There are certain topics that always pop up during the yearly audit. After the High-Level Structure (HLS) has been introduced, these topics start to align among certain standards, making it a lot more consistent. Also, this alignment makes it a lot easier to address these topics if, of course, the approach has been described properly. We will touch upon six of these topics to see how you can address them before the audit.
What Does the Context of the Organization Look Like?
This has everything to do with how the organization operates within its parameters. Having a clear understanding of these parameters and the world the organization operates in helps to find the right spot for the organization. It is not just for complying with ISO standards; it is great for an organization to find its sweet spot in the world and thrive. Align the strengths of the company with the world it operates in allows for great success. It is important to set the parameters the company operates in not too wide; otherwise, it gets hard to structure the context properly.
Which Risks Are Involved?
Doing business inevitably comes with risks embedded within; hence, a risk assessment is of great value. These risks can be big or small, but they are always there. Risks can be related to health and safety, quality, and of course, environmental. Having them on the radar and effectively managing them is key for almost every ISO standard out there. It is always a good idea to have some kind of structured way of handling and classifying the risk, regardless of the category they are in. Obviously, managing these risks isn’t done just for the ISO audit; it is what every top manager should do.
Which Stakeholders Are Important to the Organization?
As with the risks, after introducing the HLS, every organization needs to be aware of its stakeholders and how they impact the organization. The stakeholder analysis can be done regardless of the ISO standard the organization complies with. Having a clear overview of the stakeholders is key. Also, understanding the implications of not communicating properly with certain stakeholders has to be understood. This way, a well-thought-out communication plan can be created for certain types of stakeholders. For example, how do you communicate with your employees or with customers?
Which Goals Do You Have?
The goals and objectives the organization has are obviously not just for being certified to an ISO standard. Every organization has certain goals they want to achieve within the coming year or even five years. However, to comply with an ISO standard, these goals need to be communicated effectively and also be clearly measurable. This way, progress can be tracked over time.
How Does the Organization Improve?
Most ISO standards have continuous improvement as their foundation. The PDCA cycle is the starting point for most standards, so as an organization, it is important to show how this fundament is built into the organization. Obviously, the goals in the previous point are a great way to show this, but also the next point on how the organization handles change clarifies this. When the organization changes something, this is mostly done for the better; hence, the organization is improving. This way, you also see how the different aspects of the standard are helping the organization to align certain processes and make them empower each other.
How Do You Manage Change?
How an organization manages changes is getting more and more important. The environment the organization operates in changes at a rapid pace. Having a consistent approach to handling these changes is a good way to make sure you take these changes to your advantage. In clause 6.3 of the ISO9001:2015 standard, we also see the emphasis of ISO on what to do with changes. Having a proper process in place makes it much easier to answer this question.
Obviously, many questions will come up during an audit, but these are some of the important ones. Not just from a compliance standpoint but also for the organization itself.