Standards and ISO FAQs

ISO 9001:2015 is the latest version of a widely-recognised international standard for quality management systems (QMS). A QMS is a set of processes that an organisation uses to ensure that its products and services meet customer requirements.

Benefits of a QMS can include:

• Increased customer satisfaction
• Improved efficiency and effectiveness
• Reduced costs
• Increased market share
• Improved employee morale
• Enhanced brand reputation

ISO 9001 does not specify exactly how an organisation should implement its QMS, but it does explain the requirements that an organisation must meet to be professionally certified to the standard.

The key requirements of ISO 9001:2015 include:

• Focus on meeting customer needs
• Commitment to the QMS from top management through leadership and support
• Planning of activities and processes to meet their quality objectives
• Resources and infrastructure in place to implement and maintain the QMS
• Operation of processes effectively and efficiently
• Measurement, analysis and improvement of processes and products to ensure quality objectives are being met, and any problems to be identified and corrected.

ISO 14001 is an international standard that specifies the requirements for an environmental management system (EMS). An EMS is a framework that helps organisations manage their environmental impact.

The benefits of implementing ISO 14001 include:

• Reduced environmental impact
• Improved compliance with environmental regulations
• Greater efficiency and cost savings
• Enhanced reputation and brand image
• A higher level of customer satisfaction
• Raised employee morale and motivation

ISO 14001 is a voluntary standard, but many organisations choose to be certified to it, as certification demonstrates that the organisation has a commitment to environmental protection.

Key concepts in ISO 14001 include:

• An environmental policy stating the organisation's commitment to environmental protection
• The laws, regulations, and other requirements with which an organisation must comply to protect the environment
• Environmental aspects of activities, products, and services that have an impact on the environment
• Environmental impacts concerning the positive and negative effects of an organisation's environmental aspects on the environment
• Objectives and target goals that an organisation sets for itself to improve its environmental performance
• Planning, whereby environmental risks are identified, assessed and controlled
• Implementation and operation of an effective EMS
• Monitoring and measurement to track and evaluate the performance of the EMS
• Evaluation to review the EMS and make improvements as needed
• Continual improvement of the EMS

ISO 45001 is an international standard that specifies the requirements for an occupational health and safety (OH&S) management system. An OH&S management system is a framework that helps organisations manage their OH&S risks and improve their OH&S performance.

Benefits of implementing ISO 45001 include:

• Reduced occupational injuries and diseases
• Greater compliance with OH&S regulations
• Better efficiency and cost savings
• Enhanced reputation and brand image

ISO 45001 is a voluntary standard, but many organisations choose to take the step of becoming certified to ISO 45001 by a professional body. Certification demonstrates to customers, suppliers and other stakeholders that the organisation is committed to OH&S.

Key concepts of ISO 45001 include:

• Risk assessment to identify and evaluate OH&S risks
• Control measures resulting in actions taken to reduce OH&S risks
• Monitoring and measurement to track and evaluate the effectiveness of the OH&S management system
• Continual improvement of the OH&S management system.

ISO 27001 is an international standard that specifies the requirements for an information security management system (ISMS). An ISMS is a framework that helps organisations manage their information security risks and improve their information security.

Although ISO 27001 is a voluntary standard, many organisations choose to be certified to it. They see certification as an opportunity to demonstrate to customers, suppliers, and other stakeholders that the organisation has a commitment to information security.

Further benefits of implementing ISO 27001 include:

• Reduced information security risks
• Improved compliance with information security regulations
• Increased efficiency and cost savings
• Enhanced reputation and brand image
• Increased customer satisfaction
• Improved employee morale and motivation

Key concepts of ISO 27001 include:

• Information security risk - the potential impact of a threat on an organisation's information assets
• Information security controls -  measures taken to reduce information security risks

If you are not sure which training course is right for you, we have short quizzes that you can try out on the Resources page of our website to check your current knowledge. These include:

• ISO 22301 Business Continuity
• ISO 50001 Energy Management
• ISO 22000 Food Safety Management
• ISO 13485 Medical Devices
• ISO/IEC 17020 Inspection Bodies
• IAFT 16949 Automotive
• ISO 17025 Laboratories
• ISIO 45001 Occupational Health & Safety Management
• ISO 14001 Environmental Management
• ISO 27001 Information Security Management
• ISO 9001 Quality Management

You can also test your auditing skills in our nonconformity test.