Title: Executive?s Guide to Creating and Implementing an Integrated Management System : Optimally and Synergistically Incorporating Iso and Corporate Responsibility Management Standards in Response to an Ethical Imperative
Publisher: AuthorHouse
Publication Date: 2016
Language: English
ISBN 10: 1504983017
ISBN 13: 9781504983013
Binding: Soft cover
Condition: As New

About this title

Synopsis

This book covers and revises subjects, texts, and checklists contained in my other four books, but with the goal that each of you creates an Integrated Management System or "IMS". That is, that you optimally implement and employ applicable ISO International Standards without the redundancies and self-serving "busy work" that inevitably comes from separate free-standing Standards. This book also highlights parts of my first book on Ethics and Corporate Responsibility Management. It re-introduces MVO 8000 as an essential pillar in the construction of an Integrated Management System.

Excerpt. � Reprinted by permission. All rights reserved.

The Executive's Guide to Creating and Implementing an Integrated Management System

Optimally and Synergistically Incorporating ISO and Corporate Responsibility Management Standards in Response to An Ethical Imperative

By Eugene A. Razzetti

AuthorHouse

Dedication, v, 
Foreword, vii, 
Introduction, xiii, 
Section One: Preparing for the IMS, 
Chapter One: What is an Integrated Management System?, 3, 
Chapter Two: IMS Building Blocks, 18, 
Section Two: Constructing the Integrated Management System, 
Chapter Three: Internal Auditing – the heart of the IMS, 29, 
Chapter Four: Quality Management, 37, 
Chapter Five: Environmental Management, 46, 
Chapter Six: Information Management - Get In Front of This and Stay There, 60, 
Chapter Seven: Organizational Security Management, 82, 
Chapter Eight: Corporate Responsibility Management – Becoming a Good Company and a Better Neighbor, 96, 
Chapter Nine: Facilities Hardening and Contingency Planning, 107, 
Appendix One: Organizational Security Management Checklist, 119, 
Appendix Two: Sample Operating Procedure (Op) For Corporate Responsibility Management (Ref: Mvo 8000), 133, 
Appendix A-1: Corporate Responsibility Management Internal Audit Checklist, 145, 
Appendix Three: A Robust, Replicable, And Defensible Risk Management Strategy, 161, 
Appendix Four: Glossary, 177, 
References, 187, 
Other Books by Eugene A. Razzetti, 191, 
About the Author, 193,

CHAPTER 1

What is an Integrated Management System?

CEO Note: Creating and implementing an integrated management system is, in my opinion, the ultimate management consulting engagement and the best thing a management consultant can do for an organization.

Points to Remember

[check] The major ISO Standards are alike in many ways and impose the same requirements – many of which can be combined. Risk Management is a perfect example, followed by Internal Auditing, Documentation, and Management Review.

[check] When the ISO Standards are combined synergistically (i.e., integrated), the "value add" makes the Standards greater than if they were all independent of each other.

[check] Audits, like the inspections of old, can be nothing more than "snapshots" of a condition. The picture you get today may suggest something about yesterday, but nothing definite about tomorrow.

[check] If Management (not to mention the ISO Registrar) expects its people to conform simultaneously to the requirements of several Standards, it is not unreasonable that they be operating together; and that "simultaneous" audits and reviews be part of the strategy.

This book explains the concept, the strategy, and the implementation process for an effective integrated management system or "IMS".

Overview

Many members of the ISO family of International Standards are measurably effective when used individually, predictably valuable when used together, but synergistically dynamic when integrated.

An organization that is certified to three of the ISO International Standards (let's say ISO 9000, ISO 14000, and ISO 28000), if it complies with the letter of the Standards, faces three sets of:

• Internal audits and audit schedules

• Threat analyses

• Risk Management strategies and associated justifications

• Management reviews

• Documents and records

• Manuals and/or operating procedures.

That burdensome approach may prove conformity, but it may not prove control, and certainly does not prove management. In fact, it suggests an absence of management. It wastes fiscal and human capital and contributes to a tokenistic, perfunctory, implementation; until (like the Holy Roman Empire) the system eventually crushes under its own weight.

The seminal enhancement of ISO 9001:2000 over the 1994 version was that it took the focus from discreet functions (e.g. warehousing or assembly) to holistic processes, wherein all the organization's discrete functions are conducted as part of an overall process, and with due regard for their impact on each other. Simultaneous auditing of those mutually supporting functions to more than one ISO Standard is, accordingly, logical and appropriate. Moreover, it supplements the value of the internal audit, which is a "value add" function already, or it isn't worth the doing.

A Mindset is a terrible thing to waste

1. Process Approach and Mindset

A simple explanation of an Integrated Management System (IMS) would be that it is a logical uniting of multiple (otherwise stand-alone) ISO Standards. It is, however, more than that. To maximize their value, multiple ISO Standards should be merged synergistically; that is, combined so that the value of the (complete) IMS is greater than the sum of the individual Standards.

We define "synergy" and get into its technical aspects elsewhere. First, however, we need to examine the programmatic aspects. Creating an IMS requires not just being organized, and replicable to the point of certification, it requires a synergistic mindset that says:

• This is worth doing – thoroughly and sustainably

• The manuals, operating procedures, and/or flowcharts (i.e., what you want your people to do) must reflect the letter, spirit, and best practices of the Standards – that's what makes them credible

• There must be added value, as the established processes will be better than they would be had the requirements of the Standards been implemented separately.

With that in mind, the synergistic merging of the Standards into an IMS is a function of the mission and operations of the specific organization and the Standards selected, and every actual IMS implementation will be different.

Table 1-1 compares ISO 9000 (Quality), ISO 14000 (Environmental), ISO 27000 (Information Systems Security) and ISO 28000 (Supply Chain Security) Management Systems, plus the Corporate Responsibility Management Standard MVO 8000. You can see again how alike they are in their prerequisites. It follows that their strategies and approaches will also be alike.

2. The continuing role of Risk Management The major ISO Standards contain an implicit or an explicit requirement for the organization seeking certification to have an effective risk management program; one that (among other things):

• Identifies threats, criticalities, and vulnerabilities to the organization and its missions

• Assigns consistent (albeit subjective) values to reflect established metrics and measures of effectiveness

• Feeds the findings into the strategic planning and decision making processes.

The terms risk analysis, risk assessment, and risk management, often used interchangeably, can mean a variety of different concepts and/or metrics. In point of fact, there is no one single approach to Risk Management. The challenge to risk analysts is to frame the output of the analysis in a manner that makes sense to the decision makers and that clearly and concisely represents the present and predicts the future. Approaches and strategies can be as simple or complex as the processes they were made to assess. However, simpler is almost always better, and using a spreadsheet that automatically computes and displays the assessments is better still.

The objective is the continual improvement through continual identification and reduction of risk, as suggested in figure 1-1.

With a comprehensive risk management program as part of your IMS, and by complying with all the applicable ISO Standards:

• Risks are identified, as well as their effects and interactions

• Contingency plans/courses of action can be developed, including preemptive responses which mitigate or reduce the potential impacts

• Expected costs can be reduced, and an appropriate balance between costs and risk exposure achieved, usually with a reduced risk exposure

• Feedback into the design phases and planning stages is developed as part of the evaluation of "risk vs. expected cost" balance

• Opportunities and responses are recognized and gamed in advance

• The integration of planning and cost control is improved

• Members of project teams develop an analytical understanding of the likely problems and responses in their own areas, and problems in other areas which will impact on them

• Specific problem areas receive focus, and further analysis is pursued

• Management is provided with a means of signaling trends and aligning organization-wide goals and objectives.

• Knowledge and judgments are formalized and documented, making subsequent projects easier to manage, even if the original team members are not available, plus management can create the ability to push back opinions of other decision makers

• External technical, environmental, and political influences are specifically measured in direct relation to internal issues, and appropriate strategies are developed reflecting both

• Probability distributions can be developed for estimating costs and completion dates.

Figure 1-2 depicts a notional outcome of the risk management process. More on this later.

3. The continuing quest for Synergy

Redundancy -> Commonality Synergy -> Synergy + Metrics -> Objectives

Webster defines "synergy" as the combined or cooperative action of two or more stimuli for an enhanced effect. It means that the whole becomes greater than the sum of its parts, and that 1 + 1 can equal 2.5.

In the development of an integrated management system, and all the potentially beneficial synergies, Management must first look for three progressively supporting activities:

• Redundancy: wherein several organizations perform similar activities to achieve the same objectives; leading to

• Commonality: wherein several organizations perform the same activities to achieve the same objectives; leading to

• Synergy: wherein one organization, by doing one activity for several similar organizations, achieves more than could be accomplished by all the similar organizations each doing the same activity.

In business, synergy can mean that when separate departments within an organization cooperate and interact, they become more productive and efficient than if they had operated separately. For example, it is more efficient for each department in a small organization to deal with one (centralized) marketing department, rather than each creating a marketing function of its own.

An absolute requirement for the creation and use of synergies, especially for an integrated management system, is a mindset.

That is, an instinctive response from Management that says one plus one must equal 2.5 or it's not worth the doing.

Management can work more effectively with "synergy" than with "innovation" because synergy can be quantified, whereas innovation (if not the result of pursuing synergy) often cannot.

Implementing synergies in an integrated management system begins with aligning them and their associated metrics with the gaps or shortcomings to be addressed in the development of organizational objectives.

4. Simultaneous vs. sterile audits

Like the inspections of old, audits are sometimes nothing more than "snapshots" of a condition. The picture you get today suggests something about yesterday, but little about tomorrow.

Discreet audits of discreet functions can become sterile. Their findings are of limited interest because the impact of those findings on the total organization is not assessed. An integrated management system audit, on the other hand, takes a holistic picture of a function or process, measuring simultaneously the impact of a discovered nonconformity on:

• The quality of the product or service

• Workplace safety

• The generation of (sometimes hazardous) waste and/or the impact on the community and the environment

• The state of training, qualification, and work ethic

• The security of proprietary or customer information

• The impact of the organization on the community.

In this same holistic approach, integrated management system audits tend be not only more meaningful in their conduct, but also in their outcome. Specifically:

• Structured, replicable, and continuous feedback loops are established for continuous improvement. These, in turn, can support the absence of stigmas – if something's wrong, you fix it. Moreover, feedback (positive or negative) becomes an obligation (no more: "no news is good news")

• Customer involvement enhances, of necessity

• Responsibilities are assigned for immediate corrective or preventive action.

• Fixing a nonconformity in one Standard automatically fixes it in the others

• Only one management manual (operational, not administrative)

• Up-to-date goals and objectives, reassessed periodically as situations change

• Standard operating procedures (revised as necessary)

• Documentation and records become management tools, not recurring reports.

Audit quality should replace audit quantity

Several years ago, I conducted an audit of ISO 9000, 14000, and 28000 in one of the two major ports in Guatemala. I discovered that all three Standards could be audited simultaneously, as long as I had sufficiently prepared and had a comprehensive (but manageable) checklist. There was simply no point in scheduling and conducting three separate audits of the same facility (or process), when a single hike through the facilities would do.

The Port Authority liked the concept. They also liked the attendant amalgamation of the three manuals and sets of operating procedures and flowcharts, not to mention the fact that only one Management Representative was required.

The auditees liked it better, too, because audit quality replaced audit quantity. Also, if Management expects its people to conform simultaneously to the requirements of several Standards, it is reasonable and appropriate to schedule "simultaneous" audits.

Referring back to table 1-1, you can see how alike these Standards are in structure, requirements, and expectations. You can also see how difficult it would be to manage all three Standards separately.

5. Best of all, only one comprehensive Management Review

ISO 9000 states that: "Top management shall review the organization's quality management system, at planned intervals, to ensure its continuing suitability, adequacy, and effectiveness." The stated requirements of other major ISO Standards are similar. Accordingly, it is not difficult to develop a management review process that satisfies the requirements of all the Standards in the Integrated Management System. There is need for only one (integrated) Management Review, covering all the ISO requirements in a holistic and mutually supporting approach.

As a result:

• Feedback, follow-up, and accountability (absolute requirements in any organization) are well-structured and robust;

• Documents and reports are streamlined and standardized;

• Risks are identified and assessed;

• Budgets are prioritized and defensible; and

• Training and qualification programs become more focused and fruitful.

6. Building the Integrated Management System

"Always bear in mind that your own resolution to success is more important than any other thing" Abraham Lincoln

Note 1, Mindsets: Verification and Validation, Continuous Improvement, Value-Add, Conformity isn't Enough, Best Management Practices, Management Tools vs. Recurring Reports, and Situational Awareness

Figure 1-3 summarizes all the different inputs to an effective IMS.

ISO 9001:2015 removes the requirement for a manual, providing more discretion to Management. This is welcomed, but not surprising, because over the years, the "Manual" has become a simple restatement of the Standard. Depending on the process to be documented, an Operating Procedure (OP) and/or a process flow chart will do as well.

An ISO 9000 – compliant OP can achieve compliance with other applicable ISO Standards by adding the appropriate requirements to it. The completed product is an "IMS OP", tailored for the specific organization, as described in figure 3-2. Note the common (and indispensable) management essentials: Risk Management, Internal Auditing, and Management Review.

Figure 1-4 describes how to structure an operating procedure (OP) consistent with the requirements (and benefits) of an integrated management system.

(Continues...)

Excerpted from The Executive's Guide to Creating and Implementing an Integrated Management System by Eugene A. Razzetti. Copyright � 2016 Eugene A. Razzetti. Excerpted by permission of AuthorHouse.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

"About this title" may belong to another edition of this title.

Store Description

SuperBookDeals.com is your top source for finding new books at the absolute lowest prices, guaranteed ! We offer big discounts - everyday - on millions of titles in virtually any category, from Architecture to Zoology -- and everything in between. Discover great deals and super-savings, on professional books, text book titles, the newest computer guides, or your favorite fiction authors. You'll find it all - at HUGE SAVINGS - at SuperBookDeals. Browse through our complete online product catalog today. Serving customers around the world for years, we help thousands find just the books they're looking for -- at incredibly low, bargain prices.

Visit Seller's Storefront

Seller's business information

Expert Trading Limited
9220 Rumsey Road, Suite 101, Columbia, MD, 21045, U.S.A.

Sale & Shipping Terms

Terms of Sale

Company Name: GreatBookPrices
Legal Entity: Expert Trading, LLC
Address: 9220 Rumsey Road, Ste 101, Columbia MD 21046
Email address: CustomerService@SuperBookDeals.com
Phone number: 410-964-0026
consumer complaints can be addressed to address above
Registration #: 52-1713923
Authorized representative: Danielle Hainsey

Shipping Terms

Internal processing of your order will take about 1-2 business days. Please allow an additional 4-14 business days for Media Mail delivery. We have multiple ship-from locations - MD,IL,NJ,UK,IN,NV,TN & GA

Shipping rates within U.S.A.

Shipping rates within U.S.A.
Order quantity	8 to 14 business days	5 to 14 business days
First item	US$ 2.64	US$ 2.64

Delivery times are set by sellers and vary by carrier and location. Orders passing through Customs may face delays and buyers are responsible for any associated duties or fees. Sellers may contact you regarding additional charges to cover any increased costs to ship your items.