There are many reasons why an organisation may want to implement an effective Information Security Management System (ISMS), and the vast majority choose to proceed to have this independently assessed for ISO 27001 certification to give their stakeholders, customers and employees confidence in their approach....
Using ISO 9001 to drive continual improvement
One of the key benefits of implementing an ISO 9001 accredited Quality Management System in your business is its emphasis on continual improvement. In this article, we explore how the ISO framework can be used to increase employee engagement in developing new ideas and processes to ensure that your organisation is always operating at peak efficiency.
Recording Ideas or Events: Not Just a Complaint Log
Routinely, a business may record events such as issues with a product, customer complaints, supplier problems or observations or non-conformities raised during an internal or external audit. To encourage engagement, it’s also important to record employee improvement ideas; Examples could include, does somebody need some additional training to be more efficient or effective in their role? Would appointing a team member as a Mental Health First Aider boost morale by reassuring colleagues that the business has the wellness of their employees in mind? Is the new supplier approval process taking too long or outdated? Encourage employees to think about what could improve the organisation and its processes and set it aside from its competitors both as a supplier of choice and a profitable, stable, employer of choice.
Learning: Preventing Future Problems and Exploiting Improvement Opportunities
Often, improvements can be made to the simplest of processes. However, without tracking issues or ideas, it will be virtually impossible to know where pain points are, or where the organisation has gaps in its efficiencies, and also how the root cause can be addressed. Issues and Improvement Ideas should be investigated and prioritised based on severity, frequency, and opportunity. To enable prioritisation, details should be granulated as much as possible with fixed reporting fields detailing the type of issue or event, category, source, the cost involved and responsible person.
As a simple example, a few issues have been logged around invoices taking longer than usual to process. Due to these issues being categorised as “Finance” and the sources all being clients who have received chasers for unpaid invoices, this indicates there is a general, and probably a new, issue with the accounts receivable process. Upon investigation as to what has changed with this process, it transpires that the finance team have started using new software for invoice processing but are still undergoing training. A corrective action plan can now be put in place:
1. Communication to relevant parties and those who have raised, the issues, that there may be some temporary disruption in communication whilst a new process is bedding in. This communication will encourage those employees or third parties that the organisation welcomes feedback and will act on it, it will also reduce query-related traffic going into the finance team, which is subsequently taking them away from training on their new software.
2. The accounts receivable process is updated to include a section about communication to key stakeholders of any changes to this process in the future. This process is now improved, and this will enable the prevention of future issues.
Having a clear and consistent way of recording issues and ideas is vital to simplify the recording of events, encourages best-practice and engagement with a process improvement focussed culture, and takes the guesswork out of analysing data.
Measuring and Reviewing Effectiveness: Did It Work? What Can We Do Better?
There are many ways of measuring whether an improvement has worked – that could be via Employee Engagement Surveys, Customer Feedback, Profit or the number of non-conformities or observations raised during an internal or external audit. The method of recording information may vary before an improvement being identified and raised. Still, data must be collected consistently both before and after changes are made to track how effective changes are, and if any further improvements can, or need to be, made.
Using the example of appointing a Mental Health First Aider, before doing this, what was the employee absence or staff turnover rate, how satisfied were the employees? Now the Mental Health First Aider has been in place for three months, what do these numbers look like? Have their services been utilised? Is this having an impact on their work or their mental wellbeing, do they need any further training or resources? How do the answers to all of these questions translate into costs – reduced recruitment costs, increased training costs, etc.
Using the example of Internal or External audit observations or non-conformities, it is very common for organisations to pay immediate attention to these to avoid any disruption in accreditation. However, this immediate attention can result in short-term fixes, and the problems can reoccur just in time for the next audit, if not carefully monitored for effectiveness. If the non-conformities continue and the changes are indeed deemed to be ineffective, what is the root cause? Training? Inappropriate equipment? Communication? What will address the root cause to prevent future non-conformities?
A robust effectiveness assessment and review programme should include auditing of processes as well as the collection of Key Performance Indicators (KPIs) from all departments which should be discussed at regular Management Reviews.
Continual improvement should not just be a “box-ticking” exercise. Changes should be measured and revisited to ensure that they are still appropriate and effective, and the whole organisation should take ownership of this culture. Ensure that countermeasures are included in KPIs to ensure that, by improving performance in one area, it’s not having a detrimental effect on others.
How Can Activ Help?
Activ is intuitive ISO management system software and includes modules that can help organisations demonstrate and implement continual improvement. Its modular design means that you take the modules you need, resulting in an affordable solution that meets your needs. Some examples of how Activ a help you with demonstrating and continual management improvement are:
Improvement Log – an overarching Corrective and Preventive action tracking module, which can be used as a standalone tool for recording events and ideas, assigning responsibilities, measuring effectiveness and reporting data. Improvement Log also feeds into other modules such as Activ’s Supplier Assessment tool, as well as Audit Manager and Legal Compliance Manager. Book a demo and see how this works!
Processes – Activ’s Processes module enables organisations to clearly define both the processes associated with their ISO management system and also map out work instructions and procedures in an easy-to-follow structure. Version control and Review functions demonstrate that processes and procedures are revisited and updated as required, and notifications ensure that staff are updated as required when a process is changed.
Audit Manager – Activ’s Audit Manager can be used to not only audit the performance of an organisation’s management system but can be used to audit suppliers and internal processes, conduct routine checks such as office health and safety or equipment checks, but also to schedule, track and record the results of management review meetings. Audit Manager includes detailed analysis reports which record the results of audits, but also show trends in improvements identified. Watch our recorded webinar on the key features and functionality of Activ’s Audit Manager module.
To see how Activ can help you engage your co-workers in demonstrating continual improvement, book a demonstration today!