Don't let a Management Review be a missed opportunity
A regular management review is an integral part of achieving continual improvement for organisations with certified ISO management systems. Rob Shepherd explains why failing to make the most of this process can hinder the effectiveness of a management system and outlines how to get more from this mandatory element of certification.
One of the fundamental tenets of certification to an ISO management system – whether quality, health and safety, environmental, energy or business continuity – is that an organisation must continually improve. This involves a constant process of analysis and one of the key ways that this can be achieved is via a regular management review, which actively analyses what's going on and looks at how to make enhancements.
ISO management system standards stipulate that top management should review an organisation’s management system at planned – usually annual – intervals, to ensure its continuing suitability, adequacy and effectiveness. This should assess the fitness of the management system for its defined purpose and ascertain the sufficiency of it in meeting requirements. Reviewing the extent to which planned activities are accomplished, and their effectiveness in providing the desired results, can then be scrutinised.
While having such a review process makes obvious sense, all too often organisations are failing to make the most of it. NQA’s regional assessor, Margaret Rooney, shares this view and states,
‘Reviews are sometimes carried out with varying degrees of commitment and success, which often results in a missed opportunity. This is a real shame, as the process offers a top management team the opportunity to look at the effectiveness of certification and to make sure that it is fully integrated into the business.’
In and out
Many of the causes of ineffective reviews stem from a failure to collect the right type and depth of information needed to make informed decisions. As the meetings need to review current management and operational performance data, and ensure that improvement opportunities have been addressed, making sure that all relevant information is to hand is vital.
According to the ISO management system standards, the review agenda should contain a range inputs. Rooney explains,
‘These include the results of any audits, customer feedback, operational performance indicators, process performance and product conformity, planning for training, and the status of preventive and corrective actions. In addition, information about follow-up actions from previous management reviews and changes that could affect the quality management system should also be available.’
Subsequently, the output from the management review should include any decisions and actions related to improvement of the effectiveness of the management system and its processes, improvement of product and services related to customer requirements, and any resources needed to implement agreed measures.
Plan of action
Having the right people in attendance will also make a review meeting more worthwhile. While most organisations schedule them to take place annually, some hold them twice a year, quarterly or even monthly. Regardless of their frequency, they should be scheduled events in an organisation’s calendar and publicised well ahead of the actual meeting date to ensure attendance from relevant parties. Key participants should include senior managers, line supervisors and compliance officers.
The identification of any trends is a useful way to recognise a situation that might indicate improvement or deterioration of the management system. The review should also identify any corrective actions needed to prevent any non-conformities and Rooney adds,
‘Ultimately, a good review should lead to lots of actions, which should be in a set of minutes that clearly identifies who is responsible for certain activities moving forward and the time-scales for completion. This ensures a sense of clarity and responsibility for those given specific tasks.’
New and improved
Revisions to ISO 9001 and ISO 14001 are due to come into effect this year, while ISO 45001 – the replacement to OHSAS 18001 – will be introduced in 2016.
The most far-reaching change concerns the role of top management. The revised standards will require them to be much more involved in understanding an organisation’s risks, opportunities and stakeholder expectations, along with ensuring that its operational objectives are compatible with its overall strategic direction.
Top management will also have to be involved with the integration of the management system by providing adequate resources. Rooney advises:
‘Organisations need to be in the best possible position to make informed decisions and my advice is to make sure that top management are involved in the review process as much as possible. As there is likely to be a greater emphasis on identifying and reacting to trends, top management will be in an excellent position to contribute and provide information about the “bigger picture”.’
Management review is another essential for top management contribution, as Margaret Rooney concludes:
‘Effective management reviews are a vital part of the certification process and should be treated with the utmost seriousness if they are to provide their intended benefits. Visitors to Sustainability Live and the Health & Safety Event are invited to come along and discuss this subject, as well as anything else related to management system certification.’