Introduction

Integrated Management System

(IMS)
Implementing & Auditing
Topics
• Integrated Management Systems – What and Why?
• ISO Standards
• Process Approach
• Planning – Writing Integrated Documentation
• Implementing
• Checking – Conducting Audits
• Acting
Module 1. Recognize the benefits of an IMS
What is a Management System?
• A management system is the way in which an organization manages the inter-related parts of its
business in order to achieve its objectives. These objectives can relate to a number of different topics,
including product or service quality, operational efficiency, environmental performance, health and
safety in the workplace and many more.

What is an Integrated Management System (IMS)?

• An Integrated Management System (IMS) integrates all of an organization’s systems and processes in
to one complete framework, enabling an organization to work as a single unit with unified objectives.
• Combines different elements for easier management, efficiency and effectiveness.
• Seamlessly managed and executed without duplication – One framework that encompasses all.

5
Why do you need a Management System?
• To provide clear script on expectations and requirements to
manage HSEQ Processes and meet compliance obligations.
EMS
• To communicate the approach to manage HSEQ risks and
impacts associated with our operations.
• To ensure everyone is clear on who does what, how it is done OSH
and why it is done. MS

• To ensure understanding and meeting end user’s needs.

QMS
• To measure and monitor performance - Continual
improvement.

6
IMS
Integrated Management System
• An ISM is based on Plan Do Check Act (PDCA) principles, intuitive process and an
efficient documentation structure.
Review and
Improvement
• Data is accurate and accessible
and enables the business to
make decisions to manage risk
and improve performance.
Monitoring and Checking
• Audits and inspections ensure
the effectiveness of the
Management System and
provide a comprehensive
picture of its performance.
7
Planning
• Expectations and requirements
are established based on risk
and need.
• Processes and documents are
developed to meet these
expectations.
Implementation
• Work is conducted in a
safe ,culturally and
environmentally sound
manner.
IMS Benefits
• Alignment to reduce administrative burden, duplication and audit costs.
• Cost savings by optimisation of time and resources.
• Simplification of internal audits.
• Reduce business disruption caused by several external audits.
• Motivates interdepartmental work and commitment to achieve a common goal.
• Objectives and Targets are established, coordinated and balanced.
• Provides a clear, uniform image of the entire organization.
• Demonstrate commitment towards continual improvement.
• Increase efficiency and effectiveness.
• Reduce paperwork/documentation.
• Competitiveness and positive image of the organization.
ISO Standard for Management Systems
What is Annex SL?
• High-level structure created by ISO.
• Provide a universal high-level structure, identical core text,
and common terms and definitions for all management
system standards.
• Reduction in potential conflict between different systems
• Facilitate integration of management systems.
• Improve understanding of requirements.
ISO Management System Standards (MSS)
• ISO management system standards (MSS) help organizations improve their performance by specifying
repeatable steps that organizations consciously implement to achieve their goals and objectives, and
to create an organizational culture that reflexively engages in a continuous cycle of self-evaluation,
correction and improvement of operations and processes through heightened employee awareness
and management leadership and commitment.

• The benefits of an effective management system to an organization include:

• More efficient use of resources and improved financial performance,
• Improved risk management and protection of people and the environment, and
• Increased capability to deliver consistent and improved services and products, thereby increasing
value to customers and all other stakeholders.
Family of ISO Standards
A Family of Standards corresponds to all the ISO standards which related to a given topic, for instance:
The ISO 9000 family standards corresponds to all the management best practices benchmarks associated
with quality this includes, but not limited to:

• ISO 9000 Quality Management Systems - Basic Principles and Vocabulary

• ISO 9001 Quality Management Systems - Requirements
• ISO 9004 Quality Management Systems - Guidelines
ISO 9001: Quality Management Systems
Organizations that implement an effective QMS benefit from:
• Stakeholder and customer confidence.
• Improved risk management.
• Operational effectiveness and efficiency.

• A Quality Management System is what ensures a business' products or services meets a certain
level of quality; that is, they are reliable, safe, consistent, meet customer expectations,
continuously improve and comply with the law.

Meet Customer’s Expectations and ensure

their satisfaction !
 ISO 14001: Environment Management Systems
Organizations that implement an EMS benefit from:
• Reduce its environmental impact.
• Improved corporate citizenship and social responsibility within an environmental context.
• Proactive risk management from environmental impact.
• Improved environmental performance through the supply chain.
• Operational efficiency.

Minimal environmental impact!

 ISO 45001: Occupational Health and Safety Management
Systems
Organizations that implement an OHSMS benefit from:
• Build a safe and healthy environment for workers and stakeholders.
• Help prevent work-related deaths, injury and ill-health by continually improving OHS
performance.
• Demonstrate commitment to workplace health and safety.
• Continually improve your OHS practices.
• Reduce downtime and costs associated with workplace related incidents.

Manage hazards and reduce likelihood of

harm!
 Other Management System Standards
• ISO 50001 : Energy Management Systems
• ISO 55001: Asset Management Systems
• ISO 22000: Food Safety Management
• ISO 21001: Educational Organization Management System
• ISO 27001: Information Technology Security Management
• ISO 19600: Compliance Management System
Common Management System Principles
• Top Management Commitment and Leadership.
• Process management and control : ensure that processes deliver the intended results and that
applicable requirements are complied with.
• Plan-Do-Check-Act approach to management and processes : establish objectives, define the
processes needed, monitor progress and compliance, take action where necessary, and consider
improvement opportunities.
• Risk management : identify the risks that provide threats and opportunities and implement
controls to minimize negative effects on performance and maximize potential benefits.
• Culture of learning, stakeholder participation and continuous improvement of performance.
What are the benefits of integrating ISO 9001, ISO 45001
and ISO 14001?
• Improved business performance
• A holistic approach
• Position quality and sustainability into the heart of the organization
• Reduced documentation and duplication
• Save time and resources
• Improved risk and opportunity management
Converge or Merge? Integrating ISO 9001, ISO 45001 and
ISO 14001
1. Awareness and training
2. Policy and objectives
3. Internal gap analysis
4. Documentation and process design
5. Documentation and process implementation
6. Internal audit
7. Organize a management system review meeting
8. Thorough gap analysis of management system
9. Corrective actions
10. Final certification audit
Summary
• An Integrated Management System captures and communicates an organisation approach to managing risk and
impacts.
• The Management System provides a set of common requirements and processes that must be applied to achieve
excellence in Health, Safety and Environment, and Quality (HSEQ) performance and meet compliance
obligations.
• ISO creates documents that provide requirements, specifications, guidelines or characteristics that can be used
consistently to ensure that materials, products, processes and services are fit for their purpose.
• ISO Management Standards are based in a high level structure called Annex SL.
• An IMS requires continuous rebuilding, updating and innovation within the different areas of the management
system.
• Integrating a Management System can be achieved by following 10 simple steps. Get in touch to see how can we
work together to help you and achieve potential cost savings.
Module 2. Documenting an IMS
Definition
• A process is a set of interrelated activities that are performed to achieved an intended result.
• A process is a group of steps, tasks, or activities that has ‘a beginning and an end’.
• A process takes inputs and in some way changes/transforms them to produce an output.

Input Process Output

Process approach is one of the core principles of effective Management Systems, which is given as:
“Consistent and predictable results are achieved more effectively and efficiently when activities are
understood and managed as interrelated processes that function as a coherent system”.
An activity can be expressed as a Process

• Baking a cake • Managing risks

• Making coffee
• Brushing your teeth
• Travelling to your job
• Repairing or maintaining a product
• Billing
• Preparing an annual report
• Loading a truck
• Publishing a document.
• Reporting a hazard.
• Conducting a training needs analysis.
• Working at heights.
• Excavation
• Collecting performance data.
• Monitoring
Process Approach
• The process approach includes establishing the organization’s processes to operate as an integrated and
complete system.
• The management system integrates processes and measures to meet objectives
• Processes define interrelated activities and checks, to deliver intended outputs
• Detailed planning and controls can be defined and documented as needed, depending on the
organization’s context.

23
Process Mapping
• Process mapping is the first stage to document a process.
• The SIPOC approach is the first step to map a process.
• Activities and task can always be subdivided into sub-processes.
• Some of the Sub process Mapping Techniques includes:
– Flow chart
» Level 1 – high-level core steps of a process listed in six steps or less.
» Level 2 – drills down from the core steps and describes the steps involved in a process at
the next level.
» Level 3 – describes the step-by-step details of a process.
– Deployment Charts / Swim lane Map

24
SIPOCR Model

Inputs Process Outputs

(Added Value)
Supplier Customer
Activities

Requirements and Feedback Requirements and Feedback

( Product and Process ) ( Product and Process )
How to build a SIPOCR
In the following slides we will explain each step
Process Name___________________ POCRIS
Process Owner __________________

1 Process Boundaries
Suppliers Inputs Outputs Customers Requirements

6 5 2 3 4
Start 1 Stop

It may appear to be created backwards but this is important to SIPOCR success.

 Incident Management
6 5 1 2 3 4
Suppliers Inputs Process Outputs Customers Requirements
(Providers of the (Resources required by (Top level description of the (Deliverables from the (Anyone who receives a deliverable What the customer requires from the
required resources) the process) activity) process) from the process) Outputs

Supervisor Incident occurs Notification Initial incident HSEQ Department Notification of the incident to ensure
Work team (phone call or email) classification appropriate management controls are in
Incident assessment place.

Supervisor Initial Report Reporting Incident alert Organisation Be informed about incidents that have
HSEQ Department occurred in the organisation.
Contractor
Other stakeholders depending on
escalation matrix
Supervisor Witness statement Investigation Investigation Report HSEQ Department Understand the root cause of the
Injured Persom Collected evidence incident
Witnesses
Workplace
Lead Incident Investigation Report Reviewing Final Investigation Report HSEQ Department Understand the root cause of the
Investigator incident
HSEQ officer
HSEQ Officer Final Investigation Communicating Incident Presentation Water Corporation Prevent reocurrence
Report Summary Memo Board Learnt from the event
Final Incident Alert SEAA Share information
Stakeholders (Contractor and/or
Alliance)

Lead Incident Final incident Report Monitoring Incident Close out Water Corporation Prevent reocurrence
Investigator SEAA Learnt from the event
Share information
Summary
• A process is a set of interrelated activities that are performed to achieved an intended result.
• Process mapping is the first stage to document a process.
• Supplier Input Process Output Customer (SIPOC) approach is a mapping tool to understand and
document processes.
Module 3. Writing Integrated Procedures
Planning
• Gather, analyze and determine external and internal responsibilities of the organization to satisfy
the relevant requirements, needs and expectations of interested parties.
• Monitor or communicate frequently with these interested parties to ensure continual
understanding of their requirements, needs and expectations.
• Based on the analysis of the requirements, needs and expectations establish the scope, objectives
and policies that are relevant for the organization.
• Top management should then establish objectives and policies for the desired outcomes.
• Define and describe the network of processes and their interaction.
Documentation

• The level of documented information needed for the processes needs to be determined by the
organization.
• ISO standards don’t define format or content, nor mandatory documented procedures or
manuals.
• Processes are documented in Procedures.
Policy

Procedures

Work Instructions

Forms
How to write an Integrated Procedure?
Write effective documentation by:
1. Map the process – Process diagram or SIPOCR
2. Establish your audience
3. Understand requirements from each element
4. Define the method to document the process based on the end user/audience.
5. Define purpose of the documentation.
How to write an Integrated Procedure?
Employees need to dig a hole, and there are a few things we need to think about:

• Where does the hole need to be, what size is it and how deep?
• What are we going to do with the earth that has come out of the hole?
• How are we going to dig the hole so we don’t hurt ourselves?

Some companies will have three separate documents:

1. An ITP detailing who has to inspect and sign off that the hole is in the right place and is of the
correct size.
2. An EMP that talks about how to dispose of the soil, the records you need to complete, and what to
do in the event of a spill or other form of environmental event.
3. A JSA which identifies the OHS risks and associated controls to prevent injury to a worker or to
someone else.

Create One set of Instructions that incorporates Quality, Environment and Health and Safety Requirements
Module 4. Components of an Integrated
Manual
Integrated Manual

• Not mandatory for a Management System,

• Outlines the foundations of the Management System.
• Organizational processes and interactions.
• Roles, Responsibilities and Authorities
• Resources
Use of an Integrated Manual

• To communicate management’s expectations to employees

• To demonstrate the company’s plan to conform to the requirements of ISO Standards.
• To describe organizational roles, responsibilities and authorities.
• To provide a starting point for auditors:
• Internal
• Customer
• ISO Certification Body
Content

• Describe Context of the organization

• Describe process to gather and understand the needs and expectations of interested parties
• Establish the scope of the Management System
• Organization’s strategic vision – Description of the Management System
• Organizational processes and interactions
• Document Structure
• Organizational Roles, Responsibilities and authorities.
• References to Operating Procedures
Module 5. Check – Performance Review
Performance Indicators
• The organization should compare outputs against objectives to verify that all the requirements are
satisfied.
• Processes need to gather data. Examples include measurement, monitoring, reviews, audits and
performance analysis.

• Examples of performance indicators are:

• Customer Satisfaction Level
• Number of Non-Conformances
• Price of Non Conformances
• Number of accidents
• Time taken to investigate an accident
• %Actions closed on time against unsafe acts and audit/inspection findings
• %of Supervisors meeting HSEQ goals
• Actual Vs Plan Training Program
• %Implementation of improvement collected from employees
• Results of employee perception survey
 Inspections
Inspections are a useful way of ensuring that all the things that you have put into place (during planning
and do/implementation) are still working effectively and meeting your objectives.

Conducting Inspections:
• Observe the work area
• Engage the workforce
• Use a checklist as a prompt but always remain vigilant.

Disadvantages:
• Ticking box exercise, from memory or copying previous checklist.
• Finding the same problem and not action is taken.
• People act differently when they know they are being observed.
Audits
• Audits are a systematic, independent and documented processes for obtaining evidence and
evaluating it objectively to determine the extent to which a given criteria/requirements are
fulfilled.

• The process of auditing relies on 3 types of evidence being analysed:

• Documentary – reviewing appropriate documents, procedures, manuals.
• Testimony – carrying out interviews on a cross-section of personnel.
• Visual – from a workplace walk around.

• ISO 19011: 2018 Guidelines for auditing management systems describes the principles of
auditing, managing an audit programme and conducting management system audits.
Internal Audit

• Internal Audits are conducted by the organization itself, or on its behalf, for management review
and other internal purposes:
• Confirm effectiveness of the management system.
• Obtain information to improve the management system.
External Audit

• Supplier Audit (Second Party)

• Third Party Audit: conducted for legal, regulatory and similar purposes. Also for certification.
Principles of Auditing

• Integrity
• Fair presentation
• Due professional care
• Confidentiality
• Independence
Audit Programme
Audits should be oriented towards analyzing the processes of the organization to determine the
effectiveness of the management system.

Top Management should ensure that the audit programme objectives are established and assign
a competent person to manage the audit programme.

The extent of the audit programme should be based on the size and nature of the organization.
Priority should be given to audit those processes that affect the quality of the product/service or
significantly affect health, safety and environmental outcomes. This is called risk-based auditing.
Implementing the Audit Programme

• Communicate audit program to interested parties.

• Define objectives, scope and criteria for each individual audit.
• Coordinate and schedule audits.
• Select audit team and ensure competency of the auditors.
• Provide necessary resources and prepare the audit plan.
• Conduct audits as per the program.
• Provide progress report actual vs plan and monitor the audit programme.
• Record and document audit activities.
Performing an Audit

• Opening Meeting
• Document Review
• Interview
• Communication during the audit
• Collecting and verifying information
• Generate audit findings
• Prepare audit conclusions
• Closing meeting
• Prepare and distribute the report – within 2 weeks of conducting the audit.
Apply Process Approach to Auditing

• It focuses on results, not on procedures.

• Determines the management system’s effectiveness.
• Evaluates the outcomes and results of the system.
• Evaluates linkages between departments and processes.
• Follows flow of work throughout organization.
• Determines if operations are under control and if controls are effective.
• Allows judgment on significance of findings.
• Helps determine depth of problems across organization.
• Focuses on benefits of correcting nonconformities related to improving organizational
effectiveness.
 Checklist to audit a process
During the audit examine process intent, implementation and effectiveness.
1. Intent: “Have you said what you do?”
2. Implementation: “Have you done what you said?”
3. Effectiveness: “Have you done it well?”

• Use the 5W – 1H – 1S What, Why, When, Where, Who, How, Show and Open questions to get
information.
• Use closed questions to get approval and summarize.
• Listen – Let the auditees do most of the talking
• Use active listening
Reporting and Follow Up

• Consolidate your findings

• Write the audit report
• Report audit results to top Management and agree actions.
• Follow up corrective actions to completion.
Module 6. Audit Scenarios
Module 7. Integrated Internal Audits
 Integrated Audits
• An Integrated audit occurs when management system audits related to different audit criteria
(standards) are conducted simultaneously.

• An integrated audit is the assessment of an integrated management system, which fully or partially
integrates the requirements of different audit criteria with a single set of documentation, policies,
procedures and processes.

• An integrated audit can bring many benefits to your organization:

• lower certification costs
• fewer interruptions to the organization
• reduced documentation
• streamlined processes, and
• more consistent objectives across multiple systems.
Module 8. Certification
Value of Certification
• Independent evaluation that adds rigour to the management
system.
• Customers recognise external verification.
• Enable identification of risk and opportunities that impact
HSEQ performance.
• Guide the development of the management system in line
with international best practices.
• Provide motivation to be diligent.
• Time frame around continual improvement.
• Process efficiency.
Criteria to chose a certification body
1. Accreditation
2. Globally recognized
3. Industry experience
4. Recognition
5. Ease of communication
6. Expertise of assessors and auditors
7. Cost