Using an Integrated Management System Approach to Increase ...
Using an Integrated Management System Approach to Increase Resilience
The World is Getting Riskier Traditional corporate strategies are no longer protecting us from unexpected events. The imperative to be resilient is high with the need to ensure the continuity of essential services in the face of all hazards. Attributes of organizational resilience need to be better understood and integrated into an organization’s everyday life, philosophy and culture. ©2013 ICOR ALL RIGHTS RESERVED
2
1
ISO 22316: Organizational Resilience Principles Cultural Attributes and Behaviors Evident in “Resilient” Organizations
Attributes
Systems The Implementation & Integration of Risk-based Management System Standards
Systems
©2013 ICOR ALL RIGHTS RESERVED
3
The Role of Management Systems in Increasing Resilience
The implementation of management systems encourages risk management across the organization ©2013 ICOR ALL RIGHTS RESERVED
4
2
The Value of Management Systems Management systems standards return a bottomline financial value larger than any investment or time incurred. Adopters of management system standards have higher rates of survival than non-adopters. Adopters of management system standards have higher sales than non-adopters.
Small businesses achieve proportionally more benefits than larger organizations. Harvard Business School, 2008 ©2013 ICOR ALL RIGHTS RESERVED
5
The Value of Management Systems Management systems are those activities used to anticipate, prevent, and resolve known problems.”
Flexibility
Discipline
Consistency Harvard Business School, 2008
©2013 ICOR ALL RIGHTS RESERVED
6
3
The Value of Management Systems Harvard Business School study of 1,000 ISO 9001 adopters showed the following: Sales increases of nearly 9% after certification Higher level of employee competence Total payroll in firms certified to management systems standards grew 17.7% Harvard Business School, 2008 ©2013 ICOR ALL RIGHTS RESERVED
7
The Value of Management Systems Management systems encourage and provide discipline across the entire organization Found dramatic improvements in the areas of quality and customer satisfaction Also significant reductions in employee injuries on the job “Additional attention is paid to preventing problems with products and services also pay more attention to employee safety.”. Harvard Business School, 2008 ©2013 ICOR ALL RIGHTS RESERVED
8
4
The Value of Management Systems Performance gains from ISO 14001 certification: Reduction in waste = 96.7% Increase in use of recycled materials = 93.3% Reduction of environmental incidents = 90% Improvement in emergency preparedness = 98.3% Reduction in permit violations = 84.6% Reduction of utility consumption = 91.9% Improved environmental performance of their product = 96.5% 2007 Wharton Risk Management & Decision Process Center ©2013 ICOR ALL RIGHTS RESERVED
9
Lifecycle Process of Continual Improvement Policy
Management Review
Checking & Corrective Action
©2013 ICOR ALL RIGHTS RESERVED
Planning
Implementation & Operation
10
5
Types of Management Systems
ISO 9001: Quality
ISO 14001: Environmental, Health & Safety
OHSAS 18001: Occupational Health & Safety
ISO 22301: Business Continuity ISO 20000: IT Service Management
ISO 27001: Information Security
ISO 28000: Supply Chain Security
©2013 ICOR ALL RIGHTS RESERVED
11
Integration of Management Systems Different management systems can be integrated into a single, joint system The integration is expected to facilitate synergies in using supporting processes that may be common to them thus eliminating waste and increasing efficiency ©2013 ICOR ALL RIGHTS RESERVED
12
6
Integration of Management Systems
ISO 9001
e.g. QMS product-specific processes
ISO 2000
©2013 ICOR ALL RIGHTS RESERVED
13
Integration of Management Systems
Eliminating Silos ©2013 ICOR ALL RIGHTS RESERVED
14
7
ISO Guide 83: A System for MS Standards 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
Scope Normative References Terms & Definitions Context of the Organization Leadership Planning Support Operation* Performance evaluation Improvement
*contains bulk of the requirements ©2013 ICOR ALL RIGHTS RESERVED
18
Understanding the Organization & its Context
©2013 ICOR ALL RIGHTS RESERVED
16
8
Leadership
Demonstrated Management Commitment
Policy
Roles, Responsibilities & Authorities Defined
Management Shall Demonstrate Leadership
©2013 ICOR ALL RIGHTS RESERVED
17
Planning: Managing Project Risk Just like other projects, the management system project needs to ensure that risks to the project itself are evaluated as well as risks of the management system itself to the organization The ISO 31000 framework can be used for this risk assessment ©2013 ICOR ALL RIGHTS RESERVED
18
9
Support The organization needs to determine the resources it needs for the MS and ensure its availability Achieve policy & objectives
Manage change
Demonstrate continual improvement Enable effective communication ©2013 ICOR ALL RIGHTS RESERVED
19
Operation
ISO 28000: Supply Chain Security
Social Accountability ©2013 ICOR ALL RIGHTS RESERVED
ISO 22301: Business Continuity
Future Standards?
20
10
Performance Evaluation
Internal and / or External Audit
Self-Assessment
Performance Appraisal
Quality Assurance
Supplier Performance
©2013 ICOR ALL RIGHTS RESERVED
21
Improvement Conformities
Non-Conformities ©2013 ICOR ALL RIGHTS RESERVED
.22
11
What are your resilience objectives? An organization accepts that adversity may cause it to cease operating Exist in a reduced form after adversity
Regain pre-adversity position quickly and effectively Improve aspects of its functioning so that it not only survives but possibly gains from event ©2013 ICOR ALL RIGHTS RESERVED
23
Management Systems & Resilience
Which management system(s) can assist your organization in meeting its resilience objectives?
©2013 ICOR ALL RIGHTS RESERVED
24
12
Integration and the Executive Team “From the company’s point of view, integrating those systems was the most logical thing to do, since it seemed absurd to them to decide not to do it, as the standards share quite a few elements.” (Karapetrovic, S. and Casadesu´ M., 2009
©2013 ICOR ALL RIGHTS RESERVED
25
Industry Perspectives “there are no tariffs or barriers to overseas competition so we have to continually lift our game to compete.” Robert Crow, Quality Manager, New Zealand Sugar Company
“the discipline and thought process that makes a QA system work for your properly … is a process that must be inherent with in a business.” Derek Pearson, General Manager, Pacific Door Systems Ltd
©2013 ICOR ALL RIGHTS RESERVED
26
13
Toyota NZ – Thames Vehicle Operations
©2013 ICOR ALL RIGHTS RESERVED
27
Challenges for Resilience Practitioners There is surely nothing quite so useless as doing with great efficiency what should not be done at all. Peter F. Drucker
©2013 ICOR ALL RIGHTS RESERVED
28
14
ISMS Specifics
QMS Specifics Management System Core xMS Specifics
BCMS Specifics
Potential Leverage Points from MS’s…and Caveats
Management Commitment Documented Information Resources Monitoring and Measurement Internal Audit Management Review
15
Caveats on existing BCP’s Individual Plans/Programs… May May May May
not cover the entire enterprise not account for dependencies not align with one another be obsolete
Likely do not cover all Management System requirements…
Pitfalls from BCM Experts Management System Basics ‘Backfilling’ BCM Components Understanding 3rd Party Certification…
16
Certification Considerations Scope Personnel Integrated Audit Abilities CB, Auditor, etc.
Integrated Audit Time
Organizational Buy-In Value of Certification Assembling a Team Creating a Roadmap Next Steps
17
For more information contact:
Andrew Nichols NQA, Regional Sales Manager [email protected] www.nqa-usa.com Lynnda Nelson ICOR President [email protected] www.theICOR.org
©2013 ICOR ALL RIGHTS RESERVED
35
18
The World is Getting Riskier Traditional corporate strategies are no longer protecting us from unexpected events. The imperative to be resilient is high with the need to ensure the continuity of essential services in the face of all hazards. Attributes of organizational resilience need to be better understood and integrated into an organization’s everyday life, philosophy and culture. ©2013 ICOR ALL RIGHTS RESERVED
2
1
ISO 22316: Organizational Resilience Principles Cultural Attributes and Behaviors Evident in “Resilient” Organizations
Attributes
Systems The Implementation & Integration of Risk-based Management System Standards
Systems
©2013 ICOR ALL RIGHTS RESERVED
3
The Role of Management Systems in Increasing Resilience
The implementation of management systems encourages risk management across the organization ©2013 ICOR ALL RIGHTS RESERVED
4
2
The Value of Management Systems Management systems standards return a bottomline financial value larger than any investment or time incurred. Adopters of management system standards have higher rates of survival than non-adopters. Adopters of management system standards have higher sales than non-adopters.
Small businesses achieve proportionally more benefits than larger organizations. Harvard Business School, 2008 ©2013 ICOR ALL RIGHTS RESERVED
5
The Value of Management Systems Management systems are those activities used to anticipate, prevent, and resolve known problems.”
Flexibility
Discipline
Consistency Harvard Business School, 2008
©2013 ICOR ALL RIGHTS RESERVED
6
3
The Value of Management Systems Harvard Business School study of 1,000 ISO 9001 adopters showed the following: Sales increases of nearly 9% after certification Higher level of employee competence Total payroll in firms certified to management systems standards grew 17.7% Harvard Business School, 2008 ©2013 ICOR ALL RIGHTS RESERVED
7
The Value of Management Systems Management systems encourage and provide discipline across the entire organization Found dramatic improvements in the areas of quality and customer satisfaction Also significant reductions in employee injuries on the job “Additional attention is paid to preventing problems with products and services also pay more attention to employee safety.”. Harvard Business School, 2008 ©2013 ICOR ALL RIGHTS RESERVED
8
4
The Value of Management Systems Performance gains from ISO 14001 certification: Reduction in waste = 96.7% Increase in use of recycled materials = 93.3% Reduction of environmental incidents = 90% Improvement in emergency preparedness = 98.3% Reduction in permit violations = 84.6% Reduction of utility consumption = 91.9% Improved environmental performance of their product = 96.5% 2007 Wharton Risk Management & Decision Process Center ©2013 ICOR ALL RIGHTS RESERVED
9
Lifecycle Process of Continual Improvement Policy
Management Review
Checking & Corrective Action
©2013 ICOR ALL RIGHTS RESERVED
Planning
Implementation & Operation
10
5
Types of Management Systems
ISO 9001: Quality
ISO 14001: Environmental, Health & Safety
OHSAS 18001: Occupational Health & Safety
ISO 22301: Business Continuity ISO 20000: IT Service Management
ISO 27001: Information Security
ISO 28000: Supply Chain Security
©2013 ICOR ALL RIGHTS RESERVED
11
Integration of Management Systems Different management systems can be integrated into a single, joint system The integration is expected to facilitate synergies in using supporting processes that may be common to them thus eliminating waste and increasing efficiency ©2013 ICOR ALL RIGHTS RESERVED
12
6
Integration of Management Systems
ISO 9001
e.g. QMS product-specific processes
ISO 2000
©2013 ICOR ALL RIGHTS RESERVED
13
Integration of Management Systems
Eliminating Silos ©2013 ICOR ALL RIGHTS RESERVED
14
7
ISO Guide 83: A System for MS Standards 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
Scope Normative References Terms & Definitions Context of the Organization Leadership Planning Support Operation* Performance evaluation Improvement
*contains bulk of the requirements ©2013 ICOR ALL RIGHTS RESERVED
18
Understanding the Organization & its Context
©2013 ICOR ALL RIGHTS RESERVED
16
8
Leadership
Demonstrated Management Commitment
Policy
Roles, Responsibilities & Authorities Defined
Management Shall Demonstrate Leadership
©2013 ICOR ALL RIGHTS RESERVED
17
Planning: Managing Project Risk Just like other projects, the management system project needs to ensure that risks to the project itself are evaluated as well as risks of the management system itself to the organization The ISO 31000 framework can be used for this risk assessment ©2013 ICOR ALL RIGHTS RESERVED
18
9
Support The organization needs to determine the resources it needs for the MS and ensure its availability Achieve policy & objectives
Manage change
Demonstrate continual improvement Enable effective communication ©2013 ICOR ALL RIGHTS RESERVED
19
Operation
ISO 28000: Supply Chain Security
Social Accountability ©2013 ICOR ALL RIGHTS RESERVED
ISO 22301: Business Continuity
Future Standards?
20
10
Performance Evaluation
Internal and / or External Audit
Self-Assessment
Performance Appraisal
Quality Assurance
Supplier Performance
©2013 ICOR ALL RIGHTS RESERVED
21
Improvement Conformities
Non-Conformities ©2013 ICOR ALL RIGHTS RESERVED
.22
11
What are your resilience objectives? An organization accepts that adversity may cause it to cease operating Exist in a reduced form after adversity
Regain pre-adversity position quickly and effectively Improve aspects of its functioning so that it not only survives but possibly gains from event ©2013 ICOR ALL RIGHTS RESERVED
23
Management Systems & Resilience
Which management system(s) can assist your organization in meeting its resilience objectives?
©2013 ICOR ALL RIGHTS RESERVED
24
12
Integration and the Executive Team “From the company’s point of view, integrating those systems was the most logical thing to do, since it seemed absurd to them to decide not to do it, as the standards share quite a few elements.” (Karapetrovic, S. and Casadesu´ M., 2009
©2013 ICOR ALL RIGHTS RESERVED
25
Industry Perspectives “there are no tariffs or barriers to overseas competition so we have to continually lift our game to compete.” Robert Crow, Quality Manager, New Zealand Sugar Company
“the discipline and thought process that makes a QA system work for your properly … is a process that must be inherent with in a business.” Derek Pearson, General Manager, Pacific Door Systems Ltd
©2013 ICOR ALL RIGHTS RESERVED
26
13
Toyota NZ – Thames Vehicle Operations
©2013 ICOR ALL RIGHTS RESERVED
27
Challenges for Resilience Practitioners There is surely nothing quite so useless as doing with great efficiency what should not be done at all. Peter F. Drucker
©2013 ICOR ALL RIGHTS RESERVED
28
14
ISMS Specifics
QMS Specifics Management System Core xMS Specifics
BCMS Specifics
Potential Leverage Points from MS’s…and Caveats
Management Commitment Documented Information Resources Monitoring and Measurement Internal Audit Management Review
15
Caveats on existing BCP’s Individual Plans/Programs… May May May May
not cover the entire enterprise not account for dependencies not align with one another be obsolete
Likely do not cover all Management System requirements…
Pitfalls from BCM Experts Management System Basics ‘Backfilling’ BCM Components Understanding 3rd Party Certification…
16
Certification Considerations Scope Personnel Integrated Audit Abilities CB, Auditor, etc.
Integrated Audit Time
Organizational Buy-In Value of Certification Assembling a Team Creating a Roadmap Next Steps
17
For more information contact:
Andrew Nichols NQA, Regional Sales Manager [email protected] www.nqa-usa.com Lynnda Nelson ICOR President [email protected] www.theICOR.org
©2013 ICOR ALL RIGHTS RESERVED
35
18
