I thought we’d take a step back in time, to explain how Blackmores began. Not by implementing ISO Standards, but by offering support to a company that was already certified to ISO 9001 – my employer at the time. I share my journey as a working mum juggling two children and my role as a Quality Manager, which triggered my Eureka moment resulting in the launch of Blackmores in 2006.
In the podcast, I explain about the some of the pain points that many organisations suffer with ISO Standards, and how the ISO Support Plan service alleviates these issues. Some of the issues facing businesses include :-
- Internal auditors not being comfortable about auditing their peers.
- Internal auditors not being particularly objective or impartial when auditing their boss!
- Fed up with paying for training for a high turnover of internal auditors
- Managers not having time to update processes
- Managers not aware of their legal, regulatory or ISO Standards requirements
- Not updating key information i.e. Risk Register, BCP’s, environmental/energy metrics
- Not reviewing key information i.e. Objectives, Environmental/H & S/Data Security trends
If you find you’re juggling too many balls, and the ISO ball drops every now and then, our podcast explains the solution to keeping your balls flying high! For further information check out our ISO Support Plan page.
To help out the ISO Show:
- Share the ISO Show on twitter or Linkedin
- Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and I read each one.
- Also available on Spotify
I was delighted to be joined by one of our ISO Support Plan clients, Optimum on the ISO show this week. Optimum is part of Totally Group Plc and an important player in the healthcare sector in the UK.
Huge volumes of sensitive data are processed in the healthcare sector. As Information Governance Lead and a qualified Physiotherapist at Optimum, David Angove explains about keeping one step ahead in his role in relation to information security.
David described how Optimum’s ISMS should be like a well-fitted suit rather than a straight-jacket. This all stems from the robust Risk Assessment which considers all risks to your business, including managing the integrity of data. The ISMS helped to put a continual improvement plan in place to mitigate risk. He explains about preventing access to private information through documenting controls and applying them to all 20 Optimum clinics. Examples include physical security controls i.e. locking screens to protect patient data. Other controls relating to personnel security include having a starters and leavers process to ensure access rights are granted correctly, and that access rights are revoked when an employee leaves the organisation.
ISO 27001 also helped with preparation for GDPR compliance, particularly with investigating all aspects of where and how data is stored within the company. When I asked what top tips he’d give to a company looking to implement ISO 27001 David recommended getting assistance from a consultancy such as Blackmores (we hadn’t paid him to say that, I promise!), including support with the assessment, as the consultant will ‘know the standards inside-out’.
David also recommends a gripping read, ‘Ghost in the wire’s: My adventures as the words most wanted hacker’ by author Kevin Mitnik which covers how he hacked into some of the country’s most powerful – and seemingly impenetrable – agencies and companies using social engineering and other methods. This acts as a good reminder about the value of Penetration Testing, to test how good the security of your business is and to understand that everyone is aware of your systems.
He mentioned that you can have the fanciest encryption systems and the best passwords, but if the people answering the phones or processing data aren’t aware of them, then its only as good as the weakest link.
And for services in this area – check out – ISO Steps to success, or if your ISMS is like a straight-jacket rather than a well-fitted suit, our ISO support Plan will help you into an Armani equivalent ISMS for your business.
To help out the ISO Show:
- Share the ISO Show on twitter or Linkedin
- Leave an honest review on iTunes or Soundcloudh. Your ratings and reviews really help and I read each one.
- Subscribe on iTunes.
Special thanks to David Angove from Optimum for joining me this week. Until next time!
So in the latest budget announcement last week, in addition to the headline grabbing ‘Sugar levy’, George Osbourne also announced changes concerning business energy taxes and reporting:
- The Carbon Reduction Commitment (CRC) scheme will be abolished following the 2018/19 compliance year. In parallel there will be an increase in the Climate Change Levy (CCL) ensuring the change is a fiscally-neutral reform for the Government.
- Organisations will report under the CRC for the last time by the end of July 2019, with a surrender of allowances for emissions from energy supplied in the 2018-19 compliance year by the end of October 2019.
- The full Government’s consultation response on this review was published alongside the budget. It announces a plan to rebalance CCL rates for gas and electricity. From April 2019, it will move to a ratio of 2.5:1 (electricity: gas), compared to the current 2.9:1 ratio. In the longer term, the government intends to move to a ratio of 1:1 (electricity: gas) by 2025, suggesting this will more strongly incentivise reductions in the use of gas, in support of the UK’s climate change targets.
- Importantly for Energy Intensive businesses, the existing Climate Change Agreement (CCA) scheme eligibility criteria will remain in place until at least 2023. The CCL discount for electricity will increase from 90% to 93%, and the discount for gas will increase from 65% to 78% from 1 April 2019.
- The budget confirmed plans to consult in summer 2016 on a simplified energy and carbon reporting framework for introduction by April 2019. It will propose mandatory annual reporting for the organisations within its scope, with board or senior level sign-off and some public disclosure of data. The consultation will cover issues such as the range and size of organisations to be covered and will make proposals about the amount and type of information to be collected and disclosed, data collection timetables and how information is reported.
- Due to the continued low price of the EU Emissions Trading System (EU ETS), the government is maintaining the cap on Carbon Price Support (CPS) rates at £18 t/CO2, uprating this with inflation in 2020-21, in order to continue protecting businesses.
The full response to the consultation can be found here: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/508159/reforming_business_energy_efficiency_tax_response_final.pdf
Our 7 Steps to Success
The Blackmores ISO Roadmap is a proven path to go from idea to launching your ISO Management System.
Whether you choose to work with one of our isologist consultants or work your own way through the process on our isology Hub, we’re certain you’ll achieve certification in no time!
What our clients have to say
The support and advise I get from our assigned auditors is immense. Forward planning for the following year is great and they are flexible and always willing to help.
“Blackmores have assisted us almost since the start of our adoption of the ISO 9001 quality standard. Their input has improved our processes since the start, and enabled our goal of continuous improvement to be achieved. The people are also extremely easy to get on with, and they really understand our business, giving us a great deal of confidence in their advice.”
“Blackmores are the perfect bridge between working on your ISO as an individual or company, to being audited each year. We find that any queries we have are covered and we feel sure that we have everything as needs be before going into an external audit.”
“We have been extremely impressed with the service and support provided by Blackmores. There knowledge and assistance through out our ISO journey has been amazing!”
“Blackmores have really kept us on our toes with the broad scope and level of detail they apply to our internal audit schedule. They always stay abreast of ISO standard changes and help us to adapt our processes and documents to embrace these changes accordingly. Having Blackmores shadow our external audits provides invaluable confidence and peace of mind – would highly recommend their services!”
“Our ISO 27001 certification project has gone so well, that there was no doubt in who we were going to ask to help us with our aspirations of becoming ISO 14001 certified. It’s been an absolute pleasure working with Blackmores, and we are really looking forward to working with them for the foreseeable future.”
Trusted by leading organisations across all sectors, we support companies of all sizes in any location.
Listen to our Podcast
Welcome to the ISO Show podcast, dispelling myths and sharing tips for success to improve your business with ISO Standards. Join us to hear interviews with successful business leaders as they share their ISO journey with you.
Get top tips via audio master classes “ISO Steps to Success” on the most popular ISO Standards.