Why use an ISO consultant, when you can do it yourself?

This article was provided by Barry La Fontaine, who draws on his experience and expertise in Strategic Business Advice, ISO Management Systems, Marketing, ERP, CRM and Mobile Applications.

When clients see my quotes of up to $25,000 (depending on the size of the organisation), they usually think they could save this by doing themselves. But there are pitfalls of doing this, and as an auditor I have seen the results for many organisations that required a lot of improvement.

The benefits of having an ISO consultant in your corner

If you’re hesitant to work with a consultant, consider the following:

  • An experienced consultant knows the minimum that is needed to achieve a certifiable management system.
  • Beginners usually go down lots of rabbit holes, get lost and overdo the detail that is needed. Beginners don’t understand the linkage between the Clause/elements of the ISO management systems.
  • If the development work is given to a bureaucratic type (in a bigger organisation) they will make the system far too complex.
  • Integrating the 3 management systems is very difficult for beginners, particularly the new versions, which are repetitive in some of the early Clauses. This can be simplified.
  • Simplified/integrated System Procedures that meet the requirements of the Standards make life much easier particularly when it comes to internal auditing.

How an ISO consultant makes compliance easier

Some of the specific parts of the management systems that are made much easier by a consultant are:

  • The importance of scope and how to write an integrated Policy that fits with the strategic direction of the organisation and meets the requirements of the Standards. How to keep Objectives very broad and the link that they have with operational targets.
  • How to document the assessment of the risks/aspects/hazards/key customer requirements. How to risk rank them. The place for Registers in this process.
  • What the Standards really require for identifying legal requirements, in particular how the legislation relate to their organisation (organisations usually have trouble with this).
  • How to develop Plans that relate to both Operational Performance and Improvement. The important role of targets in this process and how to related them to monitoring. How the targets relate to Objectives.
  • How to develop the Operational Control documents and write these simply and incorporate the targets and Improvement.
  • Simplify the awareness and training requirement by focusing (mainly) on skills and Operational Control. How to use modern compliance software to management the awareness and training requirements for every relevant person.
  • How to merge the emergency response plan required by the Standards with existing plans.
  • Integrate the Monitoring and the Corrective Action process and how to use modern software to manage corrective action.
  • The secret of internal auditing that simplifies the process and meets the requirements of the Standards.
  • How to streamline Management Review and integrate it with existing top management review processes.

Barry La Fontaine BSc

Strategic Business Advice/ISO Management Systems/
Marketing/ERP/CRM and Mobile Applications

Leave a Reply

Your email address will not be published. Required fields are marked *