“Management is Management” is a well worn but very true phrase that correctly implies that it does not matter what the topic is, the principles of sound management will still apply.

smart-ISO takes that a stage further by using a due diligence style approach in its questioning of the company to concentrate on “management” questions and using the “spirit” of the latest ISO standards to not rush down the silo approach that the individual standards often bring.

The process is to

• Identify gaps against management
• Extrapolate those gaps against multiple standards
• Identify and provide appropriate material to fill the gaps
• Present in a way that ANY auditor can clearly see and acknowledge a solid foundation for Stage One Certification

Processes are the backbone to company function and clarity.

Philosophically, if we have our process on processes is to map out EVERY task/activity/process and to also show all interlinks we are far better able to identify gaps or overlaps and – most important – reduce waste or risk etc and improve efficiency and effectiveness.

At the other end of the process on processes – philosophically – is for us to identify actively or re actively any issues and link them back to processes so that we can ensure we have a “forever” continual improvement system “happening” across the whole organization.

Yes we have laws and procedures and processes but we live and work in a physical fixed and mobile world. Thus it makes sense to recognize that and to look for a set standards for corporate expectations – workplaces, storage, cleanliness etc etc – against which we can routinely check to make sure that they are maintained (or retained or explained ) to the benefit of all

So this gap analysis is more about setting the physical standards expected first and then putting in motion a way to check through active means – such as inspections – and re-active (because things do go wrong) means such as non-conformities.

Anything that fails to conform to a standard – be it international, national or the company’s own standard – is a non-conformity; things like incidents, quality failures, spills, security breaches.

smart-ISO goes the extra mile by requiring you to identify

• What process was involved?
• Is the risk still valid?

These together ensure that this REACTIVE and CORRECTIVE action acts as if pushing a pedal on the continual improvement bicycle.

We call it the smartCYCLE.

IT WORKS!

Inspections are an active way of checking that physical standards are being ket – even improved upon. But in smart-ISO inspections go much further. As well as physical conditions they check on other items such as

CCPS – Critical Control Points) those steps in a process where, if controls were

not to be followed or fail the outcome would be detrimentally affected

Risk – looking at specific risk assessments that are above an agreed tolerance

level to ensure the controls are working or used

Long Term Actions – to ensure that the timescale set is still acceptable and – again – Inspection becomes an active part of the        continual improvement process by requiring you to identify

What process was involved?

Is the risk still valid?

REVIWEAn Audit is an audit is an audit? Sort of

smart-ISO builds an audit based on Location and Business units in that location to identify what Processes, Procedures, Documentation ought to be checked routinely. The smart-ISO approach allows for certain locations to be checked more frequently than others where the need has been identified. This frequency can be lessened where it is know that CCPS are being (as they will be) frequently inspected separately.

The audit approach will then require the auditor and/or team to review each step in each process, procedure and document to confirm that they are up to date, being complied with and no change is required.

The strength of the smart-ISO approach is in the way ANY occurrence has to be analyzed with direct reference to the process it arose in.

IF there is no process then one has to be created AND risk assessed.

IF there is a process and the risk assessment is not valid – or worse still not carried out – there has to a risk assessment review or risk assessment completed.

This ensures that all processes in the company are maintained continually.

Another Integrated approach is in the Review process. Right at the start of the whole implementation IMS Management meetings will be initiated. In those meetings there is a clear agenda that covers ALL aspects of the corporate management system to ensure that all aspects are reviewed – to start with monthly.

Objectives are set annually, reviewed each month and reset for the next year at the last meeting of the previous year.

All subjects are considered and ANYTHING from RAPA (Re-active and Pro-active) reports reviewed, actions agreed and monitored … another smartCYCLE approach to management reviews

Training reminds me of something I’ve heard and read

But how can people call for help if they don’t know who to trust? And how can they know who to trust if they haven’t heard of the One who can be trusted? And how can they hear if nobody tells them? And how is anyone going to tell them, unless someone is sent to do it.

smart-ISO is special but unless it is used and the process followed it will be of no value in fact it will be of negative value as people turn away from it. This is where training is vital. Yes we have an induction element so any new recruit will look at processes and documents and law etc etc and any changes in same will be brought to anyone’s attention next time they log in

BUT

Unless some has the responsibility to train and tells those who need the training they will not hear, they will not trust and it will not happen.