Blackmores ISO Consultancy Service: The creators of isology®

How often have you heard someone say they aspire to be an ISO consultant? Likely not at all! That’s not surprising as it’s quite a niche world to find yourself in, yet despite that, there are still thousands of ISO professionals worldwide.

We’re continuing with our latest mini-series where we introduce members of our team, to explore how they fell into the world of ISO and discuss the common challenges they face while helping clients achieve ISO certification.  

In this episode we introduce Anju Punetha, a QHSE Consultant at Blackmores, to share the journey of how she transitioned from special education in India, to ISO consultancy for international organisations.

You’ll learn

• What is Anju’s role at Blackmores?
• What does Anju enjoy outside of consultancy?
• What path did Anju take to become an ISO Consultant?
• What is the biggest challenge she’s faced when implementing ISO Standards?
• What is Anju’s biggest achievement?

Resources

• Isologyhub
• From Silos to Synergy: The benefits of Implementing an Integrated ISO Management System Webinar registration

In this episode, we talk about:

[02:05] Episode Summary – We introduce Anju Punetha, a QHSE Consultant here at Blackmores, to discuss her journey towards becoming an ISO consultant who specialises in ISO 9001, ISO 14001, ISO 45001, ISO 27001, ISO 20121 and ISO 55001.   

[04:05] What is Anju’s role at Blackmores? Her role primarily involves supporting clients in two key areas: maintaining and continually improving their existing ISO management systems and helping them establish and implement new standards.

As part of that support, she:

• Conduct internal audits
• Reviews and updates management system documentation
• Facilitate management reviews
• Train internal teams and prepare them for certification audits.

When implementing a new ISO standard, she’ll start with a gap analysis – i.e comparing their current practices against the standard’s requirements. Then break down those requirements into simple, easy-to-understand language and create a practical plan to bridge the gaps.

Depending on the standard, she may also facilitate strategic business risk assessments, environmental aspects and impacts assessments, or information security risk assessments.

Additionally, Anju helps clients develop and implement policies and procedures, create legal and compliance registers, and verify their readiness for certification body audits.

[05:55] What does Anju enjoy doing outside of consultancy?: Anju loves spending time outdoors with long walks being her go-to, as they help her unwind both physically and mentally.

She also enjoys cooking for her family and friends. Experimenting with different cuisines and blending spices is something Anju finds incredibly relaxing.

[08:00] What was Anju’s path towards becoming an ISO Consultant?: Like many of the Blackmores team, Anju never planned to become an ISO consultant.

She began her career as a Special Educator, working with children with special needs in India.

Later, she transitioned into the development sector as a Research Assistant, working on projects funded by The World Bank and the UN World Food Programme. These projects focused on microfinance, training and development, and women & child health.

However, that role involved a lot of travel, which became challenging after the birth of her first son. So, Anju decided that would be a good time to take a career break.

When Anju was ready to return to work, she looked for an office-based role which resulted in her joining Ericsson, a Swedish Networking and Telecommunication Company as support staff, and progressed upwards to become the Learning and Development Manager at their rapidly growing Global Service Centre in India.

This involved managing training requirements of an employee base of around 4000+ employees, involvement in stakeholder management at all levels and vendor management.

As part of the Operational Excellence initiatives, she also got involved in preparing different business teams for their internal and external audits.

During that time, Anju became interested in Ericsson’s Group Management System, which all legal entities had to comply with. She then moved into the newly formed Quality Department and helped them to gain various ISO certifications. 

She was the Project Leader for implementing Ericsson’s Operational Maturity Model compliant to the requirements of ISO 9001, ISO 14001, ISO 27001 and OHSAS 18001 (ISO 45001’s predecessor).

Joining Blackmores as an ISO Consultant felt like a natural next step when she relocated to UK. She’s now been a member of our team for over six years, and continues to inspire others with her level of dedication to her work and clients.

[13:35] What is Anju’s favourite aspect of being a Consultant? – The variation in daily activities is a big positive for Anju.

One day she may be conducting a gap analysis for Environmental Management System for an IT company, and the next drafting policies and procedures for managing Events Sustainably for an Event Management company or auditing a client on their Information Security Management System. No two days are the same!

She also enjoys being able to work with a wide range of clients across sectors like IT, construction, facilities, asset management, event management, and train operating companies, all ranging from small businesses to large, multi-site organisations.

She particularly enjoys working on Integrated Management Systems, as they help clients save time and money by streamlining multiple standards into one cohesive system.

It reduces duplication, improves efficiency, and encourages collaboration across teams—breaking down silos and building synergy.

[15:50] Upcoming webinar: If you’d like to learn more about the benefits of integrated management systems, feel free to register for our upcoming webinar here.

[17:30] What Standards does Anju specilaise in and why? Starting with:

• ISO 9001 Quality Management: A core foundation that many businesses start with when diving into the world of ISO Standards. This is an essential one for any ISO consultant and is often the first Implementation experience for many who go on to become ISO consultants.
• ISO 14001 Environmental Management: This Standard provides a solid base for any business looking to start taking sustainability seriously.    
• ISO 45001 Health and Safety Management: Anju helped one of her previous employers implement this Standards’ predecessor, and has since implemented and supported ISO 45001 for a number of Blackmores clients.   
• ISO 27001 Information Security Management: An increasingly popular Standard as we see more and more business rely on technology to keep their services running smoothly.
• ISO 55001 Asset Management: A popular Standard within the facilities and public transportation sectors. This Standard aims to create a framework to help organisations manage the life-cycle of their assets.

ISO 20121 Sustainable Event Management: ISO 20121 focuses on governing principles of sustainable development, which are:

• Stewardship
• Inclusion
• Integrity
• Transparency

ISO 20121 was revised in 2024. The revised standard explicitly requires considering climate change and its impact on the event and stakeholders. The new version also expands beyond environmental concerns to encompass human and child rights, social impact (including mental health and diversity), and digital responsibility and how organisations should start considering these areas at the early stages of planning an event through post event activities.

Recently, Anju has been busy in putting together the toolkit for transition to ISO 20121:2024 and preparing her clients with the implementation of the revised and new requirements.

[21:10] What is the biggest challenge Anju had faced during a project and how did she overcome it?: Anju offers one experience in particular:

She was working with a company that was implementing its first ISO Standard. The project not only involved creating and implementing standardised policies and procedures but also working on the overall change management within the business.

The teams were used to working in silos for many years and were not very forthcoming with the idea of establishing and implementing standardised ways of working.

This was due to various reasons, such as lack of awareness, operational activities taking precedence over risk and process-based approach. As a result, project leads struggled in getting support from the project sponsor and the extended project team in terms of time and effort.

They had to put the project on halt for few months and only proceeded with the project after getting the full commitment from the sponsor and other project team members.

During this time, ISO related roles and responsibilities were built into the job descriptions of the various stakeholders, these were agreed as part of the internal review processes and required time and effort for the different stakeholders within the business was agreed with the Management Team.

At the end, this project helped the company to embed the standardised processes within the business, rather than it being just a tick in the box exercise to achieve certification.

[25:35] What is Anju’s proudest achievement?  Anju’s proudest achievement in relation to work, is when she’s able to see a marked difference in the confidence level of her clients, from the start of the ISO implementation project, which is the gap analysis stage, to confidently facing the certification audit and demonstrating to the external assessors that the implementation of the ISO project was not just a tick in the box exercise for them.

One achievement in particular stands out in recent months as she supported a client in successfully transitioning to the revised ISO 20121 standard.

If you’d like any assistance with implementing ISO standards, get in touch with us, we’d be happy to help!

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

Asset Management can be explained as a systematic process of planning, operating, maintaining, upgrading and replacing assets cost-effectively with minimum risk and at the expected levels of service over the assets’ life cycle.

One sector where effective asset management can make a huge difference is public transportation, with organisations having to keep track of an exhaustive list of costly vehicles and infrastructure.

Long time listeners may recall a previous episode where we interviewed the train operator, Greater Anglia, after they successfully achieved ISO 55001, the best practice standard for asset management.

Now 3 years on, they’ve been recently recertified and have learned a lot since their initial certification.

In this episode, Andrew Barnes, Head of Asset Management at Greater Anglia, joins Ian Battersby to discuss how they currently manage their ISO 55001 certification, what they’ve learned in the past 3 years since certification and the benefits of effective asset management.  

You’ll learn

• Who is Andrew Barnes?
• Who are Greater Anglia?
• How do Greater Anglia manage their ISO 55001 certification?
• What lessons have been learned since their initial certification?
• What are the main benefits of ISO 55001?
• Andrew’s top tip for ISO Implementation

Resources

• Isologyhub
• Greater Anglia
• ISO Support Plan

In this episode, we talk about:

[02:05] Episode Summary – Ian Battersby is joined by Andrew Barnes, Head of Asset Management at Greater Anglia, to discuss their experience with being certified to ISO 55001 for the past 3 years, explaining the lessons learned and benefits gained.   

[03:25] Who is Andrew Barnes? Andy is currently the Head of Asset Management at Greater Anglia. A fun fact that not many people know about him is that he was part of the Lord Mayor’s Show in the 80’s, though he had a bit of a wardrobe malfunction that ended with him getting a stern talking to!

Andy has been working in the railways since 1985, starting as an apprentice with British Rail.

[05:15] Who are Greater Anglia? Greater Anglia are a train operator who took over from National Express, East Anglia back in 2012.

They serve the Anglia region from Liverpool Street Station, and are unusual among railway companies in that they are under a full repairing and insuring lease. This differs from most who have station access conditions, where the responsibility for maintenance and repair is split between Network Rail and the train operator.

They currently operate 134 stations, with 2 more under construction which are Burley Park (due to open in October 2025) and Cambridge South (opening in early 2026).

In addition to the stations, they also own 7 depots for train stabling and maintenance. So in short, a lot of assets to keep track of!

[07:40] Extra asset requirements – They are also now challenged on cleanliness at train stations. This involves mystery shoppers visiting stations and marking them against certain criteria to give a score, which Greater Anglia tend to score quite highly.

They also have to inspect all of their assets on a conditioned surveying scheme, the scores of which need to be communicated to Network Rail.

[09:00] Andy’s role as Head of Asset Management – Andy is relatively new to this role, becoming the Head of Asset Management in April 2025. He has a team of asset inspectors that conduct the condition surveys internally.

He’s also responsible for the Engineer Insurance Team, part of their role is to determine the technical aspects of large schemes that require focused designs.

[10:05] How do Greater Anglia manage their ISO certifications? – In addition to ISO 55001, Greater Anglia also hold ISO 9001 and a number of standards specific to engineering.

They have benefitted from 3^rd party support in the form of utilising Blackmores consultancy to help gain certification and aid with on-going support for internal audits.

Their processes and procedures are all managed by their Project Management Team, who conduct regular reviews against ISO requirements to ensure they stay relevant and in alignment with best practice.

They also have a strategic asset management plan, risk register and continuous improvement plans in place to address various elements of both asset management and general quality management.

Like with most ISO Standards, there’s a lot of crossover in the requirements, so elements of each certification can easily be integrated and used to bolster an existing management system.

[11:15] The benefit of a maturing management system – Andy is quite keen on learning from their maturing management system. Through effective implementation, you can look back and see what’s working well and where improvements can be made.

Having a certain level of management system maturity enables you to make more informed continual improvement decisions.

[13:20] A structured approach – Prior to ISO 55001 certification, they were still doing everything that was required of them to maintain assets simply because that was the right thing to do.

What they lacked was the structured processes and procedures to support that hard work. It wasn’t as planned and more of a reactionary approach to asset management.

Andy appreciates the clearly defined lines, processes and ability to learn from their mistakes as a result of ISO 55001 implementation. It simply helped provide a more consistent and collaborative base for effective asset management.

[14:25] Other benefits from ISO 55001 certification:-

Improved efficiency: New and improved processes helped to manage both their time and internal resource. They eliminated unnecessary meetings, and consolidated key discussion points for their regular meet-ups to ensure important updates were prioritised.

Risk Mitigation: They now have a structured approach to learning from past mistakes. This is managed via a Lessons Learned Database, which collates the answers to specific questions that get asked after project completion. They make sure to include contractor input so all parties involved feel the benefits. Recently, they’ve also been granted access to Network Rail’s Lesson’s Learned database, so they will benefit from an even wider knowledge base for future projects.

Consistent approach: Their current management system ensures that everyone is following the same policies, processes and procedures. People know what their responsibilities are, who to communicate what to and how they can help contribute to improvement efforts.

Continual Improvement culture shift: The management system doesn’t require everyone to know everything from the get-go. It encourages a culture of learning with the goal of continual improvement, so people aren’t afraid of suggesting actions for innovation.  

[19:45] Lessons learned: Not just from mistakes – Ultimately, from an asset management point of view, Greater Anglia want to maintain or renew an asset as functional and preserve it for as long as possible. They need to intervene as quickly and as efficiently as possible to minimise the impact to people using it.

Minimising the time on site with things like modular construction and hauling large equipment are things we’ve done due to lessons learned from other projects. These were positive changes that we’ve taken on not due to mistakes but simply from trying different things.

A lesson learned doesn’t have to result from a mistake. It’s about learning from both risks and opportunities.

[21:20] Top ISO Implementation tips from Andy –

Do your homework: Have a good understanding of your Management System and take your time to weave it into your day-to-day activities.

A helping hand: Make use of an ISO champion, whether that’s someone internal with ISO knowledge or a 3^rd party dedicated ISO consultancy (such as Blackmores) to help you break down an ISO Standard into something you can understand and apply to your way of working.

Recording evidence: Don’t just talk the talk, walk the walk! Once a process or procedure is documented, follow it, and record evidence of this. Same goes for any actions for improvement that are raised, don’t just let it sit there, action it.

[23:45] Andy’s take away from ISO 55001 management – Andy is surprised by how attuned their business is to the Standard. The Standard speak may seem obtuse or vague, but its adaptability is it’s greatest strength. You have the flexibility to apply it in a way that works for your business.

[25:15] Andy’s book recommendations – 1984 by George Orwell and Adolf Hitler: My part in his downfall by Spike Milligan.

[26:35] Andy’s favorite quote – ‘By Failing to prepare, you’re preparing to fail’ – Benjamin Franklin

If you’d like to learn more about Greater Anglia, check out their Website and Linkedin.

If you’d like any assistance with ISO 55001 Asset Management, feel free to get in touch with us, we’d be happy to help.

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

ISO certification is more than just earning a certificate, and it requires continuous maintenance to both retain certification and drive effective improvements.

Over the course of your 3-year certification cycle, you will need to ensure your Management System is regularly updated and reviewed so that it remains relevant to the way you’re currently working. That in addition to annual tasks such as internal auditing and management review, it can be a lot to keep on top of.

Which is why some turn to external ISO Support.

In this episode, Steph Churchman explains what ISO Support is, the challenges of managing ISO internally and the benefits of external support.

You’ll learn

• What is ISO Support?
• What tasks can you outsource
• Challenges of managing ISO internally
• What are the benefits of ISO Support?

Resources

• Isologyhub
• ISO Support Plan

In this episode, we talk about:

[02:05] Episode Summary – Steph explains what is meant by ISO Support, explains the challenges with managing ISO internally and the benefits of engaging in external support.  

[02:20] What is ISO Support? ISO certification involves a 3-year cycle, where you will be subjected to an annual Surveillance audit by your certification body. On year 3, you will need to undertake a recertification audit, which will determine if you can keep your ISO certification.

During that cycle, you will be required to complete annual tasks such as internal auditing, documentation updates and management review to ensure that your management system is effective in driving continual improvement.

ISO Support is a service provided by an external party to help facilitate the management of these annual tasks, usually undertaken by a dedicated ISO consultancy.

[03:40] What tasks can be outsourced? To learn about what tasks can be outsourced, check out a previous episode.

[03:55] ISO Management Challenge #1: Internal auditors not being comfortable about auditing their peers – It may be the case that certain individuals do no get on, however if someone manages a key process or area of the business, they still need to be audited.

There’s also the chance for auditors to be misunderstood, or have trouble getting the answers they need from auditees. Auditing requires the ability to effectively communicate and make yourself understood. It’s quite common for auditees to ask for further clarification on questions asked, so you need to be able to work with them so that they understand what you’re really asking.

[04:45] ISO Management Challenge #2: Internal auditors not being particularly objective or impartial when auditing leadership – It can be hard to be impartial towards leadership, even if it is ultimately in their best interest! These dynamics can be habitual, but by not pointing out genuine issues or opportunities for improvement, you dimmish the purpose of the exercise.

This also involves any leadership being receptive to feedback given. If this hasn’t been taken well in the past, it’s understandable for individuals to be hesitant doing so again, even if it’s a necessary part of the process.

[05:35] ISO Management Challenge #3: Fed up with paying for training for a high turnover of internal auditors – Internal Auditing will require a qualification, which will cost money. It’s not a tremendous amount for these courses, but it would be an extra thing to budget for, and then there’s factoring the time to complete the course which takes away from that individuals other responsibilities.

It can also be frustrating when your only Internal Auditor moves on and so you have to train another. Depending on the business, this could happen quite frequently and so ends up being a repetitive expense.

You will also need to ensure any current auditors are competent to audit against any new ISO Standards that you may add along the way.

[06:35] ISO Management Challenge #4: Managers not having time to update processes – Your Management system is likely owned by either just 1 individual or by a small team within the business. Those involved will already have their plates full with day-to-day operations, and anything ISO related is just another task to add onto that pile. In the eyes of many, they may seem unimportant in comparison, and will continually get shuffled down the priority list until it’s time for a Surveillance Audit.

There will also be a certain amount of documentation to review and update on a regular basis. Even those with mature systems can experience trouble with duplicated processes, or confusion with old versions, and finding the time to sit and refresh all of that is often hard to accomplish.

[07:30] ISO Management Challenge #5: Managers not aware of their legal, regulatory or ISO Standards requirements – As ISO Standards lay out best practice, they do require businesses to be aware of and adhere to relevant legislation and regulations. Managers will likely not be an expert in ISO Standards or legislation, so it can be easy for things to get missed if they’ve not had sufficient training beforehand.

It will take time for relevant individuals within a business to be trained, or complete CPD to be fully competent to ensure full ISO and legal compliance.

[08:25] ISO Management Challenge #6: Not updating key information i.e. Risk Register, BCP’s, environmental/energy metrics – Monitoring and measuring is a big part of ISO Management. You need to document certain metrics if you want to track them effectively.

You will also need to update key documentation, as nothing stays the same forever. Major business changes may prompt updates to key policies and procedures. You may have opportunities to improve that fall out of audits that require certain documentation to be updated. Or correcting things where non-conformities have been raised.

These updates are necessary to keep the momentum of a management system going. It needs to grow with you, which it will fail to do if everything documented is only applicable to how your business operated a few years ago.

[09:15] ISO Management Challenge #7: Not reviewing key information i.e. Objectives, Environmental/H & S/Data Security trends – Objectives is another key metric that should be reviewed on a regular basis. To not only establish if you are making progress with them, but also to possibly adjust if the original plans were too lofty. They should still be a challenge to obtain, but we’re all only human and sometimes our first estimates about what’s achievable might be a tad too ambitious.

There is also a need to review audit results to see if there’s any trends in areas such as info sec, sustainability and risk. This could be opportunities for improvement or some reoccurring issues that need to be addressed.

All of this monitoring is going to require dedicated time from relevant personal, including feeding back results and following through with further actions.

[10:55] ISO Support Benefit #1: Expertise and Specialisation – Dedicated ISO consultants will keep you up-to-date with the latest standard revisions, interpretations, and best practices. This includes their experience with helping businesses to plan and conduct annual maintenance.

They are there as a guiding hand and can be a great sounding board for you if you have questions surrounding ideas or actions that you’re unsure about.

 Their help ensures your system is maintained effectively and most importantly, compliantly.

[11:40] ISO Support Benefit #2: Cost Savings – While there’s a fee for outsourcing, it’s often more cost-effective than maintaining an in-house team or dedicating significant internal resources.

As mentioned earlier, you would need qualified internal auditors at the very least, this will require training costs. You also need to consider the time taken out of individual’s typical working schedule to be able to conduct annual ISO maintenance, this will take away from their day-to-day tasks.

We took this into consideration when creating our ISO Support Plan option, which is a 3-year contract that allows you to stay at a fixed rate for those 3-years. It’s a set it and forget it approach to ISO Support, which is flexible on both the number of days required annually in addition to the tasks you’d like support with.

[12:35] ISO Support Benefit #3: Reduced Workload for Internal Staff – It’s often the case that Individuals, especially in SMEs, often wear many hats. Adding ISO maintenance onto that will impact on their day-to-day activities. Outsourcing frees up their time and resources, allowing them to focus on core business activities rather than the complexities of ISO maintenance.

A lot of people don’t take training into consideration for people who get handed the task of maintaining a management system.

It’s a lot of unnecessary stress when they’ve likely already got enough on their plate. Outsourcing will take a lot of that burden away, and give them a chance to lean on consultant guidance and be able to learn how to manage the tasks without fear of jeopardising the company’s certification. 

[13:30] ISO Support Benefit #4: Impartiality and Objectivity – An external consultant can offer an unbiased perspective on your management system’s performance, identifying areas for improvement that might be overlooked by internal staff due to familiarity, bias or ingrained practices.

A fresh pair of eyes can provide a lot of valuable insight, in addition to their lessons learned from other clients. It also helps to have another unbiased voice on your side if you have suggestions for improvement that need presenting to leadership.

It should also be noted that impartial audits are a requirement of ISO Standards, this is so you’re not marking your own homework all the time. It’s another level of assurance that you are doing what you say you’re doing.

[14:20] ISO Support Benefit #5: Continuity and Risk Mitigation – Employee turnover can disrupt internal ISO maintenance.

Outsourcing provides continuity, as any external provider will be available for the duration of an agreed contract, there’s no ambiguity on how long you have their support for. They will help you plan out what needs to be done, and facilitate this with the relevant individuals within your business.

[15:00] ISO Support Benefit #6: Improved Efficiency and Effectiveness – External specialists will have the experience to help streamline processes and tools for maintenance activities. Making the system and it’s running more efficient, leaving you with more time to implement worthwhile changes that reap tangible results.

Having their guidance from the start means you’ll be hitting the ground running. At Blackmores, we ensure that annual activities are planned out in advance so everyone can be prepared and work on a consistent schedule.

[15:40] ISO Support Benefit #7: Enhanced Compliance and Audit Readiness – Outsourced consultants are going to be more adept at ensuring the system remains fully compliant with ISO standards. As they can proactively identify and address non-conformities that could easily be missed by those with significantly less auditing experience.

There is a level of experience that is tricky to achieve if you do not regularly conduct internal audits. Consultants know what to look for, and will often have significant industry experience to know what stones to unturn to find issues and opportunities.

Afterall, that is the purpose of internal audits, to not only check that process, policies and procedures are being followed, but to seek out where you can be doing better, or fixing issues as your business changes and adapts.

[16:40] ISO Support Benefit #8: Focus on Core Business Activities – By offloading the burden of ISO maintenance, you can re-allocate your focus and resources to core business activities and strategic initiatives. ISO Consultants can take a lot of the mental burden of managing ISO systems away.

There will still be homework to do on your side, as ultimately, you know how your business works best, but a consultant will guide you through what needs to be done.

We know that many of you tasked with ISO compliance in your business have another primary role that requires a lot more of your attention. So make it easier on yourselves with the help of an expert, so you can get on and do what you need to do with minimal interruption.

[17:30] ISO Support Benefit #9: Potential for Scalability and Flexibility – Outsourced services can often be scaled up or down based on the business’s needs, offering flexibility that an internal team might not be able to provide, especially during periods of growth, crisis or during large projects.

ISO Consultants can help either pick up the slack or give you more of the rope to handle annual ISO maintenance depending on what you need or want.

At Blackmores, we have an ISO Support Plan that can be tailored to your exact needs, including the options to complete tasks such as:-

• Conducting impartial internal audits
• Providing surveillance support
• Updating legal registers
• Documentation updates
• Conducting annual management reviews

With 3 levels of support available, we have no issue with you increasing or decreasing days required each year, or varying the tasks depending on where you need the most support.

If you’d like any assistance with ISO Support, feel free to get in touch with us, we’d be happy to help.

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

If you’ve ever implemented an ISO Standard, then the term Management Review will be familiar to you.

It’s a mandatory part of the implementation process, and a crucial tool for monitoring continual improvement. Somewhere down the line, it’s become a bit of a myth that a Management Review needs to be an annual meeting.

That is simply not the case, while required by the Standard, it’s very flexible on how this could be achieved.

In this episode Ian discusses the purpose of Management Review, including what you should be including and getting out of the review and breaks down the fallacy of the annual event.

You’ll learn

• What is the purpose of a Management Review?
• What are the common misconceptions about Management Review?
• How Management Review supports other clause requirements
• What are the inputs for Management Review?
• What are the outputs of a Management Review?

Resources

• Isologyhub
• How to conduct a Management Review
• How to get the most out of your Management Review

In this episode, we talk about:

[02:05] Episode Summary – Ian discusses the real purpose of Management Review, and dispels the myth of the annual event.

[02:35] What is the purpose of a Management Review?: Management Review is a requirement of all ISO Standards. It’s main purpose is to check if your Management System is fit for purpose, and what needs to be updated to ensure it aligns with your businesses objectives and strategic direction.

In short, it’s there as a check to see what’s working well and what’s not working well, in addition to continual improvement considerations.

[03:30] What are some common misconceptions about Management Review?: Some common misconceptions include:-

• That it’s simply a formality – Rubber-stamping things and missing out on the opportunity to effectively monitor management system progress
• That It must be once a year
• Having to review everything in excruciating detail i.e. all audit findings
• The need to update the risk assessment and re-jigging scores
• That you must review and update your SWOT/PESTLE
• Or review and update all management system documentation
• That it’s the perfect opportunity to re-write a policy

There is a time and place for all of these, and you could tackle some of this in a Management Review if you really want to, but that is not the main purpose of a Management Review.

[04:50] How Management Review supports other clause requirements – Leadership: If we take ISO 9001 as an example, the Leadership clause states:

“Top management shall demonstrate leadership and commitment with respect to the quality management system by:

a) taking accountability for the effectiveness of the quality management system

e) ensuring that the resources needed for the quality management system are available

g) ensuring that the quality management system achieves its intended results”

These requirements at first glance may seem like they’d require a lot of effort and monitoring of many different factors, but in actuality they can all be satisfied through effective Management Review.

[05:55] What involvement is required from top management? As stated in ISO Standards:-

“Top management shall review the organization’s management system, at planned intervals, to ensure its continuing suitability, adequacy, effectiveness and alignment with the strategic direction of the organization.”

Top management also have involvement in the following elements of implementing and maintaining a management system:

• Context
• IPs
• Risks/Ops
• Objectives
• Policy
• Support
• Operation
• Performance monitoring

Management Review relates specifically to ‘performance monitoring’, but that in of itself will include elements of all the other clauses within the Standard, and many of those require top managements involvement on some level.

[07:45] The fallacy of the annual event – The Management Review clause specifically states that a Management Review should be ‘carried out at planned intervals’.

Many had interpreted that as once a year, which has been the prevailing myth for decades. Looking at the Standard, no where does it say ‘once a year’, planned intervals means it could be once a month, it could be once a week, it could be a set points during the summer.

When deciding on these planned intervals, take into consideration the nature of your business, the size of your business, the risks associated with it and the maturity of your Management System. This will determine how frequent the Management Review should be, as it will differ for every business.

[09:10] Examples of Management Review frequency – Ian has worked in an organisation where they had a rather grand Management Review process, where top management and other relevant individuals meet to review the past year and set the scene for the following year.

That same organisation also had monthly meetings with the same members of top management to keep on top of new and on-going issues.

That isn’t to say this is the only way to run Management Review. Some opt to have quarterly meetings, others once every 6 months and some even leave it to once a year.

[10:40] What is required of Management Review? Inputs – Clause 9.3 details the requirements of Management Reivew in most Standards (some swap 9.3 and 9.2 around, but the contents remains the same).

First, the inputs required for Management Review include:

The status of actions from previous management reviews – If you said you were going to do something before, how’s that going?

Changes in external and internal issues that are relevant to the quality management system – this doesn’t mean that every meeting should consider the SWOT/PESTLE/IP tables, but there must be some determination of when that’s done in detail and when a senior mgt discussion should include the key aspects of that and its impact. There is a need to review these things when required anyway, so doing it only at pre-defined times can be problematic.

Information on the performance and effectiveness of the quality management system, including tends in:-

• Customer satisfaction and feedback from relevant interested parties;
• The extent to which objectives have been met;
• Process performance and conformity of products and services;
• Nonconformities and corrective actions;
• Monitoring and measurement results;
• Audit results;
• The performance of external providers;
• The adequacy of resources;
• The effectiveness of actions taken to address risks and opportunities;
• Opportunities for improvement.

[20:45] What is required of Management Review? Outputs – You will also have a number of outputs from Management Review, including:-

Opportunities for Improvement – This could be as a result or reviewing audit findings and discussing the OFI’s found and how you can address and implement these. You could also use the Management Review to review and set new objectives for the year ahead.

Any need for changes to the management system – You may need to review policies and procedures and see if they’re still fit for purpose, if they’re not then this is a good venue to discuss and update them. Other aspects that may have changed or will have a need to change include:

• Interested parties – have their needs and expectations changed?
• People – Do you need to change the people involved with certain processes?
• Awareness – Do you need to raise more awareness around a specific topic?

Resource needs – You may need to raise the need for more resourcing in regard to the management system or related processes.

If you’d like to learn about alternative ways to host a Management Review, listen to one of our previous episodes.

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud | Mailing List

The work doesn’t stop once you get ISO certified, there is a requirement to complete an annual surveillance audit to ensure your Management System continues to meet the requirements of the standard(s).

Last week Mel covered some basic preparation you can do ahead of a surveillance audit, but what should you expect on the actual audit day?

Today, Mel shares 10 top tips to help you prepare and ensure your next surveillance audit runs as smoothly as possible.

You’ll learn

• What is a surveillance audit?
• What to expect during the surveillance audit
• Considerations for remote vs on-site audits
• What evidence do you need to have prepared?

Resources

• isology Hub
• Blackmores ISO Support

In this episode, we talk about:

[00:36] A description of a surveillance audit

[02:00] A summary of the 10 top tips  

[02:40] There is no right or wrong way to prepare for a surveillance audit – but the following tips will be applicable regardless of the standard your certified to

[03:30] Tip 1: Be Prepared – A summary of what Mel covered in the previous episode  

[05:40] Tip 2 – The opening Meeting – Be sure to have all people involved in the audit present at the meeting. It’s advised to have a member of the leadership team present. Here the Auditor will explain the different types of audit findings.

[08:00] Tip 3 – Audit questions – Similar to your Stage 1 and 2 Assessment, you will be asked a lot of questions. Try to be specific with your answers, and don’t be afraid to ask for clarification. Don’t worry if you don’t know the answers to certain questions outside of your area of expertise, simply direct them to the correct individual who can answer. You are within your rights to seek clarification on findings – Do not argue with the auditor, simply ask for justification on findings if you’re confused as to why they’re being raised.

[13:05] Tip 4: Keep on track – It’s in everyone’s best interest to stick to the Agenda.

[13:35] Tip 5: On-site Surveillance audits – Do a floor walk before the auditor arrives to check that you’re following your procedures. Make sure reception knows that the Auditor is arriving, and follows any of your standard visitor procedures. Try to book a room to base the audit in to avoid them overhearing any unnecessary chatter and to allow the auditor and auditees some privacy.  

[16:05] Tip 6: Remote Surveillance Audits – Ensure that you follow any company remote working procedures. Ensure you have a good wi-fi connection, all attendees should be visible on camera but be muted when not speaking. Make sure everyone has access to the necessary documents while off-site.

[17:15] Tip 7: The Auditor – They are human, and they are here to support you to ensure you are doing what you say you’re doing. They are experts on their Standards and it’s advised to foster a friendly relationship with them. But please be aware that they shouldn’t be sending you reports from personal email addresses, be left unattended on-site and shouldn’t be taking any information off-site – show evidence on screen / in-person during the audit.    

[20:20] Tip 8: The closing Meeting – Held at the end of the day. Listen to the feedback and findings from the auditor – they are there to help you improve. Feel free to ask for further clarification if needed. It’s advised to have everyone at the opening meeting present at the closing meeting.

[22:38] Tip 9: Evidence needed – You will typically need access to your audit schedule, audit reports and Management Review Minutes. You may also need various policies and procedures. Ensure that all documents are version controlled and any applicable branding is consistent.

[24:10] Tip 10: Enjoy it! – If you’re doing everything you say you’re doing, then you should enjoy showing off your Management System. The resulting report should be seen as an opportunity to continually improve – the auditor only wants the best for your business.

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episode’s:

Stitcher | Spotify | YouTube | iTunes | Soundcloud

The work doesn’t stop once you get ISO certified, there is a requirement to complete an annual surveillance audit to ensure your Management System continues to meet the requirements of the standard(s).

Surveillance audits must be carried out by a Certification Body, during which they will typically look at your Management Review, your preventative and corrective actions process, Internal auditing process and the implementation of any recommendations that have come out of an Internal audit.

Today, Mel explains how you can prepare for a Surveillance audit and gives examples of some key considerations ahead of the Auditor arriving on site.

You’ll learn

• What is a Surveillance Audit?
• Why there is a requirement for an annual surveillance audit
• What you need to prepare ahead of a surveillance audit

Resources

• isology Hub
• Blackmores ISO Support
• What to expect during your first ISO Assessment

In this episode, we talk about:

[00:59] A description of a Surveillance Audit

[01:30] The purpose of a Surveillance Audit – Ensuring your Management System meets ISO Standard requirements and as an opportunity to demonstrate continual improvement

[02:40] There is no right or wrong way to prepare for a Surveillance Audit – but the following tips will be applicable regardless of the standard your certified to

[03:30] Tip 1: Check that you have an Agenda for the visit – This should be provided at the end of your last report from the Certification Body

[04:25] A brief overview of how the certification cycle works – A 3 year plan is usually provided to you by your Certification Body

[05:50] Ensure that you go ahead with a UKAS accredited Certification Body

[06:18] Tip 2: Confirm locations – make sure you know where the auditor is being sent and to prepare staff on site about the impending visit. This can also allow you to book out time for specific people that may be required during the audit

[07:10] Tip 3: Ensure you book out time for any required key members of staff – it is also advised that you book out a meeting room for the day

[08:45] Be prepared for the Auditor to walk around your site – Especially if they’re assessing ISO 45001 (Health and Safety) and ISO 27001 (Information Security)

[09:40] Double check if the auditor visit is on-site or remote  

[10:30] Tip 4 – Check that you have all the relevant Management System records in place – and that they’re up-to-date

[10:50] Examples of what documentation the Auditor will typically look at

[13:00] Tip 5 – Make sure you’ve closed out any opportunities for improvement and non-conformities from your last internal audit

[14:30] Tip 6 – Check if there have been any changes to your business that may effect the scope of certification i.e. New products or services with no controls in place yet or a new site

[16:00] Tip 6: Confirm the auditor’s visit and check if they have any accessibility or dietary needs.

[16:30] Tip 7: Warn any relevant reception / security staff about the visit so they know to expect the auditor. Ensure they go through any of your typical security procedures i.e. getting an access card, signing visitor book ect

[17:42] Tip 8: Send an email to all staff to remind them about the surveillance visit – good to do this a day or two ahead of the visit   

[19:45] Tip 9: Do a floor walk – Ensure that any of the physical controls you have in place are working as intended

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud

Do you find keeping up with regular annual ISO tasks a struggle?

It’s easy to let ISO maintenance slip through the cracks, especially if it’s in addition to your primary job role.

If this sounds familiar, then you should consider outsourcing certain areas of your ISO management system to be managed by ISO experts.

Today, Mel explains the areas that should be managed in-house, the areas that can be outsourced, and the ISO support plan we offer to help businesses outsource aspects of their management systems.

You’ll learn

• How long ISO certifications are valid.
• Why businesses outsource some areas of their management system.
• The different ISO areas you can outsource.
• How to maintain quality when outsourcing internal audits.
• The importance of quantifying the results of your management system.
• The importance of employee engagement in your ISO management system.

Resources

• Need support with revamping your Management System? check out our ISO Support Plan
• Need guidance and support with ISO Standards? isologyhub

In this episode, we talk about:

[01:38] How long ISO certifications are valid and the ISO support plan we provide.

[02:38] Why businesses outsource certain aspects of their management system.

[03:34] What areas you can outsource and what you should keep in-house.

[04:48] Health and safety requirements and risk management needs.

[06:03] The most popular ISO areas that can be outsourced.

[09:27] How to optimise performance through updating management systems.

[09:57] The importance of being able to quantify the results of ISO systems.

[10:54] How to outsource the facilitation of your management review.

[12:15] Employee engagement training that can be outsourced.

Just a reminder, we’re offering 6 months free access to the isologyhub for anyone who signs up to an ISO Support Plan!

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube |iTunes | Soundcloud

Has your Management System been left to collect dust? Hidden away so that no one except a select few can access and update it ahead of Surveillance Audits.  

If this sounds familiar, then it’s time to revamp your Management System to ensure it’s incorporated with your core vision and values and encourages engagement from employees on all levels.

Today, Mel takes you through 5 steps that will help to rejuvenate your Management System, including key content considerations, the design and alignment with your company culture.

You’ll learn

• How to identify what’s essential for your Management System
• How you can incorporate your Unique way of Working
• How to take a collaborative approach to revamping your Management System
• Key considerations for the look, feel and accessibility of your Management System
• How to align your Management System with your company culture, strategy and goals

Resources

• Need support with revamping your Management System? check out our ISO Support Plan
• Need guidance and support with ISO Standards? isologyhub

In this episode, we talk about:

[00:57] What is essential from an ISO perspective

[01:22] How having too much in your Management System can lead to a lack of compliance

[02:20] Remember – If an ISO Standard states ‘shall’ – you must fulfill this requirement

[02:55] How to establish what’s essential to your business – including your way of working

[03:53] Different ways you can add value to your Management System    

[05:25] An example of how Blackmores have added value with our Client Success Journey

[07:15] Why collaboration is so important when revamping your Management system

[08:52] How a Quality Circle can assist with a collaborative approach

[10:15] How you can align your company culture, strategy, values and goals within the Management System

[11:32] Why it’s important to share the Management system and any related updates  

[12:38] Key considerations for the look, feel and accessibility of the Management System

[14:05] Examples of different ways you can display and share your Management System

[15:36] Consider how easy your Management System is to access and navigate 

[17:12] Consider different methods of communicating the Management System – i.e. Audio, video, visual, flowcharts ect  

Just a reminder, we’re offering 6 months free access to the isologyhub for anyone who signs up to an ISO Support Plan!

We’d love to hear your views and comments about the ISO Show, here’s how:

• Share the ISO Show on Twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and we read each one.

Subscribe to keep up-to-date with our latest episodes:

Stitcher | Spotify | YouTube | iTunes | Soundcloud

I thought we’d take a step back in time, to explain how Blackmores began. Not by implementing ISO Standards, but by offering support to a company that was already certified to ISO 9001 – my employer at the time.  I share my journey as a working mum juggling two children and my role as a Quality Manager, which triggered my Eureka moment resulting in the launch of Blackmores in 2006.

In the podcast, I explain about the some of the pain points that many organisations suffer with ISO Standards, and how the ISO Support Plan service alleviates these issues.  Some of the issues facing businesses include :-

1. Internal auditors not being comfortable about auditing their peers.
2. Internal auditors not being particularly objective or impartial when auditing their boss!
3. Fed up with paying for training for a high turnover of internal auditors
4. Managers not having time to update processes
5. Managers not aware of their legal, regulatory or ISO Standards requirements
6. Not updating key information i.e. Risk Register, BCP’s, environmental/energy metrics
7. Not reviewing key information i.e. Objectives, Environmental/H & S/Data Security trends

If you find you’re juggling too many balls, and the ISO ball drops every now and then, our podcast explains the solution to keeping your balls flying high! For further information check out our ISO Support Plan page.

Find out more about Blackmores by contacting us today!

To help out the ISO Show:

• Share the ISO Show on twitter or Linkedin
• Leave an honest review on iTunes or Soundcloud. Your ratings and reviews really help and I read each one.
• Also available on Spotify