Millions of people around the world have lost their jobs amid the current Covid-19 crisis - it is a crisis within a crisis. The long-term economic impact is yet unknown but will surely be deep.
What is not in doubt is that the economic strain on companies of all sizes across the UK and the rest of the world will be here for the foreseeable future. Manufacturers have closed plants, stores are shut, and consumer demand has collapsed in many sectors.
Research by the Institute for Social and Economic Research at the University of Essex has found that more than 6.5 million jobs could be lost due to the economic fallout from the UK’s coronavirus lockdown, about a quarter of the UK’s total jobs.
A simply staggering number of companies have plunged into administration, from stalwart high street brands to major travel agents, as well as a whole raft of businesses in sectors such as construction. The true toll is only just beginning to be understood.
So it’s no surprise that companies which are still managing to keep their heads above water will be starting to look at deep cost-cutting measures in the short- and medium-term. With profit centres being hit like never before, cost centres such as ISO compliance will undoubtedly have fewer resources until the economy turns around.
What does this mean for the ISO compliance functions of companies that are struggling?
In practical terms, they will have to make risk-based decisions about how to allocate the limited resources that they have. And one important thing to think about is how you can use the expertise of companies such as The Ideas Distillery to outsource your compliance tasks cost-effectively with little overhead.
Certification Bodies have recognised, for the moment at least, that the world has changed significantly. Just about all have turned to ‘remote auditing’ as a way to still service clients while still respecting the lockdown. There has also been the option of postponing for up to six months in many circumstances, although this option is now starting to wind down.
Any company’s priority will simply be to put themselves in a position to survive the crisis. So when dealing with budget constraints and limited compliance resources, flexibility and creativity will be key.
For our part, when we are helping businesses in these scenarios, we always assess risk and conduct a review with the aim of identifying core ISO compliance requirements. This often entails a historic review of internal procedures and controls to identify past activities or other problems to determine where the biggest risks reside.
External industry risks such as enforcement actions brought against competitors should be considered as well, along with identifying low-risk areas where there have been few incidents or problems.
But more significantly, we help companies to determine if new, immediate significant risks have arisen due to the pandemic. Another emerging risk may exist in a company’s sales department, for example, perhaps due to the pressures of bringing in new business. This may be an area that leads to an increase in customer complaints as things are missed.
The crisis may have caused companies to find new suppliers that have not been fully vetted due to time pressures. Likewise, the pandemic may have caused substantial risks to employee safety associated with reopening businesses. This emerging risk will likely call for the development of new policies and procedures that will require close oversight by senior management.
For more information - and to see how we can help - just get in touch with us in any number of ways using on our Contact page.
Achieving certification to ISO 27001 demonstrates that your company is following information security best practice, and delivers an independent, expert assessment of whether the data you are handling is adequately protected.
Information is the lifeblood of any business – this is especially true if your clients have entrusted their valuable data to you. Maintaining an information security management system (ISMS) is the most effective way of reducing the risk of suffering a data breach.
An ISMS is a systematic approach to managing the security of sensitive information and is designed to identify, manage and reduce the range of threats to which your information is regularly subjected.
There are a whole host of benefits to getting ISO 27001, such as demonstrating credibility when tendering for contracts, showing you are taking cyber security threats seriously, and avoiding fines and penalties.
We identify the key requirements of ISO 27001 for you and provide a top level route map for a successful ISMS implementation in your organisation. We will outline a structured approach to implementation based around:
ISO 45001 is an Occupational Health and Safety Management System (OHSMS) which provides a system for measuring and improving an organisation’s health and safety impact.
ISO 45001 focuses on managing your organisation's internal environment to ensure a safe and healthy workplace. ISO 45001 certification was developed to mitigate any factors that can cause employees and businesses irreparable harm.
Its requirements are the result of great effort by a committee of health and safety management experts who looked closely at a number of other approaches to system management - including ISO 9001 and ISO 14001.
In addition, ISO 45001 was designed to take other existing occupational health and safety standards, such as OHSAS 18001, into account - as well as the ILO’s labor standards, conventions and safety guidelines.
The major benefits to companies who hold ISO 45001 certification are:
The true value of ISO 45001 comes from linking the business strategy and the health and safety management system - not developing a standalone set of documents.
Using ISO 45001 to help manage risks and contractors, core and support processes, equipment and people gives you the opportunity not only to control but to assess and improve the health and safety of workers and others.
Certification to ISO 45001 gives you the opportunity to identify improvements and further reduce the risk of injury, illness and death.
The sort of things that you'll need to consider - which we can help you with - would be:
ISO 14001 is an Environmental Management System (EMS) which provides a structure for measuring and improving an organisation’s environmental impact.
The world has only until 2030 to stem catastrophic climate change - but can companies be part of the solution? And, if so, how?
What is not in doubt is that environmental issues are growing in prominence: energy efficiency, environmental compliance, environmental impact, and carbon footprint are widely discussed.
The areas you'll need to look at - which we can help you with - would be:
ISO 14001 enables companies to put in place an effective environmental management system and is designed to address the balance between a company’s environmental impacts while maintaining profitability.
You also join in the fight against climate change. Being ISO 14001 certified proves to stakeholders, customers, suppliers etc. that you are environmentally credible. We help you navigate your own services and operations.
When a company is said to be ISO 9001 certified, it means that the company has passed a physical certification audit which ensures the quality management of that business.
The major benefits which companies hold ISO 9001:2015 certification are:
The key things that you'll need to look at - things that we can help you with - would be:
Because of our knowledge, skills and experience, we can guide you and shorten the whole process, and make your quality system work more effectively and efficiently.
We'll save you time and money and make sure you avoid the most common mistakes. We’ll also make sure you get a system that suits you, not just impose something on you ‘to get ISO 9001 certified’.
Here you'll find the latest blog articles on all things compliance, particularly focussed on quality, environment, health & safety and information security.