The Role of the Level of ISO Standard Integration in the Certification Process - Integrated Management System (IMS)

The benefits of implementing ISO standards are so evident that there is no need for lengthy persuasion to adopt them. ISO standards dedicated to management systems, such as ISO 9001, ISO 14001, ISO 45001, ISO 27001, ISO 22301, and ISO 37001, enable organizations to better understand and systematize processes across various aspects, from quality to different elements that create a responsible and resilient organization. After successfully implementing one ISO standard, organizations often decide to adopt additional ones, and sometimes, already convinced, they implement two or even three standards simultaneously.

Why is it worth integrating ISO standard requirements?

Creating an integrated system is promoted by the standards themselves, which have been developed in a unified High-Level Structure (HLS) for some time, allowing organizations to easily expand their management systems by adding new perspectives on new aspects, such as reducing the organization's environmental impact (ISO 14001) or reducing workplace accidents (ISO 45001). Thanks to the HLS structure, the integration of standards becomes more efficient and brings numerous benefits.

And why should you pay attention to the level of integration from the perspective of management system certification?

Definitions and levels of integration

Management system integration is the process of combining different management systems into one coherent system that manages multiple aspects of the organization's activities. The level of integration refers to the ability of the management system to integrate documentation, processes, and responsibilities related to multiple standards.

Full integration means that the organization has one management system that considers all the requirements of various standards. Elements that must be included in full integration include:

• Integrated documentation
• Common management reviews
• Integrated internal audits
• Integrated approach to policies and objectives
• Integrated management system processes
• Integrated improvement mechanisms (preventive actions, measurements, and continuous improvement)
• Support and responsibility of management

Benefits

As Katarzyna Siemańska wrote in her LinkedIn post, which inspired this article - the benefits are numerous. Quoting, "Supplementing the quality management system implemented according to ISO standards by introducing additional systems offers the opportunity to achieve many benefits, including:

• Reducing the amount of documentation related to systems by simultaneously considering management aspects of different systems,
• Introducing a uniform documentation system,
• Increasing competitiveness through a high-quality standard,
• Internal audits covering various system criteria simultaneously,
• Parallel certification of the existing system by meeting the requirements of different standards,
• Faster and more efficient implementation of subsequent systems."

Benefits from my perspective - ISO certification

From the perspective of management system certification, integrating the management system is a significant time and cost-saving measure. Why? Because it is possible to reduce the audit duration by up to 20%, provided certain requirements are met. This 20% reduction is a substantial audit time saving, leading to financial and operational savings. To fully benefit from this discount, both the organization and the certification body must meet specific requirements.

Requirements for full discount

A 20% discount can be achieved when we talk about full integration of standards, and when the certification body meets the following requirements:

• The audit program considers the level of management system integration.
• Audit plans cover all areas and activities applicable to each standard/specification included in the audit scope, and auditors are appropriately assigned.
• The audit team as a whole must meet the competency requirements set by the certification body for each technical area and each standard/specification included in the audit scope.
• The audit must be managed by a lead auditor competent in at least one of the audited standards/specifications.
• Sufficient time is provided to conduct a complete and effective audit of the organization's management system concerning the standards/specifications included in the audit scope.

Integrated management system and ISO certification body

The conclusion is clear – it is essential to choose the right certification body with a well-qualified team of auditors. Only then can the organization fully benefit from the potential advantages of integrating management systems. At Certiget, we ensure you can take advantage of this opportunity. As a certification broker, we specialize in collecting and comparing ISO offers to find the best solutions for our clients. If you meet the requirements for full integration, we will find certification bodies that can offer such discounts, ensuring the maximum possible savings and benefits. And if not, we will explain where the problem lies.

Certiget is your supporting partner in efficiently managing the process of obtaining and comparing ISO certification offers, guaranteeing access to the best offers and solutions.

Striving for a fully integrated system – always and absolutely?

We know the benefits of integrating management systems, but should we always strive for full integration? From my perspective – not always. The benefits are significant, but there are also other aspects to consider, such as differences in the topics of the standards and human and logistical resource limitations that may make full integration problematic or even impossible.

Some standards complement each other well, and integration between them brings numerous benefits.

Very popular combinations are:

• ISO 9001 with ISO 27001
• ISO 9001 with ISO 27001 and ISO 22301
• ISO 9001 with ISO 14001 and ISO 45001
• ISO 9001 with ISO 14001
• ISO 9001 with ISO 50001

ISO 9001, due to its strong foundation for creating integrated management systems, integrates well with other standards. However, in the case of other standards, it is worth considering twice whether integration makes sense. From the certification body's perspective, there may be a problem with human resources. For example, finding an auditor competent in both ISO 27001 (information security management) and ISO 14001 (environmental management) may be difficult due to the thematic differences between these standards.

Therefore, while full integration is beneficial, you can also reap benefits from lesser integration, taking advantage of smaller discounts (5%, 10%, 15%). The system is designed to provide organizations with flexibility and the ability to adapt to their specific needs and capabilities.

Annual audit and recertification activities 

During the certification cycle, the certification body should monitor the level of integration to ensure that audit durations remain appropriate. Remember that in the event of suspension, reduction, or withdrawal of certification for one of the standards, the impact on other certifications will be assessed, which may result in the cancellation of the discount.

Conclusions

An Integrated Management System (IMS) based on ISO standards is an effective tool for organizations seeking to improve their processes and increase competitiveness. Full integration of standards, while seemingly advantageous, is not always necessary. A flexible approach is essential, allowing organizations to tailor the integration to their specific conditions and capabilities.

Choosing the right certification body and regularly monitoring the level of integration is crucial for maximizing the benefits of implementing an IMS.

A collection of certification bodies

Source: IAF MD 11