ISO 9001 – was renewed until 2015 in Feb 2012

The International Standard for Quality Management

ISO 9001 is the internationally recognised standard for the quality management of businesses. The Standard applies to the processes that create and control the products and services an organisation supplies, delivers, bills and supports. Within the standard are a number of controls that an organisation will manage to make sure expectations of customers are met.

Processes involved in obtaining and keeping the Standard:

• Establish quality objectives and various fit in to the various processes in the operation of the business.

• Produce a documented quality policy indicating how these requirements are satisfied.

• Communicate the Quality Standard’s requirements to all staff in the organisation.

• Evaluate the quality policy, its stated objectives and then prioritise requirements to ensure they are met.

• Identify the boundaries of the management system and produce documented procedures as required.

• Ensure these procedures are relevant, well managed and staff are encouraged to raise any obvious or suspected non conformances.

• Once in place, regular internal and external audits of the processes to ensure it is working and to the appropriate level.

ISO 27001 – currently undergoing recertification in 2013

The Standard for Management of Information Security (ISMS)

ISO 27001 is a specification for the management of Information Security. The Standard applies to any information in whatever form it is held. The information may be printed, written, stored electronically, posted, on email, or other media or spoken in conversation. ISO 27001 provides a framework and relevant processes to help an organisation manage the security of all information and ensure appropriate protection is in place.

Information security preserves:

Confidentiality – ensuring that access to information is appropriately authorised

Integrity – safeguarding the accuracy and completeness of information and processing methods

Availability – ensuring that authorised users have access to information when they need it.

ISO 27001 assists with these objectives by establishing controls within the organisation, including:

• Security policy

• Organisational security

• Asset classification and control

• Personnel security

• Physical and environmental security

• Communications and operations management

• Access control

• System development and maintenance

• Business continuity management

• Compliance

Regular audits and reviews of an organisation’s controls take place to ensure the Standard is maintained.

Investors in People Standard – gained February 2006

The Investors in People Standard is a business improvement tool designed to advance an organisation’s performance through its people. Since 1990 the Standard has been helping organisations improve performance and realise their business objectives through development of management and their staff. The Standard is constantly reviewed to ensure it applies to changing business needs and demands of the changing markets.

The Investors in People Standard is based on three key principles:

Plan – Developing strategies to improve the performance of the organisation

Do – Taking action to improve the performance of the organisation

Review – Evaluating the impact on the performance of the organisation.

The Standard is awarded to organisations that meet or exceed the following indicators:

• A strategy for improving the performance of the organisation is clearly defined and understood.

• Learning and development is planned to achieve the organisation’s objectives.

• Strategies for managing people are designed to promote quality of opportunity in the development of the organisation’s people.

• The capabilities that managers need in order to lead, manage and develop people effectively, are clearly defined and understood.

• Managers are effective in leading, managing and developing people.

• People’s contribution to the organisation is recognised and valued.

• People are encouraged to take ownership and responsibility by being involved in decision-making.

• People learn and develop effectively.

• Investment in people improves the performance of the organisation.

• Improvements are continually made to the way people are managed and developed