assessment report refuge€¦ · the use of the bsi certification documents and mark / logo is...
TRANSCRIPT
Page 1 of 17
Assessment Report
Refuge Assessment dates 15/02/2018 to 16/02/2018
Assessment location London (000)
Report author Paul Gunn
Assessment standards ISO 9001:2015
Assessment Report.
Page 2 of 17
Table of contents
Executive summary ...................................................................................................................................................... 3
Assessment participants .............................................................................................................................................. 6
Assessment findings ..................................................................................................................................................... 7
Our next steps ............................................................................................................................................................ 11
Your next steps ........................................................................................................................................................... 13
Appendix: Your certification structure & on-going assessment programme ............................................................ 14
Assessment Report.
Page 3 of 17
Executive summary
The quality management system was fully realised and effectively achieving the desired outputs. This system has multiple processes that are best practice and in multiple ways has achieved excellence. Most notable is the excellent and in depth measurement of customer perception/satisfaction. Factual decision making permeates the system and means both the organisation, it's donors and the staff on the ground can be certain that decisions can be made with confidence. There were no weaknesses detected for this system and due to the above the strengths include fact based decision making; capacity planning based on up to date information; corrective action monitoring and progression and excellent records. The new strategic direction of tech abuse was seen to be understood and being identified at the grass roots level via the case ID 73424, see the findings section. In many ways this is more a case of the standard catching up with the operation of this system rather than the system having to catch up with the latest requirements of the standard. In short the greater challenge is to BSI to provide the support and external drive to partner this organisation so that they achieve excellence in every aspect of the standard. This challenge was met via the two opportunities for improvement raised within this report. It was also discussed and agreed that the next assessment should be a remote assessment and the organisation would like to change their cycle to 1 day every 9 months and 1.5 days for the recertification. This will be implemented on the next assessment to avoid complicating the current cycle.
Assessment objective, scope and criteria The objective of the assessment was to conduct a surveillance assessment and look for positive evidence to verify that elements of the scope of certification and the requirements of the management standard are effectively addressed by the organization's management system; that the system is demonstrating the ability to support the achievement of statutory, regulatory and contractual requirements and the organization's specified objectives as applicable with regard to the scope of the management standard; to confirm the ongoing achievement and applicability of the forward strategic plan and where applicable to identify potential areas for improvement of the management system.
The scope of the assessment is the documented management system with relation to the requirements of ISO 9001:2015 and the defined assessment plan provided in terms of locations and areas of the system and organization to be assessed.
ISO 9001:2015 Refuge management system documentation
Assessment Report.
Page 4 of 17
NCR summary
Which standard(s) BSI recorded findings against
Assessment Report.
Page 5 of 17
Definitions:
Nonconformity Non-fulfilment of a requirement. Major nonconformity Nonconformity that affects the capability of the management system to achieve the intended results. Nonconformities could be classified as major in the following circumstances: - If there is a significant doubt that effective process control is in place, or that products or services will meet specified requirements; - A number of minor nonconformities associated with the same requirement or issue could demonstrate a systemic failure and thus constitute a major nonconformity. Minor nonconformity Nonconformity that does not affect the capability of the management system to achieve the intended results. Opportunity for improvement It is a statement of fact made by an assessor during an assessment, and substantiated by objective evidence, referring to a weakness or potential deficiency in a management system which if not improved may lead to nonconformity in the future. We may provide generic information about industrial best practices but no specific solution shall be provided as a part of an opportunity for improvement.
Assessment Report.
Page 6 of 17
Assessment participants
Name Position Opening meeting
Closing meeting
Interviewed (processes)
Jane Keeper Director of Operations
X X X
Ossie Klass Head of Finance
and IT X
Tracy Blackwell Head of
Development X
Kelly Gingell Performance and Quality Manager
X
Hatice Gunes Staff IMPACT
Support Officer X
Assessment Report.
Page 7 of 17
Assessment findings
The assessment was conducted on behalf of BSI by
Name Position
Paul Gunn Team leader
Assessment conclusion and recommendation
The audit objectives have been achieved and the certificate scope remains appropriate. The audit team concludes based on the results of this audit that the organization does fulfil the standards and audit criteria identified within the audit report and it is deemed that the management system continues to achieve its intended outcomes.
RECOMMENDED - The audited organization can be recommended for continued certification to the above listed standards, and has been found in general compliance with the audit criteria as stated in the above-mentioned audit plan.
Use of certification documents, mark / logo or report
The use of the BSI certification documents and mark / logo is effectively controlled.
Findings
Interview with leadership:
The strategic direction has been developing and is now taking in tech abuse which is a new area of services being offered and this has attracted funding from a large internet company. Investment is being focused on infrastructure and an improved organisational structure and a new head of communications has been created and a survivor engagement coordinator with the main responsibility to listen and know when to act. Training budgets have been maintained and data management is a key service that is being maintained. The organisation is maintaining a major role in various technical committees for the government and ongoing consultations. Internal communications are via a CEO meeting on every Tuesday morning.
Quality management system:
Context, interested parties, risks and opportunities Documents Context of the organisation, approved 01/02/17 reviewed 12/02/18 Interested parties, last modified July 2016 Risk map, last modified 13/02/18
Assessment Report.
Page 8 of 17
Quality policy, objectives and management review Documents Quality policy, dated 01/02/17 - includes the organisations objectives The policy contains KPI style objectives and there is a more detailed and appropriate set of objectives being monitored via a second report called business objectives and this risks a duplication of work, see OPPORTUNITY SMT Strategic management team minutes, dated 13/02/18 - new opportunity reviewed and strategic and risk/concerns discussed along with competition - this also includes elements of management review Internal audits, corrective action and improvement Documents Internal audit schedule, 2017 and 2018 Internal audit on business development, conducted 09/06/17 Internal audit on fundraising, conducted 09/06/17 Nonconformity JP126, completed 26/10/17 on-going action Nonconformity JP122, completed 14/07/17 closed 07/08/17 Caseload by Staff, live interactive tool - this is an excellent approach to resource management Customer feedback and satisfaction Documents Performance report, 2016/2017 - percentage of clients feeling somewhat/much safer = 94.1% plus desired outcomes measured with 88.9% of outcomes achieved The above findings demonstrated the processes were fully implemented and effectively achieving the desired outputs.
Opportunity for improvement
Ref. no 1594715-201802-I1
Area/process Quality management system
Clause
Scope FS 547245
Certificate Standard
ISO 9001:2015
Details The policy contains KPI style objectives and there is a more detailed and appropriate set of objectives being monitored via a second report called business objectives and this risks a duplication of work.
Supplier management:
Documents Financial regulations and procedures, version 2, dated December 2015 Email request for a Dryer for a refuge, dated 29/12/17 Lease Vs purchase option for a dryer, completed January 2018 Purchase order for a Dryer, PO signed and dated 30/01/18 Key supplier list, dated September 2017 - Allsop and francis not on the list as they are not a key supplier but this was purchased with a warranty.
Assessment Report.
Page 9 of 17
Key suppliers list, September 2016 - British Gas shown as energy supplier but not on the latest list as their performance was deemed unacceptable and reasons documented for deselection. The above findings demonstrated the processes were fully implemented and effectively achieving the desired outputs.
IT and infrastructure:
Password protection protocols in place Dedicated areas on the network with permissions Back up of data is to two data centre and is run nightly Documents Caseload by Staff, live interactive tool - this is an excellent approach to resource management Daily dashboard, live dashboard showing a top level overview of key facts - shows capacity The dashboard is not shared with all staff and there is a risk the impact of the organisation is not being promoted, see OPPORTUNITY Welcome pack - information technology, dated January 2015 Social media policy, dated January 2017 Email for back ups showing the backup didn't finish, dated 10/02/18 - re-run and back up completed Business continuity meeting minutes, dated 24/01/18 - included discussion on change of network permissions for 3 staff and this is ongoing. The above findings demonstrated the processes were fully implemented and effectively achieving the desired outputs.
Opportunity for improvement
Ref. no 1594715-201802-I2
Area/process IT and infrastructure
Clause
Scope FS 547245
Certificate Standard
ISO 9001:2015
Details The dashboard is not shared with all staff and there is a risk the impact of the organisation is not being promoted.
Outreach, IDVA and BAMER – Service provision:
Documents Case management policy ID 73163, case commenced 12/12/17 - 5 outcomes identified - one need was registration with a GP and this was achieved 12/12/17 Risk assessment, dated 12/12/17 and reviewed 15/01/18 NOTE: this case resolved with a mother and child being reunited.
Assessment Report.
Page 10 of 17
ID 45115, case commenced 30/12/15 Risk assessment, dated February 2016 and reviewed 01/02/18 Software has raised additional risk relating to slavery A total of 434 actions have been completed - the last 6 actions were reviewed and all were completed on time ID 73424, case commenced 13/12/17 closed 02/02/18 Risk assessment 16/12/17 - noted as very high risk and included tech abuse A total of 7 areas of needs and safety advice included 23 actions all completed to planned dates Case closed after loss of contact and 6 attempts to contact as per procedure - Case management policy. The above findings demonstrated the processes were fully implemented and effectively achieving the desired outputs.
Assessment Report.
Page 11 of 17
Our next steps
Next visit plan
Date Auditor Time Area/process Clause
30/01/2019 Paul Gunn 09.00 Opening meeting
09.15 Interview with leadership
Strategic Review
09.45 Quality management system including context, interested parties, risks and opportunities/quality policy, objectives and management review/internal audits, corrective action and improvement/feedback and satisfaction
Documented information
12.30 Lunch
13.00 Human Resources - competence, training & awareness
14.00 Business continuity
15.00 Report preparation
16.30 Interim Meeting
31/01/2019 Paul Gunn 09.00 Interim Meeting
09.30 Communications and Fundraising
10.30 Service provision
11.30 Report preparation
12.15 Closing meeting
Next visit objectives, scope and criteria
The objective of the assessment is to ascertain the integrity of the organization's management system over the current assessment cycle to enable recertification and confirm the forward strategic assessment plan.
Assessment Report.
Page 12 of 17
The scope of the assessment is the documented management system with relation to the requirements of ISO 9001:2015 and the defined assessment plan provided in terms of locations and areas of the system and organization to be assessed.
ISO 9001:2015 Refuge management system documentation
Please note that BSI reserves the right to apply a charge equivalent to the full daily rate for cancellation of the visit by the organization within 30 days of an agreed visit date. It is a condition of registration that a deputy management representative be nominated. It is expected that the deputy would stand in should the management representative find themselves unavailable to attend an agreed visit within 30 days of its conduct.
Assessment Report.
Page 13 of 17
Your next steps
NCR close out process
There were no outstanding nonconformities to review from previous assessments.
No new nonconformities were identified during the assessment. Enhanced detail relating to the overall assessment findings is contained within subsequent sections of the report.
Please refer to Assessment Conclusion and Recommendation section for the required submission and the defined timeline.
How to contact customer service
'Just for Customers' is the website that we are pleased to offer our clients following successful registration, designed to support you in maximising the benefits of your BSI registration - please go to www.bsigroup.com/j4c to register. When registering for the first time you will need your client reference number and your certificate number (47344320/FS 547245).
Should you wish to speak with BSI in relation to your registration, please contact our Customer Engagement and Planning team:
Customer Services BSI Kitemark Court, Davy Avenue, Knowlhill Milton Keynes MK5 8PP Tel: +44 (0)345 080 9000 Email: [email protected]
Assessment Report.
Page 14 of 17
Appendix: Your certification structure & on-going assessment programme
Scope of certification
FS 547245 (ISO 9001:2015)
The management of specialist support services including a network of women's refuges, culturally specific services for women from black and minority ethnic communities, outreach and independent domestic violence, sexual violence advocacy and other gender violence services.
Assessed location(s)
The audit has been performed at Permanent Locations.
London / FS 547245 (ISO 9001:2015)
Location reference 0047344320-000 Address Refuge
4th Floor, International House 1 St. Katharines Way London E1W 1UN United Kingdom
Visit type Continuing assessment (surveillance) Assessment reference 8497537 Assessment dates 15/02/2018
Audit plan (revision date) 15/02/2018
Deviation from audit plan No
No. of full time equivalent employees
41
Total no. of effective employees at the site
41
Scope of activities at the site Main certificate scope applies. Assessment duration 1.5 day(s)
Assessment Report.
Page 15 of 17
Changes in the organization since last assessment
The following changes in relation to organization structure and key personnel involved in the certified management system were noted:
The strategic direction has been developing and is now taking in tech abuse which is a new area of services being offered and this has attracted funding from a large internet company. Investment is being focused on infrastructure and an improved organisational structure and a new head of communications has been created and a survivor engagement co-ordinator with the main responsibility to listen and know when to act.
The following changes in relation to the certified organization activities, products or services covered by the scope of certification were identified:
Tech abuse is a new service being offered
There was no change to the reference or normative documents which is related to the scope of certification.
Assessment Report.
Page 16 of 17
Certification assessment programme Certificate number - FS 547245
Location reference - 0047344320-000
Audit1 Audit2 Audit3 Audit4
Business area/location Date (mm/yy): 05/16 02/17 02/18 02/19
Duration (days): 0.5 1.5 1.5 1.5
Readiness Review ISO 9001:2015 X
Opening meeting X X X X
Interview with leadership X X X
Strategic Review X
Quality management system including context, interested parties, risks and opportunities/quality policy, objectives and management review/internal audits, corrective action and improvement/feedback and satisfaction
X X X
Documented information X X
Lunch X X X
Human Resources - competence, training & awareness
X X
Supplier management & purchasing X X
IT / infrastructure X
Business continuity X X
Business Development inc. opportunity tracking and tendering
X
Communications and Fundraising X
Service provision X X X
Report preparation X X X X
Closing meeting X X X X
Remote Assessment X
Expected outcomes for accredited certification What accredited certification to ISO 9001 means
ISO 9001:2015 specifies requirements for a quality management system when an organization: needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements; and aims to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.
Assessment Report.
Page 17 of 17
What accredited certification to ISO 9001 does not mean
1) It is important to recognize that ISO 9001 defines the requirements for an organization’s quality management system, not for its products and services. Accredited certification to ISO 9001 should provide confidence in the organization’s ability to “consistently provide product that meets customer and applicable statutory and regulatory requirements”. It does not necessarily ensure that the organization will always achieve 100% product conformity, though this should of course be a permanent goal. 2) ISO 9001 accredited certification does not imply that the organization is providing a superior product or service, or that the product or service itself is certified as meeting the requirements of an ISO (or any other) standard or specification.
Notes This report and related documents are prepared for and only for BSI’s client and for no other purpose. As such,
BSI does not accept or assume any responsibility (legal or otherwise) or accept any liability for or in connection
with any other purpose for which the Report may be used, or to any other person to whom the Report is shown or
in to whose hands it may come, and no other persons shall be entitled to rely on the Report.If you wish to
distribute copies of this report external to your organization, then all pages must be included.
BSI, its staff and agents shall keep confidential all information relating to your organization and shall not disclose
any such information to any third party, except that in the public domain or required by law or relevant
accreditation bodies. BSI staff, agents and accreditation bodies have signed individual confidentiality undertakings
and will only receive confidential information on a 'need to know' basis.
This audit was conducted on-site through document reviews, interviews and observation of activities. The audit
method used was based on sampling the organization’s activities and it was aimed to evaluate the fulfilment of the
audited requirements of the relevant management system standard or other normative document and confirm the
conformity and effectiveness of the management system and its continued relevance and applicability for the
scope of certification.
As this audit was based on a sample of the organization’s activities, the findings reported do not imply to include
all issues within the system.
Regulatory compliance BSI conditions of contract for this visit require that BSI be informed of all relevant regulatory non-compliance or
incidents that require notification to any regulatory authority. Acceptance of this report by the client signifies that
all such issues have been disclosed as part of the assessment process and agreement that any such non-
compliance or incidents occurring after this visit will be notified to the BSI client manager as soon as practical after
the event.