ISO 27001 is the management system which requires you to recognise and record all the possible risks to your data, both hard copy and electronic. This include data produced by you, but also provided to you by your suppliers / sub-contractors and your clients. Subsequently, you have to put in place a plan of risk reduction and controls where the risks can not be adequately controlled.
Applicable to - All companies, but more likely in data processing or handling sectors, especially where the data is commercially sensitive.
ISO 14001 is the management system which ensures that you recognise the impact you have on the environment and the controls you have to minimise any possible impact of releasing harmful substances into the environment. You also have to monitor your impact and put in place measures to reduce this impact.
Applicable to - All companies, but more likely those using chemicals or having an environmental presence or clients in the environmental sector wanting to minimise their potential impact upon the environment.
OHSAS 18001 is the management system which ensures that you recognise the possible health and safety risks to your staff, customer and the public. Through risk assessments and action plans, not only do you control the risks, but you have a plan to reduce and minimise the risks.
Applicable to - All companies, but more likely in the manufacturing or construction sectors wanting to minimise potential health and safety issues.
Quality Management Systems
Environmental Management Systems
OHSAS 18001 (ISO 45001)
Occupational Health & Safety Management Systems
ISO 22301 is the management system which requires you to recognise and record all the possible risks to your business. Subsequently, you have to put in place a plan of risk reduction and controls where the risks can not be adequately controlled.. It also includes a plan for disaster recovery.
Applicable to - All companies, especially those who want to minimise any possible impacts on their ability to continue operations in the event of internal or external disasters or situations.
Business Continuity Management Systems
ISO 9001 is the basic management system approval required by customers. It ensures that you have the necessary controls within your organisation to provide the goods or services you provide and includes both quality control - how you make sure the goods or services are correct and quality assurance - how you make sure that the controls are adequate and appropriate.
Applicable to - All companies, not industry sector specific, wanting to improve their performance by reducing customer complaints, supplier rejects and internal issues.
Information Security Management Systems
ISO 50001 is the management systems which requires you to recognise your energy consumption at all stages of product and service provision. Subsequently, you have to put in place a system to improve your energy performance, including energy efficiency.
Applicable to - All companies, but more likely in high energy using companies such as manufacturing, construction, chemical processing. In addition, all large companies will have to implement an energy reduction programme to meet new legislation over the next few years.
Energy Management Systems
ISO 13485 is the management system which all the requirements of ISO 9001 and applies them to the specific requirements in the design, manufacture, supply and servicing of medical devices as defined in the Essential Safety Requirements of the Medical Devices Directive.
Applicable to - Only companies who design and/or manufacture medical devices.
Medical Devices - Quality Management Systems