Setting the right objectives is essential for ensuring governance, risk & compliance is met to the ISO Standard. The Objectives list reports on SMART objectives (Specific, Measurable, Agreed, Realistic and Timebound) grouped by Business Value Drivers providing you with a clear plan of action and status report.
The guidance includes creating objectives and lookup columns that enable you to select from the related Business Value Driver, Performance Evaluation and assigned Role to demonstrate effective planning.
As outlined within the policy statements, and referred to in the previous chapter, the management team routinely define and monitors objectives for continual improvement of the business, awareness and competence of our information security processes, improvement of health and safety performance, reduction in accidents and reduced environmental impact (ISO 14001). Objectives shall be in keeping with the ‘SMARTER’ principle:
S Specific - Definition of objectives must clearly describe the desired improvement.
M Measurable - It must be possible to verify achievement via evidence or numerically.
A Agreed - The management team shall review & approve the objectives.
R Realistic - There should not be a reason why the objective cannot be achieved.
T Timely - It shall be defined to what programme or timeframe the objective applies.
E Evaluated – Available evidence should allow for decisions on the level of success achieved.
R Reviewed - There will be a formal process for reviewing and setting objectives.
The MS (Management System) Team shall monitor the objectives and relative performance against them through periodic meetings, monitoring of data and the annual Management Review.
A record of these objectives is maintained within the MS Toolbox Tool.
The Documentation guide has been designed in conjunction with the how-to guides to explain how these one to ten steps correlate with ISO standards (ISO 9001, 14001, 27001 & 45001).
When implementing your ISO Management system by using the “How to Guides”, the “Document Guide” (one to ten steps) offers an explanation of the documented procedures that an organisation is recommended to follow based on the clauses from the ISO 9001,14001, 27001 & 45001. In conjunction with the required ISO standard, the organisation will be able to produce its own ISO Management System, which will offer guidance and controls to the business.
If you would like a demo of the ISOvA (Risk Compliance Software and) Integrated Management System (IMS) software fill out our form below: