The Controls list provides you with a template list of the mandatory controls for ISO standards. You can easily add operational controls such as systems, checklists and documents to provide a complete overview of your management system controls.
PLANNING OF THE MANAGEMENT SYSTEM
The MS (Management System) is the collective term used to describe the occupational activities (processes) and written information to control and reflect this (policies, manuals, procedures, arrangements, forms, etc.).
Instructional documents, such as policy statements, manuals, handbooks, procedures, flow charts, etc.., guide the organisation’s requirements and how processes should function.
Working documents include forms, spreadsheets, databases, drawings, etc. These may be project or time-specific, and information may be added, thus creating “records”.
Documented information (documents and records) can exist in hard copy and electronic format.
Note: Documents under the scope of this MS (Management System) and documents that impact quality and the environment (ISO 14001) will be controlled via processes and procedures. Documents outside of the scope will be governed by the relevant departments of The Organisation and will not be the responsibility of this (Management System). The Organisation will monitor the validity of such documents through the internal auditing process.
Control of Documents
Documents should show adequate identification to determine their identity and revision status. This may include a title, date, version, approver and reference number. A master list of instructional documents shall be maintained, which summarises all relevant document identification, indicating the latest version, the date of the newest revision/review and a record of the person(s) approving the adequacy of each document for use.
Working documentation (forms, spreadsheets, databases, etc.) may not be listed via a central register. However, it is still vital that they are adequately controlled. This can be achieved through; logical naming, revision control, removal or marking of obsolete versions and the holding of master copies for reference.
The MS (Management System) documents are managed in 3 ways:
All the MS (Management System) documentation has specific access rights defined by the MS Manager. Employees have access to certain documents, but only the MS Manager can amend the documentation.
When a document is revised, a person’s actions to respond to the changes shall be issued with hard or electronic copies or received communication informing them of the changes introduced.
DOCUMENTS OF EXTERNAL ORIGIN
When clients or other third-party organisations provide documents, these shall be subject to reasonable control about their nature and importance. Where incoming hard copy or electronic documents are supplier/time-specific (for example, catalogues, technical product information, etc.), these are to be suitably named, filed, and circulated. If subsequent revisions are received, obsolete versions shall be removed.
CONTROL OF HARD-COPY RECORDS
Physical records generated from the operational activity shall be stored under suitable conditions and adequately protected to ensure that they remain legible, readily identifiable and retrievable.
The Organisation retains very few hard copy records, as most are electronic. Any hard copy records, for example:
CONTROL OF ELECTRONIC RECORDS
Computer records created during the process are permanently retained on the Organisation server.
MS (MANAGEMENT SYSTEM) TOOLBOX TOOL UPDATES
The registers are continually updated to reflect current risks, controls, and corrective actions. reviewed at least once a year by top management during the management review. Because the tables are all linked to each other, the study of one table will lead to assessments of the remaining ones.
The members or guests of the Team site can edit the MS (Management System) toolbox. Since the information access is restricted to a group of people, the MS (Management System) Manager extracts the relevant information and discloses it to the team.
All the changes made to the tables are recorded by the MS (Management System) Toolbox, using the function “Version history”:
EMERGENCY PREPAREDNESS (ISO 14001)
The organisation should devise strategies for emergencies at both company locations and temporary sites (including construction projects, occupied premises, void works etc.). The Safety Officer will identify key hazards/risks and develop appropriate emergency response plans. Consideration of the following is essential during the planning stage:
Through the Aspects & Impact process and Risk and Opportunity Register, the Organisation identifies potential emergency situations and accidents that can impact(s) on the environment and how it will respond to them, including, if appropriate and practicable, testing of emergency situations. The controls for mitigating the associated risks are also set out in the aspects register.
The three potential emergency situations are:
A high standard of housekeeping, cleanliness, and tidiness is required to prevent contamination or damage to products or equipment, prevent accidents, and minimise the risk of pollution.
Several responsibilities are associated with general housekeeping. These include:
To meet the requirements of the Regulatory Reform (Fire Safety) Order 2005, the Company conducts a Fire Risk Assessment. It applies control measures to ensure that the means of escape, fire detection, warning systems, and firefighting equipment are adequate and properly maintained.
Procedures to be followed in the event of a fire are displayed at strategic points throughout the Company’s offices and facilities. New employees are instructed at their induction on the evacuation routes and assembly points in an emergency. Visitors are made aware of the emergency arrangements and always escorted.
All accesses and fire exits will be kept well lit and clear of stored materials and other obstructions.
Appropriate fire extinguishers will be located at strategic points throughout the Company’s offices and facilities. Employees will be shown these locations and instructed in their use during induction. All firefighting equipment must be maintained in line with the manufacturer’s recommendations.
All office machinery/equipment must be used, maintained, and situated by the manufacturers/supplier’s recommendations. Staff required to use unfamiliar equipment or machinery will be given sufficient instruction/training. Offices and facilities will be planned to avoid the dangers of trailing cables from electric equipment/machinery.
All emergency procedures will be reviewed and amended as necessary and tested at least once annually.
Company premises are reviewed for flood risk – rainwater systems to be maintained in a clear and operational condition. – Any potentially faulty mains water pipes are to be repaired.
Any hazardous chemicals to be moved to a location away from contact with floodwater. (onto high racking)
If a flood breach of chemical storage is encountered, reaching the drain, the water authority may need to be informed.
Consent to pump floodwater out of the excavation may be required.
The supervisor or manager is to coordinate the storage/movement of chemicals.
Chemical storage and potential for flooding to be visually monitored.
The Company recognises its duties under the Health and Safety (First-Aid) Regulations 1981 (as amended) and the Approved Code of Practice (L74), whereby arrangements must be made for a fair number of employees to receive training in first aid. This will enable them to cope in an emergency situation, emphasising the types of injuries that may be realised in our industry.
Notwithstanding the above, at least one member of every team of employees will be designated as an Appointed Person. Additional training will include courses in First Aid at Work (FAW), Emergency First Aid at Work (EFAW), and specialist training (e.g. AED) as may be appropriate.
The Company premises shall contain at least one suitably stocked First Aid Box (e.g. BS 5899), which shall be under the control of the Appointed Person, together with appropriate notices displayed giving names, contact details and locations of personnel and equipment.
Periodical inspection will ensure that all first aid kits are kept clean and adequately stocked.
The following table offers guidance on minimum levels of First Aid cover but is no replacement for a thorough risk assessment:
In addition, the following factors will be taken into account:
CRIMINAL ACTIVITY – THEFT / VANDALISM / SABOTAGE
The company is aware that criminal activity on the premises could be detrimental to operational activities and the local environment. Many physical and electronic security has been employed for both buildings and vehicles. The lock-up process has been communicated to staff, and the last person to leave will undertake a site walkthrough thoroughly check or security measures.
Following such an incident, a premises inspection must immediately be carried out to identify any problems/hazards that the incident may have caused (e.g., deliberate spillages, fires, introduced substances, tampering with building infrastructure, theft of substances such as chemicals/fuel, etc.)
Incidents will be reported to authorities, including passing safety/environmental information onto police for any dangerous substances stolen/tampered with.
WASTE MANAGEMENT (ISO 14001)
WASTE DUTY OF CARE
The ‘Duty of Care’ is a legal principle that says we must take all reasonable steps to ensure the safe management of waste to protect human health and the environment.
If we give waste to somebody else, we must be sure that they are authorised to take it and transfer, recycle or dispose of it safely and in an environmentally responsible way. If we break this law, we could be fined an unlimited amount. The duty of care applies to all sites/premises we discard unwanted items and material, even if recycled.
Waste that we produce or potentially encounter generally falls within the following categories;
We must take all reasonable steps to fulfil the duty, including segregation where necessary and preventing waste from causing pollution, harm or escaping from our control. To do this, we must follow the steps below.
Waste contractor licences can be checked online with the EA or the GOV.uk website.
WASTE MANAGEMENT RECORDS
When our waste is transferred, both parties must retain a written description of this, either on a ‘per collection’ basis or, in some situations, an annual ‘season ticket’ can cover repeated similar waste collections.
The Transfer note should include the following information:
NB: If hazardous waste is being transferred, additional consignment note requirements apply.
Our legal responsibility is to ensure that our paperwork is complete and correct, not the waste carrier.
Whenever a load of waste is transported from our sites, you must provide a waste transfer note is completed for each waste type and waste carrier;
We will be verifying if the waste transfer notes are correctly completed during the site audits and clarify any questions you might have.
Sufficient facilities are in place to manage the separate waste streams at relevant functions throughout the organisation. The Organisation will ensure each waste stream is controlled sufficiently to meet its compliance obligations.
Records are maintained for quantities of waste produced and recycling levels of individual waste streams.
It is the responsibility of the MS (Management System) Manager to keep relevant records up to date, including waste carrier licences and transfer notes. Detailed descriptions of individual waste carriers used in the Waste Carrier Register are kept.
The Documentation guide has been designed in conjunction with the how-to guides to explain how these one to ten steps correlate with ISO standards (ISO 9001, 14001, 27001 & 45001).
When implementing your ISO Management system by using the “How to Guides”, the “Document Guide” (one to ten steps) offers an explanation of the documented procedures that an organisation is recommended to follow based on the clauses from the ISO 9001,14001, 27001 & 45001. In conjunction with the required ISO standard, the organisation will be able to produce its own ISO Management System, which will offer guidance and controls to the business.
If you would like a demo of the ISOvA (Risk Compliance Software and) Integrated Management System (IMS) software fill out our form below: