ISO Standards

ISO 9001: A standard that sets out the requirements for a quality management system. This standard helps businesses and organisations to be more efficient and improve on customer satisfaction.

The ISO 9000 family of quality management system standards is designed to help organisations ensure that they meet the needs of customers and other stakeholders while meeting statutory and regulatory requirements related to a product or program. ISO 9000 deals with the fundamentals of quality management systems, including the seven quality management principles upon which the family of standards is based. ISO 9001 deals with the requirements that organisations wishing to meet the standard must fulfill.

Third-party certification bodies provide independent confirmation that organisations meet the requirements of ISO 9001. Over one million organisations worldwide are independently certified, making ISO 9001 one of the most widely used management tools in the world today. 

ISO 14001: An internationally agreed standard that sets out the requirements for an environmental management system. It helps organisations improve their environmental performance through more efficient use of resources and reduction of waste, gaining a competitive advantage and the trust of stakeholders.

ISO 14000 is a family of standards related to environmental management that exists to help organisations (a) minimise how their operations (processes, etc.) negatively affect the environment (i.e., cause adverse changes to air, water, or land); (b) comply with applicable laws, regulations, and other environmentally oriented requirements; and (c) continually improve in the above.

ISO 14000 is similar to ISO 9000 quality management in that both pertain to the process of how a product is produced, rather than to the product itself. As with ISO 9001, certification is performed by third-party organisations rather than being awarded by ISO directly.

ISO 27001: is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes.

ISO/IEC 27001:2013 is an information security standard that was published in September 2013 and It supersedes ISO/IEC 27001:2005 and is published by the International Organisation for Standardisation (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee. Organisations that meet the standard may be certified compliant by an independent and accredited certification body on successful completion of a formal compliance audit.

ISO 45001: The issue of work-related injuries and diseases is significant and growing, both for employers and the economy. To combat this problem, ISO has developed and published a new standard named ISO 45001 (Occupational health and safety management systems – Requirements) that will help organisations reduce this burden globally by providing a framework to improve employee safety, reduce workplace risks and create better, safer working conditions. The standard now follows other standard management system protocols approaches such as ISO 14001 and ISO 9001. It takes into account other International Standards in this area such as OHSAS 18001, the International Labour Organisation’s ILO-OSH Guidelines, various national standards and the ILO’s international labour standards and conventions. The standard brings about some significant changes to developing, implementing and maintaining an OHS management system including: placing more responsibility on top management to demonstrate leadership, commitment, and promoting a positive OHS culture; facilitating greater worker involvement; considering new and emerging risk such as psycho-social risks; and introducing the concept of risk and opportunity, which may serve to identify areas of improvement and which are different to the organisation’s objectives.