Management With system

A structured approach is necessary if a company wants to take into account the aspects of its specific activities, products or services as integrated as possible in its management system and thereby anchor the concept of risk management and compliance management more firmly. 

 

The increasing number of management system standards (MSS) with different structures and system elements poses sometimes problems for companies applying several standards in an integrated way. 

integrated management system

The concept of risk management shall be integrated in the management system on the basis of these individual MS-Standards or optimally used in a holistic integrated management system. The benefits are known to be considerable and numerous.

 

ISO 31000 provides a common approach to the management of all types of risks to which enterprises are exposed throughout the life of the enterprise and is used to further develop or improve an integrated management system.

 

The integration of ISO 31000 into the management systems can take place via ISO High-Level Structure (HLS).

  • The principles should be applied
  • The framework must be merged with the other MSS management systems elements
  • The process should be adapted as an integral part of the system.

Guidelines on using ISO 31000 in management systems can be found in an "International Workshop Agreement", the IWA 31. Publication expected in 2019.

Integration via high level structure

By applying risk management guidelines, it is ensured that the management systems achieve their intended results, improve the desirable effects, reduce unwanted effects and implement continuous improvement.

 

Risk management in the HLS system includes context analysis, strategic and operational risk assessment, operational control including risk treatment, monitoring the effectiveness of controls and taking corrective action.

The context analysis refers to the strategies and requirements, which form the framework for operational activities. In the management reviews, the top management assesses whether the processes are effective at the operational level and whether they contribute to the achievement of the strategic targets and also to the required compliance.

The cycle at the operational level is controlled by the implementation of the policy, i.e. the transfer of the policy to the operational objectives. The strategic context analysis is supplemented by an operative risk assessment as a basis for defining risk controls in operational processes. 


If there is new information or development that contributes to a relevant process or activity, a company should initiate risk identification immediately. In addition, a structured assessment of risks enables appropriate management and creates a basis for increasing the effectiveness of the implemented management system, achieving improved results decreasing negative results.  

ISO - High level structure

In 2012, ISO decided that in future the new ISO management system standards would  be based on the same structure and the same elements as well as on a number of identical core requirements.

Various types of ISO management system standards such as ISO 9001, ISO 14001 or ISO 45001 are based on the ISO-High Level Structure (HLS) and on a so-called risk based approach.


Further information

ISO Handbook “The Integrated Use of Management Systems Standards (IUMSS)” 

PRO SOLUTION M


About | Privacy Policy | Sitemap
AF - 2019
Log in Log out | Edit
Jimdo

You can do it, too! Sign up for free now at https://www.jimdo.com