Download - The New ISO Standard ‘Standard’ Template
-
8/9/2019 The New ISO Standard ‘Standard’ Template
1/23
The new ISO standard‘Standard’ Template
Graham Watson
Integre Ltd.
How Many Business Management Systems do we Need?
Hunterston A, 26 September 2012
-
8/9/2019 The New ISO Standard ‘Standard’ Template
2/23
-
8/9/2019 The New ISO Standard ‘Standard’ Template
3/23
ISO/IEC Directives, Part 1
Consolidated ISO Supplement – Procedures
specific to ISO
Annex SL (normative)Proposals for management system standards
Appendix 3 (normative)
High level structure, identical core text, common termsand core definitions
(Formerly Guide 83)
-
8/9/2019 The New ISO Standard ‘Standard’ Template
4/23
Background
• Management system standards developed by
Technical Committees, Sub-committees or
Project committees
• Lack of common structure
• TMB directs TCs to make them compatible
• Little/slow progress• JTCG formed
• JTCG expanded and directed to develop high
level structure and core terminologyIntegre 4
-
8/9/2019 The New ISO Standard ‘Standard’ Template
5/23
Management system models
Integre 5
ISO 9001 ISO 14001
ISO 14001 clone
-
8/9/2019 The New ISO Standard ‘Standard’ Template
6/23
Joint Technical Coordination Group (JTCG)
• Originally set up to coordinate compatibility
between ISO 9001 and ISO 14001
• Comprises chairs and secretaries of
management system Technical Committees
• Developed high level structure for all MSS (as
Guide 83)
Integre 6
-
8/9/2019 The New ISO Standard ‘Standard’ Template
7/23
ISO TMB Terms of Reference (extract)
• To examine proposals for new fields of ISO technical activity,and to decide on all matters concerning the establishmentand dissolution of technical committees.
• To keep the ISO/IEC Directives for the technical work under
review, to examine and coordinate all proposals foramendments and to approve appropriate revisions.
• To act on the following matters: – monitoring of the work of technical committees and project
management requirements;
– approval of titles, scopes and programmes of work of individualtechnical committees;
Integre 7
They must be obeyed!
-
8/9/2019 The New ISO Standard ‘Standard’ Template
8/23
TMB decisions (February 2012)
TECHNICAL MANAGEMENT BOARD RESOLUTION 18/2012
Final draft High Level Structure and identical text for MSS and common MS terms and coredefinitions
The Technical Management Board,
• Notes the recommendations contained in the Joint Technical Coordination Group (JTCG)report and the proposed revised draft of the High Level Structure and identical text for MSSand common MS terms and core definitions (JTCG N316),
• Further notes that the proposed document includes proposals on the applicability andflexibility of its implementation,
• Decides that any future MSS (new and revisions) shall, in principle, follow the structure andguidance included in this document (JTCG N316) but decides to permit deviations on thecondition that these are reported to the TMB, with detailed rationale,
• Further decides that this will be reviewed by the TMB after one year,
• Requests the DMT to incorporate the above document in the revised Annex SL (including the
revised Guide 72 and the current JTCG N316 "High Level Structure and identical text for MSSand common MS terms and core definitions"),
• Thanks the JTCG for its work, and
• Decides to revise the mandate of the JTCG to: provide the TMB and technical committeeswith information on the development of ISO MSS.
Integre 8
-
8/9/2019 The New ISO Standard ‘Standard’ Template
9/23
Aims of Annex SL
• To enhance the consistency and alignment of ISO managementsystem standards by providing – a unifying and agreed high level structure,
– identical core text and common terms and core definitions.
• All ISO management system “requirements” standards are aligned
and the compatibility of these standards is enhanced.• Individual management systems standard will add additional
“discipline-specific” requirements as required.
• This common approach to new management system standards andfuture revisions of existing standards will increase the value of suchstandards to users.
• It will be particularly useful for those organizations that choose tooperate a single (sometimes called “integrated”) managementsystem that can meet the requirements of two or moremanagement system standards simultaneously.
Integre 9
-
8/9/2019 The New ISO Standard ‘Standard’ Template
10/23
Annex SL High Level Structure
Introduction
1. Scope
2. Normative references
3. Terms and definition
4. Context of the organization
4.1 Understanding the organization and its context
4.2 Understanding the needs and expectations of
interested parties4.3 Determining the scope of the XXX management
system
4.4 XXX management system
5. Leadership
5.1 Leadership and commitment
5.2 Policy
5.3 Organization roles, responsibilities and
authorities6. Planning
6.1 Actions to address risks and opportunities
6.2 XXX objectives and planning to achieve them
7. Support
7.1 Resources
7.2 Competence
7.3 Awareness
7.4 Communication
7.5 Documented information
7.5.1 General7.5.2 Creating and updating
7.5.3 Control of documented information
8. Operation
8.1 Operational planning and control
9. Performance evaluation
9.1 Monitoring, measurement, analysis andevaluation
9.2 Internal audit9.3 Management review
10. Improvement
10.1 Nonconformity and corrective action
10.2 Continual improvement
Integre 10
All new or revised ISO management system standards will look like this
-
8/9/2019 The New ISO Standard ‘Standard’ Template
11/23
Annex SL Common Terms
organization
interested party (preferred term)
stakeholder (admitted term)
requirement
management systemtop management
effectiveness
policy
objective
riskcompetence
documented information
process
performance
outsource (verb)
monitoring
measurementaudit
conformity
nonconformity
correction
corrective actioncontinual improvement
Integre 11
All new or revised ISO management system standards will use these defined terms
-
8/9/2019 The New ISO Standard ‘Standard’ Template
12/23
“Rules” - Use
• ISO management system standards include the highlevel structure and identical core text as found inAppendix 3 to this Annex SL.
• The common terms and core definitions are either
included or normatively reference an internationalstandard where they are included.
• The high level structure includes the main clauses(1 to 10) and their titles, in a fixed sequence.
• The identical core text includes numbered sub-clauses (and their titles) as well as text within thesub-clauses.
Integre 12
-
8/9/2019 The New ISO Standard ‘Standard’ Template
13/23
“Rules” – Non applicability
• If due to exceptional circumstances the high levelstructure or any of the identical core text, commonterms and core definitions cannot be applied in adiscipline-specific management system standard
then the TC/PC/SC needs to notify ISO/TMB throughthe ISO/TMB Secretary at [email protected] of therationale for this and make it available for review byISO/TMB.
• TC/PC/SC strive to avoid any non-applicability of thehigh level structure or any of the identical core text,common terms and core definitions.
Integre 13
-
8/9/2019 The New ISO Standard ‘Standard’ Template
14/23
“Rules” – Discipline-specific management
system standards
• Discipline-specific text does not affect harmonization or contradict or undermine the intentof the high level structure, identical core text, common terms and core definitions.
• Insert additional sub-clauses, or sub-sub-clauses (etc.) either ahead of an identical text sub-clause (or sub-sub-clause etc.), or after such a sub-clause (etc.) and renumbered accordingly.Examples of additions include: – new bullet points
– discipline-specific explanatory text (e.g. Notes or Examples), in order to clarify requirements
– discipline-specific new paragraphs to sub-clauses (etc.) within the identical text – adding text that enhances the existing requirements in Appendix 3 to this Annex SL
• Avoid repeating requirements between identical core text and discipline-specific text.
• Distinguish between discipline-specific text and identical core text from the start of thedrafting process. This aids identification of the different types of text during the developmentand balloting stages.
• Understanding of the concept of “risk” may be more specific than that given in the definitionunder 3.09 of Appendix 3 to this Annex SL. In this case a discipline-specific definition may beneeded. The discipline-specific terms and definitions are differentiated from the coredefinition, e.g. (XXX) risk .
• Common terms and core definitions will be integrated into the listing of terms and definitionsin the discipline-specific management system standard consistent with the concept system ofthat standard.
Integre 14
-
8/9/2019 The New ISO Standard ‘Standard’ Template
15/23
-
8/9/2019 The New ISO Standard ‘Standard’ Template
16/23
-
8/9/2019 The New ISO Standard ‘Standard’ Template
17/23
Changes (2) - Documented information
documented information
information required to be controlled and maintained by an organization
(3.01) and the medium on which it is contained
NOTE 1 to entry: Documented information can be in any format and media and from any source.
NOTE 2 to entry: Documented information can refer to
– the management system (3.04), including related processes (3.12);
– information created in order for the organization to operate (documentation);
– evidence of results achieved (records).
Integre 17
-
8/9/2019 The New ISO Standard ‘Standard’ Template
18/23
Changes (2) - Documented information
7.5 Documented information
7.5.1 General The organization’s XXX management system shall include
- documented information required by this International Standard
- documented information determined by the organization as being necessary for the effectiveness of the XXX
management system.
7.5.2 Creating and updating When creating and updating documented information the organization shall ensure appropriate- identification and description (e.g. a title, date, author, or reference number)
- format (e.g. language, software version, graphics) and media (e.g. paper, electronic)
- review and approval for suitability and adequacy.
7.5.3 Control of documented information Documented information required by the XXX management system and by this International Standard shall be
controlled to ensure
- it is available and suitable for use, where and when it is needed- it is adequately protected (e.g. from loss of confidentiality, improper use, or loss of integrity).
For the control of documented information, the organization shall address the following activities, as applicable
- distribution, access, retrieval and use,
- storage and preservation, including preservation of legibility
- control of changes (e.g. version control)
- retention and disposition
Documented information of external origin determined by the organization to be necessary for the planning and
operation of the XXX management system shall be identified as appropriate, and controlled.
Integre 18
-
8/9/2019 The New ISO Standard ‘Standard’ Template
19/23
Changes (3) - Risk
risk
effect of uncertainty
NOTE 1 to entry: An effect is a deviation from the expected — positive or negative.
NOTE 2 to entry: Uncertainty is the state, even partial, of deficiency of information
related to, understanding or knowledge of, an event, its consequence, or likelihood.
NOTE 3 to entry: Risk is often characterized by reference to potential events (ISO
Guide 73, 3.5.1.3) and consequences (ISO Guide 73, 3.6.1.3), or a combination of
these.
NOTE 4 to entry: Risk is often expressed in terms of a combination of the
consequences of an event (including changes in circumstances) and the associated
likelihood (ISO Guide 73, 3.6.1.1) of occurrence.
Integre 19
-
8/9/2019 The New ISO Standard ‘Standard’ Template
20/23
Risk - ISO 31000:2009
risk
effect of uncertainty on objectives
NOTE 1 An effect is a deviation from the expected — positive and/or negative.
NOTE 2 Objectives can have different aspects (such as financial, health and
safety, and environmental goals) and can apply at different levels (such as
strategic, organization-wide, project, product and process).
NOTE 3 Risk is often characterized by reference to potential events (2.17)
and consequences (2.18), or a combination of these.
NOTE 4 Risk is often expressed in terms of a combination of the
consequences of an event (including changes in circumstances) and the
associated likelihood (2.19) of occurrence.
NOTE 5 Uncertainty is the state, even partial, of deficiency of information
related to, understanding or knowledge of an event, its consequence, or
likelihood.
Integre 20
-
8/9/2019 The New ISO Standard ‘Standard’ Template
21/23
Changes (3) - Risk
6. Planning
6.1 Actions to address risks and opportunities
When planning for the XXX management system, the organization shall
consider the issues referred to in 4.1 and the requirements referred to in 4.2
and determine the risks and opportunities that need to be addressed to- assure the XXX management system can achieve its intended outcome(s)
- prevent, or reduce, undesired effects
- achieve continual improvement.
The organization shall plan:
a) actions to address these risks and opportunities, andb) how to
- integrate and implement the actions into its XXX management system
processes
- evaluate the effectiveness of these actions.
Integre 21
-
8/9/2019 The New ISO Standard ‘Standard’ Template
22/23
Standards using Annex SL
Published
• ISO 22301 - Business continuity management
• ISO 20121 - Event sustainability management
FDIS
• ISO 39001 - Road Traffic Safety management
Work ongoing
• ISO 9001 - Quality management
• ISO 14001 - Environmental management
• ISO 27001 - Information security management
Integre 22
-
8/9/2019 The New ISO Standard ‘Standard’ Template
23/23
The new ISO standard‘Standard’ Template
Integre 23
Thank you for your attention