISO 42001 created?:

  • To address the unprecedented rapid growth of AI and all the risks that come with this new technology.
  • To ensure that AI development and use are trustworthy and above all, ethical.
  • The public are also reasonably wary of this new technology, so ISO 42001 aims to help build more public trust and confidence in the future use of AI .
  • ISO 42001 acts as guidance for organisations on exactly how to integrate AI Management controls with their existing systems.

[14:05] AI risks you should be aware of – This isn’t an exhaustive list, as the technology develops, more risks will become known. However, as of the start of 2024, you should be aware of:

Inaccurate information – Many of the chat bots and public AI tools are trained on publicly available information, and as we all know, not everything on the internet is true. So the output from these chat bots will need to be checked and verified by a person before being used or published.

AI bias – Studies have proven that AI results can still be bias. As all the data fed into it is all based on existing information, it still presents the issue of a lack of information from underrepresented groups, or existing bias based on existing data.

Time sensitivity – Not all AI use live data sets. Google Bard does, however Chat GPT is only accurate up until 2021. So double check whichever tool you’re using to make sure the information it produces is up-to-date.

Plagiarism – Data gathered using AI came from somewhere! If you simply copy and paste information provided by AI platforms, there’s a chance you may be plagiarising existing content. Be sure to just use AI as a starting point!

Security risks – Use of AI can expose you to additional security risks, For example, malicious actors could send someone an email with a hidden prompt injection in it. If the receiver happened to use an AI virtual assistant, the attacker might be able to manipulate it into sending the attacker personal information from the victim’s emails.

Data Poisoning – AI uses large data sets to train its models, and we currently rely on these data sets being relatively accurate. However, researchers have found that it’s possible to poison data sets – so in future, AI may not be very reliable if preventative measures aren’t put in place by AI developers.

[17:45] How can ISO 42001 help business manage these risks? – Above all, it provides a structured approach to identify, assess, and mitigate AI risks. ISO 42001 includes the guidance needed to put this in place from the start to ensure you don’t fall prey to the risks mentioned, with a view to monitor and update to address new risks in future.

It promotes transparency and accountability throughout the AI life cycle.

It helps ensure fairness, non-discrimination, and respect for human rights in AI development and deployment.

It will help minimise potential legal and ethical liabilities associated with AI. The UK’s current GDPR and Data Protection Act can loosely cover aspects of AI, depending on how the terminology is applied, but there are already dedicated AI based regulations being developed within the EU which will likely be adopted by the UK. 

It can foster innovation and accelerate adoption of responsible AI practices.

And lastly, it provides a common language and framework for collaboration on AI projects.

[21:35] Don’t miss out on our ISO 42001 webinar – We’re partnering with PJR to bring you a 2-part webinar series on ISO 42001. Catch the first part on the 5th March 2024 at 3pm GMT, register your interest here.

If you’d like to book a demo for the isologyhub, simply contact us and we’d be happy to give you a tour.

We’d love to hear your views and comments about the ISO Show, here’s how:

  • Share the ISO Show on Twitter or Linkedin
  • Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

The use of AI within business is starting to become more common place. With major applications like Microsoft Teams and Word integrating many new features designed to make our lives easier.

However, we still need to exercise caution with this new technology and consider what we can put in place to mitigate any potential security risks while developing or utilizing it. Which is precisely what today’s guest, Monolith, has done.

Monolith provide a machine learning program that engineers can adopt to build highly accurate self-learning AI models that instantly predict the performance of systems in a wide variety of operating conditions.

In this weeks’ episode Mel is joined by Æsc George, Senior Software Engineer at Monolith, to discuss why they have adopted ISO 27001, explain their implementation journey and the benefits of having an Information Security Management System. 

You’ll learn

  • Who are Monolith?
  • What was their main driver behind obtaining ISO 27001?
  • What was the biggest Gap identified in the initial Gap Analysis?
  • What benefits did Monolith gain from implementing ISO 27001?

Resources

In this episode, we talk about:

[00:25] An introduction to Monolith and Æsc George – Monolith is all about empowering engineers to develop self-learning models from their engineering test data. With this they can develop machine learning models to really accelerate new product introductions and get these new products to market much more quickly, primarily by using these models to accelerate and streamline their testing.

They are currently recommended for ISO 27001 certification, and are eagerly awaiting the arrival of their physical certificate.

Æsc George is a Senior Software Engineer of this web browser based software. He is also the interim security officer, which is why he was tasked with obtaining ISO 27001.

Fun fact about Æsc: He was a proud owner of a colony of 8 rats! He currently takes care of 4 cats, which have access to a plethora of enrichment in his home 😊

[03:35] What was the main driver for Monolith to obtain ISO 27001? – There were a few drivers, the most obvious being that they want to display their commitment and credibility when it comes to Information Security.

Acquiring ISO 27001 makes it easier to show their clients and prospects that their engineering data is in safe hands.

Monolith also know that there’s a lot of buzz about artificial intelligence and machine learning at the moment, and that buzz covers both sides of the coin. What good it can do for the world and the harms it can do, so aligning with ISO 27001 shows that they’re trying to use AI in a responsible way.

[05:10] The start-up is getting a head start! – Monolith is a start-up company, only a year in and already leading the way for AI development by ensuring security is a priority from the start.

[05:40] How long did it take to implement ISO 27001? Nine months from the point of contacting Blackmores to assist to being recommended for certification.

Æsc recounts his experience: “My perception is that the effort was quite front loaded, so the amount of effort involved in the process almost wound down towards the end – even with the external audit happening towards the end.

I think once the information security management had been established and we’d worked it into our day-to-day, the perceived effort was lower. So I felt pretty confident going through our audit processes because I’ve experienced the system working already.”

[08:15] What was the biggest gap identified at the Gap Analysis?: There wasn’t a formal approach to information security risk and risk treatment.

There were already a number of existing systems and ad-hoc arrangements to mitigate information security risks – but they had been framed in terms of risk.

They hadn’t gone through a process where risks were quantified and weighed against each other.

So following the gap analysis, one of the many actions Monolith took was to make sure they were consistently and regularly assessing information security risk in various dimensions.

They now have the right framework in place to allocate the appropriate time and resources towards information security, and to prioritise the biggest risks.

[10:10] What difference has Implementing ISO 27001 made? –  It’s given Monolith more confidence in their understanding of Information Security risks, and assurance that there aren’t any massive, unidentified risks that may cause trouble later down the line.

It’s also made it easier to discuss information security risk and policy decisions. Monolith AI are a remote first company, allowing their staff the freedom to experiment with new technologies, and be in an environment where they feel comfortable. Having formal risk treatment in place means they can maintain this highly flexible, highly innovative and productive way of working – but with their eyes wide open.

[11:40] What has Æsc learned from the experience of Implementing ISO 27001? Æsc is not new to ISO Management Systems, having been involved with the maintenance and implementation of a few in the past.

However, he has gained an appreciation for the nuance in ISO 27001. For example, the knowledge that the standard uses words like ‘should’ and ‘shall’ that have particular intentions – ‘shall’ being mandatory and ‘should’ being recommended.

His previous experiences with Management systems had more available resource than at Monolith, so learning this nuance has been important in the prioritization of focus and resources in his current position.

[13:30] What have been the main benefits from Implementing ISO 27001? Having a holistic and formal approach to Information Security and risk management compared to the ad-hoc approach they had prior.

It’s brought the company together on a really important issue, and helped everyone to understand the role they play in Information Security.

Personally, Æsc has enjoyed reaching out to people he may not ordinarily get the chance to work with, as a result of this unifying issue that everyone at Monolith cares about. 

[17:00] Once Monolith formally receive their ISO 27001 certificate, what benefits will that bring? – Currently Monolith AI are recommended for Certification, and are simply waiting on the delivery of their physical certificate.

Once received, they will be able to present it to prospects and clients if they are questioned on information security credentials – to show that they are serious about their commitment to security.

It will also open doors to new prospects that may bother considering them as a supplier due to the lack of ISO 27001 certification.

They are also a leading example in the relatively new industry of AI, those with ISO 27001 certification at this stage stand out from other competitors.

[19:15] What tips does Æsc have for those starting out on their ISO jorney? –  Speaking from experience, Æsc recommends hiring a specialist in ISO to assist with your implementation.

In his case, Blackmores helped to organise the process, drive a lot of the early gap analysis and gave him confidence in going through internal and external audits.

Having someone with experience acting as a guiding hand makes the whole process go a lot more smoothly. This could be a consultant, or someone you train within your own business.

These projects are the sort of thing that turn passion into action. Whether that’s information security or environmental management ect, it’s better to have someone experienced or trained in the nuances of the Standard to ensure it’s implemented in a way that truly benefits your business.

 [21:20] Æsc’s book recommendation –  Nature’s Calendar: The British Year in 72 Seasons by Kiera Chapman, Rowan Jaines, Lulah Ellender and Rebecca Warren. It’s Inspired by a traditional Japanese calendar which divides the year into segments of four to five days, this book guides you through a year of 72 seasons as they manifest in the British Isles.

As Æsc describes: “Lots of the seasons will be very familiar to people who’ve lived in this country their whole life, but they may not have necessarily thought about the context of it.

So I think is really grounding. Time and the way we measure it can seem so arbitrary and abstract sometimes, and measuring minutes and hours is responsible for so much stress and anxiety, so taking a breath, thinking about how nature moves at a different, slower, more deliberate pace, and finding the time to synchronise with that move with nature can be a really rewarding experience”

[24:15] One of Æsc’s favorite quotes –  “I went to the woods because I wished to live deliberately, to front only the essential facts of life, and see if I could not learn what it had to teach, and not, when I came to die, discover that I had not lived” – Henry David Thoreau (from his book ‘Walden’)

[26:10] Need help with your ISO 27001 transition? – We have an ISO 27001 Transition Gameplan available on the isologyhub. This Gameplan provides a step by step guide for you to transition to the latest 2022 Standard.

If you’d like to learn more about Monolith, check out their website.

We’d love to hear your views and comments about the ISO Show, here’s how:

  • Share the ISO Show on Twitter or Linkedin
  • Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episode’s:

Stitcher | Spotify | YouTube | iTunes | Soundcloud |

ISOlogist logo

ISO Consultancy Service

Work with our ISO Consultants
Let Our isologists guide you through your certification.

ISOlogy hub logo

Online Membership

DIY with our isologyhub
Our ISO consultants can still be on hand for support where needed.

About Blackmores ISO Consultants

Our 7 Steps to Success

The Blackmores ISO Roadmap is a proven path to go from idea to launching your ISO Management System.

Whether you choose to work with one of our ISO Consultants, our isologists, or work your own way through the process on our isology Hub, we’re certain you’ll achieve certification in no time!

We have a proven step by step process that our ISO Consultants implement as soon as our working relationship begins. We use our specialist skills and industry knowledge to determine what is already on track and where improvements can be made. We live and breathe ISO standards, we know the standards inside out so you don’t have to.

Our ISO Consultants can help you implement systems for any ISO Standard. See the full list for specialised standards here.

What our clients have to say

Milo Logo

We engaged Blackmores to develop our ISO 9001, 14001, and 45001 management system from scratch. Throughout the creation and development stages of our ISO journey, Anju Punetha demonstrated remarkable patience, knowledge, and understanding as our dedicated consultant.

During our internal audit preparations, Ian Battersby’s meticulous attention to detail and thorough approach ensured we were well-prepared for our external audit, which we passed with flying colours. His guidance during the external audit was invaluable.

Based on our engagement and experience, I highly recommend the entire Blackmores team. If you’re considering pursuing ISO accreditations, Blackmores should be your first choice.

Graeme Adam

Platinum Facilities Logo

The support and advise I get from our assigned auditors is immense. Forward planning for the following year is great and they are flexible and always willing to help.

Kalil Vandi

Photon Lines Logo

“Blackmores have assisted us almost since the start of our adoption of the ISO 9001 quality standard. Their input has improved our processes since the start, and enabled our goal of continuous improvement to be achieved. The people are also extremely easy to get on with, and they really understand our business, giving us a great deal of confidence in their advice.”

David Gibson

Photon Lines Ltd
Jaama Logo

“Blackmores are the perfect bridge between working on your ISO as an individual or company, to being audited each year.  We find that any queries we have are covered and we feel sure that we have everything as needs be before going into an external audit.”

Mandy Welsby

Jaama Ltd
Dome Group logo

“We have been extremely impressed with the service and support provided by Blackmores.  There knowledge and assistance through out our ISO journey has been amazing!”

Philip Hannabuss

Dome Consulting
Kingsley Napley Logo

“Blackmores have really kept us on our toes with the broad scope and level of detail they apply to our internal audit schedule. They always stay abreast of ISO standard changes and help us to adapt our processes and documents to embrace these changes accordingly. Having Blackmores shadow our external audits provides invaluable confidence and peace of mind – would highly recommend their services!”

Phil Geens

Kingsley Napley
DotDigital Logo

“Our ISO 27001 certification project has gone so well, that there was no doubt in who we were going to ask to help us with our aspirations of becoming ISO 14001 certified. It’s been an absolute pleasure working with Blackmores, and we are really looking forward to working with them for the foreseeable future.”

dotdigital

Trusted by leading organisations across all sectors, we support companies of all sizes in any location.

Are you ready to start your ISO journey?

     
ISO Show

Listen to our Podcast

Welcome to the ISO Show podcast, dispelling myths and sharing tips for success to improve your business with ISO Standards. Join us to hear interviews with successful business leaders as they share their ISO journey with you.

Get top tips via audio master classes “ISO Steps to Success” on the most popular ISO Standards.

     

Carbonology logo

Ready to go carbon neutral... And achieve ISO Standards?

Welcome to Carbonology®

The proven method for achieving your carbon goals, aligned with ISO 14064 (carbon verification) and PAS 2060 (carbon neutrality)

Blackmores Carbon Neutral       Blackmores Carbon Footprint