The Key Performance Indicators (KIPs) list provides you with a template list of common KPIs such as customer satisfaction, employee competency, resource capacity and security events. The list provides you with a snapshot of your IMS performance to evaluate performance of your business value drivers.
MONITORING, MEASUREMENT, ANALYSIS AND EVALUATION
PLANNING
The Organisation plans its monitoring and measurement activities, including:
Records generated by the monitoring and measurement activities are maintained as described in Step 3 controls under Documented Information.
The performance evaluation categories embedded into the MS (Management System) Toolbox Tool are:
Each category includes several monitoring and measurement activities, including frequency, responsibilities and related documents.
CUSTOMER SATISFACTION EVALUATION
The customer satisfaction evaluation is included in the Performance Evaluation section and can be based on several methods:
The Organisation collects information about customer satisfaction and uses the conclusions to improve the product, service, internal processes, staff competencies, suppliers and subcontractors, etc.
Analysis and Evaluation
The conclusions of the monitoring and measurement activities are used in the regular management meetings and in the Management Review as an essential source of information to review all the planning elements of the MS (Management System):
INTERNAL AUDIT
CONDUCTING
The auditor or persons responsible for auditing shall plan and conduct the audit by arranging the availability of the key personnel, reviewing previous audit findings and obtaining access to any applicable procedures and documented information. Auditing may be undertaken through a variety of techniques – the auditor is to judge which audit approach best suits the situation.
Process Auditing would consider a particular work area or activity, sampling the effectiveness of operational controls, communication, adherence to requirements and record-keeping throughout the natural sequence of events. (e.g., following audit samples through a linear chain of command)
Compliance Auditing focuses more on the individual subject(s), raising specific questions/answers.
System Auditing is checklist-based and is used to confirm key elements.
DOCUMENTED INFORMATION
Audit findings shall be recorded onto a template Internal Audit Form; the header of this document includes essential detail such as; Date, Audit Title, Auditor, Auditees, Standards applicable, Reference documents and Location. The audit record's content will vary depending upon the subject matter and audit approach used, but this could typically include a commentary of findings/samples to demonstrate compliance, objective evidence/photos, questions/answers, dialogue, or checklists.
NB: The auditor must apply discretion within the audit record if the subject matter is sensitive/personal.
FINDINGS
Upon completion of the audit, a result shall be declared, and records shall indicate, if applicable…
REVIEW
Nonconformities and Corrective Actions shall be followed up to confirm closure. Internal Audit results shall form the annual management review input to verify programme completion and effectiveness.
The results of the internal audit programme will also be considered when reviewing the Risk & Opportunity Register.
MANAGEMENT REVIEW
INTRODUCTION
These formal reviews involve input from appropriate management team members and are coordinated by the MS (Management System) Manager. Based upon a discussion, a desktop collation of information and decisions based on Quantitative and Qualitative data from various sources, these reviews generate a strategic/documented overview of the management system’s performance, looking back and forward across a year. These annual reviews are intended to complement the more frequent management meetings.
The MS (Management System) will also be reviewed and assessed in its maturity. Guidelines for this assessment will be communicated through the management review and graded at the Annual Management Review.
COMMUNICATION
MANAGEMENT MEETINGS
Other meetings undertaken at the Organisation are management meetings. These meetings are between Top Management and The Organisation’s employees. These meetings are an opportunity to highlight key issues (including corrective and preventative action) and monitor project progress.
When important news or changes to the company are planned, these are communicated to key personnel directly at these meetings.
The Management team are in the continual discourse regarding all elements of the business.
INTERNAL COMMUNICATION
The Organisation will ensure that the relevant sections of the MS (Management System) are accessible at all levels within the organisation.
The Organisation will ensure that all employees know the Quality & Environmental Policy (ISO 14001) & Health and Safety Policy (ISO 45001)..
The Organisation will ensure that all employees are aware of the company’s significant environmental aspects, the potential impact, and the environment and their role in mitigating these.
The Organisation will ensure that all employees are aware of their responsibilities in relation to health and safety in the workplace.
The Organisation will also ensure that workers are provided with adequate information and training to minimise risks to health and safety at work.
The Organisation’s employees will be made aware of the Quality & Environmental objectives, the success achieved against the targets set, and their role in helping achieve them.
The Organisation will ensure that relevant individuals are aware of compliance obligations related to their role and the responsibilities associated with these obligations.
The Organisation will utilise:
Ensure that this information is communicated, accessible, correct and regularly updated.
EXTERNAL COMMUNICATION
Through the Management Review, the Organisation will agree annually on which areas of the MS (Management System), including Objectives and Aspects & Impacts, H&S reviews and Information security issues, are to be communicated externally. The Organisation Environmental, H&S, Information Security & Quality Policy will be made available on request.
External communications (including complaints) will be dealt with upon receipt. All complaints relating to the MS (Management System) will be reported to MS (Management System) Manager and Top Management, who will agree on what action is to be taken. If the complaint is deemed a non-conformity, it is also treated according to the non-conformities and corrective actions procedure.
PLANNING FOR CHANGE
Whenever a change is planned to be introduced with an impact on the MS (Management System), the difference is discussed in meetings, and the corresponding planning is recorded in the meetings’ minutes. This way, the integrity of the MS (Management System) is ensured at all times. The change planning is used to reflect on new risks and opportunities and introduce improvements to the organisation’s processes and the system.
Each proposed change is discussed, including the following:
Different planning and control mechanisms can be put in place. The following table contains some examples.
The Documentation guide has been designed in conjunction with the how-to guides to explain how these one to ten steps correlate with ISO standards (ISO 9001, 14001, 27001 & 45001).
When implementing your ISO Management system by using the “How to Guides”, the “Document Guide” (one to ten steps) offers an explanation of the documented procedures that an organisation is recommended to follow based on the clauses from the ISO 9001,14001, 27001 & 45001. In conjunction with the required ISO standard, the organisation will be able to produce its own ISO Management System, which will offer guidance and controls to the business.
If you would like a demo of the ISOvA (Risk Compliance Software and) Integrated Management System (IMS) software fill out our form below: